HP 10Gb Ethernet BL-c Switch Application Guide Part number: 445946-001 First edition: June 2007
Accessing the switch 10 Additional references Additional information about installing and configuring the switch is available in the followin
Quality of Service 100 802.1p configuration (CLI example) 1. Configure a port’s default 802.1 priority. >> Main# cfg/port 20 (Selec
Quality of Service 101 c. Select a port.
Quality of Service 102 d. Set the 802.1p priority value. e. Click Submit.
Quality of Service 103 2. Map the 802.1p priority value to a COS queue. a. Click the Configure context button on the Toolbar. b. Open the
Quality of Service 104 3. Set the COS queue scheduling weight. a. Click the Configure context button on the Toolbar. b. Open the 802.1p fo
Quality of Service 105 d. Enter a value for the weight of the Class of Service queue. e. Click Submit. 4. Apply, verify, and save th
Basic IP routing 106 Basic IP routing This chapter provides configuration background and examples for using the HP 10GbE switch to perform I
Basic IP routing 107 For example, consider the following topology migration: Figure 14 Router legacy network In this example, a corporate c
Basic IP routing 108 Take a closer look at the HP 10GbE switch in the following configuration example: Figure 15 Switch-based routing topolog
Basic IP routing 109 Example of subnet routing Prior to configuring, you must be connected to the switch Command Line Interface (CLI) as the
Accessing the switch 11 ○ Untagged ○ Port VLAN ID (PVID): 4095 • VLAN 4095—Management VLAN 4095 isolates management traffic within the HP
Basic IP routing 110 8. Configuring the default gateways allows the switch to send outbound traffic to the routers: >> IP Interface 5
Basic IP routing 111 4. The VLANs shown in the table above are configured as follows: >> # /cfg/l2/vlan 1(Select VLAN 1) >> VLA
Basic IP routing 112 Dynamic Host Configuration Protocol Dynamic Host Configuration Protocol (DHCP) is a transport protocol that provides a f
Basic IP routing 113 DHCP relay agent configuration To enable the switch to be the BOOTP forwarder, you need to configure the DHCP/BOOTP serv
Routing Information Protocol 114 Routing Information Protocol In a routed environment, routers communicate with one another to keep track of
Routing Information Protocol 115 RIPv1 RIP version 1 use broadcast User Datagram Protocol (UDP) data packets for the regular routing updates.
Routing Information Protocol 116 Multicast RIPv2 messages use IP multicast address (224.0.0.9) for periodic broadcasts. Multicast RIPv2 annou
Routing Information Protocol 117 RIP configuration example NOTE: An interface RIP disabled uses all the default values of the RIP, no matte
IGMP Snooping 118 IGMP Snooping Introduction IGMP Snooping allows the switch to forward multicast traffic only to those ports that request it
IGMP Snooping 119 • The host can send an IGMPv2 Leave report to the switch, which sends a proxy Leave report to the Mrouter. The multicast p
Accessing the switch 12 Using the command line interfaces The command line interface (CLI) can be accessed via local terminal connection or a
IGMP Snooping 120 IGMP Filtering With IGMP Filtering, you can allow or deny a port to send and receive multicast traffic to certain multicast
IGMP Snooping 121 Static multicast router A static multicast router (Mrouter) can be configured for a particular port on a particular VLAN. A
IGMP Snooping 122 Configuring IGMP Filtering (CLI example) 1. Enable IGMP Filtering on the switch. >> /cfg/l3/igmp/igmpflt
IGMP Snooping 123 Configuring IGMP Snooping (BBI example) 1. Configure port and VLAN membership on the switch, as described in the “Configu
IGMP Snooping 124 c. Enable IGMP Snooping. d. Click Submit. 3. Apply, verify, and save the configuration.
IGMP Snooping 125 Configuring IGMP Filtering (BBI example) 1. Configure IGMP Snooping. 2. Enable IGMP Filtering. a. Click the Configure c
IGMP Snooping 126 3. Define the IGMP Filter. a. Select Layer 3 > IGMP > IGMP Filters > Add Filter. b. Enable the IGMP Filter. As
IGMP Snooping 127 4. Assign the filter to a port and enable IGMP Filtering on the port. a. Select Layer 3 > IGMP > IGMP Filters >
IGMP Snooping 128 c. Enable IGMP Filtering on the port. Select a filter in the IGMP Filters Available list, and click Add. d. Click Submit.
