Dell N4000 manual

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
1001
1002
1003
1004
1005
1006
1007
1008
1009
1010
1011
1012
1013
1014
1015
1016
1017
1018
1019
1020
1021
1022
1023
1024
1025
1026
1027
1028
1029
1030
1031
1032
1033
1034
1035
1036
1037
1038
1039
1040
1041
1042
1043
1044
1045
1046
1047
1048
1049
1050
1051
1052
1053
1054
1055
1056
1057
1058
1059
1060
1061
1062
1063
1064
1065
1066
1067
1068
1069
1070
1071
1072
1073
1074
1075
1076
1077
1078
1079
1080
1081
1082
1083
1084
1085
1086
1087
1088
1089
1090
1091
1092
1093
1094
1095
1096
1097
1098
1099
1100
1101
1102
1103
1104
1105
1106
1107
1108
1109
1110
1111
1112
1113
1114
1115
1116
1117
1118
1119
1120
1121
1122
1123
1124
1125
1126
1127
1128
1129
1130
1131
1132
1133
1134
1135
1136
1137
1138
1139
1140
1141
1142
1143
1144
1145
1146
1147
1148
1149
1150
1151
1152
1153
1154
1155
1156
1157
1158
1159
1160
1161
1162
1163
1164
1165
1166
1167
1168
1169
1170
1171
1172
1173
1174
1175
1176
1177
1178
1179
1180
1181
1182
1183
1184
1185
1186
1187
1188
1189
1190
1191
1192
1193
1194
1195
1196
1197
1198
1199
1200
1201
1202
1203
1204
1205
1206
1207
1208
1209
1210
1211
1212
1213
1214
1215
1216
1217
1218
1219
1220
1221
1222
1223
1224
1225
1226
1227
1228
1229
1230
1231
1232
1233
1234
1235
1236
1237
1238
1239
1240
1241
1242
1243
1244
1245
1246
1247
1248
1249
1250
1251
1252
1253
1254
1255
1256
1257
1258
1259
1260
1261
1262
1263
1264
1265
1266
1267
1268
1269
1270
1271
1272
1273
1274
1275
1276
1277
1278
1279
1280
1281
1282
1283
1284
1285
1286
1287
1288
1289
1290
1291
1292
1293
1294
1295
1296
1297
1298
1299
1300
1301
1302
1303
1304
1305
1306
1307
1308
1309
1310
1311
1312
1313
1314
1315
1316
1317
1318
1319
1320
1321
1322
1323
1324
1325
1326
1327
1328
1329
1330
1331
1332
1333
1334
1335
1336
1337
1338
1339
1340
1341
1342
1343
1344
1345
1346
1347
1348
1349
1350
1351
1352
1353
1354
1355
1356
1357
1358
1359
1360
1361
1362
1363
1364
1365
1366
1367
1368
1369
1370
1371
1372
1373
1374
1375
1376
1377
1378
1379
1380
1381
1382
1383
1384
1385
1386
1387
1388
1389
1390
1391
1392
1393
1394
1395
1396
1397
1398
1399
1400
1401
1402
1403
1404
1405
1406
1407
1408
1409
1410
1411
1412
1413
1414
1415
1416
1417
1418
1419
1420
1421
1422
1423
1424
1425
1426
1427
1428
1429
1430
1431
1432
1433
1434
1435
1436
1437
1438
1439
1440
1441
1442
1443
1444
1445
1446
1447
1448
1449
1450
1451
1452
1453
1454
1455
1456
1457
1458
1459
1460

Ir para a página of

Bom manual de uso

As regras impõem ao revendedor a obrigação de fornecer ao comprador o manual com o produto Dell N4000. A falta de manual ou informações incorretas fornecidas ao consumidor são a base de uma queixa por não conformidade do produto com o contrato. De acordo com a lei, pode anexar o manual em uma outra forma de que em papel, o que é frequentemente utilizado, anexando uma forma gráfica ou manual electrónicoDell N4000 vídeos instrutivos para os usuários. A condição é uma forma legível e compreensível.

O que é a instrução?

A palavra vem do latim "Instructio" ou instruir. Portanto, no manual Dell N4000 você pode encontrar uma descrição das fases do processo. O objetivo do manual é instruir, facilitar o arranque, a utilização do equipamento ou a execução de determinadas tarefas. O manual é uma coleção de informações sobre o objeto / serviço, um guia.

Infelizmente, pequenos usuários tomam o tempo para ler o manual Dell N4000, e um bom manual não só permite conhecer uma série de funcionalidades adicionais do dispositivo, mas evita a formação da maioria das falhas.

Então, o que deve conter o manual perfeito?

Primeiro, o manual Dell N4000 deve conte:
- dados técnicos do dispositivo Dell N4000
- nome do fabricante e ano de fabricação do dispositivo Dell N4000
- instruções de utilização, regulação e manutenção do dispositivo Dell N4000
- sinais de segurança e certificados que comprovam a conformidade com as normas pertinentes

Por que você não ler manuais?

Normalmente, isso é devido à falta de tempo e à certeza quanto à funcionalidade específica do dispositivo adquirido. Infelizmente, a mesma ligação e o arranque Dell N4000 não são suficientes. O manual contém uma série de orientações sobre funcionalidades específicas, a segurança, os métodos de manutenção (mesmo sobre produtos que devem ser usados), possíveis defeitos Dell N4000 e formas de resolver problemas comuns durante o uso. No final, no manual podemos encontrar as coordenadas do serviço Dell na ausência da eficácia das soluções propostas. Atualmente, muito apreciados são manuais na forma de animações interessantes e vídeos de instrução que de uma forma melhor do que o o folheto falam ao usuário. Este tipo de manual é a chance que o usuário percorrer todo o vídeo instrutivo, sem ignorar especificações e descrições técnicas complicadas Dell N4000, como para a versão papel.

Por que ler manuais?

Primeiro de tudo, contem a resposta sobre a construção, as possibilidades do dispositivo Dell N4000, uso dos acessórios individuais e uma gama de informações para desfrutar plenamente todos os recursos e facilidades.

Após a compra bem sucedida de um equipamento / dispositivo, é bom ter um momento para se familiarizar com cada parte do manual Dell N4000. Atualmente, são cuidadosamente preparados e traduzidos para sejam não só compreensíveis para os usuários, mas para cumprir a sua função básica de informação

Índice do manual

  • Página 1

    Dell Networking N2000, N3000, and N4000 Series Switches User’ s Configuration Guide Regulatory Models: N2024, N202 4P , N2038,N2048P , N3024, N3024F , N3024P , N3048, N3048 P , N4032, N4032F , N4064, N4064F[...]

  • Página 2

    Notes and Ca utions NOTE: A NOTE indica tes imp ortant informat ion tha t helps you mak e bette r use of your co mputer . CAUTION: A C AUTION indicate s potent ial damage to hardware or loss of data if inst ructions a re not f ollowed . ________ ____ Information in this publication is subject to change without notice. © 201 4 Dell Inc. A ll rights[...]

  • Página 3

    Content s 3 Content s 1 Introduction . . . . . . . . . . . . . . . . . . . . . . . 51 About This Docu ment . . . . . . . . . . . . . . . . . . 51 Audi ence . . . . . . . . . . . . . . . . . . . . . . . . . 52 Docume nt Conv entions . . . . . . . . . . . . . . . . . 52 Addition al Documen tation . . . . . . . . . . . . . . . . 53 2 Switch Feature Ov[...]

  • Página 4

    4 Conte nts Single IP Man agement . . . . . . . . . . . . . . . 61 Master Failov er with T ran sparen t T ransit ion . . . . 62 Nonsto p Forwar ding on the Stack . . . . . . . . . 62 Hot Add/Delet e and Firmware Synchr onizat ion . . . . . . . . . . . . . . . . . . . 62 Security Feature s . . . . . . . . . . . . . . . . . . . . 63 Confi gurab le Ac[...]

  • Página 5

    Content s 5 Power over Etherne t (PoE) P lus Feature s . . . . . . . . 70 Power Over E thernet (Po E) Plus Configu ratio n . . . . . . . . . . . . . . . . . . . . 70 PoE Plus Support . . . . . . . . . . . . . . . . . . 70 Switch ing Feat ures . . . . . . . . . . . . . . . . . . . 71 Flow C ontrol Sup port (IEE E 802.3x ) . . . . . . . . . 71 Head o[...]

  • Página 6

    6 Conte nts GARP and GVRP S upport . . . . . . . . . . . . . . 78 Vo i c e V L A N . . . . . . . . . . . . . . . . . . . . . 78 Guest VLAN . . . . . . . . . . . . . . . . . . . . . 78 Double VLANs . . . . . . . . . . . . . . . . . . . . 78 Spann ing T ree Protocol Feature s . . . . . . . . . . . . 79 Spanni ng T ree P rotoc ol (STP) . . . . . . . .[...]

  • Página 7

    Content s 7 IPv6 Rout es . . . . . . . . . . . . . . . . . . . . . 85 OSPFv3 . . . . . . . . . . . . . . . . . . . . . . . 85 DHCPv6 . . . . . . . . . . . . . . . . . . . . . . . 85 Quality of Se rvice (QoS) Featu res . . . . . . . . . . . . 86 Diff eren tiate d Ser vice s (Dif fServ ) . . . . . . . . . 86 Class Of Service (C oS) . . . . . . . . . [...]

  • Página 8

    8 Conte nts N2000 Seri es Bac k Pane l . . . . . . . . . . . . . . 95 N2000 LED Def initions . . . . . . . . . . . . . . . . 97 Power Cons umption for N2000 Series PoE Switch es . . . . . . . . . . . . . . . . . . . . . 100 Dell Networ king N3 000 Series Sw itch Hardware . . . . . . . . . . . . . . . . . . . . . . . . 10 2 N3000 Serie s Front Panel[...]

  • Página 9

    Content s 9 Using the Device View Swi tch Lo cator Feature . . . . . . . . . . . . . . . . . . . . . . . 133 5 Using the Command-Line Interface . . . . 135 Accessin g the S witch Thr ough th e CLI . . . . . . . . . 135 Conso le Connec tion . . . . . . . . . . . . . . . . 135 T elnet Conn ection . . . . . . . . . . . . . . . . . 136 Under stand ing [...]

  • Página 10

    10 Conte nts What Is Out-of- Band Manag ement an d In-Ba nd Manage ment? . . . . . . . . . . . . . . 14 9 Default Netwo rk Informatio n . . . . . . . . . . . . . 151 Configu ring Bas ic Network In formation (Web ) . . . . 152 Out-of-Ban d Interf ace . . . . . . . . . . . . . . 152 IP Inte rface Config uratio n (Def ault VLAN IP Address) . . . . . .[...]

  • Página 11

    Content s 11 Basic Netw ork Info rmation C onfiguration Examp le . . . . . . . . . . . . . . . . . . . . . . . . . 166 8 Managing QSFP Ports . . . . . . . . . . . . . . 169 9 Managing a Switch Stack . . . . . . . . . . . 171 Stac king Ove rview . . . . . . . . . . . . . . . . . . . 171 Dell Networki ng N2000, N3000 , and N4000 Stacki ng Compa tibil[...]

  • Página 12

    12 Conte nts Managi ng the S tack (C LI) . . . . . . . . . . . . . . . 192 Confi guring Stack Member , St ack Por t, and NSF Settings . . . . . . . . . . . . . . . . . . . 192 Viewin g and Clea ring Sta cking an d NSF Informatio n . . . . . . . . . . . . . . . . . . . . 194 Stack ing a nd NSF Usag e Scen arios . . . . . . . . . . 195 Basi c Failov [...]

  • Página 13

    Content s 13 Auth orizatio n Example s . . . . . . . . . . . . . . . . . 227 Local A uthori zation Example—D irect Login to Privile ged EX EC Mod e . . . . . . . . . . . 227 T AC ACS+ Aut horiza tion Exa mple—Di rect Login to Privile ged EX EC Mod e . . . . . . . . . . . 227 T ACACS+ Auth orizati on Examp le— Administra tive Profil es . . . .[...]

  • Página 14

    14 Conte nts 11 Monitoring and Logging Sy stem Information . . . . . . . . . . . . . . . . . . . . . . 243 System Monitor ing Ove rview . . . . . . . . . . . . . 243 What Syst em Information Is Monitored? . . . . . 243 Why Is S ystem Info rmation Need ed? . . . . . . . 244 Wher e Are L og M essages Sent? . . . . . . . . . 244 What Are the Severit y[...]

  • Página 15

    Content s 15 Moni toring Sy stem In formatio n and Co nfigur ing Logging (CLI) . . . . . . . . . . . . . . . . . . . . . . . 267 Viewin g System I nformat ion and En abling the Loca tor LED . . . . . . . . . . . . . . . . . . . 267 Runnin g Cable Dia gnostic s . . . . . . . . . . . . . 268 Conf iguring Loca l Logg ing . . . . . . . . . . . . . 269 [...]

  • Página 16

    16 Conte nts SNTP Auth entic ation . . . . . . . . . . . . . . . 294 SNTP Serve r . . . . . . . . . . . . . . . . . . . 296 Summer T ime Config uration . . . . . . . . . . . 299 T i me Zone Con figura tion . . . . . . . . . . . . . 300 Card Confi guratio n . . . . . . . . . . . . . . . . 301 Slot Sum mary . . . . . . . . . . . . . . . . . . . 302 S[...]

  • Página 17

    Content s 17 What Are S NMP T rap s? . . . . . . . . . . . . . . 324 Why Is S NMP Neede d? . . . . . . . . . . . . . . 325 Default SNM P Valu es . . . . . . . . . . . . . . . . . . 325 Con figuri ng SNM P (Web) . . . . . . . . . . . . . . . . 327 SNMP Global Paramete rs . . . . . . . . . . . . . 327 SNMP V iew S ettings . . . . . . . . . . . . . . [...]

  • Página 18

    18 Conte nts What Me thods Ar e Support ed for Fil e Manage ment? . . . . . . . . . . . . . . . . . . . 363 What Fa ctors Should Be Co nsid ered Wh en Managi ng F iles? . . . . . . . . . . . . . . . . . . 364 How Is th e Runn ing Co nfigurat ion Sav ed? . . . . 366 Managi ng Image s and Fil es (Web) . . . . . . . . . . 367 File S ystem . . . . . . [...]

  • Página 19

    Content s 19 How Does USB Auto Configu ration Us e the Files on t he USB De vice? . . . . . . . . . . . . . . 391 What Is the Setup File Format? . . . . . . . . . . . 392 What Is the DHC P Auto C onfigurat ion Proc ess? . . . . . . . . . . . . . . . . . . . . . . 393 Monito ring and Completing the DHCP Auto Configu ratio n Process . . . . . . . . .[...]

  • Página 20

    20 Conte nts Default T raffic Mon itoring V alues . . . . . . . . . . . 414 Monitor ing Swit ch T raffic (W eb) . . . . . . . . . . . 414 sFlow Agen t Summary . . . . . . . . . . . . . . 41 4 sFlo w Receive r Conf igurati on . . . . . . . . . . 416 sFlow Sa mpler Configuratio n . . . . . . . . . . . 41 7 sFlo w Poll Conf igura tion . . . . . . . . [...]

  • Página 21

    Content s 21 17 Configuring iSCSI Optimization . . . . . . . 459 iSCSI Opti mization Overvi ew . . . . . . . . . . . . . . 459 What Do es iSCS I Optimiz ation Do? . . . . . . . . . 460 How Does the Swi tch Detect iSCSI T raffic Flow s? . . . . . . . . . . . . . . . . . . . . 460 How Is Quality of Service App lied to iSCSI T raffic Flow s? . . . . .[...]

  • Página 22

    22 Conte nts 18 Configuring Port Characteristics . . . . . . 477 Port Ove rview . . . . . . . . . . . . . . . . . . . . . 477 What Ph ysical Port Ch aracteri stics Ca n Be Conf igure d? . . . . . . . . . . . . . . . . . . 477 What i s Link Depe ndency? . . . . . . . . . . . . 479 What Interface T ypes are Supporte d? . . . . . . 481 What i s Inter [...]

  • Página 23

    Content s 23 Port Securi ty (Port-MAC Locking) . . . . . . . . . 539 Cap tive Po rtal . . . . . . . . . . . . . . . . . . . . . . 543 Captiv e Port al Overv iew . . . . . . . . . . . . . . 543 Default Ca ptive Port al Behavior and Setting s . . . 548 Conf iguri ng the Ca ptive P ortal (Web) . . . . . . . 550 Configu ring Ca ptive P ortal (CL I) . .[...]

  • Página 24

    24 Conte nts Poli cy Base d Routi ng . . . . . . . . . . . . . . . . . 594 Overvi ew . . . . . . . . . . . . . . . . . . . . . 594 Limitation s . . . . . . . . . . . . . . . . . . . . . 596 Exam ples . . . . . . . . . . . . . . . . . . . . . 598 Configu ring ACLs (Web) . . . . . . . . . . . . . . . . 599 IP A CL Co nfigura tion . . . . . . . . . . [...]

  • Página 25

    Content s 25 Doubl e-VLAN T a gging . . . . . . . . . . . . . . . 651 Vo i c e V L A N . . . . . . . . . . . . . . . . . . . . . 652 Priv ate VLA Ns . . . . . . . . . . . . . . . . . . . 654 Addi tional VLAN Feat ures . . . . . . . . . . . . . 660 Default VLAN Beh avior . . . . . . . . . . . . . . . . . 661 Con figuri ng VLAN s (Web) . . . . . . . [...]

  • Página 26

    26 Conte nts Confi gure the VLANs and Po rts on Sw itch 2 . . . 705 Confi guri ng VLANs Us ing the C LI . . . . . . . . . 706 Con figuri ng a V oic e VLAN . . . . . . . . . . . . 710 22 Configuring the Spanning T ree Protocol . . . . . . . . . . . . . . . . . . . . . . . . . 71 5 STP Overvie w . . . . . . . . . . . . . . . . . . . . . 715 What Are [...]

  • Página 27

    Content s 27 Conf igurin g Span ning T re e (CLI) . . . . . . . . . . . . . 746 Configu ring Globa l STP Bridge Settings . . . . . . 746 Conf iguri ng Opti onal S TP Fe atures . . . . . . . . . 747 Configu ring ST P Interface Settings . . . . . . . . 748 Configu ring MS TP Swi tch S ettings . . . . . . . . . 749 Configu ring MSTP Interfac e Setting[...]

  • Página 28

    28 Conte nts LLDP -MED Remo te De vice Info rmat ion . . . . . 776 Configu ring ISDP and L LDP (CLI) . . . . . . . . . . . 777 Configu ring Gl obal ISD P Sett ings . . . . . . . . . 777 Enabli ng ISDP on a P ort . . . . . . . . . . . . . 778 Viewin g and Clea ring ISD P Infor mation . . . . . 778 Conf iguring Global LLDP Sett ings . . . . . . . . .[...]

  • Página 29

    Content s 29 Configu ring Prot ected Por ts . . . . . . . . . . . . 799 Configu ring LLP F . . . . . . . . . . . . . . . . . . 800 Port-Bas ed T raffic Control Configu ration E xample . . . 801 25 Configuring L2 Multicast Features . . . . 803 L2 Multicas t Overview . . . . . . . . . . . . . . . . . . 803 Mult icast Floo ding and Fo rward ing . . . [...]

  • Página 30

    30 Conte nts VLAN Querie r Status . . . . . . . . . . . . . . . 827 MFDB IGM P Snoo ping T able . . . . . . . . . . . 828 MLD Snoo ping Gen eral . . . . . . . . . . . . . . 829 MLD Sn ooping Globa l Querie r Config uratio n . . . 831 MLD Sn ooping VLAN Qu erier . . . . . . . . . . . 832 MLD Sn ooping VLAN Qu erier Status . . . . . . . 834 MFDB ML D[...]

  • Página 31

    Content s 31 What is the Admini strator ’ s Role? . . . . . . . . . 863 Default Dot 1ag V alues . . . . . . . . . . . . . . . . . . 864 Con figuri ng Dot 1ag (Web) . . . . . . . . . . . . . . . . 865 Dot1ag Global Config uration . . . . . . . . . . . . 865 Dot1 ag MD Conf igurat ion . . . . . . . . . . . . . . 865 Dot1 ag MA Conf igurat ion . . .[...]

  • Página 32

    32 Conte nts Default T raffic Snoopi ng and In spection V alues . . . 885 Conf iguring T raffic Sn ooping and Inspectio n (We b) . . . . . . . . . . . . . . . . . . . . 887 DHCP Snoopi ng Conf igurati on . . . . . . . . . . 887 DHCP Snoo ping I nterfa ce Co nfigur atio n . . . . . 888 DHCP Snoo ping V LAN C onfig uratio n . . . . . . . 890 DHCP Sno[...]

  • Página 33

    Content s 33 28 Configuring Link Aggregation . . . . . . . . 913 Link Agg regati on . . . . . . . . . . . . . . . . . . . . . 913 Overview . . . . . . . . . . . . . . . . . . . . . . 913 Defa ult L ink Ag gregati on Values . . . . . . . . . . 917 Conf iguring Link Aggreg ation ( Web) . . . . . . . . 918 Conf iguring Link A ggregat ion ( CLI) . . . [...]

  • Página 34

    34 Conte nts DCB Cap ability Exch ange . . . . . . . . . . . . . . . 992 Interope rabilit y with IEEE DC Bx . . . . . . . . . 993 DCBx and Po rt Roles . . . . . . . . . . . . . . . 993 Confi gurati on Sou rce Por t S election Proc ess . . . . . . . . . . . . . . . . . . . . . . 995 Disabl ing DCBX . . . . . . . . . . . . . . . . . . 996 Confi guri [...]

  • Página 35

    Content s 35 31 Configuring Routing Interfaces . . . . . . 10 21 Routing Interfac e Overv iew . . . . . . . . . . . . . . 1021 What Are VLAN R outin g Inter faces ? . . . . . . . 1021 What Are Loopbac k Interfa ces? . . . . . . . . . 1022 What Ar e T unnel Inte rfaces? . . . . . . . . . . . 1023 Why A re Rout ing I nterfac es Nee ded? . . . . . . 1[...]

  • Página 36

    36 Conte nts Default DHCP Serve r V alues . . . . . . . . . . . . . . 1042 Configu ring the DHCP Se rver (W eb) . . . . . . . . . . 1043 DHCP Se rver Net work Prop erties . . . . . . . . 1043 Addre ss Pool . . . . . . . . . . . . . . . . . . . 1045 Addre ss Pool Optio ns . . . . . . . . . . . . . . . 1049 DHCP Bindin gs . . . . . . . . . . . . . . [...]

  • Página 37

    Content s 37 Router Disco very S tatus . . . . . . . . . . . . . 1072 Rout e T a ble . . . . . . . . . . . . . . . . . . . . 1073 Best Routes T a ble . . . . . . . . . . . . . . . . 1074 Rou te Entry Config urati on . . . . . . . . . . . . 1075 Conf igure d Routes . . . . . . . . . . . . . . . . 1077 Rout e Prefer ences Co nfigura tion . . . . . . [...]

  • Página 38

    38 Conte nts IP Hel per In terfac e Confi gurat ion . . . . . . . . 1102 IP H elper Stati stics . . . . . . . . . . . . . . . . 1104 Config uring L2 an d L3 Relay Fe atures ( CLI) . . . . . . 1105 Confi guri ng L2 DHCP Re lay . . . . . . . . . . . . 1105 Configu ring L3 Rela y (IP Helper) Settin gs . . . . 1107 Relay Agent Conf igurati on Exampl e [...]

  • Página 39

    Content s 39 OSPF Virtual Link Config urati on . . . . . . . . . 1132 OSPF Virtual Link S ummary . . . . . . . . . . . . 1134 OSPF Rout e Redi stribut ion C onfig uration . . . . 1135 OSPF Rout e Redi stributi on Summ ary . . . . . . . 1136 NSF O SPF Config urati on . . . . . . . . . . . . . 1137 Config uring OSPFv3 Fe atures (Web) . . . . . . . . [...]

  • Página 40

    40 Conte nts Confi guring O SPFv3 Ro ute Red istribu tion Setting s . . . . . . . . . . . . . . . . . . . . . . 1175 Configu ring NSF Settings for OSPF v3 . . . . . . . 1176 OSPF C onfigura tion Ex amples . . . . . . . . . . . . . 1177 Confi guri ng an OSP F Borde r Rout er and Setting Interfac e Cost s . . . . . . . . . . . . . . 1177 Confi guri n[...]

  • Página 41

    Content s 41 Conf iguri ng Rou te Redi stribut ion S etting s . . . . 1211 RIP C onfigur ation Ex ample . . . . . . . . . . . . . . 1213 37 Configuring VRRP . . . . . . . . . . . . . . . . 12 17 VRRP Overv iew . . . . . . . . . . . . . . . . . . . . 1217 How Does VRRP W ork? . . . . . . . . . . . . . . 1217 What Is the VRR P Router Prio rity? . . .[...]

  • Página 42

    42 Conte nts 38 Configuring IPv6 Routing . . . . . . . . . . . 1241 IPv6 Rou ting Overv iew . . . . . . . . . . . . . . . . . 1241 How Does IPv6 Compare with IPv4? . . . . . . . 1242 How Are I Pv6 Interf aces Confi gured ? . . . . . . 1242 Default IPv6 Rou ting V alues . . . . . . . . . . . . . . 1243 Config uring IPv6 Routin g Feature s (Web) . . [...]

  • Página 43

    Content s 43 IPv6 St atic Reject and Dis card Ro utes . . . . . . . . 1263 39 Configuring DHCPv6 Server and Relay Settings . . . . . . . . . . . . . . . . . . . 1265 DHCPv6 Overvie w . . . . . . . . . . . . . . . . . . . 1265 What Is a DHCPv6 Pool ? . . . . . . . . . . . . . 1266 What Is a Statel ess Serv er? . . . . . . . . . . . 1266 What Is the [...]

  • Página 44

    44 Conte nts Confi guring t he DHC Pv6 Serv er for Pre fix Delega tion . . . . . . . . . . . . . . . . . . . . . 1282 Confi guri ng an Int erface as a DHCPv6 Relay Ag ent . . . . . . . . . . . . . . . . . . . . 1283 40 Configuring Differentiated Services . . 128 5 DiffServ Overv iew . . . . . . . . . . . . . . . . . . . 1285 How Does D iffServ Fu n[...]

  • Página 45

    Content s 45 DiffServ for V oIP . . . . . . . . . . . . . . . . . 1310 41 Configuring Class-of-Service . . . . . . . 1313 CoS Ove rview . . . . . . . . . . . . . . . . . . . . . 1313 What Are T rusted and Unt ruste d Port Modes ? . . . . . . . . . . . . . . . . . . . . . . 1314 How Is T raffic Shap ing Us ed on Egress T raffi c? . . . . . . . . . .[...]

  • Página 46

    46 Conte nts CoS C onfigu ration Exam ple . . . . . . . . . . . . . . 1328 42 Configuring Auto V oIP . . . . . . . . . . . . . 1331 Auto V oIP Overview . . . . . . . . . . . . . . . . . . 1331 How Does A uto-V oIP Use ACLs? . . . . . . . . . 1332 Default Aut o V oIP V alues . . . . . . . . . . . . . . . 1332 Configu ring Auto V o IP (W eb) . . . . [...]

  • Página 47

    Content s 47 Mult icast Int erface C onfigu ration . . . . . . . . 1358 Mult icast Ro ute T ab le . . . . . . . . . . . . . . 1359 Mult icast Admi n Bounda ry Conf igurat ion . . . . 1360 Mult icast Admi n Boundar y Summary . . . . . . 1361 Multica st Stat ic MRou te Conf iguratio n . . . . . 1361 Multica st Stat ic MRou te Summ ary . . . . . . . .[...]

  • Página 48

    48 Conte nts Configu ring PIM for IPv4 an d IPv6 (We b) . . . . . . . 1382 PIM Gl obal Co nfigura tion . . . . . . . . . . . . . 1382 PIM Gl obal St atus . . . . . . . . . . . . . . . . . 1383 PIM In terfac e Confi gurati on . . . . . . . . . . . 1384 PIM In terfac e Summary . . . . . . . . . . . . . 1385 Candid ate R P Confi guration . . . . . . .[...]

  • Página 49

    Content s 49 Configu ring and V iewing DVMRP Informatio n . . . . . . . . . . . . . . . . . . . . 1416 L3 Multicas t Configur ation Example s . . . . . . . . . 1417 Configu ring Mu lticast V LAN Ro uting W ith IGMP and PIM -SM . . . . . . . . . . . . . . . . 1417 Configu ring DVMRP . . . . . . . . . . . . . . . 1421 A Feature Limitations and Platfo[...]

  • Página 50

    50 Conte nts[...]

  • Página 51

    Introd uction 51 1 Introduction The switches i n the Dell Netwo rking N2000/N 3000/N400 0 series ar e stack able Layer 2 and 3 switches tha t extend t he Dell Networking LA N switching product range. These switches i nclude the following features: • 1U form factor , rack-mountabl e chassis design. • Supp ort for all data-communica tion re quir [...]

  • Página 52

    52 Introduct ion Audience This guide is for net work administrators in char ge of managing one or more Dell Ne tworking se ries switches . T o obtain the greatest bene fit from this guide, you should have a basic understan ding of Ethernet networks and local area netw ork (LAN) concepts. Docume nt Conventions T able 1-1 de scribes th e typog raphic[...]

  • Página 53

    Introd uction 53 Additional Do cumentation The following documents for the Dell Networking serie s switches ar e available at supp ort.d ell. com/ma nuals : • Getti ng Start ed Guide— provides information a bout the swit ch models in the series, including front and back panel featur es. It also describes the installa tion and initia l configura[...]

  • Página 54

    54 Introduct ion[...]

  • Página 55

    Switch Featu re Overvi ew 55 2 Switch Feature Overview This secti on describes the switch user -configurable softwar e featur es. The topics covere d in this section include: NOTE: Bef ore proc eeding, read th e release notes for this pro duct. T he rele ase notes a re part of t he firmware d ownload. • Syst em Management Fe a t u r e s •S t a [...]

  • Página 56

    56 Switch Featur e Overv iew System Manage ment Feature s Multiple Mana gement Options Y ou can use any of the following methods to manage the switch: • Use a web browser to access the Dell OpenManage Switch Admini strator interface. T he switch contains an em bedded W eb server that serves HTML pag es. • Use a T elnet client, SSH clien t, or a[...]

  • Página 57

    Switch Featu re Overvi ew 57 Log Message s The switch maint ains in-memory log messages as well as persist ent logs. Y ou can configure remote logging so that the swit ch sends log messag es to a remote SYSLOG serv er . Y ou can also configure the switch to email log messages to a confi gured SMTP server . This allows you to r eceive the log messag[...]

  • Página 58

    58 Switch Featur e Overv iew IPv6 Manag ement Features Dell Networking series switches pro vide IPv6 support for many standard management features including HT TP , HT TPS/SSL, T elne t, SSH, SNMP , SNTP , TFTP , and traceroute on b oth the in-band and out -of -band management ports. Dual Softwar e Images Dell Networking series switches can store u[...]

  • Página 59

    Switch Featu re Overvi ew 59 •I P v 4 D a t a C e n t e r F or i nformation a bout setti ng the SDM te mplate, see " Managing Gener al System Set tings" on page 279 . Automatic In stallat ion of Firmware and Conf igurati on The Auto Install featur e allows the switch to upg rade or downgrade to a newer softwar e image and update the co [...]

  • Página 60

    60 Switch Featur e Overv iew SNMP Alarms and T rap Logs The system logs event s with severity codes and tim estamps. The events are sent as SNMP tra ps to a tr ap r ecipi ent li st. F or information about configuring SNMP trap s and alarm s, se e "C onfig uring SNMP" on page 323. CDP Interope rabilit y through ISDP Indu stry Stan dar d Di[...]

  • Página 61

    Switch Featu re Overvi ew 61 Stacking Feature s F or information about cr eating and maintaini ng a stack of switches, s ee "Managing a Switch Stack" on p age 171. High Stac k Count The Dell Network ing N2000, N30 00, and N4000 serie s switches include a stacking feat ure th at allows up to 12 switches to operate as a sing le unit. The N2[...]

  • Página 62

    62 Switch Featur e Overv iew Master F ailover wit h T ransparent T ransitio n The stacking fe ature suppor ts a standby or backup unit that assumes the stack maste r role if the st ack master fails. As soon as a stack master fail ure is detected, the standby unit i nitializes the control plane and enables all other stack units with the current conf[...]

  • Página 63

    Switch Featu re Overvi ew 63 Security Featur es Configura ble Ac cess and Authenticati on Profi les Y ou can configure rules to limit acces s to the switch management interface based on criteria such as a ccess type and source IP addr ess of the management host. Y ou can also require th e user to be authenti cated locally or by an e xternal se rver[...]

  • Página 64

    64 Switch Featur e Overv iew RADIUS Suppor t The switch has a Remote Authent ication Dial In User Service (R ADIUS) client and can support up to 32 named authentication and accounting R ADIUS server s. The switch al so supports R ADIUS Attribute 4, which is the configuration of a NAS-IP addr e ss. Y ou can also configure the switch to accept R ADIU[...]

  • Página 65

    Switch Featu re Overvi ew 65 • BPDU Storm Prot ection: By default, if Spannin g T ree P rotocol (STP) bridg e protocol data u nits (BPDUs) ar e received at a rate of 15pps or greater for thr ee cons ecutive seconds on a port, the p ort will be diagnostica lly disabled. Th e threshold is not configurable. • DHC P Snooping: If DHC P packets are r[...]

  • Página 66

    66 Switch Featur e Overv iew Dot1x Authent ication (IEEE 802.1X) Dot1x a uthenticatio n enables the a uthenticat ion of syst em users through a local internal server or a n external s erver . Only authenticated and approved system users can transmit and receive frames over the po rt. Supplicants are authen ticated usin g the Extensib le Authenticat[...]

  • Página 67

    Switch Featu re Overvi ew 67 Access Contro l Lists (ACL ) Access Control List s (ACLs) ensure that only authorized users have access to specific r esources wh ile blocking o ff any unwarranted attempts to r each network resources. A CLs ar e used to pr ovide traffic flow control, restrict contents of routing updates, decide which types of traffic a[...]

  • Página 68

    68 Switch Featur e Overv iew DHCP Snooping DHCP Snooping is a security featur e that monitors DH CP messages bet ween a DHCP client and DHCP server . It filters harmful DHCP messages an d builds a bindings database of (MA C addr ess, IP addr ess, VLAN ID, port) tuples that are sp ecified as authori zed. DHCP snooping ca n be enabled globally an d o[...]

  • Página 69

    Switch Featu re Overvi ew 69 Green T echnology Fe atures F or information about configuring Gr een T echnology featu res, see "Configuring P ort Characteristics" on pa ge 477. Energy Det ect Mode When the Energy Detect mode is en abled and the port link is down, the PHY automa tica lly goe s dow n for sh ort p eriod of tim e and then w ak[...]

  • Página 70

    70 Switch Featur e Overv iew Power over Ethern et (PoE) Plus Featu res F or information about configuring P oE Plus featur e s, see "Managing General System Settings" on p age 279." Power Over Ether net (PoE) Plus Conf igurati on The Dell Networking N2 024P/N2048P and N30 24P/N304 8P switches s upport P oE Plus configuration for powe[...]

  • Página 71

    Switch Featu re Overvi ew 71 Switching Feature s Flow Contr ol Suppor t (IEE E 802.3x) Flow cont rol enables lower s peed switches to communicate with higher speed switches by requesting that the higher speed switch r efrain from sending pack ets for a limited period of time. T ransmissions are temporaril y halted to prevent buffer overflows . F or[...]

  • Página 72

    72 Switch Featur e Overv iew Auto-MDI/MDI X Support Y our sw itch suppor ts auto-det ection betw een crossed and s traight-thr ough cable s. Media -Depend ent Inte rface (MDI) is the stand ard wiri ng for en d stations, a nd the standar d wiring for hubs an d switches is know n as Media- Depend ent In terfac e with C rossov er (MDIX ). A uto-neg ot[...]

  • Página 73

    Switch Featu re Overvi ew 73 Broadcast St orm Control When Layer 2 frames are forwarded, br oadcast, unknown unicast , and multicast frames ar e flooded to all ports on the r elevant vi rtual local area network (VLAN). The flooding occupies bandwidth, and loads all nodes connected on all ports. Storm control limits t he amount of broadcast, unknown[...]

  • Página 74

    74 Switch Featur e Overv iew Link Layer Discovery Pro tocol (LLDP) The IEEE 802.1AB defined standard, Link La yer Discover y P rotocol (L LDP), allows the sw itch to advertise major ca pabili ties and physical d escriptio ns. This information can help you identi fy system topology a nd detect bad configurations on the LAN. F or information about co[...]

  • Página 75

    Switch Featu re Overvi ew 75 has different loss tolerances. P riorities are differentiated by the priority field of the 802.1Q VLAN header . The N4000 switches support lossless transport of frames on up to two priorit y classes. F or information about configuring the P FC featur e, see "Configuring Data Center Bridging F eatures" on page [...]

  • Página 76

    76 Switch Featur e Overv iew Cisco Proto col Filteri ng The Cisco Protocol F iltering feature (also known as Link L ocal P rotocol F i ltering) filters Cisco protocols that should not normally be rel ayed by a bridge. The group addresses of these Cisco protocols do not fa ll within the IEEE defined range of the 802.1D MA C Bridge F iltered MA C Gro[...]

  • Página 77

    Switch Featu re Overvi ew 77 V irtual Loca l Area Networ k Supported Features F or information about configuring VLAN features see "Configuring VLANs" on page 64 5. VLAN Support VLANs are collect ions of switching port s that compr ise a single broadcast domain. P ackets are classified as belonging to a VLAN based on ei ther the VLAN tag [...]

  • Página 78

    78 Switch Featur e Overv iew GARP and GVRP Support The switch supports the Generic Attribut e Registration P rotocol (GARP). GARP VLAN Registration Protocol (GVR P) r elies o n the services prov ided by GARP to provide IEEE 802.1Q-compliant VLAN pruning and dynamic VLAN cr eation on 802.1Q trunk ports. When GVRP is enabled, the switch regis ters an[...]

  • Página 79

    Switch Featu re Overvi ew 79 Spanning T ree Protoc ol Featur es F or information about configuring Spa nning T ree P rotocol features, see "Configuring the Spannin g T ree Protocol" on page 715. Spanning T ree Protocol (STP) Spanning T ree P rotocol (IEEE 802.1D) is a standa rd r equirement of Layer 2 switches that a llows bridges to auto[...]

  • Página 80

    80 Switch Featur e Overv iew Bridge Pr otocol Data Unit (BPDU) Gu ard Spanning T ree BPDU Guar d is us ed to disable the port in case a new device tries to e nter the already existing topo logy of STP . Thus devic es, which were original ly not a part of STP , are not allowed to influence the S TP topolog y . BPDU Filter ing When spanning tree is d[...]

  • Página 81

    Switch Featu re Overvi ew 81 Link Aggrega tion Features F or information about configuring link aggregation (port-channel) features, see "Configuring Link Aggregation" on page 913. Link Aggregat ion Up to eight ports can combine to fo rm a single Link Aggregation Group (LAG). This enables fault tolerance protection from physical link disr[...]

  • Página 82

    82 Switch Featur e Overv iew Routing Fe atures Address Resol ution Protocol (ARP) T able Management Y ou can create static ARP entries a nd manage many settings for the dynamic ARP table, such as age time for ent ries, r etries, and cache size. F or information about managing the ARP tab le, see "Configuring IP Routing " on page 1 063. VL[...]

  • Página 83

    Switch Featu re Overvi ew 83 BOOTP/DHCP Relay Agen t The switch BootP/ DHCP Relay Agent feat ur e relays BootP and DHCP messages be tween DHCP client s and DHCP serv ers that ar e locate d in differ ent IP subnets. F or information about configuring the BootP /DHCP Relay agent, se e "Configuring L2 and L3 Relay F eatures" on page 1087. IP[...]

  • Página 84

    84 Switch Featur e Overv iew V irtual Rout er Redund ancy Protocol (VRRP) VRRP prov ides host s with redundant routers i n the network topo logy without any need for the hosts to reconfigur e or know that there are multiple routers. If the pri mary (master) rout er fails, a seconda ry router assumes co ntrol and continues to use the virtual router [...]

  • Página 85

    Switch Featu re Overvi ew 85 IPv6 Routing Features IPv6 Config uration The sw itch su pports IPv6, th e ne xt ge nerati on of the Int erne t P roto col. Y ou can globally enable IP v6 on the switch and confi gure settings such as the IPv6 hop limit and ICMPv6 rate limit error interval. Y ou can also control whether IPv6 is enable d on a specific in[...]

  • Página 86

    86 Switch Featur e Overv iew F or information about configuring DH C Pv6 settings, see "Co nfiguring DHCPv6 Se rver and Rel ay Setting s" on pag e 1265. Quality of Service (QoS) Features Differe ntiated Ser vices (Dif fServ) The QoS Differ entiated Services (DiffServ) feature allows traffic to be classified into s treams a nd given certai[...]

  • Página 87

    Switch Featu re Overvi ew 87 Internet Small Computer Sy stem Interf ace (iSCSI) Optimizati on The iSCSI Optimiza tion featur e helps network admini strators tr ack iSCSI traffic betw een iSCSI initi ator and targ et systems. This is accomplish ed by moni toring , or sn ooping traff ic to d ete ct pa ckets used by iSCSI st ations in establishing iSC[...]

  • Página 88

    88 Switch Featur e Overv iew IGMP Snoopi ng Querier When P rotocol Independent Multicast (PIM) and IGM P are enab led in a network with IP multicast routing , the IP multic ast router a cts as the IGM P querier . However , if it is desirable to ke ep the multica st network Lay er 2 switched only , the I GMP Snooping Querier can perform t he query f[...]

  • Página 89

    Switch Featu re Overvi ew 89 Layer 3 Multicast Features F or information about configuring L3 multicast features, s ee "Managing IPv4 and IPv6 Mult icast" on pag e 1337. Distance V ector Mult icast Routi ng Protocol Distance V ector Multica st Routing P rotocol (D VMRP ) e xchanges probe pack ets with al l D VMRP -enabled router s, establ[...]

  • Página 90

    90 Switch Featur e Overv iew Protocol I ndependent Mult icast—Spars e Mode Pr o t o c o l I n d e p e n d e n t M u l t i c a s t - S p a r s e M o d e ( P I M - S M ) i s u s e d t o e f f i c i e n t l y rout e mult icast tr affi c to mul ticast g roups that m ay span wi de area ne tworks , and where bandwidth is a cons traint. PIM-SM uses shar[...]

  • Página 91

    Hardware Overview 91 3 Hardware Overview This section provides an overview of the switch hardware. It is or ganized by product type: • Dell Ne tworking N 2000 Series Sw itch Hardware • Dell Ne tworking N 3000 Series Sw itch Hardware • Dell Ne tworking N 4000 Series Sw itch Hardware • Switch MA C Addr esses Dell Networking N2000 Series Switc[...]

  • Página 92

    92 Hardware Overview Figure 3-1. N2048 Switc h with 48 10/100/100 0BASE-T Ports (Fro nt Panel) In ad dition to the swit ch port s, the fr ont panel of ea ch model in the N 2000 series includes the following port s: •C o n s o l e p o r t •U S B p o r t Figure 3-2. N2024 Close-up The N2024 front panel, shown in F igure 3-2, has status LEDs for o[...]

  • Página 93

    Hardware Overview 93 Figure 3-3 . N2024P Close-up The N2024P front panel, shown in F igure 3-3, has s tatus LEDs for over - temperatur e alarm, inter nal power and status on the top row . The bottom row of sta tus L EDs di splays stack mast er , mo dular power s uppl y (MPS) statu s and fan alarm status. Switch Ports The N2024/ N2024P front panel p[...]

  • Página 94

    94 Hardware Overview • RJ-45 port s support full-dup le x mod e 10/100/1000 M bps speeds on standar d Category 5 UTP cable. • SFP+ ports support SFP+ transceivers and SFP+ copper twin-ax techn ology op erating at 10 G or 1G plus SFP tra nsceivers operat ing at 1G. • The N 2024P/ N2048P fron t panel ports suppo rt P oE (15.4W) and P oE+ (34.2W[...]

  • Página 95

    Hardware Overview 95 Port and System LEDs The front panel contains light emitting diodes (LEDs) that indicate the status of p ort links, pow er supplies, fans, stacking, and t he overall sy stem status. See "N200 0 LED Definit ions" on p age 97 for mor e information. Stack Mas ter LED and S tack Number Display When a switch with in a stac[...]

  • Página 96

    96 Hardware Overview Figure 3-6. N2048 Mini-S AS Stacking Ports an d Fans Power Supplies N2024 and N2048 N2024 and N20 48 series s witches have an i nternal 100-w att power supply . The addit ional r edundant power su pply (Dell Netwo rking R PS720) provi des 180 watts of power and gives full redunda ncy for the swit ch. N2024P a nd N2048P N2024P a[...]

  • Página 97

    Hardware Overview 97 N2000 LED Defin itions This secti on describes the LEDs on the fron t and back panels o f the switch. Port LEDs Each port on an N2000 swit ch includ es two LEDs . On e LED i s on t he le ft side of the por t, and the second LED i s on the right side of the p ort. This section desc ribes the LEDs on the switch po rts. 100/1000/1[...]

  • Página 98

    98 Hardware Overview T able 3-1 6 shows the 100 /1000/1 0000Base- T port L ED definitions. Stacki ng Por t LEDs T able 3-1. 100 /1000/10000Base-T Port Definitions LED Color Defini tion Link/S PD LED Off There is no l ink. Solid yellow The port is operatin g at 10/100 Mbps. Solid green The port is oper ating at 1000 Mbps. Activi ty LED (on no n-P oE[...]

  • Página 99

    Hardware Overview 99 System LEDs The system LEDs , located on the back panel, provide in formation about the power supplies, thermal conditions, and dia gnostics. T able 3-21 shows the System LE D definitions f or the N2000 serie s switches. T abl e 3-3. C onsole P ort LED De finitio ns LED Color D efiniti on Link/ SPD LE D Off There is no lin k. S[...]

  • Página 100

    100 Hardware Overview Power Consump tion for N2000 Ser ies PoE Switches T able 3-5 shows power consumption da ta for the P oE -enabled swi tches. The P oE power budget for each interface is controlled by the switch firmware. The administrator can limit the power supp lied on a por t or prioritize power to some ports over others. T able 3-6 shows po[...]

  • Página 101

    Hardware Overview 101 T able 3-6. N2000 Serie s PoE Power Budget Limit One PS U Suppor t T wo PSU s Support Model Name System Po wer Max. Dissipat ion Max. PSU Outpu t Abilit y POE+ Power T urn- on Li mitation Max. PSUs Outpu t Abilit y POE+ Power T urn- on Limitation N2024P 90W 1000W P ower budget is 850W : The t otal POE supp lied powe r must not[...]

  • Página 102

    102 Hardware Overview Dell Networking N3000 Se ries Switch Hardware This secti on contains information ab out device character istics and modular hardwa re configurations for the N3000 series switches. N3000 Series Front Panel The N2000 series front pane l includes the following features: •S w i t c h P o r t s •C o n s o l e P o r t • Out -o[...]

  • Página 103

    Hardware Overview 103 Figure 3-9. N3048 with 48 10/10 0/1000BASE-T Ports (Front Panel) The additi onal ports are on the ri ght side of the front panel, as sho wn in F igure 3- 9 and Figure 3-10 on pa ge 103. Figure 3-1 0. Ad ditional N3 000 Series P orts The N3000 f ront panel above als o contains a r eset butt on (pinhole) and several status LEDs.[...]

  • Página 104

    104 Hardware Overview The N3000 front panel also disp lays status LEDs fo r over -temperatur e alarm, internal p ower supply 1 and sw itch status on the top r ow . The bottom ro w of status LE Ds displays st ack master , internal power sup ply 2 and fan alarm. Switch Ports The N3024/ N3024P front panel provi des 24 Gigabi t Ethernet (10/100/ 1000BA[...]

  • Página 105

    Hardware Overview 105 Conso le Port The console port provides serial communication capabilit ies, which allows communication using RS-232 protocol. The serial p ort provides a dir ect connection to the switch and allows access to the CLI from a console terminal connected to the port thro ugh the provided serial cable (with RJ45 Y OST to female DB-9[...]

  • Página 106

    106 Hardware Overview Port an d System LEDs The front panel contains light emitting diodes (LEDs) that indicate the status of port li nks, power supplies, fans , stacking, and the overall sy stem status. F or information abou t the status t hat the LE Ds indicate, se e the User ’s Co nfigu rat ion Gui de. Stack Mas ter LED and Stack Number Displa[...]

  • Página 107

    Hardware Overview 107 Figure 3-1 3. N3048 Mi ni-SAS S tacking Ports C lose-up The term mini-SAS r efers to the stacking port cable connections shown in F igure 3-13. See "Managing a S witch Stack" on p age 171 for informatio n on using the mini-SAS ports to connect switches. Expans ion Slo ts fo r Plug -in Modu les One expansion slot is l[...]

  • Página 108

    108 Hardware Overview N3024P a nd N3048P Dell Networking N3024P a nd N3048P switches supp ort one or two 1100-watt FRU power supplies. The N30 24P switch is sup plied with a single 715-w att power supply (the default configuration) and supports an additi onal 1100-wat t supply . F or the N30 48P switch, a single 1100- watt power supply is supp lied[...]

  • Página 109

    Hardware Overview 109 LED Definitio ns This secti on describes the LEDs on the fron t and back panels o f the switch. Port LEDs Each port on an N3000 seri es switch includes two LEDs. One LED is on the lef t sid e of th e po rt, a nd th e sec ond LED is on th e ri ght si de of the port . This section desc ribes the LEDs on the switch po rts. 100/10[...]

  • Página 110

    110 Hardware Overview T able 3-1 6 shows the 100 /1000/1 0000Base- T port L ED definitions. Module Bay LEDs The f ollo wing table s desc ribe t he pu rpos e of each o f the m odul e bay L EDs when SFP+ and 10 GBaseT modules are used. T able 3-7. 100 /1000/10000Base-T Port Definitions LED Color Defini tion Link/S PD LED Off There is no l ink. Solid [...]

  • Página 111

    Hardware Overview 111 T abl e 3-9. 10G Base-T Mo dule LED Def initions LED Color D efiniti on Link/S PD LED Off Th ere is no link. Soli d green The port is operating at 10 Gbp s. Solid amber The port is ope rating at 100/1000 Mb ps. Activi ty LED Off There is no current tra nsmit/ receive acti vity . Blin king green The port is activ ely tran smitt[...]

  • Página 112

    112 Hardware Overview System LEDs The system LEDs, located on the back panel, provide information about the power su pplies, th ermal c onditions , and diagnos tics. T able 3-21 sho ws the Sys tem LED definitio ns for the N3 000 series switches. T able 3-12 . Con sole Port LED D efinitions LED Color Definit ion Link/S PD LED Off Ther e is no li nk.[...]

  • Página 113

    Hardware Overview 113 Power Consumpti on for N3000 Series PoE Switches T able 3-14 shows power consumption data for the P oE-enabled switches. The P oE power budget for each interface is controlled by the switch firmware . The administrator can limit the power supplied on a port or priorit ize power to some ports ov er othe rs. T able 3-15 sho ws t[...]

  • Página 114

    114 Hardware Overview T able 3-15 . N3000 Se ries PoE Power Budge t Limit One PSU Support T wo PSUs S upport Model Name System Powe r Max. Dissipat ion Max. PSU Output Ability POE+ Powe r T urn- on Limitation Max. PSUs Output Ability POE+ Pow er T u rn-o n Li mita tion N3024P 110W 715W P ower budge t is 550W : The tota l POE supp lied pow er must n[...]

  • Página 115

    Hardware Overview 115 Dell Networking N4000 Series Switch Hardware NOTE: PowerCon nect 8100 has been renamed N4000. Both PowerC onnect 8100 and N4 000 can ru n firmwar e versio ns 6.1 and be yond. N4000 can not run fir mware prior t o version 6.1. This section contains in format ion about device charact eristics and modular hardwar e configurations[...]

  • Página 116

    116 Hardware Overview Figure 3-15. N4024 Fro nt Panel Figure 3-16. N4024F Front Panel N4032 and N4032F switches ca n be sta cked w ith other N 4000 swit ches using 10G or 40G SFP+ or QSFP modules in the module bay . The N4064 fr ont panel provides 64 x 10GbE copper po rts and two fixed QSFP po rts, each suppo rting 4 x 10 G or 1 x 40G connecti ons.[...]

  • Página 117

    Hardware Overview 117 Figure 3-17. N4064 Front Pa nel Figure 3-1 8. N 4064F Front Panel The N4064 a nd N4064F switches can be stack ed with o ther N4000 switches using the 10G or 40G SFP+ or Q SFP modules in the modul e bay or fix ed QSFP po rts. Hot-Pluggable Interface Modules The N4032, N4032F , N4064, and N4 064F switches support the following h[...]

  • Página 118

    118 Hardware Overview A reboo t is necessary when a hot-plugg able module is repl aced with a module of different t ype. Specifically , changing from a 40 G module to a 10G module or from a 10G module to a 40G module requir es a r eboot. Plug-in modules with any p ort configur ed as a stack ing port are not hot-swappable. Remove the stack-port conf[...]

  • Página 119

    Hardware Overview 119 10GB ase-T Coppe r Up link Modu le The 10GBase - T copper modul e featur es four co pper ports t hat can s upport 10GbE/1GbE/1 00MbE switching and p rovides following feat ures: • Com plies with IEEE802 .3z, IEE E 802.3, IEEE802.3 u, IEEE 802.3ab, IEEE80 2.3az, IEEE8 02.3an • F our 10GB ase- T /1GBase- T/100M Base- T co pp[...]

  • Página 120

    120 Hardware Overview • V entilation Sy stem The following image show the back panel of the N4 000 series switches. Figure 3-19. N4000 Series B ack Panel Conso le Por t The console port is for management th rough a serial interface. This port provides a dir ect connection to the switch and allows you to access the CLI from a console terminal conn[...]

  • Página 121

    Hardware Overview 121 V entilation System The N4000 series switches ha ve two fans . Each switch al so has four thermal sensors and a fan sp eed controller , which can be used to control F AN spee ds. Y ou can verify operation by observing the LEDs. LED Definitio ns This secti on describes the LEDs on the fron t and back panels o f the switch. Port[...]

  • Página 122

    122 Hardware Overview T able 3-1 6 shows the 100 /1000/1 0000Base- T port L ED definitions. Module Bay LEDs The f ollo wing table s desc ribe t he pu rpos e of each o f the m odul e bay L EDs when SFP+, 10GB ase- T , and QSF P modules are used. T able 3-16. 10 0/1000/10000Base-T Port Definitions LED Color Defini tion Link LED Off T here is no link.[...]

  • Página 123

    Hardware Overview 123 Out-o f-Ban d Ether net Mana gement Port LEDs T able 3-20 shows the LED definitions for the OOB Ethernet management port. System LEDs The system LEDs , located on the back panel, provide in formation about the power supplies, thermal conditions, and dia gnostics. T abl e 3-19. Q SFP Modu le LED Def initions LED Color D efiniti[...]

  • Página 124

    124 Hardware Overview T able 3-21 sho ws the Sys tem LED definitio ns for the N4 000 series switches. T able 3-21 . System LED Definitions—N40 00 Series Switche s LED Color Definition System Blinki ng blue The switch is boo ting Solid red A critical system error has occurred. Blinking red A noncritic al system error occurred (fan or power supply [...]

  • Página 125

    Hardware Overview 125 Switch MAC Addresses The swi tch alloc ates MAC add r esse s from the Vital P roduct Data info rmatio n stored locally in flash. MA C addresses ar e used as follows: Shown below are thr ee commands that dis play the MAC addresses used by the s witch: console#show system System Description: Dell Ethernet Switch System Up Time: [...]

  • Página 126

    126 Hardware Overview 1 System OK 42.0 43. 4 1 Main OK N/A N/A 04/06/2001 16:36:16 1 Secondary No Power N/A N/A 01/01/1970 00:00:00 USB Port Power Status: ---------------------- Device Not Present console#show ip interface out-of-band IP Address..................................... 10.27.21.29 Subnet Mask.................................... 255.255[...]

  • Página 127

    Using Dell Ope nManage Switc h Adminis trator 127 4 Using Dell Open Manage Switch Administrator This section describes how to use the Dell OpenManage Switch Administrator appl ication. The topics covered in this section include: • Ab out De ll OpenM anage Sw itch A dminis trator • Startin g the Application • Unders tanding t he Inte rface •[...]

  • Página 128

    128 Using Dell OpenM anage Switch Admin istrato r Starting the Applica tion T o access the Dell OpenMana ge Switch Administrator and log on to the switch: 1 Open a web browser . 2 Enter the IP add r ess of the switch in the ad dr ess bar and press <Enter>. F or informa tion about as signing an IP addres s to a switch, see "Setti ng the I[...]

  • Página 129

    Usin g Dell Ope nManage Switch Admi nistrat or 129 5 The Del l Ope nMa nage Switc h Admin istrat or home page displa ys. The hom e page is the Device Information page, which cont ains a graphical representation of the fr ont panel of the switch. F or more informa tion about th e home page, s ee "Device Information" on page 249. Understan [...]

  • Página 130

    130 Using Dell OpenM anage Switch Admin istrato r Figure 4-2. Switc h Adminis trator Compon ents Naviga tion Pane l Page T a bs Links Save, Print, R efresh, Help Confi guratio n and Sta tus Opti ons Command Button[...]

  • Página 131

    Usin g Dell Ope nManage Switch Admi nistrat or 131 Using the Sw itch Administ rator Bu ttons and Link s T ab le 4-2 descr ibes t he but tons and li nks a vail able f rom the Dell Open Man age Switch Admini strator interface. T a ble 4-2. Button and Li nk Descriptio ns Button or Link Desc riptio n Support Opens the Dell Support page at support.dell.[...]

  • Página 132

    132 Using Dell OpenM anage Switch Admin istrato r Defining Fields User -defined fields can contain 1 – 159 characters, unless otherwise noted on the Dell OpenMa nage Switch Administrator web pa ge. All characters may be used ex cept for the following: • •/ •: •* •? •< •> •| Understanding the Device View The Device View show[...]

  • Página 133

    Usin g Dell Ope nManage Switch Admi nistrat or 133 Using the Devi ce View Swit ch Locator Fea ture The Device Vi ew graphic includes a Lo cat e button and a drop -down menu of timer sett ings. When yo u click Loc at e , the switch locato r LED on the back panel of the switch blinks for the numbe r of seconds sel ected from the timer menu. The green[...]

  • Página 134

    134 Using Dell OpenM anage Switch Admin istrato r[...]

  • Página 135

    Usin g the Command -Line I nterfa ce 135 5 Using the Command-Lin e Interface This section describes how to use the Command-Line Interface (CLI) on a Dell Netw orking N2000, N3 000, and N4000 series swit ches. The topics covere d in this section include: • Acc essing t he Sw itch T hrough the CL I • Unders tanding Comman d Modes • Enter ing CL[...]

  • Página 136

    136 Usin g the Command -Li ne In terface 2 Start the t erminal emulator , such as Microsoft Hyp erT erminal , and selec t the appropriate seria l port (for e xam ple, COM 1) to connect to the console. 3 Confi gur e the manage ment sta tion ser ial po rt with th e foll owing setting s: • Dat a rate — 9600 baud. • Dat a form at — 8 data b its[...]

  • Página 137

    Usin g the Command -Line I nterfa ce 137 Y ou can also ini tiate a T elnet sessi on from the Ope nManage Switch Administrator . F or more information, see "Initiating a T elnet Session from the W eb I nterface " on page 2 88. Understan ding Command Mode s The CLI groups commands into modes accor ding to the command function. Each of the c[...]

  • Página 138

    138 Usin g the Command -Li ne In terface T able 5-1. Comm and Mod e Overv iew Command Mo de Access Meth od Command P rompt Exit or A ccess Prev ious Mode User EXEC The u ser is automatically in User EXEC mode unl ess the user i s defi ned as a privil eged user . console> logout P rivileged EX EC F rom User EXEC mode, enter the enable command con[...]

  • Página 139

    Usin g the Command -Line I nterfa ce 139 Enterin g CLI Commands The switch CLI uses several techniques to help you enter commands. Using the Quest ion Mark to Get Hel p Enter a question mark (?) at t he command prompt to display the commands available in the current mode. console(config-vlan)#? exit To exit from t he mode. help Display help f or va[...]

  • Página 140

    140 Usin g the Command -Li ne In terface If there are no additional command keyw ords or parameters, or if additional parameters are op tional, t he following mess age appears i n the out put: <cr> Press ente r to execute the command. Y ou can also enter a question mark (? ) after typing one or more characte rs of a word to list the available[...]

  • Página 141

    Usin g the Command -Line I nterfa ce 141 Command Outpu t Paging Lines are printed on the screen up to the configured terminal length limit (default 24). Use the space bar to show the next page of output or the carriage return to show the next line of out put. Setting the termi nal length to zero disables paging. Command output displays until no mor[...]

  • Página 142

    142 Usin g the Command -Li ne In terface T able 5-3. History Buf fer Navigation Keyw ord Sourc e or Destina tion Up-arrow key <Ctrl> +<P> Recalls c ommands in t he history buffer , beginning with the most recent command. Repeat s the key sequence to r ecal l successive ly older commands. Down-arrow ke y <Ctrl> +<N> Return s [...]

  • Página 143

    Default Setting s 143 6 Default Settings This secti on describes the de fault settings fo r many of the softwar e featur es on the Dell Networking series sw itches. T able 6- 1. Default Settin gs Feature D efault IP addr ess None Subnet mask None Default gateway None DHCP client Enabled on out-of -band (OOB) interface. VLAN 1 Me mbers All sw itch p[...]

  • Página 144

    144 Defaul t Settings SNMP T raps Enabled Au to Conf igura tion Enab led Aut o S av e Di sa bl ed Stacking Enabled Nonstop F orwarding on the Stack Enabled sFlo w Enabled ISDP Enabled (V ersions 1 and 2) RMON Enabled T ACACS+ Not configured RAD I US N ot co nf i g ure d SSH/SSL Disabl ed T elnet En abled Denial of Service Protection Disabled Captiv[...]

  • Página 145

    Default Setting s 145 Auto-MDI/MDIX Support Enabled Aut o N eg ot ia ti on En ab le d Advertised P ort Speed Maximum Capacity Broadcast Storm Control Disabled P or t Mirroring Disabled LLDP Enabled LLDP -MED Dis abled MAC T able Ad dress Aging 300 s econds (Dyna mic Addresse s) Cisco P rotocol F iltering (LLPF) No protocols ar e blocked DHCP Layer [...]

  • Página 146

    146 Defaul t Settings Routing Mode Disabled OSPF Admin Mode Enabled OSPF R outer I D 0.0. 0.0 IP Helpe r and UDP Re lay Ena bled RIP Enabled VRRP Disabled T unnel and Lo opback Interf aces None IPv6 Routin g Disa bled DHCPv6 Disabled OSPFv3 Enabled DiffServ Enabled Aut o V oI P Di sa bl ed Aut o V o IP T r aff i c Cl as s 6 PFC Disabled; no cl assi[...]

  • Página 147

    Settin g Basic Netwo rk Informatio n 147 7 Setting the IP Address and Ot her Basic Network Information This chapter describ es how to config ure b asic network information for the switch, s uch as the IP address, subnet mas k, and default ga teway . The topics in this chapte r include: • IP Addr ess and Ne twork Inf ormatio n Overview • Defaul [...]

  • Página 148

    148 Setting Basic Network Informatio n Additionall y , this chapter des cribes ho w to view host name-to-IP address mappings that have been dynamically learned by the system. Why Is Ba sic Networ k Infor mation Needed? Dell Networking series switches are layer 2/3 managed switches. T o manage the switch re motely by using a web browser or T elnet c[...]

  • Página 149

    Settin g Basic Netwo rk Informatio n 149 Configuring the DNS information, default domain name, and host name mapping hel p the switch identify and l ocate other devi ces on the netwo rk and on the Inte rnet. F or example, to upgrad e the switch software by using a TFTP server on the network, you must identify the TFTP server . If you configure the [...]

  • Página 150

    150 Setting Basic Network Informatio n switch, for exa mple T elnet, SSH, DHCP client, and TFTP . If using the out-of- band management port, it is strongly r ecommended that the port be connected only to a physically i s olated secure management network. Alternati vely , n etwork administra tors may choose t o manage their net work via the producti[...]

  • Página 151

    Settin g Basic Netwo rk Informatio n 151 transm itted fr om the s witch w ith the DF (Don' t F ragment) b it set i n or der to receive notification of f ragmentation fr om any tr ansi t route rs. Up on rece ivi ng an ICMP Destination Unreachab le, F ragmentation needed but DF set notification, the switch will r educe the MSS. However , many fi[...]

  • Página 152

    152 Setting Basic Network Informatio n Configuring Basic Network Information (W eb) This section provides information about the OpenManag e Switch Administrator pages for configuring and monitoring basic network information on the Dell Netwo rking N2000, N3000, and N40 00 series switche s. F or details abo ut the fields on a page, click at the to p[...]

  • Página 153

    Settin g Basic Netwo rk Informatio n 153 Figure 7-1. O ut of Band Interfac e T o enable the DHCP client and allow a DHCP server on your network to autom atically as sign the networ k informati on to the OOB int erface, select DHCP from the Protocol menu. If you statically assign the network information, make sure th e Protocol menu is set to None. [...]

  • Página 154

    154 Setting Basic Network Informatio n Figure 7-2. IP Interf ace Config uration (Default VL AN) Assigning Network Information to the Default VLAN T o assign an IP Addres s and subnet mask to th e default VLAN: 1 Fr o m t h e Interface men u, select V LAN 1 . 2 Fr o m t h e Rou ti ng Mo de fiel d, s ele ct Enable . 3 Fr o m t h e IP Address Configur[...]

  • Página 155

    Settin g Basic Netwo rk Informatio n 155 Route Entry Configurat ion (Switch Defaul t Gateway) Use the Route Entry Configuration page to co nfigur e the d efault gateway for the switch. The default VLAN uses the switch de fault gateway as its default gateway . The switch default gateway must not be on the same subnet as the OOB management port, as t[...]

  • Página 156

    156 Setting Basic Network Informatio n Configuring a Default Gateway for the Switch: T o configure the switch default gateway : 1 Open the Route Ent ry Configuration page. 2 Fr o m t h e Rou te T y pe fiel d, s ele ct De fault . Figure 7-4. Default Route Config uration (Defau lt VLAN) 3 In the Next Hop IP Addres s field, enter th e IP address of th[...]

  • Página 157

    Settin g Basic Netwo rk Informatio n 157 Domain Name Server Use the Domai n Name Serve r page to configure the IP address of the DNS server . The switch uses the DNS server t o translate hostnames into IP addr esses. To d i s p l a y t h e Domain Na me Ser ver page, cl ick System → IP Addressing → Domain Na me Ser ver in the navigation panel. F[...]

