Dell FCX648-S инструкция обслуживания
- Просмотреть online или скачать инструкцию
- 1494 страниц
- 17.98 mb
Идти на страницу of
Похожие руководства по эксплуатации
-
Laptop
Dell Inspiron 3H701
4 страниц 6.32 mb -
Laptop
Dell P45F001
50 страниц 4.18 mb -
Laptop
Dell P09G001
88 страниц 1.45 mb -
Laptop
Dell PP04X
100 страниц 1.71 mb -
Laptop
Dell 720N
606 страниц 4.81 mb -
Laptop
Dell 81TR2
80 страниц 1.44 mb -
Laptop
Dell PPX
82 страниц 7.13 mb -
Laptop
Dell F-Series
94 страниц 1.64 mb
Хорошее руководство по эксплуатации
Законодательство обязывает продавца передать покупателю, вместе с товаром, руководство по эксплуатации Dell FCX648-S. Отсутствие инструкции либо неправильная информация, переданная потребителю, составляют основание для рекламации в связи с несоответствием устройства с договором. В законодательстве допускается предоставлении руководства в другой, чем бумажная форме, что, в последнее время, часто используется, предоставляя графическую или электронную форму инструкции Dell FCX648-S или обучающее видео для пользователей. Условием остается четкая и понятная форма.
Что такое руководство?
Слово происходит от латинского "instructio", тоесть привести в порядок. Следовательно в инструкции Dell FCX648-S можно найти описание этапов поведения. Цель инструкции заключается в облегчении запуска, использования оборудования либо выполнения определенной деятельности. Инструкция является набором информации о предмете/услуге, подсказкой.
К сожалению немного пользователей находит время для чтения инструкций Dell FCX648-S, и хорошая инструкция позволяет не только узнать ряд дополнительных функций приобретенного устройства, но и позволяет избежать возникновения большинства поломок.
Из чего должно состоять идеальное руководство по эксплуатации?
Прежде всего в инструкции Dell FCX648-S должна находится:
- информация относительно технических данных устройства Dell FCX648-S
- название производителя и год производства оборудования Dell FCX648-S
- правила обслуживания, настройки и ухода за оборудованием Dell FCX648-S
- знаки безопасности и сертификаты, подтверждающие соответствие стандартам
Почему мы не читаем инструкций?
Как правило из-за нехватки времени и уверенности в отдельных функциональностях приобретенных устройств. К сожалению само подсоединение и запуск Dell FCX648-S это слишком мало. Инструкция заключает ряд отдельных указаний, касающихся функциональности, принципов безопасности, способов ухода (даже то, какие средства стоит использовать), возможных поломок Dell FCX648-S и способов решения проблем, возникающих во время использования. И наконец то, в инструкции можно найти адресные данные сайта Dell, в случае отсутствия эффективности предлагаемых решений. Сейчас очень большой популярностью пользуются инструкции в форме интересных анимаций или видео материалов, которое лучше, чем брошюра воспринимаются пользователем. Такой вид инструкции позволяет пользователю просмотреть весь фильм, не пропуская спецификацию и сложные технические описания Dell FCX648-S, как это часто бывает в случае бумажной версии.
Почему стоит читать инструкции?
Прежде всего здесь мы найдем ответы касательно конструкции, возможностей устройства Dell FCX648-S, использования отдельных аксессуаров и ряд информации, позволяющей вполне использовать все функции и упрощения.
После удачной покупки оборудования/устройства стоит посвятить несколько минут для ознакомления с каждой частью инструкции Dell FCX648-S. Сейчас их старательно готовят или переводят, чтобы они были не только понятными для пользователя, но и чтобы выполняли свою основную информационно-поддерживающую функцию.
Содержание руководства
-
Страница 1
53-1 002266-0 1 18 M ar ch 2 0 11 Pow e r C o n n e c t B - S e r i e s F C X Configuration Guide[...]
-
Страница 2
Information in this document is subject to change without notice. © 20 11 Dell Inc. All rights reser ved. Repr o duction of these materials in any manner wha tsoever withou t the written permission of Dell Inc. is strictly forbidden. T rademarks used in this text: Dell , the DELL logo, Dell OpenManage a nd PowerConnect are tradema rks of Dell Inc [...]
-
Страница 3
PowerConnect B-Series FCX Configuration Guide iii 53-1002266-01 Contents About This Document Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxxix Device nomenclature . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxxix Audience . . . . . . . . . . . . . . . . . . . . . . . .[...]
-
Страница 4
iv PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Chapter 2 Configuring Basic Software Features Configuring basic system parame ters . . . . . . . . . . . . . . . . . . . . . . . . 18 Entering system administration inf orm ation . . . . . . . . . . . . . . . 18 Configuring Sim ple Network Management Prot ocol (SNMP) paramet ers . . . .[...]
-
Страница 5
PowerConnect B-Series FCX Configuration Guide v 53-1002266-01 Loading and sa ving configuration files . . . . . . . . . . . . . . . . . . . . . . . 65 Replacing the startup configu ratio n with the running conf iguration 65 Replacing the running configuration with the startup conf iguration 66 Logging changes t o the star tup-config file . . . . . [...]
-
Страница 6
vi PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Viewing information about sof tware licens es . . . . . . . . . . . . . . . . . . 9 1 Viewing the License ID (LID) . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9 1 Viewing the license database . . . . . . . . . . . . . . . . . . . . . . . . . . . 92 Viewing sof tware packages[...]
-
Страница 7
PowerConnect B-Series FCX Configuration Guide vii 53-1002266-01 Image mismatches . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .154 Advanced f eature privileges (Po werConnect B-Series FCX ) . . 154 Configuration mismatch . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 155 Memor y allocation failure . . . . .[...]
-
Страница 8
viii PowerConnect B-Series FCX Configuration Guide 53-1002266-01 IPv6 management f eatures . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 199 IPv6 management A CLs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 199 IPv6 debug . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 200 IPv6 W eb [...]
-
Страница 9
PowerConnect B-Series FCX Configuration Guide ix 53-1002266-01 Error disable recovery . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 286 Enabling error disable recovery . . . . . . . . . . . . . . . . . . . . . . . .286 Setting the reco ver y interval . . . . . . . . . . . . . . . . . . . . . . . . . . . 286 Displaying the [...]
-
Страница 10
x PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Displaying and modifying syst em pa rameter default settings . . . . 321 Configuration considerations . . . . . . . . . . . . . . . . . . . . . . . . . . 32 1 Displaying syst em parameter def ault values . . . . . . . . . . . . . . 32 1 Modifying syste m parameter default v alues . . . .[...]
-
Страница 11
PowerConnect B-Series FCX Configuration Guide xi 53-1002266-01 Chapter 11 Configuring Uni-Directional Link Detection (UDLD) and Protected Link Groups UDLD ov er view . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 383 UDLD f or tagged por ts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .384 Configu[...]
-
Страница 12
xii PowerConnect B-Series F CX Configuration Guide 53-1002266-01 Dynamic link aggregation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 1 0 IronStack LA CP trunk group configuration e xample . . . . . . . . 4 11 Examples of valid LA CP trunk gr oups . . . . . . . . . . . . . . . . . . . . 4 11 Configuration note s and limitati[...]
-
Страница 13
PowerConnect B-Series FCX Configuration Guide xiii 53-1002266-01 Configuring IP subnet, IPX netw ork, and prot ocol-based VLANs within por t-based VLANs . . . . . . . . . . . . . . . . . . . . . . . . . . . . 454 Configuring an IPv6 pr otocol VLAN . . . . . . . . . . . . . . . . . . . . . . . . .458 Routing betw een VLANs using vir tu al routing in[...]
-
Страница 14
xiv PowerConnect B-Series F CX Configuration Guide 53-1002266-01 Displaying VLAN information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 500 Displaying VLANs in alphanumeric or der . . . . . . . . . . . . . . . . .500 Displaying syst em-wide VLAN information . . . . . . . . . . . . . . . . 501 Displaying global VLAN inf ormation . .[...]
-
Страница 15
PowerConnect B-Series FCX Configuration Guide xv 53-1002266-01 Configuration note s and featur e limitations . . . . . . . . . . . . . . . . . .529 Configuration exam ple . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 530 Configuring MA C-based VLANs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 531 Using MA C-based VLA[...]
-
Страница 16
xvi PowerConnect B-Series F CX Configuration Guide 53-1002266-01 Preserving user input for ACL T CP/UDP por t numbers . . . . . . . . . . 566 Managing A CL comment tex t . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .567 Adding a comment t o an entr y in a numbered A CL . . . . . . . . .567 Adding a comment to an entry in a named ACL. .[...]
-
Страница 17
PowerConnect B-Series FCX Configuration Guide xvii 53-1002266-01 QoS f or stackable device s . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .595 QoS profile restrictions in an IronStac k . . . . . . . . . . . . . . . . . .595 QoS behavior f or trusting La yer 2 (802. 1p) in an IronStack . .595 QoS behavior f or trusting La yer 3 (DSC[...]
-
Страница 18
xviii PowerConnect B- Series FCX Configuration Guide 53-1002266-01 A CL statistics and rate limit counting . . . . . . . . . . . . . . . . . . . . . . . 6 19 Enabling A CL statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6 19 Enabling ACL statistics with rate limiting traf fic policies . . . . . 620 Viewing ACL and rate limi[...]
-
Страница 19
PowerConnect B-Series FCX Configuration Guide xix 53-1002266-01 Rate limiting in hardware . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .644 How Fix ed rate limiting wor ks . . . . . . . . . . . . . . . . . . . . . . . . . .644 Configuration not es . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .6 45 Configuring[...]
-
Страница 20
xx PowerConnect B-Series FCX Configuration Guide 53-1002266-01 General operating principles . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 68 7 Operating modes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 68 7 LLDP packe ts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .688 TL V [...]
-
Страница 21
PowerConnect B-Series FCX Configuration Guide xxi 53-1002266-01 PIM Dense . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .733 Initiating PIM multicasts on a netw ork . . . . . . . . . . . . . . . . . . .734 Pruning a multicast tree . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 734 Grafts to a m[...]
-
Страница 22
xxii PowerConnect B- Series FCX Configuration Guide 53-1002266-01 Chapter 26 Configuring IP Basic configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .784 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .784 F ull Lay er 3 suppor t . . . . . . . . . . . . . . . .[...]
-
Страница 23
PowerConnect B-Series FCX Configuration Guide xxiii 53-1002266-01 Chapter 27 Configuring Multicast List ening Discovery (MLD) Snooping on PowerConnect B-Series FCX Switches Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .889 Configuration note s . . . . . . . . . . . . . . . . . . . . . . . . . . [...]
-
Страница 24
xxiv PowerConnect B- Series FCX Configuration Guide 53-1002266-01 Configuring RIP paramet ers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 91 0 Enabling RIP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9 10 Configuring metric paramet ers . . . . . . . . . . . . . . . . . . . . . . . . . 9 10 Chang[...]
-
Страница 25
PowerConnect B-Series FCX Configuration Guide xxv 53-1002266-01 Configuring OSPF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .930 Configuration rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 93 1 OSPF paramet ers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 93 1 E[...]
-
Страница 26
xxvi PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Displaying OSPF information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .966 Displaying general OSPF configurat ion information . . . . . . . . 967 Displaying CPU utilization statistics . . . . . . . . . . . . . . . . . . . . .968 Displaying OSPF area inf o rmation . . .[...]
-
Страница 27
PowerConnect B-Series FCX Configuration Guide xxvii 53-1002266-01 Optional configuration tasks . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 004 Changing the K eep Alive Time and Hold T ime . . . . . . . . . . . 1004 Changing the BGP4 ne xt-hop update timer . . . . . . . . . . . . . 1005 Enabling fast e xternal fallo ver . . . . . . . .[...]
-
Страница 28
xxviii PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring rout e flap dampening . . . . . . . . . . . . . . . . . . . . . . . . 1 054 Globally configuring rout e flap dampening . . . . . . . . . . . . . 1 055 Using a ro ute map to config ure route flap dam pening f or specific rout es . . . . . . . . . . . . . . . . . . . . . .[...]
-
Страница 29
PowerConnect B-Series FCX Configuration Guide xxix 53-1002266-01 Configuring basic VRRP paramet ers . . . . . . . . . . . . . . . . . . . . . . 111 3 Configuring the Owner . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11 13 Configuring a Back up. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11 13 Configuration rules f o[...]
-
Страница 30
xxx PowerConnect B-Series F CX Configuration Guide 53-1002266-01 Setting up local user accounts . . . . . . . . . . . . . . . . . . . . . . . . . . . 1154 Enhancements to username and password . . . . . . . . . . . . 1154 Configuring a local user account . . . . . . . . . . . . . . . . . . . . . 1 158 Create passw ord option . . . . . . . . . . . .[...]
-
Страница 31
PowerConnect B-Series FCX Configuration Guide xxxi 53-1002266-01 T CP Flags - edge port security . . . . . . . . . . . . . . . . . . . . . . . . . . . 120 1 Using TCP Flags in combination with other A CL features . . 1202 Chapter 33 Configuring SSH 2 and SCP SSH v ersion 2 suppor t . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1[...]
-
Страница 32
xxxii PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring 802. 1X por t security . . . . . . . . . . . . . . . . . . . . . . . . . 122 7 Configuring an authenti cation method list for 802. 1X . . . . 122 7 Setting RADIUS parame ters . . . . . . . . . . . . . . . . . . . . . . . . . 1228 Configuring dynamic VLAN assign ment f or [...]
-
Страница 33
PowerConnect B-Series FCX Configuration Guide xxxiii 53-1002266-01 Configuring the MA C por t security f eature . . . . . . . . . . . . . . . . . 1264 Enabling the MA C por t security feature . . . . . . . . . . . . . . . . 1265 Setting the maximum number of secure MA C addresses f or an interface . . . . . . . . . . . . . . . . . . . . . . . . . .[...]
-
Страница 34
xxxiv PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring multi-de vice por t authentication . . . . . . . . . . . . . . . 12 78 Enabling multi-device por t authenti cation . . . . . . . . . . . . . . 12 78 Specifying the f ormat of the MAC addresses sent to the RADIUS server . . . . . . . . . . . . . . . . . . . . . . . . . . .[...]
-
Страница 35
PowerConnect B-Series FCX Configuration Guide xxxv 53-1002266-01 Configuring web authentication options . . . . . . . . . . . . . . . . . . . 1320 Enabling RADIU S accounting for web authentication . . . . . 1320 Changing the login mode (HTTPS or HTT P) . . . . . . . . . . . . . 132 1 Specifying trust ed por ts. . . . . . . . . . . . . . . . . . . [...]
-
Страница 36
xxxvi PowerConnect B-Series FCX Configuration Guide 53-1002266-01 DHCP snooping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1349 How DHCP snooping w orks . . . . . . . . . . . . . . . . . . . . . . . . . . 1350 System reboot and the binding database . . . . . . . . . . . . . . .135 1 Configuration notes and feature[...]
-
Страница 37
PowerConnect B-Series FCX Configuration Guide xxxvii 53-1002266-01 Displaying SNMP Inf ormation . . . . . . . . . . . . . . . . . . . . . . . . . . . . .13 77 Displaying the Engine ID . . . . . . . . . . . . . . . . . . . . . . . . . . . . .13 77 Displaying SNMP gr oups . . . . . . . . . . . . . . . . . . . . . . . . . . . . .13 77 Displaying user [...]
-
Страница 38
xxxviii PowerConnect B-Series FCX Configuration Guide 53-1002266-01 sFlow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .14 27 sFlow v ersion 5 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1 42 7 sFlow support for IPv6 pack ets . . . . . . . . . . . . . . . . . . . . . . . 14[...]
-
Страница 39
PowerConnect B-Series FCX Configuration Guide xxxix 53-1002266-01 About This Document Introduction This guide describes the f ollowing prod uct families from Dell: • Po werConnect B-Series FCX Stackable Switches. This guide includes procedures for configuring the sof tware. The sof tware procedures show ho w to per form tasks using the CLI. This [...]
-
Страница 40
xl PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Document conventions This section describes te xt formatting con venti ons and important notice formats u sed in this document. Text formatting The narrative-t ext formatting con ven tions that are used are as f ollows: For readability , comma nd names in the narrative por tions of this[...]
-
Страница 41
PowerConnect B-Series FCX Configuration Guide xli 53-1002266-01 NOTE A note provides a tip, guidance or advice, em phasizes impor tant information, or provides a ref erence to related inf ormation. CAUTION A Caution stat ement aler ts you to s it ua ti on s t ha t c an be p oten ti al ly ha za rdo u s to you or cause damage to har dware, firm ware,[...]
-
Страница 42
xlii PowerConnect B-Series FCX Configuration Guide 53-1002266-01 NOTE If you do not ha ve an active Int ernet conn ection, you can find contact information on yo u r purchase in voice, packing slip, bill, or Dell product catalog. Dell pro vides several online and telephone-based suppor t and service options. Availability varies b y countr y and pro[...]
-
Страница 43
PowerConnect B-Series FCX Configuration Guide 1 53-1002266-01 Chapter 1 Getting Familiar with Management Applications Ta b l e 3 lists the individual Dell Po werConnect switches and the management application f eatures they support. 16 Using the management port NOTE The management port applies t o Po werConnect B-Series FCX de vices. The management[...]
-
Страница 44
2 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Using the management port 1 • No packe t received on a management por t is sent t o any in-band port s, and no pack ets received on in-band ports are sent to a management por t. • A management por t is not par t of any VLAN • Pro tocols are not suppo r ted on the management port. ?[...]
-
Страница 45
PowerConnect B-Series FCX Configuration Guide 3 53-1002266-01 Logging on through the CLI 1 22 packets output, 1540 bytres, 0 underruns Transmitted 0 broadcasts, 6 multicasts, 16 unicasts 0 output errors, 0 collisions T o display the management interface information in brief f orm, enter the show int er faces brief management command. Syntax: show i[...]
-
Страница 46
4 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Logging on through the CLI 1 Y ou can initi ate a local T e lnet or SNMP connection by attaching a cable to a port and specifying the assigned management station IP address. The commands in the CLI are orga nized into the following le vels: • User EXEC – Lets you displa y information[...]
-
Страница 47
PowerConnect B-Series FCX Configuration Guide 5 53-1002266-01 Using stack-unit , slot number, an d port number with CLI commands 1 ipx lock-address logging mac --More--, next page: Space, next line: Return key, quit: Control-c The sof tware pr ovides the f ollowing scrolling options: • Press the Space bar t o display the next pag e (one screen at[...]
-
Страница 48
6 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Using stack-unit, slot number, an d port number with CLI co mmands 1 • slot number and por t number • stack-unit, slot number , and por t number The follo wi ng sections show which f ormat is suppo r ted on which devices. The po r ts are labelled on the front pan els of the devices. [...]
-
Страница 49
PowerConnect B-Series FCX Configuration Guide 7 53-1002266-01 Using stack-unit , slot number, an d port number with CLI commands 1 Displaying lines that do no t contain a specified string The following command filters the output of the show who command so it dis plays only lines that do not contain the word “closed”. This command can be used to[...]
-
Страница 50
8 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Using stack-unit, slot number, an d port number with CLI co mmands 1 T o display lines containing only a spec ified search string (similar t o the include optio n f or show commands) press the plus sign ke y ( + ) at the -- More-- pr ompt and then enter the sear ch string. The filtered r[...]
-
Страница 51
PowerConnect B-Series FCX Configuration Guide 9 53-1002266-01 Using stack-unit , slot number, an d port number with CLI commands 1 TA B L E 5 Special characters f or regular expressions Character Operation . The period matches on any single charact er , including a blank space. For e xample, the f ollowing regular expr ession matches “aaz”, “[...]
-
Страница 52
10 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Using stack-unit, slot number, an d port number with CLI co mmands 1 If you want t o filter for a special charact er instea d of using the spec ial character as describe d in the table abov e, enter “” (backslash) in fr ont of the character . For exam ple, to filter on output conta[...]
-
Страница 53
PowerConnect B-Series FCX Configuration Guide 11 53-1002266-01 Logging o n through the Web Manag ement Interface 1 Configuration notes The follo wing conf iguration notes apply t o this feature: • Y ou cannot include ad ditional paramet ers with th e alias at the command prompt. F or example, af te r yo u cr e ate t he shoro alias, shoro bgp w ou[...]
-
Страница 54
12 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Logging on through the Web Management Interface 1 FIGURE 2 Web Management Int er face login dialog The login username and password you ent e r depends on whether your device is configu red with AAA authentication f or SNMP . If AA A authenticati on for SNMP is not configured, you can us[...]
-
Страница 55
PowerConnect B-Series FCX Configuration Guide 13 53-1002266-01 Logging o n through the Web Manag ement Interface 1 FIGURE 3 First panel for Lay e r 3 Switch features NOTE I f y o u a r e u s i n g I n t e r n e t E x p l o r e r 6 . 0 to v i e w t h e W e b M a n a g e m e n t I n t e r fa c e , m a k e s u r e t h e v e r s i o n you are running i[...]
-
Страница 56
14 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Logging on through the Web Management Interface 1 Using the CLI, yo u can modify the appearance of the W eb Management Inter face with the web -m a na ge me nt command. T o cause the Web Management Interface to displa y the List view b y default, enter the f ollowing command. PowerConne[...]
-
Страница 57
PowerConnect B-Series FCX Configuration Guide 15 53-1002266-01 Logging o n through the Web Manag ement Interface 1 NOTE The tree view is a vailable when you use the Web Management Int er face with Ne tscape 4.0 or higher or Internet Explorer 4.0 or higher brow sers. If y ou use the Web Manag ement Inter face with an older browser , the W eb Managem[...]
-
Страница 58
16 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Logging on through Brocad e Network Advisor 1 Logging on through Brocade Network Advisor Refe r to the Brocade® Netw ork Advisor manual f or information about using Br ocade Network Adv is or.[...]
-
Страница 59
PowerConnect B-Series FCX Configuration Guide 17 53-1002266-01 Chapter 2 Configuring Basic Software Features Ta b l e 6 lists the individual Dell Po werConnect switches and the ba sic sof tware features the y suppor t. TA B L E 6 Suppor ted basic software f eatures Feature PowerConnect B-Series FCX Basic System Parameters System name, cont act, and[...]
-
Страница 60
18 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring basic system parameters 2 Configuring basic system parameters Dell Po werConnect de vices are configured at the fa ctor y with default param eters that allow you to begin using the basic features of the syst em immedi ately . Howev er , many of the advanced f eatures such as[...]
-
Страница 61
PowerConnect B-Series FCX Configuration Guide 19 53-1002266-01 Configuring basic system parameters 2 PowerConnect(config)# hostname zappa zappa(config)# snmp-server contact Support Services zappa(config)# snmp-server location Centerville zappa(config)# end zappa# write memory Syntax: hostname <string> Syntax: snmp-server contact <s tring&g[...]
-
Страница 62
20 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring basic system parameters 2 T o specify an SNMP trap receiv er and change the UDP port that will be used to receiv e traps, enter a command such as the fo llowing. PowerConnect(config)# snmp-server host 2.2.2.2 0 mypublic port 200 PowerConnect(config)# write memory Syntax: snm[...]
-
Страница 63
PowerConnect B-Series FCX Configuration Guide 21 53-1002266-01 Configuring basic system parameters 2 T o change the holddown time for SNMP traps, ente r a command such as the following at the global CONFIG lev el of the CLI. PowerConnect(config)# snmp-server enable traps holddown-time 30 The command in this example chan ges the holddown time for SN[...]
-
Страница 64
22 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring basic system parameters 2 • OSPF • VRRP • VRRPE T o stop link do wn occurrences from being reported, ent er the follo wing. PowerConnect(config)# no snmp-server enable traps link-down Syntax: [ no ] snmp-server enable traps <trap-type> Disabling Syslog messages a[...]
-
Страница 65
PowerConnect B-Series FCX Configuration Guide 23 53-1002266-01 Configuring basic system parameters 2 Syntax: show logging The first message (the one on the bottom) indicates that user “dg” logged in to the CLI User EXEC lev el on October 1 5 at 5:38 PM and 3 seconds ( O ct 1 5 1 7 :38:03). The same user logged int o the Privileged EXEC lev el f[...]
-
Страница 66
24 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring basic system parameters 2 NOTE Dell Po werConnect de vices do not retain time and dat e information across pow er cycles. Unless you want to reconfigure the system time counte r each time the system is reset, Dell Po werConnect recommends that you use the SNT P feature. T o [...]
-
Страница 67
PowerConnect B-Series FCX Configuration Guide 25 53-1002266-01 Configuring basic system parameters 2 Syntax: show sntp status The follo wing table describes the information displa yed by the show sntp status command. Setting the system clock In addit ion to SNTP suppor t, Dell PowerConnect sw itches and routers also allow you to set the system time[...]
-
Страница 68
26 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring basic system parameters 2 By default, Dell PowerConnect switches and router s do not change the system time for da ylight sa ving time. T o enable daylight sa ving time, enter the f ollowing command. PowerConnect# clock summer-time Syntax: clock summer -time Although SNTP se[...]
-
Страница 69
PowerConnect B-Series FCX Configuration Guide 27 53-1002266-01 Configuring basic system parameters 2 Syntax: [ no ] clock timezone us <timezone-type> Enter pacific, east ern, central, or mountain for <timezone-type> . This command must be configured on every device that f ollows the US DST . T o verify the change, run a show clock comma[...]
-
Страница 70
28 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring basic system parameters 2 The <num> variable spe cifies the maximum number of packets per second. It can be an y number that is a multiple of 6553 6, up to a maximum value of 2 14 7 4 181 12. If you enter the multicast limi t command, multicast pack ets are included in[...]
-
Страница 71
PowerConnect B-Series FCX Configuration Guide 29 53-1002266-01 Configuring basic system parameters 2 Syntax: show rate-lim it unknown-unicast Use the sho w rate-limit br oadcast command to displa y the broadcast limit or br oadcast and multicast limit f or each po r t to which it applies. Example Syntax: show rate-limit br oadcast Configuring CLI b[...]
-
Страница 72
30 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring basic system parameters 2 NOTE If you are using a W eb client to vie w the message of the da y , and your banners are v er y wide, with large borders, y ou may need to se t your PC display resolution to a number great er than the wi dth of your banner . For e xample, if your[...]
-
Страница 73
PowerConnect B-Series FCX Configuration Guide 31 53-1002266-01 Configuring basic system parameters 2 T o enable the requirement t o press the Enter k ey after the MO TD is display ed, enter a command such as the fo llowing. PowerConnect(config)# banner motd require-enter-key Syntax: [ no ] banner motd require-ent er-k ey Use the no f orm of the com[...]
-
Страница 74
32 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring basic port parameters 2 Configuring a local MAC address for Layer 2 management traffic By default, La yer 2 de vices use the MA C address of the first por t as the MAC addre ss for La yer 2 management traffic. For exam ple, when the Dell Pow erConnect device receives an ARP [...]
-
Страница 75
PowerConnect B-Series FCX Configuration Guide 33 53-1002266-01 Configuring basic port parameters 2 Modifying port speed and duplex mode The Gigabit Ethernet copper por ts are designed t o auto-sense and auto-negotiat e the speed and duplex mod e of the connected de vice. If the atta ched de vice does not suppor t this operation, you can manually en[...]
-
Страница 76
34 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring basic port parameters 2 Maximum Por t speed advertisement and Por t speed down-shif t are enhancements t o the auto-negotiation f eature, a mechanism for ac commodating multi-speed netw ork devices by automatically configuring the highest per formanc e mode of int er-operati[...]
-
Страница 77
PowerConnect B-Series FCX Configuration Guide 35 53-1002266-01 Configuring basic port parameters 2 Syntax: [ no ] link-config gig copp er aut oneg-control down-shift ethernet <port> [ ethernet <por t> ] | to <por t>... Specify the <por t> v a ri a b l e i n th e fo l l ow in g fo r m a ts : • Po werConnect B-Series FCX sta[...]
-
Страница 78
36 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring basic port parameters 2 T o disa ble select ive auto-negotiation of 100m-auto on por t s 0/1/21 t o 0/1/25 and 0/1/30, en ter the fo llowing. PowerConnect(config)# no link-config gig copper autoneg-control 100m-auto ethernet 0/1/21 to 0/1/25 ethernet 0/1/30 Configuring maxim[...]
-
Страница 79
PowerConnect B-Series FCX Configuration Guide 37 53-1002266-01 Configuring basic port parameters 2 • 10 0 - h a l f • auto (default) Configuring MDI/MDIX Dell Po werConnect de vices suppor t automati c Media Dependent Int er face (MDI) and Media Dependent Int er face Crosso ver (MDIX) det ection on all Gbps Ethernet Copper ports. MD I/M DIX is [...]
-
Страница 80
38 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring basic port parameters 2 Disabling or re-enabling a port A por t can be made inactive (disable) or active (enable) b y selecting t he appropriat e status option. The default value f or a por t is enabled. T o disable por t 8 of a Dell Po werConnect device , enter the fo llowi[...]
-
Страница 81
PowerConnect B-Series FCX Configuration Guide 39 53-1002266-01 Configuring basic port parameters 2 Disabling or re-enabling flow control Y ou can configure the Dell P owerConnect de vice to operat e with or without flow contr ol. Flow contro l is enabled by def ault glob ally and on all full-duplex por t s. Y ou can disable and re-enable flow contr[...]
-
Страница 82
40 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring basic port parameters 2 Displaying flow-control status The show inter face <port> command displays configuration, operation, and negotiation status where applicable. For e xample, on a Pow erConnect Stackable device, issuing the command f o r 1 0/100 /1000M port 0/1/2 [...]
-
Страница 83
PowerConnect B-Series FCX Configuration Guide 41 53-1002266-01 Configuring basic port parameters 2 Symmetric flow control addresses the requirements of a lossless ser vice class in an Internet Small Computer System Interface (iSCSI) envir onment. It is suppor ted on FCX standalone units as well as on all FCX units in an IronStack. About XON and XOF[...]
-
Страница 84
42 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring basic port parameters 2 • The following QoS f eatures are not suppor ted together with symmetric flow control: - Dynamic buffer allocation (CLI commands qd-descript or and qd-buf f er ) - Buffer profiles (CLI command buffer -profile por t-region ) - DSCP-based QoS (CLI com[...]
-
Страница 85
PowerConnect B-Series FCX Configuration Guide 43 53-1002266-01 Configuring basic port parameters 2 Syntax: symmetric-flow-control set 1 | 2 x o f f <%> xon <%> symmetric-flow-contr ol set 1 sets the XOFF and X ON limits for 1G ports. symmetric-flow-contr ol set 2 sets the XOFF and X ON limits for 1 0G por ts. For xof f <%>, the &l[...]
-
Страница 86
44 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring basic port parameters 2 Configuring PHY FIFO Rx and Tx depth PHY devices on PowerConnect B-Series FCX devi ces contain transmit an d receiv e synchronizing FIFOs t o adjust for frequency differences between clocks. The phy-fifo-depth command allows y ou to config ure the dep[...]
-
Страница 87
PowerConnect B-Series FCX Configuration Guide 45 53-1002266-01 Configuring basic port parameters 2 Syntax: [ no ] ipg <value> For val ue , ent er a number in the range fr om 48-120 bit times in multiples of 8. The default is 96. As a result of the abo ve configuration, the ou tput fr om the show interface Ethernet 0/1/2 1 command is as f ollo[...]
-
Страница 88
46 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring basic port parameters 2 Chassis-based and Stackable devices NOTE The f ollowing procedure applies t o Stackable devices and to Chassis-based 1 00/100 0 Fiber interface modules only . The CLI syntax f or enab ling and disabling 10 0B aseFX suppor t on these devic es dif fers [...]
-
Страница 89
PowerConnect B-Series FCX Configuration Guide 47 53-1002266-01 Configuring basic port parameters 2 NOTE When Gbps negotiation mode is turned of f (CLI command gig-default neg- of f ), the Dell device may inadvertently take do wn both ends of a link . This is a hardware limitation f or which there is currently no workar ound. Modifying port priority[...]
-
Страница 90
48 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring basic port parameters 2 Enabling dynamic configuration of a Voice over IP (VoIP) phone Y ou can create a v oice VLAN ID for a port, or for a gr oup of por ts. T o create a v oice VLAN ID for a po r t, ent er commands such as the follo wing. PowerConnect(config)# interface et[...]
-
Страница 91
PowerConnect B-Series FCX Configuration Guide 49 53-1002266-01 Configuring basic port parameters 2 If the port link state toggles from up to down f or a specified number of times within a specified period, the int er face is physically disabled f or th e specified wait perio d. Once the wait period expire s, the por t link state is re-enabled. Howe[...]
-
Страница 92
50 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring basic port parameters 2 PowerConnect(config)# interface ethernet 2/1 PowerConnect(config-if-e10000-2/1)# no link-error-disable 10 3 10 Displaying ports configured with port flap dampening Por ts that hav e bee n disabled du e to the por t flap dampening f eature are iden tif[...]
-
Страница 93
PowerConnect B-Series FCX Configuration Guide 51 53-1002266-01 Configuring basic port parameters 2 Syntax: show link-err or-disable [all ] Example The line “L ink Error Dampening” d isplays “Enabled” if por t flap dampening is enabled on the por t or “Disabled” if the f eature is disabled on the po r t. The f eature is enabled on the po[...]
-
Страница 94
52 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring basic port parameters 2 Port loop detection This feature allo ws the Dell Pow erConnect device t o disable a por t that is on the receiving end of a loop by sending test pack ets. Y ou can conf igure th e time period during which test packets are sent. Strict mode and loose [...]
-
Страница 95
PowerConnect B-Series FCX Configuration Guide 53 53-1002266-01 Configuring basic port parameters 2 loops because S TP cannot pre vent loops across diff erent VLANs. In these instances, the por ts are not block ed and loop detection is able t o send out pr obe packets in one VL AN and receive pack ets in another VLAN. In this wa y, lo op detection r[...]
-
Страница 96
54 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring basic port parameters 2 The abov e command will cause the Dell Pow erConnect device t o automatically re-enable por ts that were disable d because of a loop detection. By def ault, the device will w ait 300 seconds before re-enabling the por ts. Y ou c an optionally change t[...]
-
Страница 97
PowerConnect B-Series FCX Configuration Guide 55 53-1002266-01 Configuring basic port parameters 2 If a por t is errdisabled in Strict mode, it shows “ERR -DISABLE b y itself”. If it is errdisabled due to its associated vlan, it shows “ERR-DISABLE b y vlan ?” The f ollowing command displays the current disa bled ports, including the cause a[...]
-
Страница 98
56 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring basic port parameters 2 Syslog message The follo wing me ssage is logged when a por t is disa bled due to loop de tection. This message also appears on the cons ole. loop-detect: port ??? vlan ?, into errdisable state The Errdisab le function logs a mess age whenever it re[...]
-
Страница 99
PowerConnect B-Series FCX Configuration Guide 57 53-1002266-01 Chapter 3 Operations, Administra tion, and Maintenance Ta b l e 1 2 lists the individual Dell Po werConnect swit ches and the operations, administration, and maintenance f eatures they suppor t. Overview For easy software image management, all Dell Po werConnect de vices suppor t the do[...]
-
Страница 100
58 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Determining the software versions installed and running on a device 3 Y ou can updat e the sof tware cont ained on a flas h module using TFTP t o copy the updat e image from a TFTP ser ver ont o the flash module. In addition, you can cop y sof tware images and configuration files from a[...]
-
Страница 101
PowerConnect B-Series FCX Configuration Guide 59 53-1002266-01 Determining the software versions in stalled and running on a device 3 Determining the boot image version running on the device T o determine the boot imag e running on a device, enter the show flash command at any le vel of the CLI. The f ollowing show s an example output. PowerConnect[...]
-
Страница 102
60 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Determining the software versions installed and running on a device 3 CLI commands Use the f ollowing command syntax to verify the flash image: Syntax: verify md5 | sha1 | crc32 <ASCII s t ring> | primary | secondar y [ <hash code> ] • md5 – Generates a 1 6-byte hash cod[...]
-
Страница 103
PowerConnect B-Series FCX Configuration Guide 61 53-1002266-01 Image file types 3 Image file types This section lists t he boot and flash image file types suppor ted and how to install them on the PowerC on nec t fa mi ly of swi tc hes . For inf ormation abo ut a specific version of code, ref er to the release note s. Viewing the contents of flash [...]
-
Страница 104
62 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Using SNMP to upgrade software 3 Syntax: copy flash console < filename > For < filename >, ent er the name of a file stored in flash memor y . Using SNMP to upgrade software Y ou can use a thir d-par ty SNMP management application to upg rade sof tware on a Pow erConnect dev[...]
-
Страница 105
PowerConnect B-Series FCX Configuration Guide 63 53-1002266-01 Changing the block size for TFTP file transfers 3 1. Configure a read-writ e community string on the Dell Pow erConnect device, if one is not already configured. T o configure a read -write community string, enter the f ollowing command fr om the global CONFIG level of the CLI. snmp-ser[...]
-
Страница 106
64 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Rebooting 3 Rebooting Y ou can use boot commands t o immediately initia t e sof tware boots from a sof tware image stored in primar y or secondary flash on a Dell PowerConne ct device or fr om a BootP or TFTP server . Y ou can test ne w versions of code on a Dell Pow erConne ct de vice [...]
-
Страница 107
PowerConnect B-Series FCX Configuration Guide 65 53-1002266-01 Loading and saving configuration files 3 The results of the show run command f or the configured exam ple above appear as follows. PowerConnect #show run Current Configuration: ! ver 7.2.00aT7f1 ! module 1 FCX-48-port-management-module module 2 FCX-xfp-2-port-16g-module module 3 FCX-xfp[...]
-
Страница 108
66 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Loading and saving configuration files 3 T o replace the star tup configuration with the running configuration, enter the f ollowing command at any Enable or CONFIG command pr ompt. PowerConnect#write memory Replacing the running configuration with the startup configuration If you want [...]
-
Страница 109
PowerConnect B-Series FCX Configuration Guide 67 53-1002266-01 Loading and saving configuration files 3 Dynamic configuration loading Y ou can load dynamic configuration commands (com mands that do not require a reload to tak e effect) fr om a file on a TFTP ser ver i nto the running-config on the Dell Pow erConnect device. Y ou can make configurat[...]
-
Страница 110
68 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Loading and saving configuration files 3 NOTE If you cop y -and-paste a configuration into a management session, the CLI ignores the “ ! “ instead of chang ing the CLI to the global CONF IG level. As a result, you might get different results if you copy-and-paste a conf iguration in[...]
-
Страница 111
PowerConnect B-Series FCX Configuration Guide 69 53-1002266-01 Loading and saving configuration files with IPv6 3 • Alwa ys use the end command at the en d of the file . The end command must appear on the last line of the file, by itself. Loading the configuration info rmation into the running-config T o load the file fr om a TFTP ser ver , use e[...]
-
Страница 112
70 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Loading and saving configuration files with IPv6 3 • Copy a file from an IPv6 TFTP server to a specified destination Copying a file to an IPv6 TFTP server Y ou can copy a file from the f ollowing sources t o an IPv6 TFTP ser ver: • Flash memor y • Running configuration • Star tu[...]
-
Страница 113
PowerConnect B-Series FCX Configuration Guide 71 53-1002266-01 Loading and saving configuration files with IPv6 3 • Flash memor y • Running configuration • Star tup configura tion Copying a file to flash memory For e xample, to copy a boot image from an I Pv6 TFTP ser ver t o the primar y or secondar y storage location in the device flash mem[...]
-
Страница 114
72 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Loading and saving configuration files with IPv6 3 • Copy a primar y or sec ondar y boot image from flash memor y to an IPv6 TFTP s er ver . • Copy the running configuratio n to an IPv6 TFTP server . • Copy the star tup conf iguration to an IPv6 TFTP server • Upload various file[...]
-
Страница 115
PowerConnect B-Series FCX Configuration Guide 73 53-1002266-01 Loading and saving configuration files with IPv6 3 • Star tup configura tion. Uploading a primary or secondary boo t image from an IPv6 TFTP server For e xample, to upload a primary or secondary boot image from an IPv6 TFTP server t o a device flash memory, ent er a command such as th[...]
-
Страница 116
74 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Scheduling a system reload 3 1. Configure a read-writ e community string on the Dell Pow erConnect device, if one is not already configured. T o configure a read -write community string, enter the f ollowing command fr om the global CONFIG level of the CLI. snmp-server community <str[...]
-
Страница 117
PowerConnect B-Series FCX Configuration Guide 75 53-1002266-01 Diagnostic error codes and remedies for TFTP transfers 3 Reloading after a specific amount of time T o schedule a system reload to occur af ter a spec ific amount of time has passed on the syst em clock, use reload af ter command. For e xample, t o schedule a system reload fr om the sec[...]
-
Страница 118
76 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Testing network connectivity 3 Testing network connectivity Af ter you install the network cables, you can test netw ork connect ivity to o ther devices by pinging those devices. Y ou also can ob serve the LEDs relat ed to network c onnection and per form trace rou te s. Pinging an IPv4[...]
-
Страница 119
PowerConnect B-Series FCX Configuration Guide 77 53-1002266-01 Testing network connectivity 3 The source < ip addr > specifies an IP address to be used as the origin of the ping packe ts. The count < num > paramet er specifies how many ping pack ets the device sends. Y ou can specify from 1 – 4294967296. The def ault is 1. The timeout[...]
-
Страница 120
78 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Testing network connectivity 3 Tracing an IPv4 route NOTE This section describes the IPv4 tracer oute command. For details about IPv6 tracer oute , ref er to “IPv6 T racerout e” on page 253. Use the tracerout e command to determine the path thr ough which a Dell Pow erConnect device[...]
-
Страница 121
PowerConnect B-Series FCX Configuration Guide 79 53-1002266-01 Chapter 4 Software-based Licensing Ta b l e 1 4 lists the individual Dell PowerConnect swit ches and the software licensing features the y suppor t. Software license terminology This section defines the k ey terms used in this chapter . • Entitlement cer tificate – The pr oo f-of-pu[...]