IGMP Snooping 129 Configuring a Static Multicast Router (BBI example) 1. Configure Static Mrouter. a. Click the Configure context button.
Accessing the switch 13 The following example shows how to manually configure an IP address on the switch: 1. Configure an IP interface for
IGMP Snooping 130 2. Apply, verify, and save the configuration.
OSPF 131 OSPF The HP 10GbE switch software supports the Open Shortest Path First (OSPF) routing protocol. The switch implementation conforms
OSPF 132 Figure 17 OSPF area types Types of OSPF routing devices As shown in the figure, OSPF uses the following types of routing devices:
OSPF 133 Neighbors and adjacencies In areas with two or more routing devices, neighbors and adjacencies are formed. Neighbors are routing de
OSPF 134 Internal versus external routing To ensure effective processing of network traffic, every routing device on your network needs to kn
OSPF 135 • Stub area metric—A stub area can be configured to send a numeric metric value such that all routes received via that stub area ca
OSPF 136 Using the area ID to assign the OSPF area number The OSPF area number is defined in the areaid <IP address> option. The octet
OSPF 137 Electing the designated router and backup In any area with more than two routing devices, a Designated Router (DR) is elected as the
OSPF 138 In more complex OSPF areas with multiple ABRs or ASBRs (such as area 0 and area 2 in the figure), there are multiple routes leading
OSPF 139 Authentication OSPF protocol exchanges can be authenticated so that only trusted routing devices can participate. This ensures less
Accessing the switch 14 Using Simple Network Management Protocol The switch software provides SNMP v1.0 and SNMP v3.0 support for access thro
OSPF 140 Use the following commands to configure MD5 authentication on the switches shown in the figure: 1. Enable OSPF MD5 authentication
OSPF 141 OSPF features not supported in this release The following OSPF features are not supported in this release: • Summarizing external r
OSPF 142 Follow this procedure to configure OSPF support as shown in the figure. 1. Configure IP interfaces on each network that will be a
OSPF 143 b. Open the IP Interfaces folder, and select Add IP Interface. c. Configure an IP interface. Enter the IP address, subnet mask, an
OSPF 144 3. Enable OSPF. a. Open the OSPF Routing Protocol folder, and select General. b. Enable OSPF.
OSPF 145 c. Click Submit. 4. Configure OSPF Areas. a. Open the OSPF Areas folder, and select Add OSPF Area. b. Configure the OSPF backbon
OSPF 146 c. Click Submit. d. Select Add OSPF Area. e. Configure the OSPF area 1. f. Click Submit.
OSPF 147 5. Configure OSPF Interfaces. a. Open the OSPF Interfaces folder, and select Add OSPF Interface.
OSPF 148 b. Configure the OSPF Interface 1, and attach it to the backbone area 0. c. Click Submit. d. Select Add OSPF Interface.
OSPF 149 e. Configure the OSPF Interface 2, and attach it to the stub area 1. f. Click Submit. 6. Apply, verify, and save the configuratio
Accessing the switch 15 User configuration Users can be configured to use the authentication/privacy options. The HP 10GbE switch supports tw
OSPF 150 Example 2: Virtual links In the example shown in the following figure, area 2 is not physically connected to the backbone as is usua
OSPF 151 8. Attach the network interface to the backbone. >> OSPF Area (index) 1 # ../if 1 (Select OSPF menu for IP interface 1) &g
OSPF 152 8. Define the transit area. >> OSPF Area (index) 0 # ../aindex 1 (Select menu for area index 1) >> OSPF Area (index)
OSPF 153 Figure 23 Summarizing routes NOTE: You can specify a range of addresses to prevent advertising by using the hide option. In this
OSPF 154 7. Configure route summarization by specifying the starting address and mask of the range of addresses to be summarized. >>
Remote monitoring 155 Remote monitoring Introduction Remote Monitoring (RMON) allows network devices to exchange network monitoring data. RMO
Remote monitoring 156 Configuring RMON Statistics (CLI example) 1. Enable RMON on each port where you wish to collect RMON statistics. >&
Remote monitoring 157 2. Select a port.