  • Página 158

    158 Setting Basic Network Informatio n Default Domai n Name Use the Defau lt Domai n Name page to configure the domain name the switch adds to a local (unqualified) hostname. To d i s p l a y t h e Default Domain Name page, cli ck System → IP Addressing → Default Domain Name in the navigation panel. Figure 7 -7. Default Domain Name[...]

  • Página 159

    Settin g Basic Netwo rk Informatio n 159 Host Name Mapping Use the Host Name Mapping page to as sign an IP addr ess to a static host name. The Host N ame Mapping page pr ovides on e IP addr ess per hos t. To d i s p l a y t h e Host Name Mappi ng page, click System → IP Addressing → Host Nam e Mapping. Figure 7-8. Host Name Mappin g T o map a h[...]

  • Página 160

    160 Setting Basic Network Informatio n Dynamic Host Name Mappi ng Use the Dyna mic H ost Na me Mappi ng page to view dynamic host entries the switch has learned. The switch learns hosts dy namically by using the configured DNS server to resolve a hostname. F or example, if you ping www .dell.com from the CLI, the swit ch us es t he DN S se rver to [...]

  • Página 161

    Settin g Basic Netwo rk Informatio n 161 Configuring Ba sic Network Information (CLI) This section provides information about the commands you use to configure basic networ k information on the Dell Netw orking N200 0, N3000, a nd N4000 series switches. F or more information about thes e commands, see the Dell Networki ng N2000, N30 00, and N4000 S[...]

  • Página 162

    162 Setting Basic Network Informatio n Managing DHCP Leases Beginning in P rivileged EXEC mode, use the following commands to manage and troubleshoot DHCP leases on the switch. CTRL + Z Exit to Privil eged EXEC mod e. show ip interface vlan 1 Disp lay netw ork informati on for VLAN 1. Command Pu rpose show dhcp lease interface [ interfac e ] Disp l[...]

  • Página 163

    Settin g Basic Netwo rk Informatio n 163 Configuri ng Static Net work Information on the OOB Port NOTE: N2000 s witches do no t have a n out -of-band interface . Beginning in P rivileged EXEC mode, use the following commands to configure a static IP addres s, subnet mask , and default gate way on the OOB port. If no default gateway is configur ed, [...]

  • Página 164

    164 Setting Basic Network Informatio n Static IP sub nets on inband ports (configured on switch VLANs ) may not overlap with the OOB port subnet. If configuring management access on the front-panel po rts, it is r ecomended that: • A VLAN other than the defaul t VLAN be used to avoid attack vectors enabled by in correc t cablin g. • Both ACLs a[...]

  • Página 165

    Settin g Basic Netwo rk Informatio n 165 Command Purpo se configure Enter Global Configuration mode. ip domain-lookup Enabl e IP DNS- based h ost na me-to-addr ess transla tion. ip name-ser ver ip_add ress Enter the IP addres s of an available n ame server to use to r esolve ho st names and IP ad dres ses. Y ou can speci fy up to si x DNS se rvers.[...]

  • Página 166

    166 Setting Basic Network Informatio n Basic Network Information Configuration Example In this e xample, an admi nistrator at a D ell office in California decide s not to use the Del l Easy Se tup W izard to perfor m the initia l switch co nfigurat ion. The administrato r configur es a Dell Net working N2000, N3000, and N4000 series sw itches to ob[...]

  • Página 167

    Settin g Basic Netwo rk Informatio n 167 4 View the network informa tion that the DHCP server on the network dynami cally assigned to the switch. console# show ip interface out-of-band IP Address........................ 10.27.22.153 Subnet Mask...................... 255.255.255.0 Default Gateway.................. 10.27.22.1 Protocol Current........[...]

  • Página 168

    168 Setting Basic Network Informatio n[...]

  • Página 169

    Man aging QS FP Ports 169 8 Managing QSFP Ports QSFP ports available on N4 000 series switches can op erate in 1 x 40G mode or i n 4 x 1 0 G m o d e. A pp r op ri a te ca b le s mu s t b e us e d t ha t ma t ch t he s el ec te d mode. When changing from one mod e to another , a switch reboot is requir ed. The QSFP port s al so sup por t sta cki ng [...]

  • Página 170

    170 Managi ng QS FP Port s T o change a 4 x 10G port to 1 x 40G mode, enter the following commands on the 40-gigab it interface: console(config)#interface Fo2/1/1 console(config-if-Fo2/1/1)#hardware profile portmode 1x40g This command will not take effect until the switch is rebooted. console(config-if-Fo1/1/2)#do reload Are you sure you want to re[...]

  • Página 171

    Managi ng a S witch Stack 171 9 Managing a Switc h Stack This chapter describes how to configur e and manage a stack of switches. The topics covered in t his chapter include: • Stacking Overview • Defau lt Stac king V alues • M anag ing and Mon itorin g the S tack ( W eb) • M anag ing the Stack (CL I) • Stackin g and NSF Usage Scenari os [...]

  • Página 172

    172 Managi ng a S witch Stack stack ed using any port as long as the li nk bandwidth for para llel stacking links is the same. In other words, all the port types on the N4 000 series switches can be used for stacking. Additional stacking connectio ns can be made between a djacent sw itch units to i ncr ease the stacking ba ndwidth provided that all[...]

  • Página 173

    Managi ng a S witch Stack 173 and switch softwar e, and propagate s changes to the member units . T o manage a stack using the serial interfac e, you must connect to the stack master via the connect command or by physically connecting the cable to the stack mast er . A second switch is designated as the standby unit, which b ecomes the master if th[...]

  • Página 174

    174 Managi ng a S witch Stack Figur e 9-1. Conn ecting a Stack of Sw itches The stack in F igur e 9-1 has the follow i ng physical connections between the switches: • The lowe r stacking port on U nit 1 is conn ected to the upper stacking port on Unit 2. • The lowe r stacking port on U nit 2 is conn ected to the upper stacking port on Unit 3. ?[...]

  • Página 175

    Managi ng a S witch Stack 175 series sw itches. Li kewis e, Dell Networ king N3000 se ries swit ches only stac k with other De ll N3000 serie s switches. Dell Networking N4000 s eries switche s stack wi th other Dell N etworking N4000 series sw itches. How is the Stack Ma ster Selected? A stack master is elected or re-elected based on the following[...]

  • Página 176

    176 Managi ng a S witch Stack • If th e switch you add does not have an assi gned uni t number , then th e switch s ets it s configur ed unit number to the lowe st unassi gned unit number . • If the unit number is configured and there are no other devices using the unit numb er , then the switch starts using the configured unit num ber . • If[...]

  • Página 177

    Managi ng a S witch Stack 177 Y ou can pre configur e information about a stack member and its ports be fore you add it to the stack. The preconfiguration takes place on the stack master . If there is saved configurat ion informat ion on the stack master for the newly added unit, the stack master applies the configuration to the new unit; oth erwis[...]

  • Página 178

    178 Managi ng a S witch Stack Upgrading the firmwar e on a stack of s witches is the same as upgrading t he firmware on a single switch. After you down load a new imag e by using the F ile Download page or co py command, the downloaded image is distributed to all the connected units of the stack. F o r mor e information about downloading and instal[...]

  • Página 179

    Managi ng a S witch Stack 179 on the stack master . This type of operation is called nonstop forwar ding. When the s tack master fails, o nly the switch ASIC s on the stack ma ster need to be restar ted. T o prevent adjacent networking devices from re routing traffic around the restarting device, the NSF feature uses the following three techniques:[...]

  • Página 180

    180 Managi ng a S witch Stack storage allo ws an applicat ion on a st andalone unit to r etain it s data across a restart, but s ince the amoun t of storage i s limited, pe rsistent st orage is not always pract ical. The NSF checkpoint s ervice allows the stack master to co mmunicate certain data to th e backup unit i n the stack. W hen the stac k [...]

  • Página 181

    Managi ng a S witch Stack 181 Switch Stack MAC Addre ssing and Stack Design Conside rations The switch stack uses the MAC addr esses assigned to the stack master . If the backup unit assumes control due to a stack master failur e or warm restart, the backup unit continues to use the original stack master ’s MA C addresses. T his reduces the amoun[...]

  • Página 182

    182 Managi ng a S witch Stack surviving unit. When a unit fail s, the forwarding plane of surviving units removes LAG membe rs on th e failed uni t so that i t only fo rwards traffic onto LAG members that r emain up. If a LAG i s left with no active members, the LAG goes down. T o prevent a LAG from going down, configur e LAGs with members on multi[...]

  • Página 183

    Managi ng a S witch Stack 183 two fixe d stacking ports in the r ear of the switch. Stacking on Ethernet ports is not sup ported. The fixed st acking por ts show as T we ntygigab itStackin g and ar e abbreviat ed T w . NSF is enabled by default. Y ou can disable NSF to redirect the CPU r esources consumed by data checkpointing. Chec kpointing only [...]

  • Página 184

    184 Managi ng a S witch Stack Managing a nd Monitoring the Stack (W eb) This section provides information about the OpenManag e Switch Administrator pages for configuring and monitoring stacking on a Dell Networki ng N2000, N3000, and N40 00 series s witches. F or details abo ut the fields on a page, click at the top of the page. Unit Confi guratio[...]

  • Página 185

    Managi ng a S witch Stack 185 Chan ging th e ID or Switc h T y pe for a Stac k Membe r T o change the switch ID or type: 1 Open the Unit Configurat ion page. 2 Cli ck Add to dis play th e Add Unit pag e. Figure 9-3. Add Remo te Log Serv er Settin gs 3 Specify the swit ch ID, and select the m odel num ber of the switch. 4 Cli ck Apply . Stack Summar[...]

  • Página 186

    186 Managi ng a S witch Stack Stack Firmwar e Synchroniz ation Use the Stack F irmwa re Synchronizatio n page to control whether the firmwar e image on a new stack memb er can be automat ically upgraded or downgraded to match the firmware image of the stack master . To d i s p l a y t h e Stack F irmw are Synchronization page, click System → Stac[...]

  • Página 187

    Managi ng a S witch Stack 187 Supported Swit ches Use the Supported Switches pa ge to view info rmat ion regarding each typ e of supp ort ed swit ch f or stac kin g, and information r egarding the supported switches. To d i s p l a y t h e Supported Switches page, cl ick System → Stac k Managem ent → Supported Switches in the n avigation panel.[...]

  • Página 188

    188 Managi ng a S witch Stack Stack Port Summary Use the Stack P ort Summary page to configur e the stack-port mode and to view information a bout the stackab le ports. This sc r een displays the unit, the stackable interface, the configur ed mode of the interface, the running mode as well as the link stat us and link sp eed of the stack able port.[...]

  • Página 189

    Managi ng a S witch Stack 189 Stack Port Coun ters Use the Stack P ort Counters page to view t he transmitted and r eceived statistics, including data rate a nd error rate. To d i s p l a y t h e Stack P ort Counters page, clic k System → Stack Manage ment → Stack P oint C ounters in the navigation panel. Figure 9-8. Stack Port Co unters Stack [...]

  • Página 190

    190 Managi ng a S witch Stack NSF Summary Use the NSF Su mma ry page to chang e the administrat ive status of the NSF feature and to view NSF info rmation. To d i s p l a y t h e NSF Summary page, click System → Stack Mana gement → NSF Summary in the navigation panel. Figure 9-9. NSF Summary T o cause the maser unit to failover to the standby u[...]

  • Página 191

    Managi ng a S witch Stack 191 Checkpoint Statis tics Use the Checkpoint Statistics page to view information about che ckpoint mess ages genera ted by t he sta ck mast er . To d i s p l a y t h e Checkpoint Statistics page , clic k System → Stack Managem ent → Checkpoint Statistics in the na viga tion p anel. Figure 9- 10. Checkpoint Statis tics[...]

  • Página 192

    192 Managi ng a S witch Stack Mana ging the S tack (CLI) This section provides information about the commands you use to manage the stack and view information about the s witch stack. F or more information about the se commands, see the Dell Ne tworking N2000, N 3000, and N4000 Series S witches CLI Reference Guide at supp ort .dell. com/ manuals . [...]

  • Página 193

    Managi ng a S witch Stack 193 member unit SID Add a swi tch to the stack and specify the model of t he new stack member . • unit - The switch unit ID • SID - Th e inde x into t he da tabase of the su pporte d switch types, indic ating the type of the swi tch being prec onf igu red. Note : Member co nfigurati on disp layed i n the running config[...]

  • Página 194

    194 Managi ng a S witch Stack V iewing and Cl earing S tacking a nd NSF In formation Beginning in P rivileged EXEC mode, use the following commands to view stacking informat ion and to clear NSF st atistics. Command Pu rpose show switch [ stack- member -number] View information about all stack members or the specified member . show switch stack- st[...]

  • Página 195

    Managi ng a S witch Stack 195 Stacking and NSF Usage Sc enario s Only a fe w settings a re avai lable to co ntrol the st acking configurat ion, such as the designation of the s tandby unit or enabling/disab ling NSF . The examples in this section de scribe how the s tac king and NSF featur e act in various environments. This section contains the fo[...]

  • Página 196

    196 Managi ng a S witch Stack When all four units ar e up and running, the show switch CLI command gives the fo llow ing ou tput: console# show switch At this point, if Unit 2 is power ed off or reboot ed due to an unexpected failure, show switch gives the following outp ut: console# show switch When the failed unit resumes normal op eration, the p[...]

  • Página 197

    Managi ng a S witch Stack 197 Preconfig uring a Stack Member T o preconfigure a stack member before connecting the phys ical unit to the stack, use the show suppo rt switchtype co mmand to obtai n the S ID of th e unit to be added. The examp le in this section demonst rat es pre-configuring a Dell Networking switch on a stand-alone Dell Netw orking[...]

  • Página 198

    198 Managi ng a S witch Stack 2 Pr econ figur e the swit ch (SID = 2) as member num ber 2 in the stack. console# configure console(config)# stack console(config-stack)# member 2 2 console(config-stack)# exit console(config)# exit 3 Confirm th e stack configuration . Some of the fi elds have be en omitted from the f ollowi ng output due to space lim[...]

  • Página 199

    Managi ng a S witch Stack 199 NSF in the Data Cent er F igure 9-12 illustrates a data center scenar io , where the stack of two Dell Networki ng switches acts as an acces s switch. The access switch is connected to two aggregation switches, AS1 and AS 2. The stack has a link from two different unit s to each aggregation swit ch, with each pair of l[...]

  • Página 200

    200 Managi ng a S witch Stack NSF and V oIP F igure 9-13 shows how NSF mai ntains e xisting voice calls during a stack master fai lure. Assume the top uni t is the stack master . When the st ack master fails, the call from phone A is immediately disconnected. The call from phone B continues. On the uplink, the forwarding plane r emoves the failed L[...]

  • Página 201

    Managi ng a S witch Stack 201 NSF and DHCP Snooping F igure 9-14 illustrates an L2 access switch running DHCP snooping. DHCP snooping only acce pts DHCP serv er messages on ports configured as trus ted ports. DHCP snooping listens to DHCP messages to build a bindings database t hat lists t he IP addr ess the D HCP server has assigned to each host. [...]

  • Página 202

    202 Managi ng a S witch Stack If a host is in the middle of an ex change with the D HCP server when the failover occurs, the ex change is interrupte d while the control plane restarts. When DHCP snooping is enabled, t he hardwar e traps all D HCP packets to the CPU. The control plane drops these packets during the restart. The DHC P cli ent an d se[...]

  • Página 203

    Managi ng a S witch Stack 203 Figure 9-15. NSF an d a Storag e Area Netw ork When the stack master fails, session A drops. The initiator at 10.1. 1.10 detect s a link down on its pri mary NIC and a ttempts to reesta blish the session on its backup NIC to a different IP address on the disk array . The hardware forwards the packets to establi sh this[...]

  • Página 204

    204 Managi ng a S witch Stack NSF and Ro uted A ccess F igure 9-16 shows a s tack of thr ee units s erving as an access router for a se t of hosts. T wo LAGs connect the stack to tw o aggregation routers. Each LAG is a member of a VLAN routing interfa ce. The stack has OSPF and PIM adjacencies with each of the aggregation routers. The top unit in t[...]

  • Página 205

    Managi ng a S witch Stack 205 JOIN messages up stream. The control plane updat es the driver wit h checkpointed unicast routes. Th e forwar ding plane reconciles L3 hardwar e table s. The OSPF grac eful r estart finishes, and the contro l plane deletes any stal e unicast routes not r elearned at this poin t. The forwar ding plane reconcil es L3 mul[...]

  • Página 206

    206 Managi ng a S witch Stack[...]

  • Página 207

    Configu ring Authe nticati on, Autho rization , and Accoun ting 10 Configuring Authentication, Authorization, and Accounting This chapter describes how to control access to the switch manag ement interface using aut henticati on and auth orizat ion. It also describes how to recor d this access using accounting. T ogether the three services ar e ref[...]

  • Página 208

    208 Confi gurin g Authe nticati on, Aut hori zation , and Acco unting Each service is configured usi ng method lists. The method lists define how each service is to be performed by specifying the methods available to perform a service. The first method in a list is t ried first. If the fir st method returns an error , the next method in the list is[...]

  • Página 209

    Configu ring Aut henticati on, Author ization , and Acco unting 209 Methods that never return an error ca nnot be followed by any other me thods in a method list. •T h e enable method uses the enable password. If there is no enable password defined, then the enable method will r eturn an error . •T h e ias me t hod i s a sp ec ia l m et ho d th[...]

  • Página 210

    210 Confi gurin g Authe nticati on, Aut hori zation , and Acco unting The methods avail able for authenticati on ar e: host-based auth entication, publi c key authentic ation, chal lenge-respon se authenti cation, an d password authen tication. Authenti cation met hods are tried in the order sp ecifie d above, although SSH-2 has a configuration opt[...]

  • Página 211

    Configu ring Aut henticati on, Author ization , and Acco unting 211 Authentication Aut henti cati on is th e proce ss of valida ting a u ser 's iden tity . During the authentication process, only identity va lidation is done. Ther e is no determination made of which swit ch services the user is allowed to access. This is true e ven when R ADIU[...]

  • Página 212

    212 Confi gurin g Authe nticati on, Aut hori zation , and Acco unting Authorization Authorizat ion is used to determine which services the user is allowed to access. F or example, the autho rization process may assign a user ’s privil ege level, which det ermines the set o f commands the user can execute. There are three kinds of authorization: c[...]

  • Página 213

    Configu ring Aut henticati on, Author ization , and Acco unting 213 Administrative Profiles The Administrative Profiles feature allows the netwo rk administra tor to define a list of rules that control the CLI commands available to a user . These rules are collect ed in a “profile.” The ru les in a profile can define the set of commands, or a c[...]

  • Página 214

    214 Confi gurin g Authe nticati on, Aut hori zation , and Acco unting Accountin g Accounting is used to r ecord security events, such as a user logging in or ex ecuting a command. Accounting re cords may be sent upon completion of an event (stop-only) or at bot h the beginning and end of an event (start- stop). Ther e are thr ee types of accounting[...]

  • Página 215

    Configu ring Aut henticati on, Author ization , and Acco unting 215 Authenticatio n Examples It is important to understand that during a uthentication, all that happens is that the user is validated. If any attribut es are r et urned from the server , they are not processed during a uthentication. In t he examples below , it is assumed that the def[...]

  • Página 216

    216 Confi gurin g Authe nticati on, Aut hori zation , and Acco unting •T h e pass words stre ngth mini mum num eric -cha racte rs 2 command s ets the mi nimum nu mber of numer ic char acters r equir ed whe n passwor d strength checking is enabled. T his param eter is enabled only if the password s strength mini mum chara cter -class es parameter [...]

  • Página 217

    Configu ring Aut henticati on, Author ization , and Acco unting 217 T ACACS+ Authentication Exa mple Use the fo llowing configurat ion to require T ACACS+ authe ntication when log gin g in ov er a T el net connec tio n: aaa authentication login “tacplus” tacacs aaa authentication enable “tacp” tacacs tacacs-server host 1.2.3.4 key “secret[...]

  • Página 218

    218 Confi gurin g Authe nticati on, Aut hori zation , and Acco unting Public Key SSH Aut henticati on Example The following is an example of a publ ic ke y configuration for SSH login. Using a too l such as putty and a private/pub lic key infra structur e, one can enable secur e log in to th e Dell Networki ng switc h witho ut a pa sswor d. Instead[...]

  • Página 219

    Configu ring Aut henticati on, Author ization , and Acco unting 219 The crypto key pub key -chain s sh comm and sets SSH to us e a pub lic k ey for the specified adminis trator login. The user login is specif ied by the username command, not the ias-user command. The key- string command enters the public k ey obta ined from a k ey aut hority or fro[...]

  • Página 220

    220 Confi gurin g Authe nticati on, Aut hori zation , and Acco unting PUTTY Configuration Main Sc ree n On the foll owing scree n, the IP addr ess of th e switch is configur ed and SSH i s selected as the secure login protocol.[...]

  • Página 221

    Configu ring Aut henticati on, Author ization , and Acco unting 221 On the next scr ee n, P UTTY is configured to use SSH-2 only . This is an optional step that accelerates the login process.[...]

  • Página 222

    222 Confi gurin g Authe nticati on, Aut hori zation , and Acco unting The following screen is the key to the co nfiguration. It is set to displ ay the authen tication banner , disabl e authenti cation with P agea nt, disable keyboa rd- interactive authent ication (unless desired), disable attempte d changes of user name, and sel ect the priv ate ke[...]

  • Página 223

    Configu ring Aut henticati on, Author ization , and Acco unting 223 The following screen configur es the user name to be sent to the switch. A user name is always requir ed. Alternatively , leave Auto-log in name blank and the system will prompt for a use r name.[...]

  • Página 224

    224 Confi gurin g Authe nticati on, Aut hori zation , and Acco unting After configuring P utty , be sure to sav e the configuration. The following scre en shows the r esult of the l ogin process. The user name is enter ed automatically and the swit ch confirms that public k ey authentication occurs.[...]

  • Página 225

    Configu ring Aut henticati on, Author ization , and Acco unting 225 Authenticating Without a Public Key When aut henticating wi thout the pub lic key , the sw itch promp ts for the user name and passwor d. This is a SSH function, not a switch function. If the user knows the admini strator login and password, then they are able to authenti cate in t[...]

  • Página 226

    226 Confi gurin g Authe nticati on, Aut hori zation , and Acco unting •T h e aaa authent ication login “r ad” radius command crea tes a login authen tication list call ed “rad” t hat contain s the method ra dius. If this method r etur ns an erro r , the user will f ail to log in. •T h e aaa authen tication enable “raden” radius comm[...]

  • Página 227

    Configu ring Aut henticati on, Author ization , and Acco unting 227 Authoriza tion Examples Autho rization allows the administrator to control which services a user is allowed to access. Some of the things that ca n be controlled with authorizati on include the user's init ial privilege le vel and which commands the user is allowed to ex e cut[...]

  • Página 228

    228 Confi gurin g Authe nticati on, Aut hori zation , and Acco unting •T h e aaa author ization ex ec “tacex” t acacs command cr eates an e x ec authoriza tion method list cal led tace x which contains the method t acacs. •T h e authorizat ion exe c tacex command assi gns the tacex e xec authorizati on method list to be used for users acces[...]

  • Página 229

    Configu ring Aut henticati on, Author ization , and Acco unting 229 T ACACS+ Authorization Exa mple—Custom Adminis trative P rofile This examp le creates a custom profile that al lows the user to control user access to the switch by configuring a a d minis trative profile that only allows access to AAA r elated commands. Use the following command[...]

  • Página 230

    230 Confi gurin g Authe nticati on, Aut hori zation , and Acco unting stri ng at the be ginning of a line , the peri od (.) matc hes any s ingle charact er , and th e asteris k (*) repe ats the pr eviou s match zero or more times . • T o assign this profile t o a user , configure the T ACACS+ server so that it sends the following “roles” attr[...]

  • Página 231

    Configu ring Aut henticati on, Author ization , and Acco unting 231 profiles and per -command authorization are configur e d for a use r , any comman d must be pe rmitted b y both the admini strative profile s and by per - com mand au thor izat ion . RADIUS Authori zation Example—Dir ect Login to Privi leged EXEC Mode Apply the following configur[...]

  • Página 232

    232 Confi gurin g Authe nticati on, Aut hori zation , and Acco unting RADIUS Authori zation Exampl e—Administrative Pr ofiles The switch should use the same configura tion as in the pr evious authorizati on example. The R ADIUS server should be configured such that it will send the Cisco A V P air attribute with the “roles” value. F or exampl[...]

  • Página 233

    Configu ring Aut henticati on, Author ization , and Acco unting 233 F or authenticating users prior to access, the R A DIUS standar d has become the protocol of choice by ad ministrators of larg e accessible netw orks. T o accomplish the authentication in a secur e manner , the RADIUS client and R ADIUS serve r must both be configured with the same[...]

  • Página 234

    234 Confi gurin g Authe nticati on, Aut hori zation , and Acco unting rej ects the user , it r eturns a negati ve r esult. If the server r ejects the clie nt or the s har ed secrets differ , the server returns no res ult. If the server requires additional verification from the user , i t r eturns a challenge, and the request process begins ag ain. [...]

  • Página 235

    Configu ring Aut henticati on, Author ization , and Acco unting 235 28 IDLE- TIMEOUT No No Y es 29 TER MINA TION- ACTION Y es No N o 30 CALLED-ST A TION-ID Y es No No 31 CAL LING-ST A TION-ID Y es No No 32 NAS-IDENT IFIER Y e s Y es No 40 A CCT -ST A TUS- TYPE Set by RA DI US clie nt fo r Account ing Ye s N o 42 A CCT -INPUT -OCT ETS Y es No No 43 [...]

  • Página 236

    236 Confi gurin g Authe nticati on, Aut hori zation , and Acco unting How Are RADIUS Attri butes Processed on the Switch? The following attributes are processed in the RADIUS Access-Accept message r eceived from a R ADIUS server : • NAS -PORT—ifInd ex of the p ort to b e aut hentica ted. • REPL Y -MESSAGE— T rigger to respond to th e Access[...]

  • Página 237

    Configu ring Aut henticati on, Author ization , and Acco unting 237 Using T ACACS+ Servers to Con trol Manage ment Access T ACACS+ (T e rminal Access Controller Access Control System) provides access control for networked devi ces vi a one or mor e centralized servers. T AC ACS+ simplif ies au thent icatio n by ma king u se of a singl e data base t[...]

  • Página 238

    238 Confi gurin g Authe nticati on, Aut hori zation , and Acco unting Y ou can configure each serv er host with a specific connection type, port, timeout, and shared k e y , or you can use global configuration for the ke y and timeo ut. The T ACACS+ server can do the authentication itself, or redir ect the request to another back-end device. All se[...]

  • Página 239

    Configu ring Aut henticati on, Author ization , and Acco unting 239 Default Configurations Method Lists The method lists shown in T able 10-7 ar e defined by default. They cannot be deleted, but they can be modified. Using the “no” command on these lists will return them to their default configuration. Access Lines (AAA) T able 10-8 shows the m[...]

  • Página 240

    240 Confi gurin g Authe nticati on, Aut hori zation , and Acco unting Access Lines (Non-AAA) T able 10-9 shows the default configuration of t he access lines that do not use met hod li sts. Administr ative Prof iles The administrative profiles shown in T able 10-1 0 ar e system-defined and may not be deleted or a ltered. T o see the rules in a prof[...]

  • Página 241

    Configu ring Aut henticati on, Author ization , and Acco unting 241 CP -admin Allows access to the Captive P ortal feature. network-operator Allows access to all User EXEC mode commands and show commands. T able 10 -10. Default Admin istrative Profiles (Continu ed) Name Description[...]

  • Página 242

    242 Confi gurin g Authe nticati on, Aut hori zation , and Acco unting[...]

  • Página 243

    Monito ring an d Logging Sy stem Inf ormatio n 243 11 Monitoring and Logging Syste m Information This chapter prov ides information abou t the features you use to monitor the switch, including logging, cable tests, and emai l alerting. The topics covered in this chapte r include: • Sys tem M onito ring Ov ervie w • Default Log Settings • Moni[...]

  • Página 244

    244 Monit oring and Lo gging Sy stem Inf ormatio n Why Is Sy stem Inf ormation Needed? The information the swi tch provides ca n help you troubleshoot issues that might be affe cting system performance. The cable diagnostics test help you troubles hoot problem s with the phy sical connections to the switch . Auditing access to t he switch and the a[...]

  • Página 245

    Monito ring an d Loggin g System Inf ormatio n 245 What Are the Severity Levels ? F or each local or remote log file, you can specify the severity of the mes sages to log. E ach severit y level is id entified by a name and a number . T able 11-1 provides information ab out the severity levels. When you specify the seve rity level, messages with tha[...]

  • Página 246

    246 Monit oring and Lo gging Sy stem Inf ormatio n T o view the log messa ges in the system st artup and operat ional log files, y ou must downloa d the log files to an administrat ive host. The s tartup log fi les are named slogX .txt a nd the o peratio n log files are named ologX .txt. When enabled, th e system stores the start up and opera tion [...]

  • Página 247

    Monito ring an d Loggin g System Inf ormatio n 247 • Stack ID —This is the assigned stack ID. F or the Dell Networking N2000, N3000, and N4000 se ries s witches , the stac k ID numbe r is alwa ys 1. The number 1 is used for sys tems without stacking ability . The top of stack is used to collect m essages for the entir e stack . • Component na[...]

  • Página 248

    248 Monit oring and Lo gging Sy stem Inf ormatio n Default Log Settings System logging is enabled, and me ssages are s ent to the console (severity level: warn ing and above), and R AM lo g (severity level: informational and above). Switch auditing, CL I command logging, W eb logging, and SNMP logging are disabled. By default, no messages are sent [...]

  • Página 249

    Monito ring an d Loggin g System Inf ormatio n 249 Monitoring S ystem Info rmation and C onfiguring Logging (W eb) This secti on provides information about the O penManage Switch Administrator pages to use to monitor system information and configure logging on the Dell Networking N2000 , N3000 , and N4000 series sw itches. F or deta ils abo ut the [...]

  • Página 250

    250 Monit oring and Lo gging Sy stem Inf ormatio n Figure 11-2. Stack View F or more information ab out the device view feat ures, se e "Understanding the Device View" on page 13 2.[...]

  • Página 251

    Monito ring an d Loggin g System Inf ormatio n 251 System Healt h Use the Health page to vi ew status informati on about the s witch power and ventilation sources. To d i s p l a y t h e Heal th page, click System → General → Health in the navigation panel. Figure 11 -3. He alth[...]

  • Página 252

    252 Monit oring and Lo gging Sy stem Inf ormatio n System Resour ces Use the System Resources page to vie w information about memory usage and task uti lization. To d i s p l a y t h e System Resources page, c lick System → General → System Reso urc es in th e navi gation pan el. Figure 11 -4. Syste m Resources[...]

  • Página 253

    Monito ring an d Loggin g System Inf ormatio n 253 Unit Power Usage Hist ory Use the Unit P ower Usag e His tory page to vie w inf orm atio n abou t swi tch power consumption. To d i s p l a y t h e Unit P owe r Usage Histor y page, cl ick System → General → Unit P ower Usage H istory in the navigation panel. Figure 1 1-5. Unit Power Usag e His[...]

  • Página 254

    254 Monit oring and Lo gging Sy stem Inf ormatio n Integ rated Cable T est for Copp er Cables Use the Integrated Cable T est for Copper Cables page to perf orm tests on copper cables. Cabl e testing provides information a bout where errors occurr ed i n the cable, the last time a cable test was performe d, an d the ty pe of cable error which occurr[...]

  • Página 255

    Monito ring an d Loggin g System Inf ormatio n 255 T o view a summary of all integra ted cabl e tests p erformed, cl ick the Show All link. Figure 1 1-7. Integr ated Cable T est Summa ry Optical T ransceiver Dia gnostics Use the T r ansceiv er Di agnost ics page to p erform te sts on Fiber Optic cables. To d i s p l a y t h e T ransce iver Diag nos[...]

  • Página 256

    256 Monit oring and Lo gging Sy stem Inf ormatio n Figure 11-8. T ransceiver Diagnostics T o view a summary of all opt ical transceive r diagnostics test s performed, click the Show All link. Figure 11-9. T ransceiver Diagnostics Summary[...]

  • Página 257

    Monito ring an d Loggin g System Inf ormatio n 257 Log Globa l Setti ngs Use the Global Settin gs page to enable logg ing globally , to enab le other types of logging. Y ou can also sp ecify the severity of m essages that are logged to the console, R AM log, and flash-based log file. The Severity table lists log messages from the highest severi ty [...]

  • Página 258

    258 Monit oring and Lo gging Sy stem Inf ormatio n RAM Log Use the RA M L o g page to view info rm atio n abou t spe cifi c RAM (ca che) log entrie s, including the time the log wa s entered, the log sev erity , and a description of the log. To d i s p l a y t h e RAM L og , click System → Logs → RA M L o g in the navigation panel. Figure 11 -1[...]

  • Página 259

    Monito ring an d Loggin g System Inf ormatio n 259 Log Fil e The Log F il e contains information about spec ific log entries , including the time the lo g was entered, the log se verity , and a descrip tion of the log . To d i s p l a y t h e Lo g F i le , click System → Logs → Lo g F il e in t he navi gation panel. Figure 11 -12. Log File Sysl[...]

  • Página 260

    260 Monit oring and Lo gging Sy stem Inf ormatio n Figure 11-13. Remote Lo g Server Addi ng a New Rem ote Lo g Server T o add a syslog serve r: 1 Open the Remote L og Ser ver page. 2 Click Add to displa y the Add R emote Log Server page. 3 Specify the IP addr ess or hostname of the remot e server . 4 Define the UDP P ort and Desc rip tion fields.[...]

  • Página 261

    Monito ring an d Loggin g System Inf ormatio n 261 Figure 11 -14. Add Remote L og Server 5 Select the severit y of the messages to send to the remote server . 6 Cli ck Apply . Click the Show All link to view or remove r emote log servers configured on the system. Figure 11 -15. Sh ow All Lo g Server s NOTE: When you sele ct a severi ty level , all [...]

  • Página 262

    262 Monit oring and Lo gging Sy stem Inf ormatio n Email Alert Global Confi guration Use the Email Ale rt Global Configurati on page to enable the emai l alerting feature and configur e global setting s so that syste m log messages can be s ent to from the switch to one or more emai l accounts. To d i s p l a y t h e Email Alert G loba l Config ura[...]

  • Página 263

    Monito ring an d Loggin g System Inf ormatio n 263 Figure 11-17 . Email Alert Mail Serve r Configuratio n Addin g a Mail Serv er T o add a mail server: 1 Open the Email Al ert Mail Server Con figurati on page. 2 Cli ck Add to dis play th e Email Alert Ma il Server Add page. 3 Specify th e hostname of the mail server . Figure 11-18. Add Mai l Server[...]

  • Página 264

    264 Monit oring and Lo gging Sy stem Inf ormatio n Figure 11-19. Show Al l Mali Servers Email Alert Subject Configur ation Use the Email Alert Subject Configuration page to configure the sub ject line for email alerts that are sent by the switch. Y ou can customize the subject for the message sev erity and entry status. To d i s p l a y t h e Email[...]

  • Página 265

    Monito ring an d Loggin g System Inf ormatio n 265 Figure 11 -21. View Email Al ert Subje cts Email Al ert T o Addre ss Confi guration Use the Em ail A lert T o A ddres s Co nfigu ratio n page to specify where the email alerts ar e sent. Y ou can configur e multip le recipients and a ssociate dif ferent me ssag e sever ity le vels with different r [...]

  • Página 266

    266 Monit oring and Lo gging Sy stem Inf ormatio n Figure 11 -23. View Email Aler t T o Addre ss Config uration Email Alert Statisti cs Use the Email Alert Statistics pa ge to view the numbe r of emails that were successfully and unsucce ssfully sent, and wh en emails wer e sent. To d i s p l a y t h e Email Alert Statistics page, c lick System →[...]

  • Página 267

    Monito ring an d Loggin g System Inf ormatio n 267 Monitoring S ystem Info rmation and Configuring Logging (CLI) This section provides information about the commands you use to configure information you use to monitor the Dell Netw orking N200 0, N3000, and N4000 series switches. F or more information about these comman ds, see the Dell Network ing[...]

  • Página 268

    268 Monit oring and Lo gging Sy stem Inf ormatio n Running Ca ble Diagn ostics Beginning in P rivileged EXEC mode, use t he following commands to run the cabl e diag nostic test s. show process cpu Di splay s the CPU utiliza tion for each process currently runn ing on the sw itch. NOTE: Cable diagno stics may give misle ading resu lts if gr een mod[...]

  • Página 269

    Monito ring an d Loggin g System Inf ormatio n 269 Configuri ng Local Loggi ng Beginning in P rivileged EXEC mode, use the following commands to configure the type of messages that are logged and where the messages are logged locally . Command Purpo se configure Enter Global Configuration mode. logging on Globally enables logging. logging audit Ena[...]

  • Página 270

    270 Monit oring and Lo gging Sy stem Inf ormatio n Configuri ng Remote Loggi ng Beginning in P rivileged EXEC mode, us e the following commands to define a remot e server to whi ch the switch se nds log messag es. show logging Displa ys the st ate of l ogging a nd the syslog m essages stor ed in th e interna l buff er . show logging file View i nfo[...]

  • Página 271

    Monito ring an d Loggin g System Inf ormatio n 271 Configuri ng Mail Server Se ttings Beginning in P rivileged EXEC mode, use the following commands to configure informat ion about the mail server (SMTP host) on the network that will init ially r eceive the email alerts from the switch and r elay them to the correct r ecipient. Command Purpo se con[...]

  • Página 272

    272 Monit oring and Lo gging Sy stem Inf ormatio n Configuri ng Email Alerts f or Log Messag es Beginning in P rivileged EXEC mode, use the following commands to configure email alerts so that log messages are sent to the specified address. Command Pu rpose configure Enter Glo bal Co nfigur atio n mode . logging email [ sever ity ] Enabl e email al[...]

  • Página 273

    Monito ring an d Loggin g System Inf ormatio n 273 logging email test mess age-t ype { urgent | non- urgent | b oth} message-body body Send a test ema il to the confi gured recipient to v erify that the featu re is properly configured. CTRL + Z Exit to Privileg ed EXEC mode. show logging email config Vi ew t he conf igur ed se tting s for email a l[...]

  • Página 274

    274 Monit oring and Lo gging Sy stem Inf ormatio n Logging Co nfigura tion Exampl es This section contains the following e xamples: • Configurin g Loca l and Remo te L ogging • Configurin g Email A lerting Configuri ng Local and Remot e Logging This e xample shows how t o enable switch a uditing and CLI command logging. L og mes sages with a se[...]

  • Página 275

    Monito ring an d Loggin g System Inf ormatio n 275 4 V erify the remote log se rver configuration. console# show syslog-servers IP Address/Hostname Port Severity Description ------------------------- ------ -------------- ---------- 192.168.2.10 514 debugging Syslog Server 5 V erify the loca l logging configuration and v iew the log messages stored[...]

  • Página 276

    276 Monit oring and Lo gging Sy stem Inf ormatio n Configuri ng Email Alerti ng The commands in this example define the SMTP server to use for sending email alerts. The mail server does not require authentication a nd uses the standar d TCP port for SM TP , port 25, which ar e the default values. O nly Emer gency m essa ges ( sev erity level 0) w i[...]

  • Página 277

    Monito ring an d Loggin g System Inf ormatio n 277 2 Configure the username a nd password that the switch m ust use to authen ticate with the ma il se rver . console(Mail-Server)# username switchN3048 console(Mail-Server)# password passwordN3048 console(Mail-Server)# exit 3 Configure emergencies and alerts to be sent immediately , and all other mes[...]

  • Página 278

    278 Monit oring and Lo gging Sy stem Inf ormatio n Email Alert Logging............................ enabled Email Alert From Address....................... N3048_noreply@dell.com Email Alert Urgent Severity Level.............. 0 Email Alert Non Urgent Severity Level.......... 3 Email Alert Trap Severity Level................ 6 Email Alert Notificati[...]

  • Página 279

    Managi ng Genera l System Set tings 279 12 Managing General System Settings This chapter de scribes how to set system information, such as t he hostname, and time s ettings, and how to select the Switch Da tabase Ma nagement (SDM) template t o use on the s witch. F or the N2000 and N 3000 seri es switches , this chapt er also desc ribes how to conf[...]

  • Página 280

    280 Managi ng Genera l System Set tings The switch can obtain the time from a S imple Network Time P ro tocol (SNTP) server , or you can set the time manually . T able 12-2 describes the settings that help the switch keep t rack of time. The Dell Net working N2024 P/N2048P and N3 024P/N3048P switch ports are IEEE 802.1at-2009-complia nt (P o E Plus[...]

  • Página 281

    Managi ng Genera l System Set tings 281 Why Does Syst em Information Need to Be Configured? Configuring system information is optional. However , it can be helpful in providing administra tive information ab out the s witch. F or exampl e, if you manage severa l standalone Dell Networking se ries switches and have T elnet sessions open with several[...]

  • Página 282

    282 Managi ng Genera l System Set tings IPv4 un icas t rout es N2000 N3000 N4000 256 8160 8160 0 8160 8160 512 12288 12288 0 0 8160 IPv6 Neighbor Discovery P rot ocol (NDP) en tries N2000 N3000 N4000 512 2560 1024 0 2560 1024 0 0 0 0 0 0 IPv6 un icas t rout es N2000 N3000 N4000 128 4096 4096 0 4096 4096 0 0 0 0 0 0 ECMP next hops N2000 N3000 N4000 [...]

  • Página 283

    Managi ng Genera l System Set tings 283 SDM T emplate Configura tion Guidelines When you configure the switch to use an SDM template that is not curr ently in use, you must r eload the switch for the configuration to take effect. If the IPv4 Routing or IPv4 Data Center tem plate is currently in use and you attemp t to configu re IPv6 routing featur[...]

  • Página 284

    284 Managi ng Genera l System Set tings T o increase security , you can re quire authentication bet ween the configured SNTP server and the SNTP client on the sw itch. Authenticat ion is provided by Message Diges t 5 (MD5). MD5 verifies the integ rity of the communication and authenticates the origin of the communication. What Configurat ion Is Req[...]

  • Página 285

    Managi ng Genera l System Set tings 285 What Are the Key PoE Plus Featur es for the N2024P/N2 048P and N3024P/N304 8P Switches? T able 12-4 des cribes some of the key P oE Plus features the switches support. T able 12- 4. P oE Plus Key Feat ures Feature D escript ion Global Usage Threshold P rovides the ability to specif y a power limit as a percen[...]

  • Página 286

    286 Managi ng Genera l System Set tings Default Gener al System Infor mation By default, no system information or time information is configur ed, and the SNTP client is disabled. The default SDM T emplate applied to the switch is the Du al IPv4-IP v6 temp late. The fo llowi ng tabl e shows t he defa ult P oE Plus setting s for the Dell Networki ng[...]

  • Página 287

    Managi ng Genera l System Set tings 287 Configuri ng General Sys tem Settings (Web) This secti on provides information about the O penManage Switch Administrator pages for configuring and monitoring general syst em settings on the Dell Netwo rking N2000, N3000, and N4000 series switches. F or details about the fields on a page, c lick at the top of[...]

  • Página 288

    288 Managi ng Genera l System Set tings Initiating a T elnet Session from the Web Interface T o launch a T elnet session: 1 Fr o m t h e System → Gene ral → System Informat ion page, click the T e lnet link. 2 Click the Te l n e t button. Figure 12 -2. T elnet 3 Select the T elnet client, an d click OK . Figure 12-3. Selec t T elnet Clien t NOT[...]

  • Página 289

    Managi ng Genera l System Set tings 289 The selected T elnet clie nt launches and connects to the switch CLI. Figure 12 -4. T el net Sess ion[...]

  • Página 290

    290 Managi ng Genera l System Set tings CLI Banner Use the CLI Banner page to configure a message for the switch to display when a user connects to the switch by using the CLI. Y ou can configure differ ent banners for various CLI modes and access meth ods. To d i s p l a y t h e CLI Banner pa ge, cl ick System → General → CLI B ann er in the n[...]

  • Página 291

    Managi ng Genera l System Set tings 291 SDM T emplate Preference Use the SDM T emplate Preference page to vie w infor mati on abou t temp late resource se ttings and to s elect the tem plate that the switch uses . If you select a new SDM temp late for the sw itch to use, you m ust reboot the swit ch before the temp late is appli ed. To d i s p l a [...]

  • Página 292

    292 Managi ng Genera l System Set tings Clock If you do not obtain the system time from an SNTP server , you can manually set the da te and time on th e switch on the Clock pa ge. The Clock page a lso dis plays info rmat ion ab out the tim e sett ings conf igured on the sw itc h. To d i s p l a y t h e Clock page , click System → T ime Synchron i[...]

  • Página 293

    Managi ng Genera l System Set tings 293 SNTP Global Sett ings Use the SNTP G lobal Settin gs page to enable or disable the SNTP client, configure whether and how often the client sends SNTP r equests, and determine whether the switch can receive SNTP broadcasts. T o display the SNTP Global Settings page, cli ck System → Ti m e Sync hroniz atio n [...]

  • Página 294

    294 Managi ng Genera l System Set tings SNTP Authenti cation Use the SNTP Authentication page to enable or disable SN TP authenti cation, to modify the au thenticati on key for a selecte d encryption key ID, to des ignate the selec ted authentica tion key as a trusted key , a nd to remove the selected encryption key ID. Click System → T ime Sy nc[...]

  • Página 295

    Managi ng Genera l System Set tings 295 Figure 12-10. Add Aut henticati on Key 3 Enter a nu merical encrypti on key ID and an aut hentica tion k ey in the appropriate field s. 4 If the k ey is to be used to auth enticate a unicast SNTP s erver , select the Tr u s t e d K e y check box. If the check box is clear , the key is untrusted and cann ot be[...]

  • Página 296

    296 Managi ng Genera l System Set tings SNTP Server Use the SNTP Ser ver page to view and modify information about SN TP servers, and to add new SNTP servers tha t the switch can us e for time synchronization. The switch can accept t ime information from both IPv4 and IPv6 SNTP servers . To d i s p l a y t h e SNTP Server page, c lick System → T [...]

  • Página 297

    Managi ng Genera l System Set tings 297 Figure 12 -13. Ad d SNTP S erver 3 In the SNTP Server field, enter the IP a ddres s or host name for the new SNTP server . 4 Specify wh ether the inform ation ent er ed in t he SNTP Server field is an IPv4 ad dres s, IPv6 add ress , or a hostn ame (DNS). 5 If yo u require auth entica tion bet ween t he SNT P [...]

  • Página 298

    298 Managi ng Genera l System Set tings T o v iew all configured SNTP servers, click the Show All link. The S NTP Server T able display s. Y ou can al so use th e SNTP Server T able pag e to remove or edit ex isting SNTP serv ers. Figure 12-14. SNTP Serve rs T a ble[...]

  • Página 299

    Managi ng Genera l System Set tings 299 Summer T ime Configurat ion Use the Summer T ime Configuration page to configure summer time (daylig ht savin g time) settings. To d i s p l a y t h e Summe r T ime Configurat ion page, c lick System → Ti m e Sync hroniz atio n → Summe r T ime Con figurat ion in the navigation panel. Figure 12-15. Summer [...]

  • Página 300

    300 Managi ng Genera l System Set tings T ime Zone Configurat ion Use the T ime Z one Configuratio n to configure time zone information, including the a mount time the lo cal time is offset fro m UTC and the acronym that r epresents the local time zone. To d i s p l a y t h e T im e Zone Co nfiguration page , click System → Ti m e Synch ron izati[...]

  • Página 301

    Managi ng Genera l System Set tings 301 Card Configu ration Use the Card Configuration pa ge to control the administrative status of the rear -panel expansion slots (Slot 1 or Slot 2) and to configure the plug-in module to use in the slot. To d i s p l a y t h e Card Config uration page, cli ck Switching → Slots → Card Confi gur ation in the na[...]

  • Página 302

    302 Managi ng Genera l System Set tings Slot Summary Use the Slot Summar y page to view information about the expansion slot status. To d i s p l a y t h e Slot Summary page , click Switching → Slots → Summary in the navigation panel. Figure 12-18. Slot Summary[...]

  • Página 303

    Managi ng Genera l System Set tings 303 Supported Car ds Use the Supported Cards page to view infor mation about the s upported plug-in modules for the swi tch. To d i s p l a y t h e Supported Cards page , click Switching → Slots → Supported Cards in the navigation panel. Figure 12 -19. Supp orted Ca rds[...]

  • Página 304

    304 Managi ng Genera l System Set tings Power Over Ether net Global Con figuration ( N2024P/N204 8P and N3024P/N304 8P Only) Use the P oE Global Co nfiguratio n page to configure the P oE set tings for the switch. To d i s p l a y t h e P o E Global Conf iguration page, c lick System → Gene ral → P ow er over Etherne t → Global Co nfiguratio [...]

  • Página 305

    Managi ng Genera l System Set tings 305 Power Over Ethernet Interfac e Configu ration ( N2024P/N20 48P and N3024P/N304 8P Only) Use the P oE Interface Con figuration page to configure the per -port P oE settings. F rom this page, y ou can also access the P oE Counters ta ble and P oE P ort T able. The P oE P ort table allows you to vie w and config[...]

  • Página 306

    306 Managi ng Genera l System Set tings T o view P oE statistics for each port, click Co unters. Figure 12-22. PoE Coun ters T able T o view the P oE P ort T ab le, click Show All . Figure 12-23. PoE Port T abl e If you change any settings f or one or more ports on the Po E Po r t T a b l e page, click Apply to update the swi tch with the new setti[...]

  • Página 307

    Managi ng Genera l System Set tings 307 Configuring System Settings (CLI) This section provides information about the commands you use to configure system informat ion and time settings on the Dell Netw orking N2000, N3000, and N4000 series switches . F or more information about thes e commands, see the Dell Ne tworking N2000, N300 0, and N4000 S e[...]

  • Página 308

    308 Managi ng Genera l System Set tings Configuri ng the Banner Beginning in P rivileged EXEC mode, use the following commands to configure the MOTD, login, or User EXEC banner . The switch supports the following banner messages: • MOTD —Displays when a user connects to the switch. • L ogi n—D isplay s after the M OTD b ann er and before th[...]

  • Página 309

    Managi ng Genera l System Set tings 309 Managing the SDM T emplate Beginning in P rivileged EXEC mode, use the following commands to set the SDM tem plate p re fer ence a nd to view i nform ation about the avail able S DM templ ates . Configuri ng SNTP Authenti cation and an SNTP Server Beginning in P rivileged EXEC mode, use the following commands[...]

  • Página 310

    310 Managi ng Genera l System Set tings sntp tr usted-key ke y_i d Speci fy the auth enticatio n key the SNTP serv er must inc lude in SNTP packets that it sends to the switch . The ke y_i d number must be an en cryption key ID defined in the previou s step. sntp auth enticate Req uir e aut henti cati on for comm unica tion w ith t he SN TP server [...]

  • Página 311

    Managi ng Genera l System Set tings 311 Setting th e System T ime and Date Manually Beginning in P rivileged EXEC mode, use the following commands to configure the time and date, time zone, and summer time settings. Comman d Purpose clock set { mm/dd/yyyy hh:m m:ss } | { hh:mm:ss mm/dd/yyyy Config ure the time and date. Y ou can enter the time fir [...]

  • Página 312

    312 Managi ng Genera l System Set tings Configuri ng the Expansi on Slots (N3000 Ser ies Only) Beginning in P rivileged EXEC mode, use the following commands to configure a nd view information abou t the expansion slots and plug- in modules (car ds). clock summe r - time date { date mont h | month dat e } year hh:mm { date m onth | month dat e} yea[...]

  • Página 313

    Managi ng Genera l System Set tings 313 V iewing Slot Infor mation (N4000 Ser ies Only) Use the following commands to view information about Slot 0 and its support. Configuri ng PoE Setting s (N2024P/N20 48P and N3024P/ N3048P Only) Beginning in P rivileged EXEC mode, use the following commands to configure P oE information. Command Purpo se show s[...]

  • Página 314

    314 Managi ng Genera l System Set tings power inline priority {critic al | high | low} Configures the port priority le vel for the delive ry of power to an attached device. power inline high-power Conf igur e the port hi gh pow er mo de for con nec ted-d evice compatibil ity . power inline limit user-defined limit Set the per-port power limit. • [...]

  • Página 315

    Managi ng Genera l System Set tings 315 General System Settings Configuratio n Examples This section contains the following exa mples: • Configurin g System and Ba nner Information • Configu ring SNTP • Configu ring the Time M anually Configuri ng System and Banner Informati on In this e xample, an admini strator configur es the following s y[...]

  • Página 316

    316 Managi ng Genera l System Set tings System Contact: Jane Doe System Name: N2048 System Location: RTP100 Burned In MAC Address: 001E.C9AA.AA07 System Object ID: 1.3.6.1.4.1.674.10895.3035 System Model ID: N2048 Machine Type: Dell Networking N2048 Temperature Sensors: Unit Temperature (Celsius) Status ---- --------------------- ------ 1 43 OK Pow[...]

  • Página 317

    Managi ng Genera l System Set tings 317 Power Supplies: Unit Description Status Average Current Since Power Power Date/Time (Watts) (Watts) ---- ---------- -------- ---------- -------- ------------ 1 System OK 5.0 97.8 1 Main Failure 1 Secondary OK 97.6 97.8 01/10/2031 15:59:05 5 View addition al informat ion about the system. N2048#show system id [...]

  • Página 318

    318 Managi ng Genera l System Set tings Figure 12-24. V erify MOTD[...]

  • Página 319

    Managi ng Genera l System Set tings 319 Configuri ng SNTP The commands in this example configure the switch to poll an SNTP server to synchronize the time. Ad ditionally , the SNTP sessions between t he client and server must be authentica ted. T o configure the switch: 1 Configure the authentication informa tion. The SNTP server m ust be configu r[...]

  • Página 320

    320 Managi ng Genera l System Set tings 4 View the SNTP status on the switch. console# show sntp status Client Mode: Unicast Last Update Time: MAR 01 09:12:43 2010 Unicast servers: Server Status Last response --------------- ------------ --------------------- 192.168.10.30 Other 09:12:43 Mar 1 2011[...]

  • Página 321

    Managi ng Genera l System Set tings 321 Configuri ng the T ime Manually The co mmands in thi s example manuall y set the syst em time and date. The time zo ne is se t to Eas tern Stand ard Ti me (EST), w hich has an offset of -5 hour s. S umme r ti me is ena ble d and uses th e pr eco nfig ur ed Unite d St ate s settings. T o configure the switch: [...]

  • Página 322

    322 Managi ng Genera l System Set tings[...]

  • Página 323

    Conf iguring SNMP 323 13 Configuring SNMP The topics covered in t his chapter include: • SNMP Overview • Defa ult SNM P V a lues • Configurin g SNMP (W eb) • Configurin g SNMP (CL I) • SNMP C onfiguration E xamples SNMP Overview Simple Network Management Pr otocol (SNMP) provides a method for managing network devices. The Dell Ne twork in[...]

  • Página 324

    324 Confi gurin g SNMP The SNMP agent ma intains a list of variable s tha t are used to manage t he switch. The variables are defined in the MIB. The MIB presents the variables controlled by the agent . The SNMP agent defines the MIB specification format, as well as the format us ed to access the info rmation over the network. Access rights t o the[...]

  • Página 325

    Conf iguring SNMP 325 Y ou can configure va rious features on the switch to generate SNMP traps that inform the NMS about eve nts or problems that occur on the switch. T raps generated by the switch can also be vi ewed locally by using the web-based interface or CLI. Why Is SNMP Needed? Some ne twork adminis trators prefer to use SNMP as the switch[...]

  • Página 326

    326 Confi gurin g SNMP T able 13-2 describes the two views that are defined by default. By default, three groups are defined. T able 13-3 describes the group s. The Read, W rite, and Notify v alues define the preconfigured views that are associat ed with th e groups. QoS traps Enabled Multicast traps Disabled Captive P ort al traps Disabled OSPF tr[...]

  • Página 327

    Conf iguring SNMP 327 Configuring SNMP (W eb) This secti on provides information about the O penManage Switch Administrator pages for configuring and monitoring the SNMP agent on a Dell Networking N2000 , N3000, and N4000 series switches. F or details abo ut the fields on a page, click at the top of the page. SNMP Global Parameters Use the Globa l [...]

  • Página 328

    328 Confi gurin g SNMP SNMP V iew Settin gs Use the SNMP Vi e w S e t t i n g s page to c rea te v iews th at de fine w hich f eatur es of the device ar e accessible and which ar e blocked. Y ou can create a view that includes or e xcludes OIDs cor responding to inte rfaces. To d i s p l a y t h e Vi e w S e t t i n g s page, cl ick Sys tem → SNM[...]

  • Página 329

    Conf iguring SNMP 329 Figure 13 -3. Add View 3 Specify a n ame for the view and a valid SNMP OID string . 4 Select the view type. 5 Cli ck Apply . The SNMP vie w is added, and the device is update d. Click Show A ll to view information about configur ed SNMP V iews.[...]

  • Página 330

    330 Confi gurin g SNMP Access Contr ol Group Use the Access Contro l Group page to view informat ion for creati ng SNMP groups, and to assign SNMP access privileges. Gr oups allow network m a n a g e r s t o a s s i g n a c c e s s r i g h t s t o s p e c i f i c d e v i c e f e a t u r es o r f ea t u re s a s p e c t s . To d i s p l a y t h e Ac[...]

  • Página 331

    Conf iguring SNMP 331 Figure 13-5. Add Access C ontrol Group 3 Specify a n ame for the group. 4 Select a security model and level 5 Define the context prefix and the operation. 6 Cli ck Apply to update t he switch. Click Show A ll to view i nformati on abou t ex isting a ccess c ontrol configurations.[...]

  • Página 332

    332 Confi gurin g SNMP SNMPv3 User Securi ty Model (USM) Use the User Security Model page to assign s ystem users to SNMP groups and to define t he user authentica tion method. To d i s p l a y t h e User Security Model pa ge , cli ck System → SNMP → User Security Model in t he navig ation pa nel. Figure 13-6. SNM Pv3 User Security Mode l Addin[...]

  • Página 333

    Conf iguring SNMP 333 Figure 13-7. Add Local Users 3 Define th e relevant fields. 4 Cli ck Apply to update t he switch. Click Show A ll to vi ew the User Security Model T able, which conta ins information about configur ed Local and Remote Users. Addin g Remo te SNMPv 3 Users to a USM T o add r emote users: 1 Open the SNMPv3 User Security Model pag[...]

  • Página 334

    334 Confi gurin g SNMP Figur e 13-8. Add Remote Users 3 Define the relevan t fields. 4 Click Apply to up date the sw itch. Click Show Al l to vie w the Us er Securi ty Mod el T able, which contains information about configur ed Local and Remote Users.[...]

  • Página 335

    Conf iguring SNMP 335 Communities Access rights for SNMPv1 and S NMPv2 are managed by defining communities Comm unities page. When the community names ar e changed, access rights ar e also changed. SNMP Communities a re defined only for SNMP v1 and SN MP v2. To d i s p l a y t h e Commu nit ies page, click System → SNMP → Comm unit ies in the n[...]

  • Página 336

    336 Confi gurin g SNMP Figure 13-10. Add SNMP v1,2 Community 3 Specif y the IP a ddr ess of an SNMP manag ement st ation an d the community string to act as a passwor d that will aut henticat e the management station to the SNMP agent on the switch. 4 Select the a ccess mode. 5 Click Apply to up date the sw itch. Click Show Al l to view the communi[...]

  • Página 337

    Conf iguring SNMP 337 Notifica tion Filt er Use the Noti fication Filter page to set filter ing traps b ased on OIDs. E ach OID is link ed to a de vice featur e or a featur e aspect. The Notification Filter page also allows you to f ilter notificati ons. To d i s p l a y t h e Notification F ilter page , cli ck System → SNMP → Notifica tion F i[...]

  • Página 338

    338 Confi gurin g SNMP Figure 1 3-12. Add Notifica tion Filter 3 Specify the name of t he filter , th e OID for th e filter . 4 Cho ose wh ether to send ( includ e) trap s or infor ms to th e trap recipient or prevent the switch from sending (exclude) the traps or informs. 5 Click Apply to up date the sw itch. Click Show Al l to view in formation a[...]

  • Página 339

    Conf iguring SNMP 339 Figure 13-13. SNMP Notification Recipi ent Adding a Notification Recipient T o add a r ecipient: 1 Open the Notifica tion Recipient page. 2 Cli ck Add . The Add R ecipient page displays:[...]

  • Página 340

    340 Confi gurin g SNMP Figure 1 3-14. Add Notifica tion Recip ient 3 Specify the IP address or hostname of the host t o r eceive n otifications. 4 Select wh ether to s end traps or informs to th e specified recipient 5 Define the relevant f ields for the SNMP v ersion you use. 6 Configure informat ion about the port on the recipient. 7 Click Apply [...]

  • Página 341

    Conf iguring SNMP 341 T o access the T r ap Fl ags page, click Statistics/RMON → T r ap Man ager → Tr a p F l a g s in the navigation panel. Figure 13 -15. T rap Fla gs OSPFv2 T rap Flags The OSPFv2 T rap Flags page is used to specify which OSPFv2 traps you want to enable or disable. When the con dition identified by an acti ve trap is encounte[...]

  • Página 342

    342 Confi gurin g SNMP Figure 13 -16. OSPFv2 T rap Flags OSPFv3 T rap Flags The OSPFv3 T rap Flags page is use d to spe cify which OSP Fv3 trap s yo u wa nt to enable or disable. When the condit ion identified by an active trap is encountered by t he switch, a t rap message is sent to any enabled S NMP T r ap Receivers, a nd a message i s written t[...]

  • Página 343

    Conf iguring SNMP 343 Figure 13 -17. OS PFv3 T rap Flags Tr a p L o g The Tr a p L o g p age is used to v iew entries that hav e been writte n to the trap log. T o access the Tr a p L o g page, cl ick Statistics/RMON → T rap Manager → Tr a p L o g in the nav igation panel.[...]

  • Página 344

    344 Confi gurin g SNMP Figure 13-18. T rap Lo gs Click Clear to de lete a ll entr ies fro m the trap lo g.[...]

  • Página 345

    Conf iguring SNMP 345 Configuring SNMP (CLI) This section provides information ab out the commands you use to manage and view SNMP featur es on the switch. F or more information about these commands, see the Dell Networking N2000 , N3000, and N4 000 Series Switches CLI Reference Guide at supp ort .dell. com/ manuals . Configuri ng the SNMPv3 Engine[...]

  • Página 346

    346 Confi gurin g SNMP Configuri ng SNMP Views, Grou ps, and Users Beginning in P rivileged EXEC mode, use the following commands to define SNMP views, and SN MP groups, and local and r emote SNMPv3 users. snmp-s erver eng ineID local { engineid -string | defaul t} Confi gure the S NMPv3 Engine ID. • enginei d-str ing — The characte r string th[...]

  • Página 347

    Conf iguring SNMP 347 snmp-ser ver group groupname { v1 | v2 | v3 { noaut h | auth | priv } [ notify view-name ]} [ conte xt view-name ] [ read view-name ] [ write view-name ] Spec ify the i denti ty strin g of th e re ceive r and set the r eceiver timeo ut valu e. • groupname — Specifi es the name of t he group. (Rang e: 1-30 characters.) • [...]

  • Página 348

    348 Confi gurin g SNMP snmp-ser ver user username gro upname [ rem ote engin eid -strin g ] [{ auth-md5 password | auth-sha password | auth-m d5-key md5-key | auth-sh a-key sha-ke y } [ priv-des password | priv -des-key des-k ey ]] Config ure a new SNMPv3 user . • usern am e — Specifie s the n ame of the use r on th e host that connects to the [...]

  • Página 349

    Conf iguring SNMP 349 Configuri ng Communities Beginning in P rivileged EXEC mode, use the following commands to configure access rights for S NMPv1 and SNMPv2. show snmp group [ group_name ] View SNMP group conf igurati on informatio n. show snmp user [ user_nam e ] Vi ew S NMP us er con figu rati on inf ormat ion. Command Purpo se configure Enter[...]

  • Página 350

    350 Confi gurin g SNMP snmp-s erver co mmunit y- group community - strin g group-name [ ipaddress ip-address ] Map the in ter nal s ecu rity n ame for SNMP v1 a nd S NMP v2 securi ty models to the group name. • com mu nity -strin g — Com munity string t hat acts like a password and permits access to the SNMP protocol . (Range: 1-20 characters) [...]

  • Página 351

    Conf iguring SNMP 351 Configuri ng SNMP Notificat ions (T raps and In forms) Beginning in P rivileged EXEC mode, use the following commands to allow the switch to send SNMP t raps and to configure which traps ar e sent. Command Purpo se configure Enter Global Configuration mode snmp-ser ver en able traps [acl | all | aut o-co py-sw | captive -porta[...]

  • Página 352

    352 Confi gurin g SNMP snmp-server host host- addr [ informs [ timeout second s ] [ ret ries retr ies ] | traps version { 1 | 2 }] ] community -string [ udp - port port ] [ filter filtername ] F or SNMPv 1 and SNMPv2, c onfigure the s ystem to receiv e SNM P tra ps or info rms. • host- addr — Sp ecifie s the IP ad dres s of the ho st (tar geted[...]

  • Página 353

    Conf iguring SNMP 353 snmp-ser ver v3-host { ip- address | hostna me } userna me { trap s | informs } [ noaut h | auth | priv ] [ timeout second s ] [ retrie s retr ies ] [ udpport port ] [ filter filtername ] F or SN MPv3, con figure the sys tem to receiv e SNMP traps or informs. • ip-a ddress — Specifie s the IP add ress of the h ost (tar get[...]

  • Página 354

    354 Confi gurin g SNMP SNMP Configuration Examples This section contains the following e xamples: • Configu ring SNMP v1 and SN MPv2 • Configurin g SNMPv3 Configuri ng SNMPv1 and SNMPv2 This e xampl e shows how to comple te a basic SNMPv1/v2 conf iguration. The commands enable r ead-only access from any host to all objects on t he switch using [...]

  • Página 355

    Conf iguring SNMP 355 Traps are enabled. Authentication trap is enabled. Version 1,2 notifications Version 3 notifications System Contact: System Location: Configuri ng SNMPv3 This e xample shows how to complete a basic SNMPv3 configuration. The commands create a view that includes objects from t he int erne t MIB subtr ee (O ID 1.3 .6.1 ), wh ich [...]

  • Página 356

    356 Confi gurin g SNMP 3 Create the user admin , assign the user to th e group, and specify the authen tication cr edential s. console(config)# snmp-server user admin group_snmpv3 auth-md5 secretkey 4 Specify the IP add r ess of the host wh ere t raps are to be sent. P acket authen tication using MD5-SH A is enable d for the tr aps. console(config)[...]