-
Страница 122
80 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Software-based lic ensing overview 4 Software-based licensing overview With the introduction of softwar e-based licensing , one or more valid software licenses are required to run such licensed features on the device. Dell Po werConnect devic es suppor t sof tware-bas ed licensing will [...]
-
Страница 123
PowerConnect B-Series FCX Configuration Guide 81 53-1002266-01 Licensed features and part numbers 4 For a list of features supported with these image s, refer t o the release notes. Licensed features and part numbers Ta b l e 1 6 lists the suppor ted licensed f eatures, asso ciated image filenames, and related par t numbers. NOTE There are no chang[...]
-
Страница 124
82 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Licensed features and part numbers 4 For e xample, if stack member unit 4 do es not ha ve a license to run BGP whereas the Active contro ller does, unit 4 has an in ferior license and will not be allow ed to join the stack. Likewise, if unit 4 has a license t o run BGP whereas the Ac ti[...]
-
Страница 125
PowerConnect B-Series FCX Configuration Guide 83 53-1002266-01 Configuration tasks 4 Configuration tasks This section describes the configuration tasks for generating and obtaining a sof tware license, then installing it on the Dell PowerConnect de vice. Perform the tasks in the order list ed in Ta b l e 17 . Obtaining a license The procedures in t[...]
-
Страница 126
84 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuration tasks 4 Figure 5 shows the Sof tware Portal Login window . FIGURE 5 Brocade Software Portal Login window[...]
-
Страница 127
PowerConnect B-Series FCX Configuration Guide 85 53-1002266-01 Configuration tasks 4 Figure 6 shows the License Management Welcome window that appears af ter logging in t o the software por tal. F rom this window , mouse ov er the License Management banner , then IP/Ethernet , then click on License Generation with T ransaction k ey . FIGURE 6 Licen[...]
-
Страница 128
86 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuration tasks 4 Figure 7 shows the IP/Ethernet License Generation window f or generating a license using a transaction k ey and LID. FIGURE 7 IP Ethernet License Generation window Enter the required inf ormation in each text box shown in Figure 7. • For a description of the fiel[...]
-
Страница 129
PowerConnect B-Series FCX Configuration Guide 87 53-1002266-01 Configuration tasks 4 Press the Generate butt on to generate the license. Fi gure 8 sho ws the results window , which displays an or der summar y and the results of the license re quest. • If the license request was successful, the “Status” fi eld will indicate Success and the “[...]
-
Страница 130
88 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Deleting a li cense 4 Installing a license file Once you obtain a license f ile, place it on a TFTP or SCP ser ver to which the Dell PowerConnect device has access, then use T FTP or SCP to copy the fi le to the license database of the Dell PowerC on nec t d evic e. Using TFTP to instal[...]
-
Страница 131
PowerConnect B-Series FCX Configuration Guide 89 53-1002266-01 Other licensing options availab le from the Brocade Software Portal 4 Other licensing options available from the Brocade Software Portal This section describes other sof tware licensing ta sks suppor ted from the Brocade software por tal. Viewing software license information Y ou can us[...]
-
Страница 132
90 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Transferring a license 4 Figure 1 0 shows an exam ple of the license query results. FIGURE 1 0 License Quer y results window In this ex ample, the line items f or Leve l 1 display har dware-related information and the line it ems fo r Lev el 2 display software-related inf ormation. If t[...]
-
Страница 133
PowerConnect B-Series FCX Configuration Guide 91 53-1002266-01 Viewing information abo ut software licenses 4 Viewing information about software licenses This section describes the show commands associat ed with sof t ware licensing. These com mands are issued on the Dell P owerConnect de vice, at any lev el of the CLI. NOTE Y ou can also view info[...]
-
Страница 134
92 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Viewing information about so ftware licenses 4 Viewing the license database T o display general inf ormation about all sof twa re licenses in the li cense database, use the show license command. The following sho ws example output. T o display detailed inf orm ation ab out a par ticular[...]
-
Страница 135
PowerConnect B-Series FCX Configuration Guide 93 53-1002266-01 Viewing information abo ut software licenses 4 Viewing software packages installed in the device Use the sho w version command t o view the software packages that are currently installed in the devic e. NOTE The software package name is not the same as the license name. Ta b l e 2 0 lis[...]
-
Страница 136
94 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Viewing information about so ftware licenses 4[...]
-
Страница 137
PowerConnect B-Series FCX Configuration Guide 95 53-1002266-01 Chapter 5 Stackable Devices Ta b l e 2 1 lists the individual Dell Po we rConnect switches and the Iron stack features the y suppor t. IronStack overview This section gives a brief overview of IronStack technology , including IronStack terminology . This section also lists the Pow erCon[...]
-
Страница 138
96 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 IronStack overview 5 • Active Controller, Standby Contr o lle r, and member units in a stack • Active Contr oller management of entire stack • Active Controller download of software images to all stack units • Standby Contr oller for stack redundancy • Active Controller mainte[...]
-
Страница 139
PowerConnect B-Series FCX Configuration Guide 97 53-1002266-01 IronStack overview 5 show , stack, and a fe w debug commands. When the stack is f ormed, all local consoles are directed t o the Active Controller, which can access the entire CLI. The last line of output fr om the show version command indicates the role of a unit, unless it is a standa[...]
-
Страница 140
98 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Building an IronStack 5 • Static Configurat ion - A configuration that remains in the da tabase of the Activ e Cont roller e ven if the unit it refers t o is remov ed from the st ack. Static configurations are derived from the star tup configuration file during the boot sequ ence, are[...]
-
Страница 141
PowerConnect B-Series FCX Configuration Guide 99 53-1002266-01 Building an IronStack 5 FIGURE 1 1 P owerConnect B-Series FCX linear and ring stack topologies FIGURE 12 PowerConnect B-FCX-E ring topology stack using SFP+ module por ts 1357 9 1 1 1 3 1 5 1 7 1 9 2 1 2 3 2 4 6 8 10 12 14 16 18 20 22 24 Reset 1 PS 2D i a g Console Mgmt 25 27 29 31 33 3[...]
-
Страница 142
100 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Building an IronStack 5 FIGURE 13 Pow erConnect B-FCX-E linear topology stack using SFP+ module ports FIGURE 1 4 Mixe d linear stack of PowerConnect B-FC X-E devices and P owerConnect B-FCX-S devices Software requirements All units i n an IronStack must be running the same sof tware v [...]
-
Страница 143
PowerConnect B-Series FCX Configuration Guide 101 53-1002266-01 Building an IronStack 5 1. Use the secure-setup utility to f orm your stack. Secure-setup giv es you contr ol over the design of your stack topology and provides security through pa ssword v erificat ion. For the secure-setup procedure, ref er to “Scenario 1 - Conf iguring a three-me[...]
-
Страница 144
102 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Building an IronStack 5 • Authentication of secure-setup packets pr ovides verification that these pack ets are from genuine Dell stack unit. MD5- based por t verification confirms stacking por ts. • Superuser password is required t o allow passwo rd-pr otect ed devices t o become [...]
-
Страница 145
PowerConnect B-Series FCX Configuration Guide 103 53-1002266-01 Building an IronStack 5 5. Ent e r the stack secure-setup co mmand. As s hown In the following example, this com mand triggers a Dell pr oprietar y discovery prot ocol that begins the disco ver y proce s s in both upstream and downstream direct ions. The discovery process prod uces a l[...]
-
Страница 146
104 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Building an IronStack 5 1 S FCX648 active 00e0.52ab.cd00 128 local Ready 2 D FCX624 standby 0012.f2d5.2100 60 remote Ready 3 D FCX624 member 0012.f239.2d40 0 remote Ready active standby +---+ +---+ +---+ -2/1| 1 |3/1--2/1| 2 |3/1--2/2| 3 |2/1- +---+ +---+ +---+ Current stack management[...]
-
Страница 147
PowerConnect B-Series FCX Configuration Guide 105 53-1002266-01 Building an IronStack 5 7 . When the Active Contr oller has finished the auth entication pr ocess, you will see output that shows the suggested assigned stack IDs f or each member . Y ou can accept these recommendations, or y ou can manual ly conf igure stack IDs. Enter the show stack [...]
-
Страница 148
106 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Building an IronStack 5 Follow the st e ps given below to c onfigure a three-m ember IronStack in a ring topology using automatic setup process. 1. P ower on the devices. 2. This pr ocess requires clean devices (e xcept fo r the Active Contr oller) th at do not contain any configuratio[...]
-
Страница 149
PowerConnect B-Series FCX Configuration Guide 107 53-1002266-01 Building an IronStack 5 PowerConnect# show running config Current configuration: ! ver 07.2.00a ! stack unit 1 module 1 FCX-24-port-management-module priority 255 stack unit 2 module 1 FCX-24-port-management-module priority 240 stack unit 3 module 1 FCX-24-port-management-module stack [...]
-
Страница 150
108 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Building an IronStack 5 Scenario 3 - Configuring a three-member IronStack in a ring topology using the manual configuration process NOTE For more detailed information about configuring an Pow erConnect B-Series FCX IronStack, see “Configuring an FCX Ir onStack” on page 109 Follo w [...]
-
Страница 151
PowerConnect B-Series FCX Configuration Guide 109 53-1002266-01 Building an IronStack 5 For more inf ormation abou t cabling the devices, ref er to the appropriat e hardware installation guides. NOTE This method does not guarant ee sequential stack IDs. I f yo u w a n t t o c h a n g e s t a c k I D s t o m a k e t h e m sequential, y ou can use se[...]
-
Страница 152
110 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Building an IronStack 5 NOTE If you are adding PowerCo nnect B-Series FCX-E or P owerConnect B-Series FCX-I devices to a stack containing Pow erConnect B-Seri es FCX-S devices, y ou must reconf igure the stacking por ts on the Po werConnect B-Series FCX-S de vices to be the 1 0 Gbps po[...]
-
Страница 153
PowerConnect B-Series FCX Configuration Guide 111 53-1002266-01 Building an IronStack 5 0 runts, 0 giants 0 packets output, 0 bytes, 0 underruns Transmitted 0 broadcasts, 0 multicasts, 0 unicasts 0 output errors, 0 collisions Relay Agent Information option: Disabled Changing PowerConnect B-Series FC X-S and PowerConnect B-Series FCXS-PowerConnect B[...]
-
Страница 154
112 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Building an IronStack 5 Secure-setup pr obe packets can be receiv ed by a def ault por t whether or not it is acting as a stacking por t. Stacking pack ets can be only receiv ed b y a stacking por t (which is also always a default por t). In ord er to use stacking por ts that are not d[...]
-
Страница 155
PowerConnect B-Series FCX Configuration Guide 113 53-1002266-01 Building an IronStack 5 NOTE Do not connect stacking ports to non-stacking por ts. Stacking por ts have a p roprietar y pack et format that render s them incompat ible with regular ports even when the y are forwarding regular pack ets. In linear topologies, mak e sure that end units ha[...]
-
Страница 156
114 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Building an IronStack 5 If you ent er an incorrect stack por t number , yo u will get an error similar to the f o llowing. PowerConnectconfig-unit-3)# stack-port 3/4/1 Error! port 3/4/1 is invalid PowerConnect(config-unit-3)# stack-port 3/2/1 T o return both por ts to stacking status, [...]
-
Страница 157
PowerConnect B-Series FCX Configuration Guide 115 53-1002266-01 Building an IronStack 5 Stack unit 3 Power supply 1 is up Stack unit 3 Power supply 2 is down Config changed due to add/del units. Do write mem if you want to keep it Election, was active, no role change, assigned-ID=1, total 3 units, my priority=128 PowerConnect# Config changed due to[...]
-
Страница 158
116 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Building an IronStack 5 Use the no form o f t he c omm an d to rever t to th e 4-by te E th ern et pr eam bl e. Verifying an IronStack configuration Verifying an PowerConnect B-Seri es FCX IronStack configuration The follo wing output shows an example configurat ion of an P owerConnect[...]
-
Страница 159
PowerConnect B-Series FCX Configuration Guide 117 53-1002266-01 Building an IronStack 5 P-ENGINE 1: type DB90, rev 01 ========================================================================== UNIT 4: SL 2: FCX-2XGC 2-port 16G Module (2-CX4) ========================================================================== UNIT 4: SL 3: FCX-2XG 2-port 16G [...]
-
Страница 160
118 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Managing your IronStack 5 Managing your IronStack Y our IronStack can be managed thr ough a single IP address. Y ou can manage the stack using this IP address ev en if you remo ve the Ac tive Controll er or any member from the stack. Y ou can also connect to the Activ e Controller thro[...]
-
Страница 161
PowerConnect B-Series FCX Configuration Guide 119 53-1002266-01 Managing your IronStack 5 on the Activ e Controller physical console port during a reload will no t be visible on the console ports of the stack members bec ause the remote c onnect ions are not established until the sof tware loading process is c omplete. It is pref erable to co nnect[...]
-
Страница 162
120 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Managing your IronStack 5 PowerConnect# rconsole 2 Connecting to unit 2... (Press Ctrl-O X to exit) rconsole-2@PowerConnect#show stack ID Type Role Mac Address Prio State Comment 2 S FCX624P standby 0012.f2e2.ba40 0 local Ready rconsole-2@PowerConnect# exit rconsole-2@PowerConnect> [...]
-
Страница 163
PowerConnect B-Series FCX Configuration Guide 121 53-1002266-01 Managing your IronStack 5 NOTE For hitless stacking failo ver , Dell recommends th at you configure the IronStack MAC address using the stack mac command. Without this configurati on, the MA C address of the stack will change to the new base MA C address of the Active Contr oller . Thi[...]
-
Страница 164
122 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Managing your IronStack 5 Fan 1 ok Fan 2 ok --More--, next page: Space, next line: Return key, quit: Control-c NOTE For field descriptions for the sho w chassis command, ref er to “Dis playing chassis inf o rmation” on page 133. Removing MAC address entries Y ou can remove the f ol[...]
-
Страница 165
PowerConnect B-Series FCX Configuration Guide 123 53-1002266-01 Managing your IronStack 5 IronStack unit priority A un it w it h a h igh er pri ori ty i s m ore likel y to b e el ec ted Ac tive Con trol ler . T he p rio rit y va lue can be 0 to 255 with a priority of 255 being the highest. The default priority value assigned t o the Activ e Control[...]
-
Страница 166
124 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Managing your IronStack 5 CLI command syntax CLI syntax that ref ers to stack units mu st contain all of the f ollowing parameters: <stack -unit>/<slotnum>/<por tnum> • <stack-unit> - If the device is operating as a standalo ne, the stack-unit wil l be 0 or 1.[...]
-
Страница 167
PowerConnect B-Series FCX Configuration Guide 125 53-1002266-01 Managing your IronStack 5 Stacking mode When a unit is stack-enabled or jo ins a stack either actively or passi vely , it reser ves priority queue 7 for stacking traf f ic control, assigns buffers f or th e stacking por ts, and configures the first two 1 0 Gbps por ts as stacking por t[...]
-
Страница 168
126 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Managing your IronStack 5 NOTE The two le f t por ts on the Four -por t 1 0Gbps SFP+ module do not pass regular Eth ernet traf fic by default. The stack disable command must be ente red at the global le vel and the stack disable command must be co nfigured on these two port s in order [...]
-
Страница 169
PowerConnect B-Series FCX Configuration Guide 127 53-1002266-01 Managing your IronStack 5 Available UPSTREAM units Hop(s) Type Mac Address 1 FCX624 0012.f2d5.2100 2 FCX624 001b.ed5d.9940 Available DOWNSTREAM units Hop(s) Type Mac Address 1 FCX624 001b.ed5d.9940 2 FCX624 0012.f2d5.2100 Do you accept the topology (RING) (y/n)?: n Available UPSTREAM u[...]
-
Страница 170
128 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Managing your IronStack 5 T o reverse the part itioning, reconnect all of the units into the original stack topology using the stacking por ts. This is the same as merging stacks . If the original Active Contr oller again has the highest priority , it will regain its role. If two part [...]
-
Страница 171
PowerConnect B-Series FCX Configuration Guide 129 53-1002266-01 Managing your IronStack 5 the stack MA C address changes. During this configur ed int er val, if the previo us Active Controller is reinstalled in the stack, the stack continues to use the MA C address of this unit, ev en though it may no longer be the Active Contr oller. If the previo[...]
-
Страница 172
130 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Managing your IronStack 5 priority 40 stack enable stack persistent-mac 60 T o display the stack MA C addresses, ent er the show stack command. PowerConnect(config)# show stack alone: standalone, D: dynamic config, S: static config ID Type Role Mac Address Prio State Comment 1 S FCX648[...]
-
Страница 173
PowerConnect B-Series FCX Configuration Guide 131 53-1002266-01 Managing your IronStack 5 • me - unconfigure this unit only • clean - remov es all star tup configu ration files incl uding v4 and v5 and m akes this a clean unit NOTE The stack unconf igure me command is available t o all un its, while stack unconfigure all and stack unconfigure &[...]
-
Страница 174
132 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Managing your IronStack 5 Compressed Pri Code size = 3034232, Version 05.0.00T7e1 (FCX05000.bin) Compressed Sec Code size = 2873523, Version 04.2.00aT7e1 (FCX04200a.bin) Compressed BootROM Code size = 403073, Version 03.0.00T7e5 Code Flash Free Space = 24117248 Stack unit 3: Compressed[...]
-
Страница 175
PowerConnect B-Series FCX Configuration Guide 133 53-1002266-01 Managing your IronStack 5 Dynamic memory: 238026752 bytes total, 182820504 bytes free, 23% used Stack unit 8: Total DRAM: 268435456 bytes Dynamic memory: 238026752 bytes total, 182811440 bytes free, 23% used PowerConnect# Syntax: show memory Ta b l e 2 5 describes the fields disp la y [...]
-
Страница 176
134 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Managing your IronStack 5 Fan 1 ok Fan 2 ok Exhaust Side Temperature Readings: Current temperature : 31.5 deg-C Warning level.......: 85.0 deg-C Shutdown level......: 90.0 deg-C Intake Side Temperature Readings: Current temperature : 32.0 deg-C Boot Prom MAC: 0012.f2db.e500 Syntax: sho[...]
-
Страница 177
PowerConnect B-Series FCX Configuration Guide 135 53-1002266-01 Managing your IronStack 5 S8:M2 FCX-1XG 1-port 16G Module (1-XFP) OK 1 0012.f2eb.d570 S8:M3 FCX-1XG 1-port 16G Module (1-XFP) OK 1 0012.f2eb.d571 PowerConnect(config)# Syntax: s how module Ta b l e 27 describes the fields displa yed in this output example. Displaying stack resource inf[...]
-
Страница 178
136 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Managing your IronStack 5 The show stack command displays general info rm ation abou t an IronStack, for all members, f or a specified member , and with addi tional detail if required. The f ollowing output co vers the ent ire stack. PowerConnect(config)# show stack alone: standalone, [...]
-
Страница 179
PowerConnect B-Series FCX Configuration Guide 137 53-1002266-01 Managing your IronStack 5 Ta b l e 3 0 describes the output fr om the show st ack detail command (in addition to the show sta ck command fields shown in the previous table). Displaying stack flash information Use the show st ack flash command t o display inf ormation abou t flash memor[...]
-
Страница 180
138 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Managing your IronStack 5 Syntax: show stack flash Displaying stack rel-IPC statistics Use the show stack rel-ipc stats command to displa y session statistics for stack units. PowerConnect# show stack rel-ipc stats Reliable IPC statistics: Global statistics: Pkts rcvd w/no session: 2 M[...]
-
Страница 181
PowerConnect B-Series FCX Configuration Guide 139 53-1002266-01 Managing your IronStack 5 Msgs sent: 0, Msgs received: 0 Atomic batches sent: 0, Atomic batches received: 0 Pkts sent: 1, Pkts received: 6 Msg bytes sent: 0, Msg bytes received: 0 Pkt bytes sent: 12, Pkt bytes received: 72 Flushes requested: 0, Suspends: 0, Resumes: 0 Packets sent with[...]
-
Страница 182
140 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Managing your IronStack 5 Session state: established (last established 31 minutes 11 seconds ago) Connections established: 1 Remote resets: 0, Reset packets sent: 0 Connection statistics (for current connection, if established): Msgs sent: 955, Msgs received: 489 Atomic batches sent: 0[...]
-
Страница 183
PowerConnect B-Series FCX Configuration Guide 141 53-1002266-01 Managing your IronStack 5 Pkts sent: 8, Pkts received: 13 Msg bytes sent: 123, Msg bytes received: 20V Pkt bytes sent: 232, Pkt bytes received: 296 Flushes requested: 2, Suspends: 0, Resumes: 0 Packets sent with data (DAT), ACKs, and window updates (WND) Other: 5, ACK: 1, WND: 0, ACK+W[...]
-
Страница 184
142 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Managing your IronStack 5 Other: 1, ACK: 0, WND: 0, ACK+WND: 0 DAT: 0, DAT+ACK: 0, DAT+WND: 0, DAT+ACK+WND: 0 Data retransmits done: 0, Zero-window probes sent: 0 Dup ACK pkts rcvd: 7, Pkts rcvd w/dup data: 0 Pkts rcvd w/data past window: 0 Session statistics, unit 3, channel 3: Sessio[...]
-
Страница 185
PowerConnect B-Series FCX Configuration Guide 143 53-1002266-01 Managing your IronStack 5 Ta b l e 3 2 describes the output fr om the show st ack neighbors command. Displaying stack port information The show stack stack-por ts command displays inf ormatio n about stack por t status. Syntax: show stack stack-ports Ta b l e 3 3 describes the output f[...]
-
Страница 186
144 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Managing your IronStack 5 module 3 FCX-xfp-1-port-16g-module priority 128 stack enable ! Syntax: show runni ng-config Ta b l e 3 4 describes the output fr om the show running-config command. Displaying configur ed stacking ports The stacking por ts may displa y in the output fr om the [...]
-
Страница 187
PowerConnect B-Series FCX Configuration Guide 145 53-1002266-01 Managing your IronStack 5 (3054675 bytes) from Primary FCX05000.bin BootROM: Version 04.0.00T7e5 (FEv2) HW: Chassis FCX648 ========================================================================== STACKID 1: SL 1: FCX-24G 24-port Management Module Serial #: PR11060248 P-ASIC 0: type D[...]
-
Страница 188
146 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Managing your IronStack 5 Syntax: show interfaces stack-por ts Ta b l e 3 5 describes the fields displa yed by the sho w i nterfaces stack-por ts comm and. Displaying stacking port statistics The show statistics stack-por ts command displays inf orma tion ab out all stacking por ts in [...]
-
Страница 189
PowerConnect B-Series FCX Configuration Guide 147 53-1002266-01 Managing your IronStack 5 Syntax: show statistics stack-ports Ta b l e 3 6 describes the fields displa yed by the sho w s tatistics stack-por ts command. Adding, removing, or replac ing units in an IronStack The f ollowing sections describe ho w to add, re mo ve, or replace units in an[...]
-
Страница 190
148 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Managing your IronStack 5 • If the Activ e Controller has configuration information for a ne w unit, and it matches the base module (module 1) of the new unit, no action is necessar y . If conf iguration information for non-base modules on the ne w unit does not matc h the inf ormati[...]
-
Страница 191
PowerConnect B-Series FCX Configuration Guide 149 53-1002266-01 Managing your IronStack 5 NOTE Adding, removing or replacing a stack unit which is not at the end of linear topology may cause the other units in the stack to reset if these units lo se their path to the Ac tive Controller during the process. A dding or removing a unit in a ring t o po[...]
-
Страница 192
150 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Managing your IronStack 5 2 6 FCX624 001b.ed5d.9940 Do you accept the unit ids? (y/n)?: n Enter an unused id for the UPSTREAM FCX623 unit a 1 hop(s) (1-8)[5]: 2 Enter an unused id for the UPSTREAM FCX624 unit at 2 hop(s) (1-8) [6]: 3 PowerConnect# Election, was active, no role change, [...]
-
Страница 193
PowerConnect B-Series FCX Configuration Guide 151 53-1002266-01 Troubleshooting an IronStack 5 Syslog, SNMP, and traps Syslog messages from stack units are f or warded t o , and can be vie wed from, the A ctive Contr oller. All stack units suppor t SNMP gets, sets, and traps , which are managed b y the Active Contr oller. An SNMP trap is sent from [...]
-
Страница 194
152 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Troubleshooting an IronStac k 5 Troubleshooting an unsuccessful stack build If you are unable t o build a stack, (for e xample, the show stack command does not display any stack units) , per form the follo wing steps. 1. Ente r t he show run command on each u nit to make sure the confi[...]
-
Страница 195
PowerConnect B-Series FCX Configuration Guide 153 53-1002266-01 Troubleshooting an IronStack 5 If the send message types: field is empty , it means that stack enable has not been configured. If the number of R ecv IPC packets increases, but there are no Recv message types, th en the pack ets are being dropped f or various reasons, in cluding the wr[...]
-
Страница 196
154 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Stack mismatches 5 Stack mismatches When a stack mismatch occurs, the Active Co ntroller can put any stack member int o a non-operational state, which dis ables all of the po r ts except the stacking ports. Stack mismatches can occur for a variety of reasons, which are discussed in thi[...]
-
Страница 197
PowerConnect B-Series FCX Configuration Guide 155 53-1002266-01 Image mismatches 5 Major mismatch A major mismatch indicates an Interprocessor Communications (IPC)-related data structure change, or an election algorithm change, or that a v ersion of the sof tware that does not support stacking is installed on a unit. This can happe n when the softw[...]
-
Страница 198
156 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Image mismatches 5 Configuration mismatches can happen during manual setups, or when moving a unit fr om one stack to another stack. Secure-setup will try to o verw rite a configuration mismatch even if the configuration is stat ic. The ov er write attem pt ma y fail if there are mul t[...]
-
Страница 199
PowerConnect B-Series FCX Configuration Guide 157 53-1002266-01 Image mismatches 5 PowerConnectt# show running config stack unit 1 module 1 FCX-24-port-management-module module 3 FCX-cx4-2-port-16g-module module 4 FCX-xfp-2-port-16g-module priority 128 stack unit 2 module 1 FCX-24-port-management-module module 3 FCX-xfp-2-port-16g-module stack unit[...]
-
Страница 200
158 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 More about IronStack technology 5 If secure-setup times out (this may happen due to inactivity), you will not be able t o make any changes in your confi guration or stack topology until you restar t the session by entering the stack secure-setup com mand. The unit disco ver y process i[...]
-
Страница 201
PowerConnect B-Series FCX Configuration Guide 159 53-1002266-01 More about IronStack technology 5 will recov er their original st a r t up -c o nf i g. tx t files and reboot as standalone device s. If you enter the stack unconfigure all command from the A ctive Contr oller all devices will reco ver their old sta r t up - co nf i g. tx t files and b[...]
-
Страница 202
160 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 More about IronStack technology 5 • Active Controller • Standby Contr oller • Stack member Active Controller The Active Contr oller contains the saved and running configuration files for each stack member . The configuration files include the syst em-level settings for the stack,[...]
-
Страница 203
PowerConnect B-Series FCX Configuration Guide 161 53-1002266-01 More about IronStack technology 5 Example My stack unit ID = 1, bootup role = active My stack unit ID = 3, bootup role = standby Active Controller and St andby Controller elections Whenev er there is a topology change in the stack (a reset, unit failure, or the addition or remo val of [...]
-
Страница 204
162 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 PowerConnect B-Series FCX hitless stacking 5 Standby Controller election criteria The Standby Co ntroller election is based on the f ollowing criteria. 1. The highest priority 2. Bootup as Active Controller 3. Bootup as Stand by Controller 4. The lowest boot ID 5. The lowest MA C addre[...]
-
Страница 205
PowerConnect B-Series FCX Configuration Guide 163 53-1002266-01 PowerConnect B-Series FCX hitless stacking 5 Supported events The following ev ents are suppor ted by hitless stac king: • Fai l ove r • Switchov er • Priority change • Rol e ch an ge Non-supported events The f ollowing events are no t suppor ted b y hitless st acking. These ev[...]
-
Страница 206
164 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 PowerConnect B-Series FCX hitless stacking 5 TA B L E 37 Hitless-suppor ted services and prot ocols – Po werConnect B-Series FCX Traffic type Supporte d prot ocols and services Impact Lay er 2 switched traf fic, including unicast and multicas t + System-le vel + Lay er 4 • 802. 1p [...]
-
Страница 207
PowerConnect B-Series FCX Configuration Guide 165 53-1002266-01 PowerConnect B-Series FCX hitless stacking 5 Configuration notes and feature limitations • For hi tless stacking on t he Po werConnect B-Series FCX, Dell recommends that yo u configure the IronStack MA C address using the stack mac command. Without this configuration, the MA C addres[...]
-
Страница 208
166 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 PowerConnect B-Series FCX hitless stacking 5 (for e xample, a personal comput er) pinging th e stack might encount er a long dela y depending on the client MAC aging time. The client won’t work until it ages out the old MA C address and sends ARP requests to relearn the ne w stack MA[...]
-
Страница 209
PowerConnect B-Series FCX Configuration Guide 167 53-1002266-01 PowerConnect B-Series FCX hitless stacking 5 • Hardware Ab straction Layer (HAL) – This includes the prefix-based routing table, next hop information f or outgo ing interfaces, and tunnel information. • Lay er 3 IP f or warding information – This includes the routing table, IP [...]
-
Страница 210
168 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 PowerConnect B-Series FCX hitless stacking 5 Standby Controller role in hitless stacking In sof tware releases that do not suppor t hitless stacking, the Standby Contr oller functions as a dummy de vice, meaning it provides limi t ed access to the CLI, such as show , stack , and a fe w[...]
-
Страница 211
PowerConnect B-Series FCX Configuration Guide 169 53-1002266-01 PowerConnect B-Series FCX hitless stacking 5 When the Standby Controller is fully synchro n ized, the syst em will be ready for a switcho ver or fai lover. Runtime configuration mismatch In some cases, such as a runtime configuratio n mismatch b etween the A ctive Cont roller and candi[...]
-
Страница 212
170 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 PowerConnect B-Series FCX hitless stacking 5 Figure 15 illustrates hitless stacking suppor t du ring stack f ormation. Operational stages 1 and 2 are also shown in this illustration. FIGURE 1 5 Hitless stacking s uppor t during stack formation St a ndby become s Active immedi a tely, n[...]
-
Страница 213
PowerConnect B-Series FCX Configuration Guide 171 53-1002266-01 PowerConnect B-Series FCX hitless stacking 5 Figure 16 illustrates hitless stacking suppor t during a stack m erge. FIGURE 1 6 Hitless stacking suppo rt during a st ack merge Active 1 (pri=30) Standby 2 (pri=20) Member 3 (pri=10) Member 4 (pri=0) Member 1 (pri=30) Member 2 (pri=20) Mem[...]
-
Страница 214
172 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 PowerConnect B-Series FCX hitless stacking 5 Figure 1 7 illustrates hitless stacking suppor t in a stack split. FIGURE 1 7 Hitless stacking support in a stack split 1 1 The s t a ck s plit s into one oper a ti on a l s t a ck a nd two “orph a n” u nit s . 1 T he s t a ck s plit s i[...]
-
Страница 215
PowerConnect B-Series FCX Configuration Guide 173 53-1002266-01 PowerConnect B-Series FCX hitless stacking 5 Hitless stacking default behavior Hitless stacking is dis abled by default. When disabled, the follo wing li mitations are in ef fect: • If a failo ver occurs, e ver y unit in the stack will reload • Manual switchov er is not al lowed. I[...]
-
Страница 216
174 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 PowerConnect B-Series FCX hitless stacking 5 Enabling hitless stacking Hitless stacking is disabled by default. T o enable it, enable hitless failover as described in “Enabling hitless failover” on page 1 75. Displaying hitless stacking status Y ou can use the show stack command to[...]
-
Страница 217
PowerConnect B-Series FCX Configuration Guide 175 53-1002266-01 PowerConnect B-Series FCX hitless stacking 5 Syntax: show stack Hitless stacking failover Hitless stacking failov er pro vides automatic failo ver from th e Active Contro ller to the Standby Controller without resetting any of the units in th e stack and with sub-second or no packet lo[...]
-
Страница 218
176 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 PowerConnect B-Series FCX hitless stacking 5 Hitless stacking failover example Figure 18 illustrates hitless stacking failover operation when the Activ e Controller fails. FIGURE 1 8 Hitless stacking f ailover when the Activ e Controller fails Hitless stacking switchover Hitless stacki[...]
-
Страница 219
PowerConnect B-Series FCX Configuration Guide 177 53-1002266-01 PowerConnect B-Series FCX hitless stacking 5 For a description this feature’s impact t o major system functions, ref er to Ta b l e 37 on page 1 64. For e xamples of hit less stacking switcho ver operation, ref er to “Hi tless stacking switcho ver exa mp le s” on page 1 78. Execu[...]
-
Страница 220
178 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 PowerConnect B-Series FCX hitless stacking 5 Hitless stacking switchover examples This section illustrates hitless stacking failov er and switchov er operation during a CLI-driven switchov er or priority chan ge. Figure 19 illustrates a hitless stacking switchov er triggered by the sta[...]
-
Страница 221
PowerConnect B-Series FCX Configuration Guide 179 53-1002266-01 PowerConnect B-Series FCX hitless stacking 5 Figure 20 illustrates a hitless stacking switchov er when the Active Contr oller goes down then comes back up. The stack in this e x ample has user-configured prio rities. FIGURE 20 Hitless stacking switch over when the A ctive Controller co[...]
-
Страница 222
180 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 PowerConnect B-Series FCX hitless stacking 5 Figure 21 illustrat es a hitless stacki ng switchov er af ter the netw ork administrator increases the priority value of t he Standby Controller. FIGURE 2 1 Scenario 1 – Hitless stacking sw itchover after a priority chan ge 1 1 1 1 120 s e[...]
-
Страница 223
PowerConnect B-Series FCX Configuration Guide 181 53-1002266-01 PowerConnect B-Series FCX hitless stacking 5 Figure 22 illustrates a hitless stacking switchov er af ter the netw ork administrator increases the priority value of one of the stack members. FIGURE 22 Scenario 2 – Hitless stacking sw itchover after a priority change 1 1 1 1 Priority 2[...]
-
Страница 224
182 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 PowerConnect B-Series FCX hitless stacking 5 Figure 23 illustrates a hitless stacking switchov er af ter the netw ork administrator increases the priority value f or two of the stack member s. FIGURE 23 Scenario 3 – Hitless stacking sw itchover after a priority change No t a ll o w e[...]
-
Страница 225
PowerConnect B-Series FCX Configuration Guide 183 53-1002266-01 PowerConnect B-Series FCX hitless stacking 5 Displaying information about hitless stacking Use the show stack command t o view info rmation per tinent to a hitless stacking switchov er or failo ver . The command output illustrates the Ac tive and Standby Contr ollers, as well as the re[...]
-
Страница 226
184 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 PowerConnect B-Series FCX hitless stacking 5 T o view the S y st em log or the traps logged on an SNMP trap rec eiver , enter the show log command at any le vel of the CLI. The following e xample output shows what the lo g might look like after a switchov er or assi gnment of the Stand[...]
-
Страница 227
PowerConnect B-Series FCX Configuration Guide 185 53-1002266-01 PowerConnect B-Series FCX hitless stacking 5 Syntax: debug stacki ng sync_rel_msg < num > PowerConnect# debug stacking sync_rel_msg 4 stk_sync_trunk_mapping:sending trunk mapping... start running config sync sync_cdb:send cdb:sess = 0, pBuf = 2132f068 sync_cdb:send cdb:sess = 0, [...]
-
Страница 228
186 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 PowerConnect B-Series FCX hitless stacking 5[...]
-
Страница 229
PowerConnect B-Series FCX Configuration Guide 187 53-1002266-01 PowerConnect B-Series FCX hitless stacking 5[...]
-
Страница 230
188 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 PowerConnect B-Series FCX hitless stacking 5[...]
-
Страница 231
PowerConnect B-Series FCX Configuration Guide 189 53-1002266-01 Chapter 6 Monitoring Hardware Components Ta b l e 3 9 lists the individual Dell Po werConnect swit ches and the har dware monit oring features they support. The procedures in this chapt er describe how to configure the software to monit or hardware components . Virtual cable testing Po[...]
-
Страница 232
190 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Virtual cable testing 6 Syntax: phy cable-diag tdr <port> Specify the <por t> v a ri a b l e i n th e fo l l ow in g fo r m a ts : • Po werConnect B-Series FCX stackable switches – <s tack-unit/slotnum/portnum> Viewing the results of the cable analysis T o display[...]
-
Страница 233
PowerConnect B-Series FCX Configuration Guide 191 53-1002266-01 Supported Fiber Optic Transceivers 6 Specify the <por t> v a ri a b l e i n th e fo l l ow in g fo r m a ts : • Po werConnect B-Series FCX stackable switches – <s tack-unit/slotnum/portnum> Ta b l e 41 defines the fields shown in the command output. Supported Fiber Opti[...]
-
Страница 234
192 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Digital optical monitoring 6 Digital optical monitoring Y ou can configure your Br ocade device t o monitor op tical transceiv ers in the system, either globally or by spec ified por ts. When this f eature is en abled, the syst em will mo nitor the t emperature and signal power lev els[...]
-
Страница 235
PowerConnect B-Series FCX Configuration Guide 193 53-1002266-01 Digital optical monitoring 6 Use the no f orm of the command t o disa ble digital optical monitoring. Setting the alarm interval Y ou can optionally change the int er val between which alarms and w arning messages are sent. The default int er val is three minutes. T o ch ange the int e[...]
-
Страница 236
194 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Digital optical monitoring 6 Port 24: Type : 1G M-C Port 25: Type : 10G XG-SR(XFP) Vendor: Brocade Communications Inc. Version: 02 Part# : JXPR01SW05306 Serial#: F617604000A3 Port 26: Type : EMPTY Use the show me dia slot command to obtain information about the media device installed i[...]
-
Страница 237
PowerConnect B-Series FCX Configuration Guide 195 53-1002266-01 Digital optical monitoring 6 Normal Normal Normal Normal Syntax: show optic < port-number > NOTE The show optic function tak es advantage of inf ormation st ored and supplied b y the manufacturer of the XFP or SFP transceiver . This information is an optional f eature of the Mult[...]
-
Страница 238
196 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Digital optical monitoring 6 Viewing optical transceiver thre sholds The thresholds that det ermine th e alarm status values for an optical transceiver are set by the manufacturer of the XFP or SFP . T o view the th resholds f or a qualified optical transceiver in a par ticular por t, [...]
-
Страница 239
PowerConnect B-Series FCX Configuration Guide 197 53-1002266-01 Chapter 7 Configuring IPv6 Management on PowerConnect B-Series FCXSwitches Ta b l e 4 5 lists the individual Dell Po werConnect switch es and the IPv6 manage ment features they suppor t. NOTE The following table only shows the IPv6 management f eatu res that are suppor t ed . F ull IPv[...]
-
Страница 240
198 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 IPv6 management overview 7 This chapter describes the I Pv6 management features, including command syntax and management examples. IPv6 management overview IPv6 was design ed to replace IPv4, the Internet protocol that is most commo nly used currentl y throughout the world. IPv6 increa[...]
-
Страница 241
PowerConnect B-Series FCX Configuration Guide 199 53-1002266-01 IPv6 management features 7 • The hexadecimal letters in IPv6 addresses are not case-sensitive As shown in Figure 25 , the IPv6 ne twork prefix is c omposed of the left-most bits of the address. As with an IPv4 address, y ou can specify the IPv6 prefix using the <p refix> / <[...]
-
Страница 242
200 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 IPv6 management features 7 IPv6 debug The debug ipv6 commands enable the collection of information about IPv6 configuration s f or troubleshooting. Syntax: debug ipv6 <addre ss> <cache> <icmp> <mld> <nd> <packet> <ra> • address - IPv6 addres [...]
-
Страница 243
PowerConnect B-Series FCX Configuration Guide 201 53-1002266-01 IPv6 management features 7 Restricting Web management access to an IPv6 host Y ou can specify a single device with an IPv6 address to ha ve Web management access t o the host devic e. No other de vice except the one with the specified IPv6 address can access the W eb Management Interfa[...]
-
Страница 244
202 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 IPv6 management features 7 AAAA DNS records are analogous to the A DNS recor ds used with IPv4. They st ore a complete IPv6 address in each record. AAAA re cords hav e a type value of 28. T o establish an IPv6 DNS entry for th e de vice, enter the f ollowing command. PowerConnect(confi[...]
-
Страница 245
PowerConnect B-Series FCX Configuration Guide 203 53-1002266-01 IPv6 management features 7 • The size <b ytes> paramet er specif ies the size of the ICMP data por tion of the packet. This is the pa yload and does not include the header . Y o u can specify fr om 0 - 1 01 73. The default is 16 . • The no-fragment ke yword turns on the "[...]
-
Страница 246
204 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 IPv6 management features 7 Syntax: snmp-s er ver host ipv6 <ipv6-address> The <ipv6-address> you specify must be in hexadecimal format using 1 6-bit values between colons as document ed in RFC 23 73. Secure Shell, SCP, and IPv6 Secure Shell (SSH) is a mechanism th a t a l l[...]
-
Страница 247
PowerConnect B-Series FCX Configuration Guide 205 53-1002266-01 IPv6 management commands 7 IPv6 traceroute The tracerout e command allows you to trace a path from the Dell P owerConnect de vice to an IPv6 host. The CLI displa ys trace rout e information f or each hop as soon as the information is receiv ed. T racer oute requests di splay all resp o[...]
-
Страница 248
206 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 IPv6 management commands 7[...]
-
Страница 249
PowerConnect B-Series FCX Configuration Guide 207 53-1002266-01 Chapter 8 Configuring Spanning Tree Protocol (STP) Related Features Ta b l e 4 6 lists the individual Dell Po werConnect swit ches and the S panning T ree Prot ocol (STP) fe atures they suppor t. STP overview The Spanning T re e Prot ocol (STP) eliminates La yer 2 loo ps in networks, b[...]
-
Страница 250
208 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring standard STP parameters 8 Configuring standard STP parameters Lay er 2 Switches and La yer 3 Switches suppor t standard S TP as described in the IEEE 802. 1D specification. STP is enabled by default on La yer 2 Switches but disabled by default on Lay er 3 Switches. By defau[...]