Remote monitoring 158 3. Enable RMON on the port. 4. Click Submit. 5. Apply, verify, and save the configuration. RMON group 2—history
Remote monitoring 159 Requested buckets (/cfg/rmon/hist x/rbnum) are the number of buckets, or data slots, requested by the user for each His
Accessing the switch 16 View based configurations CLI user equivalent To configure an SNMP user equivalent to the CLI user, use the following
Remote monitoring 160 Configure RMON History (BBI example) 1. Configure an RMON History group. a. Click the Configure context button. b.
Remote monitoring 161 RMON group 3—alarms The RMON Alarm group allows you to define a set of thresholds used to determine network performance
Remote monitoring 162 Configure RMON Alarms (CLI example 2) 1. Configure the RMON Alarm parameters to track ICMP messages. >> /cfg/rmo
Remote monitoring 163 c. Configure RMON Alarm Group parameters to check ifInOctets on port 20 once every hour. Enter a rising limit of two bi
Remote monitoring 164 Configure RMON Alarms (BBI example 2) 1. Configure an RMON Alarm group. a. Click the Configure context button. b. O
Remote monitoring 165 3. Apply, verify, and save the configuration. RMON group 9—events The RMON Event group allows you to define events th
Remote monitoring 166 Configuring RMON Events (BBI example) 1. Configure an RMON Event group. a. Click the Configure context button. b. O
High availability 167 High availability Introduction Switches support high availability network topologies. This release provides information
High availability 168 Figure 24 Uplink Failure Detection for switches Failure Detection Pair To use UFD, you must configure a Failure Detec
High availability 169 Configuration guidelines This section provides important information about configuring UFD: • UFD is required only wh
Accessing the switch 17 CLI oper equivalent To configure an SNMP user equivalent to the CLI oper, use the following configuration: /c/sys/ss
High availability 170 Configuring UFD on Switch 1 (CLI example) 1. Assign uplink ports (18-21) to be monitored for communication failure. &
High availability 171 Configuring Uplink Failure Detection (BBI example) 1. Configure Uplink Failure Detection. a. Click the Configure cont
High availability 172 d. Enable the FDP. Select ports in the LtM Ports Available list, and click Add to place the ports into the Link to Moni
High availability 173 VRRP overview In a high-availability network topology, no device can create a single point-of-failure for the network o
High availability 174 Master and backup virtual router Within each virtual router, one VRRP router is selected to be the virtual router maste
High availability 175 A backup router can stop receiving advertisements for one of two reasons—the master can be down, or all communications
High availability 176 Figure 26 Active-Active redundancy HP 10GbE switch extensions to VRRP This section describes VRRP enhancements that a
High availability 177 Virtual router deployment considerations Review the following issues described in this section to prevent network probl
High availability 178 High availability configurations The HP 10GbE switches offer flexibility in implementing redundant configurations. This
High availability 179 2. Configure client and server interfaces. /cfg/l3/if 1 (Select interface 1) >> IP In
Accessing the switch 18 3. Configure an entry in the notify table. /c/sys/ssnmp/snmpv3/notify 10 (Assign user to the notify table) name
High availability 180 Task 2: Configure Switch B 1. Configure ports. /cfg/l2/vlan 10 (Select VLAN 10) >> VLAN 10# en
High availability 181 5. Enable tracking on ports. Set the priority of Virtual Router 2 to 101, so that it becomes the Master. /cfg/l3/vrrp/
High availability 182 c. Configure port 20 as a member of VLAN 10 and port 21 as a member of VLAN 20. Enable each VLAN. d. Click Submit. 2
High availability 183 a. Open the IP Interfaces folder, and select Add IP Interface. b. Configure an IP interface. Enter the IP address, su
High availability 184 3. Configure the default gateways. Each default gateway points to one of the Layer 2 routers. a. Open the Default Ga
High availability 185 4. Turn on VRRP and configure two Virtual Interface routers. a. Open the Virtual Router Redundancy Protocol folder,
High availability 186 b. Enable VRRP processing. c. Click Submit. d. Open the Virtual Routers folder, and select Add Virtual Router.