  • Página 357

    Conf iguring SNMP 357 console# show snmp views console# show snmp group console# show snmp user Name OID Tree Type ------------------ ------------------------ ------------ Default iso Included Default snmpVacmMIB Excluded Default usmUser Excluded Default snmpCommunityTable Excluded view_snmpv3 internet Included DefaultSuper iso Included Name Contex[...]

  • Página 358

    358 Confi gurin g SNMP[...]

  • Página 359

    Manag ing Imag es and Fi les 359 14 Managing Image s and Files This chapter de scribes how to upload, download, and copy files, such a s firmware images and configuration files, on the switch. The topics covered in this chapte r inc lude: • Image an d F ile Management O vervie w • M anag ing Ima ges an d F iles (W eb ) • M anag ing Ima ges an[...]

  • Página 360

    360 Managi ng Ima ges a nd Fil es T abl e 14-1. Files to Mana ge File Action Description image Download Upload Copy F irmware for the switch. The swi tch can mainta in t wo image s: the active image and the b ackup image . startup-config Download Upload Copy Conta ins th e soft ware confi gurat ion tha t loads during the boot process. runn ing- con[...]

  • Página 361

    Manag ing Imag es and Fi les 361 Why Is File Management Needed? This section provides some r easons why you might choose to manage various files. Image Files The switch can store two firmware images, but only one is active . The other image file is a backup image. By def ault, the switch has only one image. Y ou might copy an image or download an i[...]

  • Página 362

    362 Managi ng Ima ges a nd Fil es • N40 32, N40 32F , N4 064, N40 64F N3000 _ N2000 — Dell Networkin g 2000/300 0 series switch firmware for: • N20 24, N2 048, N20 24P , N 2048P , N3024 , N3024P , N3 024F , N3048, N3048P And the version number is: V ersion Numbering Convention • M ajor release numbe rs star t at 6. • Minor release numbers[...]

  • Página 363

    Manag ing Imag es and Fi les 363 running-config file. The backup-config file does not exist until y ou explicitly create one by copying an e xisting configuration file to the backup-config fil e or downloading a backup-con fig file to the switch. Y ou can also cr eate configuration script s, wh ich are text files th at conta ins CLI commands. When [...]

  • Página 364

    364 Managi ng Ima ges a nd Fil es •T F T P •S F T P •S C P •F T P • HTTP ( W eb onl y) • HTTPS (W eb o nly ) Y ou can also copy files between the file system on the internal flash and a USB flash drive that is connect ed to th e exte rna l USB port . What Factors Should Be Consider ed When Managing Files? Uploading and D ownloading File[...]

  • Página 365

    Manag ing Imag es and Fi les 365 Editing and Dow nloading Configuration Files Each configuration file contains a list of e x ec utable CLI commands. The commands must be complete and in a lo gical order , as if you wer e entering them by using the switch CLI. When you download a startup-config or backup-confi g file to the switch, the new file repl[...]

  • Página 366

    366 Managi ng Ima ges a nd Fil es ! Display information about direct connections show serial ! End of the script file Mana ging Fi les on a St ack Image files downloaded to the mas ter unit of a stack ar e automaticall y downloaded t o all stack members. If you act ivate the ba ckup image on the ma s te r , it i s a c ti va t e d o n a l l un i ts [...]

  • Página 367

    Manag ing Imag es and Fi les 367 Managing Images a nd Files (W eb) This secti on provides information about the O penManage Switch Adm inist rato r page s to use to ma nage im age s and f iles on a Dell Net workin g N2000, N30 00, and N4000 series switche s. F or details a bout the fields on a page, cl ick at the t op of th e page. File Syste m Use[...]

  • Página 368

    368 Managi ng Ima ges a nd Fil es Active Image s Use the Act ive I mages page to set the firm ware image to use when the sw itch boots. If you change the boot image, it does not become t he active image until you reset the switch. On the N4000 series switches, the images are named act ive and backu p . NOTE: To d i s p l a y t h e Active Im ages pa[...]

  • Página 369

    Manag ing Imag es and Fi les 369 USB Flash Driv e Use the USB F lash Dri ve pag e to view informatio n about a USB fla sh drive connected to the USB port on the front panel of the switch. The page also displays information about the files stored on the USB flash drive. A USB flash drive must be un-mounted by the operator befor e re moving it from t[...]

  • Página 370

    370 Managi ng Ima ges a nd Fil es File Do wnload Use the F ile Down load page to download i mage (binary) f iles, SSH and SSL cer tifi cat es, IA S Us er fi les , and c onf ig uration (ASCII), files from a r emote serv er to th e switc h. To d i s p l a y t h e Fi l e D o w n l o a d page , clic k System → F ile Mana gement → Fil e Download in [...]

  • Página 371

    Manag ing Imag es and Fi les 371 If you sele ct a transfer mode that r equir es authen tication , additi onal fiel ds appear i n the Downl oad secti on. If y ou select HTTP as the download method, some of the fields are hidden. 4 T o downlo ad using HT TP , click Browse and sele ct the fil e to download , then cli ck Apply . 5 T o download usi ng a[...]

  • Página 372

    372 Managi ng Ima ges a nd Fil es File Up load Use the F ile Upload t o Ser ver page to upload config uration (ASCII), image (binary), IA S user , operational log, and startup log files from t he switch to a remote server . To d i s p l a y t h e Fi l e U p l o a d t o S e r v e r page, click System → F ile Managem ent → Fi l e U p l o a d in t[...]

  • Página 373

    Manag ing Imag es and Fi les 373 4 T o upload by using HT TP , click Apply . A dialog box opens to al low you to open or save th e file. Figure 14 -7. Fi le Upload 5 T o upload by usi ng any method ot her than HT TP , ent er the IP ad dres s of the server and specify a name for t he file. F o r SFTP and SC P , provide the user name and passwor d. 6[...]

  • Página 374

    374 Managi ng Ima ges a nd Fil es Copy Fil es Use the Copy F iles pa ge to : • Copy the active firmware image to th e switch. one or all mem bers of a stack. • Copy the running, startup, or backup confi gurati on file to the star tup or backup confi guration file. • Restore the ru nning configur ation to the f actory default settings. To d i [...]

  • Página 375

    Manag ing Imag es and Fi les 375 Managing Images a nd Files (CLI) This section provides information about the commands you use to upload, download, and copy files to and from the Dell Networki ng N2000, N3 000, and N4000 series switches . F or more information about thes e commands, see the Dell Ne tworking N2000, N300 0, and N4000 S eries Sw itche[...]

  • Página 376

    376 Managi ng Ima ges a nd Fil es boot system { image1 | image2 } Set t he image to u se as the boot (active) image after the swit ch resets. Imag es on the N4 032/N40 64 are named active and backup . F or N4000 series sw itche s, use the fo llowi ng com mand: boot system { active | backu p } reload Re boot the swi tch to make the ne w image the a [...]

  • Página 377

    Manag ing Imag es and Fi les 377 Managing Fil es in Interna l Flash Beginning in P rivileged EXEC mode, use the following commands to copy , rename, delete and lis t the files in the internal flas h. Command Purpo se dir List the fi les in the flash file syst em. copy flash:// file na me usb:// file name Copy a file from the internal flash to a USB[...]

  • Página 378

    378 Managi ng Ima ges a nd Fil es copy startup-co nfig backup-config Save the sta rtup co nfig urati on to the ba ckup c onfigu rati on file . copy running- config startup-config Copy the cu rrent configurat ion to the st artup confi guration . This sav es the current con figurati on to NVR AM. show startup-config View th e contents of the start up[...]

  • Página 379

    Manag ing Imag es and Fi les 379 Managing Fil es on a USB Flash Device Beginning in P rivileged EXEC mode, use the following commands to manage files that ar e on a USB device th at is plugged int o the USB flas h port on the front panel of the switch. Uploading a Conf igurati on File (SCP) Beginning in P rivileged EXEC mode, use the following comm[...]

  • Página 380

    380 Managi ng Ima ges a nd Fil es Managing Co nfigurat ion Scri pts (SFT P) Beginning in P rivileged EXEC mode, use the following commands to download a configuration sc ript from a r em ote system to the swit ch, valida te the scrip t, and activate it . NOTE: The startup- config an d backup- confi g files ar e essentia lly conf igura tion scri pts[...]

  • Página 381

    Manag ing Imag es and Fi les 381 File and Image Management Config uration Examples This section contains the following exa mples: • Upg rading the F irmwa re • Man aging C onfiguration Scripts Upgrading th e Firmware This e xample for a N4032 shows how to downloa d a firmwar e image to the switch and activ ate it. T he TF TP server in th is exa[...]

  • Página 382

    382 Managi ng Ima ges a nd Fil es Figure 14-9. Image Path 3 View information about the current image. console# show version Image Descriptions image1 :default image image2 : Images currently available on Flash 4 Downloa d the image to the swit ch. After you execute the copy command, you must verify that you wa nt to sta rt the down load. The dow nl[...]

  • Página 383

    Manag ing Imag es and Fi les 383 Set TFTP Server IP............................. 10.27.65.103 TFTP Path...................................... images/ TFTP Filename.................................. dell_0308.stk Data Type...................................... Code Destination Filename........................... image Management access will be block[...]

  • Página 384

    384 Managi ng Ima ges a nd Fil es Configuration Saved! 8 Reset the switch to boot the system with the n ew image. console# reload Are you sure you want to continue? (y/n) y Reloading all switches... Managing Co nfigurat ion Scri pts This e xample shows how to create a configuration script that adds thre e hostname-to-IP address ma ppings to the hos[...]

  • Página 385

    Manag ing Imag es and Fi les 385 console# copy tftp://10.27.65.103/labhost.scr script labhost.scr Mode........................................... TFTP Set TFTP Server IP............................. 10.27.65.103 TFTP Path...................................... ./ TFTP Filename.................................. labhost.scr Data Type..................[...]

  • Página 386

    386 Managi ng Ima ges a nd Fil es ip host labpc2 192.168.3.58 ip host labpc3 192.168.3.59 Configuration script 'labhost.scr' applied. 6 V erify that the script was su ccessfully appli ed. console# show hosts Host name: test Name/address lookup is enabled Name servers (Preference order): 192.168.3.20 Configured host name-to-address mapping[...]

  • Página 387

    Manag ing Imag es and Fi les 387 Data Type.............................. Code Management access will be blocked for the duration of the transfer Are you sure you want to start? (y/n) y 3 Copy the running-config to the USB fla sh drive. console# copy running-config usb://rc_backup.scr Mode............................. unknown Data Type..............[...]

  • Página 388

    388 Managi ng Ima ges a nd Fil es[...]

  • Página 389

    Auto Image and C onfigu ration Update 389 15 Automatically U pdating the Imag e and Config uration The topics covered in t his chapter include: • Aut o Config uration O vervie w • What A r e the De pendencies for DHCP Auto Configuration? • Default Auto Configuration V alues • Man aging Auto C onfiguration (W eb) • Man aging Auto C onfigur[...]

  • Página 390

    390 Auto I mage and Co nfigu ration U pdate fails - either because it is disabled, no USB storage device is present, or no configuration or images files are present on the USB storage device, the switch uses t he DHCP A uto Install process. What Is USB Auto Confi guration ? Y ou can use the USB Auto Configuration feature to configure or upgrade one[...]

  • Página 391

    Auto Image and C onfigu ration Update 391 file. If no dellswitch.set up file is avai la ble, the switch checks for a file with a *.text configuration file a nd a *.stk ima ge file. If mult iple .te xt files e xist, the switch uses the dellswit ch.text file. If multiple *.stk files ar e present, the switch uses the ima ge with the highest (most rece[...]

  • Página 392

    392 Auto I mage and Co nfigu ration U pdate be using the same configuration file and/or image on the USB device. This method allows different IP addresses t o be assigned, but the same configuration file or image is do wnloaded to multiple switches. After the current switch has b een configured and/or upgraded and the completion message is displaye[...]

  • Página 393

    Auto Image and C onfigu ration Update 393 The general format of the configuration file lines is as follows. The IP address and subnet mask are requir ed. The MAC addr ess, configuration file, and image file name entries ar e optiona l. MAC_address IP_Address Subnet_Mask Config_F ile Image_File The followi ng exampl e shows a *.se tup examp le for t[...]

  • Página 394

    394 Auto I mage and Co nfigu ration U pdate Obtaining IP A ddress Information DHCP i s enable d by def ault o n the Ou t-of -Ban d (OOB) in terfac e on N3000 and N4000 swit ches. DHCP is enabled by default on VL AN 1 on the N2000 switches. If an IP addr ess has not be en assigned, t he switch issu es reque sts for an IP addr ess assig nment. A netw[...]

  • Página 395

    Auto Image and C onfigu ration Update 395 Obtaining the Image Auto Configuration at tempts to download a n image file f rom a TFTP server only if no configuration fi le was found in the internal flash or a USB drive, or even with a saved configuration file that has A uto Configuration enabled. The network DHCP server may return a DHCP O FFER messag[...]

  • Página 396

    396 Auto I mage and Co nfigu ration U pdate The TFTP client makes three unicast r e quests. If the unicast attempts fail, or if the DHCP OFFER did not specify a TFTP server addr ess, the TFTP client makes three broadcas t r eques ts. If the DHCP server does not speci fy a configuration file or download of the configuration file fails, the Auto Conf[...]

  • Página 397

    Auto Image and C onfigu ration Update 397 T able 1 5-1 summ arizes the config file s that may be downlo aded and the order in which they are sought. T able 15-2 dis plays the dete rmining factors for iss uing unicast or broadcast TFTP request s. T able 1 5-1. Configur ation File Possibi lities Order Sought File Name Description Fi nal File Sought 1[...]

  • Página 398

    398 Auto I mage and Co nfigu ration U pdate Monitorin g and Completing the DHCP Aut o Configura tion Process When the switch b oots and triggers a n Auto Configurat ion, a message displays on the console screen to indic ate that the proce ss is starting. A fter the proces s completes, the Auto C onfiguration proce ss writes a lo g message. When Aut[...]

  • Página 399

    Auto Image and C onfigu ration Update 399 What Are the Dependencies fo r DHCP Auto Configu ration? The Auto Configurati on process from TFTP servers depends upon the following network services: • A DH CP server must be configured on the n etwork with appropriate services. • An im age file an d a text file con taining th e image file name for t [...]

  • Página 400

    400 Auto I mage and Co nfigu ration U pdate Default Auto C onfiguration V alues T able 15-3 descri bes the Auto Configuration defaults. T able 15-3. Auto Configu ration De faults Featur e Def ault Des cription Aut o I ns ta ll Mode Enable d Wh en the swi tch boots and no save d config uratio n is foun d, the Auto Conf igurati on aut omatic ally be [...]

  • Página 401

    Auto Image and C onfigu ration Update 401 Managing Auto Configuration (W eb) This secti on provides information about the O penManage Switch Adm inist rato r page s to use to ma nage im age s and f iles on a Dell Net workin g N2000, N30 00, and N4000 series switche s. F or details a bout the fields on a page, cl ick at the t op of th e page. Auto -[...]

  • Página 402

    402 Auto I mage and Co nfigu ration U pdate Managing Auto Configuration (CLI) This section provides information about the commands you manage the Auto-Install Configuration featur e on th e switch. F or more information about these commands, see th e Dell Net working N2000, N3000, and N40 00 Series Switches CLI Refer ence Guide at support.dell.com/[...]

  • Página 403

    Auto Image and C onfigu ration Update 403 Auto Configu ration Example A netwo rk adminis trator is deplo ying thr ee Dell Networ king s witche s and wants to quick ly and au tomati cally inst all the lates t image a nd a comm on configuration file that co nfigures bas ic settings such as VLAN cr eation and membership, R ADIUS server setting s, and [...]

  • Página 404

    404 Auto I mage and Co nfigu ration U pdate 4 Create a setup file nam ed dellswitch.setup . The set up fil e contai ns the follo wing lines : 001E.C9AA.AC17 switchA.txt N2000vR.5.4.1.stk 001E.C9AA.AC20 switchB.txt N2000vR.5.4.1.stk 001E.C9AA.AC33 switchC.txt N2000vR.5.4.1.stk 5 Copy the dellswitch.setup file to the USB device. 6 Connect th e USB de[...]

  • Página 405

    Auto Image and C onfigu ration Update 405 Enabling DHCP Aut o Configurati on and Auto Image Downlo ad If no USB device is connected to the USB port on the Dell Networking switch and no configuration file is found during the boot process, the A uto Configuration feature uses the DHCP Auto Configuration process to download the configuration file to t[...]

  • Página 406

    406 Auto I mage and Co nfigu ration U pdate Easy Image Upgr ade via USB If a USB dev ice is detected during b ootup and ther e is an image on the USB device, and the switch has no startu p config file, then the image version is checked against the active image version. If a newer image version is found on the USB device, the image is copi ed to the[...]

  • Página 407

    Monit oring S witch T raff ic 407 16 Monitoring Switch T raffic This chapter de scribes sFlow fe atures, R emote Monitori ng (RMON), and P ort Mirroring features . The topics covered in t his chapter include: • T raffic Mon itoring Overvi ew • Defa ult T raffic M onitorin g V alues • Monit oring Switch T raffic (W eb) • Monit oring Switch T[...]

  • Página 408

    408 Monit oring Sw itch T ra ffic monitored devices. sFlow datagrams f orw ard sampled tra ffic stat istics to the sFlow Collector for analysis. Y o u can specify up to eight differ ent sFlow receiv ers to whi ch the switch sends sFlow datagrams. Figure 16-1. sFlow Arch itecture The advantages of using s Flow are: • It is possib le to monitor all[...]

  • Página 409

    Monit oring S witch T raff ic 409 sFlow Sampling The sFlow Agent in the Dell Netw orking software uses two forms of sampling: • Statistical packet-based sampling of switched or routed P acket Flows • Ti me-based s ampling of coun ters P acket Flow Sampling and Counter Sampling ar e performed by sFlow Instances asso ciated with indiv idual Data [...]

  • Página 410

    410 Monit oring Sw itch T ra ffic Counte r Sampling The primary objective of Counter Sam pling is to efficiently , periodically export counters associa ted with Data Sources. A maximum Sampling Interval is assig ned to each s Flow instance as sociated wi th a Data Source. Counter Sampling is accomplished as follows: • sFlow Agents k eep a list of[...]

  • Página 411

    Monit oring S witch T raff ic 411 The RMON agent in the switch supports the following groups: • Group 1— Statis tics. Contains cumula tive traffic a nd error stati stics. • Group 2 —History . Generat es reports from pe riodic traffic samplin g that are useful for analyzing trends. • Group 3 —Alar m. Ena bles the definit ion and set ting[...]

  • Página 412

    412 Monit oring Sw itch T ra ffic F or each source port, you can specify whether to mirror ingres s traffic (traffic the port receives, or RX), egress traffic (traffic the port sends, or TX), or both ingress and egr ess traffic. The packet that is copied to the destinati on port is in the same format as the original pack et on the wir e. This mean [...]

  • Página 413

    Monit oring S witch T raff ic 413 disabli ng of spann ing tr ee on a destinati on port me ans that administr ators must only connect the de stinati on port to dir ectly attached probes to avoid the possibility of a network loop. • GVRP is disa bled on dest ination p orts such that GVRP PDUs ar e never received from or transm itted to th e port. D[...]

  • Página 414

    414 Monit oring Sw itch T ra ffic Default T raffic Monitoring V alues The sFlow age nt is enabled by default, but s ampling and poll ing are disabled on all ports. Additionally , no sFlow receivers (collectors) are configur ed. T able 16-1 contains additional default values for the sFl ow feature. RMON is enabled by default, but no RMON alarms, eve[...]

  • Página 415

    Monit oring S witch T raff ic 415 Figure 16-2. sFlow Agent Su mmary[...]

  • Página 416

    416 Monit oring Sw itch T ra ffic sFlow Receive r Configura tion Use the sFlow Receiver Config uration pag e to con figur e se ttings f or the sFlow r eceiver to w hich the switch se nds sFlow datagrams. Y ou can configur e up to eight sFlow receivers that will receive datagrams. To d i s p l a y t h e R eceiver Config uration page, cli ck System ?[...]

  • Página 417

    Monit oring S witch T raff ic 417 sFlow Sampler Con figuration Use the sFL ow Sampler Configuration page to configure the sFlow sampling settings for switch ports. To d i s p l a y t h e Sampl er Co nfig urat ion page, click System → sFlow → Samp ler C onfig urat ion in the navigation panel. Figure 16-4. sFlow Sample r Configuratio n Click Show[...]

  • Página 418

    418 Monit oring Sw itch T ra ffic sFlo w Poll Con figur ation Use the sF Low P oll Co nfig urat ion page t o configure how often a port should collect counter samples. To d i s p l a y t h e Sampler Configuration page, click System → sFlow → Sam pler C onfi gura tio n in the navigation panel. Figure 16-5. sFlow Pol l Configurat ion Click Show A[...]

  • Página 419

    Monit oring S witch T raff ic 419 Inte rface Stat istic s Use the Interface Statistics page to disp lay st ati stics for bo th receiv ed an d transmitted packets. The fields for both r eceived and transmitted packets ar e identical. T o display the page, cl ick Statistics/RMON → T able V iews → Interf ace Statistics in the navigation panel. Fig[...]

  • Página 420

    420 Monit oring Sw itch T ra ffic Etherli ke Statistics Use the Etherlike Statistics p age to d ispla y inter face sta tisti cs. T o display the page, click Statistics/RMON → Ta b l e V i e w s → Eth erli ke Statistics in the navigation panel. Figure 16-7. Etherlike S tatistics[...]

  • Página 421

    Monit oring S witch T raff ic 421 GVRP Statist ics Use the GVRP Statistics page to display switch st atistics for GVRP . T o display the page, cl ick Statistics/RMON → T able V iews → GVRP Statistics in the navigation panel. Figur e 16-8. GVRP Stat istics[...]

  • Página 422

    422 Monit oring Sw itch T ra ffic EAP Statist ics Use the EAP Stati stics page to di splay informati on about EAP pack ets receiv ed on a specific port. F or more information about EAP , see "Configuring P ort and System Security" on p age 503. To d i s p l a y t h e EAP Sta tistics page, click Statistics/RMON → T a ble V iews → EAP S[...]

  • Página 423

    Monit oring S witch T raff ic 423 Util izatio n Su mmary Use the Utilizat ion Summary page to disp lay interface uti lization statist ics. T o display the page, cl ick Statistics/RMON → T able V iews → Utiliza tion Summary in the navigation panel. Figure 16-10. Utiliza tion Summary[...]

  • Página 424

    424 Monit oring Sw itch T ra ffic Counter Summary Use the Counter Summary page to dis play interface utiliza tion statistics in numeric sums as op posed to pe rcentages. T o display the page, click Statistics/RMON → Ta b l e V i e w s → Counter Summary in the navigation panel. Figure 16-11. Counter Summary[...]

  • Página 425

    Monit oring S witch T raff ic 425 Switchport Statis tics Use the Switchport Statistics page to di splay st atistical s ummary information about swi tch traffi c, address tables, an d VLANs. T o display the page, cl ick Statistics/RMON → T able V iews → Switchport Statistics in the navigation panel. Figure 16 -12. Switc hport Stati stics[...]

  • Página 426

    426 Monit oring Sw itch T ra ffic RMON Statis tics Use the RMON Statistics page to display de tails about switch use such a s pack et processing statistics and errors that have occurred on t he switch. T o display the page, click Statistics/RMON → RMON → Statistics in the navigation panel. Figure 16-13. RMON Stati stics[...]

  • Página 427

    Monit oring S witch T raff ic 427 RMON History Cont rol Statisti cs Use the RMON H istory Control page to m aintain a history o f statisti cs on each port. F or each interface (either a phy sical port or a port-channel), you can define how many buckets e xist, and the time interval between each bucket snapshot. To d i s p l a y t h e p a g e , c l [...]

  • Página 428

    428 Monit oring Sw itch T ra ffic Figure 16 -15. Add His tory Entry 3 Select the port or LAG on which yo u want to mai ntain a hi story of stati stics. 4 Specify an own er , the number of h istorical buckets to k eep, and the sampling interval. 5 Click Apply to add the entry to the RMON History Control T able . T o view configured history entries, [...]

  • Página 429

    Monit oring S witch T raff ic 429 RMON Histor y T able Use the RMON His tory T able page to display interface-speci fic statistical network sampling s. Each table entry represents all counter values compil ed during a single sample. To d i s p l a y t h e RMON History T a ble page, click Statistics/RMON → RMO N → History T able in the navigatio[...]

  • Página 430

    430 Monit oring Sw itch T ra ffic RMON Event Control Use the RMON Events Con trol page to define RMON events. Events ar e used by RMON alarms to force some action when a thre shold is crossed for a particular RMON counter . The event information can be stored in a log and /or se nt as a trap to a tra p recei ver . T o display the page, click Statis[...]

  • Página 431

    Monit oring S witch T raff ic 431 Figure 16-18. Add an Eve nt Entry 3 If the event sends an SNMP trap, specify the SNMP community to receive the t rap. 4 Optionally , provide a d escription of the event and the name of the ev ent owner . 5 Select an even t type. 6 Cli ck Apply . The event is added to the RMON Event T able , and the device is updat [...]

  • Página 432

    432 Monit oring Sw itch T ra ffic RMON Event Log Use the RMON Event L og page to display a l ist of RMON events. T o display the page, click Statistics/RMON → RMON → Even ts Log in the navigation panel. Figure 16 -19. RMON Ev ent Log[...]

  • Página 433

    Monit oring S witch T raff ic 433 RMON Alarms Use the RMON Alarms page to set n etwork alarms. Alarms occur when certain thresholds ar e crossed for the configur ed RMON counters. The alarm triggers an event t o occur . The ev ents can be configured as part of the RMON Events group . F or mo r e inform ation about even ts, see "RMO N Event L o[...]

  • Página 434

    434 Monit oring Sw itch T ra ffic Addin g an Al arm T able E ntry T o add an alarm: 1. Open the RMON Al arms page. 2. Click Add. The Add a n Alarm Entry page displays. Figure 16 -21. Add an Alarm Entry 3. Complete the fields on this page as need ed. Use the help m enu to learn more information abou t the data r equired for each field. 4. Click Appl[...]

  • Página 435

    Monit oring S witch T raff ic 435 Port Stat istic s Use the P ort Statistics page to chart port-r elated statis tics on a gra ph. T o display the page, cl ick Statistics/RMON → Charts → P o rt Statistics in the navigation panel. Figure 16 -22. Port s Statistics T o chart port statistics, select t he type of statistics t o chart and (if desir ed[...]

  • Página 436

    436 Monit oring Sw itch T ra ffic LAG Statist ics Use the LAG Statistics page to chart LA G -related statisti cs on a graph. T o display the page, click Statistics/RMON → Char ts → LA G Statistics in the navigation panel. Figure 16-23. LAG Stati stics T o chart LAG statistics, select th e type of statistics to chart and (if desir ed) the refr e[...]

  • Página 437

    Monit oring S witch T raff ic 437 Port Mirro ring Use the P ort Mirroring page to create a mirrori ng session in which all traffic that is sent or r eceived (or both) on on e or mor e source ports is mirror ed to a destination port. To d i s p l a y t h e P ort Mir roring page, click Switching → Po r t s → T raffic Mirroring → P ort Mirroring[...]

  • Página 438

    438 Monit oring Sw itch T ra ffic Figure 16-25. Add Sourc e Port 5 Click Apply . 6 Repeat the pre vious steps to add a dditional source po rts. 7 Click P ort M irr oring to retu rn to t he P ort M irr oring page. 8 Enabl e the admi nistrat ive mode a nd specify the des tination port. Figure 16-26. Configure A dditional P ort Mirrori ng Setting s 9 [...]

  • Página 439

    Monit oring S witch T raff ic 439 Monitoring S witch T raffic (CL I) This section provides information ab out the commands you use to manage traffic monitoring features on the sw it ch and to view information ab out switch traffic. F or more information about t hese commands, see the Dell Networki ng N2000, N30 00, and N4000 Se ries Switches C LI R[...]

  • Página 440

    440 Monit oring Sw itch T ra ffic sflow rcvr -index polling if_type i f_number poll- inter val Enable a new sFl ow poller instance on an interface range. • rcvr -inde x — The sFlow Rec eiver a ssociat ed with the polle r (Range: 1–8) . • if_ty pe if_ num ber — Th e list of inte rfaces to poll. T he inter face type can b e Gigabite thernet[...]

  • Página 441

    Monit oring S witch T raff ic 441 Configuri ng RMON Beginning in P rivileged EXEC mode, use the following commands to configure RMON alarms, collection history , and events. The table al so lists the commands you us e to view information collected by the RMON probe. sflow rcvr -inde x sam pling sampling-rate [ size ] Enable a new sflow sampler inst[...]

  • Página 442

    442 Monit oring Sw itch T ra ffic rmon alar m number va ria ble int erv al { absolute | de lta } ri sin g- threshold value [ event- number ] rising- threshold value [ event- number ] [ startup direction ] [ owner strin g ] Add an alarm entry • num ber — The ala rm index. (R ange: 1–6 5535) • variable — A fully qua lified S NMP o bject ide[...]

  • Página 443

    Monit oring S witch T raff ic 443 Viewi ng Statistics Use the following commands in Priv ileged EXEC mode to view sta tistics about the traffic handled by the s witch. rmon collecti on history index [ owner ownername ] [ buck ets bucket-num ber ] [ int erva l secon ds ] Enable an RMON MIB history statistics grou p on the interfac e. NOTE: Y ou must[...]

  • Página 444

    444 Monit oring Sw itch T ra ffic Configuri ng Port Mirrori ng Use the following commands in Privileged EXEC mode to configure a port mirroring session. Command Pu rpose configure Enter Glo bal Co nfigur atio n mode monitor session sess ion_n umber source interface { interfa ce } [ rx | tx | both ] Configure a source (mon itored) port or CP U inter[...]

  • Página 445

    Monit oring S witch T raff ic 445 Configuri ng RSP AN RSP AN is an e xtension of port mirrori ng t hat operates acro ss multiple switches. Use the following commands in P rivil eged EXEC mode to configure RSP AN. R emember to assign VLANs to phys ical interfaces (ste ps not shown). Configuring RSP AN (Source Switch) Command Purpo se configure Enter[...]

  • Página 446

    446 Monit oring Sw itch T ra ffic Configuring RSP AN (T ransit Switch) Configuring RSP AN (Destination Switch) exit Exit to P rivileged EXEC mode. Command Pu rpose configure Enter Glo bal Co nfigur atio n mode . vlan vlan-id Create an RSP AN VLA N. remote-spa n Configur e the VLAN as a spanning VLA N. exit Exit to Global Configuration mode. interfa[...]

  • Página 447

    Monit oring S witch T raff ic 447 T raffic Monitoring Co nfiguration Examples This section contains the following exa mples: • Configurin g sFlow • Configurin g RMON • Configu ring Remote C apture • Configurin g RSP AN Configuri ng sFlow This e xample shows how to configure the switc h so that port s 10 -15 a nd po rt 23 send sFlow dat agra[...]

  • Página 448

    448 Monit oring Sw itch T ra ffic Owner String...................... receiver1 Time out.......................... 99994 IP Address:....................... 192.168.30.34 Address Type...................... 1 Port.............................. 6343 Datagram Version.................. 5 Maximum Datagram Size............. 1400 console# show sflow 1 polli[...]

  • Página 449

    Monit oring S witch T raff ic 449 Configuri ng RMON This e xample generate s a trap and cr eates a log e ntry when the numb er of inbound packets are undeliverable due to errors increases by 20 or more. F irst, an RMON event is created. Then, the alarm is created. The event (event 1) g enerates a trap and creates a log entr y . The alarm is configu[...]

  • Página 450

    450 Monit oring Sw itch T ra ffic Configuri ng Remote Capture This e xample configures t he switch to mirror pack ets transmitted and receiv ed by the switch CP U to a W ire shark client. This is useful to diagnose switch behav ior and to determine if an attached device is sending properly form atted p ack ets wi th corr ect inf ormati on to t he s[...]

  • Página 451

    Monit oring S witch T raff ic 451 5 On the Capture Options dialog, click Manage Inte rfaces .[...]

  • Página 452

    452 Monit oring Sw itch T ra ffic 6 Add a ne w interf ace by gi ving t he switch I P addr ess and the defau lt r emote port (20 02). F irst, se lect the Rem ote In te rf ace s tab an d click Add . 7 Enter the s witch IP addr ess and port ( 2002). Choose Null authentication (default).[...]

  • Página 453

    Monit oring S witch T raff ic 453 8 Cli ck OK to accept th e entry . 9 On the Add new i nterfa ces dialog, click Apply and th en c lick Close .[...]

  • Página 454

    454 Monit oring Sw itch T ra ffic 10 F rom the Wir eshark:Capt ure Opt ions dialog, select the r emote switch and click Start . Remote Capture Caveats Remote capture over an in-ban d port captures the capture packets transmitted to th e W ireshark client. Therefore, when using remote capture over an in-band port, it is best to configu r e remote ca[...]

  • Página 455

    Monit oring S witch T raff ic 455 Configuri ng RSP AN RSP AN supports th e transport o f mirror ed pack ets across the networ k to a remote s witch. P orts may be configur ed as source ports, intermediate ports, or destination ports. RSP A N So urce Switch This example m irrors in terfa ce gi1/0/ 3 to VLA N 723. V LAN 72 3 is the selected t ransit [...]

  • Página 456

    456 Monit oring Sw itch T ra ffic 4 Ena ble th e mon itor se ssion: console(config)#monitor session 1 mode RSP AN cannot use the CPU as a mirror source. Instead, configur e remote capture to view packets sent to or from the switch CPU. RSP AN T ransit Switch The following is an example of an RS P AN transit switch configuration. The RSP AN VLAN sho[...]

  • Página 457

    Monit oring S witch T raff ic 457 console(config-if-Te1/0/1)#switchport mode trunk console(config-if-Te1/0/1)#switchport trunk allowed vlan 723 console(config-if-Te1/0/1)#exit 3 Con figure a mirror ing sessi on with the r emo te VLA N 723 as the sour ce and intef ace gi 1/0/1 as t he desti nation por t: console(config)#monitor session 1 source remo[...]

  • Página 458

    458 Monit oring Sw itch T ra ffic[...]

  • Página 459

    Configu ring iSCSI Opt imizatio n 459 17 Configuring iSCSI Optimization NOTE: This feature is not availa ble on N2000 switches . This chapter describ es how to config ure I nternet Small Computer S ystem Interface (iSCSI ) optimization, which enab les special qual ity of service (QoS ) treatment for iSCSI tra ffic. The topics covered in t his chapt[...]

  • Página 460

    460 Config uring iSCS I Optimizati on What Does iSCSI Opt imization Do? In networks containing iS CSI initiators and t argets, iS CSI Optimization helps to monito r iSCSI sessions or give iSCSI traffic pr eferential Q oS treatment. Dynamically-ge nerated classifier rules generated by snoopi ng iSCSI t raffic are used to direct iS CSI data tra ffic [...]

  • Página 461

    Configu ring iSCSI Opt imizatio n 461 On N4000 s witches, when th e iSCSI Co S mode is disabled, the DCBX iSCSI Application P riority TL V is not generate d by the switch. In either ca se, if DCBX is enabled and ports are configured as auto-up or auto-down, the Application P riorit y TL Vs received from the configuration source ar e proxied to the [...]

  • Página 462

    462 Config uring iSCS I Optimizati on What Informat ion Does the Swit ch T rack in iSCSI T raffic Flo ws? P ackets ar e examined to find the following data, which is used in tracking the sessio n and cr eati ng the c lassif ier entri es tha t enable QoS tr eatment: • Init iator's I P Addre ss • T ar get's IP Addr ess • ISID (Init ia[...]

  • Página 463

    Configu ring iSCSI Opt imizatio n 463 How Does iSCSI Optimi zation Inter act With Dell Eq ualLogic Arrays ? The iSCSI featur e includes auto-p rovisioning support w ith the ability to detect directly connected Dell EqualL ogic (EQL) SAN storage arr ays and automatically reconfigure the switch to enhance s torage traffic flows. The Dell Networking s[...]

  • Página 464

    464 Config uring iSCS I Optimizati on How Does iSCSI Opti mization Inter act with DCBx? The Data Center Bridging Exchange (DCBx) compo nent supports the reception, decoding, and transmission of the Appl ication P riority TL V . In gen eral, if the Appl icat ion Priori ty TL V has been receive d from the configuration source, it wi ll be tra nsmitte[...]

  • Página 465

    Configu ring iSCSI Opt imizatio n 465 "Configuring iSCSI Optimization Between Servers a nd a Disk Array" on page 473. iSCSI CoS and Pr iority Flow Contro l/Enhanced T ransmission Selecti on Interact ions When manually or automatically enab ling the classification of iSCSI flows on N4000 series switches, enabling iS CSI CoS is not recommen[...]

  • Página 466

    466 Config uring iSCS I Optimizati on Default iSCSI Optimization V a lues T able 1 7-1 shows the de fault value s for the iSCSI optimiz ation feature. T able 17 -1. iSCSI Optimizat ion Defaul ts Parameter Default V alue iSCSI optimization global st atus Enabled iSCSI CoS mode Disabled Jumbo fr ames Disabled Span ning t ree portf ast Disabl ed Unica[...]

  • Página 467

    Configu ring iSCSI Opt imizatio n 467 Configuring iSCSI Optimization (W eb) This secti on provides information about the O penManage Switch Administrator page s to use to the iSCSI features on a Dell Netw orking N2000, N30 00, and N4000 series switche s. F or details a bout the fields on a page, cl ick at the t op of th e page. iSCSI Glo bal Config[...]

  • Página 468

    468 Config uring iSCS I Optimizati on iSCSI T argets T able Use the Ta r g e t s T a b l e page to view and configur e iSCSI tar gets on the switch. T o access the Ta r g e t s Ta b l e page, c lick System → iSCSI → Ta r g e t s in the navigation panel. Figure 17-2. iSCSI T arget s T able T o add an iSCSI T arget, click Add at the top of the pa[...]

  • Página 469

    Configu ring iSCSI Opt imizatio n 469 iSCSI Ses sions T able Use the Sessions T able page to view summary information about the iSCSI ses sions that t he sw itch h as dis cove red. An iSCSI sessi on oc curs when a n iSCSI initiat or and iSCSI tar get communicate over one or mor e TC P connections. The maximum number of iSCSI sessions is 192. Redund[...]

  • Página 470

    470 Config uring iSCS I Optimizati on iSCSI Sessi ons Detailed Use the Ses sions Deta iled page to view detailed i nformation about an iSCSI ses sions that t he swit ch ha s disc overed. T o access the Sessio ns De taile d page, cl ick System → iSCS I → Sessions Detailed in the navig ation panel. Figure 17-5. iSCSI Se ssions Detail[...]

  • Página 471

    Configu ring iSCSI Opt imizatio n 471 Configuring iSCSI Optimization (CLI) This section provides information about the commands you use to configure iSCSI setting s on the switch. F or more informat ion about the commands, see the Dell Ne tworking N2000, N300 0, and N4000 S eries Sw itches CLI Refe r ence G uide at support.dell.com/manuals . Comman[...]

  • Página 472

    472 Config uring iSCS I Optimizati on iscsi cos { enabl e | disable | vtp vtp | ds cp dscp [ remark ] Optio nally se t the quali ty of se rvice profil e that wil l be applied to iSCS I flows. • enable —Enables application of preferential QoS treatment to iSCSI f rames. O n switches that support D CBX, this also enables the gene ration of the Ap[...]

  • Página 473

    Configu ring iSCSI Opt imizatio n 473 iSCSI Optimization Configuration Examples iSCSI opt imization is ena bled by default with t he appropriate s ettings to operate properly i s almost all configurat ions. However , you find it necessary to alter those setti ngs, the fo llowing proc edure illustr ates the co nfiguration steps requ ired. Configuri [...]

  • Página 474

    474 Config uring iSCS I Optimizati on The following commands sho w how to configure the iSCSI example depi cted in F igure 17-6. Re member that iSCSI optimization is enabled by default. 1 Set the system MTU to 92 16 to enable t he use of jumbo fram es. consol e# conf ig consol e(conf ig)# sys tem jumb o mtu 9216 2 Optionally configu r e the switch [...]

  • Página 475

    Configu ring iSCSI Opt imizatio n 475 consol e(conf ig-i f)# switch port m ode tr unk 4 Configure the DCBx port role as auto-downstream. This step automati cally e nables PFC and ETS on t he ports usi ng the confi gurati on received from the othe r switch. consol e(conf ig-i f)# lldp dcb x port-r ole auto -dow n consol e(conf ig-i f)# exit 5 Enter [...]

  • Página 476

    476 Config uring iSCS I Optimizati on 5 Enter I nterface Configur ation mod e for CNA connect ed ports 1-4 and array connecte d ports 16-17. consol e(conf ig)# interf ace rang e te1/0/ 1-4,t e1/0/1 6-17 6 Enabl e VLAN tagging t o allow th e CNA connected por ts to carry 802.1p priority values through the network. consol e(conf ig-i f)# switch port [...]

  • Página 477

    Conf igurin g Port Ch arac teristic s 477 18 Configuring Port Characteristics This chapter describes how to configur e physical sw itch port characteristics , including settings such as administrative status and maximum frame sizeGreen Ethernet set tings. This chapter also describes the link depe ndency feature. The topics covered in t his chapter [...]

  • Página 478

    478 Confi gurin g Port Charac teri stics Au to ne gotia tion Enabl es a p ort to advert ise it s tran smiss ion ra te, duplex mode an d flow contro l abilit ies to its partner . Speed Specifies th e transmission rate for frame s. Dup lex m ode Specifi es wh ether the in terfa ce supp orts transm issio n betw een the swi tch an d the connecte d clie[...]

  • Página 479

    Conf igurin g Port Ch arac teristic s 479 What is Link Depen dency? The link dependency fea ture provides the ability to enable or disable one or more po rts based on th e link state of one or more different po rts. W ith link dependency enabled o n a port, the link s tate of that port is dependent on the link state of another port. F o r e xample,[...]

  • Página 480

    480 Confi gurin g Port Charac teri stics Y ou can creat e a maximum of 72 dependency groups16 groups. The ports participating in the Link Dependency can be across all the Sta ck Units (Man age r/Memb er un it). Link Action The link action specifies the action that the group memb ers will tak e when the dependent port is down. The group members can [...]

  • Página 481

    Conf igurin g Port Ch arac teristic s 481 What Inte rface T ypes are Supported? The physical ports on the switch include the out-of -band (OOB) interface (N3000 and N40 00 only) a nd Ethernet switch ports. The OOB interface supports a limited set of featur es and is for switch mana gement only . The Ethernet switch ports support many logical featur[...]

  • Página 482

    482 Confi gurin g Port Charac teri stics T o enter Interface Configuration mode for a ph ysical switch port, the following information is r equired: • T ype — F or physica l switch ports, the type is Giga bit Ethernet (gigabitethernet or gi) for 1 0/100/1000 Mb ps Ethernet port s or 10-Gib abit Ethernet (tengigabit ethernet or te) for 10,000 Mb[...]

  • Página 483

    Conf igurin g Port Ch arac teristic s 483 F or many features, you can configur e a range of interfaces. When you enter Interface Configuration mode for multiple interfaces, the commands you ex ecute apply to all interfaces specified in t he range. T o enter Interface Configuration mode for a ra nge of interfaces, include the key wo rd range and spe[...]

  • Página 484

    484 Confi gurin g Port Charac teri stics NOTE: Cable diagno stics may give misle ading resu lts if gr een mode is e nabled on the po rt. Disa ble gre en mode prio r to runn ing any cab le diag nostic s.[...]

  • Página 485

    Conf igurin g Port Ch arac teristic s 485 Default Port V alues T able 18-3 T able 18-4 lis ts the defaul t values for the port characteri stics th at this c hapter de scribe s. T able 18 -3. Default Po rt V alues Feature D escript ion Admini strati ve status All p orts are en abled Description None d efined Au to nego tia tion Ena bled Spee d Aut o[...]

  • Página 486

    486 Confi gurin g Port Charac teri stics Configuring Port Ch aracteristics (W eb) This section provides information about the OpenManag e Switch Administrator pages for configuring and monitoring p ort characteristics on a Dell Networ king N2000, N3000, and N400 0 series switches. F or details ab out the fields on a page, click at the top of the pa[...]

  • Página 487

    Conf igurin g Port Ch arac teristic s 487 Configuring Multiple Ports T o configure port settings on multiple port s: 1 Open the P ort Configurat ion page. 2 Cli ck Show All to displa y the P ort Configuration T able page. 3 In the Po r t s list, select the check box in t he Edit column for th e port to configure. 4 Select the desi red se tting s. 5[...]

  • Página 488

    488 Confi gurin g Port Charac teri stics Figure 1 8-3. Copy Port Se ttings 8 Click Apply .[...]

  • Página 489

    Conf igurin g Port Ch arac teristic s 489 Link Dependenc y Configurat ion Use the Link Dep endency Configurat ion page to create link dep endency groups. Y ou can cr eate a maximum of 16 dependency groups. The page displays the gro ups whether they have b een configured or not. To d i s p l a y t h e Link Dependency Configuration page, click Switch[...]

  • Página 490

    490 Confi gurin g Port Charac teri stics In the foll owing example, Group 1 is configured so tha t P ort 3 is depend ent on P ort 4. Figur e 18-5. Link D ependen cy Grou p Configu ration 6 Click Apply . The Link D ependency settings for the group are mod ified, and the dev ice is upd ated.[...]

  • Página 491

    Conf igurin g Port Ch arac teristic s 491 Link Dependenc y Summary Use the Link Dependency S ummary page to view all link dependencies on the system and t o acce ss the Link Dependency Configuration page. Y ou can create a ma ximum of 16 dependency groups. The page display s the groups whether they have been configured or not. To d i s p l a y t h [...]

  • Página 492

    492 Confi gurin g Port Charac teri stics Port Green Et hernet Configur ation Use the Green Et hernet Configur ation page to enable or disable energy- saving modes on each port. To d i s p l a y t h e Gree n Ethernet Co nfiguratio n page, click System → Green Ethernet → Green E therne t Configur ation in the navigation panel. Figur e 18-7. Gre e[...]

  • Página 493

    Conf igurin g Port Ch arac teristic s 493 Port Green Et hernet Stat istics Use the Gree n Ethernet Stat istics page to view info rmation ab out per -port ene rgy sav ings. To d i s p l a y t h e Green Ethern et Statistics page, click System → Green Ethernet → Green Eth ernet Statistics in th e navigation pa nel. Figure 18-8. Gre en Ethernet S t[...]

  • Página 494

    494 Confi gurin g Port Charac teri stics T o view a summary of ener gy savings fo r the switch and al l ports, click Summary . Figure 18-9. Green Ethernet Statistic s Summary T o view a ch art that show s the estim ated per-port energy savings, cl ick Chart . Figur e 18-10 . Green Etherne t Stat istics C hart[...]

  • Página 495

    Conf igurin g Port Ch arac teristic s 495 Port Green Et hernet LPI His tory Use the Gree n Ethernet LPI History page to view da ta about the amount of time the swit ch has spent in lo w-power idle (LP I) mode. To d i s p l a y t h e Green Ethern et LPI History page, click System → Green Ethernet → Green Eth ernet LPI History in the nav igation [...]

  • Página 496

    496 Confi gurin g Port Charac teri stics Configuring Port Ch aracteristics (CLI) This section provides information about the commands you use to configure port characteristics. F or more information about the commands, see t he Dell Networki ng N2000, N30 00, and N4000 Se ries Switches CLI Reference Guide at support.dell.com/manuals . Configuri ng [...]

  • Página 497

    Conf igurin g Port Ch arac teristic s 497 Configuri ng Link Dependen cies Beginning in P rivileged EXEC mode, use the following commands to configure ports that are dependent on the state of other ports. speed {10 |100|100 0|10000 | auto [100|1000|10000]} Configure t he speed of a g iven Ethernet interfac e or allow the interf ace to aut omaticall [...]

  • Página 498

    498 Confi gurin g Port Charac teri stics Configuri ng Green Featu res Beginning in P rivileged EXEC mode, use the following commands to configure and monitor energy-saving features for the ports and the switch. link-depend ency group group_id Ente r the link-depe ndency mode to configure a li nk- dependen cy group. add int erface Add membe r ports [...]

  • Página 499

    Conf igurin g Port Ch arac teristic s 499 interface inte rface Ent er inte rface co nfigur ation mode for the speci fied interfac e. The inte rface vari able i nclud es the interf ace typ e and number , for example gigabite thernet 1/ 0/3 . Y ou can also s pecify a rang e of int erfac es wi th the interface range command , for e xample, interface r[...]

  • Página 500

    500 Confi gurin g Port Charac teri stics Port Configur ation Exampl es This section contains the following e xamples: • Configurin g P ort Se ttings • Confi guring a Link Dep endency Group s Configuri ng Port Setting s The commands in this example specify the speed and duplex mode for port 1 (gigabitEt hernet 1/0/ 1) and change the s ystem MTU [...]

  • Página 501

    Conf igurin g Port Ch arac teristic s 501 Configuri ng a Link Dependen cy Groups The commands in this e xample cr eate two link dependency groups. Group 1 has port 3 as a member p ort that is de pendent o n port 4. The gr oup uses t he d e f a u l t l i n k a c ti o n , wh i c h i s d o wn . T h i s m e an s t h a t i f p o r t 4 g o e s d o w n , [...]

  • Página 502

    502 Confi gurin g Port Charac teri stics[...]

  • Página 503

    Conf iguring Port and S ystem Sec urity 503 19 Configuring Port and System Security This chapter de scribes how to configure p ort-based a nd system security features, which c ontrol access to the network through the switch ports, and the denial of service (DoS) feature. The topics covered in t his chapter include: • P ort-based Security—IE EE [...]

  • Página 504

    504 Conf iguring Port and Sys tem Secur ity IEEE 802. 1X What is IEEE 802.1X? The IEEE 802.1X standar d provides a means of prev enting unautho rized access by supplicants (clie nts) to the s erv ices the switch offers, such as access to the LAN. The 802.1X net work has thr ee components: • Supplica nt — The c lient co nnect ed to t he au thent[...]

  • Página 505

    Conf iguring Port and S ystem Sec urity 505 authenti cation server ( a RA DIUS server). The r esult of the authentica tion process determines whether the supplicant is authorized to access servic es on that c ontro lled po rt. Dell Netwo rking s witche s supp ort au thenti catio n using remote RAD IUS or T ACA CS server s and also support authentic[...]

  • Página 506

    506 Conf iguring Port and Sys tem Secur ity What is MAC-Based 802.1X Authentication? MAC-based auth entication a llows multi ple supplicant s connected to the same port t o each authenticate individually . F or exampl e, a 5-port hub might be connected to a single port on the switch. Each host connected to the hub must authe nticate s eparately in [...]

  • Página 507

    Conf iguring Port and S ystem Sec urity 507 What is the Ro le of 802.1X in VLAN Assignment? Dell Networking seri es switches allow a port to be plac ed into a particula r VLAN bas ed on the result of the aut hentication or ty pe of 802.1X authenti cation a client u ses when i t accesses the sw itch. The authen tication server can pro vide inform at[...]

  • Página 508

    508 Conf iguring Port and Sys tem Secur ity • T unnel-Med ium- T ype=802 • T unnel-P riv ate-Group -ID=VLANID VLANID is 12-bits a nd has a value be tween 1 a nd 4093. Dynamic VLAN Creati on If RADIUS-assigned VLANs are enabled though the Authorization Netw ork RADIUS con fig ura tion opt ion , the RADIUS ser ver is expe cte d to inc lud e the V[...]

  • Página 509

    Conf iguring Port and S ystem Sec urity 509 authentica tion server . If the cr edenti als are verified, the authenti cation server informs the sw itch to unblock the switch port and a llows the client unrestricted access to the network; i.e., the client is a member of an internal VLAN. Guest VLAN mode can be configured on a per -port basis. If a cl[...]

  • Página 510

    510 Conf iguring Port and Sys tem Secur ity Invalid F ilter -id P ort State: Deny P ort State: P ermit VLAN: Def ault PVI D of the port Bad R ADIUS pa ck et P ort State: Deny P ort State: P ermit VLAN: Def ault PVI D of the port RAD I US / IA S Fa i l u r e Default behavior P ort State: Deny P o rt State: P er mit VLAN: Def ault PVI D of the port U[...]

  • Página 511

    Conf iguring Port and S ystem Sec urity 511 How Does the Authentication Server Assign DiffServ Filters? The Dell Networking series switches allow the external 802.1X Authenticator or RA DI U S se r ve r t o as s ig n Di f fS e rv p ol i ci e s t o u s er s th a t a u th e nt ic a t e t o th e switch. When a host (supplicant ) at temp ts to co nnec [...]

  • Página 512

    512 Conf iguring Port and Sys tem Secur ity Configuring IEEE 802.1X (W eb) This section provides information about the OpenManag e Switch Administrator pages for configuring and monitoring the IEEE 802.1X featur es and P ort Security on a Dell Net working N2000, N3000, and N4000 T able 19 -2. Default Po rt-Based Secu rity V alues Featu re Descr ipt[...]

  • Página 513

    Conf iguring Port and S ystem Sec urity 513 series sw itches. F or details about the fi elds on a page , click at the top of the p age. Dot1x A uthentica tion Use the Dot1 x Authentication page to conf igure the 802.1 X adminis trative mode on the switch and to configure general 802.1X parameter s for a port. To d i s p l a y t h e Dot1x Authentica[...]

  • Página 514

    514 Conf iguring Port and Sys tem Secur ity 2 Click Show A ll to dis play th e Dot1 x A uth entic ati on Ta b l e page. 3 In the P orts list, select the check box in the Edit column for th e port to configure. 4 Select the desi red set tings to ch ange for al l ports t hat ar e selec ted for editing. Figur e 19-3. Confi gure Do t1x Set tings 5 Clic[...]

  • Página 515

    Conf iguring Port and S ystem Sec urity 515 5 T o re-a uthent icate immedia tely , check R eauthenticate Now for all p orts to be r e-authen ticate d. 6 Cli ck Apply . The authentication process is restarted on the specified ports (either immediat ely or pe riodical ly). T o change the administrat ive port control: 1 Open the Dot1x Authen tication [...]

  • Página 516

    516 Conf iguring Port and Sys tem Secur ity Figure 19-4. Netwo rk Secu rity Authen ticated Users Port Access Co ntro l Confi gurati on Use the P ort Access Co ntrol Configurat ion pa g e t o g l ob a ll y en a bl e o r d i sa b le R ADIUS-assigned VLANs and to enable Monitor Mode to help troubleshoot 802.1X confi guration issues. To d i s p l a y t[...]

  • Página 517

    Conf iguring Port and S ystem Sec urity 517 Port Access C ontrol History Lo g Summary Use the P o rt Access Control Histo ry Log Summ ary page to v iew log messages about 802 .1X client authentica tion attemp ts. The infor mation on this page can help you troubleshoot 802.1X configuration issues. To d i s p l a y t h e P ort Access Con trol History[...]

  • Página 518

    518 Conf iguring Port and Sys tem Secur ity Figure 19-7. Internal Authentica tion Serve r Users C onfiguratio n To a d d I A S u s e r s : 1 Open the Internal A uthent ication Ser ver Users Conf iguration page. 2 Click Add to displa y the Internal A uthentication Se r ver Users Add page. 3 Specif y a usern ame and pass word in the approp riate fiel[...]

  • Página 519

    Conf iguring Port and S ystem Sec urity 519 2 F rom the User menu , select the user to remove, select the user t o remove. 3 Sele ct the Rem ov e check box . Figur e 19-9. Rem oving an IAS User 4 Cli ck Apply .[...]

  • Página 520

    520 Conf iguring Port and Sys tem Secur ity Configuring IEEE 802.1X (CLI) This section provides information about commands you use to configur e 802.1X a nd P ort Security settings . F or additional information ab out the commands in this sect ion, see the Dell Networking N20 00, N3000, and N4000 Se ries Switches CLI Refer ence Guide at support.del[...]

  • Página 521

    Conf iguring Port and S ystem Sec urity 521 dot1x port-control { force-auth orized | for ce-un auth oriz ed | auto | ma c-based } Specify th e 802.1X mode for the port . NOTE: For s tanda rd 80 2.1X impleme ntation s in w hich one client is connec ted to o ne port , use the dot1x port- control auto co mmand to ena ble 802.1 X authent ication on the[...]

  • Página 522

    522 Conf iguring Port and Sys tem Secur ity Configu ring Additio nal 802.1X Int erface Setting s Beginning in P rivileged EXEC mode, use the following commands to configure 802.1X inte rface settings such as the reauthenticati on period and switch-to-cl ient retra nsmission time. NOTE: T o enable 802.1 X Moni tor Mo de to he lp tr oubles hoot a uth[...]

  • Página 523

    Conf iguring Port and S ystem Sec urity 523 Configuri ng 802.1X Se ttings for RADIUS-A ssigned VLANs Beginning in P rivileged EXEC mode, use the following commands to configure 80 2.1X setting s that affect t he RA DIUS-assigned VLAN. dot1x time out supp- timeout secon ds Set th e time th at the swi tch wai ts for a r espons e befo re r etrans mitt[...]

  • Página 524

    524 Conf iguring Port and Sys tem Secur ity dot1x d ynamic- vlan enable If the RADIUS ass igned VLA N does no t exist on the switch, allow the sw itch to dy namically create the assigned VLAN . interface inte rface Enter interf ace con figura tio n mode for th e speci fied inter face. The inte rface var iable i nclud es the interf ace typ e and num[...]

  • Página 525

    Conf iguring Port and S ystem Sec urity 525 Configuring Internal A uthentication Server Users Beginning in P rivileged EXEC mode, use the following commands to add users to the IAS databa se and to use the database f or 802.1X a uthentica tion. IEEE 802.1X C onfig uratio n Examp les This section contains the following exa mples: • C onfigurin g 8[...]

  • Página 526

    526 Conf iguring Port and Sys tem Secur ity The sw itch us es an authe nticat ion server with an IP address of 10.10.1 0.10 to authenticate clients. P o rt 7 is connect ed to a printer in the uns ecured ar ea. The printer is an 802.1X unaware c lient , so P ort 7 is configured t o use MAC- based authe ntication wi th MAB. An IP phone is dir ectly c[...]

  • Página 527

    Conf iguring Port and S ystem Sec urity 527 Figure 19 -10. 802. 1X Exampl e The following example shows how to configure the e xample shown in Fi g u r e 1 9 - 1 0 . 1 Configure the RADIUS server IP address and shar ed secret ( secret ). console# configure console(config)# radius-server host 10.10.10.10 console(Config-radius)# exit console(config)#[...]

  • Página 528

    528 Conf iguring Port and Sys tem Secur ity console(config-if)# dot1x port-control force- authorized console(config-if)# exit 4 Configur e P ort 7 to re quir e MA C-based au thentica tion w ith MAB. console(config)# interface gi1/0/7 console(config-if-Gi1/0/7)# dot1x port-control mac- based console(config-if-Gi1/0/7)# dot1x mac-auth-bypass 5 Set th[...]

  • Página 529

    Conf iguring Port and S ystem Sec urity 529 Filter Id...................................... VLAN Assigned.................................. 1 (Default) Interface...................................... Gi1/0/3 User Name...................................... dflint Supp MAC Address............................... 0004.5A55.EFAD Session Time............[...]

  • Página 530

    530 Conf iguring Port and Sys tem Secur ity 10 View 802.1X information ab out P ort 8. console# show dot1x interface Gi1/0/8 Administrative Mode............... Enabled Dynamic VLAN Creation Mode........ Enabled Monitor Mode...................... Disabled Port Admin Oper Reauth Reauth Mode Mode Control Period ------- ---------------- ------------ --[...]

  • Página 531

    Conf iguring Port and S ystem Sec urity 531 The commands in this e xample show how to configure the switch to control VLAN assign ment for the e xample ne twork. This exampl e also contains commands to configure the uplink, or trunk, port (a po rt connected to a router or the internal network), and to configure th e downlink, or access, ports (po r[...]

  • Página 532

    532 Conf iguring Port and Sys tem Secur ity T o configure the switch: 1 Create the VLANs and configure the VLAN names. console(config)# vlan 100 console(config-vlan100)# name Authorized console(config-vlan100)# exit console(config)# vlan 200 console(config-vlan200)# name Unauthorized console(config-vlan200)# exit console(config)# vlan 300 console(c[...]

  • Página 533

    Conf iguring Port and S ystem Sec urity 533 8 Enabl e peri odic r eauthen ti cation of th e client on the ports and s et the num ber of s econd s to wa it betw een reau thentic ation a ttemp ts to 30 0 seconds. Reauth entication is enabled to incr ease security . If the client information is r emov ed from the RADIU S server after it has been authe[...]

  • Página 534

    534 Conf iguring Port and Sys tem Secur ity Allowin g Dynamic VLAN Creatio n of RADIUS-A ssigned VLANs The network in this example uses a RADIUS server to provide VLA N assignments to host that connect to the swit ch. In this e xample, the V LANs are not configured on the sw itch. Instead, the swit ch is configured to allow the dynamic creation of [...]

  • Página 535

    Conf iguring Port and S ystem Sec urity 535 5 Allo w the switc h to dynami cally cr eate VLAN s when a R A DIU S-assign ed VLAN does not exis t on the switch. console(config)# dot1x dynamic-vlan enable 6 Enter inte rface configuration m ode for the do wnlink ports. console(config)# interface range Gi1/0/1-23 7 Set the down link ports to the access [...]

  • Página 536

    536 Conf iguring Port and Sys tem Secur ity • The RADI US or 8 02.1X server must specify the policy to assign. F o r e xample, if the DiffS erv policy to assign is named intern et_access, include th e following attribute in the RADIUS or 802. 1X server configuration: F ilter -id = “internet_access” • The D iffServ policy s pecified in the a[...]

  • Página 537

    Conf iguring Port and S ystem Sec urity 537 T o configure the switch: 1 Configu re the DiffServ tr affic cl ass th at ma tches SS H traffic. console# configure console(config)# class-map match-all cl-ssh console(config-classmap)# match srcl4port 23 console(config-classmap)# exit 2 Configu re the DiffServ tr affic cl ass th at match es HT TP traffic[...]

  • Página 538

    538 Conf iguring Port and Sys tem Secur ity console(config)# aaa authentication dot1x default radius 8 Enter Interface Con figuration mode for ports 1–23 and en able MAC- bas ed authe ntica tion. console(config)# interface range Gi1/0/1-23 console(config-if)# dot1x port-control mac-based 9 Set the ports to an 802.1Q VLAN . The po rts must be i n [...]

  • Página 539

    Conf iguring Port and S ystem Sec urity 539 Port Secu rity ( Port-MAC Locking) The P ort Security feature allows you to limit the number of source MAC addres ses that can be learned on a port. If a port reache s the configured limit , any other addr esses be yond that limit ar e not learned and the fram es are discarded. F rames with a source MA C [...]

  • Página 540

    540 Conf iguring Port and Sys tem Secur ity Port Securi ty Use the P ort Security page to enab le MA C locking on a per -port basis. Wh en a port is locked, y ou can limit the number of source MAC a ddresses that ar e allowed to t ransmit traf fic on the port. To d i s p l a y t h e P ort Security page, click Swit ching → Network Security → P o[...]

  • Página 541

    Conf iguring Port and S ystem Sec urity 541 Figure 19-12 . Configure Port Secu rity Settings 5 Cli ck Apply .[...]

  • Página 542

    542 Conf iguring Port and Sys tem Secur ity Configuring Port Secur ity (CLI) Beginning in P rivileged EXEC mode, use the following commands to enable port secu rity on an inter face to limi t the number of source MAC addresses that can be learned. 19 Command Pu rpose configure Enter Glo bal Co nfigur atio n mode . interface inte rface Enter interf [...]

  • Página 543

    Conf iguring Port and S ystem Sec urity 543 Captive Portal This section describes how to configur e the Captive P ortal featur e. The topics covere d in this section include: • C aptive P ortal Ove rview • Default Captive P ortal Behavior and Settings • Configu ring the C aptive P ort al (W eb ) • Configurin g Captive P ortal (CLI) • IEE [...]

  • Página 544

    544 Conf iguring Port and Sys tem Secur ity Figur e 19-13. Conn ecting to the Capt ive Port al The Captive P ortal feature blocks hosts connected to the switch from accessing the network until user verifi cation has been established. Y ou can configure Captive P ortal verification to allow access for both guest and authen tica ted use rs. A uthe nt[...]

  • Página 545

    Conf iguring Port and S ystem Sec urity 545 Y ou can configure the switch to send SNMP trap messages to any enabled SNMP T rap Receivers for several Ca ptive P ortal events, such as when a Captive P o rtal user has an authentication failure or when a Captive P ortal user successfully connects to the network. If you enable the traps, the s witch als[...]

  • Página 546

    546 Conf iguring Port and Sys tem Secur ity Figure 19-14. Cus tomized C aptive Portal Welc ome Sc reen How Do es Captive Po rtal Work? When a port is enab led for Captive P ortal, all the traffic coming onto the port from the unverified clients are dropped e xcept for the ARP , DHCP , DNS and NETBIOS packets. These packets are allowed to be forward[...]

  • Página 547

    Conf iguring Port and S ystem Sec urity 547 • Logout P age — If the user lo gout mode is enabled, this page displays in a pop-up wi ndow after t he user succe ssfully authentica tes. This wi ndow con tains th e logo ut but ton. • L ogout Success P age — If the user logout mod e is enabled, this page display s after a user click s the log ou[...]

  • Página 548

    548 Conf iguring Port and Sys tem Secur ity Default Capt ive Portal Behav ior and Settings Captive P ortal is disable d by default. If you enable Captive P ortal, no interfaces are associated with the default Ca ptive P ortal. After y ou associate an interface with t he Captive P ortal and globally enable the Captive P ort al feature, a us er who c[...]

  • Página 549

    Conf iguring Port and S ystem Sec urity 549 Authentica tion Timeout 30 0 seconds Configured Capt ive P ort als 1 Captive P ort al Name Default P rotocol Mode HTTP Ve r i f i c a t i o n M o d e G u e s t URL Redir ect Mode Off User Gr oup 1-D efault Session Timeout 86400 seconds Lo cal Users Non e configured Interface associations None Inte rfac e [...]

  • Página 550

    550 Conf iguring Port and Sys tem Secur ity Configuri ng the Captiv e Portal (W eb) This section provides information about the OpenManag e Switch Administrator pages for configuring and monitoring Captive P ortal settings on a Del l Networki ng N2000, N300 0, and N40 00 series swit ches. F or details about the fields on a pa ge, click at the to p [...]

  • Página 551

    Conf iguring Port and S ystem Sec urity 551 To d i s p l a y t h e Captiv e P ortal Configuration pa ge, click System → Captive Po r t a l → Co nfigu ratio n. Figure 1 9-17. Captive Portal Configura tion Fr o m t h e Captive P ortal Configuration page, cli ck Add to create a new Captive P ortal instance. Figur e 19-18. Add Capt ive Port al Conf[...]