-
Страница 251
PowerConnect B-Series FCX Configuration Guide 209 53-1002266-01 Configuring standard STP parameters 8 NOTE If yo u pl a n to ch a n ge ST P br i d ge t im e r s , D e l l r e c o mmends that you stay within the f ollowing ranges, from section 8. 10.2 of th e IEEE S TP specification. 2 * (f or ward_dela y -1) >= max_age max_age >= 2 * (hel lo_[...]
-
Страница 252
210 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring standard STP parameters 8 NOTE The CLI con ver ts the S TP groups int o topology gr oups when you sa ve the configuration. F or backwar d compatibility , you can still use the S TP group co mmands. Howe ver , the CLI conv er ts the commands into the t opology group syntax. [...]
-
Страница 253
PowerConnect B-Series FCX Configuration Guide 211 53-1002266-01 Configuring standard STP parameters 8 Changing STP bridge p arameters NOTE If yo u pl a n to ch a n ge ST P br i d ge t im e r s , D e l l r e c o mmends that you stay within the f ollowing ranges, from section 8. 10.2 of th e IEEE S TP specification. 2 * (f or ward_dela y -1) >= ma[...]
-
Страница 254
212 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring standard STP parameters 8 Changing STP port parameters T o change the path and priority costs f or a por t, enter commands suc h as the following. PowerConnect(config)#vlan 10 PowerConnect(config-vlan-10)#spanning-tree ethernet 5 path-cost 15 priority 64 Syntax: spa nning-t[...]
-
Страница 255
PowerConnect B-Series FCX Configuration Guide 213 53-1002266-01 Configuring standard STP parameters 8 Enabling STP protection Y ou can enable STP Pr otection on a per -por t basis. T o prevent a n end station from initiating or par ticipating in STP topology changes, ent er the follo wing command at the Inter face le vel of the CLI. PowerConnect#(c[...]
-
Страница 256
214 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring standard STP parameters 8 If you enter the sho w stp-prot ect command f or a por t that does not hav e STP pro tection enabled, the fo llowing message displa ys on the console. Syntax: show stp-pro tect [ ethernet <por t> ] Specify the <por t> v a ri a b l e i n[...]
-
Страница 257
PowerConnect B-Series FCX Configuration Guide 215 53-1002266-01 Configuring standard STP parameters 8 Displaying STP informat ion for an en tire device T o display S TP information, enter the f o llowing command at any le vel of the CLI. Syntax: show span [ vlan <vlan-id> ] | [ p vst-mode ] | [ <num> ] | [ detail [ vlan <vlan-id> [...]
-
Страница 258
216 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring standard STP parameters 8 TA B L E 5 0 CLI display of S TP information This field... Displays... Global STP parameters VLAN ID The port-based VLAN that contains this sp anning tree (instance of S TP). VLAN 1 is the default VLA N. If you have not configured por t-base d VLAN[...]
-
Страница 259
PowerConnect B-Series FCX Configuration Guide 217 53-1002266-01 Configuring standard STP parameters 8 Displaying CPU uti lization statistics Y ou can display CPU utilization statistics fo r STP and the IP pro tocols. T o display CPU utilization statistics for S TP for the previous one-second, one-minute, five-minute, and fifteen-minute int er vals,[...]
-
Страница 260
218 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring standard STP parameters 8 T o display utilization statistics for a specific number of seconds, enter a command such as the following. When you specify ho w many seconds’ worth of statistics you want to displa y , the sof tware selects the sample that most closely matches [...]
-
Страница 261
PowerConnect B-Series FCX Configuration Guide 219 53-1002266-01 Configuring standard STP parameters 8 Syntax: show vlan [ <vlan-id> | ethernet < por t > ] The <vlan-id> parameter specifies a VLAN f or which you want to display the configuration information. The ethernet <p or t> parameter specifies a por t. If you use this p[...]
-
Страница 262
220 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring standard STP parameters 8 If a por t is disabled, the only information shown by this command is “DISABLED”. If a port is enabled, this display sho ws the following information. Syntax: show span detail [ vlan <vlan-id> [ ethernet <por t> | <num> ] The [...]
-
Страница 263
PowerConnect B-Series FCX Configuration Guide 221 53-1002266-01 Configuring standard STP parameters 8 Displaying detailed STP information fo r a single port in a specific VLAN Enter a command s uch as the following to displa y STP info rmation for an individual port in a specific VLAN. Port number and S TP state The internal por t number and the po[...]
-
Страница 264
222 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring standard STP parameters 8 Syntax: show span detail [ vlan <vlan-id> ethernet < port > Specify the <por t> v a ri a b l e i n th e fo l l ow in g fo r m a ts : • Po werConnect B-Series FCX stackable switches – <s tack-unit/slotnum/portnum> Display[...]
-
Страница 265
PowerConnect B-Series FCX Configuration Guide 223 53-1002266-01 Configuring STP related features 8 In the e xample above, o nly one por t, 3/11, is forwarding traffic to ward the r oot bridge. Configuring STP related features S TP feat ures ext end the operat ion of standar d ST P , enabling you to fine tune standard STP and av oid some of its limi[...]
-
Страница 266
224 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring STP related features 8 • Fast P or t Span eliminates unnecessar y MAC cache aging that can be caused by topol ogy change notifications. Bridgin g devices age out the learned MA C addresses in their MAC caches if the addresses are unrefreshed f or a given pe riod of time ,[...]
-
Страница 267
PowerConnect B-Series FCX Configuration Guide 225 53-1002266-01 Configuring STP related features 8 T o ex clu de a set of ports fr om Fast Por t Span, enter commands such as the f ollowing. PowerConnect(config)#fast port-span exclude ethernet 1 ethernet 2 ethernet 3 PowerConnect(config)#write memory T o ex clude a contig uous (unbr oken) rang e of [...]
-
Страница 268
226 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring STP related features 8 NOTE T o avoi d t he pote nt ia l for temp or ar y b rid g ing lo op s, recommends that y ou use the Fast Uplink f eature only for wiring closet switches (switches at the edge of the ne twork cloud). In addition, enable the fe ature only on a group of[...]
-
Страница 269
PowerConnect B-Series FCX Configuration Guide 227 53-1002266-01 Configuring STP related features 8 When the original working trunk group comes back (p ar tially or fully), the transition back to the original t opology is accelerat ed if the cond itions listed above are met. Configuring a Fast Uplink Port Group T o configure a group of ports for Fas[...]
-
Страница 270
228 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring STP related features 8 • Classic or legac y 802. 1D STP prot oc ol requires a newly selected Root por t to go through listening and learning stages before traffic co nvergence can be ac hieved. The 802. 1D traf fic conv ergence time is calculat ed using the follo wing for[...]
-
Страница 271
PowerConnect B-Series FCX Configuration Guide 229 53-1002266-01 Configuring STP related features 8 Assignment of port roles At syst em star t-up, all 802. 1W-enabled bridge po rt s assume a Designated r ole. Once star t-up is complete, the 802. 1W algorithm calculates the supe riority or inf eriority of the RST BPDU that is received and transmitt e[...]
-
Страница 272
230 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring STP related features 8 FIGURE 26 Simple 802.1W t opology Ports on Switch 1 All por ts on Switch 1, the root bridge, are assigned Designat ed por t roles. Ports on Switch 2 Port2 on Switch 2 directly connects t o the ro ot bridge; the refore, Po r t2 is the R oot por t. The [...]
-
Страница 273
PowerConnect B-Series FCX Configuration Guide 231 53-1002266-01 Configuring STP related features 8 Edge ports and ed ge port roles The Dell implementation o f 802.1 W allows por ts th at are configured as Edge ports to be present in an 802. 1W topolo gy . ( Figure 2 7 ). Edge por ts are por ts of a bridge that connect t o workstations or comput ers[...]
-
Страница 274
232 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring STP related features 8 NOTE Configuring shared media or non-point-to-point link s as point-to-point links co uld lead to Layer 2 loops. The topology in Figure 28 is an e xample of shared media th at should no t be configured as point-to-point links. In Figure 28 , a por t o[...]
-
Страница 275
PowerConnect B-Series FCX Configuration Guide 233 53-1002266-01 Configuring STP related features 8 Edge port and non-ed ge port states As soon as a port is configured as an Edg e por t using the CLI, it goes into a f or warding stat e instantly (in less than 1 00 msec). When the link to a por t comes up and 802. 1W detec ts that the por t is an Edg[...]
-
Страница 276
234 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring STP related features 8 In contrast to the 802. 1D standard, the 802. 1W stan dard does not hav e any bridge specif ic timers. All timers in the CLI are applied on a per -por t basi s, ev en though they are config ured under bridge parameters. 802. 1W state machines attempt [...]
-
Страница 277
PowerConnect B-Series FCX Configuration Guide 235 53-1002266-01 Configuring STP related features 8 NOTE Proposed will ne ver be asser ted if the por t is connected on a shared media link. In Figure 29 , Port3/Switch 200 is elected as the Ro ot por t FIGURE 29 Proposing and proposed stage • Sync – Once the R oot por t is elected, it sets a sync [...]
-
Страница 278
236 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring STP related features 8 FIGURE 30 Sync stage • Synced – Once the Designat ed por t ch anges into a discarding stat e, it asser ts a synced signal. Immediat ely, Alternate p or ts and Back up port s are synced. The Root port monitors the synced signals from all the bridge[...]
-
Страница 279
PowerConnect B-Series FCX Configuration Guide 237 53-1002266-01 Configuring STP related features 8 FIGURE 3 1 Synced stage • Agreed – The Root por t sends back an RST BPDU containing an ag reed flag to its peer Designated po r t and mo ves into the forwarding stat e. When the peer Designated po r t receives the RST BPDU, it rapidly transitions [...]
-
Страница 280
238 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring STP related features 8 FIGURE 32 Agre e st age At this point, the handshak e mechanism is comp lete be tween Switch 1 00, the root bridge, and Switch 200. Switch 200 updates the inf ormat ion on the Swit ch 200 Designat ed por ts (Port2 and Por t3) and identifies the new r [...]
-
Страница 281
PowerConnect B-Series FCX Configuration Guide 239 53-1002266-01 Configuring STP related features 8 FIGURE 33 Addition of a new root bridge The handshak e that occurs between Switch 60 and Switch 100 f o llows the one described in the previous section ( “Handshak e when no root port is elected” on page 234). The former r oot bridge becomes a non[...]
-
Страница 282
240 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring STP related features 8 FIGURE 34 New root bridge sending a proposal f lag • Sync and Reroot – The Roo t por t then asser ts a sync and a rer oot signal on all the por ts on the bridge. The signal t ells the por ts that a new R oot por t has been assigned and they are to[...]
-
Страница 283
PowerConnect B-Series FCX Configuration Guide 241 53-1002266-01 Configuring STP related features 8 FIGURE 35 Sync and reroot • Sync and R erooted – When the por ts on Switch 200 ha ve comple ted the rer oot phase, the y assert their reroo ted signals and continue to asser t their sync sign als as they co ntinue in their discarding stat es. They[...]
-
Страница 284
242 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring STP related features 8 FIGURE 36 Sync and rerooted • Synced and Agree – When all the ports on the bridge asser t their synced signals, the new R oot por t asser ts its own synced signal and sends an RST B PDU to Port4/Switch 60 that contains an agreed flag ( Figure 36 )[...]
-
Страница 285
PowerConnect B-Series FCX Configuration Guide 243 53-1002266-01 Configuring STP related features 8 FIGURE 3 7 Rer ooted, sy nced, and agreed The old Root por t on Switch 2 00 becomes an Al ternat e Por t ( Figure 38 ). Other por ts on that bridge are elect ed to appropriat e roles. The Designat ed por t on Switch 60 goes into a forwarding stat e on[...]
-
Страница 286
244 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring STP related features 8 FIGURE 38 Handshake comple ted after election of new root port Recall that Switch 200 sent the ag reed flag t o Por t4/Switch 60 and no t to Port1/Switch 100 (the por t that connects Switch 1 00 to Switch 20 0). Therefore, P or t1/Switch 100 does not [...]
-
Страница 287
PowerConnect B-Series FCX Configuration Guide 245 53-1002266-01 Configuring STP related features 8 FIGURE 39 Convergence between two bridges At po wer up, all por ts on Switch 2 and Switch 3 a ssume Designat ed por t roles and are at discar ding states bef ore they receive an y RST BPDU . Port3/Switch 2, with a Designated r ole, transm its an RST B[...]
-
Страница 288
246 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring STP related features 8 FIGURE 40 Simple Layer 2 t opology The point-to-point co nnections between the three bridges are as follows: • Port2/Switch 1 and Por t2/Switch 2 • Port4/Switch 1 and Por t4/Switch 3 • Port3/Switch 2 and Por t3/Switch 3 Ports 3 and 5 on Switch 1[...]
-
Страница 289
PowerConnect B-Series FCX Configuration Guide 247 53-1002266-01 Configuring STP related features 8 Now , Port 3/Switch 3 is currently in a discarding state and is negotiating a port role. It receiv ed RST BPDUs from Por t3/Switch 2. The 802.1W algorithm determines that the RST BPDUs Por t3/Switch 3 received are superior to those it can trans mit; h[...]
-
Страница 290
248 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring STP related features 8 FIGURE 42 Link failure in the topology Switch 1 sets its Port2 into a discarding state. At the same time, Switch 2 assumes the role of a r oot bridge since it s root port failed and it has no operational Alternat e por t. Por t3/Switch 2, whic h curre[...]
-
Страница 291
PowerConnect B-Series FCX Configuration Guide 249 53-1002266-01 Configuring STP related features 8 When Port2/Switch 2 receives the RS T BPDUs, 8 02. 1W algorithm determines that the RS T BPDUs the por t receiv ed are better than those receiv ed on Port3/Switch 3; therefore, P or t2/Switch 2 is given the r ole of a Roo t por t. All the por ts on Sw[...]
-
Страница 292
250 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring STP related features 8 Convergence in a complex 802.1W topology The following is an e xampl e of a complex 802. 1W topology . FIGURE 43 Complex 802.1W t opology In Figure 43 , Switch 5 is selected as the root bridge sinc e it is the bridge with the highest priority . Lines [...]
-
Страница 293
PowerConnect B-Series FCX Configuration Guide 251 53-1002266-01 Configuring STP related features 8 Next Switc h 2 sends RST BPDUs wi th a proposal fl ag t o Por t3/Switch 4. Po r t3 becomes the Roo t por t for th e bridge; all other por ts are given a Designated por t role with discarding stat es. Port3/Switch 4 sends an RST BPDU with an agr eed fl[...]
-
Страница 294
252 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring STP related features 8 FIGURE 44 Active Layer 2 path in com plex topology Propagation of topology change The T opology Change state machine generates and propagates the t opology change notification messages on each port. When a Root port or a De signated po r t goes int o [...]
-
Страница 295
PowerConnect B-Series FCX Configuration Guide 253 53-1002266-01 Configuring STP related features 8 FIGURE 45 Beginning of topology change notice Switch 2 then star ts the TCN timer on the Desi gnat ed por ts and sends RST BPDUs that contain the T CN as follows ( Figure 46 ): • Port5/Switch 2 sends the TC N to Port2/Switch 5 • Port4/Switch 2 sen[...]
-
Страница 296
254 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring STP related features 8 FIGURE 46 Sending TCN t o bridges connected to Switch 2 Then Switch 1, Switch 5, and Switch 6 send RST BPDUs that contain the TCN to Switch 3 and Switch 4 to complet e the TCN pr opagation ( Figure 4 7 ). Bridge prior ity = 1000 Bridge prior ity = 200[...]
-
Страница 297
PowerConnect B-Series FCX Configuration Guide 255 53-1002266-01 Configuring STP related features 8 FIGURE 4 7 Completing the T CN propagation Compatibility of 80 2.1W with 802.1D 802. 1W-en abled bridges are backward compatible wi th IEEE 802. 1D b ridges. This compatibility is managed on a per-port basis by the Port Migration state machine. How ev[...]
-
Страница 298
256 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring STP related features 8 FIGURE 48 802.1W bridges with an 802.1D bridge Once Switch 20 is removed fr om the LAN, Swi tch 1 0 and Sw itch 30 receive and transmit BPDUs in the STP f ormat to and fr om each other . This stat e will continue until the administrator enables the f [...]
-
Страница 299
PowerConnect B-Series FCX Configuration Guide 257 53-1002266-01 Configuring STP related features 8 Enabling or disabling 802 .1W in a port-based VLAN Use the f ollowing procedure t o disable or enable 802. 1W on a device on which y ou hav e configured a por t-based VLAN. Changing the 802. 1W st ate in a VLAN affects only that VLAN. T o enable 80 2.[...]
-
Страница 300
258 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring STP related features 8 Once 802. 1W is enabled on a por t, it can be disabl ed on individual por ts. 802. 1W that hav e been disabled on individual por ts can then be enabled as required. NOTE If you change the 802. 1W state of the primar y por t in a trunk group, the chan [...]
-
Страница 301
PowerConnect B-Series FCX Configuration Guide 259 53-1002266-01 Configuring STP related features 8 The priority <value> parameter spec ifies the priority of the bridge. Y ou can enter a v alue from 0 – 65535. A lo wer numerical value means the bridge ha s a higher priority . Thus, the highest priority is 0. The defa ult is 32 7 68. Y ou can[...]
-
Страница 302
260 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring STP related features 8 Set the admin-p t2pt-mac to enabled or d isabled. If set to enabled, then a port is connected t o another port thr ough a point-to-point link. The point-to -point link increases the speed of conv ergence. This paramet er , howe ver , does not auto-det[...]
-
Страница 303
PowerConnect B-Series FCX Configuration Guide 261 53-1002266-01 Configuring STP related features 8 Bridge IEEE 802. 1W parame ter s Bridge Id entifier The ID of the brid ge. Bridge Max Age The config ured max age for this bridge. The d efault is 20. Bridge Hel lo The conf igured hello time for this bridge.T he default is 2. Bridge Fwd Dly The conf [...]
-
Страница 304
262 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring STP related features 8 T o display detailed inf ormatio n about 802-1W , using the following command. Hello The hello value deriv ed from the Roo t por t. It is the number of seconds between tw o Hello packets. Por t IEEE 802. 1W par ameter s Port Num The port number shown [...]
-
Страница 305
PowerConnect B-Series FCX Configuration Guide 263 53-1002266-01 Configuring STP related features 8 Syntax: show 802-1w detail [ vlan <vlan-id> ] The vlan <vlan-id> parameter displa ys 802.1W inf ormatio n for the specified port-based VLAN. The show 802. 1W comm and shows the follo wing information. TA B L E 5 4 CLI display of show spann[...]
-
Страница 306
264 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring STP related features 8 State The port current 802.1W stat e. A por t can have one of the fol lowing states: • For wa rdin g • Discardi ng • Learning • Disabled Refer to “Bridge p or t states” on page 232 and “Edge p or t and non-edge port states” on page 233[...]
-
Страница 307
PowerConnect B-Series FCX Configuration Guide 265 53-1002266-01 Configuring STP related features 8 802.1W Draft 3 As an alternativ e to full 802. 1W , you can configure 802. 1W Draf t 3. 802. 1W Draft 3 pro vides a subset of the RSTP capabilities descr ibed in the 802.1W S TP specification. 80 2 .1W D ra f t 3 s u p po r t is d i sa b l e d by d e [...]
-
Страница 308
266 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring STP related features 8 FIGURE 49 802.1W Draft 3 RSTP ready for failov er If the root port on a Switch becomes unav ailabl e, 802. 1W Draf t 3 immediat ely fails ov er to the alternat e por t, as shown in Figure 50 . Switch 1 Switch 2 Switch 4 Switch 3 Root Bridge Bridge pri[...]
-
Страница 309
PowerConnect B-Series FCX Configuration Guide 267 53-1002266-01 Configuring STP related features 8 FIGURE 50 802.1W Draft 3 RSTP failov er to alt ernate root port In this ex ample, por t 3/3 on Switch 3 has become una vailable. In standar d STP (802. 1D), if the root port beco mes unav ailabl e, the Switch must go through the list ening and learnin[...]
-
Страница 310
268 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring STP related features 8 Once a failov er occurs, the Switch no longer has an alternate r oot por t. If the por t that was an al te r na te p or t bu t be c a me t he ro ot p o r t fa i ls , st a n da rd ST P i s u se d to re c onv er g e w i th t h e n e two r k . Y ou can m[...]
-
Страница 311
PowerConnect B-Series FCX Configuration Guide 269 53-1002266-01 Configuring STP related features 8 Enabling 802.1W Draft 3 802. 1W Draft 3 is disabled by default. The proced ure for enabling the f eature dif fers depending on whether single STP is enabled on the de vice. NOTE STP must be enabled before y ou can enable 802. 1W Draf t 3. Enabling 802[...]
-
Страница 312
270 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring STP related features 8 Alternatively , you can configure a Dell Pow erConnect device to run a single spanning tree acr oss all por ts and VLAN s on the device. The Sin gle STP f eatur e (SSTP) is especially useful for connecting a Dell PowerConnect device to third-par ty de[...]
-
Страница 313
PowerConnect B-Series FCX Configuration Guide 271 53-1002266-01 Configuring STP related features 8 PowerConnect(config) spanning-tree single priority 2 This command changes the STP priority for all por ts to 2. T o change an STP paramet er for a specific por t, enter commands such as the f ollowing. PowerConnect(config) spanning-tree single etherne[...]
-
Страница 314
272 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring STP related features 8 • Single STP – S i n g l e ST P a l l ow s a l l t h e V L A N s to r u n ST P , b u t e a c h V L A N r u n s t he sa m e i n s t a n c e of ST P , r esu lt ing in n um erous bl ocked por ts t ha t do not pas s a ny Layer 2 tra f f ic. STP pe r V[...]
-
Страница 315
PowerConnect B-Series FCX Configuration Guide 273 53-1002266-01 Configuring STP related features 8 Here are the CLI commands f o r implementing th e S TP per VLAN group configuration shown in Figure 5 1 . The follo wing commands configure the member VLANs (3, 4, 1 3, and 14) and the master VLANs (2 and 12). Notice that changes t o STP paramet ers a[...]
-
Страница 316
274 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring STP related features 8 Configuration exampl e for STP load sharing Figure 52 shows another e xample of a STP per VLAN group implementation. FIGURE 52 More complex STP per VLA N group example In this ex ample, each of the devices in the core is configured with a common set o[...]
-
Страница 317
PowerConnect B-Series FCX Configuration Guide 275 53-1002266-01 PVST/PVST+ compatibility 8 PowerConnect(config-vlan-201)#tag ethernet 1/2 ethernet 5/1 to 5/3 PowerConnect(config-vlan-201)#vlan 401 PowerConnect(config-vlan-401)#spanning-tree priority 3 PowerConnect(config-vlan-401)#tag ethernet 1/3 ethernet 5/1 to 5/3 ... PowerConnect(config-vlan-36[...]
-
Страница 318
276 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 PVST/PVST+ compatibility 8 NOTE Dell Po werConnect por ts automatically dete ct PV ST+ BPDUs and enable supp or t for the BPDUs once det ected. Y ou do not need t o per form an y configuration steps t o enable PVST+ support. Howe ver , to support the IEEE 802. 1Q BPDUs, you migh t need[...]
-
Страница 319
PowerConnect B-Series FCX Configuration Guide 277 53-1002266-01 PVST/PVST+ compatibility 8 FIGURE 53 Interaction of IEEE 802 .1Q, PVST , and PVST+ regions VLAN tags an d dual mode The dual-mode feature enables a port to send and receive both tagged and untagged frames. When the dual-mode f eature is en abled on a port, the por t is an untagged memb[...]
-
Страница 320
278 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 PVST/PVST+ compatibility 8 Configuring PVST+ support PVST+ suppor t is automatically enabled when the por t receives a PVST BPDU. Y ou can manually enable the suppor t at any time or disable the suppor t if desired. If you w ant a tagged por t to also suppor t IEEE 802. 1Q BPDUs, you n[...]
-
Страница 321
PowerConnect B-Series FCX Configuration Guide 279 53-1002266-01 PVST/PVST+ compatibility 8 Syntax: show span pvst-mode This command displa ys the following information. Configuration examples The following e xamples show configuration examples f or two common configurations: • Untagged IEEE 8 02.1 Q BPDUs on VLAN 1 and tagged PVS T+ BPDUs on othe[...]
-
Страница 322
280 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 PVST/PVST+ compatibility 8 Commands on the Dell Po werConnect Device PowerConnect(config)#vlan-group 1 vlan 2 to 4 PowerConnect(config-vlan-group-1)#tagged ethernet 1/1 PowerConnect(config-vlan-group-1)#exit PowerConnect(config)#interface ethernet 1/1 PowerConnect(config-if-1/1)#dual-m[...]
-
Страница 323
PowerConnect B-Series FCX Configuration Guide 281 53-1002266-01 PVST/PVST+ compatibility 8 These command s change th e default VLAN ID, conf igure por t 1/1 as a tagged member of VLA Ns 1 and 2, and enable the dual-mode f eature and PVST+ support on por t 1/1. Since V LAN 1 is tagged in this configuration, the default VLAN ID must be changed from V[...]
-
Страница 324
282 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 PVRST compatibility 8 PVRST compatibility PVRST , the "rapid" version of per -VLAN spanning tree (PVS T), is a Cisco proprietary prot ocol. PVRST corresponds to the Dell Po werConne ct full implementation of IEEE 802. 1w (RSTP). Lik ewise, PVST , also a Cisco proprietary prot[...]
-
Страница 325
PowerConnect B-Series FCX Configuration Guide 283 53-1002266-01 BPDU guard 8 Re-enabling ports disabled by BPDU guard When a BPSU Guard- enabled por t is disabled by BPDU Guar d, the Dell PowerConnect de vice will place the port in errdisable stat e and display a message on the console indicating that the por t is errdisabled (ref er to “Example [...]
-
Страница 326
284 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Root guard 8 STP configured to ON, priority is level0, flow control enabled mirror disabled, monitor disabled Not member of any active trunks Not member of any configured trunks No port name IPG MII 96 bits-time, IPG GMII 96 bits-time IP MTU 1500 bytes 300 second input rate: 8 bits/sec[...]
-
Страница 327
PowerConnect B-Series FCX Configuration Guide 285 53-1002266-01 Root guard 8 Configure roo t guard on all por ts where the r oot bridge should not appear . This establishes a pro tective network perimeter ar ound the core bridg ed netwo rk, cutting it of f from the user network. NOTE Roo t guard may pre vent netw ork connectivity if it is im proper[...]
-
Страница 328
286 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Error disable recovery 8 Error disable recovery In case a BPDU guard violation occu rs, a port is placed into an errdisable state which is functionally equiv alent to a Disable state. Once in an errdiabl e stat e, it remains in that state until one of the follo wing methods is used to [...]
-
Страница 329
PowerConnect B-Series FCX Configuration Guide 287 53-1002266-01 Error disable recovery 8 Displaying the error disable recovery state by interface The por t status of errdisabled d isplays in the output of the show int er face and the show inter face brief commands. In this exam ple, errdisable is enab led on int er face ethernet 1 and errdisable is[...]
-
Страница 330
288 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 802.1s Multiple Spanning Tree Protocol 8 Syntax: show errdisable summary Errdisable Syslog messages When the system p laces a por t into an errdis abled stat e for BPDU guard, a log message is generat ed. When the errdisable reco very timer e xpires, a log message is also generat ed. A[...]
-
Страница 331
PowerConnect B-Series FCX Configuration Guide 289 53-1002266-01 802.1s Multiple Spanni ng Tree Protocol 8 FIGURE 56 MSTP configured network The follo wing def initions describe the STP instances that define an MSTP configuration. Common Spanning (CST) – CS T is defined in 802. 1q and a ssumes one spannin g-tree instance for the entire bridged net[...]
-
Страница 332
290 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 802.1s Multiple Spanning Tree Protocol 8 Configuration notes When configuring MSTP , note the f ollowing: • With MS TP running, enabli ng st atic trunk on por ts that are me mbers of many VLANs (4000 or more VLANs) will keep the syst em busy for 20 to 25 seconds. Configuring MSTP mod[...]
-
Страница 333
PowerConnect B-Series FCX Configuration Guide 291 53-1002266-01 802.1s Multiple Spanni ng Tree Protocol 8 NOTE Once under MS TP mode, CIST alwa ys controls all port s in the system. If you do not w ant a por t to run MSTP , configure the no spanning-tree command under the specifi ed interface configuration. Using the [ no ] option on a system that [...]
-
Страница 334
292 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 802.1s Multiple Spanning Tree Protocol 8 Deleting a VLAN to MSTI mapping Y ou can optionally remov e a VLAN to MS TI mapping using the no mstp instance command. T o do so, enter a command such as the f ollowing. PowerConnect(config)#no mstp instance 7 vlan 4 to 7 This command delet es [...]
-
Страница 335
PowerConnect B-Series FCX Configuration Guide 293 53-1002266-01 802.1s Multiple Spanni ng Tree Protocol 8 The instance parameter defines the numbe r for the in stance of MS TP that you are deleting. The vlan parameter identifies one or more VLANs or a range of VLANs to the instance defined in this command. The vlan-group paramet er identifies one o[...]
-
Страница 336
294 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 802.1s Multiple Spanning Tree Protocol 8 • “For cing por ts to transmit an MS TP BPDU” • “ Activating MSTP on a switch” Setting the MSTP name Each switch that is running MSTP is configured with a name. It applies to the switch which can hav e many dif ferent VLANs that can [...]
-
Страница 337
PowerConnect B-Series FCX Configuration Guide 295 53-1002266-01 802.1s Multiple Spanni ng Tree Protocol 8 The no option mov es a VLAN or VLAN group from its assigned MS TI back into the CIS T . NOTE The system doe s not allow an MSTI without an y VLANs mapped to it. Consequently , removing all VLANs from an MS TI, deletes the MSTI from the syst em [...]
-
Страница 338
296 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 802.1s Multiple Spanning Tree Protocol 8 The max-hops <value> parameter specifies the maximum hop count. Y ou can specify a v alue from 1 – 40 hops. The d efault value is 20 hops. Setting ports to be operational edge ports Y o u c a n d e f i n e s p e c i f i c p or ts a s e d[...]
-
Страница 339
PowerConnect B-Series FCX Configuration Guide 297 53-1002266-01 802.1s Multiple Spanni ng Tree Protocol 8 • Po werConnect B-Series FCX stackable switches – <s tack-unit/slotnum/portnum> When a por t is disabled for MS TP , it behaves as bloc king f or a ll the VLAN traf fic that is controlled by MSTIs and the CIS T . Forcing ports to tran[...]
-
Страница 340
298 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 802.1s Multiple Spanning Tree Protocol 8 FIGURE 5 7 Sample MSTP configuration RTR1 configuration PowerConnect(config-vlan-4093)#tagged ethernet 10/1 to 10/2 PowerConnect(config-vlan-4093)#exit PowerConnect(config)#mstp scope all PowerConnect(config)#mstp name Reg1 PowerConnect(config)#[...]
-
Страница 341
PowerConnect B-Series FCX Configuration Guide 299 53-1002266-01 802.1s Multiple Spanni ng Tree Protocol 8 Core2 configuration PowerConnect(config)#trunk ethernet 3/5 to 3/6 ethernet 3/17 to 3/20 PowerConnect(config)#vlan 1 name DEFAULT-VLAN by port PowerConnect(config-vlan-1)#exit PowerConnect(config)#vlan 20 by port PowerConnect(config-vlan-20)#ta[...]
-
Страница 342
300 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 802.1s Multiple Spanning Tree Protocol 8 Syntax: show mstp <instance-number> The <instance-number> variable specifies the MSTP instance that you w ant to display inf ormation fo r . TA B L E 5 6 Output from Sho w MSTP This field... Displays... MSTP Instance The ID of the MS[...]
-
Страница 343
PowerConnect B-Series FCX Configuration Guide 301 53-1002266-01 802.1s Multiple Spanni ng Tree Protocol 8 Displaying MSTP information for a specified instance The follo wing example displays MS TP info rmation specified for an MSTP instance. ExtPath Cost The configured path cost on a link connected t o this por t to an ext ernal MSTP region. Region[...]
-
Страница 344
302 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 802.1s Multiple Spanning Tree Protocol 8 Refe r to Ta b l e 5 6 for details about the display paramet er s. Displaying MSTP informat ion for CIST instance 0 Instance 0 is the Common and Internal Spann ing T ree Instanc e (CIST). When you display information f or this instance there are[...]
-
Страница 345
PowerConnect B-Series FCX Configuration Guide 303 53-1002266-01 802.1s Multiple Spanni ng Tree Protocol 8 Refe r to Ta b l e 5 6 for ex pla nation about the paramet er s in the output. Syntax: show mstp [ <ms tp-id> | configurati on | detail ] [ | begin <s tring> | exclude <s tring> | include <string> ] Enter an MS TP ID for[...]
-
Страница 346
304 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 802.1s Multiple Spanning Tree Protocol 8[...]
-
Страница 347
PowerConnect B-Series FCX Configuration Guide 305 53-1002266-01 Chapter 9 Configuring Basic Layer 2 Features Ta b l e 57 lists the individual Dell Po werConnect sw itches and the basic Lay er 2 featur es they suppor t. The procedures in this chapt er describe ho w to configure basic Lay er 2 paramet ers. Dell Po werConnect de vices are configured a[...]
-
Страница 348
306 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 About port regions 9 • For inf ormation about configuring IP addresses, DNS resolver , DHCP assist, and other IP-related paramet ers, refer to Chapter 26, “Configuring IP” . • For inf ormation about the Syslog buffer and messages, ref er to Chapter 4 1, “Using Syslog” . Abo[...]
-
Страница 349
PowerConnect B-Series FCX Configuration Guide 307 53-1002266-01 MAC learning rate control 9 Y ou can also enable and disable spanning tree on a por t-based VLAN and on an individual por t basis, and enable advanced S TP f eatures. Ref er to Chapt er 8, “Configu ring Spanning T ree Protocol (STP) R elated Features” . Modifying STP bridge and por[...]
-
Страница 350
308 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring static MAC entries 9 Disabling the automatic learning of MAC addresses By default, when a pack et with an unknown Sour ce MAC address is rece ived on a por t, the Dell Po werConnect device learns this MAC address on the port. Y ou can prevent a physical port from learning M[...]
-
Страница 351
PowerConnect B-Series FCX Configuration Guide 309 53-1002266-01 Configuring static MAC entries 9 NOTE Dell Pow erConnect devices running La yer 3 code al so suppor t the assignment of st atic IP Rout es, static ARP , and static RARP entries. For details on configuring these types of static entries, refer t o “Configuring static rout es” on page[...]
-
Страница 352
310 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring VLAN-based static MAC entries 9 or Syntax: [ no ] static-mac-address <mac-addr> ethernet [ <slo tnum> / ] <por tnum> to ethernet [ <slotnum> ] <por tnum> [ priority <num> ] The <slotnum> paramet er is required on chassis devices. Th[...]
-
Страница 353
PowerConnect B-Series FCX Configuration Guide 311 53-1002266-01 Flow-based MAC address learning 9 For e xample, to remove entries f or the MAC address 000d.cd80.00d0 in all VLANs, ent er the follo wing command at the Privilege EXEC level of the CLI. PowerConnect#clear mac-address 000d.cb80.00d0 Syntax: clear mac-address <mac-address> | et her[...]
-
Страница 354
312 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Flow-based MAC address learning 9 How flow-based learning works When a pack et processor , let call it PP 1 , receives an incoming packet with source MAC address X , it sends a new address message to the CPU. The system learns MAC address X by adding it t o the sof tware MA C table in [...]
-
Страница 355
PowerConnect B-Series FCX Configuration Guide 313 53-1002266-01 Flow-based MAC address learning 9 • A source MA C address is learned only on the ingress (source) pack et processor . The MA C address is added to ot her packet pr ocessors as needed by their incoming traffic flows. During a brief period until the destination MA C addre ss is success[...]
-
Страница 356
314 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Enabling port-based VLANs 9 Syntax: system -max mac <max-flow-MACs> The <max-flow-MACs> parameter specifies the maximum number of MAC addresses in the MAC table. For flo w -based MACs, the minimum valu e is 1 6K and the maximum value is 32K. The default is 1 6K. Use the com[...]
-
Страница 357
PowerConnect B-Series FCX Configuration Guide 315 53-1002266-01 Enabling port-based VLANs 9 Syntax: vlan <num> by po r t Syntax: vlan <num> name <string> The <num> parameter specifies the VLAN ID. The v ali d range fo r VLAN IDs star ts at 1 on all systems but the upper limit of the range differs depending on the device. In [...]
-
Страница 358
316 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Defining MAC address filters 9 Defining MAC address filters MAC la yer filtering enables you t o build access lis ts based on MAC la yer headers in the Ethernet/IEEE 802.3 frame. Y ou can filter on the source and destination MA C addresses. The filters apply to incoming traf fic only .[...]
-
Страница 359
PowerConnect B-Series FCX Configuration Guide 317 53-1002266-01 Defining MAC address filters 9 PowerConnect(config)# mac filter 3 deny any 0180.c200.0000 ffff.ffff.fff0 PowerConnect(config)# mac filter 4 deny any 0000.1234.5678 ffff.ffff.ffff PowerConnect(config)# mac filter 5 deny any 0000.2345.6789 ffff.ffff.ffff PowerConnect(config)# mac filter [...]
-
Страница 360
318 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Defining MAC address filters 9 When a MA C address filter is appl ied to or remov ed from an int er f ace, a Syslog message such as the fo llowing is generated. SYSLOG: <14>Jan 1 00:00:00 10.44.9.11 MAC Filter applied to port 0/1/2 by tester from telnet session (filter id=5 ). SY[...]
-
Страница 361
PowerConnect B-Series FCX Configuration Guide 319 53-1002266-01 Defining MAC address filters 9 PowerConnect(config)#int ethernet 1 PowerConnect(config-if-e1000-1)#mac filter-group log-enable PowerConnect(config-if-e1000-1)#int ethernet 3 PowerConnect(config-if-e1000-3)#mac filter-group log-enable PowerConnect(config-if-e1000-3)#write memory Syntax:[...]
-
Страница 362
320 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Locking a port to restrict addresses 9 The <src-mac> <mask> | an y parameter spe cifies the source MAC add ress. Y ou can enter a specific address value and a co mparison ma sk, or the keyw ord any t o filter on al l MAC addresse s. Specify the mask using f (ones) and zeros[...]
-
Страница 363
PowerConnect B-Series FCX Configuration Guide 321 53-1002266-01 Displaying and modifying syst em parameter default settings 9 Syntax: lock-address ethernet [ <port> [ addr -count <num> ] Specify the <por t> v a ri a b l e i n th e fo l l ow in g fo r m a ts : • Po werConnect B-Series FCX stackable switches – <s tack-unit/sl[...]
-
Страница 364
322 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Displaying and modifying syst em parameter default settings 9 The follo wing shows an exam ple output of the show default values command on a Po werConnect Layer 2 device. PowerConnect#show default values sys log buffers:50 mac age time:300 sec telnet sessions:5 System Parameters Defau[...]
-
Страница 365
PowerConnect B-Series FCX Configuration Guide 323 53-1002266-01 Displaying and modifying syst em parameter default settings 9 The follo wing shows an exam ple output on a Powe rC onnect IPV4 de vice ru nning Lay er 3 sof tware. PowerConnect#show default values sys log buffers:50 mac age time:300 sec telnet sessions:5 ip arp age:10 min bootp relay m[...]
-
Страница 366
324 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Displaying and modifying syst em parameter default settings 9 The follo wing shows an exam ple output on a Po werConnect B-Series FCX de vices ser ving as a management host in an IPv6 netw ork and running the La yer 3 sof tware image. Ta b l e 5 8 defines the system paramet ers in the [...]
-
Страница 367
PowerConnect B-Series FCX Configuration Guide 325 53-1002266-01 Displaying and modifying syst em parameter default settings 9 Modifying system parameter default values In fo r m a ti o n fo r t he c o n f i gu r a b l e t a bles appears under the columns th at are sho wn in bold type in the abov e examples. T o simplify configuration, the command p[...]
-
Страница 368
326 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 TDynamic Buffer Allocation for an IronStack 9 PowerConnect(config)#system-max ip-route 120000 PowerConnect(config)#write memory PowerConnect(config)#exit PowerConnect#reload Syntax: system-max ip-r oute <num> The <num> parameter specifies the maximum number of routes in the[...]
-
Страница 369
PowerConnect B-Series FCX Configuration Guide 327 53-1002266-01 TDynamic Buffer Allocation for an IronStack 9 Fo r ex a mp l e , fo r an 8 - un i t st a c k o f 4 8 p o r ts , th e p a cke t p ro c e s so r n um b e ri n g s c h e me i s as fo ll o ws : . Stack unit 1 - packet processors 0 and 1 Stack unit 2 - packet processors 2 and 3 Stack unit 3[...]
-
Страница 370
328 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 TDynamic Buffer Allocation for an IronStack 9 PowerConnect#qd-buffer 1 2 76 2 Syntax: qd-buffer <DeviceNum> <PortTypeVal> <NumBuffers> <PriorityQueue> "DeviceNum: 0-x "PortTypeVal: 1 for 1 Gbps or 2 for 10 Gbps "NumBuffers: Number of buffers to al[...]
-
Страница 371
PowerConnect B-Series FCX Configuration Guide 329 53-1002266-01 Remote Fault Notification (RF N) on 1G fiber con nections 9 qd-buffer 0 1 4095 0 qd-buffer 1 1 4095 0 qd-buffer 2 1 4095 0 qd-buffer 4 1 4095 0 qd-buffer 5 1 4095 0 qd-buffer 6 1 4095 0 qd-buffer 0 2 4095 0 qd-buffer 1 2 4095 0 qd-buffer 2 2 4095 0 qd-buffer 4 2 4095 0 qd-buffer 5 2 40[...]