High availability 187 e. Configure the IP address for Virtual Router 1 (VR1). Enable tracking on ports, and set the priority to 101. Enable
High availability 188 h. Configure the IP address for Virtual Router 2 (VR2). Enable tracking on ports, but set the priority to 100 (default
High availability 189
Accessing the switch 19 SNMPv2 trap host configuration The SNMPv2 trap host configuration is similar to the SNMPv1 trap host configuration. W
High availability 190 c. Enter Spanning Tree Group ID 1 and set the Switch Spanning Tree State to off. d. Click Submit. 6. Apply, verify
Troubleshooting tools 191 Troubleshooting tools Introduction This appendix discusses some tools to help you use the Port Mirroring feature to
Troubleshooting tools 192 Ingress traffic is duplicated and sent to the mirrored port before processing, and egress traffic is duplicated and
Troubleshooting tools 193 Configuring Port Mirroring (BBI example) 1. Configure Port Mirroring. a. Click the Configure context button. b.
Troubleshooting tools 194 d. Click Add Mirrored Port. e. Enter a port number for the mirrored port, and select the Port Mirror Direction.
Troubleshooting tools 195 Other network troubleshooting techniques Other network troubleshooting techniques include the following. Console an
Troubleshooting tools 196 • Stack Trace—If a fatal software condition occurs, the switch dumps stack trace data to the console. If you have
Index 197 Index 8 802.1x port states, 49 A accessing the switch: defining source IP addresses, 20; RADIUS authentication, 21; security, 20; u
Index 198 Q Quality of Service, 86 queuing and scheduling, 105 R RADIUS: port 1812 and 1645, 88; port 1813, 88 redundancy: active-active, 175
2 Legal notices © 2007 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. The only
Accessing the switch 20 The following example shows how to configure a SNMPv3 user v3trap with authentication only: /c/sys/ssnmp/snmpv3/usm 1
Accessing the switch 21 Configuring an IP address range for the management network Configure the management network IP address and mask from
Accessing the switch 22 Configuring RADIUS on the switch (CLI example) To configure RADIUS on the switch, do the following: 1. Turn RADIUS a
Accessing the switch 23 Configuring RADIUS on the switch (BBI example) 1. Configure RADIUS parameters. a. Click the Configure context butto
Accessing the switch 24 2. Apply, verify, and save the configuration. RADIUS authentication features The switch supports the following RAD
Accessing the switch 25 Table 2 User access levels User account Description and tasks performed Administrator Administrators are the only
Accessing the switch 26 TACACS+ offers the following advantages over RADIUS: • TACACS+ uses TCP-based connection-oriented transport; whereas
Accessing the switch 27 Alternate mapping between TACACS+ privilege levels and HP 10GbE switch management access levels is shown in the table
Accessing the switch 28 Configuring TACACS+ authentication on the switch (CLI example) 1. Turn TACACS+ authentication on, and then configur
Accessing the switch 29 Configuring TACACS+ authentication on the switch (BBI example) 1. Configure TACACS+ authentication for the switch.
Contents 3 Contents Accessing the switch Introduction...
Accessing the switch 30 e. Configure custom privilege-level mapping (optional). Click Submit to accept each mapping change. 2. Apply, veri
Accessing the switch 31 The switch implementation of SSH is based on version 1.5 and version 2.0, and supports SSH clients from version 1.0 t
Accessing the switch 32 Configuring the SCP administrator password To configure the scpadmin (SCP administrator) password, first connect to t
Accessing the switch 33 Applying and saving configuration Enter the apply and save commands after the command above (scp ad4.cfg 205.178.15.1
Accessing the switch 34 A value of 0 denotes that RSA server key autogeneration is disabled. When greater than 0, the switch will auto genera
Accessing the switch 35 Setting up user IDs The administrator can configure up to 10 user accounts. To configure an end-user account, perfor
Ports and trunking 36 Ports and trunking Introduction The first part of this chapter describes the different types of ports used on the switc
Ports and trunking 37 Table 7 Ethernet switch port names Port number Port alias 13 Downlink13 14 Downlink14 15 Downlink15 16 Downlink16 17
Ports and trunking 38 1. Read the configuration rules provided in the “Trunk group configuration rules” section. 2. Determine which switch
Ports and trunking 39 Port trunking example In this example, the 10 Gigabit uplink ports on each switch are configured into a total of four t
Contents 4 User access control ...