  • Página 552

    552 Conf iguring Port and Sys tem Secur ity Fr o m t h e Captive P or tal Configuration page, click Summary to vie w summary information about th e Captive P ortal instances configur e d on the switch. Figure 19-19. Capti ve Portal Summary Custo mizi ng a Capt ive Por tal The procedures in this section customize the pages that the user sees when he[...]

  • Página 553

    Conf iguring Port and S ystem Sec urity 553 Figure 19-20. Captiv e Portal Downlo ad Imag e Page 3 Make sure Downl oad is selected in the A vailable Im ages menu, and c lick Browse . 4 Browse to the d ir ectory wh er e the ima ge to be downloa ded is located and select the image. 5 Cli ck Apply to download the selecte d file to th e switch. 6 T o cu[...]

  • Página 554

    554 Conf iguring Port and Sys tem Secur ity Figur e 19-21. Capti ve Portal Authent icatio n Page 7 Select the bran ding imag e to use and cus tomize ot her page c omponents such as th e font f or all text the p age di splay s, the p age t itle, an d the acceptan ce use poli cy . 8 Click Apply to s ave the settin gs to t he runnin g configur ation o[...]

  • Página 555

    Conf iguring Port and S ystem Sec urity 555 9 Cli ck t he Logou t P age link to con figure the p age tha t conta ins th e logout windo w . Figure 19 -22. Ca ptive Port al Logo ut Page 10 Customize the look and feel of the L ogout P age, such as the page title and logout instructions . 11 Cli ck Apply to save th e settings to t he running configurat[...]

  • Página 556

    556 Conf iguring Port and Sys tem Secur ity 13 Customize the look an d feel of the L ogout P age, such as the background image and successfu l logout message. 14 Click Apply to s ave the settin gs to t he runnin g configur ation or cl ick Pr e v i e w to view w hat the user will see. T o return to the default view s, click Clear . Loca l User Y ou [...]

  • Página 557

    Conf iguring Port and S ystem Sec urity 557 Figure 19-24. Local U ser Configurati on Fr o m t h e Local Use r pa ge, click Add to add a ne w user to the loca l databas e. Figure 19-25. Add Lo cal User[...]

  • Página 558

    558 Conf iguring Port and Sys tem Secur ity Fr o m t h e Local Us er pag e, click Show A ll to view summary informat ion about the local users configur ed in the local databas e. Figure 19 -26. Captive P ortal Local User Summar y T o delete a configured us er from the database, select the Remove check box associated with the user and click Apply . [...]

  • Página 559

    Conf iguring Port and S ystem Sec urity 559 User Group Y ou can assi gn Local Users to User Groups that you create. If t he V erification Mode is Local or R ADIUS, you assign a Us er Group to a Captive P ortal Configuration. All users who belong to the group ar e permitted to access the network throug h this portal. The User Gr oup l ist is the sam[...]

  • Página 560

    560 Conf iguring Port and Sys tem Secur ity Figure 19-27. User Group Fr o m t h e User Gro up page, click Add to configure a new user group. Figure 19 -28. Add User G roup Fr o m t h e User Gro up page, click Show All to view summary information about the user groups configured on the switch. Figure 19 -29. Captiv e Portal U ser Group Su mmary[...]

  • Página 561

    Conf iguring Port and S ystem Sec urity 561 T o delete a configured group, s elect the Remove check box associated with the gro up and click Apply . Interface Association Fr o m t h e In terface Association page, you can associate a configured cap tive portal with specific inte rfaces. The captiv e portal featur e only runs on the interfaces th at [...]

  • Página 562

    562 Conf iguring Port and Sys tem Secur ity Capti ve Po rtal G lobal Statu s The Captive P ortal Global Stat us page contains a variety of information about the Captiv e P ortal feature. F r om the Captive P ortal Global Stat us pag e, you can ac cess info rmat ion about the C apti ve P ort al acti vity and interfaces. To d i s p l a y t h e Global[...]

  • Página 563

    Conf iguring Port and S ystem Sec urity 563 Figure 19-32. Captive Portal Ac tivation a nd Activit y Status Interface Activation Status The Inte rface Activation Sta tus page shows information for every interface assigned to a captiv e portal instance. To d i s p l a y t h e Interface Activ ation Status pa ge, click System → Captive Po r t a l →[...]

  • Página 564

    564 Conf iguring Port and Sys tem Secur ity Figure 19-33. Interface Ac tivation S tatus Interface Capability Status The Inte rface Capa bility Status page cont ains info rmat ion abou t int erf aces that can hav e CP s as sociated with t hem. The page al so contains s tatus information for various capab ilities. Sp ecificall y , this page i ndicate[...]

  • Página 565

    Conf iguring Port and S ystem Sec urity 565 Clie nt Summ ary Use the Cli ent Summary page to vie w sum mary infor mati on ab out al l authenticated clients that are connected through the captive p ortal. F rom this page, you can manually force the captive portal to disconnect one or more aut henticated clients. The list of cli ents is sorted by cli[...]

  • Página 566

    566 Conf iguring Port and Sys tem Secur ity Figure 19-36. Clien t Detail Captive Portal Interface Client Status Use the Inte rface C lie nt Statu s page to view cl ients that ar e authenti cated to a specific int erface. To d i s p l a y t h e Int erface Clien t Status page, cl ick System → Captive Po r t a l → Client Conne ction Status → Int[...]

  • Página 567

    Conf iguring Port and S ystem Sec urity 567 Figure 1 9-38. Captive Po rtal - Client Statu s[...]

  • Página 568

    568 Conf iguring Port and Sys tem Secur ity Configuri ng Captive Porta l (CLI) This section provides information about the commands you use to cr eate and conf igure C aptiv e P o rtal se ttin gs. F or more inf ormat ion about t he commands, see the Dell Netw orking N2000, N3 000, and N4000 Series Switches CLI Refer ence Guide at support.dell.com/m[...]

  • Página 569

    Conf iguring Port and S ystem Sec urity 569 Creati ng an d Confi gurin g a Capt ive Po rtal Beginning in P rivileged EX EC mode, us e the f ollowing co mmands to c reate a Captive P o rtal instance and configur e its setti ngs. CTRL + Z Exit to Privileg ed EXEC mode. show captive-portal [status ] Vie w the Captive P ortal administrative and operati[...]

  • Página 570

    570 Conf iguring Port and Sys tem Secur ity user -logout (Optional) Ena ble user logout mode to allow an auth enticated client to deauthen ticate fro m the netw ork. If this optio n is cl ear or the user do es not specif ically reques t logout , the clie nt conne ction sta tus remains auth enticated until th e CP deaut henticate s the user , fo r e[...]

  • Página 571

    Conf iguring Port and S ystem Sec urity 571 Confi guring Captiv e Port al Grou ps and U sers Beginning in P rivileged EX EC mode, us e the f ollowing co mmands to c reate a Captive P ortal group. Y ou can use the default group, or you can create a new group. block (Optional) Block all traffic for a Captive P ortal conf igurat ion. I f the Ca ptive [...]

  • Página 572

    572 Conf iguring Port and Sys tem Secur ity user group g roup-id [ name name ] Configure a group. Each Captive P ortal that requir es authentication has a group associated with it. Only the users who are members of that group can be auth enticate d if the y con nect to the C aptiv e P ortal. • grou p-id — Group ID (Range: 1–10) . • nam e ?[...]

  • Página 573

    Conf iguring Port and S ystem Sec urity 573 Managi ng Captiv e Portal Cli ents The commands in this section are all ex e cuted in Privileged EXEC mode. Use the following commands to view and manage clients that are connected to a Captive P ortal. clear captiv e portal user s (Optio nal) De lete all captiv e porta l user entr ies from the local data[...]

  • Página 574

    574 Conf iguring Port and Sys tem Secur ity Captive Por tal Configurat ion Example The manager of a resort and conference center needs to provide wired Internet access to each guest room at the r esort and in each conference room. Due to legal reasons, visitors and guests must agree to the resort’s acceptable use policy to gain network access. Ad[...]

  • Página 575

    Conf iguring Port and S ystem Sec urity 575 4. Configure the Captive P ortal settings for each Captive P ortal , such as the verification m ode. 5. Associate interfaces with the C aptive P o rtal instances. 6. Download the brand ing images, such as the company logo , to the swi tch. The images you download must be accessible from the switch, either[...]

  • Página 576

    576 Conf iguring Port and Sys tem Secur ity console(config)# captive-portal console(config-CP)# user group 2 name Conference console(config-CP)# user group 3 name Employee console(config-CP)# exit 3. Configure the Guest Captive P ortal. console(config)# captive-portal console(config-CP)# configuration 2 console(config-CP 2)# name Guest console(conf[...]

  • Página 577

    Conf iguring Port and S ystem Sec urity 577 6. Use the web in terface to customize the Captive P ortal pages that are presented to users when they attem pt to connect to the network. 7. Add the Co nfer ence users to the local d atabase. console(config-CP)# user 1 name EaglesNest1 console(config-CP)# user 1 password Enter password (8 to 64 character[...]

  • Página 578

    578 Conf iguring Port and Sys tem Secur ity Authentica tion Manager Overview The Authenticat ion Manager su pports th e hierarchical configuration of host authen tica tion metho ds on an inte rface. Del l swit ches sup port th e follo wing host auth entication met hods: • IEE E 802. 1x • M AC Au t he n t ic at i on B y pa s s • Captiv e porta[...]

  • Página 579

    Conf iguring Port and S ystem Sec urity 579 When a client is con nected to a p ort, the sw itch tri es to authent icate the user/client using the methods in configuration order . If any authentication method time s out (an error) , then the next authentication method is tried. If all authenti cation methods configured for the port error out, the sw[...]

  • Página 580

    580 Conf iguring Port and Sys tem Secur ity A uthenti catio n priori ty allow s a hig her -priority m ethod (n ot cur rent ly running) to interrupt an authentication in progress with a lower -p riority met hod. Al tern ative ly , if the cl ient is alr eady authen ticated, an interrupt from a higher -priority method can cause a client, which was p r[...]

  • Página 581

    Conf iguring Port and S ystem Sec urity 581 console(config-if-Te1/0/4)#dot1x reauthentication console(config-if-Te1/0/4)#dot1x port-control mac-based console(config-if-Te1/0/4)#dot1x mac-auth-bypass console(config-if-Te1/0/4)#exit[...]

  • Página 582

    582 Conf iguring Port and Sys tem Secur ity Denial of Service Denial of Service (DoS) refers to the exploitation of a variety of vul nerab ilit ies w hich w ould inter rupt th e ser vice of a hos t or ma ke a netw ork unst able. Use th e Denial of Service page t o configure settings to help prevent DoS att acks. DoS protection is disabled by defaul[...]

  • Página 583

    Configu ring Ac cess Con trol List s 583 20 Configuring Access Contro l Lists This chapter describ es how to conf igure Acce ss Cont rol List s (ACLs), including IPv4, IP v6, and MAC A CLs. Th is chapter also describes how to configure time ranges that can be applied to any of the A CL types. The topics covered in t his chapter include: • ACL Ove[...]

  • Página 584

    584 Confi guring A ccess Con trol List s Depending on whether an ingres s or egr ess A CL is a pplied to a port, when the traffic enters (ingress) or leaves (egress) a port, the ACL compares the criteria configured in its rules, in list or der , to the fields in a packet or frame to check for matching conditions. The ACL processes the traffic bas e[...]

  • Página 585

    Configu ring Ac cess Con trol List s 585 MAC access list action s include CoS queue assignment, mirro ring, redir ection to another port, and logging, as well as the usual pe rmit and deny actions. What Are IP ACLs ? IP ACL s classify for Layers 3 and 4 on IPv4 or IPv 6 traffic. Each ACL is a set of up to 100 r ules applied to inbound or outbound t[...]

  • Página 586

    586 Confi guring A ccess Con trol List s delivere d to the mirror interface while th e packet itself is forwar ded normally through the device. Y ou cannot configure a given ACL rule with both mirror and re direct attributes. Using ACLs t o mirror traffic is consider ed to be flow-based mirroring si nce the traff ic fl ow is d efine d by the A CL c[...]

  • Página 587

    Configu ring Ac cess Con trol List s 587 A named time range can contain up to 10 configur ed time ranges. Only one absolute time range can be configured per time range. During the ACL configuration, you can as sociate a configured time range with the ACL to provide additional control over permitting or denying a user access t o network reso urce s.[...]

  • Página 588

    588 Confi guring A ccess Con trol List s on less than 32 b its will be e xpanded in tern ally to matc h on 32 bits with a variable mask. This allows other A CLs using the same offset to utilize the same slice w ith potential ly differ ent masks a nd match values. The user interface limits for ACLs ar e 1023 rules pe r access li st and 100 acce ss l[...]

  • Página 589

    Configu ring Ac cess Con trol List s 589 Please no te the follo wing additiona l limitations o n ingr ess and egr ess A CLs: • Y ou can configure mirror or redir ect att ributes for a given ACL r ule, but not b oth. •T h e Dell Networking series s witches supp ort a li mited numb er of counte r resou rces, so it may not be possib le to log ever[...]

  • Página 590

    590 Confi guring A ccess Con trol List s • The order of the rul es is important: wh en a packet matches mult iple rules, the first rule takes precedence. Once a packet has matched a rule, the corresp onding action is taken and no furt her at tempt s to m atch the packet ar e made. Als o , once you define an A C L for a g iven por t, all tr affic [...]

  • Página 591

    Configu ring Ac cess Con trol List s 591 ACL Configuration D etails How Are ACLs Configu red? T o con figu r e AC Ls, f oll ow t hese step s: 1 Create a M A C ACL by specifying a name. 2 Create an IP ACL by specifying a number . 3 Add new rul es to the A CL. 4 Configure the m atch criteria for the rules. 5 Apply the ACL to one or more interfaces. E[...]

  • Página 592

    592 Confi guring A ccess Con trol List s In general, any rule that specifies matching on an upper- layer protocol field should also include matching constraint s for as many of the lower -layer as where possible. F or example, a rule to match packets dir ected to the w ell- known UDP port number 22 (SSH) should also include matching constraints on [...]

  • Página 593

    Configu ring Ac cess Con trol List s 593 Using IP and MAC Add ress Masks Mask s are use d wit h IP an d MAC addres ses to speci fy what shoul d be considered in the address for a match. Masks ar e expanded internally into a bit mask and are applied bit -wise in the hardwar e even th ough they are entered in decimal or hexadecimal form at. Masks nee[...]

  • Página 594

    594 Confi guring A ccess Con trol List s Policy Based Routing Overview In contemporary inter-networks, network administrators often need to implement packet routing accor ding to specific organizational polici es. P olicy Based Routing (PBR) exact ly fits this purpose. PBR pr ovides a fle xible mechani sm to imple ment solutions whe re or ganiz ati[...]

  • Página 595

    Configu ring Ac cess Con trol List s 595 based routing. If the network administrator instead wants to drop a packet that does not ma tch the specified criteria, a set stat ement must be configured to route the packet to interfac e null0 as the last entry in the rou te-map. Deny route-maps forward packets with matching A CL criteria using normal rou[...]

  • Página 596

    596 Confi guring A ccess Con trol List s • List of default next ho p IP addresses — The set ip default n ext-hop command che cks the list of destination IP addresses in the routing table and, if th ere is no explicit route for the pack et's destinat ion addr es s in the routing table, t he next-hop destinations in the rule are evaluated, a[...]

  • Página 597

    Configu ring Ac cess Con trol List s 597 Reso urce-Sh aring Bet ween ACL s and PBR ACLs ass ociated with a route-map and general AC Ls share the same har dwar e resources. If PBR consumes the maximum number of HW resources on an interface or system-wide, general purpose ACLs cannot be configur ed and vice versa. Hardwar e allocation is perf ormed o[...]

  • Página 598

    598 Confi guring A ccess Con trol List s interface. Chang es to an ex isting route-map associated wi th an interfa ce (or to the ass ociated ACL s) do not tak e effe ct unti l the route- map is r eapplie d to the i nterface . ACL Reso urce Shar ing An ACL rule contains match and action attri butes. F or example, an A CL rule may have a mat ch claus[...]

  • Página 599

    Configu ring Ac cess Con trol List s 599 Configuring ACLs (W eb) This secti on provides information about the O penManage Switch Administrator pages for configuring and monitoring A CLs on a Dell Networki ng N2000, N 3000, and N400 0 series sw itches. F or detail s about the fields on a page, click at the top of the page. IP ACL Configur ation Use [...]

  • Página 600

    600 Confi guring A ccess Con trol List s Figure 20-2. Add IP ACL 4 Click Apply . Removing IPv4 ACLs T o delete an IPv4 ACL : 1 Fr o m t h e IP ACL Name menu on the IP ACL Con figu ratio n page, select the A C L t o r emove. 2 Sele ct the Rem ov e checkbox. 3 Click Apply . Viewing IPv4 ACLs T o view configured A CLs, click Show All from the IP AC L [...]

  • Página 601

    Configu ring Ac cess Con trol List s 601 IP ACL Rule Confi guration Use the IP A CL Rul e Config uration page to define rules for IP -based ACLs. The access list definition includes rule s that specify whether tr affic matching the criteria is forwar ded normally or discar ded. Additionally , y ou can sp ecify t o a s s i g n t r af f i c t o a p a[...]

  • Página 602

    602 Confi guring A ccess Con trol List s Figure 20 -4. IP A CL - Rule Configuration Remo ving an IP ACL Rule T o delete an IP A CL rule: 1 Fr o m t h e Rul e ID me nu, select the ID o f the rule to delet e. 2 Sele ct the Rem ov e option n ear the bot tom of th e page. 3 Click Apply to r emove the selected r ule.[...]

  • Página 603

    Configu ring Ac cess Con trol List s 603 MAC ACL Configuratio n Use the MAC A CL Configuration page to define a MA C-based AC L. To d i s p l a y t h e MA C ACL Con figuration page, click Swit chi ng → Network Security → Access Control Lists → MAC Access Control Lists → Configuratio n in the navigation panel. Figur e 20-5. MAC ACL Confi gur[...]

  • Página 604

    604 Confi guring A ccess Con trol List s Renaming or Removing MAC ACLs T o r ename or delete a MAC A CL: 1 Fr o m t h e MA C AC L Name menu o n the MAC A CL Configurat ion page, select the ACL to rename or remove. 2 T o re n a m e t he A CL , s e le c t th e Re na m e checkbox and enter a new n ame in the associated field. 3 T o remo ve th e ACL, s[...]

  • Página 605

    Configu ring Ac cess Con trol List s 605 MAC ACL Rule Configur ation Use the MAC A CL Rule Confi guration p age to define rules for MAC-bas ed ACLs. The access list definit ion includes rules t hat specify wh ether traffic matching the criteria is forwar ded normally or discar ded. A default den y al l rule is the last rule of every list. To d i s [...]

  • Página 606

    606 Confi guring A ccess Con trol List s IPv6 ACL Con figuration Use the IPv6 ACL Co nfiguratio n page to add or r emove IP -based A CLs. T o display the IP A CL Configuration page, click Switching → Network Se curity → Access Control Lists → IPv6 Access Control Lists → IPv6 A CL Configur ation in the navi gation panel. Figure 20-8. IPv6 AC[...]

  • Página 607

    Configu ring Ac cess Con trol List s 607 Removing IPv6 ACLs T o delet e an IP v6 ACL : 1 Fr o m t h e IPv6 A CL Nam e menu on the IPv6 A CL Configurat ion page, select the A CL to r emove. 2 Sele ct the Rem ov e checkbox. 3 Cli ck Apply . Viewing IPv6 ACLs T o view configured A CLs, click Show All from the IPv6 ACL Con figura tion page. The IPv6 AC[...]

  • Página 608

    608 Confi guring A ccess Con trol List s Figure 20-10. IPv6 ACL - Rule Con figuration Removing an IPv6 ACL Rule T o delete an IPv6 ACL rule: 1 Fr o m t h e Rul e ID me nu, select the ID o f the rule to delet e. 2 Sele ct the Rem ov e option n ear the bot tom of th e page. 3 Click Apply to r emove the selected r ule.[...]

  • Página 609

    Configu ring Ac cess Con trol List s 609 ACL Binding Conf igurati on When an A CL is bound to an interface , all the rules that have been defined are applied to the selected interface . Use the A CL Bi nding Conf igur ation page to as sign ACL lists to ACL P r iorities and Interfaces . F r om the web interface, you can configur e the ACL rule in th[...]

  • Página 610

    610 Confi guring A ccess Con trol List s T ime Range Entry Confi guration Use the T ime Range E ntry Configur ation page to define time ranges to associat e with A CL rules. To d i s p l a y t h e T ime Rang e Entry Config uratio n page, click System → Ti m e Synch ron izatio n → T ime Range Config uration in the navi gation panel . The followi[...]

  • Página 611

    Configu ring Ac cess Con trol List s 611 Figure 20-13. Add a Time Range 3 Cli ck Apply . 4 Cli ck Configuration to r eturn to th e T ime Ran ge Entry Co nfigur ation page. 5 In the Ti m e R a n g e N a m e field, select the name of the tim e range to configure. 6 Specify an ID for the time ran ge. Y ou can configu r e up to 10 different time range [...]

  • Página 612

    612 Confi guring A ccess Con trol List s Configuring ACLs (CLI) This section provides information about the commands you use to cr eate and configure A CLs. F or more information about the commands, see the Dell Networki ng N2000, N30 00, and N4000 Se ries Switches CLI Reference Guide at support.dell.com/manuals . Configuri ng an I Pv4 ACL Beginnin[...]

  • Página 613

    Configu ring Ac cess Con trol List s 613 { deny | permit } { every | {{ ipv4-protocol | 0-255 | ever y } { srcip srcm ask | any | host srcip } [{ range { portkey | startpo rt } { portkey | endpor t } | { eq | neq | lt | gt } { portkey | 0-65 535 } ] { dsti p dstma sk | any | host dsti p } [{ ran ge { portkey | startpo rt } { portkey | endpor t } | [...]

  • Página 614

    614 Confi guring A ccess Con trol List s contin ued – Whe n “eq” is sp ecified, I P A CL rule matche s only if the lay er 4 po rt num ber is equal to the spe cified port num ber or p ort key . – Wh en “ lt ” is s pe ci f ie d , I P ACL r u le ma tc he s if t he la y er 4 destin ation port nu mber is le ss than t he spec ified port nu mb[...]

  • Página 615

    Configu ring Ac cess Con trol List s 615 continue d • flag [+fin | -fin] [ +syn | -syn] [ +rst | - rst] [+ psh | - psh] [+ack | -ack] [+u rg | -ur g] [establ ished] — Specif ies th at the IP/ TC P/U DP A CL rule matc hes on the TCP f l a gs . – Ack – Acknowled gement bit – Fi n – F inished bit – Ps h – push bit – Rs t – re set b[...]

  • Página 616

    616 Confi guring A ccess Con trol List s contin ued •i g m p - t y p e igmp-t ype — Whe n igmp -type is spec ified, IP ACL rule matche s on th e specifi ed IGMP messa ge type (i. e., a numbe r from 0 to 25 5). • frag ments— Sp ecifies th e rule mat ches pa cke ts that ar e non- initial fr agm ents (fra gme nt bit as serted ). Not valid for [...]

  • Página 617

    Configu ring Ac cess Con trol List s 617 interface interfa ce (Optional ) Enter interface confi guration mode for the specified interfac e. The inter face variabl e includ es the interface type and number , for example tengig abitethernet 1/0/3 . Y ou can also s pecify a rang e of int erfac es wi th the interface range command , for e xample, inter[...]

  • Página 618

    618 Confi guring A ccess Con trol List s Configuri ng a MAC ACL Beginning in P rivileged EXEC mode, use the following commands to create an MAC A CL, configure rules for the A CL, and bind the ACL to an interfa ce. Command Pu rpose configure Enter global configuration mode. mac acce ss-list extend ed name Create a named MAC ACL. This command also e[...]

  • Página 619

    Configu ring Ac cess Con trol List s 619 continue d – Wh en “gt” is specified , IPv6 A CL rule matche s if the layer 4 dest ination port number i s greater than the specif ied por t number or portkey . It is equival ent to specify ing the r ange as <spe cified por t number + 1> to 65535 . – Wh en “ne q” is spec ified, IP v6 A CL r[...]

  • Página 620

    620 Confi guring A ccess Con trol List s contin ued – This option is visible only if the protocol is tcp. – Ack – Acknowled gement bit – Fi n – F inished bit – Ps h – push bit – Rst – re set bit – Syn – Synchroniz e bit – Urg – Ur gent bit •[ i c m p - t y p e icmp -type [icmp-code icmp-code ] | icmp- message icmp-messag[...]

  • Página 621

    Configu ring Ac cess Con trol List s 621 continue d • rout ing—Spe cifies that IP A CL rule m atches on routed packets. Routed packets cont ain an IP v6 “routi ng” extension he ader . • log— Specifies that this rule is to be log ged. •t i m e - r a n g e time-range-name —Allo ws i mposin g tim e limi tation on the A CL rule as defin[...]

  • Página 622

    622 Confi guring A ccess Con trol List s mac access-group name direction s eqnum Bind th e spe cified MA C A CL to a n inte rface. NOTE: T o ap ply this A CL to all i nterfa ces, issu e the com mand in G lobal Config uration mode. • nam e — Ac cess list nam e. (Range : V alid MA C ac cess-list name up to 3 1 char acters in leng th) • dire cti[...]

  • Página 623

    Configu ring Ac cess Con trol List s 623 Configuri ng an IPv6 ACL Beginning in P rivileged EXEC mode, use the following commands to create an IPv6 ACL, confi gur e rules for the ACL, and bind the ACL to an i nterface. Command Pu rpose configure Enter global configuration mode. ipv6 traffic-filter name Cr eate an e xtended IPv6 A CL. This command al[...]

  • Página 624

    624 Confi guring A ccess Con trol List s { den y | perm it } { ipv6- protocol | number | every } { source-ipv6- pr efix/ pr efix- leng th | any | host source- ipv6- addr ess } [{ range { portkey | startp ort } { portkey | endport } | { eq | neq | lt | gt } { portkey | 0-655 35 }] { destin ation -ipv6- pr efix/ pr efix- leng th | any | host destinat[...]

  • Página 625

    Configu ring Ac cess Con trol List s 625 (Conti nued) • desti nation ipv6 p ref ix — IPv6 pr efix in IPv 6 global addr ess form at. • flow label value — The value to match in th e Flow Label field of the IP v6 head er (Range 0 –1048575) . • dscp dscp — Specifi es the TOS for an IPv6 ACL rule depending o n a match of DSCP v alues usi n[...]

  • Página 626

    626 Confi guring A ccess Con trol List s Configuri ng a T ime Range Beginning in P rivileged EXEC mode , us e the foll owing comm ands to create a time range and configure time-based entries for the time ran ge. CTRL + Z Exit to Privil eged EXEC mod e. show ipv6 access-lists [ name ] Display all IPv6 access lists and all of the rules that ar e def [...]

  • Página 627

    Configu ring Ac cess Con trol List s 627 periodic { days- of -the- week ti me } to {[ days- of - the-wee k ] time } Conf igur e a r ecurring time entr y for the nam ed ti me range. • days-of-the-w eek —The first occurrence indicat es the starting day(s) th e A CL goe s into effe ct. The sec ond occurrence is the endi ng day(s) when the ACL rule[...]

  • Página 628

    628 Confi guring A ccess Con trol List s ACL Configuration Examples This section contains the following e xamples: •" B a s i c R u l e s " o n p a g e 6 2 8 •" I n t e r n a l S y s t e m A C L s " o n p a g e 6 2 9 •" C o m p l e t e A C L E x a m p l e " o n p a g e 6 2 9 • "Advanced E xamples" on [...]

  • Página 629

    Configu ring Ac cess Con trol List s 629 permit ip 10.0.46.0 0.0.1.255 any • Inbound rule al lowing access TO host s with IP addr esses rangi ng from 10.0 .48.0 to 10 .0.49.254: permit ip any 10.0.48.0 0.0.1.255 As the last rule in an administrator-defined list, the narrower scope of this inbound ru le has no effe ct other than to possibly in ter[...]

  • Página 630

    630 Confi guring A ccess Con trol List s ip access-list Allow-10-1-1-x permit ip 10.1.1.0 0.0.0.255 192.168.0.0 0.0.0.255 permit icmp 10.1.1.0 0.0.0.255 any permit ip 0.0.0.0 255.255.255.255 any permit udp any any eq domain exit interface gi1/0/1 mac access-group Allow-ARP in 10 ip access-group Allow-10-1-1-x in 20 exit Another list on the 192. 168[...]

  • Página 631

    Configu ring Ac cess Con trol List s 631 following lis t has corr ected rul es that allow T e lnet and UDP packe ts only and rely on the implicit "deny all" after the end of t he last access group to deny other traffic. ip access-list Host10-1-1-23 ! Permit Telnet traffic from 192.168.0.X network to host 10.1.1.23 permit tcp 192.168.0.0 0[...]

  • Página 632

    632 Confi guring A ccess Con trol List s ! Permit Telnet traffic from 192.168.0.X network to host 10.1.1.23 permit tcp 192.168.0.0 0.0.0.255 host 10.1.1.23 eq telnet ! Permit UDP traffic from 192.168.0.X network to host 10.1.1.23 permit udp 192.168.0.0 0.0.0.255 host 10.1.1.23 ACLs may als o contain a number of shorthand qualifi ers for protocols a[...]

  • Página 633

    Configu ring Ac cess Con trol List s 633 Multiple acce ss lists can be configur ed on an interface. The p rocessing order is determin ed by the last parameter on the access-group command where the lowest s equence number is proc essed first, followed by the ne xt higher sequence number , etc. In this e xample, access list Ho st10-1-1-21 is processe[...]

  • Página 634

    634 Confi guring A ccess Con trol List s 5 Create an ACL name d web-limit that denies HTTP t raffic during the work-hours t ime range. console(config)#ip access-list web-limit console(config-ip-acl)#deny tcp any any eq http time-range work-hours console(config-ip-acl)#permit every 6 Enter interf ace configur ation mode for VLAN 100 and appl y the A[...]

  • Página 635

    Configu ring Ac cess Con trol List s 635 interface range gi1/0/24-48 ip access-list deny-ftp in exit Allow FTP T raffic Only to an FTP Se rver This ACL limit s traffic from a router to a directly connected FTP serv er (172.16.0. 5) on gi1/0/11. Notice tha t this is an “out” A CL. T raffic to the router from the F TP server is not a ffected by t[...]

  • Página 636

    636 Confi guring A ccess Con trol List s ip access-list no-ping deny icmp any any icmp-message echo deny icmp any any icmp-message echo-reply permit every exit interface gi1/0/1 ip access-group no-ping in exit Block RFC 191 8 Addresses This ACL may be useful on connections to ISP s to bloc k traffic fr om non- routable addr esses. ip access-list no[...]

  • Página 637

    Configu ring Ac cess Con trol List s 637 periodic weekdays 07:30 to 18:00 exit ip access-list redirect-traffic permit ip any 172.16.1.0 255.255.255.0 redirect te1/0/1 time-range work-hours permit every exit ip access-group redirect-traffic in 30 Rate Limit WWW T raffic (Diffserv) This AC L creates a Diffserv policy to rate-limit WWW pack ets. Limit[...]

  • Página 638

    638 Confi guring A ccess Con trol List s interface te1/0/1 ip access-group rate-limit-www in exit Rate Limit In-Band Management T raffic The following is an e xample of rate limiting in-band management traffic on an L2 sw itch . The firs t two rul es rate limit T eln et and SSH (22) traf fic fo r established connections. The thir d and fourth rules[...]

  • Página 639

    Configu ring Ac cess Con trol List s 639 A Con solid ated Do S Examp le This e xample includes some A CL rules to consider to r educe DoS attacks on the switch. It does not represent a complete D oS suite. A firewall with deep pack et ins pection capabil ities sh ould be used for t rue DoS p rotecti on. ip access-list reduce-dos-attacks ! ! Rate li[...]

  • Página 640

    640 Confi guring A ccess Con trol List s ! Further limit inbound traffic on in-band management ports. ! Allow only VLAN 99 SSH and TFTP, no telnet, HTTP, HTTPS, or SNMP. ! The management access list actions are performed by the switch ! firmware in addition to the access list actions performed by ! the switching silicon, e.g. reduce-dos-attacks. No[...]

  • Página 641

    Configu ring Ac cess Con trol List s 641 Route-Map with Scheduled Redirection of RFC 1918 Addresses to a Different Next- Hop time-range work-hours periodic weekdays 07:30 to 18:00 exit ip access-list subnet-172-16 permit ip any 172.16.0.0 0.15.255.255 time-range work-hours exit ip access-list subnet-192-168 permit ip any 192.168.0.0 0.0.255.255 tim[...]

  • Página 642

    642 Confi guring A ccess Con trol List s Figur e 20-14 . Policy B ased Rou ting on VLAN In terfaces Exampl e Create VLANs 10, 20, 30 an d 40 vlan 10,20,30,40 exit Add VL AN Member ship to Ph ysical P orts Also , configure the native VLAN on the corresponding interface s: interface gi1/0/2 switchport mode trunk switchport trunk allowed vlan remove 1[...]

  • Página 643

    Configu ring Ac cess Con trol List s 643 interface gi 1/0/24 switchport mode trunk switchport trunk native vlan 40 switchport trunk allowed vlan remove 1 Ena ble Routi ng on Each VLAN Int erface interface vlan 10 ip address 1.1.1.1 255.255.255.0 exit interface vlan 20 ip address 2.2.2.1 255.255.255.0 exit interface vlan 30 ip address 3.3.3.1 255.25[...]

  • Página 644

    644 Confi guring A ccess Con trol List s PBR is to route non-ma tchi ng tra ffic or traffi c which is addressed to a non- connected inte rface n ormall y . 2 Creat e a rout e-map and add match/set rules to t he route-ma p: route-map Redirect_to_3_3_3_3 permit 100 match ip address Match-ip-1_1_1_2-to-2_2_2_2 set ip next-hop 3.3.3.3 exit 3 Assign the[...]

  • Página 645

    Confi gurin g VLAN s 645 21 Configuring VLANs This chapter describ es how to conf igure VLANs, i ncluding port-based VLANs, pr otocol-base d VLANs, doub le-tagged VLAN s, subnet-ba sed VLANs, and V oice VLANs. The topics covered in t his chapter include: • VLAN Overview • Default VLAN Behavior • Configuring VL ANs (W eb) • Configuring VL AN[...]

  • Página 646

    646 Confi gurin g VLAN s priority over other traffic, such as data. Admini strators also use VL ANs to protect network resources. T raffic sent by authenticated clients might be assigned to one VLAN, while traffi c sent from unauthenticated clients might be assigned to a differ ent VLAN that allows limited network access. When one host in a VLAN se[...]

  • Página 647

    Confi gurin g VLAN s 647 Figure 2 1-1. Simple VLAN T opology In this e xample, each port is manually configured s o that the end station attached to th e port is a member of the VLAN configured for the port. The VLAN membership for this network is port-ba sed or static. Del l Netwo rkin g serie s swit ches also su ppo rt VLA N assig nmen t base d o[...]

  • Página 648

    648 Confi gurin g VLAN s T able 21-1 pro vides an overview of the types of VL ANs you can use to logically divide the network. Switchport Modes Y ou can configure each port on a Dell Net working N2000, N3000, and N4000 series switches t o be in one of the following modes: • Access — Access port s are intended to connect end-stations to the syst[...]

  • Página 649

    Confi gurin g VLAN s 649 trunk port are forwar ded on the native VLAN. P ackets r eceived on another interf ace belon ging to t he native VLAN ar e transmitte d untagg ed on a trunk p ort. • General — General ports can act like access or trunk ports or a hy brid of both. VLAN membershi p rules that a pply to a p ort are b ased on the swi tchpor[...]

  • Página 650

    650 Confi gurin g VLAN s T a g g i n g m a y b e re q u i r e d w h e n a s i n g l e p o r t s u pp o r ts m u l ti p le d e vi c e s t h a t a r e members of different VLANs. F or example, a single port might be con nected to an IP phone, a PC, and a printer (the PC and pri nter are connected vi a ports on the IP phone). IP phones are typically c[...]

  • Página 651

    Confi gurin g VLAN s 651 Double-VLAN T agging F or trunk ports, which ar e ports that connect one switch to another switch, the Dell Networking series switches support doub le- VLAN tagging . This feature allows service providers t o cr eate Virtual Metropolit an Ar ea Networks (VM ANs) . W ith doub le- VLA N tagg ing , serv ice p rovid ers c an pa[...]

  • Página 652

    652 Confi gurin g VLAN s Figur e 21-2 . Doubl e VLA N T agg ing Ne twork Exam ple V oice VL AN The V oice VLAN fea ture enables switch ports to carry voice traffic with defined priority . When multiple devices, s uch as a PC and an I P phone, are connected to the same port, you can co nfigur e the port to use one VLAN for voice traffic and another [...]

  • Página 653

    Confi gurin g VLAN s 653 Identifying V oice T raffic Some V oIP phones contain full supp ort for IEEE 802.1X. When these phones ar e connected to a port that uses 802.1X port-b ased authe ntication, t hese phones authenti cate and r eceive their VLAN information from LLDP -MED. However , if a V oI P phone has l imited suppo rt for 802.1X a uthentic[...]

  • Página 654

    654 Confi gurin g VLAN s default PVID of the po rt, and th e voice tra ffic is r eceived tagged with the predefined VLA N. As a result, both kinds of tr affic are segregated in order to provide b etter service to the voice traffic. • When a dot1p priorit y is associated with t he V oice VLAN port instead of a VLAN ID, t hen the priority in format[...]

  • Página 655

    Confi gurin g VLAN s 655 • Isolated VLA N —A secondary VLAN. It carries t raffic from isolat ed ports to promiscuous ports. On ly one isolat ed VLAN can be configured per private VLAN. • Community VLAN —A second ary VLAN. It forw ards traffic betw een ports wh ich bel ong t o the s ame comm un ity an d to t he pro miscu ous p orts . The r e[...]

  • Página 656

    656 Confi gurin g VLAN s F igure 21-3 sho ws an e xample P rivate VLAN scenario , in which five ho sts (H- A through H-E) are connected to a s tack of switches (SW1, SW2). The switch stack is connected to router R1. P ort refer ences shown are with reference to the st ack. Figure 21-3. Private VLAN Domain Promi scuous Ports An endpoint connected to[...]

  • Página 657

    Confi gurin g VLAN s 657 Isola ted Por ts An endpoint connected to an isolated port is allowed to communicate with endpoints connected to promiscuous ports only . End points connected to adjacent isolated ports cannot communicate with each other . Community Ports An endpoint connected to a community port is allowed to communicate with the endpoints[...]

  • Página 658

    658 Confi gurin g VLAN s T able 2 1-3. Forwarding Rules for T raffic in Primary V LAN T able 21 -4. Forwarding Rules for T raffic in Community 1 V LAN T able 2 1-5. Forwarding Rules for T raffic in Isolated VLAN To From promiscuous community 1 communit y 2 isolate d st ack (trunk) promiscuous allow allow allow all ow allow community 1 N/A N/A N/A N[...]

  • Página 659

    Confi gurin g VLAN s 659 Limitations and Recommendations • Onl y a si ngle isol ated VLAN can be asso ciated w ith a p rimar y VLA N. Multipl e communit y VLANs can be asso ciated with a prima ry VLAN. • T runk and ge neral mod es are not supported on p rivate VLAN port s. • Do not co nfigure acce ss ports using t h e VLANs participating in a[...]

  • Página 660

    660 Confi gurin g VLAN s • It is recommended that the priv ate VLAN IDs be removed from the tru nk ports conne cted to de vices that do n ot participat e in the priva te VLAN traffic. Priva te VLAN Conf igurat ion Exa mple See "Configuring a P ri vate VLAN" on pag e 711. Additiona l VLAN Features The Dell Networking se ries switches als[...]

  • Página 661

    Confi gurin g VLAN s 661 Default VLAN Behavior One VLAN is configured on the Dell Networking series switches by default. The VLAN ID is 1, and all ports are included in the VLAN as access ports, which ar e untagged. This means when a device connects to any port on the switch, th e port for wards the packets without inser ting a VLAN tag. If a devic[...]

  • Página 662

    662 Confi gurin g VLAN s T able 21-7 shows th e default values or maximum values for VLAN feat ures. T able 21-7. Addit ional VLAN De fault and Ma ximum Va lues Featur e V alue Default V LAN VLAN 1 VLAN Name No VL AN name is configu red e xcept for VLAN 1, whose name “d efault” ca nnot be change d. VLAN Range 2 –4093 Switchport mode Access Do[...]

  • Página 663

    Confi gurin g VLAN s 663 Configuring VLANs (W eb) This secti on provides information about the O penManage Switch Administrator pages for configuring and monitoring VLANs on a Dell Networki ng N2000, N 3000, and N400 0 series sw itches. F or detail s about the fields on a page, click at the top of the page. VLAN Membership Use the VLAN Membersh ip [...]

  • Página 664

    664 Confi gurin g VLAN s T o perform additional port config uratio n, such as making the port a trunk port, use the Po r t S e t t i n g s page . Figure 21-4. VLAN Members hip Addin g a VLAN To c r e a t e a V L A N : 1 Open the VLAN Membership page. 2 Click Add to displa y the Add VLA N pag e. 3 Specif y a VLAN ID and a VLAN na me. Blank Blank: th[...]

  • Página 665

    Confi gurin g VLAN s 665 Figure 21 -5. Add VLAN 4 Cli ck Apply . Confi guri ng Port s as VLAN Member s T o add member ports to a VLAN: 1 Open the VLAN Membership pag e. 2 Fr o m t h e Show VLAN m e n u , s e l e c t t h e V L A N t o w h i c h y o u w a n t t o a s s i g n ports. 3 In the Static row of the VLAN Membership table, click the b lank fi[...]

  • Página 666

    666 Confi gurin g VLAN s Figure 21-6. Add Ports to VLAN 4 Click Apply . 5 V erify that the p orts hav e been adde d to th e VL AN.[...]

  • Página 667

    Confi gurin g VLAN s 667 In F igure 21-7, the presence of the letter U in the Current row indicates that the port is an u ntagged member of th e VLAN. Figure 21-7. Add Ports to VLAN[...]

  • Página 668

    668 Confi gurin g VLAN s VLAN Port Settings Use the VLAN P ort Settings page to add ports to an existing VLAN and t o configure settings for the port. If y ou select T runk or Access as the Po r t V L A N Mode , some of the fields ar e not configurable because of the r equirements for that m ode. To d i s p l a y t h e Po r t S e t t i n g s page, [...]

  • Página 669

    Confi gurin g VLAN s 669 Figure 21-9. VLAN Settings for All Ports VLAN LAG Settings Use the VL AN LAG Se tting s page to map a LAG to a VLAN and to configur e specific VLAN settings for the LAG. To d i s p l a y t h e LA G Settings page, clic k Switching → VLA N → LAG Sett ings in the navigation panel. Figure 21-1 0. VLAN LAG Settings[...]

  • Página 670

    670 Confi gurin g VLAN s Fr o m t h e LAG Settings page, click Show All to see the curr ent VLAN se ttings for all LAGs. Y o u can change the setting s for one or more LAGs by clicking the Edit option for a port and selecting or entering new values. Figure 21-11. VLAN LAG T abl e[...]

  • Página 671

    Confi gurin g VLAN s 671 Bind MAC to VLAN Use the Bind MA C to VLAN p age to m ap a MA C add ress to a VL AN. After the source MAC address and the VLAN ID are specified, the MAC to VLAN configurations ar e shared across all ports o f the switch. The MAC to VLAN table s upports up to 128 entries . To d i s p l a y t h e Bi nd MA C to VL AN page, cli[...]

  • Página 672

    672 Confi gurin g VLAN s Bind IP Subnet t o VLAN Use the Bind IP Subnet t o VLAN page to assign an I P Subnet to a VLAN . The IP Subnet to VLAN config urations ar e share d across all ports of the switch. There can be up to 6 4 entries configured in this table. To d i s p l a y t h e Bind IP Subnet to VLAN page, cl ick Switching → VLAN → Bind I[...]

  • Página 673

    Confi gurin g VLAN s 673 GVRP Parameters Use the GVRP P a rameters page to enable GVRP globally a nd configure the port set tings. To d i s p l a y t h e GVRP P arameters page, click Switching → VLAN → GVRP P arameters in the navigation panel. Figure 21 -16. GVRP Parameters Fr o m t h e G VRP P arameters page, cli ck Show All to see the GVRP co[...]

  • Página 674

    674 Confi gurin g VLAN s Figure 21-17. GVRP Port Parame ters T able[...]

  • Página 675

    Confi gurin g VLAN s 675 Protocol Gr oup Use the Protocol Group page to configure which EtherT ypes go to which VLANs, and then enable certain ports to use these sett ings. P rotocol-based VLANs ar e most oft en used in situat ions where network segments contain hosts running multiple protocols. To d i s p l a y t h e P rotocol G roup page, cl ick [...]

  • Página 676

    676 Confi gurin g VLAN s Adding a Proto col Group T o add a protocol group: 1 Open the Protocol Group pa ge. 2 Click Add to displa y the Add P rotocol Group pag e. 3 Creat e a name for the group and associat e a VLAN with t he group. Figure 21 -19. Add P rotocol Gro up 4 Click Apply . 5 Click P rotocol Group to r eturn to t he main P rotocol Group [...]

  • Página 677

    Confi gurin g VLAN s 677 Figure 2 1-20. Config ure Protoco l Group 8 Cli ck Apply . 9 Cli ck Show All to see the protocol-based VLANs and t heir members. Figure 21 -21. Protocol G roup T able[...]

  • Página 678

    678 Confi gurin g VLAN s Double VLAN Global Configurat ion Use the Double VLAN Global Configuratio n page to specify the value of the EtherT ype field in the first EtherT ype/ta g pair of the double-tagge d frame. To d i s p l a y t h e Dou ble V LAN Global Co nfigu ratio n page, click Switching → VLAN → Double VLAN → Glob al Con figura tion [...]

  • Página 679

    Confi gurin g VLAN s 679 Double VLAN Inte rface Confi guration Use the Double VLAN Interface Configuration pag e to specif y the value of the EtherT ype field in the first EtherT ype /tag pair of the double-tagged frame. To d i s p l a y t h e Double VLAN Interface Configuratio n page, click Switching → VLAN → Double VLAN → Interfa ce Conf ig[...]

  • Página 680

    680 Confi gurin g VLAN s Figure 21-24. Double VLAN Port Pa rameter T able[...]

  • Página 681

    Confi gurin g VLAN s 681 V oice VLAN Use the V oice VLAN Configur ation page to configure and view voice VLAN setti ngs that a pply to the enti re system an d to specifi c interf aces. T o display the page, cl ick Switching → VLAN → Vo i c e V L A N → Confi gur ation in the navigation panel . Figure 21-25 . Voic e VLAN Configura tion NOTE: IE[...]

  • Página 682

    682 Confi gurin g VLAN s Configuring VLANs (CLI) This section provides information about the commands you use to cr eate and configure VLANs. F or more information about the commands, see the Dell Networki ng N2000, N30 00, and N4000 Se ries Switches CLI Reference Guide at support.dell.com/manuals . Creating a VL AN Beginning in P rivileged EXEC mo[...]

  • Página 683

    Confi gurin g VLAN s 683 pack ets. Un tagge d pack ets ar e tr eated as belo nging to th e acce ss VL AN. P ackets re ceived wit h a VLAN ID other than the access VLAN ID are discarded. When y ou configure an interface as an a ccess mode port, the interface is automatically ma de a member of VLAN 1 and removed from all other VLAN memberships. Y ou [...]

  • Página 684

    684 Confi gurin g VLAN s automatically configured as a member of all VLANs. Y ou can r emove them fr o m m e m be r sh ip i n sp ec i fi c V L AN s . By de f au l t, t he n at i ve VL A N fo r a t r un k port is VLAN 1. Command Pu rpose configure Enter global configuration mode. interface inter face Enter interf ace con figura tio n mode for th e s[...]

  • Página 685

    Confi gurin g VLAN s 685 switchport trun k { allowed vlan vlan- list | native vla n vlan-id } Set the li st of al lowed V LANs that can r eceive and se nd traffic on th is interf ace in tagge d format when i n trunking mode. • all owe d vlan-list — Se t the list of allow ed VLAN s that can receive and se nd traffi c on this interface in t agged[...]

  • Página 686

    686 Confi gurin g VLAN s Configuri ng a Port in General Mode Beginning in P rivileged EXEC mode, use the following commands to configure an interfa ce with full 802 .1q support and configur e the VLAN membership information for t he interfac e. Ex cept when noted as requir ed (for ex ample, when configuring MAB , V oice VLAN, or 802 .1x), it is rec[...]

  • Página 687

    Confi gurin g VLAN s 687 swit chp ort g eneral pvi d vlan-id (Optiona l) Set the po rt VLAN ID. U ntagged tra ffic that enters the switch t hrough this port is tagged w ith the PVID . vla n-id — PVID. The selected PVID assig nment must be to an e xisting VLAN. (Ran ge: 1–4093). Entering a P VID value does not remove the previo us PVID valu e fr[...]

  • Página 688

    688 Confi gurin g VLAN s Configuri ng VLAN Setting s for a LAG The VLAN mode and memberships setting s you configure for a port ar e also valid for a L AG (port-channel). Beginning in P rivileged EXEC mode, use the following commands to configure the VLAN mode for a LAG. Once yo u specify the switchport mode setting s for a LAG, you can configure o[...]

  • Página 689

    Confi gurin g VLAN s 689 Configuri ng Double VLAN T agging Beginning in P rivileged EXEC mode, use the following commands to configure an interfa ce to send and accept frames with double VLAN tagging. DV LAN uplink interfaces must be configured for tagging (trunk mode) for double tags to be observed on frames egr essing the interface. D VLAN uplink[...]

  • Página 690

    690 Confi gurin g VLAN s dvla n-tunn el et hertyp e { 802.1Q | vman | custom < 0-65 535 >} [primary-tpid] Config ure the EtherT ype to use for uplink or a ccess inter faces . • 802. 1Q — Configures t he EtherT yp e as 0x8 100 (defaul t). • vman — Config ures the EtherT ype as 0 x88A8. • custo m — C ust om configures t he EtherT yp[...]

  • Página 691

    Confi gurin g VLAN s 691 Configuri ng MAC-Based VLANs Beginning in P rivileged EXEC mode, use the following commands to associate a MA C address with a config ured VL AN. The VLAN does not ne ed to be configured on the system to asso ciate a MA C address with it. Y ou can creat e up to 25 6 VLAN to MA C addr ess associ ations. Command Pu rpose conf[...]

  • Página 692

    692 Confi gurin g VLAN s Configuri ng IP-Based VLA Ns Beginning in P rivileged EXEC mode, use the following commands to associate an IP subnet with a co nfigured VLAN. The VLAN does not need to be configured on the system to associate an IP subnet with it. Y ou can create up to 256 V LAN to MA C addr ess associa tions. Command Pu rpose configure En[...]

  • Página 693

    Confi gurin g VLAN s 693 Configuri ng a Protocol -Based VLAN Beginning in P rivileged EXEC mode, use the following commands to create and name a protocol group, and associa te VLANs with the protocol group. When you create a protocol group, the switch automatically assigns it a unique group ID number . The group ID is used for bot h configuration a[...]

  • Página 694

    694 Confi gurin g VLAN s protocol vlan group all groupid (Optio nal) Ad d all p hysical interf aces t o the p rotocol - base d grou p iden tifi ed by groupid . Y ou can ad d indiv idual interfaces to the protocol-based grou p as shown in the next two command s. grou pid — The protocol-based VLAN group ID. interface inter face Enter interf ace con[...]

  • Página 695

    Confi gurin g VLAN s 695 Configuri ng GVRP Beginning in P rivileged EXEC mode, use the following commands to enable GVRP on the switch and on an i nterface, and to configure var ious GVRP settings. Command Pu rpose configure Enter global configuration mode. gvrp enable E nable GVRP on t he switch. interface interfa ce Ent er inte rface co nfigur at[...]

  • Página 696

    696 Confi gurin g VLAN s vlan mak estatic vlan-id (Opt ional) Chan ge a dynami cally created VLA N (one tha t is cr eate d by GV RP r egist ratio n) to a stati c VLAN (one that is permane ntly con figur ed an d defined ). vlan-id — V alid vlan ID. Range is 2- 4093. CTRL + Z Exit to Privil eged EXEC mod e. show gvrp configuration Display GVR P con[...]

  • Página 697

    Confi gurin g VLAN s 697 Configuri ng V oice VLANs Beginning in P rivileged EXEC mode, use the following commands to enable the V oice VLAN featur e on the switch and on an inte rface. Command Pu rpose configure Enter global configuration mode. voice vlan Enable t he vo ice V LAN cap abili ty on the swi tch. interface interfa ce Ent er inte rface c[...]

  • Página 698

    698 Confi gurin g VLAN s VLAN Configuration Examples This section contains the following e xamples: • Configurin g VLANs Using Dell OpenM anage Administrato r • Configuring VL ANs Using the CLI • Configuring a V o ice VLAN This e xample assumes that networ k administrator w ants to cr eate the VL ANs in T able 21-9: NOTE: For an example th at[...]

  • Página 699

    Confi gurin g VLAN s 699 F igure 21-26 shows the network top ology for thi s example. As the fig ur e shows, ther e ar e two switche s, two file serv ers, and many hosts. One switch has an uplink port that connects it to a layer 3 device and the r est of the corporate network. Figur e 21-26. Net work T opolog y for Port-B ased V LAN Con figura tion[...]

  • Página 700

    700 Confi gurin g VLAN s T able 21- 10 shows the port assignme nts on the s witches. T abl e 21-10. Switch Port Conn ections Port/LA G Functio n Swi tch 1 1 Connects to Sw itch 2 2–15 Host por ts for P ayroll 16–20 Host ports for Marketing LAG1 (ports 21–24) Connects to P ayroll server Swi tch 2 1 Connects to Sw itch 1 2–10 Host ports for M[...]

  • Página 701

    Confi gurin g VLAN s 701 Configuri ng VLANs Using Dell OpenManage Adminis trator This example shows how to perform the configuration by using the web- based int erface. Confi gure th e VLANs and Ports on Switch 1 Use the following st eps to configure the VLANs and ports on Swit ch 1. None of the hosts that connect to Switch 1 use the Engineering VL[...]

  • Página 702

    702 Confi gurin g VLAN s Figure 21-28. VLAN Me mbership - VLAN 200 3 Click Apply . 4 Assign ports 2–15 and LAG1 to th e P a yrol l VLAN. a Fr o m t h e Switching → VLAN → VLAN Membership page, select 400-P ayroll from the Sho w VLAN field. b In the Static row , click the space for ports 2–15 and LAG 1 so t he U (untagged) d isplays for each[...]

  • Página 703

    Confi gurin g VLAN s 703 Figure 2 1-29. LAG Settings 6 Confi gure port 1 as a trunk p ort. a Fr o m t h e Switching → VLAN → Po r t S e t t i n g s pa ge, make sure po rt Gi1/0/ 1 i s selected. b Fr o m t h e Po r t V L A N M o d e field, select T runk. c Cli ck Apply . Figure 21-30. T runk Port Configuratio n 7 Fr o m t h e Switching → VLAN [...]

  • Página 704

    704 Confi gurin g VLAN s Figure 21-31. T runk Port C onfiguration 8 Configure the MAC-based VLAN informa tion. a Go to the Switching → VLAN → Bind MAC to VLAN page. b In the MA C Add ress field, ent er a valid MAC address, for example 00:1C :23:55:E9 :8B. c In the Bind to V LAN field, enter 300, which is the Sales VLAN ID. d Click Apply . Figur[...]

  • Página 705

    Confi gurin g VLAN s 705 Configure the VLANs and Por ts on Swi tch 2 Use the fo llowing steps to configure the VLANs an d ports on Switch 2 . Many of the p rocedures in this section a r e the same as procedures used t o configure Switch 1. F or more information about sp ecific procedures, see the deta ils and figures in the pr evious section. T o c[...]

  • Página 706

    706 Confi gurin g VLAN s Configuri ng VLANs Using the CLI This example shows how to perform th e same configuration by using CLI commands. Confi gure t he VLAN s and Ports on Switc h 1 Use the following steps to co nfigure the VLANs and ports on Switch 1. None of the hosts that connect to Switch 1 use the Engineering VLAN (VLAN 100), so it is not n[...]

  • Página 707

    Confi gurin g VLAN s 707 4. Assign LAG1 to the P ayroll VLAN and specify that fram es will always be transmit ted tagge d with a VLAN ID of 400. By defaul t, all VLANs ar e members of a trun k port . console(config)# interface port-channel 1 console(config-if-Po1)# switchport mode trunk console(config-if-Po1)# switchport trunk native vlan 400 conso[...]

  • Página 708

    708 Confi gurin g VLAN s 8. View the VLAN settings. console#s how vlan 9. View the VLAN m embership inform ation for a port. console# show interfaces switchport te1/0/1 Port: Te1/0/1 VLAN Membership mode:Trunk Mode Operating parameters: PVID: 1 Ingress Filtering: Enabled Acceptable Frame Type: VLAN Only Default Priority: 0 GVRP status:Disabled Prot[...]

  • Página 709

    Confi gurin g VLAN s 709 Confi gure th e VLANs and Ports on Switch 2 Use the fo llowing steps to configure the VLANs an d ports on Switch 2 . Many of the p rocedures in this section a r e the same as procedures used t o configure Switch 1. F or more information about sp ecific procedures, see the deta ils and figures in the pr evious section. T o c[...]

  • Página 710

    710 Confi gurin g VLAN s Configuri ng a V oice VLAN The commands in this example create a VLAN for voice traffic with a VLAN ID of 25. P ort 10 is set t o an 802.1Q V LAN. In in this example , ther e ar e m u l t i p l e d e v i c e s c o n n e c t e d t o p o r t 1 0 , s o t h e p o r t m u s t b e i n ge n e r al m o d e i n order to enable MAC- [...]

  • Página 711

    Confi gurin g VLAN s 711 6 Disable authentication for the voice VLAN on the port . This step is requir ed only if the voice phone does not support port-based authen tication . console(config-if-Gi1/0/10)# voice vlan auth disable 7 Exit t o P rivileged E xec mode. console(config-if-Gi1/0/10)# <CTRL+Z> 8 View the voice VLAN settings for port 10[...]

  • Página 712

    712 Confi gurin g VLAN s switch(config-vlan-100)# private-vlan association 101-102 switch(config-vlan-100)# exit This complet es the configura tion of the privat e VLAN. The only remaining step is to a ssign the ports t o the private VL AN. 3 Assign the router connected port to th e primary VLAN: console(config)#interface te1/1/1 console(config-if-[...]

  • Página 713

    Confi gurin g VLAN s 713 103 isolated console#show vlan private-vlan Primary VLAN Secondary VLAN Community ------------ -------------- ------------------- 100 102 101 console(config)#show vlan VLAN Name Ports Type ----- ----------- ------------- ------------- 1 default Po1-128, Default Te1/1/1, Gi1/0/1-10, Gi1/0/13-24 100 VLAN0100 Te1/1/1, Static G[...]

  • Página 714

    714 Confi gurin g VLAN s[...]

  • Página 715

    Conf iguring the Sp anning T ree Protoco l 715 22 Configur ing the Spanning T ree Protocol This chapter describes how to configur e the Spanning T ree P rotocol (STP) settin gs on the switch. The topics covered in t his chapter include: • STP Overv iew •R S T P - P V • Default ST P V alues • Configu ring Span ning T ree (W eb ) • Configu [...]

  • Página 716

    716 Conf iguring the Sp anning T ree Proto col transit ioning of th e port to F orwar ding). The differ ence betw een the RSTP and the traditional STP (IEEE 802.1d) is the ability to configure and recognize full-duple x connectivity and ports which ar e connected to end stations, r esulting in ra pid transitionin g of the port to the F orwarding st[...]

  • Página 717

    Conf iguring the Sp anning T ree Protoco l 717 How Does MSTP Operate in t he Network? In the following diagram of a small 802 .1d b ridged netwo rk, STP is necessary to create an envi ronment with fu ll connectivit y and witho ut loops. Figure 22-1. Sma ll Bridged Netwo rk Assume that Swit ch A is elected to be the Root Bridge, and P ort 1 on Switc[...]

  • Página 718

    718 Conf iguring the Sp anning T ree Proto col F igure 22-2 shows the logica l single STP networ k topolog y . Figure 22-2. Single STP T opolo gy F or VLAN 10 thi s single STP to pology i s fine and presents no limitatio ns or inefficiencies. On the other hand, V LAN 20's traffic pattern i s inefficient. All frames from Swi tch B will have to [...]

  • Página 719

    Conf iguring the Sp anning T ree Protoco l 719 The logical representation of the MS TP environment for these t hr ee switches is shown in F igure 22-3. Figur e 22-3. Log ical MS TP Enviro nment[...]

  • Página 720

    720 Conf iguring the Sp anning T ree Proto col In order for MSTP to correctly establish the different MSTIs as above, some additional changes ar e requir ed. F or example, the configuration would have to be the same on each and every bri dge. That means that Switch B would have to add VLAN 10 to its list of supported VLANs ( shown in F igure 22-3 w[...]

  • Página 721

    Conf iguring the Sp anning T ree Protoco l 721 MSTP wit h Mult iple F orwar ding Paths Consider the phys ical topology shown in F igure 2 2-4. It might b e assumed that MSTI 2 and MSTI 3 would follow th e most dir ect path fo r VLANs 20 and 30. However , using the default path costs, t his is n ot the c ase. MSTI operates wit hout considering the V[...]

  • Página 722

    722 Conf iguring the Sp anning T ree Proto col What are the Opti onal STP Featur es? The Dell Networki ng series switches support t he following optional STP features: • BPDU floodin g •P o r t F a s t • BPDU fil tering • Root guar d • Loop guard • BPDU protection BPDU F looding The BPDU flooding feature determines the beh avior of the [...]

  • Página 723

    Conf iguring the Sp anning T ree Protoco l 723 Root Gu ard Root guard is another way of controlli ng the spanning-tr ee top ology other than sett ing the bridge p riority or pat h costs. Root gu ard ensur es tha t a port does not become a root port or a block ed port. When a switch i s elected as the root bridg e, all ports are assi gned roles as d[...]

  • Página 724

    724 Conf iguring the Sp anning T ree Proto col BPDU Protection When the switch is used as an acces s la yer device, most ports function as ed ge ports that connect t o a device such as a de sktop computer or file serv er . The port has a single, dir ect connection and is configured as an edge port to implement the fast transition to a forwarding st[...]

  • Página 725

    Conf iguring the Sp anning T ree Protoco l 725 The switch spanning tree confi guration is global in natur e. Enabling RSTP - PV disables other spanning tr ee mode s on the switch. The switch cannot operate with some po rts configured to operate in standard spanning tree mode and others to operate in RSTP -PV mode. Ho wever , RSTP -PV has fal lbac k[...]

  • Página 726

    726 Conf iguring the Sp anning T ree Proto col T o accelerate conver gence time once DR C has switched over to a new root port, STP -PV transmits dummy pack ets out the new root port, with t he source MA C addres ses take n from its forwar ding table. The destinati on address i s an SSTP MAC addr ess that ensur es that the packet is flooded on the [...]

  • Página 727

    Conf iguring the Sp anning T ree Protoco l 727 Indirect Link Rapid Conv ergence Feat ure T o handle indire ct link failure, the STP st andard r e quir es that a switch pa ssivel y wa it fo r “max _ag e” sec ond s once a topo log y cha nge ha s bee n detected. IndirectLink Ra pid Converge nce (IR C) handles these failur es in two ph ases: • Ra[...]

  • Página 728

    728 Conf iguring the Sp anning T ree Proto col on ports that should hav e a path to the root. The port wher e the switch receiv ed the inferior BPDU is e xcluded be cause it alr e ady fa iled; self -loo ped and designated ports are eliminated as they do not have a path to the root. Figure 22-5. IRC Flow Upon re ceiving a negative RLQ r esponse on a[...]

  • Página 729

    Conf iguring the Sp anning T ree Protoco l 729 Interope rability Bet ween STP-PV and RSTP-PV Modes STP -PV is derived from 802.1D and RSTP -PV is derived from 802.1w . The fallback mechanism i s the same as between a sta ndard 802.1D swit ch and a standar d 802.1w s witch. When a lower p r otocol version BPDU is received on a switc h that runs a hi[...]

  • Página 730

    730 Conf iguring the Sp anning T ree Proto col RSTP -PV region and th e MSTP regio n, the RSTP -PV switc h send s VLAN 1 BPDUs in IEEE standard format, so they can be interpr eted b y the MSTP peers. Similarly , the RSTP -PV switch proce sses incoming MSTP BPDUs as thoug h they w ere BPDUs f or the V LAN 1 RSTP -PV insta nce. If the RSTP -PV switch[...]

  • Página 731

    Conf iguring the Sp anning T ree Protoco l 731 Figure 22-7. RSTP-PV and R STP Interop erability SW3 sends IEEE STP BPDUs to the IEEE multicast MAC address as untagged frames. These BPD Us are processed by the VLAN 1 STP instance on the R STP -PV switch as part of the VL AN 1 STP inst ance. The RSTP -PV side sends IEEE STP BPDUs corr esponding to th[...]

  • Página 732

    732 Conf iguring the Sp anning T ree Proto col The VLAN 1 STP instance of SW1 and SW2 ar e joined wi th the STP instance running in SW3. VLA Ns 2 and 3 consider the path across SW3 as another segment link ing SW1 and SW2, and t heir SSTP information is multicast acr oss SW3. The bridge p riority of SW1 and SW2 for VLAN 1 instance is 3276 9 (bridge [...]

  • Página 733

    Conf iguring the Sp anning T ree Protoco l 733 • The MSTP doma in contains the root bridge for ALL VLANs. T his implies that th e CIST Root B ridge ID is configu r ed t o be better than any RSTP - PV STP root Bridge ID. If there is only one MSTP region connected to the RSTP -PV domain, th en all boundary ports on the virtual-bridge wil l be unblo[...]

  • Página 734

    734 Conf iguring the Sp anning T ree Proto col • The alte rnati ve is that the RSTP -PV domain cont ains th e root bridg es for ALL VLANs . This is only tru e if all RST P -PV root bri dges’ Bridge IDs for all VLANs are better than the MSTP C I ST Root Bridge ID. Th is is not a supported topology , because all MSTIs m ap to CIST on the bord er [...]

  • Página 735

    Conf iguring the Sp anning T ree Protoco l 735 Default STP V alues Spanning tr ee is globally enabled on the swit ch and on all ports and LAGs. T able 22-1 s ummarizes the default values for STP . T abl e 22-1. STP Def aults Paramete r Default V alue Enable state Enabled (global ly and on all ports) Spanning tree mode RSTP (Classic STP , STP -PV , [...]

  • Página 736

    736 Conf iguring the Sp anning T ree Proto col Configu ring Spann ing T ree (W eb) This section provides information about the OpenManag e Switch Administrator pages for configuring and monitoring STP settings on a Dell Networki ng N2000, N3000, and N40 00 series s witches. F or details abo ut the fields on a page, click at the top of the page. STP[...]