-
Страница 372
330 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Link Fault Signaling (LFS ) for 10G 9 For fi ber-optic conne ctions, you can optionally c onfigure a transmit por t to no tify the receive por t on the remot e device whenev er the transmit port becomes disabled. When you enable this f eature, the transmit por t notifies the remote por[...]
-
Страница 373
PowerConnect B-Series FCX Configuration Guide 331 53-1002266-01 Jumbo frame support 9 PowerConnect(config)#interface e 1/1 PowerConnect(config-if-e1000-1/1)#link-fault-signal Syntax: [ no ] link-fault-signal Use the no for m o f t h e c om m a n d to disable LFS. LFS is OFF by def ault. Viewing the status of LFS-enabled links The status of an LFS-e[...]
-
Страница 374
332 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Jumbo frame support 9[...]
-
Страница 375
PowerConnect B-Series FCX Configuration Guide 333 53-1002266-01 Chapter 10 Configuring Metro Features Ta b l e 5 9 lists the individual Dell Po werConnect sw itches and the metro f eatures they suppor t. T Topology groups A topology gr oup is a named set of VLANs that shar e a Layer 2 topology . T opology groups simplify configuration and enhance s[...]
-
Страница 376
334 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Topology groups 10 Master VLAN and member VLANs Each topology group contains a master VLAN and can contain one or more member VLA Ns and VLAN groups: • Mast er VLAN – The master VLAN contains the configuration information f or the Lay er 2 pro tocol. For e xample, if you plan t o u[...]
-
Страница 377
PowerConnect B-Series FCX Configuration Guide 335 53-1002266-01 Topology groups 10 • If you remo ve the master VLAN (b y entering no mast er-vlan < vlan-id >), the software selects the new master VLAN fr om member VLANs. A new ca ndidat e m aster VLAN will be in configured order t o a member VLAN so that the first added member VLAN will be [...]
-
Страница 378
336 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Topology groups 10 NOTE Once you add a V LAN or VLAN group as a member of a topology gr oup, all the La yer 2 pr otocol configuration information for the VLAN or gr oup is deleted. F o r e xample, if STP is configured on a VLAN and you add the VLAN t o a topology group, the S TP conf i[...]
-
Страница 379
PowerConnect B-Series FCX Configuration Guide 337 53-1002266-01 Metro Ring Protocol (MRP) 10 Metro Ring Protocol (MRP) MRP is a Dell pr oprietar y pro tocol that prev ents Lay er 2 loops and pro vides fast recon vergence in Lay er 2 ring topologies. It is an alt ernative to STP and is especially usef ul in Metr opolitan Area Networ ks (MANs) where [...]
-
Страница 380
338 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Metro Ring Protocol (MRP) 10 FIGURE 58 Metro ri ng – normal stat e Th e r in g in th i s ex amp l e c on si s ts of fou r M R P n o des (Dell Pow erConnect sw itches). Each node has two interfaces with the ring. Each node also is connected t o a separate cust omer network. The nodes [...]
-
Страница 381
PowerConnect B-Series FCX Configuration Guide 339 53-1002266-01 Metro Ring Protocol (MRP) 10 Configuration notes • When you configure MRP , Dell recommends that yo u disable one of the ri ng interfaces bef ore beginning the ring configurat ion. Disabling an inter face prev ents a Layer 2 loop fr om occurring while you are configuring MRP on the r[...]
-
Страница 382
340 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Metro Ring Protocol (MRP) 10 MRP rings with shared in terfaces (MRP Phase 2) With MRP Phase 2, MRP rings can be configured to share the same int er faces as long as the inte r f ac es bel on g to th e s ame VL AN . Figure 60 shows examples of multiple MRP rings that share the same inte[...]
-
Страница 383
PowerConnect B-Series FCX Configuration Guide 341 53-1002266-01 Metro Ring Protocol (MRP) 10 For ex a mp l e, i n Fi gure 6 1 , the ID of all interfaces on all nodes on Ring 1 is 1 and all int er faces on all nodes on Ring 2 is 2. Port 1/1 on node S1 and Port 2/2 on S2 hav e the IDs of 1 and 2 since the interfaces are shared by Rings 1 and 2. The r[...]
-
Страница 384
342 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Metro Ring Protocol (MRP) 10 FIGURE 62 Metro ring – initial stat e MRP uses Ring Health Packets (RHPs) t o monitor the health of the ring. An R HP is an MRP prot ocol pack et. The source ad dress is the MAC addre ss of the master node and the destination MA C address is a pro tocol a[...]
-
Страница 385
PowerConnect B-Series FCX Configuration Guide 343 53-1002266-01 Metro Ring Protocol (MRP) 10 • For wa rd i n g ( F ) – The int er face can forwar d data as well as RHPs. An interface changes from Preforwarding t o Forwarding when the por t preforwarding time expires. This occur s if the por t does not receiv e an RHP from the Mast er , or if th[...]
-
Страница 386
344 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Metro Ring Protocol (MRP) 10 FIGURE 63 Metro ring – from preforwarding to forwarding Each RHP a lso has a s equence num ber . MRP ca n use the sequence number t o determine the round-trip time for RHPs in the ring. Ref er to “Using MRP diagnostics” on page 352. C us tomer A C us [...]
-
Страница 387
PowerConnect B-Series FCX Configuration Guide 345 53-1002266-01 Metro Ring Protocol (MRP) 10 RHP processing in MRP Phase 2 Figure 6 4 shows an exam ple of how RHP packets are pr ocessed normally in MRP rings with shared interfaces. FIGURE 64 Flow of RHP pac kets on MRP rings with shared int er faces Port 2/1 on Ring 1 master node is the primary int[...]
-
Страница 388
346 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Metro Ring Protocol (MRP) 10 How ring breaks are detected and healed Figure 65 shows ring interface states f ollowing a li nk break. MRP quickly heals the ring and preserves connectivity among the customer networks. FIGURE 65 Metro ring – ring bre ak If a break in the ring occurs, MR[...]
-
Страница 389
PowerConnect B-Series FCX Configuration Guide 347 53-1002266-01 Metro Ring Protocol (MRP) 10 • If the interface receiv es an RHP , the int er f ace changes back t o the Blocking stat e and resets the dead timer . • If the interface does not receive an RHP f or it s ring before the Pref or ward in g ti me ex pi re s, the interface changes to the[...]
-
Страница 390
348 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Metro Ring Protocol (MRP) 10 Master VLANs and customer VLANs All the ring ports must be in the same VLAN. Placing the ring ports in the same VLAN pr ovides Lay er 2 connectivity for a given customer acr oss the ri ng. Figure 67 shows an example. FIGURE 67 Metro ring – ring VLAN and c[...]
-
Страница 391
PowerConnect B-Series FCX Configuration Guide 349 53-1002266-01 Metro Ring Protocol (MRP) 10 A topology gr oup enables you t o control f or war ding in multiple VLANs using a single instance of a Lay e r 2 prot o col such as M RP . A topology group contai ns a master VLAN and me mber VLANs. The mast er VLAN contains all the c o nfiguration paramete[...]
-
Страница 392
350 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Metro Ring Protocol (MRP) 10 Adding an MRP ring to a VLAN T o add an MRP ring to a VLAN, enter commands such as the f ollowing. NOTE If you plan to use a t opology gr oup t o add VLANs to the ring, mak e sure you configure MRP on the topology gr oup master VLAN. PowerConnect(config)#vl[...]
-
Страница 393
PowerConnect B-Series FCX Configuration Guide 351 53-1002266-01 Metro Ring Protocol (MRP) 10 Configures this node as the master node f or the ri ng. Enter this command only on one node in the ring. The node is a member (non-master) node b y default. Syntax: [ no ] ring-interface ethern et <primary -if> ethernet <secondar y-if> The ether[...]
-
Страница 394
352 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Metro Ring Protocol (MRP) 10 Using MRP diagnostics The MRP diagnostics feature calculat es how long it tak es for RHP pack ets to tra vel thr ough the ring. When you enable MRP diagnostic s, the sof tware tracks RHP packets accor ding to their sequence numbers and calculates ho w long [...]
-
Страница 395
PowerConnect B-Series FCX Configuration Guide 353 53-1002266-01 Metro Ring Protocol (MRP) 10 If the recommended hello time and preforwarding ti me are different from the actual se ttings and you w ant to change them, ref er to “Configuring MRP” on page 349. Displaying MRP information Y ou can display the fo l lowing MRP inf ormatio n: • T opo[...]
-
Страница 396
354 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Metro Ring Protocol (MRP) 10 TA B L E 6 2 CLI displa y of MRP ring information This field... Displays... Ring id The ring ID State The state of MRP . Th e state can be one of the following: • enabled – MRP is enabled • disabled – MRP is disabled Ring ro le Whether thi s node is[...]
-
Страница 397
PowerConnect B-Series FCX Configuration Guide 355 53-1002266-01 Metro Ring Protocol (MRP) 10 MRP CLI example The f ollowing examples sho w the CLI commands required t o implement the MRP configuration shown in Figure 67 on page 348. NOTE For simplicity , the f igure shows the VLANs on only two switches. The CLI examples implement the ring on all f [...]
-
Страница 398
356 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Metro Ring Protocol (MRP) 10 The f ollowing commands configure the cust omer VL ANs. The cu stomer VLANs must contain b oth the ring interfaces as well as the customer interfaces. PowerConnect(config)#vlan 30 PowerConnect(config-vlan-30)#tag ethernet 1/1 to 1/2 PowerConnect(config-vlan[...]
-
Страница 399
PowerConnect B-Series FCX Configuration Guide 357 53-1002266-01 Virtual Switch Redundancy Protocol (VSRP) 10 PowerConnect(config)#vlan 30 PowerConnect(config-vlan-30)#tag ethernet 1/1 to 1/2 PowerConnect(config-vlan-30)#tag ethernet 2/1 PowerConnect(config-vlan-30)#exit PowerConnect(config)#vlan 40 PowerConnect(config-vlan-40)#tag ethernet 1/1 to 1[...]
-
Страница 400
358 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Virtual Switch Redund ancy Protocol (V SRP) 10 FIGURE 68 VSRP mesh – redundant paths for Layer 2 and Layer 3 traffic In this example, two Dell Pow erCo n nect device s are configured as redundant paths for VRID 1. On each of the de vices, a Vir tual Rout er ID (VRID) is configured on[...]
-
Страница 401
PowerConnect B-Series FCX Configuration Guide 359 53-1002266-01 Virtual Switch Redundancy Protocol (VSRP) 10 Layer 2 and Layer 3 redundancy Y ou can configure VSRP to pr ovide redundancy f or Layer 2 only or also for Lay er 3: • La yer 2 only – The La yer 2 links are back ed up but specific IP addresses are not backed up. • Layer 2 an d L aye[...]
-
Страница 402
360 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Virtual Switch Redund ancy Protocol (V SRP) 10 • If the Back up does not receive a Hello message wi th a higher priority than its own by the time the hold-down timer e xpires, the Back up becomes the new Mast er and star ts forwarding L ayer 2 traf fic on all por ts. If you increase [...]
-
Страница 403
PowerConnect B-Series FCX Configuration Guide 361 53-1002266-01 Virtual Switch Redundancy Protocol (VSRP) 10 FIGURE 70 VSRP priority recalculation Y ou can reduce the sensitivity of a VSRP de vice to failov er by increasing its configured VSRP priority . For e xample, y ou can increase the config ured prio rity of the VSRP device on the left in Fig[...]
-
Страница 404
362 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Virtual Switch Redund ancy Protocol (V SRP) 10 When you configure a track port, you assign a priority value to the po r t. If the por t goes down, VSRP subtracts the track por t priority value fr om the co nfigured VSRP priority . For e xample, if the you configure a track por t with p[...]
-
Страница 405
PowerConnect B-Series FCX Configuration Guide 363 53-1002266-01 Virtual Switch Redundancy Protocol (VSRP) 10 FIGURE 73 T rack por t priority subtract ed during priority calculation MAC address failover on VSRP-aware devices VSRP-aw are devices maintain a record of each VR ID and its VLAN. When the de vice has received a Hello message for a VRID in [...]
-
Страница 406
364 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Virtual Switch Redund ancy Protocol (V SRP) 10 Timer scale The VSRP Hello int er val, Dead int er val, Back up He llo interval, and Hold-down int er val timers are individually configurabl e. Y ou also can easily change all the timer s at the same time while preserving the ratios among[...]
-
Страница 407
PowerConnect B-Series FCX Configuration Guide 365 53-1002266-01 Virtual Switch Redundancy Protocol (VSRP) 10 Interface parameters Authentication type The type of authentication th e VSRP devices use to validate VSRP packets. On Layer 3 Switches , the authenti cation type mus t match the authe ntication type th e VRID por t uses with other routing p[...]
-
Страница 408
366 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Virtual Switch Redund ancy Protocol (V SRP) 10 Pref erence of timer source When you save a Backup configurat ion, the sof tware can sav e the configured VSRP timer v alues or the VSRP timer v alues received fr om the Master . Sav ing the current timer v alues instead of th e configured[...]
-
Страница 409
PowerConnect B-Series FCX Configuration Guide 367 53-1002266-01 Virtual Switch Redundancy Protocol (VSRP) 10 Configuring basic VSRP parameters T o configure VSRP , per form the f ollowing required tasks: • Configure a port -based VLAN containing the p or ts for which y ou want to provide VSRP ser vice. NOTE If you already ha ve a port-based VLAN [...]
-
Страница 410
368 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Virtual Switch Redund ancy Protocol (V SRP) 10 Syntax: enable | disable Configuring optional VSRP parameters The f ollowing sections describe ho w to configure optional VSRP parameters. Disabling or re -enabling VSRP VSRP is enabled b y default on La yer 2 Switches an d La yer 3 Switch[...]
-
Страница 411
PowerConnect B-Series FCX Configuration Guide 369 53-1002266-01 Virtual Switch Redundancy Protocol (VSRP) 10 T o change the timer scale, en ter a command such as the f ollowing at th e g l o b a l C O N F I G le ve l o f t h e CLI. PowerConnect(config)# scale-timer 2 This command changes the scale t o 2. All VSRP , VRRP , and VRRP-E timer va lues w[...]
-
Страница 412
370 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Virtual Switch Redund ancy Protocol (V SRP) 10 Specifying no authentication for VSRP hello packets The following configuration specifies no a uthenti cation as the preferred V SRP-aware security method. In this case, the VSRP de vice will not a ccept incoming pack ets that have authent[...]
-
Страница 413
PowerConnect B-Series FCX Configuration Guide 371 53-1002266-01 Virtual Switch Redundancy Protocol (VSRP) 10 VSRP does no t require you t o specify an IP address. If y ou do not specify an address, VSRP pro vides Lay er 2 redundancy . If you do spec ify an address, VSRP pro vides La yer 2 and Lay er 3 redundancy . The Lay er 3 redundancy suppor t i[...]
-
Страница 414
372 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Virtual Switch Redund ancy Protocol (V SRP) 10 • Hold-down int er val By default, e a ch Back up sa ves the configured timer v a lues to its startup-config file when you sav e the device configuration. Y ou can configure a Back up to instead sa ve the current timer values re ceived f[...]
-
Страница 415
PowerConnect B-Series FCX Configuration Guide 373 53-1002266-01 Virtual Switch Redundancy Protocol (VSRP) 10 NOTE The default Dead int er val is three times the Hello in terval plus one-ha lf second. General ly , if you change the Hello interval, you also should change the Dead int er val on the Back ups. NOTE If you change the timer scale, the cha[...]
-
Страница 416
374 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Virtual Switch Redund ancy Protocol (V SRP) 10 Changing the hold-down interval The hold-down interval prevents Lay er 2 lo ops from occurring during f ailov er , by dela ying the new Master from f or warding traff ic long enough to ensure that the failed Master is really unavailable. T[...]
-
Страница 417
PowerConnect B-Series FCX Configuration Guide 375 53-1002266-01 Virtual Switch Redundancy Protocol (VSRP) 10 NOTE The priority <num> option changes the priority of the s pecif ied int er face, overriding the def ault track por t priority . T o change the default track port priority , use the backup track -priority <num> command. Disabli[...]
-
Страница 418
376 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Virtual Switch Redund ancy Protocol (V SRP) 10 VSRP-aware interoperablilty The vsrp-aw are tc-vlan-flush command should be used in netwo rk configurations in which the Dell Po werConnect switch operates as the VSRP-Aw are device connecting to a oth er devices as a VSRP Master . The com[...]
-
Страница 419
PowerConnect B-Series FCX Configuration Guide 377 53-1002266-01 Virtual Switch Redundancy Protocol (VSRP) 10 This display sho w s the f ollowing information when you use the vrid <num> or vlan <vlan-id > paramet er . For inf ormation about the displa y when you use the aw ar e parameter , ref er to “Displaying the activ e inter faces [...]
-
Страница 420
378 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Virtual Switch Redund ancy Protocol (V SRP) 10 Displaying the active interfaces for a VRID On a VSRP-aw are device, y ou can display VLAN an d por t inf orma tion fo r the connections to t he VSRP devices (Mast er and Backups). T o display the activ e VRID interfaces, enter th e follow[...]
-
Страница 421
PowerConnect B-Series FCX Configuration Guide 379 53-1002266-01 Virtual Switch Redundancy Protocol (VSRP) 10 VSRP fast start VSRP fast start allows non-Dell P owerConnect or non-VSRP aware de vices that are connected to a Dell Po werConnect de vice that is the VSRP Master t o quickly switchover t o the new Master when a VSRP failo ver occurs This f[...]
-
Страница 422
380 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Virtual Switch Redund ancy Protocol (V SRP) 10 The "Restar t por ts:" line lists the por ts that ha ve the VSRP fast start enabled, and the downtime f or each por t. Ref er to Ta b l e 6 4 on page 3 77 t o interpret the remaining information on the display . VSRP and MRP sign[...]
-
Страница 423
PowerConnect B-Series FCX Configuration Guide 381 53-1002266-01 Virtual Switch Redundancy Protocol (VSRP) 10 FIGURE 75 VSRP on MRP rings th at failed over A signaling process f or the interaction between VS RP and MRP ensure s that MRP is informed of the topology change and achie ves conv ergence rapidly . When a VSRP node fails, a new VSRP mast er[...]
-
Страница 424
382 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Virtual Switch Redund ancy Protocol (V SRP) 10[...]
-
Страница 425
PowerConnect B-Series FCX Configuration Guide 383 53-1002266-01 Chapter 11 Configuring Uni-Directional Link Detection (UDLD) and Protected Link Groups Ta b l e 6 6 lists the individual Dell Po werConnect swit ches and the UDLD and prot ected link gr oup f eatures they suppor t. These features are supported in the Layer 2, base Layer 3, edge La yer [...]
-
Страница 426
384 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 UDLD overview 11 Normally , a Dell Po werConnect device load balances traffic across the por ts in a trunk group. In this example, each Dell P owerConnect de vice load balances traf fic across two ports. Withou t the UDLD f eature, a link failure on a link that is no t directly attache[...]
-
Страница 427
PowerConnect B-Series FCX Configuration Guide 385 53-1002266-01 UDLD overview 11 Enabling UDLD NOTE This section shows how to configure UDLD for un tagged contr ol packets. T o configure UDLD f or tagged control pack ets, refer t o “Enabling UDLD f or tagged por ts” . T o enable UDLD on a por t, enter a command such as the f ollowing at the glo[...]
-
Страница 428
386 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 UDLD overview 11 Changing the Keepalive retries By default, a por t waits one second to receive a health-check reply packet fr om the por t at the other end of the link. If the port does not receive a reply , the por t tries fo ur more times by sending up to f our more health-check pac[...]
-
Страница 429
PowerConnect B-Series FCX Configuration Guide 387 53-1002266-01 UDLD overview 11 If a por t is disabl ed by UDLD, the change also is indicated in the output of the show inter faces brief command. An example is giv en below . If the por t was already down be fore you enabled UDLD f or the por t, the por t state is listed as None. Syntax: show interf[...]
-
Страница 430
388 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Protected link groups 11 The show int er face ethernet command also displa ys the UDLD st ate f or an individual port. In addition, the line pr otocol stat e li sted in the first line will sa y “down” if UDLD has brought the port down. An e xample is giv en below . In this ex ample[...]
-
Страница 431
PowerConnect B-Series FCX Configuration Guide 389 53-1002266-01 Protected link groups 11 About active ports When you creat e a prot ected link gr oup, you can optionally specify which port in the prot ected link group is the active port. If you do not explicit ly configure an active port, the Dell Pow erConnect device dynamically assigns on e. A dy[...]
-
Страница 432
390 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Protected link groups 11 The configuration for the above il lustration is as follows. Switch 1 PowerConnect(config)# protected-link-group 1 e 1/3 e 1/6 PowerConnect(config)# protected-link-group 1 active-port e 1/3 Switch 2 PowerConnect(config)# protected-link-group 1 e 1/12 e 1/15 Pow[...]
-
Страница 433
PowerConnect B-Series FCX Configuration Guide 391 53-1002266-01 Protected link groups 11 The <group-ID> paramet er specifies the prot ected link gr oup number . Enter a number from 1 – 32. The activ e-por t ethernet < por t > defines the activ e por t. Specify the <port> variable in the following fo rm a t s : • Po werConnect [...]
-
Страница 434
392 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Protected link groups 11 In the abov e output, the por t state is pro tected-link -inactive which means por t 3 is an inactive por t in a pro tected link group. Syntax: show interface ethernet < port> Specify the <por t> v a ri a b l e i n th e fo l l ow in g fo r m a ts : [...]
-
Страница 435
PowerConnect B-Series FCX Configuration Guide 393 53-1002266-01 Chapter 12 Configuring Trunk Groups and Dynamic Link Aggregation Ta b l e 7 0 lists the individual Dell Po werConnect swit ches and the trunk gr oups and dynamic link aggregation features the y suppor t. Trunk group overview The T runk group f eature allows you t o manually co nfigure [...]
-
Страница 436
394 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Trunk group overview 12 FIGURE 78 T runk group application within a P owerConnect network NOTE The por ts in a trunk group make a si ngle logical link. Therefore, all the por ts in a trunk group must be connect ed to the same de vice at the other end. Trunk group connectivity to a serv[...]
-
Страница 437
PowerConnect B-Series FCX Configuration Guide 395 53-1002266-01 Trunk grou p overview 12 FIGURE 79 T runk group between a server and a compact Lay er 2 Switch or Lay er 3 Switch Trunk group rules Ta b l e lists the max imum number of trunk g roups yo u can configure on a Dell PowerConnect de vice and the valid number of ports in a trunk group. The [...]
-
Страница 438
396 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Trunk group overview 12 • statically configured por t speed and duplex • QoS priority T o chang e por t parameters, you must change them on the primar y por t. The sof tware automatically applies the changes t o the other por ts in the trunk group. Configuration notes fo r Dell Pow[...]
-
Страница 439
PowerConnect B-Series FCX Configuration Guide 397 53-1002266-01 Trunk grou p overview 12 FIGURE 80 Examples of 2-port and 3-port trunk groups Figure 81 sho ws two IronStacks connected by multi-slot trunk groups. 424F 42XG Lnk Act Lnk Act 12 424C 424C 424C 424C 424F 424C 8X-12GM-4 Console Pwr Lnk Odd Even SYS EJECT DC OK ALM AC OK DC OK ALM AC OK SY[...]
-
Страница 440
398 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Trunk group overview 12 FIGURE 8 1 T wo IronStacks connected b y multi-slot trunk groups Support for flexible trunk group membership Po werConnect devices support flexible trunk group membership, which eliminates the requirement f or por t membership to be consec utiv e, and allows the[...]
-
Страница 441
PowerConnect B-Series FCX Configuration Guide 399 53-1002266-01 Trunk grou p overview 12 Load sharing for unknown unicast, multicast, and br oadcast traffic Dell P owerConnec t devices load b alance unknown unicast, mu lticast, and broadcast traffic ba sed on the source port and VLAN ID and not on any source or destination information in the packet[...]
-
Страница 442
400 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring a trunk group 12 4. IPv6 T CP/UDP: Source IP , Destination IP , Fl ow Label, Sour ce TCP/UDP Por t, Destination TC P / U D P Po r t , Source MA C, Destination MAC 5. IPv6 Non- TCP/UDP: Sour ce IP , Destination IP , Flow Label, Source MA C, Destination MAC Syntax: [ no ] tru[...]
-
Страница 443
PowerConnect B-Series FCX Configuration Guide 401 53-1002266-01 Configuring a trunk group 12 Syntax: trunk deploy Each ethernet paramet er introduces a port group. The <primar y-por t> variable specifies the primar y por t. No tice that each por t group must begin with a primary por t.. The primary por t of the f irs t port group specified (w[...]
-
Страница 444
402 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring a trunk group 12 NOTE The te xt shown in italics in the CLI example below sho w s messages echo ed to the screen in answer to the CLI co mmands entered. PowerConnect(config)#trunk e 1/5 to 1/8 Trunk will be created in next trunk deploy PowerConnect(config)#write memory Powe[...]
-
Страница 445
PowerConnect B-Series FCX Configuration Guide 403 53-1002266-01 Configuring a trunk group 12 Example 3: Configuring a multi-slot trunk group with one port per module Y ou can select one por t per module in a multi-sl ot trunk gr oup. This f eature is suppor ted on GbE and 1 0-GbE por ts, as well as on static and LACP tr unk ports. For multi-slot tr[...]
-
Страница 446
404 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring a trunk group 12 Additional trunking options The follo wing trunking opti ons can be per f ormed on por ts in deploy ed trunks. These options are suppor ted on static trunk ports. Except where no ted, these opti ons are also supported on dynamic (LA C P) trunk por ts on Pow[...]
-
Страница 447
PowerConnect B-Series FCX Configuration Guide 405 53-1002266-01 Configuring a trunk group 12 • Setting the sFlow sampling rate on an individual por t in a trunk NOTE Depending on the operational stat e of LACP-enable d por ts, at any time, these por ts may join a trunk group, change trunk group membership, exit a trun k group, or possibly ne ve r[...]
-
Страница 448
406 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring a trunk group 12 NOTE If you enter no config-trunk-ind , all port conf iguration commands are remov ed from the individual por ts and the configuration of the primar y por t is applied to all the por ts. Also, once you enter the no config-trunk -ind command, the enable , di[...]
-
Страница 449
PowerConnect B-Series FCX Configuration Guide 407 53-1002266-01 Configuring a trunk group 12 The to keyw ord indicat es that you are specifying a range. Specify the low er por t number in the range first, then to , then the higher por t number in the range. Deleting a static trunk group Use the command in this section to delet e a static trunk grou[...]
-
Страница 450
408 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Displaying trunk group configuration informat ion 12 • The disable module command can be used t o disable the por ts on a module. How ever , on 10 Gbps modules, the disable module command does not cause the remote c onnection to be dropped. If a trunk group consists of 1 0 Gbps por t[...]
-
Страница 451
PowerConnect B-Series FCX Configuration Guide 409 53-1002266-01 Displaying trunk group configuration inform ation 12 NOTE The show trunk command does not display any f orm of trunk when links are up. Ta b l e 7 3 describes the information displa yed b y the show tru nk command. Viewing the first and last ports in a trunk group Output for many of th[...]
-
Страница 452
410 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Dynamic link aggregation 12 PowerConnect#show mac Total active entries from all ports = 1 MAC-Address Port Type Index 0007.e910.c201 1/1/7*1/1/21 Dynamic 2920 For a trunk gr oup with members 1/1/7 to 1/1/9 , the output from the show mac co mmand resembles the follo wing. PowerConnect#s[...]
-
Страница 453
PowerConnect B-Series FCX Configuration Guide 411 53-1002266-01 Dynamic link aggregation 12 • With LACP trunk conf igurations, the LA CP system id is the MA C address of the Activ e Controller . If the LA CP system id changes, the entire trunk flaps and an S TP re-convergence occurs. • Link aggregation can be used t o form multi-slot aggregate [...]
-
Страница 454
412 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Dynamic link aggregation 12 FIGURE 82 Examples of valid ag gregate links In this ex ample, assume that link aggregation is enabled on all of the links betw een the Dell Po werConnect device on the lef t and the devi ce on the right (which can be either a Del l Po werConnect device or a[...]
-
Страница 455
PowerConnect B-Series FCX Configuration Guide 413 53-1002266-01 Dynamic link aggregation 12 FastIron Stacka ble devices The follo wi ng not es an d f e ature limitations appl y to the P owerConnect B-Series FCX de vices. • The dynamic link aggregation ( 802.3ad) implemen tation allows an y number of por ts up to eight to be ag gregated into a lin[...]
-
Страница 456
414 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Dynamic link aggregation 12 Figure 83 shows an exam ple of 2-por t groups in a rang e of f our por t s on which link aggregation is enabled. Based on the states of the ports, some or all of them will be eligible t o be used in an aggregate link. FIGURE 83 T wo-por t groups used t o det[...]
-
Страница 457
PowerConnect B-Series FCX Configuration Guide 415 53-1002266-01 Dynamic link aggregation 12 NOTE Configuration commands for link aggregation differ depending on whe ther you are using the default link aggregation ke y automatically assigned by th e software, or if you are assigning a dif ferent, unique k ey . Follo w the commands below , according [...]
-
Страница 458
416 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Dynamic link aggregation 12 NOTE For more information about k eys , including details about the syntax shown abov e, refer to “K ey” on page 4 1 7. How changing the VLAN membership of a port affects trunk groups and dynamic keys When you change a port VLAN membership and the port i[...]
-
Страница 459
PowerConnect B-Series FCX Configuration Guide 417 53-1002266-01 Dynamic link aggregation 12 NOTE If you are co nnecting the Dell Pow erConnect de vice t o another vendor de vice and the link aggregation feature is not working, set the syst em priority on the Dell Pow erConnect device to a l o w e r p r i o r i t y ( a h i g h e r p r i o r i t y v [...]
-
Страница 460
418 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Dynamic link aggregation 12 FIGURE 84 Ports with the same k ey in different aggregat e links Notice that the k eys betw een one device and anot he r do not need to match. The only req uirement for key matching is that all the ports within an a ggregate link on a giv en device must hav [...]
-
Страница 461
PowerConnect B-Series FCX Configuration Guide 419 53-1002266-01 Dynamic link aggregation 12 FIGURE 85 Multi-slot aggregate link By default, the device por ts are divided int o 4- por t groups. The software dynamically assigns a unique k ey to each 4-port group. If yo u need to di vide a 4-port group into two 2-port groups, change the k ey in one of[...]
-
Страница 462
420 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Dynamic link aggregation 12 Syntax: show link -aggregate [ ethernet <por t> ] Specify the <por t> v a ri a b l e i n th e fo l l ow in g fo r m a ts : • Po werConnect B-Series FCX stackable switches – <s tack-unit/slotnum/portnum> Configuring link a ggregation par[...]
-
Страница 463
PowerConnect B-Series FCX Configuration Guide 421 53-1002266-01 Displaying and determining th e status of aggregate links 12 PowerConnect(config-mif-1/1-1/4)#interface ethernet 3/5 to 3/8 PowerConnect(config-mif-3/5-3/8)#link-aggregate off PowerConnect(config-mif-3/5-3/8)#link-aggregate configure key 10000 PowerConnect(config-mif-3/5-3/8)#link-aggr[...]
-
Страница 464
422 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Displaying and determining th e status of aggregate links 12 Events that affect the status of ports in an aggregate link Dell Pow erConn ect devices can block traf fic o n a por t or shut do wn a por t that is par t of a trunk group or aggregate link, when a port joins a trunk group an[...]
-
Страница 465
PowerConnect B-Series FCX Configuration Guide 423 53-1002266-01 Displaying and determining th e status of aggregate links 12 NOTE Ports that are configured as par t of an aggregat e link mu st also ha ve the same ke y . For more information about assigning keys, ref er to the section “Link aggregation paramet ers ” on page 4 16. The show link-a[...]
-
Страница 466
424 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Displaying and determining th e status of aggregate links 12 Displaying link aggregation and port st atus information for PowerConnect Stackable devices T o display link aggregation information f or devices in an Ir onStack, enter the sho w link-aggregate command. The o utput for an Ir[...]
-
Страница 467
PowerConnect B-Series FCX Configuration Guide 425 53-1002266-01 Clearing the negotiat ed aggregate lin ks table 12 Clearing the negotiated aggregate links table When a group o f por ts negotiates a trunk gr oup configuration, the software stores the neg otiated configuration in a table. Y ou can clear the negoti ated link aggregation configurations[...]
-
Страница 468
426 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring single link LACP 12 If si ngleton is configured on the port, the “Ke y” column displays “ singleton”. Ref er to “CLI display of link aggregation info rmation” on page 423 to inter pret the information on the displa yed output. Also, when por ts are logically br [...]
-
Страница 469
PowerConnect B-Series FCX Configuration Guide 427 53-1002266-01 Chapter 13 Configuring Virtual LANs (VLANs) Ta b l e 76 lists the individual Dell Pow erConnect PowerC o nnect switches and the VLAN f eatures they suppor t. VLAN overview The follo wing sections pro vide details about th e VLAN types and features suppor ted on the Po werConnect family[...]
-
Страница 470
428 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 VLAN overview 13 • La yer 3 prot ocol VLANs – a subset of por ts within a por t -based VLAN that share a common, ex clusive broad cast domain for La yer 3 br oadcasts of the specified pro tocol type • IP subnet VLANs – a subset of ports in a por t-based VLAN that share a common[...]
-
Страница 471
PowerConnect B-Series FCX Configuration Guide 429 53-1002266-01 VLAN overview 13 NOTE VLAN IDs 408 7, 4090, and 4093 are reserved for Del l internal use only . VLAN 4094 is reser ved f or use by Single S TP . Also, if you are running an earlier release, VLAN IDs 409 1 and 4092 ma y be reserved for De ll internal use only . If you want t o use VLANs[...]
-
Страница 472
430 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 VLAN overview 13 FIGURE 86 De ll Power Co n nec t device conta ining user-defi ned Lay er 2 port-based VLAN Layer 3 protocol-based VLANs If you w ant some or all of the por ts within a po r t-based VLAN to be organized according t o Lay er 3 protoc ol , yo u mu st co nf ig ur e a Layer[...]
-
Страница 473
PowerConnect B-Series FCX Configuration Guide 431 53-1002266-01 VLAN overview 13 • Other – The devic e sends broadcasts f or all protocol types o ther than those listed above t o all por ts with in the VLAN . Figure 87 sho ws an example of Lay er 3 prot ocol VLANs configured within a La yer 2 port-based VLAN. FIGURE 8 7 Lay er 3 protocol VLANs [...]
-
Страница 474
432 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 VLAN overview 13 Integrated Switch Routing (ISR) The Dell Integrat ed Switch Routing (ISR) feature enables VLANs c onfig ured on Layer 3 Switc hes to ro ute La yer 3 traffic from one prot ocol VLAN or IP subnet, IPX networ k, or AppleT alk cable VLAN to another . Normally , to rout e t[...]
-
Страница 475
PowerConnect B-Series FCX Configuration Guide 433 53-1002266-01 VLAN overview 13 NOTE The Lay er 3 Switch routes packets betw een VLANs of the same protocol. The La yer 3 Switch cannot rout e from one pr otocol t o another . NOTE IP subnet VLANs are not the same th ing as IP protocol VLANs. An IP protocol VLAN sends all IP broadcasts on the ports w[...]
-
Страница 476
434 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 VLAN overview 13 When you configure a port-based VLAN, one of the co nfiguration items you pr ovide is the po r ts that are in the VLAN. When you configure the VLAN , the Dell P owerConnect de vice automatically remov es the por ts that you place i n the VLAN from DEF AUL T -VLAN. By r[...]
-
Страница 477
PowerConnect B-Series FCX Configuration Guide 435 53-1002266-01 VLAN overview 13 FIGURE 89 Packe t containing a Dell 802. 1Q VLAN tag If you configure a VLAN that spans multiple de vi ces, you need t o use tagging only if a por t connecting one of the devices t o the other is a memb er of more than one por t-based VLAN. If a por t connecting one de[...]
-
Страница 478
436 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 VLAN overview 13 FIGURE 90 VLANs configured across multiple devices Support for 802.1Q-in-Q tagging Dell Po werConnect devices pr ovide finer granularit y for configuring 802. 1Q tagging, enabling you t o configure 802. 1Q tag-types on a gr oup of por ts, thereby enabling the creation [...]
-
Страница 479
PowerConnect B-Series FCX Configuration Guide 437 53-1002266-01 VLAN overview 13 T o direct individual por ts or on a range of ports to this tag pr ofile, enter commands similar to the following. PowerConnect(config)# interface ethernet 1/1/1 PowerConnect(config-if-e1000-1/1/1)# tag-profile enable PowerConnect(config-mif-1/1/1,1/2/1)# tag-profile e[...]
-
Страница 480
438 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 VLAN overview 13 If you want the device t o be able to send La yer 3 traf fic fr om one prot ocol VLAN t o another , you must configur e a vir tual routing interface on each protocol VLAN, then configure routing parameters on the vir tual r outing inter faces. For ex ample, to enable a[...]
-
Страница 481
PowerConnect B-Series FCX Configuration Guide 439 53-1002266-01 VLAN overview 13 VLAN and virtual routing interface groups Dell Pow erC onnect devices suppor t the con figuration of VLAN groups. T o simplify confi guration, you can configure VLAN gr oups and vir tual routing inter face gr oups. When you create a VLAN group, the VLAN parameters y ou[...]
-
Страница 482
440 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 VLAN overview 13 FIGURE 92 VLAN with dynamic port s—all ports are active when you creat e the VLAN SUBNET Ports in a new pro tocol VLAN that do not receiv e traf fic for the VLAN pr otocol age out af ter 1 0 minutes an d become candidate por ts. Figure 93 shows what happens if a cand[...]
-
Страница 483
PowerConnect B-Series FCX Configuration Guide 441 53-1002266-01 VLAN overview 13 Static ports Static por ts are permanent members of the prot oc ol VLAN. The por ts remain active members of the VLAN regardless of whe ther the por ts receive tr affi c f o r the VLAN prot ocol . Y ou must explicitly identify the por t as a static por t when you add i[...]
-
Страница 484
442 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 VLAN overview 13 Summary of VLAN configuration rules A hierarch y of VLANs exists between the La yer 2 and La yer 3 pr otocol-based VLANs: • Port-based VLANs are at the lowest lev el of the hierarch y. • Lay er 3 protocol- based VLANs, IP , IPv6, IPX, Appl eT alk, Decnet, and NetB [...]
-
Страница 485
PowerConnect B-Series FCX Configuration Guide 443 53-1002266-01 Routing between VLANs 13 Routing between VLANs Lay er 3 Switches can locally r oute IP , IPX, and Appletalk betw een VLANs defined within a single rout er . All other r outable prot ocols or pro tocol VLANs (f or exam ple, DecNet) must be r outed by another ext ernal router capable of [...]
-
Страница 486
444 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Routing between VLANs 13 If your backbone consists of vir tual routing interfaces all within the same STP domain, it is a bridged backbone, not a r outed one. This means that the set of backbone interfaces that are blocke d by STP will be block ed for r outed pr otocols as well. The ro[...]
-
Страница 487
PowerConnect B-Series FCX Configuration Guide 445 53-1002266-01 Routing between VLANs 13 NOTE does not change the pr oper ties of the default VLAN. Changing the name allows yo u to use the VLAN ID “1” as a configurable VLAN. Assigning different VLAN IDs to reserved VLANs 4091 and 4092 If you w ant to use VLANs 409 1 and 4092 as config urable VL[...]
-
Страница 488
446 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Routing between VLANs 13 Assigning trunk group ports When a “lead” trunk gr oup por t is assigned to a VLAN, all other members of the trunk group are automatically added t o that VLAN. A lead port is the first port of a trunk group por t range; fo r exam ple, “1” in 1 – 4 or [...]
-
Страница 489
PowerConnect B-Series FCX Configuration Guide 447 53-1002266-01 Routing between VLANs 13 FIGURE 94 Port-based VLANs 222 and 333 T o create the tw o por t-based VLANs shown in Figu re 94 , enter the f ollowing com mands. PowerConnect(config)# vlan 222 by port PowerConnect(config-vlan-222)# untagged ethernet 1 to 8 PowerConnect(config-vlan-222)# vlan[...]
-
Страница 490
448 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Routing between VLANs 13 FIGURE 95 More complex port-based VLAN T o configure the Port-based VLAN s on the La yer 2 Switches in Figure 95 , use the following method. Configuring device-A En ter the foll owi ng co mm an ds to co nf ig ur e d evi ce- A . PowerConnect> enable PowerConn[...]
-
Страница 491
PowerConnect B-Series FCX Configuration Guide 449 53-1002266-01 Routing between VLANs 13 Configuring device-B En ter the foll owi ng co mm an ds to co nf ig ur e d evi ce- B. PowerConnect> en PowerConnect# configure terminal PowerConnect(config)# hostname PowerConnect-B PowerConnect-B(config)# vlan 2 name BROWN PowerConnect-B(config-vlan-2)# unt[...]
-
Страница 492
450 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Routing between VLANs 13 Modifying a port-based VLAN Y ou can make the follo wing modifications to a por t-based VLAN: • Add or delet e a VLAN port. • Enable or disable S TP . Removing a port-based VLAN Suppose you w ant to remov e VLAN 5 from the e xample in Figure 95 . T o do so,[...]
-
Страница 493
PowerConnect B-Series FCX Configuration Guide 451 53-1002266-01 Routing between VLANs 13 4. En ter th e fo ll owi ng co mm an ds to ex it th e V LA N CONFIG mode and sav e the configuration to the syst em-config file on f lash memory. PowerConnect-A(config-vlan-4)# PowerConnect-A(config-vlan-4)# end PowerConnect-A# write memory Y ou can remove all [...]
-
Страница 494
452 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring IP subnet, IPX ne twork and protocol-based VLANs 13 T o configure a specific path-cost or priority valu e fo r a given por t, enter tho se values using the ke y wor ds in the brack ets [ ] shown in the syntax summar y below . If you do not want to specify values for an y gi[...]