Ports and trunking 40 Configuring trunk groups (CLI example) 1. On Switch 1, configure trunk groups 5 and 3: >> # /cfg/l2/trunk 5
Ports and trunking 41 Configuring trunk groups (BBI example) 1. Configure trunk groups. a. Click the Configure context button on the Toolba
Ports and trunking 42 d. Enable the Trunk Group. To add ports, select each port in the Ports Available list, and click Add. e. Click Submit
Ports and trunking 43 b. Select Trunk Groups. c. Information about each configured trunk group is displayed. Make sure that trunk groups co
Ports and trunking 44 Configurable Trunk Hash algorithm This feature allows you to configure the particular parameters for the HP 10GbE switc
Ports and trunking 45 In the configuration shown in the table above, Actor switch ports 18 and 19 aggregate to form an LACP trunk group with
Ports and trunking 46 Configuring LACP Use the following procedure to configure LACP for port 20 and port 21 to participate in link aggregati
Port-based Network Access and traffic control 47 Port-based Network Access and traffic control Port-based Network Access control Port-based N
Port-based Network Access and traffic control 48 802.1x authentication process The clients and authenticators communicate using Extensible Au
Port-based Network Access and traffic control 49 The Radius server chooses an EAP-supported authentication algorithm to verify the client’s i
Contents 5 Introduction...
Port-based Network Access and traffic control 50 Supported RADIUS attributes The HP 10GbE switch 802.1x Authenticator relies on external RADI
Port-based Network Access and traffic control 51 EAPoL configuration guidelines When configuring EAPoL, consider the following guidelines: •
Port-based Network Access and traffic control 52 Configuring port-based traffic control To configure a port for traffic control, perform the
VLANs 53 VLANs Introduction This chapter describes network design and topology considerations for using Virtual Local Area Networks (VLANs).
VLANs 54 Viewing VLANs The VLAN information menu (/info/l2/vlan) displays all configured VLANs and all member ports that have an active link
VLANs 55 VLAN tagging The switch supports IEEE 802.1Q VLAN tagging, providing standards-based VLAN support for Ethernet systems. Tagging pla
VLANs 56 Figure 3 Default VLAN settings NOTE: The port numbers specified in these illustrations may not directly correspond to the physic
VLANs 57 Figure 5 802.1Q tagging (after port-based VLAN assignment) In the following figure, the tagged incoming packet is assigned directly
VLANs 58 Figure 7 802.1Q tagging (after 802.1Q tag assignment) NOTE: Using the /boot/conf factory command resets all ports to VLAN 1 (exce
VLANs 59 VLAN configuration rules VLANs operate according to specific configuration rules which must be considered when creating VLANs. For e
Contents 6 Using ACL Groups ...
VLANs 60 Multiple VLANS with tagging The following figure shows only those switch-port-to-server links that must be configured for the examp
VLANs 61 Table 10 Multiple VLANs with tagging Component Description Blade Server #1 This high-use blade server needs to be accessed from a
VLANs 62 2. Configure the VLANs and their member ports. Since all ports are by default configured for VLAN 1, configure only those ports tha
VLANs 63 Configuring ports and VLANs on Switch 2 (CLI example) To configure ports and VLANs on Switch 2, do the following: 1. On Switch 2, e
VLANs 64 Configuring ports and VLANs on Switch 1 (BBI example) To configure ports and VLANs on Switch 1, do the following: 1. On the switch
VLANs 65 d. Enable the port and enable VLAN tagging. e. Click Submit. 2. Configure the VLANs and their member ports. a. Open the Virtual
VLANs 66 b. Enter the VLAN name, VLAN ID number, and enable the VLAN. To add ports, select each port in the Ports Available list and click Ad
VLANs 67 FDB static entries are permanent, so the FDB Aging value does not apply to them. Static entries are manually added to the FDB, and m
Spanning Tree Protocol 68 Spanning Tree Protocol Introduction When multiple paths exist on a network, Spanning Tree Protocol (STP) configures
Spanning Tree Protocol 69 Determining the path for forwarding BPDUs When determining which port to use for forwarding and which port to block
Contents 7 Configuring IGMP Snooping (CLI example) ... 121 Confi