  • Página 737

    Conf iguring the Sp anning T ree Protoco l 737 Figur e 22-9. Spanning T ree Glob al Setting s[...]

  • Página 738

    738 Conf iguring the Sp anning T ree Proto col STP Port Settings Use the STP P ort Settings page to as sign STP prope rties to i ndividual po rts. To d i s p l a y t h e STP P ort Settings page, click Switching → Spanning T ree → STP P ort Settings in the navigation pane l. Figure 22-10. STP Port Setting s[...]

  • Página 739

    Conf iguring the Sp anning T ree Protoco l 739 Configuring STP Settings for Multiple Ports T o configure STP se ttings for multiple port s: 1 Open the STP P ort Settings page. 2 Cli ck Show All to displa y the STP P ort T able . Figure 22 -11. Co nfigure ST P Port Se ttings 3 F or ea ch port to configure, select the check box in the Edit column in [...]

  • Página 740

    740 Conf iguring the Sp anning T ree Proto col STP LAG Setting s Use the STP LAG Settings page to assign STP aggregating ports parameters . To d i s p l a y t h e STP LAG Sett ings page, click Switching → Spanning T ree → STP LAG Settings in the navigation panel. Figure 22-12. STP LAG Settings Configuring STP Settings for Multiple LAGs T o conf[...]

  • Página 741

    Conf iguring the Sp anning T ree Protoco l 741 Figure 22 -13. Co nfigure STP LAG Settings 3 F or each LAG to configu re, sele ct the check box in the Edit column in the row associ ated wit h the LAG. 4 Select the desi red se tting s. 5 Cli ck Apply . Rapid Spannin g T ree Rapid Spannin g T ree Protocol (RSTP) detects and uses network topolog ies th[...]

  • Página 742

    742 Conf iguring the Sp anning T ree Proto col T o view RSTP Settings for all interfaces, click the Show All link. The Rapid Spanning T ree T ab le displays. Figure 22 -15. RSTP Settings[...]

  • Página 743

    Conf iguring the Sp anning T ree Protoco l 743 MSTP Settings The Multiple Spanning T ree Protocol (MSTP) supports multip le instances of Spanning T ree to efficiently channel VL AN t raffic over differ ent interfaces. MSTP is compatibl e with both RSTP and STP ; a MSTP bridge can be configured to behave entir ely as a RSTP bridge or a STP bridge. T[...]

  • Página 744

    744 Conf iguring the Sp anning T ree Proto col Viewing and Modifying the Instance ID for Multiple VLANs T o configur e MSTP settin gs for multiple VLANS : 1 Open the MSTP Setting s page. 2 Click Show A ll to dis play th e MSTP Set tings T abl e . Figure 22 -17. Conf igure MSTP Settings 3 F or each Instance ID to modify , select the ch eck box in th[...]

  • Página 745

    Conf iguring the Sp anning T ree Protoco l 745 MSTP Interfac e Settings Use the MSTP Interface Se ttings page t o assign MSTP settin gs to specific interfaces. To d i s p l a y t h e MSTP I nterface Se ttings pa ge, click Swit ching → Span ning Tr e e → MSTP Interfa ce Settings in the navigation panel. Figure 22-18 . MSTP Interface Sett ings Co[...]

  • Página 746

    746 Conf iguring the Sp anning T ree Proto col Configuring Spanning T ree (CLI) This section provides information about the commands you use to configure STP settings on the switch. F or more informati on about the commands, see the Dell Net working N2000, N3000, and N40 00 Series Swit ches CLI Reference Guide at support.dell.com/manuals . Configur[...]

  • Página 747

    Conf iguring the Sp anning T ree Protoco l 747 Configuri ng Optio nal STP F eatures Beginning in P rivileged EXEC mode, use the following commands to configure t he optional STP feat ures on the switch or on specific inte rfaces. show spanning-tree [detail] [active | blockedports] Vie w information about spanning tr ee and the spanning tr ee conf i[...]

  • Página 748

    748 Conf iguring the Sp anning T ree Proto col Configuri ng STP I nterface Settings Beginning in P rivileged EXEC mode, use the following commands to configure t he STP sett ings for a sp ecific interface. span ning-tr ee tc nguard Prevent the port from propa gating topo logy change noti fication s. CTRL + Z Exit to Privil eged EXEC mod e. show spa[...]

  • Página 749

    Conf iguring the Sp anning T ree Protoco l 749 Configuri ng MSTP Switch Settings Beginning in P rivileged EXEC mode, use the following commands to configure MSTP settings for the switch. Command Pu rpose configure Enter global configuration mode. spanning-tree mst configuration Enable configu ring an MST region by ent ering the mult iple span ning [...]

  • Página 750

    750 Conf iguring the Sp anning T ree Proto col Configuri ng MSTP Interf ace Settings Beginning in P rivileged EXEC mode, use the following commands to configure MSTP settings for the switch. Comm and Pur pose configure Ente r global conf igurati on mode. interface inter face Ent er inte rface conf igurat ion m ode fo r the s peci fied interf ace. T[...]

  • Página 751

    Conf iguring the Sp anning T ree Protoco l 751 STP Configuration Examples This section contains the following exa mples: • STP Configu ration Exa mple • MST P Co nfiguration Exampl e • RST P -PV Ac cess Switch C onfiguration E xample STP Configura tion Example This e xample shows a L AN with four switche s. On each switch, ports 1, 2, and 3 c[...]

  • Página 752

    752 Conf iguring the Sp anning T ree Proto col Figur e 22-19. STP Ex ample Netwo rk Dia gram Of the four sw itches i n F igure 2 2-19, the adm inistrato r decides t hat Swit ch A is the mos t centrally locate d in the netw ork and is the leas t likely to be moved or redeployed. F or these reasons, the administrator selects it as the root bridge for[...]

  • Página 753

    Conf iguring the Sp anning T ree Protoco l 753 The administrator also configur es P ort F a st BPDU filtering and Loop Guard to e xtend STP’s capa bility t o pr even t networ k loops. F or all other ST P settin gs, the adminis trator uses the def ault STP va lues. T o configure the switch: 1 Connect to Switch A and con figure th e priority to be [...]

  • Página 754

    754 Conf iguring the Sp anning T ree Proto col Figure 22 -20. MSTP Conf igurat ion Examp le T o mak e multiple switches be part of the same MSTP r egion, make sur e the STP operational mode for all sw itches is MSTP . Also, make sur e the MST region name and re vision level are the same for all switches in the region. T o configure the switches: 1 [...]

  • Página 755

    Conf iguring the Sp anning T ree Protoco l 755 console(config-mst)# instance 10 add vlan 10 4 Create MST instan ces 20 and ass ociat e it to VL AN 20. console(config-mst)# instance 20 add vlan 20 5 Change the r egion name so that al l the bri dges tha t want to be p art of the same region can form the region. console(config-mst)# name dell console([...]

  • Página 756

    756 Conf iguring the Sp anning T ree Proto col RSTP-PV Access Swit ch Configurati on Example In this configuration, all 1G ports are pr esumed to be connected to host machines, and the tw o 10G uplink ports are connecte d to an aggr egation- layer switch wi th a total L2 network diameter of 4. The aggregation-lay er switch can be a single switch or[...]

  • Página 757

    Conf iguring the Sp anning T ree Protoco l 757 console(config-if)# exit console(config)# interface range gi1/0/1-12 console(config-if)# switchport access vlan 3 console(config-if)# exit console(config)# interface range gi1/0/1-12 console(config-if)# switchport access vlan 4 console(config-if)# exit[...]

  • Página 758

    758 Conf iguring the Sp anning T ree Proto col RSTP- PV Aggreg ation La yer Swit ch Config uratio n Exampl e In this configur ation e xample, two aggr egation-laye r switches ar e configure d. P orts 1–4 ar e configur ed in a LAG connecting the two aggregation-layer switches . P orts 12–24 ar e configur ed as down-link s to twelve access layer [...]

  • Página 759

    Conf iguring the Sp anning T ree Protoco l 759 console(config)#spanning-tree vlan 1,3 root primary console(config)#spanning-tree vlan 2,4 root secondary 7 Config ure t wo uplink p orts per upl ink swit ch: console(config)#interface range fo1/0/1-2 console(config-if-fo1/0/1-2)#channel-group 1 mode active console(config-if-fo1/0/1-2)#exit 8 Configure[...]

  • Página 760

    760 Conf iguring the Sp anning T ree Proto col[...]

  • Página 761

    Disc overing Net work Devic es 761 23 Discovering Network Devices This chapter de scribes the Indust ry Standard D iscovery P rotocol (ISDP) feature and the Link Layer Discovery P r otocol (LLDP) feature, including LLDP for Me dia En dpoint Devi ces (LLD P -MED). The topics covered in t his chapter include: • Device Discovery Overview • Defaul [...]

  • Página 762

    762 Discoveri ng Network Devices LLDP is a one-way protocol; there are no r equest/response sequences. Information is advert ised by stations impl ementing the transmit function, and is r eceived and processe d by stations implem enting the rece ive function. The transmit and receive functions can be enabled/dis abled separately on each switch port[...]

  • Página 763

    Disc overing Net work Devic es 763 Default IDSP and LLDP V alues ISDP and LL DP ar e globally enab led on the swit ch and enabled on all ports by default. By default, the switc h transmits and r eceives LLDP information on all ports. LL DP - MED is disabl ed on al l ports. T able 23-1 s ummarizes the default values for ISDP . T able 23-2 s ummarize[...]

  • Página 764

    764 Discoveri ng Network Devices T able 23- 3 summarizes the defaul t values f or LLDP -MED. T able 23-3 . LLDP-ME D Defaults Parameter Defau lt V alue LLDP -MED Mode Disabled on all ports Conf ig Noti ficati on Mode Disabled on al l port s T rans mit TVLs MED Capabilities Netwo rk P olicy[...]

  • Página 765

    Disc overing Net work Devic es 765 Configuring ISDP and LLDP (Web) This secti on provides information about the O penManage Switch Administrator pages for configuring and monitoring IDSP and LLDP/LLDP - MED on a De ll Networking N2 000, N3000, and N4000 serie s switches. F or detail s about the f ields on a page , click a t the top of the p age. IS[...]

  • Página 766

    766 Discoveri ng Network Devices ISDP Cache T able Fr o m t h e ISD P Neigh bor T abl e page, you can view information about other devices the switch has discov ered throug h the ISDP . T o access the ISDP N eighbo r T able page, click System → IS DP → Neighbor Ta b l e in the navigation pa nel. Figur e 23-2. ISDP Neighb or T able[...]

  • Página 767

    Disc overing Net work Devic es 767 ISDP Int erface Co nfigurat ion Fr o m t h e ISDP Interface Configuration page, you can configure the ISDP settings for e ach interface. If ISDP is enabled on an interface, it must also be enabled globally in order for th e interface to tr ansmit I SDP pack ets. If the ISDP mode on the ISDP Global Configuration pa[...]

  • Página 768

    768 Discoveri ng Network Devices ISDP Stat istics Fr o m t h e ISD P Statistics page, you can view information about the ISDP pack ets sent and receiv ed by the switch. T o access the ISDP St atistics page, click System → ISDP → Statistics in the navigation panel. Figur e 23-5. ISDP Stati stics[...]

  • Página 769

    Disc overing Net work Devic es 769 LLDP Co nfiguration Use the LLDP Con figuration page to spec ify LLDP param eters. P arame ters that affect the entire system as well as those for a specific inte rface can be specified her e. To d i s p l a y t h e LLDP Conf iguration page, click Switching → LLDP → Confi gur ation in the navigation panel. Fig[...]

  • Página 770

    770 Discoveri ng Network Devices T o view the LLDP Interface Settings T able , cli ck Show A ll . F rom the LLDP Interface Sett ings T able page , you can view and edit informat ion about the LLD P settin gs fo r mult iple inter face s. Figure 23-7. LLDP Inte rface Settin gs T able[...]

  • Página 771

    Disc overing Net work Devic es 771 LLDP Stat istics Use the LLDP Statis tics page to view LLPD -related stat istics. To d i s p l a y t h e LLDP Statistics page, cli ck Switching → LLDP → Statistics in the navigation panel. Figure 23 -8. LLDP Statistics[...]

  • Página 772

    772 Discoveri ng Network Devices LLDP Connec tions Use the LLDP Connection s page to view the list of ports with LLDP enabled. Basic connection det ails ar e displayed. To d i s p l a y t h e LLDP Connections page, click Switching → LLDP → Connections in the navigation panel. Figure 23 -9. LLDP Conn ections[...]

  • Página 773

    Disc overing Net work Devic es 773 T o view additional informat ion about a device connected to a port that has been discove red through LLDP , click t he port number in the L ocal Interface table (i t is a hyperlin k), or c lick Details an d select the port with the connected device. Figure 23 -10. LLDP Connection Detail[...]

  • Página 774

    774 Discoveri ng Network Devices LLDP-MED Global Configurat ion Use the LLDP - MED Global Configuration page to change or view th e LLDP -M ED parameters that affect the entire s ystem. To d i s p l a y t h e LLDP -MED Glo bal Co nfig uratio n page, click Switching → LLDP → LLDP -MED → Global Configurat ion in the navigation panel. Figure 23-[...]

  • Página 775

    Disc overing Net work Devic es 775 LLDP-MED In terface Config uration Use the LLD P - MED I nterfa ce Co nfigu ratio n page to speci fy LLD P -MED parameters t hat affect a specific inte rface. To d i s p l a y t h e LLD P -ME D In terfac e Conf igurat ion page , clic k Switching → LLDP → LLDP -MED → Inter face Con figur atio n in the navigat[...]

  • Página 776

    776 Discoveri ng Network Devices LLDP -ME D Local D evice Inform ation Use the LLDP - MED L ocal Device Information page t o view the advert ised LLDP local data for each port. To d i s p l a y t h e LL DP -MED Loca l Dev ice Inf orma tio n page, click Switching → LLDP → LLD P - MED → L ocal Device Information in the navigation panel. Figure [...]

  • Página 777

    Disc overing Net work Devic es 777 Configuring ISDP and LLDP (CLI) This section provides information ab out the commands you use to manage and view the device discovery protocol features on the switch. F o r mor e information about these commands, see the Dell Networking N2000, N3000, and N4000 Series Switches CLI Reference Guide at support .dell.c[...]

  • Página 778

    778 Discoveri ng Network Devices Enabling I SDP on a Port Beginning in P rivileged EXEC mode, use the following commands to enable ISDP on a port. V iewing and Cl earing I SDP Infor mation Beginning in P rivileged EXEC mode, use the following commands to view and clea r the conte nts of t he ISDP ta ble and to view and clear IS DP stat istics. Comm[...]

  • Página 779

    Disc overing Net work Devic es 779 Configuri ng Global LLDP Setti ngs Beginning in P rivileged EXEC mode, use the following commands to configure LLDP settings tha t affect the entire switch. Configuri ng Port-bas ed LLDP Settings Beginning in P rivileged EXEC mode, use the following commands to configure per -port LLDP settings. Command Purpo se c[...]

  • Página 780

    780 Discoveri ng Network Devices V iewing and Cl earing L LDP Info rmation Beginning in P rivileged EXEC mode, use the following commands to view transmitted a nd receiv ed LLDP inform ation and t o view and clear LLDP statistics . lldp notification Ena ble remote data cha nge notif ications on the inte rface. lldp transmit -tlv [ sys- desc ][ sys-[...]

  • Página 781

    Disc overing Net work Devic es 781 Configuri ng LLDP-MED Sett ings Beginning in P rivileged EXEC mode, use the following commands to configure LLDP -MED set tings that affec t the entire switch. Command Purpo se configure Enter Global Configuration mode. lldp med faststartrepeatcoun t count Spec ifies th e number of LL DP PDUs that will be transmi [...]

  • Página 782

    782 Discoveri ng Network Devices V iewing LLDP-MED Infor mation Beginning in P rivileged EXEC mode, use the following commands to view information about the LLDP -M ED P rotocol D ata Units (PDUs) that are sent and have been received. Device Disco very Conf iguration E xamples This section contains the following e xamples: • Configuring ISD P •[...]

  • Página 783

    Disc overing Net work Devic es 783 console# show isdp Timer....................................45 Hold Time................................60 Version 2 Advertisements.................Enabled Neighbors table time since last change...00 days 00:00:00 Device ID................................none Device ID format capability..............Serial N umber[...]

  • Página 784

    784 Discoveri ng Network Devices console(config-if-Te1/0/3)# description “ Test Lab Port” 6 Exit to P ri vileg ed EXEC mode . console(config-if-Te1/0/3)# <CTRL + Z> 7 View global LLDP settings on the switch. console# show lldp LLDP Global Configuration Transmit Interval..................... 60 seconds Transmit Hold Multiplier.............[...]

  • Página 785

    Disc overing Net work Devic es 785 Port Description: Test Lab Port System Capabilities Supported: bridge, router System Capabilities Enabled: bridge Management Address: Type: IPv4 Address: 192.168.2.1[...]

  • Página 786

    786 Discoveri ng Network Devices[...]

  • Página 787

    Configu ring Port- Based T raffic Contr ol 787 24 Configuring Port-Based T raffic Control This chapter describes how to configur e features that provide traf fic control through filtering the type of traffic or limiting the speed or amount of traffic on a per -port basis. The features th is section descr ibes includes flow contro l, storm control, [...]

  • Página 788

    788 Confi gurin g Port -Base d T raf fic Co ntro l The P riority Flow Control (PFC) featur e, which is avai lable on the N4000 switches only , provides a way to distingu ish which traffic on a p hysical link is paused when congestion occurs based on the pri ority of the traffic. F or more information, see "Configuring Data Center Bridging F ea[...]

  • Página 789

    Configu ring Port- Based T raffic Contr ol 789 configured limit is 10%, this is converted t o ~25000 P PS, and this PP S limit is set in the har dware. Y ou get the approximate desir ed output when 512 byte s pack ets are used. What are Pro tected Ports? The switch supports up to th ree separate groups of protected po rts. T raffic can f low betw e[...]

  • Página 790

    790 Confi gurin g Port -Base d T raf fic Co ntro l Access Control L ists (AC Ls) and LLPF can exist on the same interf ace. However , the ACL rules override the LLPF rules when there is a conflict. Similarly , DiffS erv and LLPF can both be enab led on an interface, but DiffServ rules override LLPF rules when there is a conflict. If Industry Standa[...]

  • Página 791

    Configu ring Port- Based T raffic Contr ol 791 Configuring Port-Based T raffic Control (W eb) This secti on provides information about the O penManage Switch Administrator pages to use t o control port-based traffic on a Dell Networking N2000, N30 00, and N4000 series switche s. F or details a bout the fields on a page, cl ick at the t op of th e p[...]

  • Página 792

    792 Confi gurin g Port -Base d T raf fic Co ntro l Storm Contro l Use the Storm Cont rol page to enable and configure the storm control feature. To d i s p l a y t h e Storm Control interface, click Switching → Po r t s → Storm Control in the navigation menu. Figure 24-2. Storm Control Configuring Storm Contro l Settings on Multiple Ports T o c[...]

  • Página 793

    Configu ring Port- Based T raffic Contr ol 793 Figure 24-3. Storm Control 5 Cli ck Apply .[...]

  • Página 794

    794 Confi gurin g Port -Base d T raf fic Co ntro l Protected Port C onfigu ration Use the P rot ecte d P ort Conf igu rati on page to pr event ports in the same protected po rts group from being able to see each other ’s tra ffic. To d i s p l a y t h e P rotected P ort Config uration page, c lick Switchin g → Po r t s → P rotected P ort Conf[...]

  • Página 795

    Configu ring Port- Based T raffic Contr ol 795 Figur e 24-5 . Add Prote cted P orts G roup 5 Cli ck Apply . 6 Cli ck P r otec ted P ort Configurat ion to return to t he main page. 7 Sele ct the port to add to the group. 8 Select the protected port group ID. Figur e 24-6. Add Prote cted P orts 9 Cli ck Apply . 10 T o view protected port group mem be[...]

  • Página 796

    796 Confi gurin g Port -Base d T raf fic Co ntro l Figure 24-7. View Protected Port Information 11 T o remove a port from a pro tected por t group, sel ect the Rem ov e check box associ ated wit h the port and click Apply . LLPF Config uration Use the LLPF Interface Configurat ion page t o filter out vari ous prop rietary protocol data units (PDUs [...]

  • Página 797

    Configu ring Port- Based T raffic Contr ol 797 Figure 24-8. LLPF Interface Config uration T o view the p rotocol type s that have been bl ocke d for an interface, click Show All . Figure 24 -9. LLPF F iltering Summary[...]

  • Página 798

    798 Confi gurin g Port -Base d T raf fic Co ntro l Configuring Port-Based T raffic Contr ol (CLI) This section provides information about the commands you use to configure port-based traffic control settings. F or more information about the commands, see the Dell Netw orking N2000, N3 000, and N4000 Series Switches CLI Refer ence Guide at support.d[...]

  • Página 799

    Configu ring Port- Based T raffic Contr ol 799 Configuri ng Protecte d Ports Beginning in P rivileged EXEC mode, use the following commands to add a name to a protec ted port group a nd add port s to the g roup. CTRL + Z Exit to Privileg ed EXEC mode. show interfaces detail interfa ce Disp lay deta iled informat ion ab out the s pecif ied inte rfac[...]

  • Página 800

    800 Confi gurin g Port -Base d T raf fic Co ntro l Configuri ng LLPF Beginning in P rivileged EXEC mode, use the following commands to configure LLPF settings. Command Pu rpose configure Enter global configuration mode. interface inter face Enter interf ace con figura tio n mode for th e spec ified inter face. The inte rface variab le include s the[...]

  • Página 801

    Configu ring Port- Based T raffic Contr ol 801 Port-Based T raffic Control Configuration Example The commands in this example configur e storm control, LLPF , and protected port settings for va rious interfa ces on the switch. The storm control configuration in this e xample sets thr esholds on the swit ch so that if broadcast traffi c occupies mor[...]

  • Página 802

    802 Confi gurin g Port -Base d T raf fic Co ntro l 5 V erify the config uration. console# show storm-control te1/0/1 Bcast Bcast Mcast Mcast Ucast Ucast Intf Mode Level Mode Level Mode Level ------ ------- ------- ------- ------- ------- ------- Te1/0/1 Enable 10 Enable 5 Disable 5 console# show service-acl interface te1/0/1 Protocol Mode ---------[...]

  • Página 803

    Confi guring L2 Mu lticas t Features 803 25 Configuring L2 Multicast Features This chapter describ es the layer 2 mult icast features on the Dell Networking series switches. The features this chapter descri bes include bridge multicast flooding and forwarding, Internet Group Managem ent P rotocol (IGMP) snooping, M ulticast List ener Disc ov ery (M[...]

  • Página 804

    804 Conf iguring L2 M ulticas t Feat ures desirable as it r educes the networ k load by sending p ackets only to other hosts/s witches/ router s that ha ve indica ted an i nter est in receiv ing the multicast. If L2 snooping i s not enabled, multicast packets are flooded in the ingress VLAN. What Are the Multi cast Bridging Fe atures? The Del l Net[...]

  • Página 805

    Confi guring L2 Mu lticas t Features 805 When a pack et with a b roadcast or multica st destinati on MAC addr ess is receiv ed, the switch will flood a copy into each of the r emaining network segments in accordance wi th the IEEE M A C Bri dge standard. Eventua lly , the packet is made accessible to all nodes connected to the network. This approac[...]

  • Página 806

    806 Conf iguring L2 M ulticas t Feat ures the switch sees a multica st router in the VLAN, it forwards the group to the multi cast ro uter and do es not f lood in the VLAN. Ther e is a u ser option to cause the switch to flood multica st so urces in the VLAN i f no multicast clients are present. By default, dynamically discover ed mult icast router[...]

  • Página 807

    Confi guring L2 Mu lticas t Features 807 IGMP Snooping Querier When PIM a nd I GMP a re ena bled i n a n etwo rk wi th IP mul tica st ro uti ng, th e IP multicast router acts as the IGMP qu erier . However , if the IP -multicast traffic in a V LAN needs to be Layer 2 switched only , an IP -multicast router is not requir ed. The IGMP snooping querie[...]

  • Página 808

    808 Conf iguring L2 M ulticas t Feat ures • PIMv2 he llo pack ets with dest inati on IP addr ess as FF02 ::D Dynamically l earned multicast routers ar e timed out aft er an adminstrator - configurable period of time. MLD is a protocol use d by IPv6 multicast routers to discover the presence of multicast li steners (no des wishing to receive I Pv6[...]

  • Página 809

    Confi guring L2 Mu lticas t Features 809 There are two types of MVR ports : source and r eceiver . • Source p ort is the port w here multicast traffic is flowing to. It has to be the member of so ca lled multi cast VLAN. • Receiver port is the port where listening host is connected to the switch. It can be the member of any VLA N, ex cept multi[...]

  • Página 810

    810 Conf iguring L2 M ulticas t Feat ures F or information about configuring De l l Network ing N2000, N300 0, and N4000 series s witches as a multicast router t hat also performs IGMP snooping, see "Conf iguring Multicast V LAN Routing W ith IGMP and PIM- SM" on page 1417. What Are GARP and GMRP? Generic Attribute Reg istration P rotocol[...]

  • Página 811

    Confi guring L2 Mu lticas t Features 811 GMRP is similar to IGMP snooping in its purpose, but IGMP snooping is more widely used. GMRP must be running on both the host and the switch to function properly and IGMP/MLD snoop ing must be disabled on the switch, as IGMP snooping and GMRP cannot si multaneously operate withi n the same VLAN.[...]

  • Página 812

    812 Conf iguring L2 M ulticas t Feat ures Snooping Sw itch Restrictions Partial IGMPv3 an d MLDv2 Supp ort The IGMPv3 and MLDv2 prot ocols allow multicast listeners to spe cify the list of host s fro m whic h the y wan t to recei ve the tr affic . Ho wever th e De ll Networking snooping switch doe s not track this information . IGMPv3/MLDv 2 Report[...]

  • Página 813

    Confi guring L2 Mu lticas t Features 813 T opologies Where t he Multicast Sour ce Is Not Direct ly Connecte d to the Querier If the mult icast s ource is not directly connected to a m ulticast q uerier , the multicast str eam is forwar ded to any router ports on th e switch (within the VLAN). Because multicast router q ueries ar e flooded to all po[...]

  • Página 814

    814 Conf iguring L2 M ulticas t Feat ures Default L2 Multicast V alues Detai ls abo ut the L2 mu lticas t are in T abl e 25-1 . T able 2 5-1. L2 Multi cast Defau lts Parameter Defaul t V alue IGMP Snooping mode Enabled MLD Snooping mode Enabled Bridge multi cast group None configu red IGMP/MLD snooping Enabled on all VLANs IGMP/MLD snoopi ng auto-l[...]

  • Página 815

    Confi guring L2 Mu lticas t Features 815 GMRP Disabled globally an d per -interface T able 25-1. L2 Multic ast Defaults (Continued ) Paramete r Default V alue[...]

  • Página 816

    816 Conf iguring L2 M ulticas t Feat ures Configuring L2 Multicas t Features (Web) This section provides information about the OpenManag e Switch Administrator pages for configuring and monitoring L2 multicast feat ures on a Dell Netw orking N2000, N3000, and N40 00 series s witches. F o r det ails about the fields on a pa ge, click at the to p of [...]

  • Página 817

    Confi guring L2 Mu lticas t Features 817 Bridge Mul ticast Group Use the Bridge Multicast Group page to create new mu lticast serv ice groups or to modify ports and LA Gs assigned to ex isting multicast service groups . Attach ed interfaces disp lay in the P ort a nd LAG table s and r eflect the m anner in which each is joined t o the Multicast gro[...]

  • Página 818

    818 Conf iguring L2 M ulticas t Feat ures Ta b l e 2 5 - 2 contains definitions for port/L AG IGMP management settings. Adding and Configu ring Bridge Multicast Address Groups T o configure a bridge multicast group: 1 Fr o m t h e Bridge Multicast Group pag e, c lic k Add . The Add Bridge Multica st Group page displays. Figur e 25-3. Add Bridg e Mu[...]

  • Página 819

    Confi guring L2 Mu lticas t Features 819 4 In the Bridge Multicast Group tables, assign a set ting by clicking in the Static row for a specific port /LAG. Each click toggles between S , F , and blan k. (n ot a m emb er). 5 Cli ck Apply . The bridge multicast address is assigned to t he multicast group, ports/LAGs ar e assigned to the group (with th[...]

  • Página 820

    820 Conf iguring L2 M ulticas t Feat ures MRouter Stat us Use the MRoute r Status page to dis play the status of dy namically learned multicast router interfa ces. T o access this page, cl ick Switching → Multicast Support → MR outer Stat us in the navigation panel. Figure 25 -4. M Route r Status[...]

  • Página 821

    Confi guring L2 Mu lticas t Features 821 General I GMP Snooping Use the General IGMP snooping page to configur e IGMP snooping settings on speci fic ports and LA Gs. To d i s p l a y t h e Genera l IGMP snooping page, click Switching → Multicas t Support → IGMP S nooping → General in the navigation menu. Figur e 25-5. General IGM P Snoopin g [...]

  • Página 822

    822 Conf iguring L2 M ulticas t Feat ures Figur e 25-6. Edit IG MP Snoo ping Sett ings 3 Edit the IGM P snooping fields as ne eded. 4 Click Apply . The IGM P snooping sett ings are modified , and the dev ice is up dated. Copying IGMP Snooping Settings to Mu ltiple Ports, LAGs, or VLANs T o copy IGMP sn oopin g setti ngs: 1 Fr o m t h e General IGMP[...]

  • Página 823

    Confi guring L2 Mu lticas t Features 823 Figur e 25-7. Copy IG MP Sn ooping Setting s 5 Cli ck Apply . The IGM P snooping settin gs are modified, and t he device is up dated.[...]

  • Página 824

    824 Conf iguring L2 M ulticas t Feat ures Global Qu erier Co nfiguration Use the Global Quer ier Configura tion pag e to co nfigu re IGM P snoo ping querier settings, such as the IP address to use as the source in periodic IGMP queries when no source address has been configur ed on the VLAN. To d i s p l a y t h e Glob al Quer ier Conf igurati on p[...]

  • Página 825

    Confi guring L2 Mu lticas t Features 825 VLAN Querier Use the VLAN Qu erier pa ge to specif y the IGMP s nooping querier s ettings for individual VLANs. To d i s p l a y t h e VLAN Q uerier pa ge, clic k Switching → Multi cast Su pport → IGMP Sn ooping → VLAN Querier in the navigation menu. Figure 25 -9. VLAN Querier Adding a New VLAN and Con[...]

  • Página 826

    826 Conf iguring L2 M ulticas t Feat ures 3 Retu rn to the VLAN Q uerier page and select the new VLAN from the VLAN I D menu. 4 Specify the VLAN querier sett ings. 5 Click Apply . The VLAN Querier settin gs are modified, and the device is up dated. T o view a summary of the IGMP snooping VLAN querier se ttings for all VLANs on the switch, click Sho[...]

  • Página 827

    Confi guring L2 Mu lticas t Features 827 VLAN Querier St atus Use the VLAN Qu erier Status pag e to vi ew the IGMP sn oopin g querie r settings for individual VLANs. To d i s p l a y t h e VLAN Querier Status page, c lick Switching → Multicas t Support → IGMP S nooping → VLAN Querier Status in the naviga tion menu. Figur e 25-12 . IGMP Snoop [...]

  • Página 828

    828 Conf iguring L2 M ulticas t Feat ures MFDB IGMP Snooping T able Use the MFDB IGMP Sno oping T able page to vi ew th e mult icast f orwar ding database (MFDB) IGMP Snooping T able and F orbidden P orts settings for individual VLANs. To d i s p l a y t h e MFDB I GMP Sno oping T able pa ge, click Switching → Multicas t Support → IGMP S noopin[...]

  • Página 829

    Confi guring L2 Mu lticas t Features 829 MLD Snooping Genera l Use the MLD S nooping General page to add MLD members. T o access this page, click Switching → Multicast Support → MLD Snooping → General in the nav igation panel . Figur e 25-14. MLD Snoo ping Ge neral Modifying MLD Snooping Settings for VLANs T o configur e MLD snooping: 1 Fr o [...]

  • Página 830

    830 Conf iguring L2 M ulticas t Feat ures Figure 25 -15. MLD Snoo ping T abl e 2 Sele ct the Edit checkbox for each VLAN to m odify . 3 Edit the ML D snooping fields a s needed. 4 Click Apply . The M LD snooping se ttings are modified , and th e device is upd ated.[...]

  • Página 831

    Confi guring L2 Mu lticas t Features 831 Copying MLD Snooping Settings to VLANs T o copy MLD snooping settings: 1 Fr o m t h e General MLD snooping page, click Show All . The MLD Snooping T able dis plays . 2 Sele ct the Copy P a rameters F rom checkbox. 3 Select a VLAN to use as th e source of th e desir ed parame ters. 4 Sele ct t he Copy T o che[...]

  • Página 832

    832 Conf iguring L2 M ulticas t Feat ures MLD Snooping VLAN Queri er Use the MLD S nooping VLAN Quer ier page to s pecify the MLD snoo ping querier setting s for individual VLANs. To d i s p l a y t h e MLD Snooping VLAN Querie r page , click Switching → Multic ast Support → MLD Snooping → VLAN Querier in t he n aviga tion menu. Figur e 25-17[...]

  • Página 833

    Confi guring L2 Mu lticas t Features 833 2 Enter th e VLAN ID and, if de sir ed, an opti onal VLAN name. 3 Retur n to the VLAN Q uerier page and select the n ew VLA N from th e VLAN I D menu. 4 Specify th e VLAN querier sett ings. 5 Cli ck Apply . The VLAN Querier settin gs are modified, and t he device is up dated. T o view a summary of th e IGMP [...]

  • Página 834

    834 Conf iguring L2 M ulticas t Feat ures MLD Snooping VLAN Queri er Stat us Use the VLAN Qu erier Status page to view the MLD snoopi ng quer ier settings for indiv idual VLANs. To d i s p l a y t h e VLAN Querier Status page, click Switching → Multicast Support → MLD Snoopi ng → VLAN Querier Status in the n aviga tion menu. Figur e 25-20. ML[...]

  • Página 835

    Confi guring L2 Mu lticas t Features 835 MFDB MLD Snooping T able Use the MFDB MLD Snooping T able page to view t he MFDB MLD snooping table settings for indivi dual VLANs. To d i s p l a y t h e MFDB MLD Snooping T able page, cli ck Switching → Multicast Supp ort → MLD S noopin g → MFDB MLD Snoo ping T able in the navigation menu. Figure 25-[...]

  • Página 836

    836 Conf iguring L2 M ulticas t Feat ures MVR Global Configur ation Use the MVR Global Config uration page to enable the MVR featur e and configure global parameters. T o display the MVR Global Config uration page, c lick Switching → MVR Conf iguration → Glo bal Co nfig uratio n in the navigation panel. Figure 25-22. MVR Global Configu ration[...]

  • Página 837

    Confi guring L2 Mu lticas t Features 837 MVR Members Use t he M VR Me mber s pag e to vi ew an d co nfig ur e MVR grou p memb er s. T o display th e MVR Members pa ge, click Switching → MVR Co nfig uratio n → MVR Members in the navigation panel. Figure 25 -23. MV R Member s Addin g an MVR Member ship Group T o add an MVR membership group: 1 Fr [...]

  • Página 838

    838 Conf iguring L2 M ulticas t Feat ures MVR Inter face Conf iguration Use the MVR Interfa ce Configuration page to enable MVR on a port, configure its MVR settings, and add the port to an MVR group. T o display the MVR Interface Configurat ion page, click Switching → MVR Config uration → MVR Inte rface Conf iguratio n in the naviga tion panel[...]

  • Página 839

    Confi guring L2 Mu lticas t Features 839 Figure 25-27. MVR - Add to Group 2 Sele ct the interfa ce to add to t he MV R gro up. 3 Specify th e MVR group IP mu lticast add r ess. 4 Cli ck Apply . Removi ng an I nterf ace fro m an M VR Group T o remove an interface from an MVR group: 1 Fr o m t h e MVR I nter face page, c lick Rem ov e . Figure 25-28.[...]

  • Página 840

    840 Conf iguring L2 M ulticas t Feat ures MVR Stat istics Use the MVR Statistics pa ge t o v ie w MV R s t at i st i cs on th e sw i t ch . T o d i sp l ay the M VR Statistics page, click Switching → MVR C onf igur atio n → MVR Statistics in the navigation panel. Figure 25-29. MVR Stat istics[...]

  • Página 841

    Confi guring L2 Mu lticas t Features 841 GARP T imers The Ti m e r s page contains fields for setting the GARP timers used by GVRP and GMRP on the switch. To d i s p l a y t h e Tim e r s page, click Switching → GAR P → Ti m e r s in the navigation panel. Figure 25 -30. GARP T imers Configuring GARP T imer Settings for Multiple Ports T o config[...]

  • Página 842

    842 Conf iguring L2 M ulticas t Feat ures Figure 25-31. Garp T imers T able 3 F or each port or LAG to configure, select the check box in the Edit column in the row associa ted with the port. 4 Specify the desired timer values. 5 Click Apply .[...]

  • Página 843

    Confi guring L2 Mu lticas t Features 843 Copying GARP Time r Settings From One Port to Others T o copy GARP timer settings: 1 Sele ct the Copy P a rameters F rom check box, an d select t he port or LAG with th e settin gs to apply to other port s or LAGs. 2 In the P orts or LAGs list, select the check box(es) in the Copy T o column that will h ave [...]

  • Página 844

    844 Conf iguring L2 M ulticas t Feat ures Figur e 25-33 . GMRP Por t Conf igurat ion T able 3 F or each port or LAG to configure, select the check box in the Edit column in the row associa ted with the port. 4 Specify the desired timer values. 5 Click Apply .[...]

  • Página 845

    Confi guring L2 Mu lticas t Features 845 Copying Settings From One Port or LAG to Others T o copy GMRP settings: 1 Sele ct the Copy P a rameters F rom check box, an d select t he port or LAG with th e settin gs to apply to other port s or LAGs. 2 In the P orts or LAGs list, select the check box(es) in the Copy T o column that will h ave the same se[...]

  • Página 846

    846 Conf iguring L2 M ulticas t Feat ures Configuring L2 Multicast Features (CLI) This section provides information about the commands you use to configure L2 multi cast se ttings on the sw itch. F o r more inform ation abo ut the commands, see the Dell Netw orking N2000, N3 000, and N4000 Series Switches CLI Refer ence Guide at support.dell.com/m [...]

  • Página 847

    Confi guring L2 Mu lticas t Features 847 Configuri ng IGMP Snooping on VLANs Beginning in P rivileged EXEC mode, use the following commands to configure IGMP snooping settings on VLANs. show mac ad dress-table multic ast [ vla n vlan-id ] [ address mac-multi cast- address | ip-multi cast- address ] [ format ip | mac ]] View entries in th e multicas[...]

  • Página 848

    848 Conf iguring L2 M ulticas t Feat ures Configuri ng IGMP Snooping Quer ier Beginning in P rivileged EXEC mode, use the following commands to configure IGMP snooping querier sett ings on the sw itch and on VLANs. ip igmp snooping vlan vlan-id mc rtexp ireti me second s Specif y the multicas t router time- out valu e for to associate with a VLAN. [...]

  • Página 849

    Confi guring L2 Mu lticas t Features 849 Configuri ng MLD Snooping on VLANs Beginning in P rivileged EXEC mode, use the following commands to configure MLD snooping settings on VLANs. ip igmp snooping querie r election participate vla n- id Allow the IG MP snoopi ng que rier to participat e in t he queri er electi on pro cess whe n it discove rs th[...]

  • Página 850

    850 Conf iguring L2 M ulticas t Feat ures Configuri ng MLD Snooping Quer ier Beginning in P rivileged EXEC mode, use the following commands to configure ML D snooping querier se ttings on the swit ch and on VLANs. ipv6 mld snooping vlan vlan-id immedi ate-leave Enables MLD snoopin g immediate-leave mode on the specified V LAN. Enabling im mediate-l[...]

  • Página 851

    Confi guring L2 Mu lticas t Features 851 Configuri ng MVR Beginning in P rivileged EXEC mode, use the following commands to configure MVR featur es on the switch. ipv6 mld snooping querier e lection participate vlan-id Allow t he MLD s nooping que rier to participat e in t he queri er electi on pro cess whe n it discove rs the pr ese nce of anoth e[...]

  • Página 852

    852 Conf iguring L2 M ulticas t Feat ures mvr quer ytime time Set the MV R query response time. The value for time is in units o f tenths of a se cond. mvr mod e {compa tible | dynamic } Spec ify t he MV R mo de o f ope rati on. mvr gro up mcast-add r ess [ groups ] Add an MVR membership grou p. • mcast-address —T he group IP multicast addr ess[...]

  • Página 853

    Confi guring L2 Mu lticas t Features 853 Configuri ng GARP T imers and GMRP Beginning in P rivileged EXEC mode, use the following commands to conf igure the GAR P timers and to co ntrol the adminis trati ve mode GMRP on the switch a nd per -interface. Comman d Purpose configure E nter globa l confi guration mod e. garp timer {join | leave | leaveal[...]

  • Página 854

    854 Conf iguring L2 M ulticas t Feat ures Case Study on a Real-W orld Network T opology Multicast Snooping Case Stu dy F igure 25-35 shows the t opology that the s cenarios in this case st udy use. Figure 25 -35. Case S tudy T opolo gy The topology in F igure 25-35 includes the follow ing elements: • Snooping S witches: D1, D2, D3 w ith IGMP snoo[...]

  • Página 855

    Confi guring L2 Mu lticas t Features 855 • Mult icast Sou rces: Server A – 239.20.3 0.40, Server B – 239 .20.30.42 • Subn ets: VLAN 10 – 192 .168.10.x , VLAN 20 – 192.1 68.20.x • Mro uter ports: D 3 – 1/0/20, D 2 – P ortChanne l1, D1 – 1/0/15 Snoo ping Wit hin a Su bnet In the example network topology , the multicast source and [...]

  • Página 856

    856 Conf iguring L2 M ulticas t Feat ures 3 A forwa r ding en try is created b y D3 for V LAN20, 239 .20.30.42 – 1/0/6, 1/0/20. 4 Client D will receive the multica st stream from Server B b ecause it is forward ed by D1 to D3 an d then to D4 be cause D4 is a mult icast rout er . Because the multicast stream is present on D3, a L2 forw arding entr[...]

  • Página 857

    Confi guring L2 Mu lticas t Features 857 2 A mult icast forw arding entry is c reated on D 2 VLAN 20, 239.20 .30.40 – 1/0/ 20, P ortCha nnel1 . 3 The Clie nt F r eport messa ge is for war ded to D3-P ortChannel 1 (multic ast router attached port). 4 A mult icast forw arding entry is created on D 3 VLAN 20, 239.2 0.30.40 – P o rtChann el1, 1/0/2[...]

  • Página 858

    858 Conf iguring L2 M ulticas t Feat ures Mult icast Sou rce and List ener co nnect ed to Multic ast Route r via in termedi ate snoo ping s witches and are par t of diffe rent r outing VLANs: Serv er B  Clien t E Clients E, B, and C are on the same subnet VLAN10 – 192. 168.10.70/ 24. Server B is in a differ ent subnet VLAN2 0 – 192.1 68.2 0.[...]

  • Página 859

    Configu ring Conn ectivi ty Fault Mana gemen t 859 26 Configuring Connectivity Fault Managemen t This chapter describes how to configure the Connectivity F ault Management feature , which is specifie d in IEEE 802.1ag ( IEEE Standard for Local and Metrop olita n Ar ea Netw orks Vir tual B ridged Loc al Ar ea Network s Amendment 5: Connectivity F au[...]

  • Página 860

    860 Confi gurin g Connec tivity Fau lt Mana gemen t IEEE Std. 802.3 LAN, Dot1ag addr esse s fault diagnosis at the service layer across networks comprising multiple LANs, including LANs o ther th an 802.3 media. How Does Dot1ag W ork Across a Carrier Networ k? A typic al metr opol itan ar ea ne twork co mprises operator , service pro vider , a nd c[...]

  • Página 861

    Confi guring C onnectiv ity Faul t Managemen t 861 Higher levels have a b roader , but less detailed, view of the network. As a resu lt, a pro vide r c ould incl ude mul tip le o pera tors , pr ovid ed t hat the dom ains never intersect. The operato r transparently passes frames from the customer and provider , and the cus tomer does not see th e o[...]

  • Página 862

    862 Confi gurin g Connec tivity Fau lt Mana gemen t F i gure 2 6-2 depicts two MEP s and the MIP s that connect them in a maintenance domain. Figure 26-2. Maintenan ce En dpoints and Intermediat e Points Mai ntenanc e Assoc iatio ns An MA is a logical connection between one or more MEP s that enabl es monitoring a particular servi ce instance. Each[...]

  • Página 863

    Confi guring C onnectiv ity Faul t Managemen t 863 Figure 26-3. Provider View for Service Level OAM Wha t is t he Adm inis trator’ s Role ? On the switch, the administra tor config ures the customer -level maintenance domains, ass ociations, and endpoi nts used to part icipate in Dot1ag services with other switches conn ected through the provider[...]

  • Página 864

    864 Confi gurin g Connec tivity Fau lt Mana gemen t T roubleshoo ting T asks In the event of a connecti vity loss between MEP s, the adm inistrator c an perform path discov ery , sim ilar to tra ceroute, from one MEP to any MEP or MIP in a mainte nance domain using Link T race Messages (L TMs). The connectivity loss is narrowed down using path disc[...]

  • Página 865

    Confi guring C onnectiv ity Faul t Managemen t 865 Configuring Do t1ag (We b) This secti on provides information about the O penManage Switch Administrator pages for configuring an d monitoring Dot1ag featur es on a Dell Networking N2000 , N3000, and N4000 series switches. F or details abo ut the fields on a page, click at the top of the page. Dot1[...]

  • Página 866

    866 Confi gurin g Connec tivity Fau lt Mana gemen t Figur e 26-5. Dot 1ag MD Configu ratio n Dot1ag MA Configurat ion Use the MA Config uration page to associ ate a maintenance domain level with one or m or e VLAN ID , provide a name for each maintena nce association (MA), and to set the in terval between continuity check m essages sent by MEP s fo[...]

  • Página 867

    Confi guring C onnectiv ity Faul t Managemen t 867 T o add an MA, click the Add link at the top of the page. Dot1ag MEP Config uration Use the MEP Conf iguration pa ge to define switch ports as Ma nagement End Po i n t s . M E Ps a r e c o n f i g u r e d p e r d o m a i n a n d p e r V L A N . To d i s p l a y t h e page, click Switching → Dot1a[...]

  • Página 868

    868 Confi gurin g Connec tivity Fau lt Mana gemen t To a d d a M E P , c l i c k t h e Add link at the t op of the page. A VLAN must be associated with the s elected domain before you configure a MEP to be used within an MA (see the MA Config uration page). Dot1ag MIP Configur ation Use the MIP Co nfigu ratio n page to define a swi tch port as an i[...]

  • Página 869

    Confi guring C onnectiv ity Faul t Managemen t 869 Dot1ag RMEP Summary Use the RMEP Summary p a g e t o vi e w i n fo rm a ti o n on re mo t e M E P s th at t he switch has learned through CFM PDU e xchanges with MEP s on the switch. To d i s p l a y t h e page, c lick Switching → Dot1ag → RMEP Summary in the tree view . Figur e 26-9. Dot 1ag R[...]

  • Página 870

    870 Confi gurin g Connec tivity Fau lt Mana gemen t Dot1ag L 2 Ping Use the L2 Ping page to generate a l oopback message from a speci fied MEP . The MEP can be identifi ed by the MEP ID or by its MAC address. To d i s p l a y t h e page, c lick Switching → Dot1ag → L2 Ping in the tree vi ew . Figure 26 -10. Dot 1ag L2 Ping Dot1ag L 2 T racerout[...]

  • Página 871

    Confi guring C onnectiv ity Faul t Managemen t 871 Figure 26-11. Dot1ag L2 T raceroute Dot1ag L2 T racerou te Cache Use the L2 T racerout e Cache page to vie w link traces retained in the l ink trace databa se. To d i s p l a y t h e page, c lick Switching → Dot1ag → L2 T racero ute Cache in the tree view . Figure 26-12. Dot1ag L2 T racerou te [...]

  • Página 872

    872 Confi gurin g Connec tivity Fau lt Mana gemen t Dot1ag St atisti cs Use the Statistics page to view Dot1ag informatio n for a selected domain and VLAN ID. To d i s p l a y t h e page, c lick Switching → Dot1ag → Sta tist ics in th e tree view . Figure 2 6-13. Dot1ag Statis tics[...]

  • Página 873

    Confi guring C onnectiv ity Faul t Managemen t 873 Configuring Do t1ag (CLI) This section provides information about the commands you use to configure Dot1a g setting s on the swit ch. F o r more informa tion abou t the comma nds, see the Dell Netw orking N20 00, N3000, and N4000 Ser ies Switches C LI Refe r ence G uide at support.dell.com/manuals [...]

  • Página 874

    874 Confi gurin g Connec tivity Fau lt Mana gemen t Configuri ng MEP Informat ion Beginning in P rivileged Exec mode, use the following commands to configur e the mode and view related settings. CLI Command Desc ription configure Enter global configuration mode. interface inte rface Enter Interface Config mode for the specifie d interfa ce, where i[...]

  • Página 875

    Confi guring C onnectiv ity Faul t Managemen t 875 Dot1ag Ping and T racerout e Beginning in P rivileged Exec mode, use the following commands to help identify and troubleshoot Ethernet CFM setting s. CLI Command Des cription ping ethe rnet cfm mac mac- addr Generate a loopback message from t he MEP with the sp ecified MAC address. ping ethe rnet c[...]

  • Página 876

    876 Confi gurin g Connec tivity Fau lt Mana gemen t Dot1ag Configur ation Example In the following e xample, the switch at the customer site is part of a Metro Ethernet network that is bridged to r emote sites through a provider network. A service VLAN (SVID 200) i dentifies a p articular set of customer traffi c on the provid er network. Figure 26[...]

  • Página 877

    Confi guring C onnectiv ity Faul t Managemen t 877 2 Configure port 1/0/ 5 as an MEP for se rvice VL AN 2 00 so that the po rt can ex change CFM PDUs with its counterpart MEP s on the customer n e tw o r k . T h e p o rt i s fi r s t c o n fi g u re d a s a ME P w it h M E P I D 2 0 o n d o m a i n level 6 for VLAN 20 0. Then the port i s enable d [...]

  • Página 878

    878 Confi gurin g Connec tivity Fau lt Mana gemen t[...]

  • Página 879

    Snoo ping a nd Ins pecti ng T raf fic 879 27 Snooping and Inspecting T raffic This chapter de scribes Dynamic Ho st Configurati on P rotocol (DHC P) Snooping, IP Source Guar d (IPSG), and Dynamic ARP Ins pection (DAI), which ar e layer 2 se curity featur es that e xamine tra ffic to help pr event accidental and malicious attacks on the switch or ne[...]

  • Página 880

    880 Snoopi ng a nd Inspe cting T raff ic What Is DHCP Snooping ? Dynamic Host Configuration Protocol (DHCP) Snooping is a security feature that monitors DHCP messages between a DHCP client and DHCP s erver to accomplish the following tasks: • F ilter harmfu l DHCP messages • Bu ild a bin dings datab ase with entri es th at cons ist of the fo ll[...]

  • Página 881

    Snoo ping a nd Ins pecti ng T raf fic 881 How Is the DHCP Snooping Bindings Datab ase Populated ? The DHCP snooping application uses D HCP messages to build a nd maintain the bin ding’s d atabas e. DHCP sn ooping create s a tentat ive bin ding fro m DHCP DISCO VER and REQUEST messages. T entative bindings tie a clie nt to a port (the port where t[...]

  • Página 882

    882 Snoopi ng a nd Inspe cting T raff ic DHCP Sn ooping an d VLAN s DHCP snooping forwards valid DHCP client messages r eceived on non- routing VLANs. The message is forwar ded on all trusted interface s in the VLAN. DHCP snooping can be configured on switching VLANs and routing VLANs. When a DHCP packet is received on a routi ng VLAN, the DHCP sno[...]

  • Página 883

    Snoo ping a nd Ins pecti ng T raf fic 883 What Is IP Source Gua rd? IPSG is a securi ty feature that filters IP packets based on source ID. This featur e helps pro tect the network from attack s that use IP addr ess spoofi ng to compromise or overwhelm t he network. The source ID may be either the s ource IP addr ess or a {source IP address, source[...]

  • Página 884

    884 Snoopi ng a nd Inspe cting T raff ic What is Dynamic ARP In spection? Dynamic ARP Insp ection (D AI) is a securit y feature that re jects invalid a nd malicious ARP packets. DAI pr events a class of man-in-the-middle atta cks where an unfriendly station interce pts tr affic for othe r stations by poisoning the ARP caches of its unsuspecting nei[...]

  • Página 885

    Snoo ping a nd Ins pecti ng T raf fic 885 re-enable the port. D AI rate limiti ng cannot be enable d on trust ed interface s. Use the no i p arp in spection li mit command to disable diagnostic disabli ng of untrused ports due to D AI. Why Is T raffic S nooping an d Inspect ion Necess ary? DHCP Snooping, IPSG, and D AI ar e security features t hat [...]

  • Página 886

    886 Snoopi ng a nd Inspe cting T raff ic Static DHCP bindings None co nfigured IPSG mode Disabled on all inte rfaces IPSG port security Disabled on all inter faces Static IPSG bi ndings None configured DAI vali date so urce MAC Disab led DAI validat e dest ination MAC D isable d DA I v a li d at e I P D is a b le d DAI trust st ate Disable d (unt r[...]

  • Página 887

    Snoo ping a nd Ins pecti ng T raf fic 887 Configuring T raffic S nooping and Inspection (W eb) This secti on provides information about the O penManage Switch Administrator pages for configuring an d monitoring DHCP snooping, IP SG, and DA I feature s on a Dell Networking N2 000, N3000, and N4 000 series switche s. F or details ab out the fields on[...]

  • Página 888

    888 Snoopi ng a nd Inspe cting T raff ic DHCP Snooping Int erface Conf iguratio n Use the DHCP Snooping Interface Configuratio n page to configure the DHCP Snooping settings on ind ividual ports and LAGs. T o access the DHCP Snooping Interface Co nfiguration page, click Switching → DHCP Snooping → Inte rface Conf iguration in the navi gation pa[...]

  • Página 889

    Snoo ping a nd Ins pecti ng T raf fic 889 T o view a summary of the DHCP snooping configuration for all interfaces, click Show All . Figur e 27-4. DHCP S noopin g Interf ace Confi gurati on Summary[...]

  • Página 890

    890 Snoopi ng a nd Inspe cting T raff ic DHCP Snooping VLAN Conf iguration Use the DHCP Snooping VLAN Configurati on page to control the DHCP snooping mode on each VLAN . T o access the DHCP Snooping VLAN Confi guration page, click Switching → DHCP Snooping → VLAN Configuration in the navigation panel. Figur e 27-5. DHCP Sn ooping VLAN Confi gu[...]

  • Página 891

    Snoo ping a nd Ins pecti ng T raf fic 891 DHCP Snooping Persistent Conf igurati on Use the DHCP Snooping P ersistent Config uration page to co nfigure the persis tent loca tion of the DHC P snooping database . The bindin gs databas e can be stor ed locally on the switch or on a remote system somewher e else in the networ k. The switch mus t be able[...]

  • Página 892

    892 Snoopi ng a nd Inspe cting T raff ic DHCP Snooping Static Bindings Configurat ion Use the DHCP Snooping Static Bin dings Configurat ion page to add static DHCP bindi ngs to the bindi ng databas e. T o access the DHCP Snoopin g Static Bindings Con figuration page, click Switching → DHCP Snooping → Static Bindi ngs Configuratio n in the navig[...]

  • Página 893

    Snoo ping a nd Ins pecti ng T raf fic 893 DHCP Snooping Dynami c Bindings Summar y The DHCP Snoo ping Dynamic Bindings Sum mary lists a ll the DHCP snooping dynamic binding entries learned on the switch ports. T o access the DHCP Snooping Dynamic Bindings Summary page, click Switching → DHCP Snooping → Dyna mic B indin gs Su mmary in the naviga[...]

  • Página 894

    894 Snoopi ng a nd Inspe cting T raff ic DHCP Snooping Statistics The DHCP S nooping Sta tistics page dis plays DH CP snooping i nterface statistics . T o access the DHCP Snooping Statistics page , clic k Switching → DHCP Snooping → Statistic s in th e navigati on panel. Figur e 27-11 . DHCP Snoo ping S tatist ics[...]

  • Página 895

    Snoo ping a nd Ins pecti ng T raf fic 895 IPSG I nterface Configurat ion Use the IPSG Inter face Config uration pa ge to configure IPSG on an interface. T o access the IPSG In terfac e Conf igurati on page, click Switching → IP Source Guard → IPSG Inte rface Con figuration in the navigation pane l. Figure 2 7-12. IPSG Interfac e Configur ation [...]

  • Página 896

    896 Snoopi ng a nd Inspe cting T raff ic IPSG Bindi ng Summary The IPSG Binding Summ ary page dis plays the IPSG Stat ic binding list and IPSG dynamic binding lis t (the static bindings configur ed in Bi nding configuration page). T o access the IPSG Binding Summary page , clic k Switching → IP Source Guard → IPSG Binding Summary in the navigat[...]

  • Página 897

    Snoo ping a nd Ins pecti ng T raf fic 897 DAI Global Conf iguration Use the DA I C o n f ig u ra t i on page to configure global DAI settings. To d i s p l a y t h e D AI Conf iguration page , click Switching → Dynamic A RP Inspec tion → Global Co nfiguratio n in the navigation panel. Figure 27-1 5. Dynamic ARP Inspec tion Global Config uration[...]

  • Página 898

    898 Snoopi ng a nd Inspe cting T raff ic DAI Int erface Con figuration Use the D AI Interf ace Config urati on page to selec t the D AI Interf ace for which information is to be displayed or configured. To d i s p l a y t h e D AI In terfa ce Co nfig urat ion page, click S witching → Dynamic ARP In spection → Inter face Configur ation in the na[...]

  • Página 899

    Snoo ping a nd Ins pecti ng T raf fic 899 Figur e 27-17. DAI In terfac e Config uratio n Summary[...]

  • Página 900

    900 Snoopi ng a nd Inspe cting T raff ic DAI VLAN Co nfigurat ion Use the DAI VLA N Co nfigu ratio n page to s elect the VLANs for which information is to be displayed or configur ed. To d i s p l a y t h e D A I VLAN C onfig urat ion page, clic k Switching → Dyna mic ARP Insp ection → VLAN Configurat ion in the navi gation panel . Figure 27-18[...]

  • Página 901

    Snoo ping a nd Ins pecti ng T raf fic 901 DAI ACL Configur ation Use the D AI AC L Co n f i gu r a t io n page to add or remove ARP ACLs. To d i s p l a y t h e D A I ACL Configur ation page, click Switching → Dynamic ARP In specti on → A CL Configuratio n in the navigation panel. Figure 27 -20. Dy namic ARP Inspect ion ACL Configurat ion T o v[...]

  • Página 902

    902 Snoopi ng a nd Inspe cting T raff ic Figure 27-22. Dyna mic ARP Inspec tion Rule Co nfigurat ion T o view a summary of the ARP ACL rules that have been created, cli ck Show All . Figure 27 -23. Dynamic AR P Inspecti on ACL Ru le Summary T o r emove an ARP ACL rule, select the Re mo v e checkbox associated with the rule and click App ly . DAI St[...]

  • Página 903

    Snoo ping a nd Ins pecti ng T raf fic 903 Figure 27-2 4. Dynamic ARP Inspec tion Statistic s[...]

  • Página 904

    904 Snoopi ng a nd Inspe cting T raff ic Configuring T raffic Snoopi ng and Inspection (CLI) This section provides information about the commands you use to configure DHCP snooping, IPSG, and D AI settings on th e switch. F or more informa tion about the commands, see the Dell Networking N2000, N3000, and N4000 Series Switches CLI Reference Guide a[...]

  • Página 905

    Snoo ping a nd Ins pecti ng T raf fic 905 ip dhcp snooping databa se write-dela y second s Configure the in terval, in seconds , at which the DHCP Snooping database will be stored in pe rsistent storage. The number of se conds can range from 15–864 00. ip dhcp snooping limit { none | rate rate [ bur st interval second s ]} Configure the maximum r[...]

  • Página 906

    906 Snoopi ng a nd Inspe cting T raff ic Configuri ng IP Source Guar d Beginning in P rivileged EXEC mode, use the following commands to configure I PSG settings on the switch. clear ip dhcp snooping statistics Rese t the DHCP snoop ing statist ics to zero. Command Purpose configure Enter global configuration mode. interface inte rface Enter inte r[...]

  • Página 907

    Snoo ping a nd Ins pecti ng T raf fic 907 Configuri ng Dynamic ARP Inspe ction Beginning in P rivileged EXEC mode, use the following commands to configure D AI setti ngs on the switch. exit Exit to P rivileged EX EC mode. show ip verify in terface interfa ce View IPSG parameters for a specific port or LAG. Th e int erface paramete r includes th e i[...]

  • Página 908

    908 Snoopi ng a nd Inspe cting T raff ic arp access-list acl-name Create an AR P ACL with the s pecified n ame (1–3 1 characters) and enter ARP Access-list Configuration mode for the ACL. permit ip host send er -ip mac hos t sender-mac Configur e a ru le for a valid IP address and MAC addr ess combination used in ARP packet validation. • sende [...]

  • Página 909

    Snoo ping a nd Ins pecti ng T raf fic 909 show ip arp inspection vlan [ vlan-range ] View the Dynamic ARP I nspection confi guration on the spec ified V LAN(s). This command also di splays the global configuration values for s ource MAC va lidation, d estination MAC val idation and inv alid I P valida tion . show ip arp inspection statistics [ vlan[...]

  • Página 910

    910 Snoopi ng a nd Inspe cting T raff ic T raffic Snooping and In spection Configuration Examples This section contains the following e xamples: • Configuring DH CP Snooping • Configuring IPSG Configuri ng DHCP Snooping In this e xample, DH CP snooping is en abled on VLAN 100. P orts 1-20 connect end us ers to the net work and are members of VL[...]

  • Página 911

    Snoo ping a nd Ins pecti ng T raf fic 911 T o configure the switch: 1 Enable DHCP snoo ping on VLAN 10 0. console# config console(config)# ip dhcp snooping vlan 100 2 Configure LAG 1, which includes ports 21-24, as a trusted port. All other interfaces are untrusted by defau lt. console(config)# interface port-channel 1 console(config-if-Po1)# ip dh[...]

  • Página 912

    912 Snoopi ng a nd Inspe cting T raff ic Configuri ng IPSG This example builds on the previous example and use s the same topology shown in F igure 27-25. In this configur ation example, IP s ource guard is enabled on ports 1- 20. DHCP snoop ing must also be enabled on thes e ports. Additionally , because the ports use IP source guard with source I[...]

  • Página 913

    Conf iguring Li nk Aggr egation 913 28 Configuring Lin k Aggregation This chapter describ es how to cr eate and configure link aggr egation groups (LAGs), which ar e also known as port-channels. The topics covered in t his chapter include: • Link Aggregation • Multi- Switch LAG (MLAG) Link Aggrega tion Overview Link Aggregation allows one or mo[...]

  • Página 914

    914 Confi gurin g Link Aggr egatio n Figure 2 8-1. LAG Configura tion LAGs can be co nfigured on s tand-alone or st acked swit ches. In a stack of switches, the LAG can consist of ports on a single unit or across multiple stack members. Whe n a LAG members span differ ent units across a stack, and a unit fails, the remaining LAG members on the func[...]

  • Página 915

    Conf iguring Li nk Aggr egation 915 This provides a more r esilient L AG. Best practices sug gest using dynamic l ink aggre gation instead o f static link aggre gation.When a port is added to a LAG as a stat ic member , it neither transmits nor r ece ives L ACP PDUs. What is LAG Hashing? Dell Netw orkin g s eries swit ches supp or t configuration o[...]

  • Página 916

    916 Confi gurin g Link Aggr egatio n How Do LAGs Intera ct with Other Featu res? F rom a system perspective, a LAG is tr eated just as a physical port, with the same configuration parameters for admi nistrative enable/disabl e, spanning tree port p riori ty , path cos t as may be for an y other ph ysica l port. VLAN When members are added to a LAG,[...]

  • Página 917

    Conf iguring Li nk Aggr egation 917 • The p ort cannot be a mirrored port The following are the interface restrictions • The confi gur ed speed of a LAG member cannot b e changed. • An interface can be a member of only one LAG. Default Li nk Aggregati on V alues The LAGs on the switch are created by default, but no ports are members. T able 2[...]

  • Página 918

    918 Confi gurin g Link Aggr egatio n Configuri ng Link Aggregati on (W eb) This section provides information about the OpenManag e Switch Administrator pages for configuring and monitoring LAGs on a Dell Networki ng N2000, N3000, and N40 00 series s witches. F or details abo ut the fields on a page, click at the top of the page. LAG Conf igura tion[...]

  • Página 919

    Conf iguring Li nk Aggr egation 919 T o view or edit settings for multipl e LAGs, click Show All . LACP Parameters Dynamic link a ggregation i s initiated and maintained by the p eriodic ex changes of LACP P DUs. Use the LACP P aramet ers page to configur e LA CP LAGs. To d i s p l a y t h e LA CP P arameters page, click Switching → Link Aggregat[...]

  • Página 920

    920 Confi gurin g Link Aggr egatio n Figure 28-3. LACP Parameters Configu ring LACP Pa rameters for Multip le Ports T o configur e LACP settings: 1 Open the LACP P aram eters page. 2 Click Show A ll . The LACP P aram eters T a ble page display s.[...]

  • Página 921

    Conf iguring Li nk Aggr egation 921 Figure 28-4. L ACP Parameters T able 3 Sele ct the Edit check box associated wit h each port t o configur e. 4 Specify th e LACP port priority and LACP timeout for each p ort. 5 Cli ck Apply . LAG Membership Y our switch supports 4 8 LAGs per system, and eight ports per LAG. Use the LAG Membership page t o assign[...]

  • Página 922

    922 Confi gurin g Link Aggr egatio n Figure 28-5. LAG Membe rship Adding a Por t to a S tatic LAG T o add a static LAG member : 1 Open the LA G Membe rsh ip page. 2 Click in the LA G row to togg le the port to the desir ed LAG. The LAG number d isplays for that port. The LAG numb er increas es each time yo u click unt il the nu mber r eaches the ma[...]

  • Página 923

    Conf iguring Li nk Aggr egation 923 LAG Hash Configuration Use the LAG has h algori thm to set the t raffi c distri buti on mode on the LA G. Y ou can set the hash type for each LAG. To d i s p l a y t h e LA G Hash Config uration page, cli ck Switching → Link Aggregat ion → LAG Ha sh Configurat ion in the navigation panel. Figure 28 -6. LAG Ha[...]