-
Страница 495
PowerConnect B-Series FCX Configuration Guide 453 53-1002266-01 Configuring IP subnet, IPX network and protocol-b ased VLANs 13 FIGURE 96 Protocol-based (La yer 3) VLANs T o configure the V LANs shown in Figure 96 , use the f ollowing pr ocedure. 1. T o permanently assign por ts 1 – 8 and por t 25 to IP subnet VLAN 1.1 . 1.0, enter the f ollowing[...]
-
Страница 496
454 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring IP subnet, IPX network, and pr otocol-based VLANs within port-base d VLANs 13 PowerConnect(config-ipx-proto)# atalk-proto name Red PowerConnect(config-atalk-proto)# no dynamic PowerConnect(config-atalk-proto)# static ethernet 13 to 25 PowerConnect(config-atalk-proto)# end P[...]
-
Страница 497
PowerConnect B-Series FCX Configuration Guide 455 53-1002266-01 Configuring IP subnet, IPX network, and pr otocol-b ased VLANs w ithin port-based VLAN s 13 FIGURE 9 7 More prot ocol-based VLANs T o configure t he Lay er 3 VLANs on the Layer 2 Switches in Figure 9 7 , use the follo wing procedure. Configuring device-A En ter the foll owi ng co mm an[...]
-
Страница 498
456 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring IP subnet, IPX network, and pr otocol-based VLANs within port-base d VLANs 13 4. T o prev ent machines with non-IP pro tocols from getting into the IP por tion of VLAN 2, creat e another La yer 3 pr otocol VLAN t o excl ude all other pro tocols fr om the por ts that contain[...]
-
Страница 499
PowerConnect B-Series FCX Configuration Guide 457 53-1002266-01 Configuring IP subnet, IPX network, and pr otocol-b ased VLANs w ithin port-based VLAN s 13 PowerConnect-B(config-vlan-ipx-proto)# static e5 to 8 e25 to 26 PowerConnect-B(config-vlan-ipx-proto)# exclude e1 to 4 PowerConnect-B(config-vlan-other-proto)# vlan 3 name IP-Sub_IPX-Net_VLANs P[...]
-
Страница 500
458 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring an IPv6 protocol VLAN 13 Configuring an IPv6 protocol VLAN Y ou can configure a pro tocol-based VLAN as a broadc ast domai n for IPv6 traffic. When the Lay er 3 Switch receives an IPv6 multicast packet (a pack et with 06 in the v ersion field and 0xFF as the beginning of th[...]
-
Страница 501
PowerConnect B-Series FCX Configuration Guide 459 53-1002266-01 Routing between VLANs using virtual routin g interfaces (Layer 3 Switches only) 13 Example Suppose you want to mo ve routing out to each of three buildings in a network. R emember that the only pro tocols present on VLAN 2 and VLAN 3 are IP and IPX. Theref ore, you can eliminate tagged[...]
-
Страница 502
460 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Routing between VLANs using virtual routing interfaces (Layer 3 Switches only) 13 PowerConnect>en No password has been assigned yet... PowerConnect# configure terminal PowerConnect(config)# hostname PowerConnect-A PowerConnect-A(config)# router ospf PowerConnect-A(config-ospf-router[...]
-
Страница 503
PowerConnect B-Series FCX Configuration Guide 461 53-1002266-01 Routing between VLANs using virtual routin g interfaces (Layer 3 Switches only) 13 PowerConnect-A(config-vlan-ip-subnet)# ipx-network 1 ethernet_802.3 PowerConnect-A(config-vlan-ipx-network)# static ethernet 13 to 16 PowerConnect-A(config-vlan-ipx-network)# router-interface ve4 PowerCo[...]
-
Страница 504
462 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Routing between VLANs using virtual routing interfaces (Layer 3 Switches only) 13 This completes the configuration for device-A. The conf iguration for de vice-B and C is very similar ex cept for a f ew issues which are as follows: • IP subnets and IPX networks configur ed on device-[...]
-
Страница 505
PowerConnect B-Series FCX Configuration Guide 463 53-1002266-01 Routing between VLANs using virtual routin g interfaces (Layer 3 Switches only) 13 PowerConnect-B(config-vif-4)# ipx network 7 ethernet_802.3 PowerConnect-B(config-vif-4)# vlan 4 name Bridged_ALL_Protocols PowerConnect-B(config-vlan-4)# untagged ethernet 17 to 24 PowerConnect-B(config-[...]
-
Страница 506
464 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring protocol VLANs wi th dynamic ports 13 PowerConnect-C(config-vlan-ip-subnet)# ipx-network 10 ethernet_802.3 PowerConnect-C(config-vlan-ipx-network)# static ethernet 13 to 16 PowerConnect-C(config-vlan-ipx-network)# router-interface ve4 PowerConnect-C(config-vlan-ipx-network)[...]
-
Страница 507
PowerConnect B-Series FCX Configuration Guide 465 53-1002266-01 Configuring protoco l VLANs with dynamic ports 13 Aging of dynamic ports When you add the port s to the VLAN, the softwa re automatically adds them all to the VLAN. How ever , dynamically added por ts age out. If the age time for a dynamic port expires, the software remov es the por t [...]
-
Страница 508
466 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring protocol VLANs wi th dynamic ports 13 Configuration guidelines • Y ou cannot dynamically add a port to a pro tocol VLAN if the por t has any r outin g configuratio n parameters. F or example, the port cannot hav e a vir tual r outing int er face, IP su bnet address, IPX n[...]
-
Страница 509
PowerConnect B-Series FCX Configuration Guide 467 53-1002266-01 Configuring protoco l VLANs with dynamic ports 13 PowerConnect(config)# vlan 10 by port name IP_VLAN PowerConnect(config-vlan-10)# untagged ethernet 1/1 to 1/6 added untagged port ethe 1/1 to 1/6 to port-vlan 10. PowerConnect(config-vlan-10)# ip-subnet 1.1.1.0/24 name Mktg-LAN PowerCon[...]
-
Страница 510
468 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring uplink ports within a port-based VLAN 13 Syntax: ipx-network <netw ork-addr> et hernet_ii | ethernet_802.2 | ethernet_802.3 | ethernet_snap [ name <string> ] Syntax: dynamic Configuring uplink ports within a port-based VLAN Y ou can configure a s ubset of the po[...]
-
Страница 511
PowerConnect B-Series FCX Configuration Guide 469 53-1002266-01 Configuring the same IP subnet addr ess on mult iple port-based VLANs 13 Configuring the same IP subnet address on multiple port-based VLANs For a De ll Power C on ne ct d evi ce to ro u te b et wee n po r t - ba se d V L AN s, you m us t a dd a vi r t u al rou ti ng interface to each [...]
-
Страница 512
470 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring the same IP subnet addr ess on m ultiple port-based VLANs 13 FIGURE 1 00 Multiple port-based VLANs with the same prot ocol address Each VLAN st ill requires a separate vir tual routin g interface. Howe ver , all three VLANs now use the same IP subnet address. In addition to[...]
-
Страница 513
PowerConnect B-Series FCX Configuration Guide 471 53-1002266-01 Configuring the same IP subnet addr ess on mult iple port-based VLANs 13 NOTE If the Dell P owerConnect de vice ARP table do es not contain the requested host, the Dell Po werConnect device f or wards the ARP req uest on La yer 2 to the same VLAN as the one that received the ARP req ue[...]
-
Страница 514
472 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring VLAN groups and virtu al routing interface groups 13 NOTE Because vir tual routing inter faces 2 and 3 do not hav e their own IP sub net addresses but instead are “follo wing” vir tual routing interface a IP addr ess, you still can configure an IPX or AppleT alk interfa[...]
-
Страница 515
PowerConnect B-Series FCX Configuration Guide 473 53-1002266-01 Configuring VLAN groups and virtual routing interface groups 13 The first command in this example begins configuration for VLAN group 1 , and assigns VLANs 2 through 25 7 to the group. The sec ond command ad ds por ts 1/1 and 1/2 as tagged ports. Because all the VLANs in the gr oup sha[...]
-
Страница 516
474 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring VLAN groups and virtu al routing interface groups 13 Syntax: show vlan-group [ <group-id> ] The <group-id> specifies a VLAN group. If y ou do not use this parameter , the configuration inf ormation for all the configured VL AN groups is displa yed. Configuring a[...]
-
Страница 517
PowerConnect B-Series FCX Configuration Guide 475 53-1002266-01 Configuring VLAN groups and virtual routing interface groups 13 The r outer -inter face-group command enables a VLAN gr oup to us e a virtual routing interface group. Enter this command at the configura tion lev el fo r the VLAN group. This command co nfigures the VLAN group t o use th[...]
-
Страница 518
476 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring VLAN groups and virtu al routing interface groups 13 Allocating memory for more VLANs or virtual routing interfaces Lay er 2 and Lay er 3 Switches suppor t up to 4095 VL ANs. In addition, La yer 3 switches support up to 5 12 vir tual routing interfaces. The number of VLANs [...]
-
Страница 519
PowerConnect B-Series FCX Configuration Guide 477 53-1002266-01 Configuring super aggregated VLAN s 13 The <num> parameter indicat es the maximum number of vir tual routing int er faces. The range of valid v alues depends on the device y ou are configuring. Ref er to Ta b l e 7 8 . Configuring super aggregated VLANs Y ou can aggregate multipl[...]
-
Страница 520
478 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring super aggregated VLANs 13 FIGURE 1 0 1 Conceptual model of the super aggregat ed VLAN application Each client connect ed to the edge de vice is in its own port-b ased VLAN, which is like an A TM channel. All the clients’ VL ANs are aggregated by th e edge device int o a s[...]
-
Страница 521
PowerConnect B-Series FCX Configuration Guide 479 53-1002266-01 Configuring super aggregated VLAN s 13 FIGURE 1 02 Example of a super aggregat ed VLAN application In this example, a collocation ser vice pro vides pr ivate channels f or multiple clients. A lthough the same devices are used f or all the clients, the VLANs ensure that each client rece[...]
-
Страница 522
480 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring super aggregated VLANs 13 Configuration notes • Super Aggregated VL ANs and VSRP are not supported toge ther on the same device. Configuring aggregated VLANs T o configure aggregat ed VLANs, per form the f ollowing tasks: • On each edge device, co nfigure a separate por[...]
-
Страница 523
PowerConnect B-Series FCX Configuration Guide 481 53-1002266-01 Configuring super aggregated VLAN s 13 PowerConnect(config-vlan-104)# tagged ethernet 2/1 PowerConnect(config-vlan-104)# untagged ethernet 1/4 PowerConnect(config-vlan-104)# exit PowerConnect(config)# vlan 105 by port PowerConnect(config-vlan-105)# tagged ethernet 2/1 PowerConnect(conf[...]
-
Страница 524
482 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring super aggregated VLANs 13 NOTE In these exam ples, the configurations of the edg e de vices (A, B, E, and F) are identical. The configuratio ns of the core devices (C and D) also are identical. The aggreg ated VLAN configurations of the edge and core de vices on one side mu[...]
-
Страница 525
PowerConnect B-Series FCX Configuration Guide 483 53-1002266-01 Configuring super aggregated VLAN s 13 PowerConnectB(config)# vlan 105 by port PowerConnectB(config-vlan-105)# tagged ethernet 2/1 PowerConnectB(config-vlan-105)# untagged ethernet 1/5 PowerConnectB(config-vlan-105)# exit PowerConnectB(config)# write memory Commands for device C Becaus[...]
-
Страница 526
484 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring 802.1Q-in-Q tagging 13 PowerConnectE(config)# vlan 104 by port PowerConnectE(config-vlan-104)# tagged ethernet 2/1 PowerConnectE(config-vlan-104)# untagged ethernet 1/4 PowerConnectE(config-vlan-104)# exit PowerConnectE(config)# vlan 105 by port PowerConnectE(config-vlan-10[...]
-
Страница 527
PowerConnect B-Series FCX Configuration Guide 485 53-1002266-01 Configuring 802.1Q-in-Q tagging 13 FIGURE 1 03 802.1Q-in-Q configuration e xample In Figure 1 03 , the untagged por ts (to customer interfaces) accept frames that hav e any 802. 1Q tag other than the configured tag-type 9 1 00. These packets are considered untagged on this incoming por[...]
-
Страница 528
486 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring 802.1Q-in-Q tagging 13 PowerConnect(config)# tag-type 9100 ethernet 11 to 12 PowerConnect(config)# aggregated-vlan Note that because ports 11 and 12 belong t o the por t region 1 – 12, the 802.1Q tag ac tually applies to ports 1 – 12. Syntax: [ no ] tag-type <num>[...]
-
Страница 529
PowerConnect B-Series FCX Configuration Guide 487 53-1002266-01 Configuring 802.1Q-in-Q tagging 13 Example configuration Figure 104 sho ws an example 802. 1Q-in-Q configuration. FIGURE 1 04 Example 802.1Q-in-Q conf iguration Client 1 Port1 VLAN 101 Client 3 Port3 VLAN 103 Client 5 Port5 VLAN 105 ... ... Client 1 192.168.1.69/24 Client 5 209.157.2.1[...]
-
Страница 530
488 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring private V LANs 13 Configuring 802.1Q-in-Q tag profiles The 802. 1Q-in-Q tagging f eature suppor ts a tag-profile command that allo ws you to add a tag profile with a v alue of 0 to 0xff f f in addition t o the default tag-type 0x8 1 00. This enhancement also allows y ou to [...]
-
Страница 531
PowerConnect B-Series FCX Configuration Guide 489 53-1002266-01 Configuring private VLANs 13 FIGURE 1 05 PVLAN used t o secure communication between a wor kstation and ser vers This exam ple uses a PVLA N to secure t raff ic between hosts and the rest of the network thr ough a fir ewall. Five p or ts in thi s exam ple a re m emb er s of a PV LAN. T[...]
-
Страница 532
490 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring private V LANs 13 • Community – Bro adcasts and unkn own unicasts received on community por ts are sent to the primar y por t and also are flooded to th e other por ts in the community VLAN. Each PVLAN must hav e a primar y VLAN. The primar y VLAN is the inter face betw[...]
-
Страница 533
PowerConnect B-Series FCX Configuration Guide 491 53-1002266-01 Configuring private VLANs 13 F I G U R E 107 Example PVLAN netw ork with tagged ports Ta b l e 7 9 lists the dif f erences between PVLANs and standar d VLANs. Configuration notes • PVLANs are supported on untagged ports on all Po werConnect platforms. PVLANs are also suppor ted on ta[...]
-
Страница 534
492 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring private V LANs 13 Po werConnect de vice will flood unkno wn unicas t, unregistere d multicast, and broadcast pack ets in sof tware. The floodi ng of broadcast or unkno wn unicast from the community or isolated VLANs t o other secondary VLANs will be governed b y the PVLAN f[...]
-
Страница 535
PowerConnect B-Series FCX Configuration Guide 493 53-1002266-01 Configuring private VLANs 13 T o map the secondar y VLANs to the primary VLAN and t o configure the tagged switch link por t, enter c ommands such as th e following. PowerConnect(config)# vlan 100 PowerConnect(config-vlan-100)# tagged ethernet 1/1/10 to 1/1/11 PowerConnect(config-vlan-[...]
-
Страница 536
494 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring private V LANs 13 • An isolated VLAN must be associ ated with the primar y VLAN for traffic from the isolated port to be switched. An isolated VLAN is associated wi th only one primar y VLAN and to the same primar y VLAN in the entire switched network. • An isolated por[...]
-
Страница 537
PowerConnect B-Series FCX Configuration Guide 495 53-1002266-01 Configuring private VLANs 13 Enabling broadcast or unknown unicast traffic to the PVLAN T o enhance PVLAN security , the primar y PVLAN does not f or war d broadcast or unknown unicast pack et s to its community and isolated VLANs, and other ports in the primar y VLAN. For example, if [...]
-
Страница 538
496 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring private V LANs 13 CLI example for a general PVLAN network T o conf igure the PVLANs shown in Figure 1 05 on page 489, en ter the f ollowing comman ds. PowerConnect(config)# vlan 901 PowerConnect(config-vlan-901)# untagged ethernet 3/5 to 3/6 PowerConnect(config-vlan-901)# p[...]
-
Страница 539
PowerConnect B-Series FCX Configuration Guide 497 53-1002266-01 Dual-mode VLAN ports 13 PowerConnect(config)# vlan 100 by port PowerConnect(config-vlan-100)# tagged ethernet 1/1/10 to 1/1/11 PowerConnect(config-vlan-100)# pvlan type primary PowerConnect(config-vlan-100)# pvlan pvlan-trunk 102 ethernet 1/1/10 to 1/1/11 PowerConnect(config-vlan-100)#[...]
-
Страница 540
498 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Dual-mode VLAN ports 13 FIGURE 1 08 Dual-mode VLAN por t example T o enable the dual-mode feature on por t 2/11 in Figure 108 ,ent er the follo wing commands. PowerConnect(config)# vlan 20 PowerConnect(config-vlan-20)# tagged ethernet 2/11 PowerConnect(config-vlan-20)# tagged ethernet [...]
-
Страница 541
PowerConnect B-Series FCX Configuration Guide 499 53-1002266-01 Dual-mode VLAN ports 13 FIGURE 1 09 Specifying a default VLAN ID for a dual-mode port In Figure 109 , tagged por t 2/11 is a dual-mode port be longing to VLANs 1 0 and 20. The default VLAN assigned to this dual-mode por t is 1 0. This means that the por t transmits tagged traf fic on V[...]
-
Страница 542
500 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Displaying VLAN informa tion 13 The show vlan command displays a separat e row for dual-mode po r ts on each VLAN. Example Displaying VLAN information Af ter y ou conf igure the VLANs, you can v erify the configuration using the sho w commands described in this sect ion. NOTE If a VLAN[...]
-
Страница 543
PowerConnect B-Series FCX Configuration Guide 501 53-1002266-01 Displaying VLAN information 13 Displaying system-wide V LAN information Use the sho w vlans command to displa y VLAN information for all the VLANs configured on the devic e. The fo llowing example shows the displa y for the IP subnet and IPX network VLANs configured in the exa mp le s [...]
-
Страница 544
502 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Displaying VLAN informa tion 13 Syntax: show vlans [ <vlan-id> | ethernet [ <slotnum> / ] <po r tnum> ] The <vlan-id> parameter specifies a VLAN f or which you want to display the configuration information. The <slotnum> paramet er is required on chassis d[...]
-
Страница 545
PowerConnect B-Series FCX Configuration Guide 503 53-1002266-01 Displaying VLAN information 13 Syntax: show vlans [ <vlan-id> | ethernet [ <slotnum> / ] <po r tnum> The <vlan-id> parameter specifies a VLAN f or which you want to display the configuration information. The <slotnum> paramet er is required on chassis devi[...]
-
Страница 546
504 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Displaying VLAN informa tion 13 • For untag ged por ts, the PVID is the VLAN ID number . • For dual-mode por ts, the PVID is the dual-mode VLAN ID number . • For tagged po r ts without dual-mode, th e PVID is always No t Applicable (NA). Syntax: show interfaces brief [ ethernet [[...]
-
Страница 547
PowerConnect B-Series FCX Configuration Guide 505 53-1002266-01 Chapter 14 Configuring GARP VLAN Registration Protocol (GVRP) Ta b l e 8 1 lists the individu al Dell Pow e rConnect swit ches and the GVRP f eatures they support. GVRP overview GARP VLAN Regi stration Protoc ol (GVRP) i s a Generic Attribute Registration Pro tocol (GARP) application t[...]
-
Страница 548
506 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Application examples 14 • IEEE draf t P802. 1t/D1 0, N ov ember 20, 2000 Application examples Figure 11 0 shows an example of a network that uses GVRP . This section describes various ways you can use G VRP in a network such as this one. “CLI examples” on page 522 lists the CLI c[...]
-
Страница 549
PowerConnect B-Series FCX Configuration Guide 507 53-1002266-01 Application examples 14 In this configuration, the edge devices are statical ly (manu ally) configured with VLAN information. The core device dynamically conf igures itself to be a member of each of the edge device VLANs. The operation of GVRP on the core device results in the f ollowi[...]
-
Страница 550
508 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 VLAN names 14 Fixed core and dynamic edge G VRP learning is enabled on the edge devices. The VLANs on the c ore device are statically configur ed, and the core device is enabled to ad vertise its VLANs but not to learn VL ANs. The edge devices learn the VLANs fr om the core. Fixed core[...]
-
Страница 551
PowerConnect B-Series FCX Configuration Guide 509 53-1002266-01 Configuration notes 14 • Single STP must be e nabled on the device. Dell im plementation of GVRP requires Single S TP . If you do no t have an y statically configured VLAN s on the device, you can enable Single STP as follows. PowerConnect(config)#vlan 1 PowerConnect(config-vlan-1)#e[...]
-
Страница 552
510 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring GVRP 14 Configuring GVRP T o configure a device f or GVRP , globally enable su pport for the f eature, then enable the f eature on specific por ts. Optionally, you ca n disable VLAN learning or adver tising on specific inter faces. Y ou can also change the pro tocol timers [...]
-
Страница 553
PowerConnect B-Series FCX Configuration Guide 511 53-1002266-01 Configuring GV RP 14 Enabling GVRP T o enable GV RP , enter c ommands such as the following at the global CONFIG lev el of the C LI. PowerConnect(config)#gvrp-enable PowerConnect(config-gvrp)#enable all The first command globally enables suppor t for the f eature and changes the CLI to[...]
-
Страница 554
512 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring GVRP 14 Disabling VLAN learning T o disable VLAN learning on a por t enabled for G VRP , enter a command such as the following at the G VRP co nfiguration level. PowerConnect(config-gvrp)#block-learning ethernet 6/24 This command disables learning of VLAN inf orm ation on p[...]
-
Страница 555
PowerConnect B-Series FCX Configuration Guide 513 53-1002266-01 Configuring GV RP 14 • Leav eall – The min imum interval at wh ich GVRP sends Lea veall messages on all G VRP interfaces. Leav eall mess ages ensure that the G VRP VLA N membership information is current by aging out stale VLAN inf ormat ion and adding information f or new VLAN mem[...]
-
Страница 556
514 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Converting a VLAN created by GVRP into a statical ly-configured VLAN 14 • Lea ve – 600 ms • Leav eall – 1 0000 ms Converting a VLAN created by GVRP into a statically-configured VLAN Y ou cannot configure VLAN parame ters on VLAN s created by G V RP . Moreover , VLAN s and VLAN [...]
-
Страница 557
PowerConnect B-Series FCX Configuration Guide 515 53-1002266-01 Displaying GVRP information 14 • CPU utilization statistics • G V RP diagnostic information Displaying GVRP configuration information T o display G VRP conf iguration information, enter a command such as the f ollowing. Syntax: show gvrp [ ethernet <por t> ] Specify the <p[...]
-
Страница 558
516 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Displaying GVRP information 14 T o display detailed G VRP inf ormation for an indivi dual port, enter a command suc h as the following. G VRP Join Timer The value of the Join timer . NO TE: F o r d e sc r i p t i o n s o f th e J o i n , L e a v e , a n d L e a v e a l l t i m e r s o [...]
-
Страница 559
PowerConnect B-Series FCX Configuration Guide 517 53-1002266-01 Displaying GVRP information 14 This display sho w s the f ollowing information. Displaying GVRP VLAN information T o display inf ormation about all the VLANs on the de vice, enter the f ollowing command. TA B L E 8 3 CLI displa y of detailed GVRP inf ormation for a po r t This field...[...]
-
Страница 560
518 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Displaying GVRP information 14 Syntax: show gvrp vlan all | brief | <vlan-id> This display sho w s the f ollowing information. T o display detailed inf orm ation for a specific VLAN, enter a command such as the f ollowing. TA B L E 8 4 CLI display of summary VLAN information f or[...]
-
Страница 561
PowerConnect B-Series FCX Configuration Guide 519 53-1002266-01 Displaying GVRP information 14 This display sho w s the f ollowing information. T o display detaile d information f or all VLANs, enter the sho w gvrp vlan all com mand. Displaying GVRP statistics T o display G VRP statistics for a port, enter a command such as the f ollowing. Syntax: [...]
-
Страница 562
520 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Displaying GVRP information 14 • Po werConnect B-Series FCX stackable switches – <s tack-unit/slotnum/portnum> This display sho ws the following inf orma tion fo r the por t. T o display G VRP statistics for all ports, enter the show gvrp statistics all comman d. Displaying C[...]
-
Страница 563
PowerConnect B-Series FCX Configuration Guide 521 53-1002266-01 Displaying GVRP information 14 If the soft ware has been running less than 15 minutes (the maximum interval for utilization statistics), the command indicat es how long the software has been ru nning. An example is given below . T o display utilization statistics for a specific number [...]
-
Страница 564
522 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Clearing GVRP statistics 14 Displaying GVRP dia gnostic information T o display diagnostic inf ormatio n, enter the follo wi ng command. Syntax: debug gvrp packe ts Clearing GVRP statistics T o clear the GV RP statistics counters, enter a command such as the following. PowerConnect#cle[...]
-
Страница 565
PowerConnect B-Series FCX Configuration Guide 523 53-1002266-01 CLI examples 14 Dynamic core and fixed edge In this configura tion, the edge devices adv er tis e their statically configured VLANs to the co re devic e. The core device does not have an y static ally configured VLANs but learns the VLANs from the edge de vices. Enter the f ollowing co[...]
-
Страница 566
524 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 CLI examples 14 PowerConnect(config-vlan-40)#exit PowerConnect(config)#gvrp-enable PowerConnect(config-gvrp)#enable ethernet 4/1 PowerConnect(config-gvrp)#block-learning ethernet 4/1 Dynamic core and dynamic edge In this configuration, the core and edge device s hav e no statically con[...]
-
Страница 567
PowerConnect B-Series FCX Configuration Guide 525 53-1002266-01 CLI examples 14 Fixed core and fixed edge The VLANs are statically configured on the core and edge devices. On each edge device, VL AN advertisin g is enabled but learning is disabled. GVRP is not configured on the core device. This configuration enables the devices in the edge c l oud[...]
-
Страница 568
526 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 CLI examples 14[...]
-
Страница 569
PowerConnect B-Series FCX Configuration Guide 527 53-1002266-01 Chapter 15 Configuring MAC-based VLANs Ta b l e 8 7 lists the individual Dell Pow erConnect swit ches and the MA C-based VLAN f eatures the y suppor t. Overview The MA C-based VLAN feature contr ols network a ccess by authenticating a host source MA C address, and mapping the incoming [...]
-
Страница 570
528 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Dynamic MAC-based VLAN 15 • Source MAC Address Auth entication • Policy-Based Classifi cation and F or warding Source MAC addre ss authentication Source MAC address authentication is per formed by a central RADIUS ser ver when it rec eives a P AP request with a username and passwor[...]
-
Страница 571
PowerConnect B-Series FCX Configuration Guide 529 53-1002266-01 Configuration notes and feature limitations 15 When this feature is no t enabled, the physical por t is statically added to the har dware table, regardless of the outcome of the authentication pr ocess. This f eature prevents the addition of un-authenticated ports to the VLAN table. F [...]
-
Страница 572
530 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuration notes a nd feature limitations 15 Configuration example The follo wi ng exam ple shows a MAC-based VLAN configuration. PowerConnect#show run Current configuration: ver 7.2.00aT7f1 fan-threshold mp speed-3 35 100 module 1 FCX-24-port-management-module module 4 FCX-xfp-2-po[...]
-
Страница 573
PowerConnect B-Series FCX Configuration Guide 531 53-1002266-01 Configuring MAC-base d VLANs 15 mac-authentication auth-fail-vlan-id 666 interface ethernet 0/1/1 mac-authentication mac-vlan max-mac-entries 5 mac-authentication mac-vlan 0030.4888.b9fe vlan 1 priority 1 mac-authentication mac-vlan enable interface ethernet 0/1/2 mac-authentication ma[...]
-
Страница 574
532 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring MAC-based VLANs 15 When both f eatu res are configured on a port, a device connect ed to the port is authenticated as follows. 1. MAC-based VLAN is per formed on the d evice to authenticat e the device MA C address. 2. If MAC-based VLAN is successful, the de vice then check[...]
-
Страница 575
PowerConnect B-Series FCX Configuration Guide 533 53-1002266-01 Configuring MAC-base d VLANs 15 Aging for MAC-based VLAN The aging pro cess for MA C-based VLAN works as described belo w. For permitted h osts For permitt ed ho sts, as long as the Dell Po werConnect device is receiving traffic aging does not occur . The age column in the output of th[...]
-
Страница 576
534 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring MAC-based VLANs 15 When the hardw are aging period ends, the sof tware aging period begins. T he sof tware aging period lasts for a configu rable amount of time (the def ault is 120 seconds). After the sof tware aging period ends, the MA C-based VLAN session is flushed, and[...]
-
Страница 577
PowerConnect B-Series FCX Configuration Guide 535 53-1002266-01 Configuring MAC-base d VLANs 15 PowerConnect(config)#interface e 3/1 PowerConnect(config-if-e1000-3/1)#mac-authentication disable-aging Syntax: [ no ] mac-authen tication disabl e-aging Configuring the maximum MAC addresses per port T o configure the max imum number of MA C a ddresses [...]
-
Страница 578
536 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring MAC-based VLANs 15 Configuring MAC-based VLAN for a dynamic host Follow the st eps given below t o confi g ure MA C-based VLAN f or a dynamic host. 1. Enable multi-device por t authenticati on globally using th e f ollowing command. PowerConnect(config)#mac-authentication e[...]
-
Страница 579
PowerConnect B-Series FCX Configuration Guide 537 53-1002266-01 Configuring MAC-based VLANs u sing SNMP 15 Configuring MAC-based VLANs using SNMP Sev eral MIB objects hav e been deve loped to a llow the configuration of MAC-based VLANs using SNMP . For more information, ref er to the IronWare MIB R eference Guid e . Displaying Information about MAC[...]
-
Страница 580
538 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Displaying Information about MAC-based VLANs 15 Displaying allowed MAC addresses Enter the f ollowing comm and to displa y info rmation about successfu lly authenticated MAC addresses. PowerConnect#show table-mac-vlan allowed-mac --------------------------------------------------------[...]
-
Страница 581
PowerConnect B-Series FCX Configuration Guide 539 53-1002266-01 Displaying Information about MAC-based VLANs 15 PowerConnect(config)#show table-mac-vlan denied-mac ------------------------------------------------------------------------------- MAC Address Port Vlan Authenticated Time Age dot1x -------------------------------------------------------[...]
-
Страница 582
540 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Displaying Information about MAC-based VLANs 15 . PowerConnect#show table-mac-vlan detailed e 0/1/2 Port : 0/1/2 Dynamic-Vlan Assignment : Disabled RADIUS failure action : Block Traffic Failure restrict use dot1x : No Override-restrict-vlan : Yes Vlan : (MAC-PERMIT-VLAN ) Port Vlan Sta[...]
-
Страница 583
PowerConnect B-Series FCX Configuration Guide 541 53-1002266-01 Displaying Information about MAC-based VLANs 15 Displaying MAC-VLAN information for a specific interface Enter the f ollowing command to display MA C-VLAN information for a specific int er face. The follo wing table describes the information in this output. This field... Displays... MA[...]
-
Страница 584
542 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Displaying Information about MAC-based VLANs 15 Displaying MAC addresses in a MAC-based VLAN Enter the follo wing comm and to display a list of MA C addresses in a MAC-based VLAN. NOTE In this output, (MB V) indicates MA C-based VLAN is enabled. The f ollowing table describes the outpu[...]
-
Страница 585
PowerConnect B-Series FCX Configuration Guide 543 53-1002266-01 Clearing MAC-VLAN information 15 Displaying MAC-based VLAN logging Enter the f ollowing command to display MA C-based VLAN lo gging activity . Clearing MAC-VLAN information Enter the f o llowing command t o clear MAC- VLAN information. Add the inter face id to clear information f or a [...]
-
Страница 586
544 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Sample application 15 F I G U R E 111 Sample MA C-based VLAN configuration Host A MAC address is statically mapped to VLAN 1 with priority 1 and is not subjected t o RADIUS authenticatio n. When Ho st B MAC address is a uth enticated, the Access- Accept message fr om the RADIUS server [...]
-
Страница 587
PowerConnect B-Series FCX Configuration Guide 545 53-1002266-01 Sample application 15 mac-authentication hw-deny-age 30 mac-authentication auth-passwd-format xxxx.xxxx.xxxx interface ethernet 0/1/1 mac-authentication mac-vlan max-mac-entries 5 mac-authentication mac-vlan 0030.4888.b9fe vlan 1 priority 1 mac-authentication mac-vlan enable ! interfac[...]
-
Страница 588
546 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Sample application 15[...]
-
Страница 589
PowerConnect B-Series FCX Configuration Guide 547 53-1002266-01 Chapter 16 Configuring Rule-Based IP Access Control Lists (ACLs) Ta b l e 9 1 lists the individual Dell P owerConnect switches and A CL features the y su ppor t. This chapter describes how A ccess Control Lists (A CLs) are implemented and configured in the Dell PowerC on nec t d evic e[...]
-
Страница 590
548 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 ACL overview 16 NOTE For inf ormation about IPv6 ACLs, ref er to Chapter 1 9, “Configurin g IPv6 Access Contr ol Li sts (ACLs)” . ACL overview Dell Po werConnect de vices suppor t rule-based ACLs (sometimes called hardware-based A CLs), where the decisions to permit or den y packet[...]
-
Страница 591
PowerConnect B-Series FCX Configuration Guide 549 53-1002266-01 ACL overview 16 NOTE This is different from IP access policies. If yo u use IP access policies, you apply the individual policies to inter faces. • ACL e n t r y – Also called an ACL r ul e , this is a filter command associat ed with an A CL ID. The maximum number of ACL rules you [...]
-
Страница 592
550 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 How hardware-bas ed ACLs work 16 How hardware-based ACLs work When you bind an A CL to inbound traffic on an in ter face, the de vice programs the La yer 4 CAM with the A CL. Permit and den y rules are programmed. Most ACL rules req uire one Layer 4 CAM entr y. How ever , A CL rules th[...]
-
Страница 593
PowerConnect B-Series FCX Configuration Guide 551 53-1002266-01 Configuring standard numbered ACLs 16 NOTE Po werConnect B-Series FCX devices do no t supp or t ACLs o n Group VEs, e ven though the CLI contains commands f o r this action. • AC Ls apply to all traf fic, including managem ent traf fic. • The number of ACLs suppor ted per device is[...]
-
Страница 594
552 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring standard numbered ACLs 16 or Syntax: [ no ] access-list <ACL -nu m> deny | per mit <source-ip> / <mask-bits > | <ho stname> [ log ] Syntax: [ no ] access-list <ACL -nu m> deny | per mit host <source-ip> | <hostname> [ log ] Syntax: [...]
-
Страница 595
PowerConnect B-Series FCX Configuration Guide 553 53-1002266-01 Configuring standard named ACLs 16 The log a r g u m e n t c o n f i g u r es t h e d e v i c e t o g e n e r a te Syslog entries and SNMP traps for packe t s that are denied by the access policy . NOTE Y ou can enable logging on ACLs and filters that su pport logging even when the A C[...]
-
Страница 596
554 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring standard named ACLs 16 Standard named ACL syntax Syntax: [ no ] ip access-list standard <ACL -name> | <ACL -num> Syntax: deny | permit <source-ip> | <hostname> <wildcard> [ log ] or Syntax: deny | permit <source-ip> / <mask-bits> | [...]
-
Страница 597
PowerConnect B-Series FCX Configuration Guide 555 53-1002266-01 Configuring standard named ACLs 16 significant bits) and changes the no n-significant por tion of the IP address into ones. For exam ple, if you specify 209. 15 7 .22.26/2 4 or 209. 15 7 .22.26 0.0.0.255, then save the changes to the star tup-config file, the value appears as 209. 15 7[...]
-
Страница 598
556 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring extended numbered ACLs 16 The commands in this exam ple configure a standa rd A C L named “Net1”. The entries in this ACL deny pack ets from three source IP addresses fr om being forwarded on por t 1. Since the implicit action fo r an ACL is “deny”, the last A CL en[...]
-
Страница 599
PowerConnect B-Series FCX Configuration Guide 557 53-1002266-01 Configuring extended numbered ACLs 16 The <ACL - num> parameter is the e xtended access list nu mber . Specify a number from 1 00 – 199. The deny | permit paramete r indicates whether pack ets th at match the policy are dr opped or f or warded. The <ip-prot ocol> paramete[...]
-
Страница 600
558 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring extended numbered ACLs 16 • echo-reply • information-req ues t • log • mask-reply • mask-request • parameter -problem • redirect • source-q u ench • time-ex ceeded • timestamp-reply • timestamp-request • traf fic policy • unreachable • <num>[...]
-
Страница 601
PowerConnect B-Series FCX Configuration Guide 559 53-1002266-01 Configuring extended numbered ACLs 16 NOTE If the AC L is for a vir tual routing interface, you al so can specify a subset of ports within the VLAN containing that inter face when assignin g an ACL to t he in te r fa ce . Refer to “Configuring standard numbered ACLs” on page 55 1. [...]
-
Страница 602
560 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring extended numbered ACLs 16 The 802. 1p-prior ity -matchi ng option inspects the 802. 1p bit in the ACL that can be used with adaptive rat e limiting. Enter a value from 0 – 7 . For details, ref er to “Inspec ting the 802.1p bit in the AC L for adaptive rate limiting” o[...]
-
Страница 603
PowerConnect B-Series FCX Configuration Guide 561 53-1002266-01 Configuring extended numbered ACLs 16 The fifth entr y denies all OSPF traf fic and generat es Syslog entries for denied traffic. The sixth entr y permits all packets that are no t explicitly denied by the other entries. Without this entr y , the A CL would den y all incoming or outgoi[...]
-
Страница 604
562 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring extended named ACLs 16 Configuring extended named ACLs The commands for configuring named ACL entries ar e different fr om the commands fo r configuring numbered ACL entries. The command to configure a numbered A CL is access-list . The command for conf iguring a named AC L[...]
-
Страница 605
PowerConnect B-Series FCX Configuration Guide 563 53-1002266-01 Configuring extended named ACLs 16 The <ip-prot ocol> parameter indicat es the type of IP pack et you are filt ering. Y o u can specify a well-known name f or any pr otocol whose number is less than 255. For other pr otocols, you must enter the number . Enter “?” instead of a[...]
-
Страница 606
564 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring extended named ACLs 16 • mask-reply • mask-request • parameter -problem • redirect • source-q u ench • time-ex ceeded • timestamp-reply • timestamp-request • traf fic policy • unreachable • <num> The <tcp/udp comparison operat or> parameter[...]
-
Страница 607
PowerConnect B-Series FCX Configuration Guide 565 53-1002266-01 Configuring extended named ACLs 16 NOTE If the AC L is for a vir tual routing interface, you al so can specify a subset of ports within the VLAN containing that inter face when assignin g an ACL to t he in te r fa ce . Refer to “Configuring standard numbered ACLs” on page 55 1. The[...]
-
Страница 608
566 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Preserving user input for ACL TCP/UDP port numbers 16 The 802. 1p-prior ity -matchi ng option inspects the 802. 1p bit in the ACL that can be used with adaptive rat e limiting. Enter a value from 0 – 7 . For details, ref er to “Inspec ting the 802.1p bit in the AC L for adaptive ra[...]
-
Страница 609
PowerConnect B-Series FCX Configuration Guide 567 53-1002266-01 Managing ACL comment text 16 The follo wi ng exam ple shows how this feature w ork s for a T CP por t (this feature works the same wa y for UDP ports). In this example, the user identifies the TCP port by number (80 ) when configuring A CL group 1 40. Howe ver , show ip access-lis t 1 [...]
-
Страница 610
568 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Managing ACL comment text 16 The <comment-t ext> can be up t o 128 characters in length. The comment must be ent ered separately fr om the actu al ACL entry; that is , you cannot ent er the ACL entry and the ACL comme nt with the same access-list or ip access-list command. Also, [...]
-
Страница 611
PowerConnect B-Series FCX Configuration Guide 569 53-1002266-01 Applying an ACL to a virtual interfac e in a protocol- or subnet-based VLAN 16 Syntax: show runni ng-config The follo wing example shows the comment t ext f or an ACL in a show access-list display . The output is identical in a show ip access-list display . Syntax: show access-list <[...]
-
Страница 612
570 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Enabling ACL lo gging 16 PowerConnect(config-vif-10)#int ve 20 PowerConnect(config-vif-20)#ip access-group test1 in PowerConnect(config-vif-20)#ip address 10.15.1.10 255.255.255.0 PowerConnect(config-vif-20)#exit PowerConnect(config)#ip access-list extended test1 PowerConnect(config-ex[...]
-
Страница 613
PowerConnect B-Series FCX Configuration Guide 571 53-1002266-01 Enabling ACL logging 16 • A CL logging is intended for debugging purpo ses. Dell recommends that yo u disable A CL logging af ter the debug session is o ver . Configuration Tasks T o enable ACL logging, complete the f ollowing st eps: 1. Create A CL entries with the log option 2. Ena[...]
-
Страница 614
572 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Enabling strict contro l of ACL filtering of fragmented packets 16 Displaying ACL Log Entries The first time an entr y in an ACL permits or denie s a pack et and logging is enabled f or that entr y , the sof tware generates a Syslog m essage and an SNMP trap. Messages f or packets perm[...]
-
Страница 615
PowerConnect B-Series FCX Configuration Guide 573 53-1002266-01 Enabling ACL support for switched traffic in the ro uter image 16 The fragments are f or warded e ven if the first fr agment, which contains th e Layer 4 inf ormation, was denied. Gene rally , denying the first fragme nt of a packet is suffici ent, since a transact ion cannot be com pl[...]
-
Страница 616
574 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Enabling ACL filtering ba sed on VLAN membership or VE port memb ership 16 Y ou can apply an inbound IPv4 ACL to specific VLAN members on a po r t (Lay er 2 devices only) or to specific por ts on a vir tual inter face (VE) (Lay er 3 Devices only). By def ault, this feature suppor t is [...]
-
Страница 617
PowerConnect B-Series FCX Configuration Guide 575 53-1002266-01 Enabling ACL filtering based on VLAN membership or VE port membership 16 PowerConnect(config)#access-list 10 permit PowerConnect(config)#int e 1/23 PowerConnect(config-if-e1000-1/23))#per-vlan 12 PowerConnect(config-if-e1000-1/23-vlan-12))#ip access-group 10 in The commands in this exa[...]