Spanning Tree Protocol 70 Adding a VLAN to a Spanning Tree Group If no VLANs exist beyond the default VLAN 1, see the “Creating a VLAN” secti
Spanning Tree Protocol 71 The relationship between ports, trunk groups, VLANs, and spanning trees is shown in the following table. Table 11
Spanning Tree Protocol 72 Figure 9 Two VLANs on one instance of Spanning Tree Protocol In the following figure, VLAN 1 and VLAN 2 belong to
Spanning Tree Protocol 73 Configuring Multiple Spanning Tree Groups This section explains how to assign each VLAN to its own Spanning Tree Gr
Spanning Tree Protocol 74 Configuring Switch 1 (BBI example) 1. Configure port and VLAN membership on Switch 1 as described in the “Configur
Spanning Tree Protocol 75 d. Enter the Spanning Tree Group number and set the Switch Spanning Tree State to on. To add a VLAN to the Spanning
Spanning Tree Protocol 76 Port Fast Forwarding Port Fast Forwarding permits a port that participates in Spanning Tree to bypass the Listening
RSTP and MSTP 77 RSTP and MSTP Introduction Rapid Spanning Tree Protocol (IEEE 802.1w) enhances the Spanning Tree Protocol (IEEE 802.1d) to p
RSTP and MSTP 78 Port type and link type Spanning Tree Configuration includes the following parameters to support RSTP and MSTP: • Edge por
RSTP and MSTP 79 Configuring Rapid Spanning Tree Protocol (BBI example) 1. Configure port and VLAN membership on the switch, as described in
Contents 8 High availability Introduction...
RSTP and MSTP 80 3. Apply, verify, and save the configuration. Multiple Spanning Tree Protocol IEEE 802.1s Multiple Spanning Tree extends t
RSTP and MSTP 81 MSTP configuration guidelines This section provides important information about configuring Multiple Spanning Tree Groups: •
RSTP and MSTP 82 Configuring Multiple Spanning Tree Protocol (BBI example) 1. Configure port and VLAN membership on the switch, as described
RSTP and MSTP 83 3. Configure Common Internal Spanning Trees (CIST) bridge parameters. a. Open the MSTP/RSTP folder, and select CIST-Bridge
RSTP and MSTP 84 4. Configure Common Internal Spanning Tree (CIST) port parameters. a. Open the MSTP/RSTP folder, and select CIST-Ports. b
RSTP and MSTP 85 c. Enter the Port Priority, Path Cost, and select the Link Type. Set the CIST Port State to ON. d. Click Submit. 5. Apply
Quality of Service 86 Quality of Service Introduction Quality of Service features allow you to allocate network resources to mission-critical
Quality of Service 87 The basic HP 10GbE switch QoS model works as follows: • Classify traffic: ○ Read 802.1p Priority. ○ Match ACL fil
Quality of Service 88 Table 14 Well-known protocol types Number Protocol Name 89 ospf 112 vrrp • TCP/UDP ○ TCP/UDP application source po
Quality of Service 89 • Packet Format ○ Ethernet format (eth2, SNAP, LLC) ○ Ethernet tagging format • Egress port packets Note that the
Accessing the switch 9 Accessing the switch Introduction This guide will help you plan, implement, and administer the switch software for the
Quality of Service 90 Using ACL Groups Access Control Lists (ACLs) allow you to classify packets according to a particular content in the pac
Quality of Service 91 ACL Metering and Re-marking You can define a profile for the aggregate traffic flowing through the HP 10GbE switch, by
Quality of Service 92 ACL configuration examples Configure Access Control Lists (CLI example) The following configuration examples illustrate
Quality of Service 93 • Example 3 Use this configuration to block traffic from a source that is destined for a specific egress port. >&
Quality of Service 94 c. Configure the ACL parameters. Set the Filter Action to Deny, the Ethernet Type to IPv4, and the Destination IP Addre
Quality of Service 95 3. Add ACL 1 to port 1. a. Click the Configure context button on the Toolbar. b. Select Switch Ports (click the unde
Quality of Service 96 d. Add the ACL to the port. e. Click Submit. 4. Apply, verify, and save the configuration.
Quality of Service 97 Using DSCP values to provide QoS The six most significant bits in the TOS byte of the IP header are defined as DiffServ
Quality of Service 98 • Class Selector (CS)—This PHB has eight priority classes, with CS7 representing the highest priority, and CS0 represe
Quality of Service 99 The IEEE 802.1p standard uses eight levels of priority (0-7). Priority 7 is assigned to highest priority network traffi
Comments to this Manuals