  • Página 924

    924 Confi gurin g Link Aggr egatio n Figure 28-7. LAG Hash Summ ary[...]

  • Página 925

    Conf iguring Li nk Aggr egation 925 Configuri ng Link Aggreg ation (CLI) This section provides information about the commands you use to configure link aggregation settin gs on the sw itch. F or more information about the commands, see the Dell Networking N2000 , N3000, and N4 000 Series Switches CLI Reference Guide at supp ort .dell. com/ manuals [...]

  • Página 926

    926 Confi gurin g Link Aggr egatio n Confi guri ng Link Aggr egatio n Grou ps Beginning in P rivileged EXEC mode, use the following commands to add ports as LAG members and to confi gur e the LAG hashing mo de. Command Pu rpose configure Enter global configuration mode. interface inte rface Enter inte rface conf igurat ion mo de f or the spec ified[...]

  • Página 927

    Conf iguring Li nk Aggr egation 927 Configuring LACP Pa rameters Beginning in P rivileged EXEC mode, use the following commands to configure system and p er- port LACP para meters. hashing-mo de mode Set th e hashi ng algo rithm o n the LAG. The mode value is a number from 1 to 7. Th e numbers cor res pond to the fol lowi ng alg orithm s: • 1 —[...]

  • Página 928

    928 Confi gurin g Link Aggr egatio n interface port-chann el number Enter inte rface conf igurat ion mo de f or th e spec ified LAG. Y ou can also sp ecify a ran ge of LAG s to config ur e with the int erfa ce ran ge port-channel command, for example, interface r ange port-channel 1-3, 10 c onfig ures LAGs 1 , 2, 3, and 10. lacp port-priority val u[...]

  • Página 929

    Conf iguring Li nk Aggr egation 929 Link Aggregat ion Config uration Examples This section contains the following exa mples: • Configurin g Dynamic LAGs • Configu ring Static L AGs Configuring Dynamic LAGs The commands in this exampl e show how to configur e a static LAG on a switch. The LAG number is 1, and the member ports ar e 1, 2, 3, 6, an[...]

  • Página 930

    930 Confi gurin g Link Aggr egatio n 3 View informa tion about L AG 1. console# show interfaces po1 Configuring Static LAG s The commands in this example show how to configur e a static LAG on a switch. The LAG number is 2, and the member ports ar e 10, 11, 14, and 17. T o configure the switch: 1 Enter in terface configurat io n mode for the ports [...]

  • Página 931

    Conf iguring Li nk Aggr egation 931 3 View information abou t LAG 2. console# show interfaces po2 Channel Ports Ch-Type Hash Type Min-links Local Prf ------- ------------- ------- --------- --------- --------- Po1 Active: Te1/0/1 Inactive: Te1/0/2, Te1/0/3, Te1/0/6, Te1/0/7 Static 7 1 Disabled Hash Algorithm Type 1 - Source MAC, VLAN, EtherType, so[...]

  • Página 932

    932 Confi gurin g Link Aggr egatio n Multi-Switch LAG (MLAG) Overview In a typical L2 network, the Spa nning T ree Protocol (STP) is deployed to avoid pack et storms due to loops in the network. T o perform this function, STP sets p orts into eith er a forwar ding state or a blocking state . P orts in the blocking state do not carry traff ic. In th[...]

  • Página 933

    Conf iguring Li nk Aggr egation 933 Deployment Sce narios MLAG is intended t o support higher bandwidth utilization in scenarios where a r edundant L2 netwo rk is desir ed. In such scenarios the effects o f STP on link utilization are profound. Lar ge percentages of links do not carry data because they are block ed and only a single path through th[...]

  • Página 934

    934 Confi gurin g Link Aggr egatio n Figure 28-9. MLAG in an L2 Net work SW2 SW1 Traffic flows on all av ailable link s. MLAG Peer Link SW4 SW3[...]

  • Página 935

    Conf iguring Li nk Aggr egation 935 Definiti ons Refer to Figure 28-10 for the definitions that follow . Figure 28 -10. MLA G Compo nents MLAG sw itches : MLAG awar e switches running Dell Networking OS switch firmwar e. No more than two MLAG a ware switches can p air to form one end of the LAG. Stack ed switches do not support ML AGs. In the above[...]

  • Página 936

    936 Confi gurin g Link Aggr egatio n MLAG m ember ports : P orts on the peer MLAG switches th at are part of the MLAG interface (P 1 on SW1 and S1 o n SW2). Non-redunda nt ports : P orts on ei ther of the peer swit ches that are not part of the MLAG (ports P4 and S4). MLA G interfaces and non-redundant ports cannot be members of the same VLAN , i.e[...]

  • Página 937

    Conf iguring Li nk Aggr egation 937 2 STP The defa ult STP m ode for Dell N etworking switches is RST P . VLAN s cann ot be conf igured to c ontai n bot h MLA G port s and non- MLAG (no n- redundant) ports. Only RSTP or MSTP are supported with MLAG. STP - PV an d RSTP-PV are not supp orte d with ML AG. The fo llowi ng STP configurat ion param eters[...]

  • Página 938

    938 Confi gurin g Link Aggr egatio n The ad ministrat or should also e nsure that th e following a r e identica l before enabling MLAG: –F D B e n t r y a g i n g t i m e r s – Sta tic MAC en tries. – ACL configuration 4 Interface Con figuration – PFC configura tion – CoS queue assignments 5 VLAN configurat ion – MLAG VLANs must span th[...]

  • Página 939

    Conf iguring Li nk Aggr egation 939 Operation in the Network Below is a sample ML AG topology and discussion: Figure 28-11. Examp le MLA G T opo logy In F igure 28- 11: 1 VLAN 10 spans the MLAG network. 2 P and S ar e MLAG -awar e pee r devices . P stands for primary a nd S stands for secondary . The roles a r e elected after the DUT s exchange kee[...]

  • Página 940

    940 Confi gurin g Link Aggr egatio n Supported topologies and the way traffic is handled in these to pologies is explained in the following sections. The MLAG component uses the k eep-alive p rotocol to select a p rimary and a secondary devi ce. The primary switch owns the M LAG member ports on the secondary device. It handles the cont rol pl ane f[...]

  • Página 941

    Conf iguring Li nk Aggr egation 941 The MLAG component in ternally configures filters so that traffic ingressing a peer -link is blocked from egress on the peer MLAG switch. The filters are modified when there is a failure of all the MLAG memb er interfaces on an MLAG switch and t raffic must egr ess through se lected ports on the MLAG peer . These[...]

  • Página 942

    942 Confi gurin g Link Aggr egatio n DCPDP an d Peer Lin k Failu res DCPDP i s intended to provide a secondary layer of protection against peer link failures. If the peer -link goes down but t he DCPDP protoco l is enabled and remains up, the MLAG links on the MLAG s econdary peer are disabled. If the peer -link is re store d, a new primar y switch[...]

  • Página 943

    Conf iguring Li nk Aggr egation 943 b Configu re the timeout in terval, if de sir ed. vpc domain 1 role 10 exit Modifica tions to priority and time out in terval a r e effective on ly before the keep-ali ve protocol is enabled. Once enabled, MLAG switches contest in an election to select the primary and secondary sw itch. The election is non-preemp[...]

  • Página 944

    944 Confi gurin g Link Aggr egatio n When the peer-lin k is configured, the MLAG component disables learning on the port-channel configured as the peer -link. 4 Configure DCPD P (optional): a Configur e a VLAN rou ting i nterface and as sign a local IP a ddre ss (different from the peer address). b Config ur e the peer -switc h IP addr ess (the des[...]

  • Página 945

    Conf iguring Li nk Aggr egation 945 to the pr imary sw itch for han dling. FDB entries learne d on M LAG interfaces are synced between the two devices. interface range gi1/0/1-4 channel-group 2 mode active exit interface range gi1/0/5-8 channel-group 3 mode active exit interface port-channel 2 switchport mode trunk vpc 1 exit interface port-channel[...]

  • Página 946

    946 Confi gurin g Link Aggr egatio n 2 On the MLAG standby swit ch, sh ut down t he MLAG peer-link. 3 Copy the new f irmwar e to the standby swi tch, act ivate it , and r eboot the switch. 4 Re-enable the peer-link, if disabled, and ensure that it is up. Re-enable t he MLAG -associated physical ports. 5 W ait unt il traffic is re-establish ed on th[...]

  • Página 947

    Conf iguring Li nk Aggr egation 947 MLAG doma in for the MLA G feature to autom atically ut ilize the pee r -link t o forward pack ets around failur es. MLAG VLANs may have IP a ddresses assigned, but MLAG VLANs cannot be us ed to route across MLAG or non- redundant VLANs, as the MLAG feature does not correlate failures in one VLAN with another VLA[...]

  • Página 948

    948 Confi gurin g Link Aggr egatio n Alt ernativ e Reco mmended L3 C onnect ivity The loop-free topology shown in F igure 28-13 uses the MLAG switches as L2 switches in a n EOR role. The single V LAN traverses the MLAG topo logy from the top router t o the bottom storage and servers . Multiple VLANs in different VPCs may be used to isolate clusters[...]

  • Página 949

    Conf iguring Li nk Aggr egation 949 L3 V LAN T er mina tion on MLA G No t Sup porte d In the “two-armed” fully routed scenari o shown in F igure 28-14, both the routed network and the switched network are in the MLAG. Switched traffic to an d fro m the u pstr eam ne twork is auto matica lly un bloc ke d over the p eer - link when an MLAG link f[...]

  • Página 950

    950 Confi gurin g Link Aggr egatio n In the scenario s hown in F igure 28-15 (similar to the pr evious sc enario), the downstream router is not configur ed with port-channel and uses ECMP or some other load sharing scheme to send pa ckets to routed MLA G peers. MLAG cannot r eact appr opriately to a li nk fail ure on the upstream router because the[...]

  • Página 951

    Conf iguring Li nk Aggr egation 951 the case where a link from the router to one of the MLAG pe ers fails. Static routes must be added to the primar y and seco ndary MLAG peers to route traffic addressed to the connected router across the backup rout ed link in the case of a failur e of an MLAG link to the router . This is not a r ecommended topolo[...]

  • Página 952

    952 Confi gurin g Link Aggr egatio n Virtual Rout er Redu ndancy Pro tocol If VRRP is en abled on a VLAN that has an MLAG port as its member , both VRRP routers become VRRP masters op erationally in th e VLAN. This is to allow load balancing of the northbound L3 traffic on the MLAG. Since the peer-link is a member of the same routing VLANs as all M[...]

  • Página 953

    Conf iguring Li nk Aggr egation 953 transmitted wi th the source MAC address as the physical M A C address and not the virtual MAC address. In the exa mple i n F igure 28-17, if the virtua l MAC address is used as the source MAC address in the ARP from P to A, the n S will consume the packet, as it is operationally a VRRP master too . The packet is[...]

  • Página 954

    954 Confi gurin g Link Aggr egatio n such as ECMP and r edundant router pairs, will allow a L3 routed network to utilize bandwidth efficiently . L3 routin g is capable of routin g pack ets aro und failed links and failed routers. Spanning tree (and LACP) PDUs are proxied from the secondary MLAG p eer to the MLAG p rimary switch. This implies that a[...]

  • Página 955

    Conf iguring Li nk Aggr egation 955 • Shutti ng down a MLAG por t-chan nel on th e secondary MLAG peer has no effec t. The opera tor can shut dow n the indi vidual links inst ead. • The spanning tree status is only show n corr ectly on the primary MLAG peer . • The secondary swi tch shows the span n ing tr ee sta tus as root . This is because[...]

  • Página 956

    956 Confi gurin g Link Aggr egatio n • An N /A entry indi cates th at state synch ronization is no t required (usually for a link local protocol ) and the feat ure can b e config ured on a n MLA G VLAN or MLAG -associated l inks. In some cases, i t may be necessary to configure an N/A feature id entically on the MLAG peer switches for it to work [...]

  • Página 957

    Conf iguring Li nk Aggr egation 957 MFDB No IGMP/MLD Snooping No DOT1Qbb No DOT1S Y e s Loop G uar d No FDB Y e s MACLOCK No DVLAN No DOT1AB No IP Subnet-based VLANs N/A MACVLAN N/A Pr o t e ct ed Po r t N o DHCP Snooping No IP Source Gu ard No Dynamic A RP Inspec tion No Auto-Neg otiation N/A L2-Rela y No MRP No MMRP No DOT1AS No 802.1q av No DOT1[...]

  • Página 958

    958 Confi gurin g Link Aggr egatio n VO IP N o iSCSI No DOT1AD No DOT3AH No DCBX N/A ETS N/A FIP Snooping No MVRP No Management ACL No UDL D N/A Pr i va t e V L A N N o LLPF No Po r t A g g r e g a t o r N o EA V No MSRP No MVR No Class-Based VLAN No DHCP F ilteri ng No EASY_AC L No Media VLAN No PBVLAN No VLAN- Rate Limit N o Flow Contr ol N/A LLD[...]

  • Página 959

    Conf iguring Li nk Aggr egation 959 Basic Config uration Exa mple This e xample shows the configuration of t he two MLAG peer s and a single MLAG partner in the simplest possib le configuration. No MLAG pe er priorities are configured, nor is UDLD ena bled on the peer -link. DCPDP is not enabled. The default spanning tree configuration is used and [...]

  • Página 960

    960 Confi gurin g Link Aggr egatio n exit snmp-server engineid local 800002a203001ec9dec52b snmp-server agent boot count 2 feature vpc vpc domain 1 peer-keepalive enable exit exit MLAG Peer B !Current Configuration: !System Description "Dell Networking N3024F, 6.0.0.0, Linux 3.6.5- 858bcf6e" !System Software Version 6.0.0.0 ! configure vl[...]

  • Página 961

    Conf iguring Li nk Aggr egation 961 vpc 1 exit snmp-server engineid local 800002a203001ec9dec513 snmp-server agent boot count 3 feature vpc vpc domain 1 peer-keepalive enable exit exit MLAG Partner !Current Configuration: !System Description "Dell Networking N2048, 6.0.0.0, Linux 3.6.5- 858bcf6e" !System Software Version 6.0.0.0 ! configu[...]

  • Página 962

    962 Confi gurin g Link Aggr egatio n Status Reporting The status outputs of the various VP C commands are self -explanat ory . Both the configured and operational status is shown in the outputs. Additional commands ar e shown belo w that may b e useful in troubleshooting MLAG configuration or operationa l issues. All of the commands below are run o[...]

  • Página 963

    Conf iguring Li nk Aggr egation 963 LAG-SW(config)#show vpc role Self ---- Keep-alive admin status........................ Disabled Keep-alive operational status.................. Disabled Priority....................................... 100 System MAC address............................. 001E.C9DE.B777 Time-out......................................[...]

  • Página 964

    964 Confi gurin g Link Aggr egatio n MLAG-Peer-A(config)#show interfaces status po2 Port Description Channel ------- ------------------------------ Po2 Operational State.............................. Up Admin Mode..................................... Enabled Port Channel Flap Count........................ 0 Member Device/ Port Port Flap Ports Timeo[...]

  • Página 965

    Conf iguring Li nk Aggr egation 965 VPC role....................................... Secondary System MAC address............................. 001E.C9dE.C513 MLAG-Peer-B#show vpc statistics peer-link Peer link control messages transmitted......... 95 Peer link control messages Tx errors........... 0 Peer link control messages Tx timeout.......... 0 [...]

  • Página 966

    966 Confi gurin g Link Aggr egatio n A Complete Exampl e The following example configures ei ght VLANs (10– 17) across two VPCs. VPC 1 is co nnected to an N2048 over two links (gi 1/0/23-24) ov er port- channel 2 on each MLAG peer . In terfaces T e1/ 0/1-2 on each MLA G peer connect to each other on port-channel 1 utilizing LACP . UDLD is enabled[...]

  • Página 967

    Conf iguring Li nk Aggr egation 967 interface Gi1/0/1 channel-group 3 mode active description "Old-Iron-Partner-Link" exit ! interface Gi1/0/8 switchport access vlan 100 exit ! interface Gi1/0/23 channel-group 2 mode active description "MLAG-Partner-Link" exit ! interface Gi1/0/24 channel-group 2 mode active description "ML[...]

  • Página 968

    968 Confi gurin g Link Aggr egatio n ! interface port-channel 3 description "Old-Iron-Partner-Link" switchport mode trunk switchport trunk allowed vlan 1-99,101-4093 vpc 2 exit snmp-server engineid local 800002a203001ec9dec52b snmp-server agent boot count 2 feature vpc vpc domain 1 peer-keepalive enable peer-keepalive destination 192.168.[...]

  • Página 969

    Conf iguring Li nk Aggr egation 969 description "Old-Iron-Partner-Link" exit ! interface Gi1/0/8 switchport access vlan 100 exit ! interface Gi1/0/23 channel-group 2 mode active description "MLAG-Partner-Link" exit ! interface Gi1/0/24 channel-group 2 mode active description "MLAG-Partner-Link" exit ! interface Te1/0/1[...]

  • Página 970

    970 Confi gurin g Link Aggr egatio n description "Old-Iron-Partner-Link" switchport mode trunk switchport trunk allowed vlan 1-99,101-4093 vpc 2 exit snmp-server engineid local 800002a203001ec9dec513 snmp-server agent boot count 3 feature vpc vpc domain 1 peer-keepalive enable peer-keepalive destination 192.168.0.1 source 192.168.0.2 peer[...]

  • Página 971

    Conf iguring Li nk Aggr egation 971 channel-group 1 mode active exit ! interface Gi1/0/4 channel-group 1 mode active exit ! interface port-channel 1 switchport mode trunk exit snmp-server engineid local 800002a203001ec9deb777 snmp-server agent boot count 3 exit Cisco 3750 MLAG Partner Configuration Current configuration : 1913 bytes ! version 12.2 [...]

  • Página 972

    972 Confi gurin g Link Aggr egatio n ! ! interface Port-channel1 switchport trunk encapsulation dot1q switchport mode trunk ! interface GigabitEthernet1/0/1 ! interface GigabitEthernet1/0/2 ! interface GigabitEthernet1/0/3 ! interface GigabitEthernet1/0/4 ! interface GigabitEthernet1/0/5 ! interface GigabitEthernet1/0/6 ! interface GigabitEthernet1[...]

  • Página 973

    Conf iguring Li nk Aggr egation 973 interface GigabitEthernet1/0/21 ! interface GigabitEthernet1/0/22 ! interface GigabitEthernet1/0/23 ! interface GigabitEthernet1/0/24 ! interface GigabitEthernet1/0/25 description "MLAG-Peer-Link" switchport trunk encapsulation dot1q switchport mode trunk channel-group 1 mode active ! interface GigabitE[...]

  • Página 974

    974 Confi gurin g Link Aggr egatio n Status Reporting The following shows the status of various components of the switches in the above configurat ion. The switch prompts i dentify the switch on which t he status is show n. T o obtain accurate stat us, the commands below ar e run on the primary MLAG switch unless noted otherwise. Spanni ng T ree St[...]

  • Página 975

    Conf iguring Li nk Aggr egation 975 LAG-SW#show spanning-tree Spanning tree Enabled BPDU flooding Disabled Portfast BPDU filtering Disabled mode mst CST Regional Root: 80:00:00:1E:C9:DE:B7:77 Regional Root Path Cost: 0 ###### MST 0 Vlan Mapped: 1 ROOT ID Priority 32768 Address 0013.C4BD.F080 Path Cost 5000 Root Port Po1 Hello Time 2 Sec Max Age 20 [...]

  • Página 976

    976 Confi gurin g Link Aggr egatio n Gi1/0/23 Enabled 128.23 0 DIS Disb No Gi1/0/24 Enabled 128.24 0 DIS Disb No Gi1/0/25 Enabled 128.25 0 DIS Disb No Gi1/0/26 Enabled 128.26 0 DIS Disb No Gi1/0/27 Enabled 128.27 0 DIS Disb No Gi1/0/28 Enabled 128.28 0 DIS Disb No Gi1/0/29 Enabled 128.29 0 DIS Disb No Gi1/0/30 Enabled 128.30 0 DIS Disb No Gi1/0/31 [...]

  • Página 977

    Conf iguring Li nk Aggr egation 977 Po17 Enabled 96.666 0 DIS Disb No Po18 Enabled 96.667 0 DIS Disb No Po19 Enabled 96.668 0 DIS Disb No Po20 Enabled 96.669 0 DIS Disb No Po21 Enabled 96.670 0 DIS Disb No Po22 Enabled 96.671 0 DIS Disb No Po23 Enabled 96.672 0 DIS Disb No Po24 Enabled 96.673 0 DIS Disb No Po25 Enabled 96.674 0 DIS Disb No Po26 Ena[...]

  • Página 978

    978 Confi gurin g Link Aggr egatio n Hello Time 2 Sec Max Age 20 sec Forward Delay 15 sec TxHoldCount 6 sec Name State Prio.Nbr Cost Sts Role RestrictedPort --------- -------- --------- --------- ---- ----- -------------- Gi1/0/1 Enabled 128.1 0 DIS Disb No Gi1/0/2 Enabled 128.2 0 DIS Disb No Gi1/0/3 Enabled 128.3 0 DIS Disb No Gi1/0/4 Enabled 128.[...]

  • Página 979

    Conf iguring Li nk Aggr egation 979 Self Role...................................... Primary Peer Role...................................... Secondary Peer detection................................. Pe er detected, VPC Operational Peer-Link details ----------------- Interface...................................... Po1 Peer link status................[...]

  • Página 980

    980 Confi gurin g Link Aggr egatio n MLAG-Peer-A#show vpc 1 VPC id# 1 ----------------- Config mode.................................... Enabled Operational mode............................... Enabled Port channel................................... Po2 Local MemberPorts Status ----------------- ------ Gi1/0/23 UP Gi1/0/24 UP Peer MemberPorts Status [...]

  • Página 981

    Conf iguring Li nk Aggr egation 981 MLAG-Peer-A#show vpc statistics peer-keepalive Total transmitted.............................. 20908 Tx successful.................................. 20908 Tx errors...................................... 0 Total received................................. 20835 Rx successful.................................. 20835 R[...]

  • Página 982

    982 Confi gurin g Link Aggr egatio n[...]

  • Página 983

    Confi gurin g Data Ce nter Bridging Features 983 29 Configuring Data Center B ridging Featur es This chapter describ es how to manage th e featur es developed for use in data center environments but ofte n used in a variety of 10G applications. The topics covered in t his chapter include: • Data Cen ter Bridging T echno logy Overview • Priorit [...]

  • Página 984

    984 Confi gurin g Data Cent er Bri dging Fea tures Default DCB V alues T able 2 9-2 list s the default values for the DC B features that th is chap ter describes. DCBx Allo ws DCB de vices to ex chang e configu ration in formatio n, using type-len gth-value ( TL V) informatio n elements ov er LLDP , with directly connect ed peers. ETS Supports t he[...]

  • Página 985

    Confi gurin g Data Ce nter Bridging Features 985 Priority Flow Control Or dinarily , when flow contr ol is enab led on a physi cal link, it applies to all traffic on the link. When congesti on occurs, the hardware sends pause frames that temporarily suspend t raffic flow to help prevent buffer overflow and dropped frames. PFC provides a means o f p[...]

  • Página 986

    986 Confi gurin g Data Cent er Bri dging Fea tures Operator configuration of PFC is used only when the port is configured in a manual role. When interoperating with other equipment in a manual role, the peer equipme nt must be configured with identical PFC pri orities and VLAN assignments. Interfaces not enabled for PFC ignor e received PFC frames.[...]

  • Página 987

    Confi gurin g Data Ce nter Bridging Features 987 PFC Co nfigur ation Page Use the PFC Configuration page to enable priority flow control on one o r more int erfaces and to configur e which priorities are subje ct to being pause d to preven t data loss . To d i s p l a y t h e PFC Co nfiguratio n page, cli ck Switching → PFC → PFC Configuratio n[...]

  • Página 988

    988 Confi gurin g Data Cent er Bri dging Fea tures Figure 29-2. PFC Stati stics Configuri ng PFC Us ing the CL I Beginning in P rivileged EXEC mode, use the following commands to configure PFC. NOTE: I f DCBx is enab led an d the sw itch is s et to aut oconfig ure from a DCBX peer , config uring PFC is n ot nece ssary b ecause t he DCBx protoc ol a[...]

  • Página 989

    Confi gurin g Data Ce nter Bridging Features 989 interface interfa ce Ent er inte rface co nfigur ation mode for the speci fied interfac e. The inte rface vari able i nclud es the interf ace typ e and number , for example tengigabit ethernet 1/0/3 . Y ou can also s pecify a rang e of int erfac es wi th the interface range command , for e xample, in[...]

  • Página 990

    990 Confi gurin g Data Cent er Bri dging Fea tures PFC Configur ation Example The network in this example handles both data and voice traffic. Because the voice traffic is time sensit ive, it r equir es a higher p riority than standar d data traffic. The voice traffic use s VLAN 100 and has an 802 .1p priority of 5, which i s m a p p e d t o h a rd[...]

  • Página 991

    Confi gurin g Data Ce nter Bridging Features 991 console(config-dcb)# exit 4 Ena ble V LAN ta ggin g on th e por ts so the 802.1p priorit y is identified. T runk mode can also be enabled on port-channels. console(config-if)# switchport mode trunk console(config-if)# exit[...]

  • Página 992

    992 Confi gurin g Data Cent er Bri dging Fea tures DCB Capability Exchange The Data Center Bridging Ex change P rotocol (DCBx) is used by DCB devices to ex change configuration information with di r ectly conn ected peers. DCBx uses type -length-value (TL V) information elements ove r LLDP to ex change i nformation, s o LLDP must be enabled on the [...]

  • Página 993

    Confi gurin g Data Ce nter Bridging Features 993 Inte ropera bility with IEE E DCBx T o be int eroperabl e with legacy industry im plementa tions of the DC Bx protocol, The Dell Netw orking N4000 switches use a hybrid model to support both the IEEE versio n of DCBx (IEEE 802.1Qaz) and legacy D CBx versions. The N4000 switch automa tically detects w[...]

  • Página 994

    994 Confi gurin g Data Cent er Bri dging Fea tures explicitly by the operat or . These port s advertise their configura tion to their pee r if DC Bx is enabl ed o n that p ort. Inco mpat ible peer config urat ion s are logged and counted with an error cou nter . The default operating mode for each port is manual. A port that is s et to manual mode [...]

  • Página 995

    Confi gurin g Data Ce nter Bridging Features 995 the willing parameter is dis abled on auto-downs tr eam . By default, auto- downstr eam ports hav e the re commend ation TL V parameter enabled. A uto- downstr eam ports that r eceive internally p ropagated informatio n ignore their local configuration and util ize the inte rnally p ropagated informa[...]

  • Página 996

    996 Confi gurin g Data Cent er Bri dging Fea tures • The port role is auto-upstream. • The po rt is ena bled with l ink up an d DCBx enabl ed. • The por t has negot iated a DCBx re lati onship with t he partn er . • The sw itch is cap able of supportin g the received configurat ion value s, either directly or by translating the values into [...]

  • Página 997

    Confi gurin g Data Ce nter Bridging Features 997 no lldp tlv-select dcbxp ets-recommend no lldp tlv-select dcbxp pfc These commands elimi nate only the DCBX TL Vs from use by LLDP . They do not othe rwise affect any manually conf igured D CBX capa bilities or the normal operation of LLDP . Configuri ng DCBx Y ou can use the CLI to configur e DCBX o[...]

  • Página 998

    998 Confi gurin g Data Cent er Bri dging Fea tures lldp tlv-sel ect dcbxp [pfc | application- priority] Override the gl obal configuration for th e LLDP DCBx TL Vs on this in terf ace. Ent ering th e comm and wi th no parameters enables transmission of all TL Vs. • pfc—T ra nsmit the PFC configur atio n TL V . • applicati on-prio rity— T ra[...]

  • Página 999

    Confi gurin g Data Ce nter Bridging Features 999 Enhanced T ransmission Sele ction Networks classify and priorit ize traffic to provide differ ent service characteristics to end user traffic flows . Administrators may wish to guarantee or limit bandwidth for certain traffic, en sure loss less behavi or for other traffic, and control the queue disci[...]

  • Página 1000

    1000 Confi gurin g Data Cent er Bri dging Fea tures ETS provides a second level of sc heduling for packets s elected for transmissio n by the CoS sche duler . ETS operates at the traffic cla ss group (TCG) level and supp orts sharing of bandwidth across TCGs, ba ndwidth assignment for each TCG, and queue discipline (drop behavior) for each TCG. N4 [...]

  • Página 1001

    Confi gurin g Data Ce nter Bridging Features 1001 The minimum bandwidth setting can be us ed to override the strict priority and weighted sett ings. The highest numbered strict priority queue w ill receive no mor e bandwidth than 100 percent minus the sum of the minimum bandwidth percenta ges assigned to the other que ues. If used, it is recommende[...]

  • Página 1002

    1002 Confi gurin g Data Cent er Bri dging Fea tures Commands This section provides information about the commands you use to manually configure and monitor ETS. F o r mor e information about the commands, see the Dell Net working N2000, N3000, and N40 00 Series Swit ches CLI Reference Guide at support.dell.com/manuals . On N4000 sw itches, the foll[...]

  • Página 1003

    Confi gurin g Data Ce nter Bridging Features 1003 ETS Configur ation Example This e xample configures four cl asses of traffic: 1. Ena ble T r us t Mode on an I nterface The following command enables the use of the dot1p priority of the incoming pack et. It may be configur ed on a single interface, a ra nge of interfaces or all inter faces. By defa[...]

  • Página 1004

    1004 Confi gurin g Data Cent er Bri dging Fea tures console(config-if-Te1/0/2)#classofservice dot1p-mapping 0 0 console(config-if-Te1/0/2)#classofservice dot1p-mapping 1 0 console(config-if-Te1/0/2)#classofservice dot1p-mapping 2 0 console(config-if-Te1/0/2)#classofservice dot1p-mapping 3 1 console(config-if-Te1/0/2)#classofservice dot1p-mapping 4 [...]

  • Página 1005

    Confi gurin g Data Ce nter Bridging Features 1005 CAUTION: Sharin g of bandw idth amo ng CoS Queues is disabled if the sum of the minimum ba ndwidt h setting s equals 100%. console(config-if-Te1/0/1)# cos-queue min-bandwidth 20 35 35 10 0 0 0 4. Conf igure the Sc heduler Mode f or the CoS Q ueues This step enables strict prio rity scheduling on one[...]

  • Página 1006

    1006 Confi gurin g Data Cent er Bri dging Fea tures priority traffic (typically control plane or low bandwidth, low latency traffi c) is assigned the highes t numbered T CG. It is recommended that WDR R queues be assigned to TCG0. The mapping may be configured on a single interface, a range of inte rfaces, or all the inte rfaces. It is r equired th[...]

  • Página 1007

    Confi gurin g Data Ce nter Bridging Features 1007 It is r ecommended that the sum of minimum bandwidth percentages configured on the CoS queues mapped to any T CG be less than or equal t o that of the weig ht percentage configured for the TCG, so that packets are not dropped due to the conge stion in the TC G. In exa mple below , the TCG0 and T CG1[...]

  • Página 1008

    1008 Confi gurin g Data Cent er Bri dging Fea tures It is recommended that the maximum b andwidth be configured to be greater than the minim um bandwidth or the weight or be configured to 0 (unlimited burst size ). console(config-if-Te1/0/1 )#traffic-class-group max-bandwidth 50 90 20 9. Set the Sc heduler Modes for the T CGs This step enabl es str[...]

  • Página 1009

    Confi gurin g Data Ce nter Bridging Features 1009 ETS Theory of Oper ation First Level of Scheduling T o understand the first level of scheduli ng, consider T able 29-1. Ass ume that we have eight ingress ports, each one receiving line rate traffic with one dot 1p priority each. The table s hows the mapping of dot1p priorities to the cos- queues, t[...]

  • Página 1010

    1010 Confi gurin g Data Cent er Bri dging Fea tures Seco nd Le vel o f Sche dulin g T o consolidate differ ent traffic classes within different traffic types in a typical DCB environment , ETS provides an operational model for prior itiza tion an d bandw idth all ocati on for traff ic. F igur e 29-3 i llust rates a typi cal ex ample tha t consolid [...]

  • Página 1011

    Confi gurin g Data Ce nter Bridging Features 1011 At t ime t2, a bu rst of L AN tr affi c is i ncom ing a t the rate of 4 G bps, this b urst is allowed to borrow the unused 0.5 Gbps bandwidth from SAN TC G and transm itted s ince the o ffer ed load of SAN is on ly 3 Gbps . At time t3 , when the offe r ed load of IP C falls to 2 G bps and the bursty[...]

  • Página 1012

    1012 Confi gurin g Data Cent er Bri dging Fea tures T raffic is passe d across stacking li nks using WDRR fo r all CoS queues. This will affect t he observed be havior of ETS on egress ports scheduling traffi c from over -subscribed stacking link s. The thr ee suppo rted tr affic c lass gro u ps suppo rt an industry st andard configuration such t h[...]

  • Página 1013

    Confi gurin g Data Ce nter Bridging Features 1013 console(config-if-Te1/0/1)#classofservice traffic-class-group 2 2 console(config-if-Te1/0/1)#traffic-class-group weight 30 70 0 console(config-if-Te1/0/1)#traffic-class-group strict 2 N4000 Opera tion When DCBx is enabled on manually config ured port s, it is not ne cessary for the ET S paramet ers [...]

  • Página 1014

    1014 Confi gurin g Data Cent er Bri dging Fea tures processing strict priority traffic is skewed to be the band width of th e indi vidual TCG divide d by the su m of t he wei ghts of all W DR R configured TCGs. The administrator may configur e other parameters to work in conjunction with the r eceived DCBX configurat io n, e.g. min-bandwidth per Co[...]

  • Página 1015

    Managi ng the MA C Address T ab le 1015 30 Managing the MAC Address T able This chapter describes the L2 MAC addr ess table the switch uses to forward data betw een ports. The topics covered in t his chapter include: • MAC Address T a ble Overview • Default M AC Address T able V a lues • Managing th e MAC Addres s T able (W eb) • Managing t[...]

  • Página 1016

    1016 Managi ng the MA C Address T able What Informat ion Is in the MAC Address T able? Each entry in the address table, whether it is static or dyn amic, includes the MAC addr e ss, the VLAN ID as sociated with the MAC addres s, and the interface on which the address was learned or configured. Each port can maintain multiple MA C addresses, and a M[...]

  • Página 1017

    Managi ng the MA C Address T ab le 1017 Manag ing the M AC Addres s T a ble (W eb) This secti on provides information about the O penManage Switch Administrator page s to use to manage the MAC address table on a Dell Networki ng N2000, N 3000, and N400 0 series sw itches. F or detail s about the fields on a page, click at the top of the page. Stati[...]

  • Página 1018

    1018 Managi ng the MA C Address T able Figure 30-2. Addin g Static MAC Addr ess 3 Select the interfac e to associate with the static address. 4 Specif y the MAC add ress and an associat ed VLAN ID. 5 Click Apply . The new st atic ad dres s is added to t he Static MAC Address T able , and th e device is update d.[...]

  • Página 1019

    Managi ng the MA C Address T ab le 1019 Global Ad dress T able The Global Address T able p age contains fields for querying information in the dynamic address table, including the i nterface type, MAC addresses, VLAN, and ta ble sorting k ey . P ackets forwar ded to an addres s store d in the address tabl e are forwar ded directly to those ports. T[...]

  • Página 1020

    1020 Managi ng the MA C Address T able Manag ing the MAC Address T able ( CLI) This section provides information about the commands you use to manage the MAC address table on the switch. F o r more information about the commands, see the Dell Netw orking N2000, N3 000, and N4000 Series Switches CLI Refer ence Guide at support.dell.com/m anuals . Ma[...]

  • Página 1021

    Conf iguri ng Rou ting Interf aces 1021 31 Configuring Routing Interfaces This cha pter descri bes the routi ng (layer 3) interfa ces the Dell Networki ng series switches supp ort, which includ es VLAN routing int erfaces, loopback interfaces, and tunnel interfaces. The topics cover ed in this chapter ar e: • Routing Interfa ce Overview • Defau[...]

  • Página 1022

    1022 Confi gurin g Routi ng Inte rfac es F or each VLAN rout ing interface you can a ssign a static IP addr ess, or you can allow a net work DHCP serve r to assign a dy namic IP addr ess. When a port is enabled for brid ging (L2 switching) rather than routing, which is the default, all normal bridge processing is performed for an inbound pack et, w[...]

  • Página 1023

    Conf iguri ng Rou ting Interf aces 1023 What Are T unnel Interfaces? T unnels are a mechanism for tra nsporting a pack e t across a network so that it can be evaluated at a remote lo cation or tunnel endpo int . The t unnel, effectively , hi des the packet from the netwo rk used to transport t he packet to the endpoi nt. This allo ws for the tr ans[...]

  • Página 1024

    1024 Confi gurin g Routi ng Inte rfac es Why Are Routing I nterfaces Needed? The ro uting in terfaces this ch apter de sc ribes have very differ ent a pplications and uses, as thi s section describe s. If you use the switch as a layer 2 device that handles switching only , routing in terface configuration is not r equired. When the switch is used a[...]

  • Página 1025

    Conf iguri ng Rou ting Interf aces 1025 Loopba ck Int erfaces When packets are sent to the loop back IP address, the network sho uld be able to deliver t he packe ts as long as any ph ysical interfa ce on the switch is up. There ar e many cases wher e you need to se nd traffic to a sw itch, such as in switch management. The loopb ack interface IP a[...]

  • Página 1026

    1026 Confi gurin g Routi ng Inte rfac es Default Routing Interface V alues By default, no routing interfaces ar e configur ed. When you create a VLAN, no IP address is configur ed, and DHCP is disabled. After you configure a n IP address on a VLA N or loop back i nterf ace, the VL AN interface is available for L3 routi ng (if enabled) and is capabl[...]

  • Página 1027

    Conf iguri ng Rou ting Interf aces 1027 Configuring Routing Interface s (W eb) This secti on provides information about the O penManage Switch Administrator pages for configuring and monitoring VLAN routing interfaces, loopback interfaces, and tunnels on a Dell Networking N2000, N3000, and N4000 series switches. F or details about the fi elds on a [...]

  • Página 1028

    1028 Confi gurin g Routi ng Inte rfac es DHCP Lease Paramet ers Use the DHCP L ease P aram eters page to vi ew information a bout the network i nformation auto matically a ssigned to an int erface by the DHCP server . T o display the page, click Rout ing → IP → DHCP L ease P arame ters in t he navigation panel. Figure 31-3. DHCP Lease Parameter[...]

  • Página 1029

    Conf iguri ng Rou ting Interf aces 1029 Figure 31 -4. VLAN Routing Sum mary T unnel Configura tion Use the T u nnels Config uration page to create, configure, or delete a tunnel. T o display the page, cl ick Rout ing → Tu n n e l s → Configur ation in the navigation panel. Figure 3 1-5. T unnel Con figuratio n[...]

  • Página 1030

    1030 Confi gurin g Routi ng Inte rfac es T unnels Summary Use the T unnel s Summary page to display a summary of configur ed tunnels. T o display the page, click Rout ing → Tu n n e l s → Summary in the navigation panel. Figur e 31-6. T unnels S umma ry[...]

  • Página 1031

    Conf iguri ng Rou ting Interf aces 1031 Loopback s Configura tion Use the Loo p ba cks Co nf i g ur at io n page to create, confi gure, or remove loopback i nterfaces. Y ou can also set up or del ete a secondary a ddress fo r a loopba ck. T o display the page, cl ick Rout ing → L oopback Interfa ces → Loopb ack Interfa ces Config uration in the[...]

  • Página 1032

    1032 Confi gurin g Routi ng Inte rfac es Loopbacks Summar y Use the L oopbacks Summary page to displ ay a summary of config ured loopback interfaces on the switch. T o display the page, click Rout ing → Loopb ack I nte rfac es → L oopback Interfaces Summa ry in the nav igation panel . Figure 31 -8. L oopback s Summary[...]

  • Página 1033

    Conf iguri ng Rou ting Interf aces 1033 Configuring Routing Interface s (CLI) This section provides information about the commands you use to configure VLAN routing interfaces, loopbacks, and tunnels on the switch. F or more informa tion about the commands, see the Dell Networking N2000, N3000, and N4000 Series Switches CLI Reference Guide at suppo[...]

  • Página 1034

    1034 Confi gurin g Routi ng Inte rfac es ip local-proxy-a rp Enable l ocal pr oxy ARP on th e inter face to allow the swi tch to re spond to ARP re quests for hosts o n the same subnet as the ARP so urce. bandw idth size Set the co nfigured bandwi dth on this interfac e to comm unic ate the speed o f th e inte rface t o high er lev el protocols. OS[...]

  • Página 1035

    Conf iguri ng Rou ting Interf aces 1035 Configuri ng Loopback Int erfaces Beginning in P rivileged EXEC mode, use the following commands to configure a loopback interface. Command Purpo se configure Enter Global Configuration mode. interface loopback loopback-id Cr eate the lo opbac k inte rfac e and e nter I nterf ace Configuration mode for the sp[...]

  • Página 1036

    1036 Confi gurin g Routi ng Inte rfac es Configuri ng T unnels Beginning in P rivileged EXEC mode, use the following commands to configure a loopback interface. NOTE: For informat ion about configu ring the I Pv6 int erface ch aracter istics f or a tunne l, see "Conf igurin g IPv6 Ro uting" on page 1241. Comm and Pur pose configure Enter [...]

  • Página 1037

    Conf iguri ng DHCP Se rver and R elay Set tings 1037 32 Configuring DHCP Server and Relay Settings This chapter describes how to configur e the switch to dynamically assign network information to hosts by using the Dynamic Host Configuration P rotocol (DH CP). The topics covered in t his chapter include: • DHC P Overview • Default D HCP Serv er[...]

  • Página 1038

    1038 Confi gurin g DHCP Server and Rela y Settin gs How Does DHCP W ork? When a host connects to the network, the host’s DHCP client broadcasts a message r equesting informat ion from any DHCP server that r eceives the broadcast. One or more DHCP serve rs r espond to the request. The response includes the re quested information, such as the IP ad[...]

  • Página 1039

    Configu ring DHCP Server and Relay Se ttings 1039 discover r equests typically include options for the IP addr ess (option 50), subn et mask (optio n 1), de fault ga teway ( optio n 3), and DNS ser ver (opt ion 6). These option s are pr edefined. F or opti ons that are not pr edefined, you can enter th e option code and specify the data type along [...]

  • Página 1040

    1040 Confi gurin g DHCP Server and Rela y Settin gs The administrator is using a Micros oft DHCP server . Microsoft DHCP servers do not have native support for DHCP Option 82, but it can be added using the Dhcp ServerCall outEntry AP I to retrie ve the information vi a the DhcpHandle OptionsHook configured on the switches. Adding Option 8 2 support[...]

  • Página 1041

    Configu ring DHCP Server and Relay Se ttings 1041 option subnet-mask 255.255.254.0; option domain-name-servers 10.1.218.3, 10.1.219.3; range dynamic-bootp 10.1.222.3 10.1.222.254; range dynamic-bootp 10.1.223.3 10.1.223.254; default-lease-time 21600; max-lease-time 43200; } } subnet 10.2.109.192 netmask 255.255.255.224 { pool { allow members of &qu[...]

  • Página 1042

    1042 Confi gurin g DHCP Server and Rela y Settin gs The DHCP Layer 2 Relay feature permits Layer 3 Relay agent functionality in Layer 2 switched network s. The switch supports L2 DHCP r elay configuration on individual ports, link aggregation groups (LAGs) and VLANs. F or information about Layer 2 and Lay er 3 DHCP Relay , see "Configuring L2 [...]

  • Página 1043

    Configu ring DHCP Server and Relay Se ttings 1043 Configuring the DHCP Server (We b) This secti on provides information about the O penManage Switch Administrator pages for configuring an d monitoring the DHCP server on a Dell Networking N2000 , N3000, and N4000 series switches. F or details abo ut the fields on a page, click at the top of the page[...]

  • Página 1044

    1044 Confi gurin g DHCP Server and Rela y Settin gs Addin g Exclude d Address es T o e xclude an addr ess: 1 Open the Netwo rk P r operties page. 2 Click Add Excluded Addresses to displ ay the Add Excluded Addresses page. 3 In the From field, enter the first IP address to ex clude from any configu red addr ess pool. 4 If the address in the F rom fi[...]

  • Página 1045

    Configu ring DHCP Server and Relay Se ttings 1045 Deleti ng Excl uded Add resses T o r emove an ex cluded addr ess: 1 Open the Netwo rk P r operties page. 2 Cli ck Delete Excluded Addresses to displa y the Delete Excluded Addresses page. 3 Select the check box n ext to th e addr ess or addr ess range to del ete. Figure 32-4. Dele te Ex cluded A ddr[...]

  • Página 1046

    1046 Confi gurin g DHCP Server and Rela y Settin gs Figure 32-5. Address Pool Addin g a Network Poo l T o create and configur e a network pool: 1 Open the Address P ool page. 2 Click Add Network P ool to dis play the Add Net work P ool page. 3 Assign a name to the pool and complete the d esired fi elds. In F igure 32-6, the network p ool name is En[...]

  • Página 1047

    Configu ring DHCP Server and Relay Se ttings 1047 Figur e 32-6. Add Ne twork Pool The En gineering pool also configures clients to use 192.168.5.1 a s the defau lt gate way IP addr ess and 192.168 .1.5 and 192.168 .2.5 as the primar y and second ary DNS ser vers. 4 Cli ck Apply . Addin g a Static Pool T o cr eate and configure a sta tic pool of IP [...]

  • Página 1048

    1048 Confi gurin g DHCP Server and Rela y Settin gs In F igure 32-7, th e Static pool nam e is Lab, an d the name of the client in the pool is LabHost1. The clien t’s MA C address is mapped to the IP address 192. 168.11.54 , the defa ult gatewa y is 192. 168.11.1, and th e DNS servers the client w ill use have IP add res ses of 192. 168.5.100 an [...]

  • Página 1049

    Configu ring DHCP Server and Relay Se ttings 1049 Address Po ol Opti ons Use the Address P ool Options p ag e t o vi e w m an u al l y c on f ig u red o pt i on s. Y o u can define opt ions when yo u cr eate an a ddr ess pool, or y ou can add options to an exi sting address p ool. To d i s p l a y t h e Address P o ol Options page, cli ck Ro u t in[...]

  • Página 1050

    1050 Confi gurin g DHCP Server and Rela y Settin gs Figure 32-9. Add DHCP Option 5 Click Apply . 6 T o v erify that the option h as been added to the address pool, open the Address P ool Options page.[...]

  • Página 1051

    Configu ring DHCP Server and Relay Se ttings 1051 Figur e 32-10. V iew Addre ss Pool Opt ions DHCP Bindings Use the DHCP Bindings page to v iew inf ormati on about the cli ents th at have leased IP addresses from the DHCP server . To d i s p l a y t h e DHCP Bindings pa ge, cl ick Rou tin g → IP → DHCP Serv er → DHCP Bindings in th e navigati[...]

  • Página 1052

    1052 Confi gurin g DHCP Server and Rela y Settin gs DHCP Server Reset Configuratio n Use the Reset C onf igur atio n page to cle ar the clie nt bind ings for o ne or mor e clients. Y ou can also r eset bindings for clients that hav e leased an IP addr ess that is alre ady i n use o n the ne twor k. To d i s p l a y t h e Reset Co nfi gurat ion page[...]

  • Página 1053

    Configu ring DHCP Server and Relay Se ttings 1053 DHCP Server Stat istics Use the Ser ver S tatisti cs page to view general DHCP server statistics, messages received from DHCP clients, and messages sent t o DHCP clients. To d i s p l a y t h e Server Statist ics page , click Routi ng → IP → DHCP Serve r → Server Statistics in the navigation p[...]

  • Página 1054

    1054 Confi gurin g DHCP Server and Rela y Settin gs Configuring the DHCP Server (CLI) This section provides information about the commands you use to configure and monitor the DHCP server and address pools. F o r mor e information about the commands, see the Dell Ne tworking N20 00, N3000, a nd N4000 Series Switches CLI Refer ence Guide at support.[...]

  • Página 1055

    Configu ring DHCP Server and Relay Se ttings 1055 Configuri ng a Dynamic Addres s Pool Beginning in P rivileged EXEC mode, use the following commands to create an addre ss pool with net work information that is dynamically assigned to hosts with DHCP clients that request the information. Command Purpo se configure Enter Global Configuration mode. i[...]

  • Página 1056

    1056 Confi gurin g DHCP Server and Rela y Settin gs Configuri ng a Static Address Pool Beginning in P rivileged EXEC mode , us e the foll owing comm ands to create a static addr ess pool and s pecify the network information for the pool. The network information configur ed in the static address p ool is assigned only to the host with the hardware a[...]

  • Página 1057

    Configu ring DHCP Server and Relay Se ttings 1057 Monitorin g DHCP Se rver Info rmation Beginning in P rivileged EXEC mode, use the following commands to view bindings, conflicts, and st atistics, and to clear t he information. defau lt-router addr ess1 [ addr ess2... .addre ss8 ] Specify the list of defau lt gate way IP ad dresses to be assigned t[...]

  • Página 1058

    1058 Confi gurin g DHCP Server and Rela y Settin gs DHCP Server Co nfiguration Exa mples This section contains the following e xamples: • Configurin g a Dynam ic Address P ool • Configurin g a Static Address P ool Configuri ng a Dynamic Addres s Pool The commands in this example create an address pool that dynamically assigns net work informati[...]

  • Página 1059

    Configu ring DHCP Server and Relay Se ttings 1059 6 In Global Configura tion mode, a dd the addr esses to ex clude from the pool. Clients will not be assigned these IP ad dr esses. console(config)# ip dhcp excluded-address 192.168.5.1 192.168.5.20 console(config)# ip dhcp excluded-address 192.168.5.100 7 Enable the DHCP server on the switch. consol[...]

  • Página 1060

    1060 Confi gurin g DHCP Server and Rela y Settin gs Configuri ng a Static Address Pool The commands in this example create an address pool that assigns the addr ess 192. 168.2.10 to the host wit h a MAC addr ess of 00:1C: 23:55:E9:F3. When this h ost s send s a D HCP m essage reques ting n etwor k in form atio n, the switch will offer the informati[...]

  • Página 1061

    Configu ring DHCP Server and Relay Se ttings 1061 console(config-dhcp-pool)# exit 8 View information about th e static address pool. console#s how ip dhcp pool configuration "Tyler PC" Pool: Tyler PC Pool Type..........................Static Client Name........................TylerPC Hardware Address.................. 00:1c:23:55:e9:f3 Ha[...]

  • Página 1062

    1062 Confi gurin g DHCP Server and Rela y Settin gs[...]

  • Página 1063

    Confi gurin g IP Ro uting 1063 33 Configuring IP Routing This chapter describes how to configur e routing on the switch, including global routing settings, Address Resolution Protocol (ARP), router discovery , and static route s. The topics covered in t his chapter include: • IP Routing O verview • Default IP R outing V alues • Configu ring I[...]

  • Página 1064

    1064 Confi gurin g IP Routi ng ICMP Router Di scovery P rotocol (IRDP) Hos ts can us e IRDP to iden tify o perat ional router s on t he subn et. Rou ters periodi call y adver tise their IP addres ses. H osts list en for these ad verti sements and disc over the IP addr esses o f neighbor ing routers. Routing table ent ries Y ou ca n configure th e f[...]

  • Página 1065

    Confi gurin g IP Ro uting 1065 Default IP Routing V alues T able 33-2 shows t he default values for the IP routing featur es this chapter desc ribe s. T able 33 -2. IP Routing Defaults Paramete r Default V alue Def ault T ime to Live 64 Routing Mode Disab led globa lly an d on each inter face ICMP Echo Repl ies Enabl ed ICMP Redir ects Enabled ICMP[...]

  • Página 1066

    1066 Confi gurin g IP Routi ng ARP T able The router mai ntains an ARP t able that as sociates a MA C addr ess and outgoing port with an IP addr e ss and VLAN. The ARP table is dynami cally updated with the host MAC addr ess and outgoing port information. ARP entries ar e ass ociated with t he VLAN on whi ch the IP addr ess or route is known. The r[...]

  • Página 1067

    Confi gurin g IP Ro uting 1067 Configuring IP Routing Feature s (W eb) This secti on provides information about the O penManage Switch Administrator pages for configuring and monitoring IPv4 routing features on a Dell Netw orking N2000, N300 0, and N4000 s eries switche s. F or details about the fields on a page, c lick at the top of th e page. IP [...]

  • Página 1068

    1068 Confi gurin g IP Routi ng IP St atistics The IP statistics r eported on the Statistics page ar e as spec ified in RF C 1213. To d i s p l a y t h e p a g e , c l i c k Rou t in g → IP → Statistics in the naviga tion panel . Figure 3 3-2. IP Statistic s[...]

  • Página 1069

    Confi gurin g IP Ro uting 1069 ARP Create Use the Create page to add a static AR P entry to the A ddr ess Res olution P rotocol ta ble. T o display the page, click Routin g → ARP → Create in the navigation panel. Figure 33 -3. ARP Create[...]

  • Página 1070

    1070 Confi gurin g IP Routi ng ARP T able Configura tion Use the T able Configurat ion page to change the configuration parameters for the Address Resolution Protocol T a ble. Y ou can also use t his screen to display the con tent s of the table. T o display the page, click Rout ing → ARP → T ab le C onfig urat ion in the navigation panel. Figu[...]

  • Página 1071

    Confi gurin g IP Ro uting 1071 Router Di scovery Configura tion Use the Co nfig urat ion page to enter or change router discovery paramete rs. T o display the page, cl ick Rout ing → Router Discovery → Conf igur atio n in the navigation panel. Figur e 33-5. Rou ter Di scover y Configu ration[...]

  • Página 1072

    1072 Confi gurin g IP Routi ng Router Di scovery Status Use the Status page to display rou ter discovery data for each interface. T o display the page, click Rout ing → Router Discovery → Status in t he navigation panel. Figure 33 -6. R outer Di scover y Status[...]

  • Página 1073

    Confi gurin g IP Ro uting 1073 Route T able Use the Rou te T a ble page to disp lay the content s of the routing ta ble. To d i s p l a y t h e p a g e , c l i c k Ro u t in g → Ro u te r → Route T a ble in the navig ation panel. Figur e 33-7. Route T able[...]

  • Página 1074

    1074 Confi gurin g IP Routi ng Best Routes T able Use the Best Ro utes T able page to display the best routes from the routing table . T o display the page, click Rout ing → Ro ut e r → Best Routes T able in the navigation panel. Figure 33-8. Best Routes T able[...]

  • Página 1075

    Confi gurin g IP Ro uting 1075 Route Entry Configurat ion Use the Route Entry Configuration page to add new and configure router routes. T o display the page, cl ick Rout ing → Rout er → R oute Entr y Confi gu ratio n in the navigation panel. Figure 33-9 . Route Entry Configu ration Add ing a Route and Con figuri ng Rou te Pref erence T o confi[...]

  • Página 1076

    1076 Confi gurin g IP Routi ng Figure 33-10. Rou ter Rout e Entr y and Pre feren ce Config uration 2 Nex t to Rou te T yp e, use the dr op-down box to a dd a Default, Sta tic, or Static R eject route. The fields to configu re ar e different for each route type. • Default — Enter the default gateway address in the Next Ho p IP Address field. •[...]

  • Página 1077

    Confi gurin g IP Ro uting 1077 Configure d Routes Use the Configured Routes page to display t he routes that have be en manually configur ed. T o display the page, cl ick Rout ing → Rout er → Configured Routes in t he navigation panel. Figure 33 -11. Configured Routes T o remove a configur ed route, select the check box in the Re m ov e col umn[...]

  • Página 1078

    1078 Confi gurin g IP Routi ng Route Prefer ences Confi guration Use the Route P references Confi guration page to configure the default prefer ence for each protocol (for example 60 for static routes). These values are arbitrary values that range from 1 to 25 5, and are independent of route metric s. Mos t routing proto cols use a rou te metri c t[...]

  • Página 1079

    Confi gurin g IP Ro uting 1079 Configuring IP Routing Feature s (CLI) This section provides information about the commands you use to configure IPv4 routing on t he switch. F or more information about t he commands, see the Dell Ne tworking N2000, N300 0, and N4000 S eries Sw itches CLI Refe r ence G uide at support.dell.com/manuals . Configuri ng [...]

  • Página 1080

    1080 Confi gurin g IP Routi ng Adding Stati c ARP Entries an d Configuring ARP T able Settings Beginning in P rivileged EXEC mode, use the following commands to configure s tatic ARP entri es in the ARP cache and to specify the settings for the ARP cache. Command Purpose configure Enter global configuration mode. arp ip - a d dre s s h a rd wa re -[...]

  • Página 1081

    Confi gurin g IP Ro uting 1081 Configuri ng Router Disc overy (IRDP) Beginning in P rivileged EXEC mode, use the following commands to configure IRDP settings. Comman d Purpose configure En ter global conf iguration mode. interface inte rface Enter interf ace con figura tio n mode for th e spec ified VLAN rout ing interf ace. The inte rface vari ab[...]

  • Página 1082

    1082 Confi gurin g IP Routi ng Configuri ng Route T able Entries and Route Preference s Beginning in P rivileged EXEC mode, use the following commands to configure IRDP settings. Command Purp ose configure En ter g lobal c onfigur ation m ode. ip route default nextHopRt r [ preference ] Config ure the defaul t route. • nextHopRtr — IP address o[...]

  • Página 1083

    Confi gurin g IP Ro uting 1083 show ip route [ ip-address [ mas k | prefix-length ] [ long er -prefi xes ] | protocol ] View the rout ing table. • ip-add re ss — Specif ies the networ k for wh ich th e rout e is to be disp layed and d isplays the best m atching best- rout e for t he add res s. • mask — Subnet mask o f the I P address. • p[...]

  • Página 1084

    1084 Confi gurin g IP Routi ng IP Routing Con figuration Example In this e xample, the Dell Netw orking switches ar e L3 switches with VLAN routing interfaces. VLAN routing is co nfigured on Dell Networking Switch A and Dell Networking Switch B. This allows the host in VLAN 1 0 to communicate with the server in VLAN 30. A static route to the VLAN 3[...]

  • Página 1085

    Confi gurin g IP Ro uting 1085 Configuri ng Dell Network ing Switch A T o configur e Switch A. 1 Enable routing on t he switch. console# configure console(config)# ip routing 2 Assign an IP add ress to VLAN 1 0. This c omma nd also en ables IP r outing on the VLAN. console(config)# interface vlan 10 console(config-if-vlan10)# ip address 192.168.10.[...]

  • Página 1086

    1086 Confi gurin g IP Routi ng Configuri ng Dell Networking Switch B T o configur e Switch B: 1 Enable routing on th e switch. console# configure console(config)# ip routing 2 Assign an IP addr ess to VLAN 20. This comman d also enables IP routi ng on the VLAN. console# configure console(config)# interface vlan 20 console(config-if-vlan20)# ip addr[...]

  • Página 1087

    Confi guring L2 and L3 Rel ay Featur es 1087 34 Configuring L2 and L3 Relay Featur es This chapter describes how to configur e the L2 DHCP Relay , L3 DHCP Relay , and IP He lper features on Dell Netw orking series switches. The topics covered in t his chapter include: • L2 an d L3 Relay O verview • Defa ult L2/L3 Relay V alues • Configu ring [...]

  • Página 1088

    1088 Configu ring L2 an d L3 Relay Feat ures fields in the DHCP request. If the number of hops is greater than the configured number , the agent discards the packet. If the giaddr field is zero , the agent must fill in this field with the I P addr ess of the inte rface on which the r equest was re ceiv ed. T he ag ent u nicas ts t he va lid pa ck e[...]

  • Página 1089

    Confi guring L2 and L3 Rel ay Featur es 1089 Enabling L2 Relay on VLANs Y o u c a n e n a b l e L 2 D H C P r e l a y on a p a r t i c u l ar V L A N . T h e V L A N i s i d e nt i f i e d by a service VLAN ID (S- VID), which a service provider uses to ide ntify a customer ’s tra ffic while traversing the provider netw ork to multiple remote site[...]

  • Página 1090

    1090 Configu ring L2 an d L3 Relay Feat ures T able 34 -1. Default Ports - UDP Port Nu mbers Implie d By Wildc ard The syste m limits the total numb er of relay entries to four times the maximum number of routing int erfaces (512 r elay entrie s). There is no individual limit to the number of relay entries on an individual i nterface, and no indivi[...]

  • Página 1091

    Confi guring L2 and L3 Rel ay Featur es 1091 configuration for the destination UDP port. If so , the r elay agent unicasts the packet to the configured server IP addr esses. Otherw ise the packet is not relay ed . The relay agent rela ys packets that meet only the following conditions: • The dest ination MA C addr ess must be th e all-one s broad[...]

  • Página 1092

    1092 Configu ring L2 an d L3 Relay Feat ures T able 34-2 shows the most common protoco ls and their UDP port numbers and names that ar e relayed. T able 3 4-2. UDP Port Allo cations UDP Port Number Acronym Applicatio n 7 Echo Echo 11 SysS tat Active User 15 NetSta t NetSt at 17 Quote Quote of the day 19 CHARG EN Charact er Generator 20 FT P - data [...]

  • Página 1093

    Confi guring L2 and L3 Rel ay Featur es 1093 Default L2/L3 Relay V alues By default L2 DHCP r elay is disabled. L3 relay (U DP) i s ena bled , but n o UDP destinatio n ports or serv er addres ses are defined on the switch or on any interfaces. T able 34-3 . L2/L 3 Relay Defaul ts Paramete r Defaul t V alue L2 DHCP Relay Admin Mode Disabled globally[...]

  • Página 1094

    1094 Configu ring L2 an d L3 Relay Feat ures Configuring L2 and L3 Re lay Features (W eb) This section provides information about the OpenManag e Switch Administrator pages for configuring and monitoring L2 and L3 r elay features on a Del l Networki ng N2000, N300 0, and N40 00 series swit ches. F or details about the fields on a pa ge, click at th[...]

  • Página 1095

    Confi guring L2 and L3 Rel ay Featur es 1095 DHCP Relay Inter face Config uration Use this page to enable L2 DHCP r elay on individual ports . T o access this page, cli ck Switching → DHCP R elay → Inter face Configuratio n in the navigation panel. Figure 34-2. DHCP Rela y Interfac e Config uration T o view a summary of the L2 DHCP r elay confi[...]

  • Página 1096

    1096 Configu ring L2 an d L3 Relay Feat ures Figure 34-3. DHCP Relay Inte rface Summary[...]

  • Página 1097

    Confi guring L2 and L3 Rel ay Featur es 1097 DHCP Relay Inter face Stati stics Use this page to displ ay statistics on D HCP Relay r equests received on a selected port. T o access this page, click Switching → DHCP Relay → Interface Sta tistics in the navigation panel. Figure 34-4. DHCP Rela y Interfac e Statistic s[...]

  • Página 1098

    1098 Configu ring L2 an d L3 Relay Feat ures DHCP Relay VLAN Confi guration Use this page to enable and config ure DH CP Relay on specif ic VLANs. T o access this page, click Switching → DHCP Relay → VLAN Configur ation in the navi gation panel. Figure 34-5. DHCP Relay V LAN Configurat ion T o view a summary of t he L2 DHCP r elay conf iguratio[...]

  • Página 1099

    Confi guring L2 and L3 Rel ay Featur es 1099 T o display the page, cl ick Rout ing → BOOTP/DHC P Relay Agent → Confi gur ation in the navigation panel. Figure 34-7. DHCP Relay Agent Con figuration[...]

  • Página 1100

    1100 Configu ring L2 an d L3 Relay Feat ures IP Helper Glo bal Configur ation Use the Global Config uration page to add, show , or delet e UDP Relay and Helper IP configuration T o display the page, click Rout ing → IP H elper → Glob al Co nfigur atio n in the navigation panel. Figur e 34-8. IP He lper Gl obal Con figur atio n Addin g an IP Hel[...]

  • Página 1101

    Confi guring L2 and L3 Rel ay Featur es 1101 Figur e 34-9. Add Help er IP Address 3. Select a U DP Des tination port name from t he menu or en ter the UD P Destin ation P ort ID. Select the Defau l t Set to c onfigure for the relay entry for the default set of prot ocols. 4. Enter the IP addr ess of the server to which the pack ets with the given U[...]

  • Página 1102

    1102 Configu ring L2 an d L3 Relay Feat ures IP Helper Int erface Conf iguration Use the Interfa ce Configurat ion page to add, show , or delete UDP Relay and Helper IP configuration for a s pecific interface. T o display the page, click Rout ing → IP H elper → Inte rface Confi gurat ion in the navigation panel. Figure 34-10. IP Helper Interfac[...]

  • Página 1103

    Confi guring L2 and L3 Rel ay Featur es 1103 Figure 34 -11. Ad d Helper I P Addre ss 3. Select the in terface to use for the relay . 4. Select a U DP Des tination port name from t he menu or en ter the UD P Destin ation P ort ID. Select the Defau l t Set to c onfigure for the relay entry for the default set of prot ocols. 5. Choose whether to disca[...]

  • Página 1104

    1104 Configu ring L2 an d L3 Relay Feat ures IP He lper Stat istic s Use the Statistics pa ge to view UDP Rela y Statis tics for the swit ch. To d i s p l a y t h e p a g e , c l i c k Ro ut i ng → IP Helper → Statistics in the navi gation panel. Figure 3 4-12. IP Helper Statistics[...]

  • Página 1105

    Confi guring L2 and L3 Rel ay Featur es 1105 Configuring L2 and L3 Relay Fea tures (CLI) This section provides information about the commands you use to configure L2 and L3 re lay features on the sw itch. F or more information about the commands, see the Dell Networking N2000 , N3000, and N4 000 Series Switches CLI Reference Guide at supp ort .dell[...]

  • Página 1106

    1106 Configu ring L2 an d L3 Relay Feat ures dhc p l2r ela y remote-id remo te Id vlan vlan-range Enabl e settin g the DHCP Option 82 Remote ID for a VLAN. W hen en abled, the sup plied st ring i s used for the Remote ID in DHCP Opt ion 82. The remo te Id variable is a s tring to be used as the r emote ID in t he Opt ion 8 2 (Ran ge: 1 - 128 ch ara[...]

  • Página 1107

    Confi guring L2 and L3 Rel ay Featur es 1107 Configuri ng L3 R elay (IP Helpe r) Settin gs Beginning in P rivileged EXEC mode, use the following commands to configure switch and interface L3 DHCP r elay and IP helper settings. Command Pu rpose configure Enter global configuration mode. ip helper enable Use this command to enable the I P helper fea [...]

  • Página 1108

    1108 Configu ring L2 an d L3 Relay Feat ures ip helper-address { serve r -addr ess | disc ard } [ dest- udp-por t | dhcp | domain | isakmp | mob ile-ip | nameser ver | netbios- dgm | netb ios-ns | ntp | pim-auto-rp | rip | tacacs | tf tp | time ] Config ure the relay of ce rtain UDP broadca st packets rec eived on th e VLAN routin g int erface( s).[...]