-
Страница 618
576 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Using ACLs to filter ARP packets 16 Specify the <por t> v a ri a b l e i n th e fo l l ow in g fo r m a ts : • Po werConnect B-Series FCX stackable switches – <s tack-unit/slotnum/portnum> Using ACLs to filter ARP packets Y ou can use ACLs to filter ARP packets. Without[...]
-
Страница 619
PowerConnect B-Series FCX Configuration Guide 577 53-1002266-01 Using ACLs to filt er ARP packets 16 PowerConnect(config-ve-2)# exit PowerConnect(config)# interface ve 3 PowerConnect(config-ve-3)# ip access-group 102 in PowerConnect(config-ve-3)# ip follow ve 2 PowerConnect(config-ve-3)# ip use-ACL-on-arp PowerConnect(config-ve-3)# exit PowerConnec[...]
-
Страница 620
578 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Filtering on IP precedence and ToS values 16 Clearing the filter count T o clear the filter c ount for all int er faces on the de vice, enter a command such as the f ollowing. PowerConnect(config)# clear ACL-on-arp The abo ve command resets the filt er count on all inter faces in a de [...]
-
Страница 621
PowerConnect B-Series FCX Configuration Guide 579 53-1002266-01 QoS options for IP ACLs 16 For de tails about the edge por t security feature, re fer to “Using TCP Flags in combination with other ACL fe a t u re s ” on page 1202. QoS options for IP ACLs Quality of Service (QoS) options enable y ou to per form QoS for pack ets that match the ACL[...]
-
Страница 622
580 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 QoS options for IP ACLs 16 PowerConnect(config)#access-list 101 permit ip any any internal-priority-marking 6 The f ollowing command is not supported. PowerConnect(config)#access-list 101 permit ip any any dscp-marking 43 802.1p-priority-marking 4 internal-priority-marking 6 Using an I[...]
-
Страница 623
PowerConnect B-Series FCX Configuration Guide 581 53-1002266-01 QoS options for IP ACLs 16 PowerConnect(config)#acc 105 per tcp any any 802.1p-priority-marking 1 internal-priority-marking 5 Syntax: access-list <num(100-199)> permit tcp an y any 802. 1p-priority-marking <priority value (0-7)> [ internal-priority-marking <value (0-7)&g[...]
-
Страница 624
582 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 ACL-based rate limiting 16 Syntax: ...ds cp-matc hing <0 – 63> NOTE For com plete syntax inf ormation, refer to “Extended numbered A CL syntax” on page 556. ACL-based rate limiting A CL -based rat e limiting pr ovides the f acility t o limit the rat e for IP tr af fic that [...]
-
Страница 625
PowerConnect B-Series FCX Configuration Guide 583 53-1002266-01 Displaying ACL informatio n 16 PowerConnect#show access-list 100 Extended IP access list 100 (hw usage : 2) deny ip any any (hw usage : 1 The first command enables hardw are usage stat istics, and the second command displa ys the hardware usage for IP access l ist 1 00 .4 Syntax: show [...]
-
Страница 626
584 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Policy-b ased rout ing (PBR) 16 Policy-based routing (PBR) Policy-Based Routing (PBR) allows you t o us e A CLs and r oute maps to selectiv ely modify and rout e IP packets in hardw are. The ACLs classify the tr af fic. Rout e maps that match on the ACLs se t routing attribut es for th[...]
-
Страница 627
PowerConnect B-Series FCX Configuration Guide 585 53-1002266-01 Policy-based routing (PBR) 16 Configuring a PBR policy T o configure PBR, you define the policies using IP A CLs and rout e maps, then enable PBR globally or on individual int er faces. The device pr ogra ms the AC Ls into the pack et processor on the interfaces and routes traffic that[...]
-
Страница 628
586 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Policy-b ased rout ing (PBR) 16 The <wildcar d> parameter specifies the mask value to co mpare against the host address specified by th e <source-ip> parameter . Th e <wildcard> is in d otted -d ecim al nota ti on ( IP a ddr ess form at) . It is a f our-part value, wh[...]
-
Страница 629
PowerConnect B-Series FCX Configuration Guide 587 53-1002266-01 Policy-based routing (PBR) 16 The commands in this example configure an entry in a rout e map named “test-r oute”. The match statement matches on IP inf ormation in ACL 99. The set st atement changes the next-hop IP address for pack ets that m atch to 192. 168.2. 1. Syntax: [ no ] [...]
-
Страница 630
588 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Policy-b ased rout ing (PBR) 16 The commands in this exam ple change the CLI to the I n terface lev el for virtual inter face 1, then apply the “test-r oute” ro ute map to the int er face. Y ou can apply a PBR rout e map to Ethernet por ts or vir tual inter faces. Syntax: ip policy[...]
-
Страница 631
PowerConnect B-Series FCX Configuration Guide 589 53-1002266-01 Policy-based routing (PBR) 16 PowerConnect(config)#access-list 50 permit 209.157.23.0 0.0.0.255 PowerConnect(config)#access-list 51 permit 209.157.24.0 0.0.0.255 PowerConnect(config)#access-list 52 permit 209.157.25.0 0.0.0.255 The following commands configure thre e entries in a rout [...]
-
Страница 632
590 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Policy-b ased rout ing (PBR) 16 The following command enables PB R by globally applying the r oute map to all interfaces. PowerConnect(config)#ip policy route-map file-13 Alternatively , you can enable PBR on specific in terfaces, as shown in the follo wing example. The commands in thi[...]
-
Страница 633
PowerConnect B-Series FCX Configuration Guide 591 53-1002266-01 Chapter 17 Configuring Quality of Service Ta b l e 9 3 lists the individu al Dell PowerConnect swit ches and the Quality of Service (QoS) f eatures they support. 8802.1 Classification Quality of Service (QoS) features are used t o priori tize the use of bandwidth in a switch. When QoS [...]
-
Страница 634
592 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Classification 17 • Static MA C address • Lay er 2 Class of Ser vice (CoS) value – This is the 802. 1p priority value in the Etherne t frame. It can be a value fr om 0 through 7 . The 802. 1p pr iority is also called the Clas s of Ser vice. • Lay er 3 Dif ferentiat ed Ser vices[...]
-
Страница 635
PowerConnect B-Series FCX Configuration Guide 593 53-1002266-01 Classification 17 FIGURE 1 12 De termining a packet trust le vel - Pow erConnect B-Series FCX devices Once a packe t is classified, it is mapped t o an internal f or warding queue. There are eight q ueues designated 0 thr ough 7 . The internal f or war ding priority maps to one of thes[...]
-
Страница 636
594 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Classification 17 Mapping between DSCP v alue and forwarding q ueue cannot be changed. Ho wev er , mapping between DSCP values and other properties can be changed as f ollows: TA B L E 9 4 Default QoS mappings, columns 0 to 1 5 D S C P v a l u e 01234567891 0 1 1 1 2 1 2 1 4 1 5 802. 1[...]
-
Страница 637
PowerConnect B-Series FCX Configuration Guide 595 53-1002266-01 QoS for stackable devices 17 • DSCP t o internal forwarding priority mappi ng – Y ou can change the mapping between the DSCP value and the internal f orwarding priori ty value from the default v alues shown in Ta b l e 9 4 through Ta b l e 97 . This mappin g is used f o r CoS marki[...]
-
Страница 638
596 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 QoS queues 17 QoS behavior on port priority and VLAN priority in an IronStack Port priority and VLAN priority hav e a higher pr ecedence than the 802. 1p priority examination. If por t priority is set to 7, all incoming tr af fic is mapped to int ernal hardware q ueue 6. When stacking [...]
-
Страница 639
PowerConnect B-Series FCX Configuration Guide 597 53-1002266-01 Assigning QoS priorities to traffic 17 When you change the priority , you specify a number from 0 thr ough 7 . The priority number specifies the IEEE 802. 1 equivalent t o one of the eight Qo S queues on Dell Pow erConnect devices. The numbers correspond t o the queues as sho wn in Ta [...]
-
Страница 640
598 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 802.1p priority override 17 Buffer allocation/threshold for QoS queues By default, Dell Ironw are sof tware allocates a cer t ain number of buf f ers to the outbound transpor t queue f or each por t based on QoS priority . Th e buffers contr ol the t otal number of packe ts permitted i[...]
-
Страница 641
PowerConnect B-Series FCX Configuration Guide 599 53-1002266-01 Marking 17 Marking Marking is the process o f changing the packet QoS information (the 802. 1p and DSCP information in a packet) f or the next hop. F or example, f or tr af fic coming from a de vice that does not suppor t Differentiated Services (Dif fServ), you can change the packe t [...]
-
Страница 642
600 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring the QoS mappings 17 PowerConnect stackable devices Po werConnect B-Series FCX devices suppo r t DSCP -base d QoS on a per-port basis. DSCP-based QoS is not automatically honored fo r switched traf fic. The default is 802. 1p to CoS mapping. T o honor DSCP-based QoS, ent er [...]
-
Страница 643
PowerConnect B-Series FCX Configuration Guide 601 53-1002266-01 Configuring the QoS mappings 17 1 Y o u can change the DSCP to internal forwarding mappi ngs. Y ou als o can change t he internal forwarding priorit y to hardw are forwar ding queue mappings. Changing the DSCP to internal forwarding priority mappings T o change the DSCP to internal f o[...]
-
Страница 644
602 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring the QoS mappings 17 Changing the VLAN prio rity 802.1p to hardware forwarding queue mappings T o map a VLAN priority to a different har dware f or warding qu eue, enter commands such as the following at the g lobal CONF IG level of the CLI . PowerConnect(config)#qos tagged-[...]
-
Страница 645
PowerConnect B-Series FCX Configuration Guide 603 53-1002266-01 Scheduling 17 The exam ple configuration described below is f or a default, non-jumbo mode. The hardware queues f or WRR mode is calculat ed as follo ws. F ront end queue 3= 75%+7% = 82% F ront end queue 2 = 3%+3% = 6% F ront end queue 1 = 3%+3% = 6% F ront end queue 0 = 3%+3% = 6% The[...]
-
Страница 646
604 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Scheduling 17 NOTE Queue cycles on t he PowerConnect devices are based on b y tes. T hese devices ser vice a given number of byte s (based on weight) in each qu eue cy cle. FES and BI/FI queue cy cles are based on pack ets. The byt es-based scheme is more accurate than a packets- based[...]
-
Страница 647
PowerConnect B-Series FCX Configuration Guide 605 53-1002266-01 Scheduling 17 Selecting the QoS queuing method By default, Dell P owerConnect de vices use the WRR method of packet prioritization. T o change the method to strict priority , enter the f ollowing command at the global CONFIG level of the CLI. PowerConnect(config)#qos mechanism strict T[...]
-
Страница 648
606 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Scheduling 17 When the queuing me thod is weighted round ro bin, the sof tware int e rnally translates the percentages int o weights. The weight associated with each queue controls how man y packets are processed f or the queue at a giv en stage of a cycle thr ough the weighted round r[...]
-
Страница 649
PowerConnect B-Series FCX Configuration Guide 607 53-1002266-01 Scheduling 17 The <percentage> variable specifie s a number for the per centage of the de vice outbound bandwidth that is allocated t o the queue. Dell QoS queues req uire a minimum bandwidth percentage of 3 per cent for each priority . When jumbo frames are enabl ed, the minimum[...]
-
Страница 650
608 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Viewing QoS settings 17 Viewing QoS settings T o display the QoS se ttings for all of the q ueues, enter the sho w q os-profiles command. Syntax: show qos-pr ofiles all | <name> The all parameter displa y s the settings f or all eight queues . The <name> variable displa ys [...]
-
Страница 651
PowerConnect B-Series FCX Configuration Guide 609 53-1002266-01 Viewing DSCP-based QoS settings 17 The show qos-tos command can also be used to display co nfiguration information f or 8 to 4 queue mapping. The f ollowing e xample displays 8 to 4 queue mapping configuration. TA B L E 10 4 DSCP-based QoS config uration information This field... Displ[...]
-
Страница 652
610 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Viewing DSCP-based QoS settings 17 Syntax: show qos-tos The show qos-tos command displa ys the following inf o rmation about 8 to 4 queue mapping. TA B L E 10 5 8 to 4 queue mapping configuration information This field... Displays... Priority-> Hardware Queue Priority and Har dware [...]
-
Страница 653
PowerConnect B-Series FCX Configuration Guide 611 53-1002266-01 Chapter 18 Configuring Traffic Policies Ta b l e 1 0 6 lists the individual Dell Pow erConnect swit ches and the traffic policy features the y suppor t. Traffic policies overview This chapter describes ho w traf fic policies are im plemented and configured in the Po werConnect devices.[...]
-
Страница 654
612 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuration notes a nd feature limitations 18 Configuration notes and feature limitations Note the f ollowing when co nfiguring traf fic policies: • T raf fic policies applies t o IP ACLs only . • The maximum number of supported active TPDs is a system-wide parame ter and depends[...]
-
Страница 655
PowerConnect B-Series FCX Configuration Guide 613 53-1002266-01 ACL-based rate limiting using traffic policies 18 • By default, up t o 1 024 active traffic policies are suppor ted o n La yer 2 switches. This value is fixe d on Lay er 2 switches and cannot be modified. • On Po werConnect B-Series FCX devices, up t o 1 02 4 active traff ic polici[...]
-
Страница 656
614 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 ACL-based rate limiting using traffic policies 18 Y ou can configure A CL -based rate limiti n g on the f ollowing interface types: • Physical Ethernet int er faces • V irt ua l i nt e rf a ce s • Tr u n k p o r t s • Specific VLAN members on a por t (refer to “ Applying an I[...]
-
Страница 657
PowerConnect B-Series FCX Configuration Guide 615 53-1002266-01 ACL-based rate limiting using traffic policies 18 PowerConnect(config)#interface ethernet 5 PowerConnect(config-if-e5)#ip access-group 101 in PowerConnect(config-if-e5)#exit The previous commands configure a fix ed rate limi ting policy tha t allows por t e5 to receive a maximum traffi[...]
-
Страница 658
616 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 ACL-based rate limiting using traffic policies 18 If a por t receives more than the configured bit or byt e rate in a one-second int er val, the por t will either drop or forward subsequent data in hardware, depe nding on the action you specify . T o implement the ACL -based adaptive r[...]
-
Страница 659
PowerConnect B-Series FCX Configuration Guide 617 53-1002266-01 ACL-based rate limiting using traffic policies 18 Use the no f orm of the command to delet e a traf fic policy def in iti on . Note t ha t yo u ca nnot de lete a traf fic policy definition if it is currently in use on a por t. T o delete a traffic policy , first unbind the associated A[...]
-
Страница 660
618 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 ACL-based rate limiting using traffic policies 18 • Drop pack ets that exceed the limit. • Permit pack ets that ex ceed the limit and forward them at the lo west priority lev el. Dropping packets t hat exceed the limit This section shows some example configurations and provides the[...]
-
Страница 661
PowerConnect B-Series FCX Configuration Guide 619 53-1002266-01 ACL statistics and rate limit counting 18 Syntax: [no] traf fic-policy <TPD name> rate-limit adaptive cir <cir value> cbs <cbs value> pir <pir value> pbs <pbs value> ex ceed-action permit-at-low-pri ACL statistics and rate limit counting AC L statistics, a[...]
-
Страница 662
620 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 ACL stati stics and rate limit count ing 18 The sof tware allo ws you to add a ref erence to a no n-exist ent TPD in an ACL stat ement and to bind that A CL to an interface. The sof tware does no t issue a warning or error message f or non-existent TPDs. Use the no f orm of the command[...]
-
Страница 663
PowerConnect B-Series FCX Configuration Guide 621 53-1002266-01 ACL statistics and rate limit counting 18 Syntax: show access-list a ccounting traffic-policy [ <TPD name> ] or Syntax: show statisti cs traffic-policy [ <TPD name> ] The <TPD name> var iab le is the name of the traffic policy definition f or which you w ant to displa[...]
-
Страница 664
622 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Viewing traffic policies 18 or Syntax: clear statisti cs traffic-policy <TPD name> The <TPD name> is t h e n a m e o f t h e t r a f f i c policy definition f or which you want to cl ear traf fic policy counters. Viewing traffic policies T o view traffic policies that are c[...]
-
Страница 665
PowerConnect B-Series FCX Configuration Guide 623 53-1002266-01 Chapter 19 Configuring Base Layer 3 and Enabling Routing Protocols Ta b l e 1 1 1 lists the indi vidual Dell PowerConnect sw itches and the base Lay er 3 features the y suppor t. NOTE Lay er 2 with base Layer 3 images pr ovide static RIP suppor t. The device do es not learn RIP rout es[...]
-
Страница 666
624 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Adding a static ARP entry 19 or Syntax: [ no ] ip rout e <dest-ip-ad dr> / <mask-bits> <ne xt-hop-ip-addr> [ <metric> ] [ tag <num> ] The <dest-ip- addr> is the rout e des tination. The <dest- mask> is the networ k mask for the route destinatio[...]
-
Страница 667
PowerConnect B-Series FCX Configuration Guide 625 53-1002266-01 Modifying and displaying layer 3 system parameter limits 19 Modifying and displaying layer 3 system parameter limits This section shows how t o view and configure some of the Lay er 3 system parameter limits. Configuration notes • Changing the sys tem paramet er s reconfigures the de[...]
-
Страница 668
626 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring RIP 19 The follo wing shows an exampl e output on a IPV6 device. Configuring RIP If you w ant the Dell Pow erConnect device to use RI P , you must enab le the prot ocol globally , then enable RIP on individual ports. When you enable RIP on a por t, you also must specify the[...]
-
Страница 669
PowerConnect B-Series FCX Configuration Guide 627 53-1002266-01 Configuring RIP 19 • Rout e redistribution – Y ou can enable the sof tware to redistribute static ro utes from the IP rout e table into RIP . Redistri bution is disabled by def ault. • Learning of default r outes – The def ault is disabled. • Loop pre vention (split horizon o[...]
-
Страница 670
628 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring RIP 19 When you enable redistribution, all IP static routes are redistributed by def ault. If you want to den y cer tain routes fr om being redistributed into RIP , configure den y filters f or those rout es before y ou enable redistribution. Y ou can configure up to 64 RIP[...]
-
Страница 671
PowerConnect B-Series FCX Configuration Guide 629 53-1002266-01 Other layer 3 protocols 19 T o enable RIP redistribution , enter the f ollowing command. PowerConnect(config-rip-router)#redistribution Syntax: [ no ] redistribution Enabling learning of default routes By default, the software does not learn RIP default ro utes. T o enable learning of [...]
-
Страница 672
630 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Enabling or disabl ing layer 2 switching 19 • IGMP • IP • IP multicast (DVMRP , PIM-SM, PIM-DM) • OSPF • RIPV1 and V2 • VRRP • VRRPE • VSRP IP routing is enabled b y default on devices running La yer 3 code. All other pr otocols are disabled, so you must enable them t o[...]
-
Страница 673
PowerConnect B-Series FCX Configuration Guide 631 53-1002266-01 Enabling or disabling layer 2 switching 19 Syntax: no route-onl y T o disable Layer 2 switching only on a specific interface, go to the Interface configu ration lev el f or that int er face, then disable the f eature. The f ollowing commands show ho w to disable La yer 2 switching on p[...]
-
Страница 674
632 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Enabling or disabl ing layer 2 switching 19[...]
-
Страница 675
PowerConnect B-Series FCX Configuration Guide 633 53-1002266-01 Chapter 20 Configuring Port Mirroring and Monitoring Ta b l e 1 1 2 lists the individual Dell Po werConnect swit ches and the mirroring f e atures they support. The procedures in this chapt er describe how to co nfigure por t mirroring on De ll Pow erConnect devic es. Overview Port mir[...]
-
Страница 676
634 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring port mirroring and monitoring 20 Configuration notes Ref er to the f ollowing rules when conf iguring por t mirroring and monit oring: • Port monitoring and sFlow s upport: • Po werConnect B-Series FCX devices support sF low and port monitoring together on the same por [...]
-
Страница 677
PowerConnect B-Series FCX Configuration Guide 635 53-1002266-01 Configuring port mirroring and monitoring 20 • For ingress A CL mirroring, the previous ingress rule also applies. The analyzer por t setting command acl-mirror-port must be specified for each po r t, e ven though the har dware only suppor ts one por t per device. This applies whe th[...]
-
Страница 678
636 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring port mirroring and monitoring 20 The both , in , and out parameters specify the traffic direction you w ant to mo nitor on the mirr or port. There is no def ault. T o display the port monitoring configuration, enter the show monit or and show mirr or comman ds. Monitoring a[...]
-
Страница 679
PowerConnect B-Series FCX Configuration Guide 637 53-1002266-01 Configuring mirroring on an Ironstack 20 Configuring mirroring on an Ironstack Y ou can configure mirroring on a De ll IronStack. An IronStack consists of up to 8 PowerConnect B-Series FCX de vices. The stack operates as a chassis. Th e following e xamples show how t o configure mirr o[...]
-
Страница 680
638 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 ACL-based inbound mirroring 20 ACL-based inbound mirroring This section describes ACL -based inbound mirroring f or Pow erConnect devices. Creating an ACL-based inbound mi rror clause for PowerConnect B-Series FCX devices The follo wi ng e x ample shows ho w to config ure an ACL -based[...]
-
Страница 681
PowerConnect B-Series FCX Configuration Guide 639 53-1002266-01 VLAN-based mirroring 20 1. Define a mirror port T o activat e mirroring on a por t, use the mirror command in the global configuration mode. Example PowerConnect(config)#mirror e 0/1/14 Configurati on Notes • If there is no input mirror port configured, MAC-Filt er Based Mirroring do[...]
-
Страница 682
640 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 VLAN-based mirroring 20 PowerConnect(config)#mirror-port ethernet 1/1/21 input PowerConnect(config)#vlan 10 PowerConnect(config-VLAN-10)#monitor ethernet 1/1/21 PowerConnect(config)#vlan 20 PowerConnect(config-VLAN-20)#monitor ethernet 1/1/21 PowerConnect(config-VLAN-20)#end Syntax: [ [...]
-
Страница 683
PowerConnect B-Series FCX Configuration Guide 641 53-1002266-01 VLAN-based mirroring 20 Configuration notes The follo wi ng rules apply to VLAN-Based Mirr oring con figurations. • A VLAN must ha ve at least one por t member configured bef ore “monitor” can be configured. • Multiple VLANs can have monitor enabled at the same time, and the ma[...]
-
Страница 684
642 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 VLAN-based mirroring 20[...]
-
Страница 685
PowerConnect B-Series FCX Configuration Guide 643 53-1002266-01 Chapter 21 Configuring Rate Limiti ng and Rate Shaping on PowerConnect B-Series FCX Switches Ta b l e 1 1 4 lists the individual Dell PowerConnect swit ches and the rate limiting and rat e shaping fe atures they suppor t. This chapter describes ho w to configure rat e limi ting and rat[...]
-
Страница 686
644 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Rate limiting in hardware 21 Rate limiting in hardware Each Dell Pow erConnect device suppor ts line-rat e ra t e limiting in hardware. The device creates entries in Cont ent Addressable Memor y (CAM) f or the rate limiting policies. The CAM entries enable the de vice to per f orm the [...]
-
Страница 687
PowerConnect B-Series FCX Configuration Guide 645 53-1002266-01 Rate limiting in hardware 21 Configuration notes • Rate limiting is a vailable only o n inbound por ts. • The rate limit on IPv6 har dware tak es several se conds t o take effect at higher configured rat e limit values. F or example, if the configured rat e limit is 750 Mbps, line-[...]
-
Страница 688
646 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Rate shaping overview 21 Syntax: show rate-limit fix ed The command lists the po r ts on which fixed rate limiting is configured, and provides the information listed in T a bl e 115 fo r e a ch o f t he p o r ts . Rate shaping overview Outbound Rate Shaping is a por t- level f eature t[...]
-
Страница 689
PowerConnect B-Series FCX Configuration Guide 647 53-1002266-01 Rate shaping overview 21 • When outbound rate shaping is enabled on a po rt on an IPv4 device, the port QoS queuing method ( qos mechanism ) will be strict mode. This applie s to IPv4 devices only . On IPv6 devic es, the QoS mechanism is whate ver method is configured on the por t, e[...]
-
Страница 690
648 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Rate shaping overview 21 The abov e commands configure an outbou nd ra te shape r on por t 1/1 4 and por t 1/15. • On Po werConnect B-Series FCX devices, the co nf igured outbound rate shaper (65 1 Kbps) on por t 1/15 is the r ounded to 6 16 Kbps. T he conf igured 1300 Kbps limit on [...]
-
Страница 691
PowerConnect B-Series FCX Configuration Guide 649 53-1002266-01 Chapter 22 Configuring IP Multicast Traffic Reduction for PowerConnect B-Series FCX Switches Ta b l e 1 1 6 lists the individual Dell PowerConnect swit ches and the IP multicast traf fic reduction fe atures they suppor t. IGMP snooping overview When a device processes a multic ast pack[...]
-
Страница 692
650 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 IGMP snooping overview 22 An IGMP de vice is responsible for br oadcasting general queries periodically , and sending group queries when it receives a leave message, t o co nfirm that none of the clients on the por t still want specific traf fic before remo ving the traf fic from the p[...]
-
Страница 693
PowerConnect B-Series FCX Configuration Guide 651 53-1002266-01 IGMP snooping overview 22 The < num > value can be 4, 8, 1 6, or 32. Any other v alue is truncated t o the closest lower ceiling. For e xample, a value of 15 is changed to 8 . The def ault hash chain length is 4. A chain length of more than 4 ma y af fect line rat e switching. NO[...]
-
Страница 694
652 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 IGMP snooping overview 22 The implementat ion allows snoo ping on som e VL ANs or all VLANs. Each VLAN can independently enable or disable IGMP , or configure V2 or V3 . In general, global configuration co mmands ip multicast apply t o every VLAN except those that ha ve local multicast[...]
-
Страница 695
PowerConnect B-Series FCX Configuration Guide 653 53-1002266-01 PIM SM traffic snooping overvie w 22 VLAN specific configuration Y ou can configur e IGMP snooping on som e VL ANs or on all VLANs. Each VLAN can be independently enabled or disabled for IGMP sn ooping, and can be configured f or IGMPv2 or IGMPv3. In general, the ip multicast commands [...]
-
Страница 696
654 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 PIM SM traffic snooping overview 22 FIGURE 1 1 4 PIM SM traffic reduction in an enterprise network NOTE IP address 239. 192.0.0/1 4 must be used for IPv4 Organization Local Scope. When PIM SM traffic snooping is enabled, the de vice star ts list ening for PIM SM join and prune messages[...]
-
Страница 697
PowerConnect B-Series FCX Configuration Guide 655 53-1002266-01 Configuring IGMP snooping 22 Notice that the por ts connect ed to the source an d the receiv ers are all in the same por t-based VLAN on the device. This is req u ired f or the PIM SM snooping feature . The devices on the edge of the Global Ethernet clo ud are configured for IP multica[...]
-
Страница 698
656 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring IGMP snooping 22 Configuring the hardware and software resource limits The syst em suppor ts up to 8K of hardw are-switche d multicast streams. The configurable range is from 2 56 through 8 192 with a default of 5 12. Enter the f ollowing command t o define the maximum numb[...]
-
Страница 699
PowerConnect B-Series FCX Configuration Guide 657 53-1002266-01 Configuring IGMP snooping 22 Modifying the age interval When the device re ceives a group membership report , it makes an entry for that group in the IGMP group table. The age int er val specifies how long th e entry can remain in the table before the de vice receives ano ther group me[...]
-
Страница 700
658 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring IGMP snooping 22 IGMPv2 membership repor ts of the same group fr om dif f erent clients are considered to be the same and are rat e-limited. Use the f ollowing command to alle viate report st orms from many clients answering the upstream rou ter que r y. PowerConnect(config[...]
-
Страница 701
PowerConnect B-Series FCX Configuration Guide 659 53-1002266-01 Configuring IGMP snooping 22 Syntax: [ no ] ip pimsm-snooping NOTE The devic e must be in passive mode bef ore it can be configured f or PIM snooping. Configuring the IGMP mode for a VLAN Y ou can configure a VLAN to use the active or pa ssive IGMP mode. T he default mode is passive. T[...]
-
Страница 702
660 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring IGMP snooping 22 Configuring the IGMP version for the VLAN Y ou can specify the IGMP version f or a VLAN. For exam ple, the following co mmands configure VLAN 20 to use IGMPv3. PowerConnect(config)# vlan 20 PowerConnect(config-vlan-20)# multicast version 3 Syntax: [ no ] mu[...]
-
Страница 703
PowerConnect B-Series FCX Configuration Guide 661 53-1002266-01 Configuring IGMP snooping 22 Configuring static router ports FastIr on Stackable de vices forwar d all multicast control and data pack ets to rout er por ts which receive q ueries. Although rout er por ts are learned, you can f orce multicast traffic to specified ports ev en though the[...]
-
Страница 704
662 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring IGMP snooping 22 Every group on a ph ysical por t keeps its own trac king record. How ever , it can only track group membership; it cannot track by (source, group). F or example, Client A and Clie nt B belong to group1 but each receives traffic streams from different sour c[...]
-
Страница 705
PowerConnect B-Series FCX Configuration Guide 663 53-1002266-01 Displaying IGMP snooping info rmation 22 Displaying IGMP snooping information This section describes the show commands for IGMP snooping. Displaying IGMP erro rs T o display inf ormation about possible IGMP errors, ent er the follo wing commands. PowerConnect# show ip multicast error s[...]
-
Страница 706
664 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Displaying IGMP snooping inform ation 22 Syntax: show ip multicast group [ <group-address> [ detail ] [ trackin g ]] If you want a report f or a specif ic multic ast group, ent er that group's address f or <group-address> . Enter detail t o display the source list of a[...]
-
Страница 707
PowerConnect B-Series FCX Configuration Guide 665 53-1002266-01 Displaying IGMP snooping info rmation 22 Syntax: show ip multicast mcache The f ollowing table describes the output of the show ip multicast m cache command. Displaying PIM sparse snooping information PIM sparse mode snooping allows a device to listen f or join or prune messages exchan[...]
-
Страница 708
666 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Displaying IGMP snooping inform ation 22 Syntax: show ip multicast reso urce The f ollowing table describes the output fr om the show ip mul ticast resource command. Displaying status of IGMP snooping traffic T o display status inf ormation for IGMP snoo ping traffic, enter the f ollow[...]
-
Страница 709
PowerConnect B-Series FCX Configuration Guide 667 53-1002266-01 Displaying IGMP snooping info rmation 22 Displaying IGMP snoopi ng information by VLAN Y ou can display IGMP snooping information f or all VLA Ns or fo r a specif ic VLAN. For e xample, to display IGMP snooping inf ormation for VLAN 70, ent er the follo wing command. Syntax: show ip mu[...]
-
Страница 710
668 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Displaying IGMP snooping inform ation 22 Displaying querier information Y ou can use the show ip multicast vl an command to displa y the querier information for a VLAN. This command displa ys the VLAN interf ace status and if there is any o ther querier present with the lowest IP addre[...]
-
Страница 711
PowerConnect B-Series FCX Configuration Guide 669 53-1002266-01 Displaying IGMP snooping info rmation 22 Passive interface with no other querier present The follo wi ng exam ple shows the output in whic h the VLAN inter face is passive and no other querier is present with the lo west IP address. PowerConnect# show ip multicast vlan 10 Version=2, In[...]
-
Страница 712
670 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Displaying IGMP snooping inform ation 22 This interface is Querier default V2 group: 226.6.6.6, life = 240 group: 228.8.8.8, life = 240 group: 230.0.0.0, life = 240 group: 224.4.4.4, life = 240 2/1/24 has 2 groups, This interface is non-Querier Querier is 5.5.5.5 Age is 0 Max response [...]
-
Страница 713
PowerConnect B-Series FCX Configuration Guide 671 53-1002266-01 Displaying IGMP snooping info rmation 22 This interface is non-Querier (passive) default V2 group: 226.6.6.6, life = 260 group: 228.8.8.8, life = 260 group: 230.0.0.0, life = 260 group: 224.4.4.4, life = 260 2/1/24 has 2 groups, This interface is non-Querier (passive) Querier is 5.5.5.[...]
-
Страница 714
672 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Displaying IGMP snooping inform ation 22 Clear mcache on a specific VLAN T o clear the mcache on a specific VLAN, enter the follo wing command. PowerConnect# clear ip multicast vlan 10 mcache Syntax: clear ip multicast vlan <vlan-id > mcache The <vlan-id> parameter specifie[...]
-
Страница 715
PowerConnect B-Series FCX Configuration Guide 673 53-1002266-01 Chapter 23 Enabling the Foundry Discovery Protocol (FDP) and Reading Cisco Discovery Protocol (CDP) Packets Ta b l e 1 17 lists individual Dell Po werC onnect switches and the disco ver y pro tocols they support. Using FDP The F oundr y Discov er y Prot ocol (FDP) enables Dell P owerCo[...]
-
Страница 716
674 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Using FDP 23 PowerConnect(config)# fdp run Syntax: [ no ] fdp run The f eature is disabled by default. Enabling FDP at th e interface level Y ou can enable FDP at the inter face le vel b y entering commands such as the f ollowing. PowerConnect(config)# int e 2/1 PowerConnect(config-if-[...]
-
Страница 717
PowerConnect B-Series FCX Configuration Guide 675 53-1002266-01 Using FDP 23 T o change the FDP hold time, enter a command such as the f ollowing at the global CONFIG level of the CLI. PowerConnect(config)# fdp holdtime 360 Syntax: [ no ] fdp holdtime <secs> The <secs> paramet er specif ies the number of seconds a Dell P owerConnect dev[...]
-
Страница 718
676 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Using FDP 23 T o display detailed inf orm atio n, enter the follo wi ng command. The show fdp neighbor detail command displays the f oll owing inf ormation. Displaying FDP entries T o display the de tailed neighbor information f or a specific device, enter a c ommand such as the follow[...]
-
Страница 719
PowerConnect B-Series FCX Configuration Guide 677 53-1002266-01 Using FDP 23 Syntax: show fdp entry * | <device-id> The * | <devic e-id> parameter specifies the de vice ID. If y ou enter * , the detailed updates f or all neighbor devices are displayed. If yo u enter a sp ecific device ID, the up date f or that device is display ed. For [...]
-
Страница 720
678 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Reading CDP packets 23 The same commands clear inf ormation for both FDP and CDP . Clearing FDP and CDP neighbor information T o clear the information receiv ed in FDP and CD P updates fro m neighboring devices, ent er the following command. PowerConnect# clear fdp table Syntax: clear [...]
-
Страница 721
PowerConnect B-Series FCX Configuration Guide 679 53-1002266-01 Reading CDP packets 23 Enabling interception of CDP packets on an interface Y ou can disable and enable CDP at the interface lev el. Y ou can enter commands such as the follo wing. PowerConnect(config)# int e 2/1 PowerConnect(config-if-2/1)# cdp enable Syntax: [no ] cdp enable By defau[...]
-
Страница 722
680 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Reading CDP packets 23 Syntax: show fdp neighbors [ detail | ethernet <port> ] Displaying CDP entries T o display CDP entries for all neighbors, enter the f o llowing command. T o display CDP entries f or a specific device, sp ecify the device ID. Here is an e xample. Syntax: sho[...]
-
Страница 723
PowerConnect B-Series FCX Configuration Guide 681 53-1002266-01 Reading CDP packets 23 PowerConnect# show fdp traffic CDP counters: Total packets output: 0, Input: 3 Hdr syntax: 0, Chksum error: 0, Encaps failed: 0 No memory: 0, Invalid packet: 0, Fragmented: 0 Syntax: show fdp traffic Clearing CDP information Y ou can clear the following CDP inf o[...]
-
Страница 724
682 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Reading CDP packets 23[...]
-
Страница 725
PowerConnect B-Series FCX Configuration Guide 683 53-1002266-01 Chapter 24 Configuring LLDP and LLDP-MED Ta b l e 1 2 0 lists the in dividual Dell PowerConnect swit ches and the Link Lay er Discov er y Prot ocol (LLDP) features they suppor t. This chapter describes ho w to configure the f ollowing pr otocols: Link lay er discovery prot ocol (LLDP) [...]
-
Страница 726
684 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Terms used in this chapter 24 The info rmation generated by LL DP and LLDP-MED can be used t o diagnose and troubleshoo t misconfigurations on both sid es of a link. For e x ample, the inf ormation generated can be used to discov er devices with misconfigu red or unreachable IP address[...]
-
Страница 727
PowerConnect B-Series FCX Configuration Guide 685 53-1002266-01 LLDP overview 24 FIGURE 1 15 LLDP connectivity Benefits of LLDP LLDP pro vides the fo llowing benefits: • Network Management: • Simplifies the use of and enhances the ability of network management tools in multi-vend or envir onments • Enables discov er y of accu rate ph ysical n[...]
-
Страница 728
686 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 LLDP-MED overview 24 • Acc ur ate top olo gi es si mpl if y tro ub le s hooting within enterprise networks • Can disco ver devic es with misconfi gured or unreachable IP addresses LLDP-MED overview LLDP-MED is an extension to LLDP . This prot oc ol enables advanced LLDP f eatures i[...]
-
Страница 729
PowerConnect B-Series FCX Configuration Guide 687 53-1002266-01 General operating principles 24 • Aut omatically deploys netw ork policies, such as La yer 2 and La yer 3 QoS polic ies and V oice VLANs. • Suppor ts E-9 11 Emergency Call Services (ECS) for IP t elephony • Collects Endpoint inventory information • Netw ork troubleshoot ing •[...]
-
Страница 730
688 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 General operating princ iples 24 • Receiv e LLDP information only Transmit mode An LLDP agent sends LLDP pack ets to ad jacent LLDP-enabled de vices. The LLDP pack ets contain information about the transm itting device and port. An LLDP agent initiates the transmission of LLDP pa cke[...]
-
Страница 731
PowerConnect B-Series FCX Configuration Guide 689 53-1002266-01 General operating principles 24 TLV support This section lists the LLDP and LLDP-MED TL V suppor t . LLDP TLVs There are tw o types of LLDP TL Vs, as specified in the IEEE 802 .3AB standard: • Basic management TL Vs consist of both optional general sy stem info rmation TL Vs as well [...]
-
Страница 732
690 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 General operating princ iples 24 • Location identification • Extended po wer- via-MDI Mandatory TLVs When an LLDP agent transmits LLD P pack ets to other agents in the same 802 LAN segments, the follo wing mandator y TL Vs are alwa ys included: • Chassis ID • Por t ID • Time [...]
-
Страница 733
PowerConnect B-Series FCX Configuration Guide 691 53-1002266-01 General operating principles 24 Dell Po werConnect devices use por t ID subtype 3, the permanent MA C address associated with the por t. Other thir d par ty devices ma y use a por t ID su btype other than 3. The por t ID appears similar to the f ollowing on the remote de vice, and in t[...]
-
Страница 734
692 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 MIB support 24 FIGURE 1 19 TTL TL V pac ket format MIB support Dell Po werConnect devic es suppor t the fo llowing standard MIB modules: • LLDP-MIB • LLDP-EXT -DO T1-MIB • LLDP-EXT -DO T3-MIB • LLDP-EXT -MED-MIB Syslog messages Syslog messages for LLDP pro vide managem ent appl[...]
-
Страница 735
PowerConnect B-Series FCX Configuration Guide 693 53-1002266-01 Configuring LLDP 24 Configuration notes and considerations • LLDP is suppor ted on Ethernet inter faces only . • If a por t is 802. 1X-enabled, the transmission and reception of LLDP pack ets will only take place while the por t is authorized. • Cisco Disco ver y Prot ocol (CDP) [...]
-
Страница 736
694 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring LLDP 24 Enabling support for tagged LLDP packets By default, D ell PowerConne ct devices do not accept tagged L LDP packets fr om other ve ndors’ devices. T o enable suppor t, apply the command lldp tagged-packets pr ocess at the Global CONFIG lev el of the CLI. When enab[...]
-
Страница 737
PowerConnect B-Series FCX Configuration Guide 695 53-1002266-01 Configuring LLDP 24 NOTE When a por t is configured to both receiv e and tr ansmit LLDP packets and the MED capabilities TL V is enabled, LLDP-MED is enabled as well. LLDP-MED is not enabled if the operat ing mode is set to receive onl y or transmit only . Enabling and disablin g recei[...]
-
Страница 738
696 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring LLDP 24 PowerConnect(config)#no lldp enable receive ports e 2/7 e 2/8 PowerConnect(config)#lldp enable transmit ports e 2/7 e 2/8 The abo ve commands change the LLDP operating mode on por ts 2/7 and 2/8 fr om receive only mode to transmit only mo de. Any incoming LLDP pac k[...]
-
Страница 739
PowerConnect B-Series FCX Configuration Guide 697 53-1002266-01 Configuring LLDP 24 PowerConnect(config)#lldp max-neighbors-per-port 6 Syntax: [ no ] lldp max-neighbors-per-port <value> Use the [no] f orm of the command to remo ve the static configu ration and rev er t to the default val ue o f four . whe re < valu e> is a num be r from[...]
-
Страница 740
698 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring LLDP 24 Syntax: [ no ] lldp snmp-n otification-int er val <second s> where <seconds> is a v alue between 5 and 3600. The default is 5 seco nds. Changing the minimum time between LLDP transmissions The LLDP transmit delay timer limits the number of LLDP frames an[...]
-
Страница 741
PowerConnect B-Series FCX Configuration Guide 699 53-1002266-01 Configuring LLDP 24 Changing the holdtime multiplier for transmit TTL The holdtime multiplier for transmit TTL is used to comp ute the actual time-t o-live (TTL) v alue used in an LLDP frame. The TTL v alue is the length of time the receiving devi ce should maintain the information in [...]