  • Página 1109

    Confi guring L2 and L3 Rel ay Featur es 1109 Relay Agent Configur ation Example The example in this section shows how to configure the L3 relay agent (IP helper) to relay and discar d various protocols. Figure 34-13. L3 Relay Netw ork Diagram This exampl e assumes that multiple VLAN routin g interfaces have been created, and configur ed with IP add[...]

  • Página 1110

    1110 Configu ring L2 an d L3 Relay Feat ures 2 Relay D NS pac kets received on VL AN 10 to 192.168.4 0.43 console(config-if-vlan10)# ip helper-address 192.168.40.35 domain console(config-if-vlan10)# exit 3 Relay S NMP t raps (p ort 162) received on VL AN 20 t o 192.168. 23.1 console(config)# interface vlan 20 console(config-if-vlan20)# ip helper-ad[...]

  • Página 1111

    Confi guring O SPF and OSP Fv3 1111 35 Configuring OSPF and OSPFv3 This chapter describes how to configur e Open Shortest P a th F irst (OS PF) and OSPFv3. OSPF is a dynamic routing protocol for IPv4 networks, and OSPFv3 is used to route traffic in IPv6 networks. The protocols ar e configured separa tely within the s oftware, but their functi onali[...]

  • Página 1112

    1112 Confi gurin g OSPF and OS PFv3 OSPF Overview OSPF is an Interior Gateway P rotocol (IGP) that performs dynamic routing within a network. Del l Network ing series swi tches supp ort two dyn amic routing protocols: OSPF and Routing Information P rotocol (RIP). Unlike RIP , OSPF is a li nk-state pr otocol. Larger networ ks typica lly use the OSPF[...]

  • Página 1113

    Confi guring O SPF and OSP Fv3 1113 What Are OSPF Router s and LSAs? When a Dell Networking switch is configur ed to use OSPF for dynamic routing, it is considered to be an OS PF router . O SPF route rs keep track of t he state of the variou s links they send data to . Routers ex change OSPF link state advertisements (LSAs) with other routers. Exte[...]

  • Página 1114

    1114 Confi gurin g OSPF and OS PFv3 OSPF Feature De tails This sect ion pro vide s deta ils on th e foll owing OSPF f eatures : •M a x M e t r i c • Sta tic Area R ange C ost •L S A P a c i n g •L S A P a c i n g Max Metric RFC 3137 introduced stub router behavior to OSPFv2. As a stub, a router can inform other routers t hat it is not av ai[...]

  • Página 1115

    Confi guring O SPF and OSP Fv3 1115 mode. OSPF does not begin in stub ro uter mode when OSPF is globally enabled. If the operator w ants to avoid ro uting transients when he enabl es or configures OSPF , he can manually set OSPF in stub router mode. If OSPF is in startup st ub router mo de and encounters a r esource limitation that would normally c[...]

  • Página 1116

    1116 Confi gurin g OSPF and OS PFv3 Static Are a Range Cost This feature allows a network operator to configure a fix ed OSPF cost that is always advert ised when an area range is ac tive. Thi s feature applie s to both OSPFv 2 and OSP Fv3. An OSPF domain can be divided into a reas to limit the processing r e quir ed on each router . Area Border Ro[...]

  • Página 1117

    Confi guring O SPF and OSP Fv3 1117 LSA Pacing OSPF refreshes each self -o riginated LSA every 30 minutes . Because a router tends to originate many LSAs a t the same time, either at st artup or when adjacencies are formed or when routes ar e first learned, LSA refres hes tend to be grouped. F urther , Area Bor d er Routers (ABRs) at tached to the [...]

  • Página 1118

    1118 Confi gurin g OSPF and OS PFv3 Flood Blocki ng OSPF is a link state routing protocol. Routers describe their local environment in Link Sta te Advertisements (LSA s), which are distributed throughout an area or OSPF domain. Through t his process, each router learns enough information to compute a set of routes consistent with the routes compute[...]

  • Página 1119

    Confi guring O SPF and OSP Fv3 1119 Flood blocking ca nnot be enabled on virtual interfaces. While the featu r e could be allowed on virtual interfaces, it is less lik ely to be used on a vir tual interface, si nce virtual interfaces are created sp ecifically to allow flooding between two b ackbone routers. So the option of flood blocking on v irtu[...]

  • Página 1120

    1120 Confi gurin g OSPF and OS PFv3 Default OSPF V alues O S P F i s g l o b a l l y e n a b l e d b y d e f a u l t . T o m a ke i t o pe r at io n al o n t h e r o u t e r , y o u must configur e a router ID and e nable OSPF on a t least one i nterface. T able 3 5-1 shows the glo bal default values for OS PF and OSPF v3. T able 35-1 . OSPF/O SPFv[...]

  • Página 1121

    Confi guring O SPF and OSP Fv3 1121 T able 35 -2 shows the per -interf ace default va lues for OS PF and OSP Fv3. T abl e 35-2. OSPF Per-Inte rface Default s Paramete r Defaul t V alue Admin Mod e Disabled Adver tise Sec ondar ies Enab led (OSPF v2 only ) Route r P rior ity 1 Retransmit Interval 5 seconds Hello Inte rval 10 seconds Dead Interval 40[...]

  • Página 1122

    1122 Confi gurin g OSPF and OS PFv3 Configuring OSPF Fe atures (W eb) This section provides information about the OpenManag e Switch Administrator pages for configuring and monitoring OSPF features on a Dell Networki ng N2000, N3000, and N40 00 series s witches. F or details abo ut the fields on a page, click at the top of the page. OSPF Configur a[...]

  • Página 1123

    Confi guring O SPF and OSP Fv3 1123 OSPF Area Config uration The Area Config uration page lets you create a S tub area configuration and NSSA once you’ve enabled OSPF on an interface through Ro ut i n g → OSP F → Inter face Config uration . At least one router must have OSPF enabled for this web page to disp lay . T o display the page, cl ick[...]

  • Página 1124

    1124 Confi gurin g OSPF and OS PFv3 Configuring an OSPF Stub Area T o configure the ar ea as an OSPF stub ar ea, click Create Stub Area . T he pages r efr eshes, and display s additional fields t hat ar e specific to the stub ar ea. Figure 35-3. OSP F Stub Area Configuratio n Use the Dele te Stu b Ar ea button to remove the s tub area.[...]

  • Página 1125

    Confi guring O SPF and OSP Fv3 1125 Configuring an OSPF Not-So-Stubby Area T o configure the area as an OSPF not-s o-stubby ar ea (NSSA), click NSSA Create . The pages refr eshes, and displays additional fields that are specific to the NSSA. Figure 3 5-4. OSPF NSSA Configu ration Use the NSSA D elete button to remov e the NSSA area.[...]

  • Página 1126

    1126 Confi gurin g OSPF and OS PFv3 OSPF Stub Area Summary The Stub Are a Summary page disp lays OSPF st ub area d etail . T o display the page, click Rout ing → OSPF → Stub Area Summary in t he navigation panel. Figure 35-5. OSPF Stu b Area Summary[...]

  • Página 1127

    Confi guring O SPF and OSP Fv3 1127 OSPF Area Range Confi guratio n Use the Area Ra nge Configuration page to configure and disp lay an area range for a specified NSSA. T o display the page, click Routi ng → OSP F → Area Range C onfiguration in the navigation panel. Figure 3 5-6. OSPF Area Range Config uration[...]

  • Página 1128

    1128 Confi gurin g OSPF and OS PFv3 OSPF Interf ace Statist ics Use the Inte rface Statistics page t o disp lay st atist ics f or the s electe d interface. The informat ion is displayed onl y if OSPF is enab led. T o display the page, click Rout ing → OSPF → Inte rface Sta tisti cs in the navigation panel. Figure 3 5-7. OSPF Interfa ce Statisti[...]

  • Página 1129

    Confi guring O SPF and OSP Fv3 1129 OSPF Interf ace Configur ation Use the Interfa ce Configurat ion page to confi gure an OSPF interface. T o display the page, cl ick Rout ing → OSPF → Inter face Config urat ion in the navigation panel. Figure 35-8. OSP F Interface Config uration[...]

  • Página 1130

    1130 Confi gurin g OSPF and OS PFv3 OSPF Neighbor T able Use the Neighbor T able page to displa y the O SPF neig hbor ta ble list . Whe n a particular ne ighbor ID is spec ified, detailed information ab out a neighbor is given. The information below is only displayed if OSPF is enabled. T o display the page, click Rout ing → OSPF → Neighbor T a[...]

  • Página 1131

    Confi guring O SPF and OSP Fv3 1131 OSPF Neighbor Conf igurati on Use the Neighbor Co nfigurat ion page to display the OSPF neighbor configuration for a selected neighbor ID. When a particular neighbor ID is specified, deta iled information about a neighbor is given. The information below is only dis played if OSPF is enabled and the int erface has[...]

  • Página 1132

    1132 Confi gurin g OSPF and OS PFv3 OSPF Link State D atabase Use the Link Stat e Databa se page to display OSPF link state, external LSDB table, and AS opaque LSDB tabl e information. T o display the page, click Rout ing → OSPF → Link State Database in th e navigation panel. Figure 35 -11. OSP F Link State Dat abase OSPF V irtual Link Co nfigu[...]

  • Página 1133

    Confi guring O SPF and OSP Fv3 1133 Figure 35-12. OSPF Virtual Link Creation After you cr eate a virtual link, additional fields di splay , as the F igur e 35-13 shows. Figure 35-13. OSPF Virtual Link Configuration[...]

  • Página 1134

    1134 Confi gurin g OSPF and OS PFv3 OSPF V irtual Link Su mmary Use the Vi r t u a l L i n k S u m m a r y page to display all of the configur ed virtual links. T o display the page, click Rout ing → OSPF → Vi r t u a l L i n k S u m m a r y in the navigation panel. Figure 35-14. OSPF Virtual Link Summary[...]

  • Página 1135

    Confi guring O SPF and OSP Fv3 1135 OSPF Route Redist ribution Conf igurati on Use the Rout e Redi stri buti on Conf igu ratio n page to co nfigure redistribu tion in OSPF for routes learned through various protocols. Y ou can choose to redistribute routes learned from all available protocols or from selected ones. T o display the page, cl ick Rout[...]

  • Página 1136

    1136 Confi gurin g OSPF and OS PFv3 OSPF Route Redis tribution Summar y Use the Ro ute R edistri buti on S ummary page to display OSPF R oute Redistribution configurations. T o display the page, click Rout ing → OSPF → Rout e Red ist rib uti on Summary in the navigation panel. Figure 35-16. OSPF Rout e Redistribut ion Summary[...]

  • Página 1137

    Confi guring O SPF and OSP Fv3 1137 NSF OSPF Configur ation Use the NS F OSP F Conf igur ation page to configure the non-stop forwar ding (NSF) support mode and to view NSF summar y information for the OSPF featur e. NSF is a feat ure used in sw itch stacks to maint ain switching and routing functions in the event of a stack unit failur e. F or inf[...]

  • Página 1138

    1138 Confi gurin g OSPF and OS PFv3 Configuring OSPFv3 Features (W eb) This section provides information about the OpenManag e Switch Administrator pages for configuring and monitoring OSPFv3 featur es on a Dell Networ king N2000, N3000, and N400 0 series switches. F or details ab out the fields on a page, click at the top of the page. OSPFv3 Confi[...]

  • Página 1139

    Confi guring O SPF and OSP Fv3 1139 OSPFv3 Area C onfiguratio n Use the Area Config uration page to creat e and configure an OSPFv3 a rea. T o display the page, cl ick IPv6 → OSPFv3 → Area Con figuration in t he navigation panel. Figure 35 -19. OS PFv3 Area Configura tion[...]

  • Página 1140

    1140 Confi gurin g OSPF and OS PFv3 Confi guring an OSPFv3 Stub Area T o configure the ar ea as an OSPFv3 st ub area, click Creat e St ub A rea . The pages r efr eshes, and display s additional fields t hat ar e specific to the stub ar ea. Figure 35-20. OSPFv3 S tub Area Config uration Use the Dele te Stu b Ar ea button to remove the s tub area.[...]

  • Página 1141

    Confi guring O SPF and OSP Fv3 1141 Configuring an OSPFv 3 Not-So-Stubby Area T o configure the ar ea as an OSPFv3 not-s o-stubby ar ea (NSSA), cl ick Create NSSA . The pages refreshes, and displays additional fields that are specific to the NSSA. Figure 35 -21. OSP Fv3 NSSA Co nfiguration Use the Dele te NSSA button to remov e the NSSA area.[...]

  • Página 1142

    1142 Confi gurin g OSPF and OS PFv3 OSPFv3 Stub Area Summary Use the Stub Ar ea Summary page to dis play OSPFv3 stub area detail. T o display the page, click IPv6 → OSPFv3 → Stub Area Summary in the navigation panel. Figure 35-22. OSPFv3 Stu b Area Summary[...]

  • Página 1143

    Confi guring O SPF and OSP Fv3 1143 OSPFv3 Area Range Con figurati on Use the Area Ra nge Configuration page to configure OSPFv3 ar ea ranges. T o display the page, cl ick IPv6 → OSPFv3 → Area Range Configuration in the navigation panel. Figure 35 -23. OS PFv3 Area Range C onfigura tion[...]

  • Página 1144

    1144 Confi gurin g OSPF and OS PFv3 OSPFv3 Inter face Config uration Use the Interfac e Configurat ion page to create and configur e OSPFv3 interfaces. To d i s p l a y t h e p a g e , c l i c k IPv6 → OSPFv3 → Inte rface Confi guration in t he navigation panel. Figure 35-24. OSPFv3 Inte rface Configuration[...]

  • Página 1145

    Confi guring O SPF and OSP Fv3 1145 OSPFv3 Inter face Stati stics Use the Interface Statistics page to dis play OSPF v3 interface st atistics. Information is onl y displayed if OSP F is enabled. T o display the page, cl ick IPv6 → OSPFv3 → Interface Statistics in the navigation panel. Figure 35 -25. OSP Fv3 Interface Statistics[...]

  • Página 1146

    1146 Confi gurin g OSPF and OS PFv3 OSPFv3 Neighbor s Use the Neigh bors page to display the OSPF neighbor configuration for a selected neighb or ID. When a pa rticular neighbor I D is specified, det ailed information about th at neighbor is given. Neighbor information o nly displays if OSPF is en abled and the inte rface has a neighbor . The IP ad[...]

  • Página 1147

    Confi guring O SPF and OSP Fv3 1147 OSPFv3 Neighbor T able Use the Neighbor T able page t o display the OS PF neig hbor tab le list. When a particular neig hbor ID is specifie d, detailed information ab out a neighbor is given. The neighbor t able is onl y displayed if OSP F is enabled. T o display the page, cl ick IPv6 → OSPFv3 → Nei ghbor T a[...]

  • Página 1148

    1148 Confi gurin g OSPF and OS PFv3 OSPFv3 Link St ate Database Use the Link State Database page to displ ay the li nk state and e xternal LSA database s. The OSPFv3 Link State Database page has been updated to display extern al LSDB ta ble info rmatio n in addition to OS PFv3 link s tate information. T o display the page, click IPv6 → OSPFv3 →[...]

  • Página 1149

    Confi guring O SPF and OSP Fv3 1149 OSPFv3 V irtual Li nk Configura tion Use the V irtual Link Configura tion page to define a new or configure an exis ting virtual link. T o display t his page, a val id OSPFv3 area mus t be defined through the OSPFv 3 Ar ea Configuration page. T o display the page, cl ick IPv6 → OSPFv3 → V irtual Link Configur[...]

  • Página 1150

    1150 Confi gurin g OSPF and OS PFv3 After you create a virtual link, additional fields display , as the F igure 35-30 shows. Figure 35-30. OSPFv3 Virtual Link Configurati on[...]

  • Página 1151

    Confi guring O SPF and OSP Fv3 1151 OSPFv3 V irtual Li nk Summary Use the Vi r t u a l L i n k S u m m a r y page to display virtual link data b y Area ID and Neighbor Router ID. T o display the page, cl ick IPv6 → OSPFv3 → Vi r t u a l L i n k S u m m a r y in the navigation panel. Figure 35 -31. OSPFv3 Virtual Link Summary[...]

  • Página 1152

    1152 Confi gurin g OSPF and OS PFv3 OSPFv3 Route Redi stributio n Configurat ion Use the Route Redist ribut ion Co nfig urat ion page to configure route redi stri buti on. T o display the page, click IPv6 → OSPFv3 → Route Redis tr ibut io n Configur ation in the navigation panel. Figure 35-32. OSPFv3 R oute Redistri bution Configu ration[...]

  • Página 1153

    Confi guring O SPF and OSP Fv3 1153 OSPFv3 Route Redi stributio n Summary Use the Route Redistribution Summary page to display route redis tribution settings by source. T o display the page, cl ick IPv6 → OSPFv3 → Rout e Re dist rib ut ion Summary in the navigation panel. Figure 35 -33. OSP Fv3 Route Redistribu tion Summary[...]

  • Página 1154

    1154 Confi gurin g OSPF and OS PFv3 NSF OSPFv3 Confi guration Use the NSF OS PFv3 C onfig urat ion page to configure the non-stop forwarding (NSF) support mode and to view NSF summary information for the OSPFv3 feature. NSF is a featur e used in swit ch stacks to maintain switching and routing functions in the even t of a stack unit fail ure. F or [...]

  • Página 1155

    Confi guring O SPF and OSP Fv3 1155 Configuring OSPF Features (CLI) This section provides information about the commands you use to configure and view OSPF sett ings on the sw itch . This section does not describe all available show commands. F or more informat ion about all av ailable OSPF commands, see the Dell Networking N2000 , N3000, and N4 00[...]

  • Página 1156

    1156 Confi gurin g OSPF and OS PFv3 default-information originate [ al ways ] [ metri c metric -value ] [ metri c-type type-value ] Control the advert isement of default route s. • always — No rmally , OSPF origina tes a default route on ly if a default ro ute is redistri buted i nto OSPF (and def ault- inform atio n origin ate is co nfigu red [...]

  • Página 1157

    Confi guring O SPF and OSP Fv3 1157 passive-interface default Config ure OSPF in terfa ces as passive by de faul t. This command overrides any inter face-level passive mode sett ings.O SPF d oes not form adjace ncies on pa ssive interf aces but does a dvertise attach ed net works as stub networ ks. timers spf delay -time hold- time Specify the SPF [...]

  • Página 1158

    1158 Confi gurin g OSPF and OS PFv3 Configuri ng OSPF I nterface Settin gs Beginning in P rivileged EXEC mode, use the following commands to configure pe r -i nterfac e OSPF se ttings. Command Purpose configure Enter global configuration mode. interface vlan vla n-id Ente r Inte rface C onfig urati on mo de for t he spe cified VLAN. ip ospf area ar[...]

  • Página 1159

    Confi guring O SPF and OSP Fv3 1159 ip ospf dead-inter val second s Set the O SPF dead inte rval for the inte rface. The seco nds varia ble indica tes th e numb er of s econds a route r wait s to see a neigh bor ro uter's H ello pac ke ts befor e decla ring tha t the router is down ( Range: 1– 65535) . This parameter mus t be the same for al[...]

  • Página 1160

    1160 Confi gurin g OSPF and OS PFv3 Configuri ng Stub Areas and NSSAs Beginning in P rivileged EXEC mode, use the following commands to configure OSPF stub ar eas and NSSAs. exit Exit to Globa l Configu ration Mode router ospf Ent er OSPF configura tion mode. passive-inter face vlan vlan-id Mak e an inter face p assi ve to pre vent OSPF f rom f orm[...]

  • Página 1161

    Confi guring O SPF and OSP Fv3 1161 area ar ea-id default-c ost inte ger Confi gure the m etric value (d efault cost ) for the typ e 3 summa ry LSA sent int o the st ub ar ea. Ra nge: 1–1677 7215 ) area ar ea-id nssa Create an NS SA for the speci fied area ID. area ar ea-id nssa no- summary Configur e the NSSA so that summ ary LSAs ar e not adve [...]

  • Página 1162

    1162 Confi gurin g OSPF and OS PFv3 Configuri ng Vir tual Links Beginning in P rivileged EXEC mode, use the following commands to configure OSPF V irtual Links. Command Purp ose configure En ter g lobal c onfigur ation m ode. router ospf Enter O SPF co nfiguratio n mode. area ar ea-id virt ual- link neighb or -id Cre ate the OSPF vi rtual inter fac[...]

  • Página 1163

    Confi guring O SPF and OSP Fv3 1163 area ar ea-id virtual-li nk neighb or -id hello-inter val second s Set the O SPF hello in terval for the v irtual link. The seco nds varia ble in dicate s the numbe r of sec onds t o wait b efor e send ing He llo pac ket s from t he virt ual inter face. (Ra nge: 1– 65535) . area ar ea-id virtual-li nk neighb or[...]

  • Página 1164

    1164 Confi gurin g OSPF and OS PFv3 Configuri ng OSPF Area Range Setti ngs Beginning in P rivileged EXEC mode, use the following commands to configure an OSPF ar ea range. Configuri ng OSPF R oute Redis tribution Setting s Beginning in P rivileged EXEC mode, use the following commands to configure OSPF route r edistribution settings. Command Pu rpo[...]

  • Página 1165

    Confi guring O SPF and OSP Fv3 1165 distri bute-l ist access listna me out { rip | static | connec ted } Specify t he acce ss list t o filter rou tes r eceived f rom the source protocol. The ACL must al ready e xist on the swit ch. F or i nformation a bout the comma nds you use to confi gure ACLs, see "Con figuring ACLs (CLI)" on page 6 1[...]

  • Página 1166

    1166 Confi gurin g OSPF and OS PFv3 Configuri ng NSF Setting s for OSPF Beginning in P rivileged EXEC mode, use the following commands to configure the non-stop forwarding settings for OSPF . Command Purp ose configure En ter g lobal c onfigur ation m ode. router ospf Enter O SPF co nfiguratio n mode. nsf [ietf ] helper strict-lsa- checkin g Requ i[...]

  • Página 1167

    Confi guring O SPF and OSP Fv3 1167 Configuring OSPFv3 Features (CLI) This section provides information about the commands you use to configure OSPF v3 setting s on the sw itch. F o r more infor mation abo ut the co mmands and about a dditiona l show commands, see the Dell Networking N200 0, N3000, and N40 00 Series Switche s CLI Refer ence Guide a[...]

  • Página 1168

    1168 Confi gurin g OSPF and OS PFv3 distan ce ospf { external | inter -area | intra-area } dist ance Set t he preference values o f OSPFv3 ro ute types in t he rout er . The range for the dist ance vari able i s 1–25 5. Lower ro ute preference valu es are preferred when determi ning the bes t rout e. enable Enable OSPFv3. exit-overflow-inter val [...]

  • Página 1169

    Confi guring O SPF and OSP Fv3 1169 Configuri ng OSPFv3 Inte rface Settings Beginning in P rivileged EXEC mode, use the following commands to configure per -interface OSPFv3 settings. Comman d Purpose configure E nter globa l confi guration mod e. interface vlan vla n-id Ente r Inte rface Conf igura tion mo de fo r the specif ied VLAN. ipv6 ospf ar[...]

  • Página 1170

    1170 Confi gurin g OSPF and OS PFv3 ipv6 ospf dead-inter val second s Set the O SPFv3 dead int erval for the in terface. The secon ds varia ble indic ates th e number of seconds a rout er wait s to see a nei ghbor r outer' s Hell o pack ets befor e decla ring tha t the rout er is down ( Range: 1–65 535). This paramete r must be the same for [...]

  • Página 1171

    Confi guring O SPF and OSP Fv3 1171 Configuri ng Stub Areas and NSSAs Beginning in P rivileged EXEC mode, use the following commands to configure OSPFv3 stub ar eas and NSSAs. show ipv6 ospf interface [ inter face- type i nter face- number ] View su mmary information for all OSPFv3 in terfaces config ured on the swit ch or for the s pecified ro uti[...]

  • Página 1172

    1172 Confi gurin g OSPF and OS PFv3 area area-id nssa [no- redistribution] [default- information-originate [metric metric-value ] [metric-type metric-type - value ]] [no-summary ] [translator-role role ] [translator -stab-intv inter val ] Create and con figure an NSSA for the speci fied area ID. • met ric -v al ue —Sp e cif ies the m etric o f [...]

  • Página 1173

    Confi guring O SPF and OSP Fv3 1173 Configuri ng Vir tual Links Beginning in P rivileged EXEC mode, use the following commands to configure OSPFv3 Vi rtual Links. Comman d Purpose configure En ter global conf iguration mode. ipv6 router ospf En ter OSPFv3 conf igurati on mode. area ar ea-id virtual-li nk neighb or -id Create the O SPFv3 virtu al in[...]

  • Página 1174

    1174 Confi gurin g OSPF and OS PFv3 Configuri ng an OSP Fv3 Area Range Beginning in P rivileged EXEC mode, use the following commands to configure an OSPFv3 ar ea range. Command Purp ose configure En ter g lobal c onfigur ation m ode. ipv6 router ospf Ente r OSPFv 3 con figura tion m ode. area ar ea-id rang e ipv6- pr efix/ pr efix- leng th {summa [...]

  • Página 1175

    Confi guring O SPF and OSP Fv3 1175 Configuri ng OSPFv3 Route Red istributi on Settings Beginning in P rivileged EXEC mode, use the following commands to configure OSPFv3 route redistribution settings. Comman d Purpose configure En ter global conf iguration mode. ipv6 router ospf En ter OSPFv3 conf igurati on mode. redistr ibute { static | connecte[...]

  • Página 1176

    1176 Confi gurin g OSPF and OS PFv3 Configuri ng NSF Setting s for OSPFv3 Beginning in P rivileged EXEC mode, use the following commands to configure the non-stop forwarding se ttings for OSPFv3. Command Purp ose configure En ter g lobal c onfigur ation m ode. ipv6 router ospf Ente r OSPFv 3 con figura tion m ode. nsf [ietf ] helper strict-lsa- che[...]

  • Página 1177

    Confi guring O SPF and OSP Fv3 1177 OSPF Configuration Examples This section contains the following exa mples: • Configurin g an OSPF Border Router and Set ting Interface Costs • Config uring Stu b and NSSA Ar eas fo r OSPF and OSPFv3 • Configu ring a Virtual Link for OSPF and O SPFv3 Configuri ng an OSPF Border Rout er and Setting In terface[...]

  • Página 1178

    1178 Confi gurin g OSPF and OS PFv3 T o Configure Bor der Router A: 1 Enable routing on th e switch. console# configure console(config)# ip routing 2 Create VLA NS 70, 8 0, and 9 0 and a ssign th em to int erfaces. console(config)# vlan 70,80,90 console(config-vlan70,80,90)# interface gi1/0/1 console(config-if-Gi1/0/1)# switchport access vlan 70 co[...]

  • Página 1179

    Confi guring O SPF and OSP Fv3 1179 5 Configure the OSPF ar ea ID, p riority , and cost for each in terface. console(config)# interface vlan 70 console(config-if-vlan70)# ip ospf area 0.0.0.0 console(config-if-vlan70)# ip ospf priority 128 console(config-if-vlan70)# ip ospf cost 32 console(config-if-vlan70)# exit console(config)# interface vlan 80 [...]

  • Página 1180

    1180 Confi gurin g OSPF and OS PFv3 Configuri ng Stub and NSSA Areas for OSPF and OSPFv3 In this e xample, Ar ea 0 connects dir ectly to two other areas: Area 1 is defined as a stub area and Ar ea 2 is defined as an NSSA a rea. F igure 35-36 il lustrates this e xample OSPF configuration. Figur e 35-36. OSPF Co nfigu ration —Stub Are a and NSSA Ar[...]

  • Página 1181

    Confi guring O SPF and OSP Fv3 1181 Switch A is a backbone router . It link s to an ASBR (not defined here) tha t routes traffic outside th e AS. T o configur e Switch A: 1 Glob ally en able IP v6 and IPv4 r outing : console# configure console(config)# ipv6 unicast-routing console(config)# ip routing 2 Cre ate VLANs 6 an d 12 and ass ign the m to i[...]

  • Página 1182

    1182 Confi gurin g OSPF and OS PFv3 console(config-if-vlan12)# exit 7 Define the O SPF and OSPFv3 router IDs for the switch: console(config)# ipv6 router ospf console(config-rtr)# router-id 3.3.3.3 console(config-rtr)# exit console(config)# router ospf console(config-router)# router-id 3.3.3.3 console(config-router)# exit Switch B is a A BR that co[...]

  • Página 1183

    Confi guring O SPF and OSP Fv3 1183 console(config)# interface vlan 5 console(config-if-vlan5)# ip address 10.2.3.2 255.255.255.0 console(config-if-vlan5)# ipv6 address 3000:2:3::/64 eui64 console(config-if-vlan5)# ipv6 ospf console(config-if-vlan5) #ipv6 ospf areaid 0 console(config-if-vlan5)# exit console(config)# interface vlan 10 console(config[...]

  • Página 1184

    1184 Confi gurin g OSPF and OS PFv3 console(config-router)# network 10.2.4.0 0.0.0.255 area 0.0.0.2 6 F or IPv4: Configure a metric cost to associate with static routes when they ar e r edistr ibuted v ia OSPF : console(config-router)# redistribute static metric 1 subnets console(config-router)# exit 7 F or IPv6: Def ine an OSPF r outer . Define Ar[...]

  • Página 1185

    Confi guring O SPF and OSP Fv3 1185 Figure 35-37. OSPF Conf iguration— V irtual Link Switch B is an AB R that dir ectly connects Area 0 to Area 1. Note that in the previous exampl e, Switch B connected to a stub a rea and an NSS A. Virtual links cannot be cr eated across stub ar eas or NSSAs. The following commands define a virtual li nk that tra[...]

  • Página 1186

    1186 Confi gurin g OSPF and OS PFv3 S w i t c h C i s a A B R t h a t e n a b l e s a v i r t u a l l i n k f r o m t h e re m o t e A r e a 2 i n t h e A S to Area 0. The follow ing commands define a virtual link that travers es Ar ea 1 to Switch B (2.2 .2.2). T o configur e Switch C: 1 F o r IPv4, assign the router ID, create the virtual link to [...]

  • Página 1187

    Confi guring O SPF and OSP Fv3 1187 Intercon necting an IPv4 Backbone and Local IPv6 Network In F igure 35- 38, two De ll Networking L 3 switches are connected as shown in the diagram. The V LAN 15 routing i nterface on both s witches connects to an IPv4 bac kbone ne twork where OSPF is used as the dynamic routing protocol to ex change IPv4 routes.[...]

  • Página 1188

    1188 Confi gurin g OSPF and OS PFv3 4 Set the OS PFv3 router ID. console(config)# ipv6 router ospf console(config-rtr)# router-id 1.1.1.1 console(config-rtr)# exit 5 Configur e the IPv4 addr e ss an d OSPF area for VLAN 15. console(config)#i nterface vlan 15 console(config-if-vlan15)#ip address 20.20.20.1 255.255.255.0 console(config-if-vlan15)# ip[...]

  • Página 1189

    Confi guring O SPF and OSP Fv3 1189 T o configur e Switch B: 1 Create the VLA Ns. console(config)# vlan 2,15 console(config-vlan70,80,90)# interface te1/0/1 console(config-if-Te1/0/1)# switchport mode trunk console(config-if-Te1/0/1)# interface gi1/0/1 console(config-if-Gi1/0/1)# switchport access vlan 2 2 Enab le IPv4 and IP v6 routing on the swit[...]

  • Página 1190

    1190 Confi gurin g OSPF and OS PFv3 8 Configure the loopback interface. The switch uses the loopback IP address as the OSPF and OSPFv3 router I D. console(config)# interface loopback 0 console(config-if-loopback0)# ip address 2.2.2.2 255.255.255.0 console(config-if-loopback0)# exit console(config)# exit Configuri ng the Static Area Range Cost F i g[...]

  • Página 1191

    Confi guring O SPF and OSP Fv3 1191 network 172.20.0.0 0.0.255.255 area 0 network 172.21.0.0 0.0.255.255 area 1 area 1 range 172.21.0.0 255.255.0.0 summarylink timers spf 3 5 exit interface vlan 101 ip address 172.21.1.10 255.255.255.0 ip ospf hello-interval 1 ip ospf dead-interval 4 ip ospf network point-to-point exit interface te1/0/21 switchport[...]

  • Página 1192

    1192 Confi gurin g OSPF and OS PFv3 ip routing router ospf router-id 1.1.1.1 network 172.21.0.0 0.0.255.255 area 1 timers spf 3 5 exit interface vlan 101 ip address 172.21.1.1 255.255.255.0 routing ip ospf hello-interval 1 ip ospf dead-interval 4 ip ospf network point-to-point exit interface te1/0/21 switchport mode trunk exit interface vlan 104 ip[...]

  • Página 1193

    Confi guring O SPF and OSP Fv3 1193 ip address 172.21.2.2 255.255.255.0 routing ip ospf hello-interval 1 ip ospf dead-interval 4 ip ospf network point-to-point exit interface te1/0/21 switchport mode trunk exit interface vlan 104 ip address 172.21.3.2 255.255.255.0 routing ip ospf hello-interval 1 ip ospf dead-interval 4 ip ospf network point-to-po[...]

  • Página 1194

    1194 Confi gurin g OSPF and OS PFv3 switchport mode trunk exit interface loopback 0 ip address 172.21.254.2 255.255.255.255 exit exit Discussion W i th no area range cost specifie d, the range uses auto cost: (ABR-R0) #show ip ospf ra nge 1 Prefix Sub net Mask Type Action Cost Active 172.21.0.0 255 .255.0.0 S Advertise Auto Y (ABR-R0) #show ip ospf[...]

  • Página 1195

    Confi guring O SPF and OSP Fv3 1195 LS Age: 49 LS options: (E-Bit) LS Type: Network Summary LS A LS Id: 172.21.0.0 (network prefix) Advertising Router: 10.10.10.10 LS Seq Number: 0x80000003 Checksum: 0x78f8 Length: 28 Network Mask: 255.255.0.0 Metric: 0 The cost can be set to the maxi mum value, 16,777,215 , which is LSInfinity . Since OSP F cannot[...]

  • Página 1196

    1196 Confi gurin g OSPF and OS PFv3 exec-timeout 0 exit vlan 101-103 exit ip routing router ospf router-id 10.10.10.10 network 172.20.0.0 0.0.255.255 area 0 network 172.21.0.0 0.0.255.255 area 0 timers spf 3 5 exit interface vlan 101 ip address 172.21.1.10 255.255.255.0 ip ospf hello-interval 1 ip ospf dead-interval 4 ip ospf network point-to-point[...]

  • Página 1197

    Confi guring O SPF and OSP Fv3 1197 config hostname R1 line console exec-timeout 0 exit vlan 101,104 exit ip routing router ospf router-id 1.1.1.1 network 172.21.0.0 0.0.255.255 area 0 timers spf 3 5 exit interface vlan 101 ip address 172.21.1.1 255.255.255.0 routing ip ospf hello-interval 1 ip ospf dead-interval 4 ip ospf network point-to-point ex[...]

  • Página 1198

    1198 Confi gurin g OSPF and OS PFv3 router ospf router-id 2.2.2.2 network 172.21.0.0 0.0.255.255 area 0 timers spf 3 5 exit vlan 102,104 exit interface vlan 102 ip address 172.21.2.2 255.255.255.0 routing ip ospf hello-interval 1 ip ospf dead-interval 4 ip ospf network point-to-point exit interface te1/0/21 switchport mode trunk exit interface vlan[...]

  • Página 1199

    Confi guring O SPF and OSP Fv3 1199 exit interface vlan 103 ip address 172.21.1.1 255.255.255.0 routing ip ospf hello-interval 1 ip ospf dead-interval 4 ip ospf network point-to-point exit interface te1/0/21 switchport mode trunk exit interface loopback 0 ip address 172.21.254.2 255.255.255.255 exit exit Discussion W i th flood blocking disabled on[...]

  • Página 1200

    1200 Confi gurin g OSPF and OS PFv3[...]

  • Página 1201

    Confi guring RIP 1201 36 Configuring RIP This chapter describes how to configur e Rou ting Info rma tio n P rot oco l (RI P) on the switch. RIP is a dynamic routing protocol for IPv4 networks. The topics covered in t his chapter include: • RIP Overv iew • Default R IP V al ues • Configu ring RIP F eat ures (W eb) • Configu ring RIP F e atur[...]

  • Página 1202

    1202 Confi gurin g RIP What Is Spli t Hor izon? RIP uses a technique called split hori zon to avoid problems caused by including routes in updates sent to the router from which the route was originally learned. W ith simple split horizon, a route is not included in updates sent on the interface on which it was learned. In spl it horizon with pois o[...]

  • Página 1203

    Confi guring RIP 1203 Default RIP V a lues RIP is globally enabled by default. T o make it operational on the router , you configure and enable RIP for par t icular VLAN routing inte rfaces. T able 36-1 shows the gl obal default v alues for RI P . T able 36 -2 shows the per -interf ace default val ues for RIP . T abl e 36-1. RIP Glo bal Defa ults P[...]

  • Página 1204

    1204 Confi gurin g RIP Configuring RIP Features (W eb) This section provides information about the OpenManag e Switch Administrator pages for configuring and monitoring RIP featur es on a Dell Networki ng N2000, N3000, and N40 00 series s witches. F or details abo ut the fields on a page, click at the top of the page. RIP Confi guration Use the Con[...]

  • Página 1205

    Confi guring RIP 1205 RIP Int erface Con figurati on Use the Interfa ce Configurat ion page to enable and configur e or to disable RIP on a speci fic interface. T o display the page, cl ick Rout ing → RIP → Inter face Co nfiguratio n in the navigation panel. Figure 3 6-2. RIP Interface Con figuratio n[...]

  • Página 1206

    1206 Confi gurin g RIP RIP Int erface Su mmary Use the Inte rface Summary page to display RIP configuration status on an interface. T o display the page, click Rout ing → RIP → Interface Summa ry in the navigation panel. Figure 36-3. RIP Interf ace Summa ry[...]

  • Página 1207

    Confi guring RIP 1207 RIP Ro ute Redistr ibution Configura tion Use the Route R edistribution Configuration page to configure the RIP Route Redistribution parameters. The allowable values for e ach fields are displayed next to the field. If any invalid values are entered, an alert message is displaye d with the lis t of all the val id values. T o d[...]

  • Página 1208

    1208 Confi gurin g RIP RIP Route Redistr ibution Summar y Use the Route Redistributi on Summary page to di splay Route Redis trib ution configurations. To d i s p l a y t h e p a g e , c l i c k Rou ting → RIP → R oute Redistribution Summary in the navigation panel. Figur e 36-5. RIP Route Redistr ibution Summa ry[...]

  • Página 1209

    Confi guring RIP 1209 Configuring RIP Features (CLI) This section provides information about the commands you use to configure RIP se ttings on the swit ch. F or m ore informatio n about the com mands, s ee the Dell Ne tworking N2000, N300 0, and N4000 S eries Sw itches CLI Refe r ence G uide at support.dell.com/manuals . Configuri ng Global RIP Se[...]

  • Página 1210

    1210 Confi gurin g RIP Configuri ng RIP Interfac e Settings Beginning in P rivileged EXEC mode, use the following commands to configure per -inte rface RIP settings. Command Purpose configure Enter global configuration mode. interface vlan vla n-id Ente r Inte rface C onfig urati on mo de for t he spe cified VLAN. ip rip En able RIP on th e interf [...]

  • Página 1211

    Confi guring RIP 1211 Configuri ng Route Redist ribution Set tings Beginning in P rivileged EXEC mode, use the following commands to configure an OSPF ar ea range and to configur e route redistribution settings. Comman d Purpose configure En ter global conf iguration mode. router rip Ente r RIP configur ation mode. distri bute-l ist access listna m[...]

  • Página 1212

    1212 Confi gurin g RIP redi stri bute ospf [met ric met ric ] [match [int ernal] [external 1] [externa l 2] [nssa-external 1] [nssa- external 2] ] Configure RIP to allow re distribution of routes from the OSPF . • ospf — Specifies OSPF as the source protocol. • met ri c — Specifies t he metri c to use when red istribu ting th e rout e. Rang[...]

  • Página 1213

    Confi guring RIP 1213 RIP Configuration E xample This e xample includes four Dell Networking switches that use RIP to determine network topology and route inf ormation. The commands in this example configur e Switch A shown in F igu r e 36-6. Figure 36-6. RIP Network Diagram T o configure the switch: 1 Enable routing on th e switch console# config [...]

  • Página 1214

    1214 Confi gurin g RIP console(config-if-vlan10)# ip address 192. 168.10.1 255.255.255.0 console(config-if-vlan10)# ip rip console(config-if-vlan10)# ip rip receive version both console(config-if-vlan10)# ip rip send version rip2 console(config-if-vlan10)# exit console(config)# interface vlan 20 console(config-if-vlan20)# ip address 192. 168.20.1 2[...]

  • Página 1215

    Confi guring RIP 1215 Vl10 192.168.10.1 RIP-2 Both Enable Down Vl20 192.168.10.1 RIP-2 Both Enable Down Vl30 192.168.10.1 RIP-2 Both Disable Down[...]

  • Página 1216

    1216 Confi gurin g RIP[...]

  • Página 1217

    Conf iguring VRRP 1217 37 Configuring VRRP This chapter describ es how to conf igure V irtual Routing Redundancy P rotocol (VRRP) on the switch. VRRP can help cr eate redundancy on networks in which end-stations ar e st atically configured with the default gateway IP address. The topics covered in t his chapter include: • VRR P Overview • Defa [...]

  • Página 1218

    1218 Confi gurin g VRRP be config ured . A given port m ay appear as more than one virtual router to the network, also , mor e than one port on a switch may be config ured as a virtual router . W ith VRRP , a virtual router is associated w ith one or mor e IP addr esses th at serv e as defa ult g atew ays. I n t he ev ent th at t he VR RP rou ter c[...]

  • Página 1219

    Conf iguring VRRP 1219 What Is VRRP Accept Mode? The accep t mode allows the switch to respond to pings (ICMP Echo Requests ) sent to the VRRP virtual IP address. The VR RP specifi cation (RF C 3768) indicat es that a rout er may accept IP packets sent to the virtual router IP addr ess only if the router is the address owner . In practice, this res[...]

  • Página 1220

    1220 Confi gurin g VRRP W i th standard VRRP , the backup router takes over only if the router goes down. W ith VRRP interface t racking, if a track ed interface goes down on the VRRP master , the priority decrement value is subtra cted from the router priority . If the master router priority becomes less than the priori ty on the backup router , t[...]

  • Página 1221

    Conf iguring VRRP 1221 Default VRRP V a lues T able 37-1 shows the global default v alues for VR RP . T able 37 -1. VRRP Def aults Paramete r Defaul t V alue Admin Mod e Disabled Vi rtual R outer ID (VRI D) None ( Range 1-255) P reempt Mode Enabl ed P reempt Delay 0 Sec onds Learn A dvertisement Timer Interval Enabled Accept Mod e Disabled Pr i o r[...]

  • Página 1222

    1222 Confi gurin g VRRP Configuring VRRP Features (W eb) This section provides information about the OpenManag e Switch Administrator pages for configuring and monitoring VRRP features on a Dell Networki ng N2000, N3000, and N40 00 series s witches. F or details abo ut the fields on a page, click at the top of the page. VRRP Configur ation Use the [...]

  • Página 1223

    Conf iguring VRRP 1223 VRRP V irtual Router Status Use the Router Stat us page to display virtual router sta tus. T o display the page, cl ick Rout ing → VRRP → Router Status in the navigation panel. Figur e 37-2. Virtual Ro uter St atus[...]

  • Página 1224

    1224 Confi gurin g VRRP VRRP V irtual Router Statisti cs Use the Router Statistics page to dis play statis tics for a specif ied virtual router . T o display the page, click Rout ing → VRRP → Router Statistics in the navigation panel. Figur e 37-3. Virtu al Router Statis tics[...]

  • Página 1225

    Conf iguring VRRP 1225 VRRP Router Confi guration Use the Co nfig urat ion page to configure a vi rtual router . T o display the page, cl ick Rout ing → VRRP → Router Configuration → Confi gur ation in the navigation panel. Figure 37-4. VRRP R outer Conf iguration[...]

  • Página 1226

    1226 Confi gurin g VRRP VRRP Route T racking Conf iguration Use the Rou te T ra cki ng Conf igur ation page to vi ew routes that are tracked by VRRP and to add new tracked routes. T o display the page, click Rout ing → VRRP → Router Conf igur atio n → Route T rack ing Configurat ion in the navigation panel. Figur e 37-5. VRRP Ro ute T rac kin[...]

  • Página 1227

    Conf iguring VRRP 1227 Figu re 37-6. Add Route T racking 2 Select the virt ual route r ID and VLAN routi ng inter face that will tr ack the route. 3 Specify the d estination network address (track route pr efix) for the rou te to trac k. Use dot ted decim al format , for example 19 2.168.10.0 . 4 Specify th e prefix length for the tra ck ed rou te.[...]

  • Página 1228

    1228 Confi gurin g VRRP VRRP Interf ace T racking Configura tion Use the Inte rface T racki ng Confi guratio n page to view i nterfaces tha t are tracked by VRRP and to add new tracked interfaces. T o display the page, click Rout ing → VRRP → Router Conf igur atio n → Interfac e T rack ing Configurat ion in the navigation panel. Figur e 37-7.[...]

  • Página 1229

    Conf iguring VRRP 1229 Figur e 37-8. VRRP In terfac e T rac king Conf igurat ion 2 Select the virt ual route r ID and VLAN routi ng inter face that will tr ack the interface. 3 Specify th e interface to track. 4 Specify a v alue for the P riority Decrement to defi ne the a mount that t he router priority w ill be decreased when a tracked interfa ce[...]

  • Página 1230

    1230 Confi gurin g VRRP Configuring VRRP Features (CLI) This section provides information about the commands you use to configure VRRP se ttings on the swi tch. F o r more informat ion about th e commands, see the Dell Net working N2000, N3000, and N40 00 Series Swit ches CLI Reference Guide at support.dell.com/manuals . Configuri ng VRRP Setting s[...]

  • Página 1231

    Conf iguring VRRP 1231 vrrp vr-id time rs {learn | advertise second s } Co nfigur e th e VRR P time r set tings . Use th e keyword learn to enable VRRP to lea rn the adve rtisem ent ti mer interva l of t he mas ter ro uter . Use t he key word advertise to set th e fr equenc y , in seconds , that an interf ace on the specifie d virtual router sends [...]

  • Página 1232

    1232 Confi gurin g VRRP VRRP Configuration Example This section contains the following VRRP e xamples: • VRRP wit h Load Sharing • VRRP wit h Route and I nterface T racking VRRP with Load Shari ng In F igure 37-9, t wo L3 Dell Networking switches are performing the routing for network clients. Router A is the defau lt gate way fo r some c lient[...]

  • Página 1233

    Conf iguring VRRP 1233 This e xample configures two VRRP groups on each router . Router A is the V R R P m a s t e r f o r t h e V R R P g r o u p w i t h V R I D 1 0 a n d t h e b a c k u p f o r V R I D 2 0 . Router B is t he VRRP master for VRID 20 and the backup for VRID 10 . If Router A fails, Router B will become the master of VR ID 10 and wi[...]

  • Página 1234

    1234 Confi gurin g VRRP 9 Configure an optiona l description t o help identify the VRRP group. console(config-if-vlan10)# vrrp 20 description backup 10 Enable the VRRP groups on the interface. console(config-if-vlan10)# vrrp 10 mode console(config-if-vlan10)# vrrp 20 mode console(config-if-vlan10)# exit console(config)# exit The only difference bet[...]

  • Página 1235

    Conf iguring VRRP 1235 8 Specify th e IP address that the virtual rout er function will use. The router is the v irtual IP addr ess owner of this addres s, so the priority value is 2 55 by defa ult. console(config-if-vlan10)# vrrp 20 ip 192.168.10.2 9 Configure an opt ional descript ion to help iden tify the VR RP group. console(config-if-vlan10)# [...]

  • Página 1236

    1236 Confi gurin g VRRP VRRP with Route and I nterface T racking In F igure 37-10, the VRRP priorities are configured so that Router A is the VRRP master , and Ro uter B is the VRRP ba ckup. Router A forwards IP traffic from cli ents to the external network throu gh the VLAN 25 routing int erface. The clients are configured to use the virtual IP ad[...]

  • Página 1237

    Conf iguring VRRP 1237 T o configure Router A: 1 Enable routing for th e switch. console# config console(config)# ip routing 2 Cr eate and configur e the VLAN routin g inter face to use as th e defaul t gatewa y for network clien ts. This example assum es all other routing inter faces , such a s the interf ace to the exter nal ne twor k, have been [...]

  • Página 1238

    1238 Confi gurin g VRRP console(config-if-vlan10)# vrrp 10 track ip route 192.168.200.0/24 console(config-if-vlan10)# exit Router B is the back up router for VRID 10. The configured priorit y is 195. If the VLAN 25 routing interface or route to the external network on Router A go down, the priority of Router A w ill become 190 (or 180, i f both the[...]

  • Página 1239

    Conf iguring VRRP 1239 8 Enable the VRRP groups on the interface. console(config-if-vlan10)# vrrp 10 mode console(config-if-vlan10)# exit console(config)# exit[...]

  • Página 1240

    1240 Confi gurin g VRRP[...]

  • Página 1241

    Configu ring IPv6 R outing 1241 38 Configuring IPv6 Routing This chapter describes how to configur e general IPv6 routing information on the switch, including global rout ing setti ngs and IPv6 static route s. The topics covered i n this chapter include: • IPv6 Ro uting Overview • Defa ult IPv6 Ro uting V alues • Configu ring IPv6 Rout ing F [...]

  • Página 1242

    1242 Confi gurin g IPv6 Routin g How Does IPv6 Compare with IPv4? There ar e many con ceptual similarities between IPv4 and IPv6 network operation. Addr esses still have a ne t work pref ix portion (network) a nd a device in terface sp ecific portion ( host). Whi le the length of the ne twork portion is still v ariable, most us ers have standardize[...]

  • Página 1243

    Configu ring IPv6 R outing 1243 While optional in IPv4, router advert is eme nt is ma ndato ry in I Pv6. Route r advertisements specify the network pr efix(es) on a link which can be used by receiv ing hosts, in conjunction with an EUI-64 identifier , to autoconfigure a host’s address. Routers have their network p r efixes configured and may use [...]

  • Página 1244

    1244 Confi gurin g IPv6 Routin g T able 3 8-2 shows the de fault IPv6 int erface va lues after a V LAN routing interface has been created. IPv6 Rou ter Route Preferences L ocal —0 Static—1 OSPFv3 Intra—110 OSPFv3 Inter—110 OSPFv3 External—110 T abl e 38-2. IPv6 In terf ace Defau lts Parameter Default V alue IPv6 Mode Disabled DHCPv6 Clien[...]

  • Página 1245

    Configu ring IPv6 R outing 1245 Configuring IPv6 Routin g Features (W eb) This secti on provides information about the O penManage Switch Administrator pages for configuring an d monitoring IPv6 unicast routing featur es on a Dell Ne tworking N2000 , N3000, and N4 000 series switches. F or detail s about the f ields on a page , click a t the top of[...]

  • Página 1246

    1246 Confi gurin g IPv6 Routin g Interfa ce Configura tion Use the Interf ace Config uration page to configure IPv6 interface parameters. This page has been updated to include the IPv6 Destination Unre achables field. T o display the page, click Rou tin g → IPv6 → Interfa ce Configur ation in the navigation panel. Figure 38-2. IPv6 Interfac e C[...]

  • Página 1247

    Configu ring IPv6 R outing 1247 Interfa ce Summary Use the Int erface Summ ary page to display set tings for all IPv6 interfaces . T o display the page, cl ick Rout ing → IPv6 → Inter face Summary in the navigation panel. Figure 38 -3. IPv6 Interface Summ ary[...]

  • Página 1248

    1248 Confi gurin g IPv6 Routin g IPv6 Stat istics Use the IPv6 Statistics page to display I Pv6 traffic statistics for one or all interfaces. To d i s p l a y t h e p a g e , c l i c k Rou tin g → IPv6 → IPv6 Statistics in the navigation panel. Figure 38-4. IPv6 Statis tics[...]

  • Página 1249

    Configu ring IPv6 R outing 1249 IPv6 Neighbor T able Use the IPv6 Nei ghbor T a ble page to disp lay IPv6 neig hbor details for a specified int erface. T o display the page, cl ick IPv6 → IPv6 Ne ighbor T able in the nav igation panel. Figure 38-5. IPv6 Neig hbor T able[...]

  • Página 1250

    1250 Confi gurin g IPv6 Routin g DHCPv6 Client Parameters Use the DHCPv6 Client P arameters page to vie w in form atio n abo ut th e network i nformation auto matically a ssigned to an int erface by the DHCPv6 server . This page displays informat ion only if the DHCPv6 client has been enabled on an IPv 6 routing interface. T o display the page, cli[...]

  • Página 1251

    Configu ring IPv6 R outing 1251 DHCPv6 Cli ent Stat istics Use the DHCPv6 Client Statistics page to view information about DH CPv6 pack ets re ceived and tra nsmitted on a DHCPv6 client interfa ce. To d i s p l a y t h e p a g e , c l i c k Rou tin g → IPv 6 → DH CPv6 Client > Stati stics in the navigation panel. Figure 38-7. DHCPv6 Lease Pa[...]

  • Página 1252

    1252 Confi gurin g IPv6 Routin g IPv6 Router Entry Confi guration Use the IPv6 Route Entry Configuration page to configur e information for IPv6 routes. T o display the page, click Rout ing → IPv6 → IPv6 R outes → IPv6 Route Entr y Confi gur ation in the navigation panel. Figure 38 -8. IPv6 Rout e Entry Confi guration[...]

  • Página 1253

    Configu ring IPv6 R outing 1253 IPv6 Route T able Use the IPv6 R oute T abl e page to dis play all active I Pv6 routes and their settings. T o display the page, cl ick Rout ing → IPv6 → IPv6 Routes → IPv6 Rou te Ta b l e in the navigation panel. Figure 38 -9. IPv6 Route T a ble[...]

  • Página 1254

    1254 Confi gurin g IPv6 Routin g IPv6 Route Pr eferences Use the IPv6 Route Preferences page to configure the default preference for each protocol. These values are arbitrary values in the range of 1 to 255 an d are independent of route metrics. Most routing protocols use a route metric to determine the shortest path known to t he protocol, indepen[...]

  • Página 1255

    Configu ring IPv6 R outing 1255 Configure d IPv6 Routes Use the Configured IPv6 R outes page to display s elected IPv6 routes. T o display the page, cl ick Rout ing → IPv6 → IPv6 Routes → Configured IPv6 R o utes in the navigation panel. Figure 38 -11. Co nfigured IPv6 Ro utes T o r emove a configured route, select the check box in the Delete[...]

  • Página 1256

    1256 Confi gurin g IPv6 Routin g Configuring IPv6 Routin g Features (CLI) This section provides information about the commands you use to configure IPv6 routing on t he switch. F or more informat ion about the commands, see the Dell Net working N2000, N3000, and N40 00 Series Swit ches CLI Reference Guide at support.dell.com/manuals . Configuri ng [...]

  • Página 1257

    Configu ring IPv6 R outing 1257 Configuri ng IPv6 Inte rface Setti ngs Beginning in P rivileged EXEC mode, use the following commands to configure IPv6 settings for VLAN, tunnel, or loopback interfaces. Command Purpo se configure Enter G lobal Config uratio n mod e. interface {vlan | tunne l | loop back} interfa ce-id Ente r Inte rface Config urati[...]

  • Página 1258

    1258 Confi gurin g IPv6 Routin g Configuri ng IPv6 Neighb or Discovery Use the following commands to configure IPv6 Neighbor Discovery settings. Comm and Pur pose ipv6 nd prefix pr efix/ pr efix- leng th [{ valid-lifet ime | infinite } { preferred- lifet ime | infinite }] [ no-autoconfig ] [ off - link ] Configure parameters associ ated with networ[...]

  • Página 1259

    Configu ring IPv6 R outing 1259 ipv6 nd ns-inter val milli second s Set the in terval between rout er advertisemen ts for advertised neigh bor solic itatio ns. The range is 10 00 to 42949 67295 milli second s. ipv6 nd other -config- flag Set the other st ateful configurat ion flag in router adve rtise ments sent from t he in terfa ce. ipv6 nd manag[...]

  • Página 1260

    1260 Confi gurin g IPv6 Routin g Configuri ng IPv6 Route T able Entries and Rout e Preferences Beginning in P rivileged EXEC mode, use the following commands to configure IPv6 Static Routes. Command Purp ose configure En ter g lobal c onfigur ation m ode. ipv6 route ipv6- pr efix/ pr efix- leng th { next - hop-address | inte rface- type interface -[...]

  • Página 1261

    Configu ring IPv6 R outing 1261 ipv6 route dist ance inte ger Set the defau lt distance (preference) for stati c IPv6 route s. Lo wer rout e preference valu es are preferred when deter mining the b est ro ute. T he defau lt di stance (p refe renc e) f or s tat ic rou tes is 1. exit Exit to Global Config mode. Comman d Purpose[...]

  • Página 1262

    1262 Confi gurin g IPv6 Routin g IPv6 Show Commands Use the following commands in P rivileged EXEC mode to view IPv6 configuration status and related data. Command Purp ose show sdm prefer Show th e curr ently acti ve SDM te mplat e. show sdm prefer dual- ipv4-and-ipv6 defau lt Show pa rame ters fo r the SDM temp lat e. show ipv6 dhcp interface vla[...]

  • Página 1263

    Configu ring IPv6 R outing 1263 IPv6 Static Reject a nd Discard Route s A static configured route with a ne xt-hop of “null” causes any pack et matching the route to disappear or vanish from the network . This type of route is called a “Di scard” route if t he router returns an ICMP “network- unreachable” me ssage, or is calle d a “Re[...]

  • Página 1264

    1264 Confi gurin g IPv6 Routin g • ipv6 rou te 2001:: /16 null 2 54 ipv6 rou te 2002:: /16 null 2 54 These address ranges are res erved and not reachable in the Internet. If for some reason you have local networks in this rang e, a more specific route will have precedence. Another use for the Reject route is to prevent internal hos ts from commun[...]

  • Página 1265

    Configu ring DHC Pv6 Server and Relay Set tings 1265 39 Configuring DHCPv6 Server and Relay Settings This chapter describes how to configur e the switch to dynamically assign network information to IPv6 hosts by using the Dynamic Host Configuration P rotocol for IPv6 (DHCPv6). The topics covered in t his chapter include: • DHC Pv6 Overview • De[...]

  • Página 1266

    1266 Confi gurin g DHCPv6 Se rver and R elay Sett ings What Is a DHCPv6 Pool? DHCPv6 pools ar e used to s pecify information for DHCPv6 s erver to distribute t o DHCPv6 clients. These pools a re shar ed between multip le interfaces ov er which DHCPv6 server capabiliti es ar e configured. What Is a Statel ess Server? DHCPv6 i ncorporates the notion [...]

  • Página 1267

    Confi gurin g DHCPv6 Se rver and R elay Sett ings 1267 Figur e 39- 1. D HCPv 6 Prefi x Dele gatio n Scen ario In Figure 39- 1, th e Del l Ne two rki ng ac ts a s the Pr efi x De lega tion (PD ) se rver and defines one or more general prefix es to allocate a nd assign addresses to hosts that may be uti lizing IPv6 aut o -address configuration or act[...]

  • Página 1268

    1268 Confi gurin g DHCPv6 Se rver and R elay Sett ings Configuring the DHCPv6 Server a nd Relay (W eb) This section provides information about the OpenManag e Switch Administrator pages for configuring and monitoring the DHCPv6 server on a Dell Networ king N2000, N3000, and N400 0 series switches. F or details ab out the fields on a page, click at [...]

  • Página 1269

    Confi gurin g DHCPv6 Se rver and R elay Sett ings 1269 DHCPv6 Pool Configur ation Use the P ool Configurat ion page to s et u p a p ool o f DH CPv6 para mete rs fo r DHCPv6 clients. The pool is identified with a pool name and contains IPv6 addr esses and domain names o f DNS servers. T o display the page, cl ick Rout ing → IPv6 → DHCPv6 → Po [...]

  • Página 1270

    1270 Confi gurin g DHCPv6 Se rver and R elay Sett ings Figure 39-4. Pool Configur ation 4 Fr o m t h e DNS Server Ad dress menu, selec t an e xist ing DNS Se rver Addr ess to associat e with this pool, or select Add and spec ify a new ser ver to add. 5 Fr o m t h e Doma in Na me menu, select an exi sting domain na me to associate with this pool, or[...]

  • Página 1271

    Confi gurin g DHCPv6 Se rver and R elay Sett ings 1271 Prefix Dele gation Confi guration Use the P refix Deleg ation Configur ation page to configure a delegated pr efix for a pool. At least one p ool must be created using DHCPv6 P ool Configuration before a delegated prefix can be configured. T o display the page, c lick Rout ing → IPv6 → DHC [...]

  • Página 1272

    1272 Confi gurin g DHCPv6 Se rver and R elay Sett ings DHCPv6 Pool Summary Use the Po o l S u m m a r y page to display settings for al l DHCPv6 P ools . At leas t one pool must be created using DHCPv6 P ool Configura tion before the P ool Summary displays. T o display the page, click Rout ing → IPv6 → DHCP v6 → Po o l S u m m a r y in the na[...]

  • Página 1273

    Confi gurin g DHCPv6 Se rver and R elay Sett ings 1273 DHCPv6 Int erface C onfiguratio n Use the DHCPv6 Interface Configu ration page to configure a DHCPv6 interface. T o display the page, cl ick Rout ing → IPv6 → DHCPv6 → Int erface Confi gur ation in the naviga tion panel. The fields that display on t he page depend on the s elected interfa[...]

  • Página 1274

    1274 Confi gurin g DHCPv6 Se rver and R elay Sett ings F igure 39-8 show s the scr een when the sele cted interfac e mode is Server . Figure 39-8. DHCPv6 Interface C onfiguration - Server M ode F igure 39-9 show s the scr een when the sele cted interface mode is Relay . Figure 3 9-9. DHCPv6 Int erface Config uration - R elay Mode[...]

  • Página 1275

    Confi gurin g DHCPv6 Se rver and R elay Sett ings 1275 DHCPv6 Server Bi ndings Summary Use the Ser ver Bindings Summary pag e to disp lay all DHCP v6 ser ver bindin gs. T o display the page, cl ick Rout ing → IPv6 → DHCPv6 → Bi nding s Summary in the navigation panel. Figure 39-10. Server Bindin gs Summary[...]

  • Página 1276

    1276 Confi gurin g DHCPv6 Se rver and R elay Sett ings DHCPv6 Stati stics Use the DHCPv6 Statistics page to displ ay DHCPv6 statis tics f or one or all interfaces. T o display the page, click Rout ing → IPv6 → DHCP v6 → Statistics in t he navigation panel. Figure 39-11. DHCPv6 Stat istics[...]

  • Página 1277

    Confi gurin g DHCPv6 Se rver and R elay Sett ings 1277 Configuring the DHCPv6 Server and Relay (CLI) This section provides information about the commands you use to configure and monitor the DHCP server and address pools. F or more information about the commands, see the Dell Ne tworki ng N2000, N 3000, and N40 00 Series Switches CLI Reference Guid[...]

  • Página 1278

    1278 Confi gurin g DHCPv6 Se rver and R elay Sett ings Configuri ng a DHCPv6 Pool for Speci fic Hosts Beginning in P rivileged EXEC mode , us e the foll owing comm ands to create a pool and/or configure pool parameters for specific DHCPv6 clients. domain -name domai n Set up to five DNS domain names to provid e to a DHCPv6 client by the DHCPv6 serv[...]

  • Página 1279

    Confi gurin g DHCPv6 Se rver and R elay Sett ings 1279 Configuri ng DHCPv6 Inter face Inform ation Beginning in P rivileged EXEC mode, use the following commands to configure an interface as a DHCPv6 serv er or a DHCPv6 r elay agent. The server an d relay funct ionality ar e mutually e xclusive. In o ther wor ds, a VLA N routing interface can be co[...]

  • Página 1280

    1280 Confi gurin g DHCPv6 Se rver and R elay Sett ings Monitorin g DHCPv6 Informati on Beginning in P rivileged EXEC mode, use the following commands to view bind ing s, an d stat isti cs, an d to clear the in fo rmat ion. ipv6 dhcp ser ver pool- name [rapid-commit] [prefe rence pref -value ] Configure DHCPv 6 server functionality on the int erface[...]

  • Página 1281

    Confi gurin g DHCPv6 Se rver and R elay Sett ings 1281 DHCPv6 Configur ation Examples This section contains the following exa mples: • Configu ring a DH CPv6 Stateless Server • Configu ring the DH CPv6 Serv er for Pr efix Delegati on • C onfigur ing an I nterf ace as a DH CPv6 R elay Ag ent Configuri ng a DHCPv6 Statel ess Server This e xampl[...]

  • Página 1282

    1282 Confi gurin g DHCPv6 Se rver and R elay Sett ings 4 Configure the DHCPv6 server function alit y on VLAN 1 00. Cli ents ca n use the preference value to determin e which DHCPv6 serv er to use when multip le servers exist. console(config-if-vlan100)# ipv6 dhcp server my- pool preference 10 console(config-if-vlan100)# ipv6 nd other-config- flag c[...]

  • Página 1283

    Confi gurin g DHCPv6 Se rver and R elay Sett ings 1283 console(config-dhcp6s-pool)# prefix-delegation 2001:DB8:1002::/32 00:01:00:09:f8:79:4e:00:04:76:73:43:76 valid- lifetime 600 preferred-lifetime 400 console(config-dhcp6s-pool)# exit 3 Configu re the DHCPv6 serv er functiona lity on VLA N 200 and specify the pool to us e for DHCPv6 clients. cons[...]

  • Página 1284

    1284 Confi gurin g DHCPv6 Se rver and R elay Sett ings Relay Interface Number.....................Vl100 Relay Remote ID............................ Option Flags...............................[...]

  • Página 1285

    Config uring Di fferentia ted Serv ices 1285 40 Configuring Differentiated Services This chapter describes how to configur e the Differentiated Services (DiffServ) featur e. DiffServ enables traffic to be clas sified into str eams and given certain QoS tr eatment in accord anc e with d efined pe r -hop be havior s. The topics covered in t his chapt[...]

  • Página 1286

    1286 Confi gurin g Differ enti ated Serv ices How Does DiffSer v Functional ity V ary Based on the Role of the Swit ch? How you configure DiffServ support in Dell Networking N2000, N30 00, and N4000 series switches softwa r e varies depending on t he role of the switch in your network: • Edge d evice : An edge d evice handle s ingress traffic, fl[...]