-
Страница 742
700 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring LLDP 24 • System name 802. 1 capabilities: • VLAN name (not aut omatically adver tised) • Untagged VLAN ID 802.3 capabilities: • Link aggregation inf ormation • MAC/PHY configuration and status • Maximum frame size • Po wer-via-MDI inf ormation (not automatica[...]
-
Страница 743
PowerConnect B-Series FCX Configuration Guide 701 53-1002266-01 Configuring LLDP 24 • Other interface For I Pv6 addresses, link-local and an ycast a ddresses will be excluded fr om these searches. If no IP address is configure d on any of the abo ve, the port's current MAC address will be advertised. T o adver tise a IPv4 manage ment address[...]
-
Страница 744
702 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring LLDP 24 Y ou can list all of the port s individually , use the k eywor d to to specify ran ges of por ts, or a combination of both. T o apply the configuration to all por ts on the device, use the ke yword all instead of listing the por ts individu ally . Not e that using t[...]
-
Страница 745
PowerConnect B-Series FCX Configuration Guide 703 53-1002266-01 Configuring LLDP 24 System description The system description is the network entity , which can include information such as the product name or model number , the version of the system hardw are type, the sof tware operating syst em lev el, and the networking software v ersion. The inf[...]
-
Страница 746
704 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring LLDP 24 Y ou can list all of the port s individually , use the k eywor d to to specify ran ges of por ts, or a combination of both. T o apply the configuration to all por ts on the device, use the ke yword all instead of listing the por ts individu ally . Not e that using t[...]
-
Страница 747
PowerConnect B-Series FCX Configuration Guide 705 53-1002266-01 Configuring LLDP 24 Syntax: [ no ] lldp adver tise por t-vlan- id por ts ethern et <port-list> | all For <por t-list> , specify the ports in one of the f ollowing formats: • Po werConnect B-Series FCX stackable switches – <s tack-unit/slotnum/portnum> Y ou can lis[...]
-
Страница 748
706 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring LLDP 24 MAC/PHY configu ration status The MAC/PHY configuration and status TL V includes the follo wing information: • Aut o-negotiation capability and status • Speed and duple x mode • Flow contr ol capabilities for auto-nego tiation • Port speed down-shif t and ma[...]
-
Страница 749
PowerConnect B-Series FCX Configuration Guide 707 53-1002266-01 Configuring LLDP-MED 24 The maximum frame size advertisement will appear similar to the f ollowing on the remote de vice, and in the CLI displa y output on the Dell Pow erConnect device ( sho w ll dp local-info ). Maximum frame size: 1522 octets Syntax: [ no ] lldp adver tise max-frame[...]
-
Страница 750
708 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring LLDP-MED 24 NOTE LLDP-MED is not enabled on ports where the LLDP op erating mode is receiv e only or transmit only . LLDP-MED is enabled on por ts that are configured to both receiv e an d tran smit LLD P packets and hav e the LLDP-MED capabilities TL V enabled. Enabling SN[...]
-
Страница 751
PowerConnect B-Series FCX Configuration Guide 709 53-1002266-01 Configuring LLDP-MED 24 NOTE The LLDP-MED fast star t mechanism is only intend ed to run on links betw een Network Co nnectivity devic es and Endpoint devices. It does not appl y t o links between LAN infrastructure elements, including between Network Connectivity de vices, or to other[...]
-
Страница 752
710 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring LLDP-MED 24 latitude <degrees> is the angular distance north or south from the earth equator measure d through 90 degrees. P ositive numbers indicate a location nor th of the equat or and negative numbers indicat e a location south of the equat or . resolution <bit[...]
-
Страница 753
PowerConnect B-Series FCX Configuration Guide 711 53-1002266-01 Configuring LLDP-MED 24 • Latitude is 4 1.8 788 4 degrees north (or 4 1.8 7884 degrees). • Longitude is 8 7 .63602 degrees west (or 8 7 .63602 degrees). • The latitude and longitude resolution of 18 de scribes a geo-lo cation area that is latitude 4 1.8 7 6 953 1 to latitude 4 1.[...]
-
Страница 754
712 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring LLDP-MED 24 • KR – Korea • US – Unit ed States <CA type> is a v alue from 0 – 255, that describes the civic address elemen t. F or example, a CA type of 2 4 specifies a postal or zip code. V alid elements and their types are listed in Ta b l e 1 2 5 . <va[...]
-
Страница 755
PowerConnect B-Series FCX Configuration Guide 713 53-1002266-01 Configuring LLDP-MED 24 6S t r e e t E x a m p l e s : Canada – Street Germany – Street Japan – Block Korea – Stree t United Stat es – Street 1 6 Leading str eet direction N (nor t h), E (east), S (sout h), W (west), NE, NW, SE, SW 1 7 T rail ing street su ffi x N (nor th), E[...]
-
Страница 756
714 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring LLDP-MED 24 Example civic address lo cation advertisement The Civic address lo cation adver tisemen t will appear similar to the following on the rem ote de vice, and in the CLI displa y output on the Dell Pow erConnect device (sho w lldp local-inf o) . Emergency call servi[...]
-
Страница 757
PowerConnect B-Series FCX Configuration Guide 715 53-1002266-01 Configuring LLDP-MED 24 When you configure a media Endpoint location us ing the eme rgency call ser vices location, you specify the Emergency Location Id entification Number (ELIN) fr om the North America Numberin g Plan format, supplied t o the Public Saf ety Answering P oint (PSA P) [...]
-
Страница 758
716 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring LLDP-MED 24 NOTE Endpoints will adv er tise a po licy as “unknown” in the show lldp neighbor detail command output, if it is a policy that is required by the Endpoint and the Endpo int has not yet receiv ed it. Configuration syntax The CLI syntax f or defining an LLDP-M[...]
-
Страница 759
PowerConnect B-Series FCX Configuration Guide 717 53-1002266-01 LLDP-MED attributes ad vertised by the Dell PowerConnect device 24 • voic e – For use b y dedicated IP t elephony handsets and similar de vices that suppor t interactive v oice ser vices. • voice- signaling – For use in network topologies that requ ire a different policy f or v[...]
-
Страница 760
718 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 LLDP-MED attributes advertised by the Dell PowerConnect device 24 • The device type (Network Connectivity devi ce or Endpoint (Class 1, 2, or 3)) By default, LLDP-MED information is aut oma tically advertised when LLDP-MED is enabled. T o disable this advertisement, enter a command s[...]
-
Страница 761
PowerConnect B-Series FCX Configuration Guide 719 53-1002266-01 LLDP-MED attributes ad vertised by the Dell PowerConnect device 24 Syntax: show lldp The follo wing table describes the information displa yed by the show lldp statistics command . LLDP statistics The show lldp statistics command displays an overview of LL DP neighbor de tection on the[...]
-
Страница 762
720 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 LLDP-MED attributes advertised by the Dell PowerConnect device 24 Syntax: show lldp statistics NOTE Y ou can reset LLDP st atisti cs using the CLI command clear LLDP statistics . Ref er to “Resetting LLDP statistics” on page 725. The follo wing table describes the information displ[...]
-
Страница 763
PowerConnect B-Series FCX Configuration Guide 721 53-1002266-01 LLDP-MED attributes ad vertised by the Dell PowerConnect device 24 LLDP neighbors The show lldp neighbors command displays a list of the current LLDP neighbors per port. The follo wing shows an exam ple repor t. Syntax: show lldp neighbors The follo wing table describes the information[...]
-
Страница 764
722 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 LLDP-MED attributes advertised by the Dell PowerConnect device 24 LLDP neighbors detail The show lldp neighbors detail command displays the LLDP adv er tisements received fr om LLDP neighbors. The follo wing shows an exam ple show lldp neighbors detail repor t. NOTE The show lldp neigh[...]
-
Страница 765
PowerConnect B-Series FCX Configuration Guide 723 53-1002266-01 LLDP-MED attributes ad vertised by the Dell PowerConnect device 24 Syntax: show lldp neighbors detail [ ports ethernet <por t-list> | all ] If you do no t specify any ports or use the ke yword all , by default, the repor t will show the LLDP neighbor details for all por ts. For &[...]
-
Страница 766
724 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 LLDP-MED attributes advertised by the Dell PowerConnect device 24 Application Type : Video Conferencing Policy Flags : Known Policy, Tagged VLAN ID : 100 L2 Priority : 5 DSCP Value : 10 + MED Location ID Data Format: Coordinate-based location Latitude Resolution : 20 bits Latitude Valu[...]
-
Страница 767
PowerConnect B-Series FCX Configuration Guide 725 53-1002266-01 Resetting LLDP statistics 24 • Po werConnect B-Series FCX stackable switches – <s tack-unit/slotnum/portnum> Y ou can list all of the port s individually , use the k eywor d to to specify ran ges of por ts, or a combination of both. T o apply the configuration to all por ts o[...]
-
Страница 768
726 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Clearing cached LLDP neighbor information 24[...]
-
Страница 769
PowerConnect B-Series FCX Configuration Guide 727 53-1002266-01 Chapter 25 Configuring IP Multicast Protocols Ta b l e 1 2 6 lists the in dividual Dell Po werConnect sw itches and the IP multicast f eatures they suppor t. These f eatures are suppor ted in the full Layer 3 sof tware image only . This chapter describes ho w to configure Lay er 3 Swit[...]
-
Страница 770
728 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Overview of IP multicasting 25 IPv4 multicast group addresses In IPv4 Multicast, host gr oups are identified by Class D addresses, i.e., those with “1 11 0” as their higher-order f our bits . In Internet standa rd "d ott ed decimal" notation, these group addresses range f[...]
-
Страница 771
PowerConnect B-Series FCX Configuration Guide 729 53-1002266-01 Changing global IP multicast parameters 25 Suppression of unregistered multicast packets Be default, unregist ered multicast packe ts are al wa ys forwarded in har dware but not copied to the CPU. Howe ver , if La yer 2 multicast (IGMP or MLD) is enabled, then unregistered multicast pa[...]
-
Страница 772
730 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Changing global IP multicast parameters 25 NOTE The number of inter face groups you can configure for D VMRP and PIM is unlimited; therefore, the system-max dvmrp-max-int-group and the syst em-max pim-max-int-group commands that define their maximum table size s hav e been remov ed. Th[...]
-
Страница 773
PowerConnect B-Series FCX Configuration Guide 731 53-1002266-01 Changing global IP multicast parameters 25 NOTE Y ou do not need to relo ad the sof tware f or these changes to tak e effect. Defining the maximum number of DVMRP cache entries The D VMRP cache system parame ter defines th e maximum number of repeat ed DVMRP traffic being sent fr om th[...]
-
Страница 774
732 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Adding an interface to a multicast group 25 NOTE Yo u m u s t e n t e r t h e i p m ulticast-routing command bef ore changing the global IP Multicast paramet ers. Other wise, the changes do no t take eff ect and the sof tware uses the default va lues. Modifying IGMP (V 1 and V2) query [...]
-
Страница 775
PowerConnect B-Series FCX Configuration Guide 733 53-1002266-01 PIM Dense 25 When you manually add an int er face to a multicas t gr oup, the Dell Pow erConnect device f or wards multicast packets for the group but does not itself accept pack ets for the group. Y ou can manually add a multicast group t o individual p o r t s o nl y. I f th e p or t[...]
-
Страница 776
734 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 PIM Dense 25 Initiating PIM multicasts on a network Once PIM is enabled on each r outer , a network us er can begin a video confer ence multicast from the server on R1 as shown in Figure 120 . When a multicast pack et is received on a PIM-capable rout er interface, the interface checks[...]
-
Страница 777
PowerConnect B-Series FCX Configuration Guide 735 53-1002266-01 PIM Dense 25 FIGURE 120 T ransmission of multicast packets fr om the source to host group members ... ... ... 229.225.0.1 Gro u p Member Gro u p Member Video Conferencing Server (207.95.5.1, 229.225.0.1) (So u rce, Gro u p) 229.225.0.1 Gro u p Member Gro u p Member Gro u p Member Gro u[...]
-
Страница 778
736 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 PIM Dense 25 FIGURE 12 1 P runing leaf nodes from a multicast tree Grafts to a multicast Tree A PIM switch resto res pruned branches to a multicast tree b y sending graf t messages tow ards the upstream switch. Graf t messages star t at the leaf node and trav el up the tree, first send[...]
-
Страница 779
PowerConnect B-Series FCX Configuration Guide 737 53-1002266-01 PIM Dense 25 • PIM DM V2 – sends messages to the multicas t address 22 4.0.0.1 3 (ALL -PIM-ROUTERS) with pro tocol number 1 03 The CLI commands f or conf iguring and managing PI M DM are the same f or V1 and V2. The only difference is the command yo u use to enable the pr otocol on[...]
-
Страница 780
738 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 PIM Dense 25 • Entering a no r outer pim command remo ves all configuration f or PIM multicast on a Laye r 3 Switch ( rou te r p im level) only . Globally Enabling and Disabling PIM wi thout Deleting Multicast Confi guration As stated above ent ering a no rout er pim command deletes [...]
-
Страница 781
PowerConnect B-Series FCX Configuration Guide 739 53-1002266-01 PIM Dense 25 T o apply a PIM neighbor timeout val ue of 360 seconds to all ports on the router operati ng with PIM, enter the f ollowing. PowerConnect(config)#router pim PowerConnect(config-pim-router)#nbr-timeout 360 Syntax: nbr-timeout < 60-8000> The default is 180 seconds. Mod[...]
-
Страница 782
740 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 PIM Dense 25 where <time> can be 0 - 3 sec onds. A value of 0 causes the PI M router t o s top traff ic immediately upon receiving a prune message. The default is 3 seconds. Viewing the prune wait time T o view the prune wait time, enter the show ip pim dense command at an y leve[...]
-
Страница 783
PowerConnect B-Series FCX Configuration Guide 741 53-1002266-01 PIM Dense 25 When the Highest IP RPF f eature is enabled, the sele ction of the shor test path back to the source is based on which Rev erse Path Forwardi ng (RPF) neig hbor in the IP routing table has the highest IP address, if the cost of the r outes are the sa me. For e xample, in t[...]
-
Страница 784
742 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 PIM Sparse 25 Configuration notes • If the TTL f or an inter face is greater than 1, PIM pack ets received on the int er face are alwa ys forwar ded in sof tware because each pack et TTL must be e xamined. Therefore, Dell do es not recommend modifying the TTL unde r normal operating [...]
-
Страница 785
PowerConnect B-Series FCX Configuration Guide 743 53-1002266-01 PIM Sparse 25 FIGURE 122 Example of a PIM Sparse domain PIM Sparse switch types Switches that are configur ed with PIM Sparse int er f aces also can be configur ed to fill one or more of the follo wing roles: • PMBR – A PIM switch that has some in ter faces within the PIM domain an[...]
-
Страница 786
744 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 PIM Sparse 25 T o enhance overall netw ork per formance, La yer 3 Switches use the RP t o forward only the first pack et fr om a group source to the gr oup receivers. Af ter the first packet, the La yer 3 Switch calculates the shor t est path between the receiver and source (the S hor [...]
-
Страница 787
PowerConnect B-Series FCX Configuration Guide 745 53-1002266-01 PIM Sparse 25 NOTE Dell recommends that you configure the same Lay er 3 Switch as both the BS R and the RP . Limitations The implementation of PI M Sparse in the current sof tware release has the following limitations: • PIM Borde r Routers (PMBRs) are no t suppor ted. Thus, you cann[...]
-
Страница 788
746 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 PIM Sparse 25 Configuring PIM interface parameters Af ter y ou enable IP multicast routing and PIM Sparse at the gl obal lev el, you must enable it on the individual interfaces connected t o the PIM Sparse networ k . T o do so, use the f ollowing CLI method. T o enable PIM Sparse mode [...]
-
Страница 789
PowerConnect B-Series FCX Configuration Guide 747 53-1002266-01 PIM Sparse 25 • Enter ve <num> f or a v irt ua l i nt e rf a ce . • Enter loopback <num> for a loopb ack interface. The <hash-mask-le ngth> parameter specifies the number of bits in a group address that are significant when calculating the group- to-RP ma pping. Y[...]
-
Страница 790
748 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 PIM Sparse 25 Updating PIM-Sparse forwarding en tri es with new RP configuration If you mak e chan ges to y our stat ic RP configuration, the entries in the PIM-Sparse multicast forwar ding table continue to use the old RP config uration until they are aged out. The clear pim rp-map co[...]
-
Страница 791
PowerConnect B-Series FCX Configuration Guide 749 53-1002266-01 PIM Sparse 25 By default, the device switches from the RP to th e SPT af ter receiving the first packet f or a given PIM Sparse group. T he Layer 3 Switch mainta ins a separate counter f or each PIM Sparse source-gr oup pair . Af ter the La yer 3 Switch receives a pack et for a gi ven [...]
-
Страница 792
750 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 PIM Sparse 25 Displaying PIM Sparse co nfiguration information and statistics Y ou can display the f ollowing PIM Sparse information: • Basic PIM Spars e configuration information • Group inf orm ation • BSR information • Candidate RP information • RP-to-gr oup mappings • R[...]
-
Страница 793
PowerConnect B-Series FCX Configuration Guide 751 53-1002266-01 PIM Sparse 25 Displaying a list of multicast groups T o display a list of the IP multicast groups the Layer 3 Switch is forwarding, ent er t he follo wing command at an y CLI level. Neighbor timeout How man y seconds the Lay er 3 Switch will wait f or a hello message from a neighbor be[...]
-
Страница 794
752 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 PIM Sparse 25 Syntax: show ip pim gr oup This display sho w s the f ollowing information. Displaying BSR information T o display BSR inf ormation, enter the f ollowing command at an y CLI level. This exam pl e show inf ormation displayed on a La ye r 3 Switch that has been elected as t[...]
-
Страница 795
PowerConnect B-Series FCX Configuration Guide 753 53-1002266-01 PIM Sparse 25 Displaying Pim resources T o display the hardw are resource information such as hardware allocation, a vailability , and limit for soft ware data structure, ent er the follo wing command. TA B L E 1 2 9 Output of show ip pim bsr This field... Displays... BSR address or lo[...]
-
Страница 796
754 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 PIM Sparse 25 Syntax: show ip pim resource For each software data structure listed in the output, the f ollowing information is shown. TA B L E 1 3 0 Output of show ip pim resource This field... Displays... alloc Number of nodes of that data that are currently all ocated in memory. in-[...]
-
Страница 797
PowerConnect B-Series FCX Configuration Guide 755 53-1002266-01 PIM Sparse 25 NOTE When the product o f the number of active PIM in t er faces multiplied b y the number of multicast streams ex ceeds the total number of MLL, the CLI displa ys the message, “MLL pool out of memor y”. NOTE The total number of MLL av ail able changes according to th[...]
-
Страница 798
756 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 PIM Sparse 25 1 239.255.163.1 99.99.99.5 2 239.255.163.2 99.99.99.5 3 239.255.163.3 99.99.99.5 4 239.255.162.1 99.99.99.5 5 239.255.162.2 43.43.43.1 6 239.255.162.3 99.99.99.5 Syntax: show ip pim rp-map This display sho w s the f ollowing information. Displaying RP informatio n for a P[...]
-
Страница 799
PowerConnect B-Series FCX Configuration Guide 757 53-1002266-01 PIM Sparse 25 This display sho w s the f ollowing information. Displaying multicast neighbor information T o display information about the Lay er 3 Switch PI M neighbors, enter the following command at any CLI lev el. Syntax: show ip pim nbr This display sho w s the f ollowing informat[...]
-
Страница 800
758 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 PIM Sparse 25 Displaying information about an upstream neighbor device Y ou can view information about the upstream neighb or de vice for a given sour ce IP address for IP Pro tocol Independent Multicast (PIM ). F or PIM, the sof tware uses the IP route table or multicast rout e table [...]
-
Страница 801
PowerConnect B-Series FCX Configuration Guide 759 53-1002266-01 PIM Sparse 25 Displaying the PIM multicast cache T o display the PI M multicast cache, enter the f ollowing command at any CLI le vel. Syntax: show ip pim mc ache This display sho w s the f ollowing information. Fid This field is use d for troubleshooting. Flags This field is used for [...]
-
Страница 802
760 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 PIM Sparse 25 RPT Indicates w hether th e cache entr y uses the RP pa th or the S PT path . The RPT fl ag can have one of the f ollowing values : • 0 – The SPT path is used inst ead of the RP path. • 1– The RP path is used inst ead of the SPT path. NO TE: The values of the RP a[...]
-
Страница 803
PowerConnect B-Series FCX Configuration Guide 761 53-1002266-01 PIM Sparse 25 Displaying PIM traffic statistics T o display PIM traffic statistics , use the follo wing CLI method. Syntax: show ip pim traf fic NOTE I f y o u h a v e c o n f i g u r e d i n t e r f a c e s fo r s t a n d a r d P I M (dense mode) on the La yer 3 Switch, statistics f o[...]
-
Страница 804
762 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 PIM Passive 25 Syntax: show ip pim error This command displays the number o f warnings an d non-zer o PIM errors on the de vice. This count can increase during transition periods such as reboots and topology changes; ho wev er , if the device is stable, the number of errors should not [...]
-
Страница 805
PowerConnect B-Series FCX Configuration Guide 763 53-1002266-01 Passive multicast route insertion 25 Passive multicast route insertion Passiv e Multicast Route Insertion (PMRI) enables a La yer 3 switch running PIM Sparse to create an entr y f or a multicast rout e (e.g., (S,G)), with no d irectly attached clients or when connect ed to another PIM [...]
-
Страница 806
764 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Using ACLs to control mult icast features 25 PowerConnect(config)#int e1 PowerConnect(config-if-1)#ip tunnel 192.3.45.6 NOTE The IP tunnel address represents the configured IP tu nnel address of the destination route r . In the case of Rout er A, its destination rout er is Rout er B. R[...]
-
Страница 807
PowerConnect B-Series FCX Configuration Guide 765 53-1002266-01 Using ACLs to control m ulticast features 25 PowerConnect(config)#router pim PowerConnect(config-pim-router)#bsr-candidate ve 43 32 100 PowerConnect(config-pim-router)#rp-candidate ve 43 PowerConnect(config-pim-router)#rp-address 99.99.99.5 5 T o configure a n RP for multicast groups u[...]
-
Страница 808
766 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Using ACLs to control mult icast features 25 The display sho ws the multicast group addresses co vered by the RP c andidate and th e IP address of the RP f or the listed multicast gr oup. In the exam ple above, y ou see the follo wing: • The first three lines show the multicast gr ou[...]
-
Страница 809
PowerConnect B-Series FCX Configuration Guide 767 53-1002266-01 Disabling CPU processing fo r select multicast groups 25 PowerConnect(config)#router pim PowerConnect(config-pim-router)#bsr-candidate loopback 1 32 100 PowerConnect(config-pim-router)#rp-candidate loopback 1 group-list 5 Syntax: [ no ] rp-candidat e ethernet [ <slotnum>/]<por[...]
-
Страница 810
768 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Disabling CPU processing for select multicast groups 25 CLI command syntax T o disable CPU processing f or selective multicas t gr oups, e nter commands such as t he following. PowerConnect# config t PowerConnect(config)# vlan 5 PowerConnect(config-vlan-5)# disable multicast-to-cpu 224[...]
-
Страница 811
PowerConnect B-Series FCX Configuration Guide 769 53-1002266-01 Displaying the multicast co nfiguration for another multicast router 25 Displaying the multicast configuration for another multicast router The Dell implementation of Mrinf o is based on the DVMRP Int e rnet draf t by T . Pusateri, but applies to PIM and not t o DVMRP . T o display the[...]
-
Страница 812
770 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 IGMP V3 25 IGMP V3 The Internet Group Management Protocol (IGMP) allows an IPV4 int er face to communicat e IP Multicast group members hip information to its neighboring r outers. The routers in turn limit the multicast of IP packets with multicast destination addresses to only those i[...]
-
Страница 813
PowerConnect B-Series FCX Configuration Guide 771 53-1002266-01 IGMP V3 25 Default IGMP version IGMP V3 is a vailable on Dell Po werConnect devi ces; howe ver , the devices are shipped with IGMP V2 enabled . Y ou must enable IGMP V3 gl obally or per inter face. Al so , yo u m us t s p ec if y w ha t ver s io n o f I GM P you wan t to ru n o n a d e[...]
-
Страница 814
772 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 IGMP V3 25 T o specify the IGMP version f o r a vir tual routing inter face on a physical por t, enter a command such as the fo llowing. PowerConnect(config)#interface ve 3 PowerConnect(config-vif-1) ip igmp version 3 Syntax: [ no ] ip igmp version <version-number > Enter 1, 2, o[...]
-
Страница 815
PowerConnect B-Series FCX Configuration Guide 773 53-1002266-01 IGMP V3 25 For e xample, two clients (Client A and Client B) belong to group1 but each is receiving traf fi c streams from different sources. Client A receives a stream from (sour ce_1, group1) and Client B receives it fr om (source_2, gr oup1). The router still w aits for three second[...]
-
Страница 816
774 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 IGMP V3 25 PowerConnect(config)#ip igmp max-response-time 8 Syntax: [ no ] ip igmp max-response-time <num> The <num> parameter specifies the IGMP maximum respon se time in number of seconds. Enter a value fr om 1 throug h 10. The default is 1 0. IGMP V3 and source specific [...]
-
Страница 817
PowerConnect B-Series FCX Configuration Guide 775 53-1002266-01 IGMP V3 25 T o display the status of one IGMP multicast group, enter a command such as the f ollowing. If the tracking and fast lea ve feat ure is enabled , you can display the list of clients that belong to a par ticular group b y entering co mmands such as the f ollowing. Syntax: sho[...]
-
Страница 818
776 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 IGMP V3 25 Displaying the IGMP st atus of an interface Y ou can display the status of a multicast enab led por t by ent ering a command such as the following. NOTE This repor t is a vailable on Lay er 3 Switches. Syntax: show ip igmp interface [ ve | ethernet <nu mber> <group-[...]
-
Страница 819
PowerConnect B-Series FCX Configuration Guide 777 53-1002266-01 IGMP V3 25 Enter ve and its <number> or ethernet and its <number> to display inf ormation for a specific vir tual routing interface or ethernet inter face. Entering an address f or <group-address> displays inf ormation for a specified group on the specified inter face[...]
-
Страница 820
778 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 IGMP Proxy 25 Clearing IGMP statistics T o clear statistics for IGMP traf fic, enter the f ollowing command. PowerConnect#clear igmp traffic Syntax: clear igmp traf fic This command clears all the multicast traf fic information on all int er faces on the device. IGMP Proxy IG MP Prox y[...]
-
Страница 821
PowerConnect B-Series FCX Configuration Guide 779 53-1002266-01 IP multicast protocols and IGMP snooping on the same device 25 • IGMP Pro xy is only suppor ted in a PIM Dense en vironment where there are IGMP clients connected to the De ll PowerConnect device. Th e Dell Pow erConnect device will not send IGMP repor ts on an IGMP proxy interface f[...]
-
Страница 822
780 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 IP multicast protocols and IGMP snooping on the same device 25 If there are two sources f or a single group, where one sour ce sends traf fic into a VLAN with IGMP snooping enabled, while the other so urce sends traffic to a PIM enabled Laye r 3 inter face, a client for t he group in t[...]
-
Страница 823
PowerConnect B-Series FCX Configuration Guide 781 53-1002266-01 IP multicast protocols and IGMP snooping on the same device 25 FIGURE 125 Example 2: IGMP Snooping and PIM F or warding CLI commands The f ollowing are the CLI commands f o r the configuratio n exam ple shown in Figure 12 4 and Figure 125 . 1. On the device, config ure IGMP Snooping on[...]
-
Страница 824
782 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 IP multicast protocols and IGMP snooping on the same device 25 PowerConnect(config-vif-20)#exit PowerConnect(config)#interface e 13 PowerConnect(config-if-e1000-13)#ip address 30.30.30.10/24 PowerConnect(config-if-e1000-13)#ip pim 3. Configure the neighbo ring device. PowerConnect(conf[...]
-
Страница 825
PowerConnect B-Series FCX Configuration Guide 783 53-1002266-01 Chapter 26 Configuring IP Ta b l e 1 4 3 lists the individual Dell Pow erConnect sw itches and the IP features the y suppor t. TA B L E 14 3 Supported IP f eatures Feature PowerConnect B-Series FCX BootP/DHCP relay Y es Specifyi ng which I P address w ill be included in a DHCP/BootP r [...]
-
Страница 826
784 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Basic configuration 26 NOTE The terms L ayer 3 Switch and route r are used inte r changeably in this chapter and mean the same. Basic configuration IP is enabled b y default. Basic configuration consis ts of adding IP addresses fo r Layer 3 Switches, enabling a rout e exchange pr otoco[...]
-
Страница 827
PowerConnect B-Series FCX Configuration Guide 785 53-1002266-01 Overview 26 IP interfaces NOTE This section describes IPv4 addresses. For in f ormation about IPv6 addresses on all other Po werConnect devices, ref er to “IPv6 addressing” on page 198. Lay er 3 Switches and Lay er 2 Switches allow you t o configure IP addresses. On La yer 3 Switch[...]
-
Страница 828
786 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Overview 26 Figure 126 s how s t he fol low in g p ac ket f low : 1. When the La yer 3 Switch receives an I P packet , the L ayer 3 Switch checks for filt ers on the receiving inter face. 1 If a deny filt er on the interface de nies the packe t, the Layer 3 Switch discards the pack et [...]
-
Страница 829
PowerConnect B-Series FCX Configuration Guide 787 53-1002266-01 Overview 26 4. If the IP f or warding cache do es not hav e an entr y for the pack et, the La yer 3 Switch checks the IP rout e table for a r oute to the pac ket destination. If the IP r oute table has a ro ute, the La yer 3 Switch mak es an entr y in the session table or the forwardin[...]
-
Страница 830
788 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Overview 26 The sof tware places an entr y from the static ARP table int o the ARP cache when the entr y interface comes u p. Here is an example of a static ARP entry. Index IP Address MAC Address Port 1 207.95.6.111 0800.093b.d210 1/1 Each entr y lists the in formation you specified w[...]
-
Страница 831
PowerConnect B-Series FCX Configuration Guide 789 53-1002266-01 Overview 26 Each IP rout e table entr y contains the destination IP address and subnet mask and the IP address of the next-ho p router int er face to the destination . Each entr y also indicates the port attached to the destination or the next-hop t o the destination, the rout e IP met[...]
-
Страница 832
790 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Overview 26 NOTE Y ou cannot add static entries to the IP forwar ding cache, although you can increase the number of entries the cache can contain. R efer t o the section “Displa ying and m odifying system parameter default settings” on page 321. Layer 4 session table The Lay er 4 [...]
-
Страница 833
PowerConnect B-Series FCX Configuration Guide 791 53-1002266-01 Basic IP parameters and defaults – Layer 3 Switches 26 NOTE Lay er 2 Switches suppor t IGMP and can f or ward IP multicast pack ets. Re fer to Chapter 22, “Configuring IP Multicast T raf fi c Reductio n f or Pow erConnect B-Series FCX Switches” . IP interface redundancy protocols[...]
-
Страница 834
792 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Basic IP parameters and defaults – Layer 3 Switches 26 • Multicast pro tocols: - Internet Gr oup Membership Prot ocol (IGMP) – refer to “Changing global IP multicast parameters” on page 729 - Pro tocol Independent Multicas t Dense (PIM-DM) – ref er to “PIM Dense” on pag[...]
-
Страница 835
PowerConnect B-Series FCX Configuration Guide 793 53-1002266-01 Basic IP parameters and defaults – Layer 3 Switches 26 TA B L E 14 4 IP global parameters – Layer 3 Switche s Parameter Description Default See page... IP state The Internet Protocol, version 4 Enabled NOTE: Yo u c a n n o t disable IP . n/a IP address and mask notation Format f or[...]
-
Страница 836
794 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Basic IP parameters and defaults – Layer 3 Switches 26 Time to Live (TTL) The maximum number of route r s (hops) thr ough which a packet can pass before being discarded. Each router decreases a packe t TTL by 1 before forwar ding the packet. If decreasing the TTL causes the TTL t o b[...]
-
Страница 837
PowerConnect B-Series FCX Configuration Guide 795 53-1002266-01 Basic IP parameters and defaults – Layer 3 Switches 26 Static RARP entries An IP address you place in the RARP tabl e for RARP requests fr om hosts. NO TE: Y o u must enter the RARP entries manually . The Lay er 3 Switch does not have a mechanism f or learning or dynamicall y generat[...]
-
Страница 838
796 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Basic IP parameters and defaults – Layer 3 Switches 26 IP interface parameters – Layer 3 Switches Ta b l e 1 4 5 lists the inter face-le vel IP parameters f or Layer 3 Switches. TA B L E 14 5 IP in te r f ac e pa r am e te rs – Laye r 3 S w it c he s Parameter Description Default[...]
-
Страница 839
PowerConnect B-Series FCX Configuration Guide 797 53-1002266-01 Basic IP parameters and defaults – Layer 2 Switches 26 Basic IP parameters and defaults – Layer 2 Switches IP is enabled by default. The f ollowing tables list the La yer 2 Switch IP parameters, their default values, and where to find configuration information. NOTE Lay er 2 Switch[...]
-
Страница 840
798 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Basic IP parameters and defaults – Layer 2 Switches 26 TA B L E 14 6 IP global paramet ers – Laye r 2 Switches Parameter Description Default See page... IP address and ma sk notation Format f or display ing an IP address and its netw ork mask info rmation. Y ou can enable one of th[...]
-
Страница 841
PowerConnect B-Series FCX Configuration Guide 799 53-1002266-01 Configuring IP parameters – Layer 3 Switches 26 Interface IP parameters – Layer 2 Switches Ta b l e 1 47 lists the inter face-lev el IP parameters for Lay er 2 Switches. Configuring IP parameters – Layer 3 Switches The follo wing sections describe how t o configure IP parameters.[...]
-
Страница 842
800 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring IP parameters – Layer 3 Switches 26 • V i rtu al r o ut i n g i nt e rf a ce ( a ls o c al le d a Vi rtu al Et he rn et or “V E ”) • Loopback i nter fac e By default, y ou can configure up to 2 4 IP addresses on each interface. Y ou can increase this amount to up [...]
-
Страница 843
PowerConnect B-Series FCX Configuration Guide 801 53-1002266-01 Configuring IP parameters – Layer 3 Switches 26 NOTE The ospf-passive option disables adjacency f ormation bu t does no t disable adver tisement of the interface into OSPF . T o disable ad vertisement in addition to disabl ing adjacency f ormation, you must use the ospf-ignore option[...]
-
Страница 844
802 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring IP parameters – Layer 3 Switches 26 Assigning an IP address to a virtual interface A vir tual interface is a logical por t associated wi th a La yer 3 Vir tual LAN (VLAN) configured on a Lay er 3 Switch. Y ou can configure routing paramet ers on the vir tual interface to [...]
-
Страница 845
PowerConnect B-Series FCX Configuration Guide 803 53-1002266-01 Configuring IP parameters – Layer 3 Switches 26 Configuration l imitations and feature limi tations • When configuring IP Follow , the primar y vir tual r outing inter face should not ha ve A CL or DoS Pro tection configured. It is recommended that yo u create a dummy virtual r out[...]
-
Страница 846
804 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring IP parameters – Layer 3 Switches 26 For e xample, if the domain “ds.compan y .com” is defined on a La yer 2 Switch or La yer 3 Switch and you want t o initiate a ping to “mary”. Y ou need to ref erence only the host name instead of the host name and its domain nam[...]
-
Страница 847
PowerConnect B-Series FCX Configuration Guide 805 53-1002266-01 Configuring IP parameters – Layer 3 Switches 26 Defining DNS server addresses Y ou can configure the Dell Po werConnect device t o recognize up to four DNS servers. The first entry serves as the primar y default address. If a query to the primar y address fails to be resolv ed af ter[...]
-
Страница 848
806 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring IP parameters – Layer 3 Switches 26 NOTE In the previouse xample, 209. 15 7 .22. 199 is the IP address of the domain name ser ver (def ault DNS gate wa y address), and 209. 15 7 .22.80 repres ents the IP address of the NY C02 host. Configuring packet parameters Y ou can c[...]
-
Страница 849
PowerConnect B-Series FCX Configuration Guide 807 53-1002266-01 Configuring IP parameters – Layer 3 Switches 26 Changing the Maximum Transmission Unit (MTU) The Maximum T ransmiss ion Unit (MTU) is the maximum length of IP packet that a La yer 2 pack et can contain. IP packets that are longer than th e MT U are fragmented and sent in multiple La [...]
-
Страница 850
808 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring IP parameters – Layer 3 Switches 26 Y ou can increa se the MTU size to accommodat e j umbo pack et sizes u p to up to 1 0,232 byt es in an IronStack. De vices that are not par t of an Ir onStack suppor t up to 10 ,2 40 bytes. T o globally enable jumbo support on all ports[...]
-
Страница 851
PowerConnect B-Series FCX Configuration Guide 809 53-1002266-01 Configuring IP parameters – Layer 3 Switches 26 Path MTU discovery (RFC 1191) support When the Dell Po werConnect device rece ives an IP pa ck et that has its Do not F ragment (DF) bit set, and the pack et size is greater than the MTU v alue of the outbound inte r face, then the Dell[...]
-
Страница 852
810 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring IP parameters – Layer 3 Switches 26 NOTE Y ou can specify an IP address used f or an interface on the La yer 3 Switch, but do not specify an IP address in use by ano ther device. Configuring ARP parameters Address R esolution Proto col (ARP) is a standard IP pr otocol tha[...]
-
Страница 853
PowerConnect B-Series FCX Configuration Guide 811 53-1002266-01 Configuring IP parameters – Layer 3 Switches 26 • If the ARP cache does not contain an entr y for the destination IP address, the La yer 3 Switch br oadcasts an ARP r equest out all its IP inte r fac es. The ARP req uest contains the IP address of the destination. If the device wit[...]
-
Страница 854
812 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring IP parameters – Layer 3 Switches 26 NOTE If you w ant to change a previously configure d th e ARP rate limiting policy , you must remove the previ ously configured po licy using the no rate-limit-arp <num> command before ent ering the new policy . Changing the ARP a[...]
-
Страница 855
PowerConnect B-Series FCX Configuration Guide 813 53-1002266-01 Configuring IP parameters – Layer 3 Switches 26 Pro xy ARP is disabled by default on La yer 3 Swit c hes. This feature is not suppor ted on La yer 2 Switches. Y ou can enable proxy ARP at the Int er face le vel, as well as at the Global CONFIG level, of the CLI. NOTE Configuring pro [...]
-
Страница 856
814 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring IP parameters – Layer 3 Switches 26 PowerConnect(config)# interface ethernet 4 PowerConnect(config-if-e1000-4)# ip local-proxy-arp Syntax: [ no ] ip local-pr oxy-arp Use the no f orm of the command to disable Local Proxy ARP . Creating static ARP entries Lay er 3 Switches[...]
-
Страница 857
PowerConnect B-Series FCX Configuration Guide 815 53-1002266-01 Configuring IP parameters – Layer 3 Switches 26 T o increase the maximum number of static AR P table entries you can configure on a La yer 3 Switch, enter commands such as the f ollowin g at the global CONFIG le vel of the CLI. PowerConnect(config)# system-max ip-static-arp 1000 Powe[...]
-
Страница 858
816 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring IP parameters – Layer 3 Switches 26 NOTE A less common type, the all-subnets broadcast, goes to all directly -attached subnets. Forwarding f or this broadcast type also is suppor ted, but most ne tw orks use IP multicasting instead of all-subnet broadcasting. Forwarding f[...]
-
Страница 859
PowerConnect B-Series FCX Configuration Guide 817 53-1002266-01 Configuring IP parameters – Layer 3 Switches 26 PowerConnect(config)# ip source-route Enabling support for zero- based IP subnet broadcasts By default, the Lay er 3 Switch treats IP packets with all ones in the host por tion of the address as IP broadcast pack ets. For ex ample, the [...]
-
Страница 860
818 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring IP parameters – Layer 3 Switches 26 Disabling replies to broadcast ping requests By default, Dell PowerConnect de vices are enabl ed t o respond to br oadcast ICMP echo pack ets, which are ping requ ests. T o disable response to bro adcast ICMP echo pack ets (ping req ues[...]
-
Страница 861
PowerConnect B-Series FCX Configuration Guide 819 53-1002266-01 Configuring IP parameters – Layer 3 Switches 26 • The administration parameter disables ICMP Unreachabl e (caused by A dministration action) messages. • The fragmentation-needed paramet er disables ICMP F ragmentation-Needed But Do not-F ragment Bit Set messages. • The host par[...]
-
Страница 862
820 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring IP parameters – Layer 3 Switches 26 • RIP – If RIP is enabled, the L ayer 3 Switch ca n learn about rout es from the adv er tisements other RIP rout ers send to the Layer 3 Switch. If the r o ute has a lower administrativ e distance than an y other routes fr om dif fe[...]
-
Страница 863
PowerConnect B-Series FCX Configuration Guide 821 53-1002266-01 Configuring IP parameters – Layer 3 Switches 26 • The administrative distance f or the rout e – The value that the La yer 3 Switch uses to compare this rout e with routes fr om other route sour ces to the same destination before placing a rout e in the IP rout e table. This param[...]
-
Страница 864
822 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring IP parameters – Layer 3 Switches 26 PowerConnect(config)# ip route 207.95.7.0/24 207.95.6.157 When you configure a static IP r oute, you spec ify the destination address for the r oute and the next-hop gat ewa y or Lay er 3 Switch interface through which the La yer 3 Swit[...]
-
Страница 865
PowerConnect B-Series FCX Configuration Guide 823 53-1002266-01 Configuring IP parameters – Layer 3 Switches 26 If you do no t want to specify a ne xt-hop IP address, you can inst ead specify a por t or interface number on the La yer 3 Switch. The <nu m> parameter is a virtual inter face number . If y ou instead specify an Ethernet por t, t[...]
-
Страница 866
824 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring IP parameters – Layer 3 Switches 26 The <ip-addr> paramet er specifies the network or host address. The La yer 3 Switch will dr op pack ets that contain this address in the de stination field inst ead of f or warding them. The <ip-mask> parameter specifies the[...]