  • Página 1287

    Config uring Di fferentia ted Serv ices 1287 Dell Netw orking N2000, N3 000, and N4000 series swit ches softwar e supports the T raffic Conditioning P olicy type w hich is associat ed wi th an inbound t raffic class an d specifies the ac tions to be perform ed on packets meeting the class rules: – Marking th e packet with a given D SCP , IP pr ec[...]

  • Página 1288

    1288 Confi gurin g Differ enti ated Serv ices Configuring DiffSer v (W eb) This section provides information about the OpenManag e Switch Administrator pages for configuring and monitoring DiffServ featur es on a Dell Networ king N2000, N3000, and N400 0 series switches. F or details ab out the fields on a page, click at the top of the page. DiffSe[...]

  • Página 1289

    Config uring Di fferentia ted Serv ices 1289 Class Confi guration Use the DiffServ Class Configuratio n page to add a new DiffServ class name, or to rename or delete an existing cla ss. To d i s p l a y t h e page, c lick Qualit y of Service → Differentiated Ser vices → Class Config uration in the navigation panel. Figure 40-2. DiffServ Cla ss [...]

  • Página 1290

    1290 Confi gurin g Differ enti ated Serv ices 2 Enter a name for the clas s and select the prot ocol to use for class match criteria. 3 Click Apply to add the new class. 4 T o view a summary of the classes configured on the switch, click Show All . Figure 40-4. View DiffServ Class Summa ry Class Crit eria Use the DiffServ Class Criteria pag e to de[...]

  • Página 1291

    Config uring Di fferentia ted Serv ices 1291 Figure 40-5. DiffServ Cla ss Criteria[...]

  • Página 1292

    1292 Confi gurin g Differ enti ated Serv ices Policy Conf iguratio n Use the Dif fSer v Policy Config urat ion page to associate a colle ction of classes with one or more polic y statements. To d i s p l a y t h e page, c lick Qual ity of Ser vice → Differentiated Services → P olicy Configur ation in the navi gation panel. Figure 40-6. DiffServ[...]

  • Página 1293

    Config uring Di fferentia ted Serv ices 1293 Figure 40-7. Add DiffSe rv Policy 2 Enter the new Po l i c y N a m e . 3 Cli ck Apply to save t he new poli cy . 4 T o view a summa ry of the policies configured on the switch, click Show All . Figure 40-8. View Di ffServ Polic ies[...]

  • Página 1294

    1294 Confi gurin g Differ enti ated Serv ices Policy Clas s Definition Use the DiffServ P olicy Class Definition page to as sociate a class to a policy , and to define at tributes for that policy-class i nstance. To d i s p l a y t h e page, c lick Qual ity of Ser vice → Differentiated Services → P olicy Class Definition in the navigation panel[...]

  • Página 1295

    Config uring Di fferentia ted Serv ices 1295 Figure 40-10. Policy C lass Defin ition Packet Marking T raffic Condition F ollow thes e steps to have packets that match the class criteria for this policy marked with a marked with either an IP DSCP , IP precedence, or CoS value: 1 Select M arking from the T raffic Cond itioning drop-down menu on the D[...]

  • Página 1296

    1296 Confi gurin g Differ enti ated Serv ices Policing T raffic Condition F ollow thes e steps to perform policing on the packets that match this policy class: 1 Sele ct Po l i c i n g from the T raffic Condit ioning drop-do wn menu on the DiffServ P olicy Class Definition page to display t he DiffServ P olicy - Po l i c i n g page. Figure 40-12. P[...]

  • Página 1297

    Config uring Di fferentia ted Serv ices 1297 Service Conf iguration Use the DiffSer v Service Configuration page to activat e a policy on a port . To d i s p l a y t h e page, c lick Qualit y of Service → Differentiated Ser vices → Service Configuration in the navigation panel. Figure 40-1 3. DiffServ Servic e Configuratio n T o view a summary [...]

  • Página 1298

    1298 Confi gurin g Differ enti ated Serv ices Serv ice De taile d Sta tisti cs Use the DiffServ Ser vice Detailed Statistics page to display pack et details for a particular port and class. To d i s p l a y t h e page, c lick Qual ity of Ser vice → Differentiated Services → Service Detailed Stat istics in the navigation panel. Figure 40-15. Dif[...]

  • Página 1299

    Config uring Di fferentia ted Serv ices 1299 Flow-Based Mir roring Use the Flow-Based Mirroring p a g e t o c re a t e a m i r r o r i n g s e s s i o n i n w h i c h t h e traffic that matches t he specified policy and member class is mirrored t o a destination port. To d i s p l a y t h e Flow- Based Mirroring page, c lick Switching → Po r t s [...]

  • Página 1300

    1300 Confi gurin g Differ enti ated Serv ices Configuring DiffSer v (CLI) This section provides information about the commands you use to configure DiffServ s ettings on the switch. F or more information about the commands, see the Dell Net working N2000, N3000, and N40 00 Series Swit ches CLI Reference Guide at support.dell.com/manuals . DiffServ [...]

  • Página 1301

    Config uring Di fferentia ted Serv ices 1301 match cos Add to the specif ied c lass def initi on a ma tch cond ition f or th e Class of Se rvice va lue. match destination-address mac Add to th e spe cified class defini tion a match condi tion based on the dest ination MAC address of a packet. match dstip Add t o the sp ecifie d class defi nition a [...]

  • Página 1302

    1302 Confi gurin g Differ enti ated Serv ices DiffServ Class Config uration for IPv6 Beginning in P rivileged Exec mode, use the following commands to configur e DiffServ class es for IPv6 and view r elated informat ion. match s rcip Add to t he specifie d class de finitio n a match condi tion ba sed on the source IP addr ess o f a packet. match sr[...]

  • Página 1303

    Config uring Di fferentia ted Serv ices 1303 DiffServ Policy Creation Beginning in P rivileged Exec mode, us e the following commands to configure Di ffSer v po lici es an d vie w rela ted info rmat ion . match protocol Add t o the sp ecifie d cla ss def initio n a mat ch condition based on the v alue of the IP P rotocol field in a packet usin g a [...]

  • Página 1304

    1304 Confi gurin g Differ enti ated Serv ices DiffServ Policy Attr ibutes Conf iguratio n Beginning in P rivilege Exec mode, use the following commands to configur e pol icy at tribu tes and v iew rel ated in fo rmati on. CLI Command Desc ription configure Enter g lobal confi gurat ion mo de. policy-map policy-map-name Ente r P olicy Map C onfig ur[...]

  • Página 1305

    Config uring Di fferentia ted Serv ices 1305 conform-color class-map-name [exceed-color class-map-name ] Specify the col or class for color -aware policing . The action for th e policy-class-map inst ance must be set to pol ice-simple befo re is suing the conform- color command . drop Spe cify t hat all packets for the associated traffic stream ar [...]

  • Página 1306

    1306 Confi gurin g Differ enti ated Serv ices DiffServ Service Configur ation Beginning Privilege Exec mode, use the following commands to associate a policy wit h an interface and view rela ted information. CLI Command Description configure Enter Global Configuration mode. servi ce-p olicy {in | ou t} policy-map-name Atta ch a p olicy t o an in te[...]

  • Página 1307

    Config uring Di fferentia ted Serv ices 1307 DiffServ Configuration Examples This section contains the following exa mples: • P roviding Subnets Equal Access to External Network • DiffSe rv for V oIP Providin g Subnets Equal Acc ess to Extern al Network This e xample shows how a net work admini strator can provide equal access to the Internet ([...]

  • Página 1308

    1308 Confi gurin g Differ enti ated Serv ices The following commands show how to configure the DiffServ example depicted in F igur e 40-17. 1 Enable DiffS erv operation for the switch. console# config console(config)# diffserv 2 Create a DiffSer v class of typ e all for each of the depa rtments, and nam e them. Also, define the match criteria—Sou[...]

  • Página 1309

    Config uring Di fferentia ted Serv ices 1309 console(config-policy-map)# class development_dept console(config-policy-classmap)# assign-queue 4 console(config-policy-classmap)# exit console(config-policy-map)# exit 4 Attach th e defined policy to 10-Gigab it Etherne t inte rfac es 1/0/ 1 thro ugh 1/0/ 4 in th e inbo und dir ect ion console(config)#[...]

  • Página 1310

    1310 Confi gurin g Differ enti ated Serv ices DiffS erv for VoIP One of the most valuable uses of DiffServ is to support V oice over IP (V oIP ). V oIP traffi c is inhe ren tly ti me-sens itive: f or a ne twork to prov ide accep table service, a gu aranteed tr ansmission rate is vital. This example shows one way to prov ide the necess ary quali ty [...]

  • Página 1311

    Config uring Di fferentia ted Serv ices 1311 The following commands show how to configure the DiffServ example depicted in F igur e 40-18. 1 Set queue 6 on all ports to use strict priority mo de. This queue shall b e used for all V oIP packets. Ac tivate DiffServ for t he switch. console# config console(config)# cos-queue strict 6 console(config)# [...]

  • Página 1312

    1312 Confi gurin g Differ enti ated Serv ices console(config-policy-classmap)# exit console(config-policy-map)# exit 5 Attach the define d policy to an inbound s ervice int erface. console(config)# interface tengigabitethernet 1/0/1 console(config-if-Te1/0/1)# service-policy in pol_voip console(config-if-Te1/0/1)# exit console(config)# exit[...]

  • Página 1313

    Conf iguring Class -of-Se rvice 1313 41 Configuring Class-o f-Service This chapter describes how to configur e the Class-of -Service (CoS) feature. The CoS queueing feature lets you direct ly configure certa in aspects of switch queueing. This provides the de sir ed QoS behavi or for differ ent types of netw ork t raff ic wh en the compl ex iti es [...]

  • Página 1314

    1314 Confi gurin g Class-of -Servi ce Each ingress port on th e switch has a de fault p riority value (set by configuring VLAN P ort P riority in t he Switching sub-me nu) that determine s the egr ess queue its tra ffic ge ts forwa rded to . P acket s that ar rive w ithout a V LAN use r priori ty , or pack ets from ports yo u’ve id entified as ?[...]

  • Página 1315

    Conf iguring Class -of-Se rvice 1315 How Are T raffic Queues Defined? F or each queu e, you can specify : • Minimu m bandwidth gu arantee—A percentage of the port ’s maximum negotiated bandwid th reserved for the queue. Unreserved bandwidth can be utilized by lower -priority queues. If the sum of the minim um bandwi dth is 100%, t hen ther e [...]

  • Página 1316

    1316 Confi gurin g Class-of -Servi ce • W eighted R andom Early D etection (WRED)—D rops packets queued for transmission selectively based their d rop precedence level. F or each of four drop precedence levels on each W RED-enabled in terface queue, you ca n configure the following paramete rs: – Minimum Threshold: A percentage of the total q[...]

  • Página 1317

    Conf iguring Class -of-Se rvice 1317 IP DSCP value to queue mapping IP DSC P Q ueue 0–7, 24– 31 1 8–23 0 32–47 2 48–63 3 Interface Shaping Rate 0 Kbps Minimum Bandwidth 0% Scheduler T ype W eight ed Queue Management T ype T a ildrop Drop Pr ecede nce Leve l 1 WRED Decay Exponent 9 WRED Minimum Threshold 40 WRED Maximum Th res hold 10 0 WR[...]

  • Página 1318

    1318 Confi gurin g Class-of -Servi ce Configuring CoS (Web) This section provides information about the OpenManag e Switch Administrator pages for configuring and monitoring CoS features on a Dell Networki ng N2000, N3000, and N40 00 series s witches. F or details abo ut the fields on a page, click at the top of the page. Mapping T able Config urat[...]

  • Página 1319

    Conf iguring Class -of-Se rvice 1319 To d i s p l a y t h e Queue Mapping T able for the se lected T rust Mode, click the Show All link at the top of the page. The followi ng figure shows the queue mapping tab le when CoS (802.1p) is s elected as the T rust Mode. Figur e 41-2. DSCP Queue Ma pping T able[...]

  • Página 1320

    1320 Confi gurin g Class-of -Servi ce Interfa ce Configura tion Use the Interface Configuratio n page to define the i nterface shap ing rate for egress pack ets on an interface and the decay exponent for WRED queues defined on the interface. Each interface CoS parameter can be configured globally or per-port. A global configuration change is a ppli[...]

  • Página 1321

    Conf iguring Class -of-Se rvice 1321 Interfa ce Queue Configur ation Use the Interface Queue Configuration page to configure egress queues on interfaces. The settings you configure control the amount of bandwidth the queue uses, the sche duling method, and the queue manageme nt method. The configuration process is simplified by allowing each CoS qu[...]

  • Página 1322

    1322 Confi gurin g Class-of -Servi ce T o access the Inte rfac e Queu e Statu s page , click the Show All link at the top of the page. Interfa ce Queue Drop Preced ence Configur ation Use the Interface Queue D rop P recedence Con figuration page to configure thresholds and scaling values for each of four drop pr ecedence levels on a WRED-enabled in[...]

  • Página 1323

    Conf iguring Class -of-Se rvice 1323 Figur e 41-5. Inter face Qu eue Drop Precedenc e Confi gurati on T o access the Interface Queue Drop Precedence Status page, click the Show All link at the top of the page.[...]

  • Página 1324

    1324 Confi gurin g Class-of -Servi ce Configuring CoS (CLI) This section provides information about the commands you use to configure CoS settings on the switch. F or more informati on about the commands, see the Dell Net working N2000, N3000, and N40 00 Series Swit ches CLI Reference Guide at support.dell.com/manuals . Mapping T able Config uratio[...]

  • Página 1325

    Conf iguring Class -of-Se rvice 1325 CoS Interfa ce Configura tion Commands Beginning in P rivileged Exec mode, use the following commands in to configure the traffic shaping an d WRED exponent values for an interface. Interfa ce Queue Configur ation Beginning in P rivileged Exec mode, use the following commands in to configure and view CoS int erf[...]

  • Página 1326

    1326 Confi gurin g Class-of -Servi ce cos-que ue min-b andwidth bw Spec ify th e min imum tr ansmi ssion b andw idth (r ange: 0-10 0% in 1% inc r em ents) for ea ch inter face que ue. cos-queue strict queue-i d Activate t he strict priority sche duler mode for each spec ified qu eue. T he queue -id value ra nges fro m 0 to 6. cos- queu e rando m-de[...]

  • Página 1327

    Conf iguring Class -of-Se rvice 1327 Configuri ng Interf ace Queue Drop Proba bility Beginning in P rivileged Exec mode, use the following commands in to configure characteristics of the drop probabilit y and view r elated settings. The drop probabilit y supports config uratio n in the range of 0 to 10%, and the discrete values 25%, 50%, and 75%. V[...]

  • Página 1328

    1328 Confi gurin g Class-of -Servi ce CoS Configuration Example F igure 41-6 illustr ates the ne twork ope ration as it r ela tes to CoS mapp ing and queue configuration. F our pack ets arrive at the ingr ess po rt te1/0/ 10 in the order A, B , C, and D. port te1/ 0/10 is configured to trust th e 802.1p field of the packet, which serv es to direct [...]

  • Página 1329

    Conf iguring Class -of-Se rvice 1329 Continuing this example, the egr ess po rt te1/0/8 is confi gured for strict priority on queue 6, and a weighted scheduling scheme is confi gured for queues 5-0. Assuming queue 5 ha s a higher minimum bandwidth than queue 1 (relativ e bandwidth values are shown as a percentage, with 0% indicating the bandwidt h [...]

  • Página 1330

    1330 Confi gurin g Class-of -Servi ce mapping from t he switch defa ults to su pport lossle ss 1 transp ort of fra mes on CoS queue 4, with a 50% minimum bandwidth guarantee. Lossless traffi c classes generally use the default WRR sc heduling mode as oppose d to strict prior ity , to a void s tarving other traffi c. F or example, the following comm[...]

  • Página 1331

    Confi gurin g Auto VoIP 1331 42 Configuring Auto V o IP V oice over Internet Protocol (V oIP) a llows you to make telephone calls using a computer netw ork over a data network like the Internet. W i th the increased prominence of delay-sensit ive applications (voice, video , and other mul time dia a pplic atio ns) d eplo yed in netw orks t oda y , [...]

  • Página 1332

    1332 Confi gurin g Auto VoIP A uto- V oIP is limite d to 16 s essions and mak es us e of the switc h CP U to classify traffic. It is preferable to use the V o ice VLAN feature in larger enterprise environment s as it uses the switching silicon to cla ssify voice traffic onto a VLAN. How Does Auto-V oIP Use ACLs? Au to- V oIP borrows A CL lists from[...]

  • Página 1333

    Confi gurin g Auto VoIP 1333 Configuring Auto V oIP (W eb) This secti on provides information about the O penManage Switch Administrator pages for configuring and monitoring A uto V oIP featur es on a Dell Networking N2000 , N3000, and N4000 series switches. F or details abo ut the fields on a page, click at the top of the page. Auto V oIP Global C[...]

  • Página 1334

    1334 Confi gurin g Auto VoIP Figur e 42-2. Aut o V oIP Interfac e Conf iguration T o display summary A uto V oIP configuration information for all interfaces, click the Show All link at th e top of the pa ge. Figur e 42-3. Aut o V oIP[...]

  • Página 1335

    Confi gurin g Auto VoIP 1335 Configuring Auto V oIP (CLI) This section provides information about the commands you use to configure Auto V oIP setting s on the switch . F or more information about the commands, see the Dell Networking N2000 , N3000, and N4 000 Series Switches CLI Reference Guide at supp ort .dell. com/ manuals . Mapp ing T a ble C [...]

  • Página 1336

    1336 Confi gurin g Auto VoIP[...]

  • Página 1337

    Manag ing IPv4 an d IPv6 Mul ticast 1337 43 Managing IPv4 and IPv6 Multicast This chapter describes how to configur e and monitor layer 3 multicast feature s for IPv4 and IPv6, including glob al IP and IPv6 multicast feat ures as well as multica st protocols, including IGMP , DVMR P , and PIM for IPv4 and MLD and PIM for IPv6. The topics covered in[...]

  • Página 1338

    1338 Managi ng IPv4 an d IPv6 Mult icast recipient host. The IP rout ing protocols can route multicas t traffic, but the IP multi cast p rotoc ols ha ndle th e mult icast t raffi c mor e eff icien tly wi th be tter use of network bandwidth. Applications that often send multicast traffic include video or audio conferencing, Whiteboar d tools, stock [...]

  • Página 1339

    Manag ing IPv4 an d IPv6 Mul ticast 1339 What Multicast Protocols Does the Switc h Support? Multicast protocols are used to deliver multicast packets from one source to multiple r eceivers. T able 43-1 summarizes the multicast p rotocols that the switch supp orts. What Are the Multicast Protoc ol Roles? Host s must have a way to i dent ify thei r i[...]

  • Página 1340

    1340 Managi ng IPv4 an d IPv6 Mult icast When Is L 3 Multic ast Requi red on t he Switch ? Use the IPv4/I Pv6 multicast featu r e on Dell Networki ng series switches to route m ulticas t traff ic betw een VLANs on the swit ch. If all ho sts c onne cte d to the switch are on the same subnet, t her e is no need to configur e the IP/IPv6 multicast fea[...]

  • Página 1341

    Manag ing IPv4 an d IPv6 Mul ticast 1341 F or more information about when to use PIM-DM, see "Using PIM-DM as the Multicast Routing P rotocol" on page 1 352. F or more informa tion about when to use P IM-SM, see "Using PI M-SM as the Multic ast Routing Protocol" on page 1343. F or more information about when to configure D VMRP [...]

  • Página 1342

    1342 Managi ng IPv4 an d IPv6 Mult icast D VMR P , PIM -DM, an d PIM-SM) and have a tree-l ik e top ology , as there is no support for featur es like r e verse pa th fo rwarding (RPF) to cor rect pack et route loops. The proxy contains many downstr eam interfaces and a unique upstr eam interface e xplicitl y configured. It performs the host side of[...]

  • Página 1343

    Manag ing IPv4 an d IPv6 Mul ticast 1343 Wha t Is P IM? The P rotocol Indepe ndent Multicast protocol is a simple, protocol- independent multicast rout ing protocol. PIM uses an exi sting unicast routing table and a Join/P rune/Graft mechanism to build a tr e e. Dell Net working series sw itches suppor t two types o f PIM: sp arse mode (PIM-SM ) an[...]

  • Página 1344

    1344 Managi ng IPv4 an d IPv6 Mult icast candidate RP s to all the PIM routers in the net work. Each PIM router then runs the RP se lection algori thm to determi ne an RP for the gi ven group range. All the interested PIMSM routers then ini tiate re-r eception of traffic through this new RP , an d the multicast traffic is rerouted via the new RP . [...]

  • Página 1345

    Manag ing IPv4 an d IPv6 Mul ticast 1345 • This (*, G ) Join travels hop-by -hop to the RP , building a branch of the Shared T ree that extends from the R P to the last-hop router d irect ly connected to the r eceiver . • At this poin t, group “G” traffic can flow do wn the Sha r ed T ree to th e rec eiv er . Phas e-2: Regi ster Stop Figure[...]

  • Página 1346

    1346 Managi ng IPv4 an d IPv6 Mult icast – The RP sends a sou rce group (S, G) Join back toward s the source to crea te a bran ch of an (S, G) Sh ortest-P ath T r ee (SPT). This resu lts in the (S, G) state bein g cr eated in the entire rou ter pat h along the SPT , including t he RP . Figure 43-3. PIM-SM Sender Registrat ion—Part 2 • As soon[...]

  • Página 1347

    Manag ing IPv4 an d IPv6 Mul ticast 1347 Phas e 3: Short est Path T ree Figure 43-4. PIM-SM SPT—Part 1 • PIM-SM has the capability for last-hop rout ers (i.e., routers wit h dir ectly connected group memb ers) to switch to the Shortest-P ath T ree and bypass the RP . This sw itchover is ba sed upon an implem entation-specific func tion called S[...]

  • Página 1348

    1348 Managi ng IPv4 an d IPv6 Mult icast Figure 43-5. PIM-SM SPT—Part 2 • F inally , special (S, G) RP -bit Prune messages ar e sent up the Shared T ree to prune off t his (S, G) tr affic from the Sh ared T ree. If this were no t done, (S, G) traffic w ould continu e flowing dow n the Shared T ree r esu lting in duplicate (S, G) packets arrivin[...]

  • Página 1349

    Manag ing IPv4 an d IPv6 Mul ticast 1349 Figure 43-6. PIM-SM SPT—Part 3 • At this poin t, (S, G) traffic is now fl owing directly from th e first -hop router to the last-hop router and from there to the receiver . Figure 43-7. PIM-SM SPT—Part 4[...]

  • Página 1350

    1350 Managi ng IPv4 an d IPv6 Mult icast • At th is point, th e RP no lon ger needs th e flow of (S, G) traffic since all branches of the Shared T ree (in this case there is only one) have pruned off the flow of (S, G) traffic. • As a re sult, th e RP will send (S, G) P runes back towa rd the sou rce to shut off the flow of the now unn ecessary[...]

  • Página 1351

    Manag ing IPv4 an d IPv6 Mul ticast 1351 creates a performance problem in that it limits the numb er of packets that can be processed and places a high load on the CP Us in the first hop and RP routers, which can then adversely affect other router functions. Dell Networkin g Optimization s to PIM-SM Dell Ne tworking sw itches pe rform the fo llowin[...]

  • Página 1352

    1352 Managi ng IPv4 an d IPv6 Mult icast sending the encapsulated Regist er messages. This removes the load from the CPU of the first-hop router a nd the RP , as they no longer need to encaps ulate and de-enca psulate reg ister mes sages with multi cast da ta. These optimiza tions significantly reduce the load on first-hop rout ers and RP s to enca[...]

  • Página 1353

    Manag ing IPv4 an d IPv6 Mul ticast 1353 router on its RPF interface, the S tate Refresh message causes an existing prune state to be refreshed. State Refresh messages are generate d periodically by the router dir ectly attached to the source. What Is DVMRP? DV MRP is an interior gatew ay protocol that is suitable for routing multicast traffic with[...]

  • Página 1354

    1354 Managi ng IPv4 an d IPv6 Mult icast Using DVMRP as the Multicast Ro uting Protocol D VMRP is used to communicate multic ast information between L3 switches or routers . If a Dell Networking N2 000, N3000 , and N4000 seri es swit ches handles inter - VLAN routing for IP traffic, i ncluding IP multicast traffic, multicast rout ing might be r equ[...]

  • Página 1355

    Manag ing IPv4 an d IPv6 Mul ticast 1355 Default L3 Multicast V alues IP and IPv6 multi cast is disa bled by def ault. T able 4 3-2 shows th e defau lt values for L 3 multicas t and th e mult icast pr otocols . T able 43-2. L3 Multic ast Defaults Paramete r Default V alue IPv4 Mu lticast De faults L3 Multic ast Admin Mode Disabled Maximum Multicast[...]

  • Página 1356

    1356 Managi ng IPv4 an d IPv6 Mult icast MLD Query Interval 12 5 second s MLD Query Max Response Time 10,0 00 milliseconds MLD Last Member Query Interval 1000 millisec onds MLD Last Member Query Count 2 MLD P roxy Interface Mode Disabled MLD P roxy Unso licited Report Interva l 1 secon d PIM Defau lts PIM P rotocol Disabled globally and on all inte[...]

  • Página 1357

    Manag ing IPv4 an d IPv6 Mul ticast 1357 Configuring General IPv4 Multicast Featur es (W eb) This secti on provides information about the O penManage Switch Administrator pages for configuring and monitoring th e L3 multic ast features that ar e not pro tocol-specifi c on a Del l Networki ng N2000, N3000, and N4000 series switches. F or details abo[...]

  • Página 1358

    1358 Managi ng IPv4 an d IPv6 Mult icast Multicast Interfac e Configurat ion Use the Interfac e Configurat ion page to confi gure the TTL threshold of a multicast interface. At least one VLAN routing interface must be configur ed on the switch befor e fields display on this page. T o display the page, click IPv4 Mu lticast → Multicast → Int erf[...]

  • Página 1359

    Manag ing IPv4 an d IPv6 Mul ticast 1359 Multicast Route T able Use the Rou te T a ble page to view in formation about the multicast r outes in the I Pv4 mult icast rou ting ta ble. T o display the page, cl ick IPv4 Mult icast → Multi cas t → Multica st Rout e Ta b l e Multica st Rout e T able Figure 43-11. Multi cast Route T ab le[...]

  • Página 1360

    1360 Managi ng IPv4 an d IPv6 Mult icast Multicast Admin Boundary Conf igurati on The definition of an administratively scoped boundary is a way to stop the ingres s and egr ess of multicast traffic for a g iven range of multicas t address es on a given routing interface. Use the Admin Boun dary Configurat ion page to configure a new or e xisting a[...]

  • Página 1361

    Manag ing IPv4 an d IPv6 Mul ticast 1361 Multicast Admin Boundary Summar y Use the Admin Boundary Summary page to display e xisting administratively scoped boundaries. T o display the page, cl ick IPv4 Mult icast → Multi cas t → Adm in Bou ndar y Summary in the navigation panel. Figure 43-13. Multica st Admin Bounda ry Summary Multicast Static [...]

  • Página 1362

    1362 Managi ng IPv4 an d IPv6 Mult icast Multic ast Static MRoute Summary Use the Stat ic MRoute Summar y page to disp lay static rout es and their configurations. T o display the page, click IPv4 Mu lticast → Multicast → Stat ic MRoute Summary in the navigation panel. Figure 43-15. Multicast Static MR oute Summary[...]

  • Página 1363

    Manag ing IPv4 an d IPv6 Mul ticast 1363 Configuring IPv6 Multicast Featur es (W eb) This secti on provides information about the O penManage Switch Administrator pages for configuring and monitoring the IPv6 multicast features t hat are not p rotocol-specific on a Dell Networking N2 000, N3000, and N400 0 serie s switches . F or deta ils ab out th[...]

  • Página 1364

    1364 Managi ng IPv4 an d IPv6 Mult icast Configuring IGMP and IGMP Proxy (W eb) This section provides information about the OpenManag e Switch Administrator pages for configuring and monitoring the IGMP and IGMP proxy feat ures on a Dell Networking N2 000, N3000, and N4 000 series switche s. F or details abo ut the fields on a page, click at the to[...]

  • Página 1365

    Manag ing IPv4 an d IPv6 Mul ticast 1365 IGMP Inter face Config uration Use the Interfa ce Configurat ion page to configure and/or display router interface par ameters. Y ou must config ure at leas t one valid routing int erface before you can ac cess this page and configure IP Multicast IGMP . T o display the page, cl ick IPv4 Mult icast → IGMP [...]

  • Página 1366

    1366 Managi ng IPv4 an d IPv6 Mult icast IGMP Inte rface Summary Use the Inte rface Summary page to disp lay IGMP routing par ameters and data. Y ou must configure at least one IG MP router i nterface to access th is page . T o display the page, click IPv4 Mu lticast → IGMP → Routi ng Inter fac e → Interf ace Summary in the nav igation panel.[...]

  • Página 1367

    Manag ing IPv4 an d IPv6 Mul ticast 1367 Figure 43-20. IGMP Ca che Infor mation[...]

  • Página 1368

    1368 Managi ng IPv4 an d IPv6 Mult icast IGMP Inte rface Source Li st Infor mation Use the Source List Infor mation page to display detailed membership information for an interfac e. Group membership r eports must have been receiv ed on the selected interface for data to d isp lay information. T o display the page, click IPv4 Mu lticast → IGMP ?[...]

  • Página 1369

    Manag ing IPv4 an d IPv6 Mul ticast 1369 IGMP Proxy Inte rface Confi guration The IGMP Proxy is used by IGMP Router (IPv4 system) to enab le the system to issue IGM P host messages on behalf of hos ts that the sy stem discover ed through standard IGMP router interfaces . Thus, thi s feature acts as proxy to all hosts r esiding on its router interfa[...]

  • Página 1370

    1370 Managi ng IPv4 an d IPv6 Mult icast IGMP Proxy Con figuration Summar y Use the Con figur ation Summa ry page to di splay proxy in terface configurations by interface. Y ou must have configur ed at least one VLAN rout ing inter face conf igured b efore d ata di spla ys on th is pa ge. T o display the page, click IPv4 Mu lticast → IGMP → Pr [...]

  • Página 1371

    Manag ing IPv4 an d IPv6 Mul ticast 1371 IGMP Proxy Inte rface Membershi p Info Use the Inter fac e Mem bers hip I nfo page to dis play i nterface member ship data for a specif ic IP multicast group a ddress. Y ou must have configur ed at least one VLAN routing interface before you can display interface membership information, and i t should not be[...]

  • Página 1372

    1372 Managi ng IPv4 an d IPv6 Mult icast Detailed IGMP Proxy Interf ace Membersh ip Info rmation Use the Interface Membership Info Detailed page to display detailed interface membership data. Y ou must have configured at lea st one VLAN routing interface befor e you can display detailed interface membership information, and i t should not be an IGM[...]

  • Página 1373

    Manag ing IPv4 an d IPv6 Mul ticast 1373 Configuring MLD and MLD Pro xy (W eb) This secti on provides information about the O penManage Switch Administrator pages for configuring and monitoring the MLD and MLD proxy features on a Dell Networking N2000, N3000, and N4 000 series switche s. F or details ab out the fields on a page, click at the to p o[...]

  • Página 1374

    1374 Managi ng IPv4 an d IPv6 Mult icast MLD Routin g Inter face Configur ation Use the Interface C onfiguration page to enable selected IPv6 router interfaces to di scover the presence of multicas t listeners, the nodes who wish to receive the mu lticas t data packets, on its directly at tached inter faces. T o access this page, click IP v6 Multic[...]

  • Página 1375

    Manag ing IPv4 an d IPv6 Mul ticast 1375 MLD Routing Interf ace Summary Use the Int erface Summ ary page to displ ay informati on and statistics on a selected MLD-e nabled interface. Y ou must configure at least one IGMP VLAN routing interfa ce to access this page. T o access this page, cli ck IPv 6 Mul ticast → MLD → Routi ng In terf ace → I[...]

  • Página 1376

    1376 Managi ng IPv4 an d IPv6 Mult icast re ceive d on the select ed inte rfac e in or der f or data to b e displa yed her e. T o access this page, click IP v6 Multica st → MLD → Rou t in g I nt e r fa ce → Cache Informatio n in the navigation panel. Figur e 43-29. MLD Ro uting In terf ace Cach e Inform atio n MLD Routing Int erface Sourc e L[...]

  • Página 1377

    Manag ing IPv4 an d IPv6 Mul ticast 1377 MLD T raffic The MLD T r affic pa ge disp lays summ ary st atis tics o n the ML D mes sage s sent to and f rom the route r . T o access this page, cli ck IPv 6 Mul ticast → MLD → Routi ng In terf ace → MLD T r affic in the naviga tion panel. Figure 43 -31. MLD T raffic[...]

  • Página 1378

    1378 Managi ng IPv4 an d IPv6 Mult icast MLD Proxy Config uration When you configure an interface in MLD proxy mode, it ac ts as a proxy multicast ho st that se nds MLD membership r eports on one VL AN interface for MLD Membership r eports r eceived on all other MLD-enabled VLAN rou ting int erfa ces. Use the Interfac e Configurat ion page t o enab[...]

  • Página 1379

    Manag ing IPv4 an d IPv6 Mul ticast 1379 MLD Proxy Config uration Summar y Use the Configuration Summ ary page to vie w configuration and stat istics on MLD proxy-enabled interfaces. T o display this pa ge, click IPv6 Multicas t → MLD → Pr o x y I n t e r f a c e → Configuration Summary i n the naviga tion panel. Figure 43-33. MLD Proxy Con f[...]

  • Página 1380

    1380 Managi ng IPv4 an d IPv6 Mult icast MLD Proxy Inte rface Memb ersh ip In format ion The Inte rface Member ship Informati on page list s eac h IP mu ltic ast g roup for which the MLD proxy interface has r eceived membershi p reports. T o display th is page, click IPv6 Mu lticas t → MLD → Pro x y in t e rf a c e → Interface Members hip Inf[...]

  • Página 1381

    Manag ing IPv4 an d IPv6 Mul ticast 1381 Detailed MLD Pro xy Interf ace Membership Infor mation The Interface Membership Inform ation Detailed page provides additional information about the IP multicas t groups f or which the MLD pr oxy interface has received me mbership r eports. T o display thi s page, click IPv6 Multicast → MLD → Pro x y In [...]

  • Página 1382

    1382 Managi ng IPv4 an d IPv6 Mult icast Configuring PIM for IPv4 and IPv6 (W eb) This section provides information about the OpenManag e Switch Administrator pages for configuring and monitoring PI M-SM and PI M-DM for IPv4 and IPv6 multicas t routing on a Del l Networking N2000, N3 000, and N4000 series switches . F or de tails about the fields o[...]

  • Página 1383

    Manag ing IPv4 an d IPv6 Mul ticast 1383 PIM Global Stat us Use the Global Status page to vi ew the administrativ e status of PIM-D M or PIM-SM on the sw itch. T o display the page, cl ick IPv4 Mult icast → PIM → Glob al Stat us or IPv6 Multicast → PIM → Global St atus in the navi gation panel. Figure 43 -37. PI M Global Status[...]

  • Página 1384

    1384 Managi ng IPv4 an d IPv6 Mult icast PIM Interf ace Configura tion Use the Interfac e Configurat ion page to configur e specific VLAN routing interfa ces with PIM. To d i s p l a y t h e p a g e , c l i c k IPv4 Multicast → PIM → Interfa ce C onfig urat ion or IPv6 M ulticast → PIM → Interfa ce Configur ation in the nav igati on panel. [...]

  • Página 1385

    Manag ing IPv4 an d IPv6 Mul ticast 1385 PIM Inter face Summary Use the Int erface Summ ary page to dis play a PIM-en abled VLAN routin g interface int erface and its se ttings. T o display the page, cl ick IPv4 Mult icast → PIM → Interface Summary or IPv6 M ulticast → PIM → Interf ace Summ ary in the navigation panel. Figure 43 -39. PIM In[...]

  • Página 1386

    1386 Managi ng IPv4 an d IPv6 Mult icast Candidate RP Conf iguration The Candidate RP is configur ed on the Add Candidate RP page . Use the Candidate RP Co nfiguration page to display and delete the configured rendezvous points (RP s) for each port using PIM. T o access the page, click IPv4 Mul ticast → PIM → Candidate RP Configur ation or IPv6[...]

  • Página 1387

    Manag ing IPv4 an d IPv6 Mul ticast 1387 Figure 43-41. Add Can didate RP 3 Select th e VLAN interface for w hich th e Cand idate RP is to be configured. 4 Enter the group a ddre ss trans mitted in Candidat e-RP -Adve rtise ments. 5 Enter the pr efix length t ransmi tted in Ca ndidat e-RP -Adve rtise ments to fully identify the scope of the group w [...]

  • Página 1388

    1388 Managi ng IPv4 an d IPv6 Mult icast Static RP Conf iguration Use the St atic RP Con figu ration page to display or remove the configur ed RP . The page also allows adding new static R P s by clicking the Add button. Only one RP addr ess can be used at a t ime within a PIM domain. If th e PIM domain uses the BSR to dynamically lear n the RP , c[...]

  • Página 1389

    Manag ing IPv4 an d IPv6 Mul ticast 1389 Figure 43-43. Add Stat ic RP 3 Enter the IP add r ess of the RP for the grou p range. 4 Enter th e group addr ess of the RP . 5 Enter th e group mask of the RP . 6 Check the Override option to conf igur e the stat ic RP to over ride the dynamic (candida te) RP s learne d for same grou p ranges. 7 Cli ck Appl[...]

  • Página 1390

    1390 Managi ng IPv4 an d IPv6 Mult icast SSM Range Configurat ion Use this page to display or remove the Sour ce Specific Multicast (SSM) group IP address a nd group mask for the PIM router . T o display the page, click IPv4 Mu lticast → PIM → SSM Range Configur ation or IPv6 M ulti cast → PIM → SSM Range C onfiguration . Figure 43 -44. SSM[...]

  • Página 1391

    Manag ing IPv4 an d IPv6 Mul ticast 1391 Figure 43 -45. Add SSM Ran ge 3 Click the A dd Default SSM R ange check box to a dd the default SSM Range. The defau lt SSM R ange is 232. 0.0.0/8 fo r IPv4 multic ast and ff3x::/32 for IPv6 multicast. 4 Enter the SSM Group IP Address. 5 Enter th e SSM Group Mask (IPv4) or SSM P refix Length (IPv6). 6 Cli ck[...]

  • Página 1392

    1392 Managi ng IPv4 an d IPv6 Mult icast BSR Candidate Con figuration Use this pag e to configur e information to be used if the interface is selected as a boot strap router . T o display the page, click IPv4 Mu lticast → PIM → BSR Candidat e Configur ation or IPv6 M ulti cast → PIM → BSR Candidat e Configuration . Figure 43-46. BSR Cand id[...]

  • Página 1393

    Manag ing IPv4 an d IPv6 Mul ticast 1393 BSR Candidate Summar y Use this page to display infor mation about the configured BSR ca ndidates. T o display this page, click IPv4 Mult icast → PIM → BSR Candi date S umma ry or IPv6 M ulticast → PIM → BSR Elected Summary . Figure 43-47. BSR El ected Summary[...]

  • Página 1394

    1394 Managi ng IPv4 an d IPv6 Mult icast Configuring DVMRP (W eb) This section provides information about the OpenManag e Switch Administrator pages for configuring and monitoring D VMRP on a Dell Networki ng N2000, N3000, and N40 00 series s witches. F or details abo ut the fields on a page, click at the top of the page. DVMRP Global Confi guratio[...]

  • Página 1395

    Manag ing IPv4 an d IPv6 Mul ticast 1395 DVMRP Interfac e Configuratio n Use the Interfa ce Configurat ion page to configure a D VMRP VLAN routing interface. Y ou must configure at least on e router interface before you configure a D VMRP interface. Otherwis e you see a message telling you that no router interfaces are avai lable, and the configura[...]

  • Página 1396

    1396 Managi ng IPv4 an d IPv6 Mult icast DVMRP Configurat ion Summary Use the Con figur ation Summa ry page to display the DVMRP configuration and data for a selected interface. Y o u must configure at least one VLAN routing interface befor e you can display dat a for a DV MRP interface. Otherwise you see a message telling you that no VLAN router i[...]

  • Página 1397

    Manag ing IPv4 an d IPv6 Mul ticast 1397 DVMRP Next Hop Summary Use the Nex t Hop Su mmary page to display the next hop summary by Source IP . To d i s p l a y t h e p a g e , c l i c k IPv 4 Mul ticas t → DVM R P → Ne xt Hop Summa ry in the navigation panel. Figure 43 -51. DVMRP Next Hop Summary[...]

  • Página 1398

    1398 Managi ng IPv4 an d IPv6 Mult icast DVMRP Prune Summary Use the Pr u ne S u m ma r y page to display t he prune summary by Group IP . T o display the page, click IPv4 Mu lticast → DV MR P → Pr u n e S u m m a r y in the navigation panel. Figure 43-52. DVMRP Prune Summary DVMRP Route Summary Use the Rout e Su mmar y page to di splay th e D [...]

  • Página 1399

    Manag ing IPv4 an d IPv6 Mul ticast 1399 Configuring L3 Multicast Features (CLI) This section provides information about the commands you use to configure general IPv4 multicas t settings on the sw itch. F or more in formation abou t the commands, see the Dell Networking N2000 , N3000, and N4 000 Series Switches CLI Reference Guide at supp ort .del[...]

  • Página 1400

    1400 Managi ng IPv4 an d IPv6 Mult icast exit Exit to Global Config mode. exit Exit to P rivileged EXEC mode. show ip multicast Vie w syst em-wid e mult icas t infor mati on. show ip mcast boundary { vlan vla n-id | al l } View all the conf igured admi nistrativ e scoped multicas t boun dari es. show ip mcast mro ute {detail | summary} View a summa[...]

  • Página 1401

    Manag ing IPv4 an d IPv6 Mul ticast 1401 Configuri ng and V iewing IPv6 Multicast Route In formation Beginning in P rivileged EXEC mode, use the following commands to configure st atic IPv6 multicas t routes on the switch and to v iew IPv6 mult icas t table infor mat ion. Command Pu rpose configure Enter global configuration mode. ip multicast Enab[...]

  • Página 1402

    1402 Managi ng IPv4 an d IPv6 Mult icast Configuri ng and V iewin g IGMP Beginning in P rivileged EXEC mode, use the following commands to configure IGMP on the switch and on VLAN rout ing interfaces and to v iew IGMP information. Comm and Pur pose configure Enter g lobal confi gurat ion mo de. ip multicast Enable IPv4/IPv6 multica st routing. ip i[...]

  • Página 1403

    Manag ing IPv4 an d IPv6 Mul ticast 1403 ip igmp startup- query- count count Set the number of queries sent ou t on startup —at interva ls equal to t he start up query interv al for the interfa ce. The range for coun t is 1– 20. ip igmp last-member- query-interval tent hsofseco nds Configure the Maximum Response Time insert ed in Group-Specif i[...]

  • Página 1404

    1404 Managi ng IPv4 an d IPv6 Mult icast Configuri ng and V iewin g IGMP Prox y Beginning in P rivileged EXEC mode, use the following commands to configure the upstr eam VLAN routing in ter face as an I GMP p roxy . T he IGMP proxy is sues host messa ges on behalf of the hosts that have been discover ed on IGMP -enabled interfaces. The upstr eam in[...]

  • Página 1405

    Manag ing IPv4 an d IPv6 Mul ticast 1405 Configuri ng and V iewing MLD Beginning in P rivileged EXEC mode, use the following commands to configure MLD on the switch and on VL AN routing interfaces and to vie w IGMP information. Comman d Purpose configure E nter glo bal confi guration mode. ip multicast E nable IPv 4/IPv6 multi cast routin g. ipv6 m[...]

  • Página 1406

    1406 Managi ng IPv4 an d IPv6 Mult icast Configuri ng and V iewin g MLD Proxy Beginning in P rivileged EXEC mode, use the following commands to configure the upstr eam VLAN routing interface as an ML D proxy . The MLD proxy issue s host messages on behalf of the hosts that have been discover e d on the down stream ML D-enabled interface s. The upst[...]

  • Página 1407

    Manag ing IPv4 an d IPv6 Mul ticast 1407 Configuri ng and Vi ewing PIM-DM for IPv 4 Multicast Routing Beginning in P rivileged EXEC mode, use the following commands to configure P IM-DM for IPv4 multicast routing on the switch and on V LAN routing interfaces and to view PIM-DM information. show ipv6 mld-proxy View a sum mary of the host int erface [...]

  • Página 1408

    1408 Managi ng IPv4 an d IPv6 Mult icast Configuri ng and Vi ewing PIM-DM for IPv 6 Multicast Routing Beginning in P rivileged EXEC mode, use the following commands to configure PIM-DM for IPv6 multicas t routing on the switch and on VLAN routing interfaces and t o view PIM-DM information. show ip pim interface vlan vlan-id Vi ew the PI M-DM inf or[...]

  • Página 1409

    Manag ing IPv4 an d IPv6 Mul ticast 1409 show ipv6 pim interface vlan vlan-id View the PIM informati on for the speci fied inter face. show ipv6 pim neighbor [ interface vlan vlan-id | al l ] View a summary or all the details of the mu lticast tabl e. Comman d Purpose[...]

  • Página 1410

    1410 Managi ng IPv4 an d IPv6 Mult icast Configuri ng and Vi ewing PIM-SM for IPv 4 Multicast Routing Beginning in P rivileged EXEC mode, use the following commands to configure PIM-SM for IPv4 multicast routing on the switch and on VLAN routing interfaces and t o view PIM-SM information. Command Purp ose configure En ter glo bal c onfigur ation m [...]

  • Página 1411

    Manag ing IPv4 an d IPv6 Mul ticast 1411 ip pim rp-ca ndidate vla n vlan-id group-address g roup- mask [ interval interv al ] Config ure the router to adverti se itsel f to the BSR route r as a PIM candida te Rendezvo us P oi nt (RP) for a s pecific mu lticast g roup rang e. • vlan-id — A valid VLAN ID. • grou p-ad dre ss — Group IP add res[...]

  • Página 1412

    1412 Managi ng IPv4 an d IPv6 Mult icast Configuri ng and Vi ewing PIM-SM for IPv 6 Multicast Routing Beginning in P rivileged EXEC mode, use the following commands to configure PIM-SM for IPv6 multicast routing on the switch and on VLAN routing interfaces and t o view PIM-SM information. exit Exit to Global Confi g mode. exit Exit to P rivileged E[...]

  • Página 1413

    Manag ing IPv4 an d IPv6 Mul ticast 1413 ipv6 pim bsr-candidate vlan vlan-id hash-mask-l ength [ pri orit y ] [ interval interval ] Conf igure the swi tch to annou nce its ca ndidacy as a bootstrap router (BSR) • vlan-id — A valid VLAN ID. • hash -mas k-leng th — The lengt h of a mask that is to be ANDed with the group address before the ha[...]

  • Página 1414

    1414 Managi ng IPv4 an d IPv6 Mult icast ipv6 pim ssm { default | group-address/prefix-len gth } Define th e Source Specifi c Multicast (SSM) ran ge of IPv6 multic ast addr esses. • defa ult — Defines the SSM range access list to FF3x:: /32. • group-a ddress/prefix- length — defi nes the SSM ran ge. interface vlan vla n-id Ente r Inte rface[...]

  • Página 1415

    Manag ing IPv4 an d IPv6 Mul ticast 1415 show ipv6 pim rp-hash groupaddr View the RP rou ter being selec ted for the spe cified multicast group addr ess from the set of active RP route rs. The RP router fo r the group is selected by using a hash algori thm. show ipv6 pim bsr-router View the bootstrap rout er (BS R) informati on. show ipv6 pim rp ma[...]

  • Página 1416

    1416 Managi ng IPv4 an d IPv6 Mult icast Configuri ng and V iewing DVMRP I nformation Beginning in P rivileged EXEC mode, use the following commands to configure D VMRP on the switch and on VLAN routing interfaces and t o view DV M R P in f o r m a t i on . Command Pu rpose configure Enter global configuration mode. ip dvmrp Enable DVMRP on the swi[...]

  • Página 1417

    Manag ing IPv4 an d IPv6 Mul ticast 1417 L3 Multicast Configuration Examples This section contains the follo wing configuration examp les: • Configu ring Multicast VLAN Routing W it h IGMP and PIM-SM • Configurin g D VMR P Configuri ng Multicast VLAN Rout ing With IGMP and PIM-SM This e xample describes how to con figur e a Dell Networking swit[...]

  • Página 1418

    1418 Managi ng IPv4 an d IPv6 Mult icast Figure 43 -54. IPv4 Multicast VLAN Rou ting In addition to multicast configuratio n, this examp le includes commands to configure STP and OSPF on L 3 Switch A. STP is configured on the ports that connects the switch to other switches. OSPF is c onfigured to route unicast traffi c betwe en the VL ANs and P IM[...]

  • Página 1419

    Manag ing IPv4 an d IPv6 Mul ticast 1419 console# configure console(config)# no ip igmp snooping console(config)# no ipv6 mld snooping console(config)# vlan 10,20 console(config-vlan10,20)# exit 2 Configu re port 23 and 24 as trunk ports. console(config)# interface te1/0/23 console(config-if-Te1/0/23)# switchport mode trunk console(config-if- Te 1/[...]

  • Página 1420

    1420 Managi ng IPv4 an d IPv6 Mult icast console(config-if-vlan20)# exit 8 Globa lly enabl e IP mul ticast, IG MP , and PI M-SM o n the sw itch. console(config)# ip multicast console(config)# ip igmp console(config)# ip pim sparse 9 Configure VLAN 10 as the R P and sp ecify the range of m ulticast group s for PIM-S M to control . The 239.9. x.x add[...]

  • Página 1421

    Manag ing IPv4 an d IPv6 Mul ticast 1421 Configuri ng DVMRP The foll owing example configures two DVMRP inte rfaces on th e switc h to enab le in ter- VL AN mul tica st rou ting . T o configure the switch: 1 Global ly enab le IP rout ing and I P multic ast. console# configure console(config)# ip routing console(config)# ip multicast 2 Glob ally ena[...]

  • Página 1422

    1422 Managi ng IPv4 an d IPv6 Mult icast[...]

  • Página 1423

    Featu re Limitati ons and Pl atform C onstants 1423 A Feature Limitatio ns and Platfo rm Constants • T ab le A-1 lis ts the feat ure limitation s and T able A-2 lis ts the pla tform consta nts for the Dell Networ king s witches. T able A -1. F eature Limi tations Feature N2000 Series N3000 Serie s N4000 Series Base s oftwar e fe atures Link De pe[...]

  • Página 1424

    1424 Featur e Limi tations and P latfor m Cons tants IP Helper Ma x entri es 6 4 512 51 2 Metr o Etherne t features Dot1ag Max number of domai ns Max n umber of MA's per doma in Max n umber of MA's Max number of RMEP's Max number L TR entri es – – – – – – – – – – 8 256 256 512 256 Manageme nt featu res HTTP M ax S[...]

  • Página 1425

    Featu re Limitati ons and Pl atform C onstants 1425 Authentica tion HT TP li sts Max Count Max m ethod s per list Max name lengt h 1 6 15 1 6 15 1 6 15 Authentica tion HT TPS li sts Max Count Max m ethod s per list Max name lengt h 1 6 15 1 6 15 1 6 15 Authentica tion Dot1x lists Max Count Max m ethod s per list Max name lengt h 1 6 15 1 6 15 1 6 1[...]

  • Página 1426

    1426 Featur e Limi tations and P latfor m Cons tants Lo gi n H is to ry 50 50 50 QoS f eature s iSCSI Max Mon ito red TCP P ort s/ IP Addresses Max Se ssi ons Max Connections 16 1024 1024 16 1024 1024 16 252 252 Stac king fe ature s Max physical units per stack 12 12 12 Max physical slots per u nit 3 3 3 Max physical ports per slot 52 52 58 Max phy[...]

  • Página 1427

    Featu re Limitati ons and Pl atform C onstants 1427 T abl e A-2. Platfor m Const ants Feature N2000 Series N3000 Se ries N4000 Series MA C addr esses a ssigne d per s ystem 4 4 4 Reference CP U ARM Corte x A9 ARM Cortex A9 NetL ogic XLP3 08L Referenc e CPU speed 1 GHz 1 GHz 1. 2 GHz Refer ence R AM 1 Gbyte 1 Gbyte 2 Gbyte DDR3 Reference Flash 256 M[...]

  • Página 1428

    1428 Featur e Limi tations and P latfor m Cons tants Static filter en tries Unicast M AC and source port Mult ic ast MAC and sou rc e por t Mult ic ast MAC and des ti nat ion por t (only) 1 1 1024 1 1 1024 1 1 2048 Number of subnet-b ased VLANs supported 128 128 12 8 P rotocol-based VLANs Max number of gr oups Max p rotocols 128 16 128 16 128 16 Ma[...]

  • Página 1429

    Featu re Limitati ons and Pl atform C onstants 1429 Po r t M A C l o c k i n g Dyn amic ad dresse s per port Static addresses per port 600 100 600 100 600 100 sFlo w Number of samp lers Num ber of pollers Number of recei vers 672 672 8 672 672 8 816 816 8 RAD I US Max A uthen tication serve rs Max Accounting ser vers 32 32 32 32 32 32 Numbe r of ro[...]

  • Página 1430

    1430 Featur e Limi tations and P latfor m Cons tants Tu n n e l s Number of co nfigured v6 -over-v4 tunnel s Number of a utomatic ( 6to4) t unnels Number 6t o4 next hops N/A N/A N/A 8 1 16 8 1 16 DHCP server Max num ber of pools T otal max leases 16 256 16 256 16 256 DNS client Concurrent reques ts Name ser ver en trie s Search li st entr ies Stati[...]

  • Página 1431

    Featu re Limitati ons and Pl atform C onstants 1431 IP Multicast Number o f IPv4 /IPv 6 Multi cast Fo r w a r d i n g E n t r i e s IGMP G roup Membe rs hip s pe r sy st em DV MR P N e i g h b o r s PIM- DM Neighbo rs PIM- SM Neighbo rs PIM-SM Static RP entri es PIM-SM C andidate RP G roup Range entri es PIM-SM SSM range entries IGMP Sources proces[...]

  • Página 1432

    1432 Featur e Limi tations and P latfor m Cons tants CoS Device Characteristics Configurable Queues per port (stacki ng/nons tacking) Con figurable Drop P re ceden ce levels 7/8 3 7/8 3 7/8 3 DiffServ Device Li mits Number of q ueues (stacki ng/nons tacking ) Max Rule s pe r Cl as s Max I nsta nce s pe r P oli cy Max A ttr ib utes per In sta nce Ma[...]

  • Página 1433

    Syste m Proc ess De finitio ns 1433 B System Process Definit ions The following proce ss/thr ead definitions are intended to assist the e nd user in troublesho oting switch issues . Only the most ofte n seen thr eads/process es ar e listed here. Other processes or threads may be seen occasionally but are not a cause for concern. T abl e B-1. S yste[...]

  • Página 1434

    1434 System P rocess Defi nitions bcmXG S3AsyncT ask BCM system task: SDK XGX3 hw task BootP Boot Loader boxs Req Box Servic es Request (temperature, power , fan ) boxs Resp Box Services Respon se (temperature, power , fan) boxs Timer Box Services Respon se (temperature, power , fan) cdaFftpT as k Code Distribution Admin istrator FTP task cdaStatus[...]

  • Página 1435

    Syste m Proc ess De finitio ns 1435 Dot1s tr anspo rt task dot1s _helper _task dot1 s_tas k dot1 s_tim er_tas k Spanni ng T ree ta sks dot1xT ask dot1x TimerT ask 802. 1x authe ntic ation tas ks dot3ad _core_tas k dot3ad_cor e_ac_task dot3a d_help er_task dot3ad _timer _task Link aggregationt tasks dtlA ddrT ask dtlT ask Device T ran sform Layer - [...]

  • Página 1436

    1436 System P rocess Defi nitions hapiBpduT xT as k hapiL2A syncT as k hapiL2F lushT a sk hapiL3A syncT as k hap iLinkS tatus T ask hapiMcAsy ncT ask hapiRxT ask hapiTxT ask High Level AP I - SD K Int egrat ion La yer hpcBroadRpcT ask SDK Re mote messaging task. ip6MapExceptionDataT ask ip6MapLocalDataT ask ip6MapNb rDiscT a sk ip6Map P roces singT[...]

  • Página 1437

    Syste m Proc ess De finitio ns 1437 mcastMapT ask mgmdMapT ask Multicast Mappi ng T asks mvrT ask MV R Message Handler nim_t Network I nterface Manager osapiMonT ask System T ask Monitor osapiTimer Application timer s ervice osapiWdT ask Hardware wat chdog timer service OSPF mapping T as k OSPF P roto OSPFV3 mapping T as k OSPFV3 recvmsg T ask OSPF[...]

  • Página 1438

    1438 System P rocess Defi nitions simPts_tas k System Interface Manage r (time zone, sys tem name, service po rt config, file transf ers, ...) SNMPCTT ask SNMPSaveCfgT as k SNMPT ask SNMPT r apT ask SNMP T asks snoopT ask IGMP/MLD Snooping packet processing SNTP SNTPC SNTP tasks spmT ask Stack port manager - stacking control plane packet processing[...]

  • Página 1439

    Syste m Proc ess De finitio ns 1439 tJobT as k VxW or ks T ask tL7Timer0 Syste m Timer tL ogT ask System LOG proc essing tNet0 VxW orks Netw ork dri ver T ransferT ask TFTP P rocess ing t r a p Ta s k Tr a p h a n d l e r tRipT as k RIP Routing tRtrD iscProcessi ngT ask Router Di scover y packet proce ssing tTffsPT ask VxW orks T rue Flash F ile Sy[...]

  • Página 1440

    1440 System P rocess Defi nitions[...]

  • Página 1441

    Index 1441 Index Numerics 10GBase- T co pper uplink mod ule, 1 19 802.1p see CoS queui ng A AAA, 207 access lines, 239 access profiles, 63 accounting, 214 ACLs A u t o - V o i p u s a g e , 1332 binding configuration, 6 0 9 CLI configuration, 6 1 2 configuration steps, 5 9 1 d e f i n e d , 583 e x a m p l e s , 628 iSCSI usage, 4 6 1 limita tions,[...]

  • Página 1442

    1442 Index CL I con figur atio n, 4 0 2 d e f a u l t s , 400 d e f i n e d , 389 D H C P , 405 configuration file, 3 9 5 i m a g e , 395 IP address, obtaining , 3 9 4 e x a m p l e , 403 files setup fi le, 3 9 2 USB, 3 9 0 files, managing, 3 9 8 IP address lookup, 3 9 1 MAC addr e ss lookup, 3 9 1 stoppi ng, 3 9 8 u s i n g a U S B d e v i c e , 4[...]

  • Página 1443

    Index 1443 localization, 5 4 7 u n d e r s t a n d i n g , 543, 546 user logout mode, 5 4 7 users, R ADIUS server , 5 5 8 web -bas ed c onf igu rati on, 5 5 0 cards configuration, 3 0 1 supported, 3 0 3 CDP , interoper abili ty throug h ISDP , 60 certificates, 363 CFM, 859 checkpointing, 179 Cisco p rotocol filter ing, 76 CLI accessing the switch, [...]

  • Página 1444

    1444 Index D DAI d e f a u l t s , 885 optional features, 8 8 4 p u r p o s e , 885 understanding, 8 8 4 data center and DHCP sn ooping, 9 1 0 and NSF , 1 9 9 SDM temp late, 2 8 1 data center bridg ing exch an ge , 75 Data Center Bridg ing Exchange protoco l, 992 date, se tting, 311 daylight saving time, 280 DCBX and iSCSI, 4 6 4 DCBx, 992 defaul t[...]

  • Página 1445

    Index 1445 e x a m p l e s , 1281 pool, 1 2 6 6 p r e f i x d e l e g a t i o n , 1266 r e l a y a g e n t , c o n f i g u r i n g , 1283 r e l a y a g e n t , u n d e r s t a n d i n g , 1266 sta tel ess s erve r c o n f i g u r i n g , 1281 sta tel ess s erve r , u n d e r s t a n d in g , 1266 u n d e r s t a n d in g , 1265 dhcpv6, 1265 DHCPv6 [...]

  • Página 1446

    1446 Index log messages, 2 7 2 enable authentication, 211 energy dete ct mode, 69, 478 Ener gy Effi cient Ethe rnet , 69 energy saving s, port, 47 8 enhanced tran smission selection, 75, 999 EqualL ogic and iSCSI, 463 error messages, CL I, 141 EtherT ype numbers, common, 592 ex ec authorization, 212 expansion slots, 284 F failover , 62 failover , s[...]

  • Página 1447

    Index 1447 VLAN guest, 5 3 3 GVRP , 650 statistics, 42 1 H Har dware descriptio n, 91, 102, 115 head of line b locking prevention, 71 health, system, 251 help, accessing web-b ased, 139 hierarchical authentication, 578 host name, 279 host name mappi ng, 148 I IAS d a t a b a s e , 518 understanding, 5 1 1 users, 5 2 5 icons, web-based interface, 13[...]

  • Página 1448

    1448 Index IGMP snooping, 87 d e f a u l t s , 814 querier , 8 8 querier , d efined, 8 0 7 understanding, 8 0 5 image activati ng, 3 7 5 auto configuration, 3 9 5 auto install, 3 9 2 considerations, 3 6 4 d e f i n e d , 359 downloading, 3 7 5 management, CLI, 3 7 5 management, web-based, 3 6 7 p u r p o s e , 361 in- band mana geme nt, 14 9 interf[...]

  • Página 1449

    Index 1449 tunnel, 8 4 IPv6 ACL configuration, 606 IPv6 interface c o n f i g u r i n g , 1242 IPv 6 ma nage ment, 58 IPv6 multicast web -bas ed c onf igu rati on, 1 3 6 3 IPv6 routing CLI configuration, 1 2 5 6 d e f a u l t s , 1243 features, 8 5 u n d e r s t a n d in g , 1241 web -bas ed c onf igu rati on, 1 2 4 5 IRDP , configuring, 1081 iSCSI[...]

  • Página 1450

    1450 Index LED 100/100 0/10000Ba se- T port, 9 7 , 109, 121 p o r t , 119 S F P p or t , 97, 109, 121 s y s t e m , 98, 110, 122 link aggregation g roup. See LAG . link dependen cies C L I c o n f i g u r a t i o n , 497-498 creating, 4 8 9 e x a m p l e , 501 s c e n a r i o s , 480 understanding, 4 7 9 web configuration, 4 8 9 link local protocol[...]

  • Página 1451

    Index 1451 d e f a u l t s , 1016 d e f i n e d , 1015 d y n a m i c , 1019 m a n a g i n g , C L I , 1020 popul ating, 10 1 5 s t a c k i n g , 1016 w e b - b a s e d m a n a g e m e n t , 1017 MAC multic ast support, 87 MAC port lo cking, 540 MAC-bas ed 802.1X authent ication understanding, 5 0 6 MAC-bas ed VLAN, 648 mai l serv er adding, 2 6 3 c[...]

  • Página 1452

    1452 Index configuring (web), 8 1 6 d e f a u l t s , 814 understanding, 8 0 3 when to use, 8 0 9 layer 3, 8 9 CL I con figur atio n, 1 3 9 9 d e f a u l t s , 1355 e x a m p l e s , 1417 u n d e r s t a n d in g , 1337 when to use, 1 3 4 0 MAC layer , 8 7 MLD sn ooping, 8 8 protocols r o l e s , 1339-1340 VLAN Routing w ith IGMP and P I M - S M , [...]

  • Página 1453

    Index 1453 d e f a u l t s , 1120 difference from OSPFv3, 1 1 1 3 e x a m p l e s , 1177 f l o o d b l o c k i n g , 1118, 1195 L S A p a c i n g , 1117 NSSA, 1 1 8 0 s t a t i c a r e a r a n g e c o s t , 1116, 1190 stub ar ea, 1 1 8 0 s t u b r o u t er s , 1114 t o p o l o g y , 1112 t r a p f l a g s , 341 u n d e r s t a n d in g , 1112 web -[...]

  • Página 1454

    1454 Index P ort LEDs, 97, 109, 121 port mirroring configuring, 4 3 7 mode, enabling, 4 1 2 understanding, 4 1 1 port security configuring, 5 4 2 MA C-based, 6 6 understanding, 5 3 9 port-based flow contro l, 791 port-based traffic control, 787 C L I c o n f i g u r a t i o n , 798, 992 web-based configuration, 7 9 1 port-based VL AN, 648 port-chan[...]

  • Página 1455

    Index 1455 RMON, 60 CLI man age ment , 4 3 9 d e f a u l t s , 414 e x a m p l e , 449 understanding, 4 1 0 web -bas ed c onf igu rati on, 4 1 4 router discovery , 1081 router dis covery pr otocol, 83 router , OSPF , 1113 routes I P v 4 , 1077 I P v 6 , 1255 s e l e c t i n g , 1113 Routi ng table , 8 3 routing d e f a u l t s ( I P v 4 ) , 1065 d [...]

  • Página 1456

    1456 Index SFP port LEDs, 97 , 109, 121 SFP+ module, 118 SFTP , managing files, 380 slots, 284 SNMP CL I con figur atio n, 3 4 5 d e f a u l t s , 325 e x a m p l e s , 354 M I B , 323 p u r p o s e , 325 t r a p s , 324 understanding, 3 2 3 uploading files, 3 6 6 web-based configuration, 3 2 7 SNMPv1 e xample, 354 SNMPv2 e xample, 354 SNMPv3 engin[...]

  • Página 1457

    Index 1457 d e f a u l t , 790, 984 e x a m p l e , 801 understanding, 7 8 8 STP and LAGs, 9 1 6 classic, 7 1 5 CLI configuration, 7 4 6 d e f a u l t s , 735 d e f i n e d , 715 e x a m p l e s , 751 loop guard, 7 2 3 MSTP , 7 9 optional features, 7 2 2 port fast, 7 2 2 port set tings, 7 9 r o o t g u a r d , 723 RSTP , 7 9 understanding, 7 1 6 we[...]

  • Página 1458

    1458 Index traps O S P F , 341 trunk port and 802 .1X authenti cation, 5 3 3 , 535 trunking, 683 tunnel, 84 tunnel interfaces, 1023 U UDP r elay , 83, 1089 uploading files, 372 USB auto configuration e x a m p l e , 403 f i l e s , 390-391 understanding, 3 9 0 USB flash drive, exampl e, 386 USB port, 119 user security model, SNMP , 324 users authen[...]

  • Página 1459

    Index 1459 VLANs dynamically cr eated, 5 3 4 R A D I U S - a s s i g n e d, 534 voice traffic, identifying, 653 voice VLAN, 653 and LLDP -MED, 6 5 4 e x a m p l e , 710 understanding, 6 5 2 Vo I P , 8 6 V oIP and DiffServ , 1310 V oIP , auto, 1 331 VRRP , 84 accept mode, 1 2 1 9 CLI configuration, 1 2 3 0 d e f a u l t s , 1221 e x a m p l e , 1232[...]

  • Página 1460

    Index 1460[...]