-
Страница 867
PowerConnect B-Series FCX Configuration Guide 825 53-1002266-01 Configuring IP parameters – Layer 3 Switches 26 The commands in the pre vious example configure tw o static IP rout es. The rout es go to different next-hop gat ewa ys but ha ve the same metrics. Th ese commands use the default metric value ( 1), so the metric is not specif ied. Thes[...]
-
Страница 868
826 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring IP parameters – Layer 3 Switches 26 Figure 129 shows an example of two static r outes conf igured f or the same destination network. In this exam ple, one of the rout es is a standard stat ic route and has a metric of 1 . The other static rout e is a null rout e and has a[...]
-
Страница 869
PowerConnect B-Series FCX Configuration Guide 827 53-1002266-01 Configuring IP parameters – Layer 3 Switches 26 FIGURE 13 0 Standard and inte r face routes t o the same destination network T o configure a standard static IP r oute and a null r o ute t o the sa me network as shown in Figure 129 on page 826, ent er commands such as the following. P[...]
-
Страница 870
828 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring IP parameters – Layer 3 Switches 26 Configuring a default network route The La yer 3 Switch enables yo u to specify a candidat e default r oute without the need t o specify the next hop gat ewa y . If the IP r oute table does not contain an e xplicit default r oute (for e[...]
-
Страница 871
PowerConnect B-Series FCX Configuration Guide 829 53-1002266-01 Configuring IP parameters – Layer 3 Switches 26 T o verify that the route is in the route table, enter the follo wing command at an y level of the CLI . This ex ample shows two r outes. Bo th of the rout es are directly attached, as indicated in the T ype column. How ever , one of th[...]
-
Страница 872
830 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring IP parameters – Layer 3 Switches 26 • Routes learned thr oug h BGP4 Administrati ve distance The administrative distance is a unique value associated with each type (source) of IP r oute. Each path has an administrative distan ce. The administrative distance is not used[...]
-
Страница 873
PowerConnect B-Series FCX Configuration Guide 831 53-1002266-01 Configuring IP parameters – Layer 3 Switches 26 The source of a path cost value de pends on the sour ce of the path: • IP static rout e – The value y ou assign to the metric parameter when you configure the route. The default metric is 1. Ref er to “Configuring load balancing a[...]
-
Страница 874
832 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring IP parameters – Layer 3 Switches 26 • If the IP f or warding sharing cache c ontains a forwarding entry for the destination, the de vice uses the entry to forwar d the traf fic. • If the IP load f orwarding cache does not c ont ain a forwarding entry for the destinati[...]
-
Страница 875
PowerConnect B-Series FCX Configuration Guide 833 53-1002266-01 Configuring IP parameters – Layer 3 Switches 26 • If you lea ve the f eature disabled globally but en able it on individual por ts, you also can configure the IRDP parame ters on an individual port basis. NOTE Y ou can configure IRDP parameters only an indi vidual por t basis . T o[...]
-
Страница 876
834 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring IP parameters – Layer 3 Switches 26 Enabling IRDP on an individual port T o enable IRDP on an individual int er face and change IRDP paramet ers, enter commands such as the fo llowing. PowerConnect(config)# interface ethernet 1/3 PowerConnect(config-if-1/3)# ip irdp maxad[...]
-
Страница 877
PowerConnect B-Series FCX Configuration Guide 835 53-1002266-01 Configuring IP parameters – Layer 3 Switches 26 RARP is enabled by def ault. Howe ver , you must create a RARP entry for each host that will use the Lay er 3 Switch for booting. A RARP entry con sists of the follo wing information: • The entr y number – the entr y sequ ence numbe[...]
-
Страница 878
836 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring IP parameters – Layer 3 Switches 26 Creating static RARP entries Y ou must configure the RARP entries for the RARP table. The La yer 3 Switch can send an IP address in reply to a client RARP request on ly if creat e a RARP entr y for that client. T o assign a static IP RA[...]
-
Страница 879
PowerConnect B-Series FCX Configuration Guide 837 53-1002266-01 Configuring IP parameters – Layer 3 Switches 26 • Configure a helper adders on the int er face connected to the clients. Specify the helper address to be the IP add ress of the application ser ver o r the subnet directed br oadcast address for the IP subnet the ser ver is in. A hel[...]
-
Страница 880
838 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring IP parameters – Layer 3 Switches 26 Syntax: [ no ] ip forward-pr otocol udp <udp-port-name> | <udp-por t-num> The <udp-por t-name> paramet er ca n hav e one of the f ollowing values. For ref erence, the corresponding por t numbers from RFC 1340 are sho w[...]
-
Страница 881
PowerConnect B-Series FCX Configuration Guide 839 53-1002266-01 Configuring IP parameters – Layer 3 Switches 26 Syntax: ip helper-address <nu m> <ip-addr> The <num> parameter specifies the helper addre ss number and can be from 1 thr ough 16 . The <ip-addr> command specifies the server IP address or the subnet di rected br[...]
-
Страница 882
840 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring IP parameters – Layer 3 Switches 26 Configuring an IP helper address The procedure f or configuring a helper address f or BootP/DHCP requests is the same as the procedure f or configuring a helper address fo r o ther types of UDP broadcasts. R efer to “Configuring an IP[...]
-
Страница 883
PowerConnect B-Series FCX Configuration Guide 841 53-1002266-01 Configuring IP parameters – Layer 3 Switches 26 NOTE The BootP/DHCP hop count is not the TTL param eter . T o modify the maximum number of Boo tP/ DHCP hops, enter the f ollowing command. PowerConnect(config)# bootp-relay-max-hops 10 This command allows the Layer 3 Switch t o fo rwar[...]
-
Страница 884
842 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring IP parameters – Layer 3 Switches 26 • For DHCP client hitless suppo r t in an IronStack, the stack mac comm and must be used to configure the Ir onStack MAC address, so that the MA C address does not change in the event of a switchover or failover . If stack mac is not [...]
-
Страница 885
PowerConnect B-Series FCX Configuration Guide 843 53-1002266-01 Configuring IP parameters – Layer 3 Switches 26 FIGURE 13 1 DHCP Server configuration flo w char t Cl ass ify incoming me ssa ge DHCP en a bled? Ye s No previo us a lloc a tion in DB for thi s ho s t? No Ye s U s e RX P or tn u m, Ci a ddr field, a nd Gi a ddr field to s elect proper[...]
-
Страница 886
844 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring IP parameters – Layer 3 Switches 26 Configuring DHCP Server on a device Perform the f ollowing st eps to configure the DHCP Server f eature on your P owerConnect de vice. 1. Enable DHCP Ser ver b y entering a command similar t o the follo wing. PowerConnect(config)# ip dh[...]
-
Страница 887
PowerConnect B-Series FCX Configuration Guide 845 53-1002266-01 Configuring IP parameters – Layer 3 Switches 26 Default DHCP server settings Ta b l e 1 5 1 shows the default DHCP server settings. DHCP server CLI commands This section describes the CLI commands that are a vailable in the DHCP Server f eature. TA B L E 151 DHCP server default setti[...]
-
Страница 888
846 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring IP parameters – Layer 3 Switches 26 TA B L E 15 3 DHCP Ser ver CLI co mmands Command Description ip dhcp-server arp-pin g-timeout <#> Specifies the time (in se conds) the ser ver will w ait for a response t o an arp-ping pack et bef ore deleting the client fr om the[...]
-
Страница 889
PowerConnect B-Series FCX Configuration Guide 847 53-1002266-01 Configuring IP parameters – Layer 3 Switches 26 Removing DHCP leases The clear ip dhcp-server binding command can be used to dele te a specific lease, or all le ase entries from the lease binding database. PowerConnect(config)# clear ip dhcp-server binding * Syntax: clear ip dhcp-ser[...]
-
Страница 890
848 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring IP parameters – Layer 3 Switches 26 Setting the wait time for ARP-ping response At startup, the ser ver reconciles the lease-bindin g database by sending an ARP-p ing packet out to ev er y client. If there is no respon se to the ARP-ping pac ket within a set amoun t of ti[...]
-
Страница 891
PowerConnect B-Series FCX Configuration Guide 849 53-1002266-01 Configuring IP parameters – Layer 3 Switches 26 • < address > - The IP address of the DHCP server This command assigns an IP address t o the selected DHCP server . Configure the boot image The bootf ile command specifies a boot image name to be used b y the DHCP client. Power[...]
-
Страница 892
850 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring IP parameters – Layer 3 Switches 26 Specify addresses to excl ude from the address pool The e xcluded-address command specifies either a single address, or a range of addresses that are to be e xcluded fr om the address pool. PowerConnect(config-dhcp-cabo)# excluded-addre[...]
-
Страница 893
PowerConnect B-Series FCX Configuration Guide 851 53-1002266-01 Configuring IP parameters – Layer 3 Switches 26 Displaying DHCP server informat ion The follo wi ng DHCP show commands ma y be entered fr om any lev el of the CLI. Display active lease entries The show ip dhcp-ser ver binding command disp lays a specific active lease, or all active l[...]
-
Страница 894
852 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring IP parameters – Layer 3 Switches 26 netbios-name-server: 192.168.1.101 network: 192.168.1.0 255.255.255.0 next-bootstrap-server: 192.168.1.102 tftp-server: 192.168.1.103 Syntax: show ip dhcp-server address-pool [ s ] [< name >] • address-pool [ s ] - If y ou enter[...]
-
Страница 895
PowerConnect B-Series FCX Configuration Guide 853 53-1002266-01 Configuring IP parameters – Layer 3 Switches 26 Display summary DHCP server information The show ip dhcp-ser ver summary command displays inf ormation about activ e leases, deployed address-pools, undeploy ed address-pools, and server uptime. PowerConnect# show ip dhcp-server summary[...]
-
Страница 896
854 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring IP parameters – Layer 3 Switches 26 DHCP Client-Based Auto -Configuration and Flash image update NOTE The DHCP Client-Based Au to-Configuration and Flash image updat e are platform independent and hav e no dif ferences in behavior or configuration across all platf orms. D[...]
-
Страница 897
PowerConnect B-Series FCX Configuration Guide 855 53-1002266-01 Configuring IP parameters – Layer 3 Switches 26 2. If au to-update is enabled, the TFTP flash image is do wnloaded and updated. The de vice compares the filename of the req uested flash image with the image stored in flash. If the filenames are different, then the de vice will downlo[...]
-
Страница 898
856 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring IP parameters – Layer 3 Switches 26 The following configuration rule s apply to flash image update: • T o enable flash image update ( ip dhcp-client auto-updat e enable command), also enable auto-configuration ( ip dhcp-client enable command). • The image filename t o[...]
-
Страница 899
PowerConnect B-Series FCX Configuration Guide 857 53-1002266-01 Configuring IP parameters – Layer 3 Switches 26 FIGURE 13 3 The DHCP C lient-Based Aut o-Configurati on steps The IP address validation and lease nego tiation step 1. At boot-up, the device automatically chec ks its configuration for an IP address. 2. If the de vice does not ha ve a [...]
-
Страница 900
858 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring IP parameters – Layer 3 Switches 26 3. If the de vice has a dynami c address, the de vice asks the DHCP ser ver t o validate that address. If the server does not respo n d, the de vice will continue to use the e xisting address until the lease expir es. If the ser ver res[...]
-
Страница 901
PowerConnect B-Series FCX Configuration Guide 859 53-1002266-01 Configuring IP parameters – Layer 3 Switches 26 The TFTP configuration do wnload and update step NOTE This pro cess only occurs when the client de vice reboots, or when Auto-Configuration has bee n disabled and then re-enabled. 1. When the device reboo ts, or the Aut o-Confi guration[...]
-
Страница 902
860 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring IP parameters – Layer 3 Switches 26 Configuration notes • When using DHCP on a r outer , if you ha ve a DH CP address f or one interface, and yo u want to connect to the DHCP server fr om another inte r face, you must disable DHCP on the first interface, then enable DHC[...]
-
Страница 903
PowerConnect B-Series FCX Configuration Guide 861 53-1002266-01 Configuring IP parameters – Layer 3 Switches 26 The follo wing example shows output fr om the show ip address command for a La yer 2 device. The follo win g example shows output fr om the show ip address command f or a base Lay er 3 device. The follo wing example shows a La yer 2 de [...]
-
Страница 904
862 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring IP parameters – Layer 2 Switches 26 DHCP Log messages The following DHCP notification m e ssages are sent to the log file. 2d01h48m21s:I: DHCPC: existing ip address found, no further action needed by DHCPC 2d01h48m21s:I: DHCPC: Starting DHCP Client service 2d01h48m21s:I: [...]
-
Страница 905
PowerConnect B-Series FCX Configuration Guide 863 53-1002266-01 Configuring IP parameters – Layer 2 Switches 26 Configuring the management IP address and specifying the default gateway T o manage a La yer 2 Switch using T elnet or Secure Shell (SSH) CLI connections or the W eb Management Interface, you must configure an IP ad dress for the La yer[...]
-
Страница 906
864 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring IP parameters – Layer 2 Switches 26 For e xample, if the domain “newyork.com” is defin e d o n a Laye r 2 Sw itc h o r L ayer 3 Sw it ch an d you wa n t to i n i t i a te a p i n g to h o s t “ N YC01 ” o n t h at d o m a i n , yo u n e e d to r e fe r e n c e o n[...]
-
Страница 907
PowerConnect B-Series FCX Configuration Guide 865 53-1002266-01 Configuring IP parameters – Layer 2 Switches 26 NOTE In the previous e xample, 209. 15 7 .22. 199 is the IP address of the domain name server (default DNS gate wa y address), and 209. 15 7 .22.80 repres ents the IP address of the NY C02 host. FIGURE 13 4 Quer ying a Host on the newyo[...]
-
Страница 908
866 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring IP parameters – Layer 2 Switches 26 By allowing multiple subnet DHCP request s to be sent on the same wire, you can reduce the number of rout er por ts required to support secondary addressing as well as reduce the number of DHCP servers required, b y allowing a server to[...]
-
Страница 909
PowerConnect B-Series FCX Configuration Guide 867 53-1002266-01 Configuring IP parameters – Layer 2 Switches 26 How DHCP Assist works Upon initiation of a DHCP session, the client sends out a DHCP discovery packet for an address from the DHCP ser ver as seen in Figure 136 . When the DHCP disco ver y pack et is received at a Lay er 2 Switch with t[...]
-
Страница 910
868 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring IP parameters – Layer 2 Switches 26 NOTE The DHCP relay function of the conne cting router must be turned on. FIGURE 13 7 DHCP of fe rs are for war ded b ack toward th e req ues tors NOTE When DHCP Assist is enabled on any po r t, La yer 2 br oadcast pack ets are forwarde[...]
-
Страница 911
PowerConnect B-Series FCX Configuration Guide 869 53-1002266-01 Displaying IP configuratio n information and s tatistics 26 Up t o eight addresses can be defined for each gatew ay list in support of por ts that are multi-homed. When multiple IP addresses are configured f or a gatew ay list, the La yer 2 Switch inser ts the addresses into the disco [...]
-
Страница 912
870 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Displaying IP configuratio n information and s tatistics 26 • IP interfaces – refer t o “Displaying IP int er face information” on page 8 73. • ARP entries – ref er to “Displaying ARP entries” on page 8 7 4. • Static ARP entries – refer t o “Dis playing ARP entrie[...]
-
Страница 913
PowerConnect B-Series FCX Configuration Guide 871 53-1002266-01 Displaying IP configuratio n information and s tatistics 26 TA B L E 15 9 CLI display of global IP configuration inf orm ation – Lay er 3 Switch This field... Displays... Global settings ttl The Time- T o-Live (TTL) f or IP pack ets. The TTL specifies the maximum number of rout er ho[...]
-
Страница 914
872 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Displaying IP configuratio n information and s tatistics 26 Displaying CPU uti lization statistics Y ou can displa y CP U utilization statistics for IP pro tocols using the show process cpu command. The show process cpu co mmand includes CPU utilization statistics for A CL, 802. 1x, an[...]
-
Страница 915
PowerConnect B-Series FCX Configuration Guide 873 53-1002266-01 Displaying IP configuratio n information and s tatistics 26 T o display utilization statistics for a specific number of seconds, enter a command such as the following. When you specify ho w many seconds’ worth of statistics you want to displa y , the sof tware selects the sample that[...]
-
Страница 916
874 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Displaying IP configuratio n information and s tatistics 26 T o display detailed IP information for a specific inter face, enter a command such as the following. Displaying ARP entries Y ou can display the ARP cache and the static AR P table. The ARP cache contains entries for devic es[...]
-
Страница 917
PowerConnect B-Series FCX Configuration Guide 875 53-1002266-01 Displaying IP configuratio n information and s tatistics 26 The mac-address <xxxx.xxxx. xxxx> parameter lets you restrict the displa y to entries f or a specific MA C address. The <mask> parameter lets you specify a mask f o r the mac-address <xxx x.xxxx.xxxx> pa ra m[...]
-
Страница 918
876 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Displaying IP configuratio n information and s tatistics 26 Displaying the static ARP table T o display the static ARP table instead of the AR P cache, enter the f ollowing co mmand at any CLI lev el . This exam ple shows two static entries. Note that because you specify an entry index[...]
-
Страница 919
PowerConnect B-Series FCX Configuration Guide 877 53-1002266-01 Displaying IP configuratio n information and s tatistics 26 Displaying the forwarding cache T o display the I P forwarding cache, enter the fo llowing command at an y CLI level. Syntax: show ip cache [ <ip-addr > ] | [ <num> ] The <ip-addr> parameter displa ys the cac[...]
-
Страница 920
878 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Displaying IP configuratio n information and s tatistics 26 Displaying the IP route table T o display the IP route table, ent er the following command at any CLI le vel. Syntax: show ip rout e [ <ip-addr> [ <ip-mask> ] [ longer ] [ none-bgp ]] | <num> | bgp | direct |[...]
-
Страница 921
PowerConnect B-Series FCX Configuration Guide 879 53-1002266-01 Displaying IP configuratio n information and s tatistics 26 The bgp option displays the BGP4 routes. The direct option displa ys only the IP rout es that are direct ly attached to the Layer 3 Switch. The ospf option displays the OS PF rout es. The rip option displays the RIP r outes. T[...]
-
Страница 922
880 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Displaying IP configuratio n information and s tatistics 26 Example Syntax: show ip rout e summar y In this ex ample, the IP rout e table contains 35 en tries. Of these entries, 6 are directly co nnected devic es, 28 are static rout es, and 1 rout e was calculated thr ough OSPF . One o[...]
-
Страница 923
PowerConnect B-Series FCX Configuration Guide 881 53-1002266-01 Displaying IP configuratio n information and s tatistics 26 T o clear rout e 209. 15 7 .22.0/2 4 from the IP r outing table, enter the f ollowing command. PowerConnect# clear ip route 209.157.22.0/24 Syntax: clear ip route [ <ip-addr> <ip-mask> ] or Syntax: clear ip route [[...]
-
Страница 924
882 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Displaying IP configuratio n information and s tatistics 26 fragment ed The total number of IP pack ets fragmented b y this device t o accommodate the MTU of this device or of anot her device. reassemble d The total number o f fragmented IP p ackets that this d evice re-assembled . bad[...]
-
Страница 925
PowerConnect B-Series FCX Configuration Guide 883 53-1002266-01 Displaying IP configuratio n information and s tatistics 26 Displaying IP information – Layer 2 Switches Y ou can display the fo llowing IP configurat ion information statistics on La yer 2 Switches: passive opens The number of TCP connectio ns opened by this devi ce in response to c[...]
-
Страница 926
884 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Displaying IP configuratio n information and s tatistics 26 • Global IP settings – refer t o “Displaying global IP configuration information” on page 884. • ARP entries – ref er to “Displaying ARP entries” on page 884. • IP traffic statistics – refer t o “Displayi[...]
-
Страница 927
PowerConnect B-Series FCX Configuration Guide 885 53-1002266-01 Displaying IP configuratio n information and s tatistics 26 Syntax: show arp This display sho w s the f ollowing information. Displaying IP tr affic statistics T o display IP traf fic statistics on a Lay er 2 Sw itch, en ter the following command at an y CLI level. Syntax: show ip traf[...]
-
Страница 928
886 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Displaying IP configuratio n information and s tatistics 26 The show ip traf fic command displays the f oll owing inf ormation. TA B L E 16 8 CLI displa y of IP traf fic statist ics – Lay er 2 Switch This field... Displays... IP statistics received The total n umber of IP packets rec[...]
-
Страница 929
PowerConnect B-Series FCX Configuration Guide 887 53-1002266-01 26 no por t The number of UDP packets dropped becaus e the pack et did not contain a valid UDP port number . input errors This informatio n is used by Dell customer s uppor t. TCP statistics The TC P statistics are derived from RFC 793, “T ransmission Control Pr otocol”. current ac[...]
-
Страница 930
888 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 26[...]
-
Страница 931
PowerConnect B-Series FCX Configuration Guide 889 53-1002266-01 Chapter 27 Configuring Multicast Listening Discovery (MLD) Snooping on PowerConnect B-Series FCX Switches Ta b l e 1 6 9 lists the individual Dell Pow erConnect sw itches and the MLD snooping f eatures they suppor t.. Overview The de fault met ho d a Powe rCo nn ect us es to proc ess a[...]
-
Страница 932
890 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Overview 27 The interfaces respond to general queries by send ing a membership repor t containing one or more of the f ollowing recor ds associ at ed with a specific group: • Current-state reco rd - Indicates the sour ces from which the int er face wants t o receive or not receive tr[...]
-
Страница 933
PowerConnect B-Series FCX Configuration Guide 891 53-1002266-01 Overview 27 NOTE For this co mmand to tak e ef fect, you must sa ve the configuratio n an d reload the switch. The hardw are resource limi t applies only to sn ooping-enabled VLANs. I n VLANs where snooping is not enabled, multicast streams ar e switched in hard ware without us ing any[...]
-
Страница 934
892 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Overview 27 When any por t of a VLAN is co nfigured for MLDv2, the VLAN matches both source and group (S G) in hardware s witching. If no por t is conf igur ed f or MLDv2, the VLAN matches gr oup only (* G). Matching (S G) requires more hardware resour ces than (* G) when there are mul[...]
-
Страница 935
PowerConnect B-Series FCX Configuration Guide 893 53-1002266-01 Configuring MLD snooping 27 NOTE T o av oid version deadlock, when an interface receiv es a r epor t with a low er version than that for which it has been configured, the inter face does not automatically downgrade the running MLD ver s io n. Configuring MLD snooping Configuring MLD Sn[...]
-
Страница 936
894 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring MLD snooping 27 The sys tem s upp or ts u p to 3 2K o f gro ups . Th e co nf igu rab le r ang e i s 25 6 to 3 2 7 68 a nd the defa ult is 8 192. The configured number is the upper limit of an expandable database. Client memberships ex ceeding the group limits are no t proce[...]
-
Страница 937
PowerConnect B-Series FCX Configuration Guide 895 53-1002266-01 Configuring MLD snooping 27 Syntax: [ no ] ipv6 mld-snooping age-interval <interval> The <interval> parameter specifies the aging time. Y ou can specify a value from 20 – 7200 seconds. The default is 1 40 seconds. Modifying the query int erval (A ctive MLD snooping mode o[...]
-
Страница 938
896 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring MLD snooping 27 Modifying the wait time before sto pping traffic when receiving a leave message Y ou can define the wait time before st opping traf fic to a port when the device receiv es a leave message f or that por t. The device sends gr oup-specific queries once per se [...]
-
Страница 939
PowerConnect B-Series FCX Configuration Guide 897 53-1002266-01 Configuring MLD snooping 27 Disabling MLD snooping for the VLAN When MLD snooping is enabled g lobally, y ou can di sable it f or a specific VLAN. F or example, the follo wing commands disable MLD snoo ping for VLAN 20. This settin g o verrides the global setting fo r V L A N 2 0 . Pow[...]
-
Страница 940
898 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring MLD snooping 27 The ipv6-address paramet er is the IPv6 address of the multicast g roup. The count is optional, which allows a contiguous range of groups. Omitting the count <num> is equiv alent to the count being 1. If there are no <s tack-unit/slot/por t> numb[...]
-
Страница 941
PowerConnect B-Series FCX Configuration Guide 899 53-1002266-01 Configuring MLD snooping 27 Every group on a ph ysical por t keeps its own tracking record. How ever , it can track group membership only; it cannot track b y (source, group) . For e xample, Client A and Client B belong to group1 but each is receiving traffic from dif ferent sour ces. [...]
-
Страница 942
900 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring MLD snooping 27 Displaying MLD snooping information Y ou can display the fo l lowing MLD Snooping info rm ation: • MLD Snooping err or information • Information about VLANs • Group and f or warding information f or VLANs • MLD memor y pool usage • Status of MLD tr[...]
-
Страница 943
PowerConnect B-Series FCX Configuration Guide 901 53-1002266-01 Configuring MLD snooping 27 If tracking and fast lea ve are enabled, you can disp lay the list of clients for a par ticular group by entering the following command. Syntax: show ipv6 mld-snooping gr oup [ <group-address> [ detail ] [ tracking ]] T o receive a report for a specifi[...]
-
Страница 944
902 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring MLD snooping 27 Syntax: show ipv6 mld-snooping mcache The f ollowing table describes the output fr om the ipv6 mld-snooping mcache co mmand. Displaying software resource usa ge for VLANs T o display inf ormatio n about the sof tware resources used, enter the follo wing comm[...]
-
Страница 945
PowerConnect B-Series FCX Configuration Guide 903 53-1002266-01 Configuring MLD snooping 27 Displaying status of MLD snooping traffic T o display status inf ormation for MLD snoo ping traff ic, enter the f ollowing command. Syntax: show ipv6 mld-snooping traffic The follo wing table describes the information displa yed by the show ipv6 mld-snooping[...]
-
Страница 946
904 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring MLD snooping 27 Displaying MLD snooping information by VLAN Y ou can display MLD snooping information f or all VLANs o r f or a specif ic VLAN. For example, to display MLD snoo ping information f or VLAN 70, enter the f ollowing command. Syntax: show ipv6 mld-snooping vlan [...]
-
Страница 947
PowerConnect B-Series FCX Configuration Guide 905 53-1002266-01 Configuring MLD snooping 27 Clear MLD counters on VLANs T o clear MLD Snooping erro r and traf fic counters on all VLANs, enter a command si milar to the following. PowerConnect#clear ipv6 mld-snooping counters Syntax: clear ipv6 mld-snooping counters Clear MLD mcache T o clear the mca[...]
-
Страница 948
906 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring MLD snooping 27[...]
-
Страница 949
PowerConnect B-Series FCX Configuration Guide 907 53-1002266-01 Chapter 28 Configuring RIP (IPv4) Ta b l e 17 0 lists the individual Dell P owerConnect sw itches and the RIP features they suppor t. RIP overview Routing Inf ormation Prot ocol (RIP) is an IP route ex change protoc ol that uses a dis t ance vect or (a number represen ting a dist ance)[...]
-
Страница 950
908 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 RIP parameters and defaults 28 • Ve r s i o n ( V 1 ) • V1 compatible with V2 • V ersion (V2) (the default) ICMP host unreachable message for undeliverable ARPs If the r outer receiv es an ARP request packe t that it is unable to deliv er to the final destination because of the A[...]
-
Страница 951
PowerConnect B-Series FCX Configuration Guide 909 53-1002266-01 RIP parameters and defaults 28 RIP interface parameters Ta b l e 17 2 lists the inter face-lev el RIP parameters and their default v alues, and indicates where you can find configurat ion information. . Learning default r outes The rout er can learn default r outes from its RIP nei ghb[...]
-
Страница 952
910 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring RIP parameters 28 Configuring RIP parameters Use the follo wing procedures to configure RIP parameters on a system -wide and individual interface basis. Enabling RIP RIP is disabled b y default. T o enable it, use the f ollowing method. NOTE Y ou mus t enable the prot oco l[...]
-
Страница 953
PowerConnect B-Series FCX Configuration Guide 911 53-1002266-01 Configuring RIP parameters 28 PowerConnect(config)#interface ethernet 0/6/1 PowerConnect(config-if-0/6/1)#ip metric 5 These commands configure port 6/1 to add 5 to the cost of each r oute learned on the por t. Syntax: ip metric <1-1 6> Configuring a RIP offset list A RIP offset l[...]
-
Страница 954
912 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring RIP parameters 28 NOTE Refe r to “Changing administrative distances” on page 1 01 4 for the default di stances for all ro ute sources. T o change the administrative distance for RIP routes, ent er a command such as the follo wing. PowerConnect(config-rip-router)#distanc[...]
-
Страница 955
PowerConnect B-Series FCX Configuration Guide 913 53-1002266-01 Configuring RIP parameters 28 Syntax: [ no ] permit | deny redistribute <filter - num> all | bgp | ospf | static address <ip-addr> <ip-mask> [ match-metric <v alue> | set-metric <value> ] The <filter -num> var iable specif ies the redistribution filt[...]
-
Страница 956
914 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring RIP parameters 28 This command assigns a RIP metric of 1 0 to each rout e that is redistribut ed into RIP . Syntax: [ no ] default-m etric <1-1 5> Enabling redistribution Af ter y ou configure redistribution pa rameters , you need to enable redistribution. T o enable [...]
-
Страница 957
PowerConnect B-Series FCX Configuration Guide 915 53-1002266-01 Configuring RIP parameters 28 PowerConnect(config-rip-router)#update-time 120 This command con figures the Lay er 3 Sw itch to send RIP updates e very 120 seconds. Syntax: update-time <1-1 000> Enabling learning of RIP default routes Y ou can enable learning of RIP default rout e[...]
-
Страница 958
916 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring RIP parameters 28 These loop pre vention methods are co nfigurable on an individual interfac e basis. One of the methods is alwa ys in ef fec t on an inter face enabled f or RIP . If you disable one method, the other method is enabled. NOTE These method s may be used i n ad[...]
-
Страница 959
PowerConnect B-Series FCX Configuration Guide 917 53-1002266-01 Displaying RIP filters 28 NOTE By default, r outes that do not matc h a route filt er are learned or adve r tised. T o prevent a route fr om being learned or adv er tised, y ou must co nfigu re a filter to deny t he rout e. T o configure RIP filt ers, enter commands such as the f ollow[...]
-
Страница 960
918 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Displaying CPU utilizat ion statistics 28 Displaying CPU utilization statistics Y ou can displa y CP U utilization statistics for RIP and other IP pr otocols. T o display CPU utilization statistics for RIP f or the previous five-second, one-minute, five-minute, fif teen-minut e, and ru[...]
-
Страница 961
PowerConnect B-Series FCX Configuration Guide 919 53-1002266-01 Displaying CPU util ization statistics 28 If the soft ware has been running less than 15 minutes (the maximum interval for utilization statistics), the command indicat es how long th e sof tware has been running, as sho wn in the follo win g example. T o display utilization statistics [...]
-
Страница 962
920 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Displaying CPU utilizat ion statistics 28[...]
-
Страница 963
PowerConnect B-Series FCX Configuration Guide 921 53-1002266-01 Chapter 29 Configuring OSPF Version 2 (IPv4) Ta b l e 17 4 lists the individ ual Dell PowerConnect switches and the OS PF V ersi on 2 features they suppor t. T A B L E 174 Suppor ted OSPF V2 f eatures Feature PowerConnect B-Series FCX OSPF V2 Y es OSPF point-t o-point links Y es RFC 15[...]
-
Страница 964
922 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Overview of OSPF 29 This chapter describes how to configure OSPF Vers ion 2 on Lay er 3 Switches using the CLI. OSPF V ersion 2 is suppor t ed on devices running IPv4. NOTE The terms La yer 3 Switch and router are used int erchangeably in this chapt er and mean the same thing. Overview[...]
-
Страница 965
PowerConnect B-Series FCX Configuration Guide 923 53-1002266-01 Overview of OSPF 29 An Aut onomous System Boundary Router (ASBR) is a rout er that is running multiple protocols and serves as a gate wa y to rout ers outside an area an d those operating with dif ferent pr otocols. The ASBR is able t o impor t and translate different pr otocol rout es[...]
-
Страница 966
924 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Overview of OSPF 29 I n a n O S P F p o i n t - to - p o i n t n e t wo r k , w h e r e a d i r e c t La ye r 3 c o n n e c t i o n e x i s t s b e t w e e n a s in g l e p a i r o f OSPF rout ers, there is no need f or Designat ed and Backup Designat ed Route rs, as is the case in OSP[...]
-
Страница 967
PowerConnect B-Series FCX Configuration Guide 925 53-1002266-01 Overview of OSPF 29 NOTE Priority is a configurable opt ion at the interface level. Y ou can use this parameter to help bias one rout er as the DR. FIGURE 1 40 Backup designat ed router becomes designat ed router If two neighbors share the same priority , the rout er with the highest r[...]
-
Страница 968
926 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Overview of OSPF 29 NOTE For de tails on how to configure the syst em to operat e with the RFC 2 1 78, refer t o “Modifying the OSPF standard compliance setting” on page 962. Reduction of equivalent AS External LSAs An OSPF ASBR uses AS Ext ern al link advertisemen ts (AS External [...]
-
Страница 969
PowerConnect B-Series FCX Configuration Guide 927 53-1002266-01 Overview of OSPF 29 FIGURE 1 4 1 AS External LSA reduction Notice that both R outer D and Rout er E hav e a route t o the other routing domain thr ough Rout er F . In earlier software releases, if R outers D and E ha ve equal-co st routes t o Rout er F , then both R outer D and Rout er[...]
-
Страница 970
928 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Overview of OSPF 29 that flush the duplicate AS Ext ernal LSAs ha ve more memor y f or other OSPF data. In Figure 1 4 1 , since Rout er D has a higher router ID than Rout er E, Router D floods the AS External LSAs for Rout er F to Rout ers A , B, and C. Rout er E fl ushes the equivalen[...]
-
Страница 971
PowerConnect B-Series FCX Configuration Guide 929 53-1002266-01 Overview of OSPF 29 All three networks ha ve the sam e network address , 1 0.0. 0.0. Without suppo r t for RFC 2328 Appendix E, an OSPF r outer uses the same link state ID, 1 0.0.0.0, f or the LSAs for all three networks. For exam ple, if the rout er generates an LSA with ID 10.0.0.0 f[...]
-
Страница 972
930 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 OSPF graceful restart 29 Y ou also can change the amount of memor y alloca ted t o various types of LSA entries. Howev er , these changes require a syst em reset or reboo t. Dynamic OSPF memory Pow erCon nect devices dynam ically allocate memo r y for Link Stat e Advertisements (LSAs) [...]
-
Страница 973
PowerConnect B-Series FCX Configuration Guide 931 53-1002266-01 Configuring OSPF 29 4. Define redistribution filters, if desired. 5. Enable redistribution, if you defined redistribution filt ers. 6. Modify default global and po r t parameters as req u ired. 7 . Modify OSPF standard compliance, if desired. NOTE OSPF is automatically ena bl ed withou[...]
-
Страница 974
932 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring OSPF 29 Interface parameters: • Assign interfaces to an area. • Define the authentication key f or the inter face. • Change the authentication-change inter val • Modify the cost f or a link. • Modify the dead interval. • Modify MD5 authentication ke y parameters[...]
-
Страница 975
PowerConnect B-Series FCX Configuration Guide 933 53-1002266-01 Configuring OSPF 29 If you ha ve disabled the pr otocol but ha ve not ye t sav ed the configura tion to the startup-config f ile and reloaded the so f tware, you can restore the configuration information by re-en tering the command to enable the pr otocol (for e x ample, rou te r o s p[...]
-
Страница 976
934 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring OSPF 29 When an NSSA contains more than one ABR, OSPF elects one of the ABRs to perform the LSA translation f or NSSA. OSPF elects the ABR with the highes t route r ID. If the elected ABR becomes unavailable, OSPF aut omaticall y elects the ABR with the next highest r outer[...]
-
Страница 977
PowerConnect B-Series FCX Configuration Guide 935 53-1002266-01 Configuring OSPF 29 The stub <cost> parameter specifies an additional cost fo r using a rout e to or from this area and can be from 1 through 1 677 721 5. There is no default. Normal areas do not use the cost parameter . The no-summar y parameter applies only t o stub areas and d[...]
-
Страница 978
936 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring OSPF 29 The ABR translates the T ype-7 LSAs into T ype-5 LS As. If an area range is configured fo r the NSSA , the ABR also summarizes the LSAs into an aggregate LSA before flooding the T y pe-5 LSAs into the backbone. Since the NSSA is part ially “stubb y” the ABR does[...]
-
Страница 979
PowerConnect B-Series FCX Configuration Guide 937 53-1002266-01 Configuring OSPF 29 The <ip-mask> parameter specifies the por tions of the IP address that a r oute must contain to be summarized in the summar y rout e. In the example abo ve, all netw orks that b e g i n w i t h 2 0 9 .1 57 a r e summarized into a sing le route. Assigning an ar[...]
-
Страница 980
938 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring OSPF 29 • ip ospf cost <num> • ip ospf dead-int er val <value> • ip ospf hello-inter val <value> • ip ospf md5-authenti cation ke y -activatio n-wait-time <num> | key -i d <num> [ 0 | 1 ] key <string> • ip ospf passive • ip os[...]
-
Страница 981
PowerConnect B-Series FCX Configuration Guide 939 53-1002266-01 Configuring OSPF 29 MD5-authentication activation wait time : The number of seconds the La yer 3 Switch waits until placing a new MD5 k ey into effect. The wait time pr ovides a wa y to gracefully transition fr om one MD5 ke y to another without disturbing the network. The wait time ca[...]
-
Страница 982
940 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring OSPF 29 NOTE If you w ant the sof tware to assume that the v alu e you ent er is the clear-t ext f orm, and to encr ypt display of that form, do not ent er 0 or 1 . Instead, omit the encr yption option and allow the sof tware to use the default behavior . If you specif y en[...]
-
Страница 983
PowerConnect B-Series FCX Configuration Guide 941 53-1002266-01 Configuring OSPF 29 Block flooding of outbound LSAs on specific OSPF interfaces By default, the La yer 3 Switch floods all outbound LS As on all the OSPF interfaces within an area. Y ou can configure a filt er to block outbound LSAs on an OSPF int e r face. This f eature is par ticu la[...]
-
Страница 984
942 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring OSPF 29 PowerConnect(config)#int ve 20 PowerConnect(config-vif-20)#ip ospf area 0 PowerConnect(config-vif-20)#ip ospf network non-broadcast PowerConnect(config-vif-20)#exit Syntax: [ no ] ip ospf network non-broadcast The follo wing commands specify 1. 1.20.1 as an OSPF nei[...]
-
Страница 985
PowerConnect B-Series FCX Configuration Guide 943 53-1002266-01 Configuring OSPF 29 NOTE By default, the Dell router ID is the IP addre ss configu red on the lowest number ed loopback interface. If the Lay er 3 Switch does not hav e a loop back int er face, the default rout er ID is the lowest numbered IP address configured on the de vice. For more[...]
-
Страница 986
944 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring OSPF 29 PowerConnectC(config-ospf-router)#area 1 virtual-link 10.0.0.1 PowerConnectC(config-ospf-router)#write memory Syntax: area <ip-addr> | <num> virtual-link <router -id> [ authentication-k ey | dead-int er val | hello-interval | retransmit-interval | [...]
-
Страница 987
PowerConnect B-Series FCX Configuration Guide 945 53-1002266-01 Configuring OSPF 29 MD5 Authentication Wait Time : This parameter det ermines when a newly configured MD5 authentication key is v alid. This parameter pr ov ides a graceful transition fr om one MD5 k ey to another without disturbi ng the network. All new packets transmitt ed af ter the[...]
-
Страница 988
946 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring OSPF 29 Changing the reference bandwidth for the cost on OSPF interfaces Each int er face on which OSPF is enabled has a cost associat ed with it. The La yer 3 Switch advertises its interfaces and their costs to OSPF neighbors. F or example, if an int er face has an OSPF co[...]
-
Страница 989
PowerConnect B-Series FCX Configuration Guide 947 53-1002266-01 Configuring OSPF 29 Interface types to which the re ference bandwidth does not apply Some int er face types are not affect ed by the reference bandwidth and alw ays ha ve the same cost regardless of the ref erence bandwidth in use: • The cost of a loopback int er face is alw ays 0. ?[...]
-
Страница 990
948 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring OSPF 29 In Figure 144 on page 948, an administrator wants to configure the Pow erConnect Layer 3 Switch acting as the ASBR (Autonomous System Boundar y Rout er) between the RIP domain and the OS PF domain to redistribut e route s between the two domains. NOTE The ASBR must [...]
-
Страница 991
PowerConnect B-Series FCX Configuration Guide 949 53-1002266-01 Configuring OSPF 29 NOTE Redistribution is permitt ed for all r outes by def ault, so the permit redistribute 1 all command in the example ab ov e is shown for clari ty but is not required. Y ou also hav e the option of specifying im por t of just OSPF , BGP4, or static rout es, as wel[...]
-
Страница 992
950 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring OSPF 29 Preventing specific OSPF routes fr om being installed in the IP route table By default, all OSPF routes in the OSPF route table ar e eligibl e f or ins tallation in the IP route table. Y ou can conf igure a distribution list to explicitly den y specific routes fr om[...]
-
Страница 993
PowerConnect B-Series FCX Configuration Guide 951 53-1002266-01 Configuring OSPF 29 Syntax: deny | permit <source-ip> <wildcard> The <A CL -name> | <ACL -id> parameter specifies the ACL name or ID. The in command applies the ACL to incoming rout e updates. The <interface number> parameter spec ifies the interface numbe[...]
-
Страница 994
952 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring OSPF 29 The first th ree commands co nfigure an extended AC L that denies routes t o any 4.x.x.x destination network with a 255.255.0.0 network mask and allo ws all other rout es for eligibility t o be installed in the IP ro ute table. The last three c ommands change the CL[...]
-
Страница 995
PowerConnect B-Series FCX Configuration Guide 953 53-1002266-01 Configuring OSPF 29 Because this ACL is input to an OSPF distributi on list, the <destination- ip> parameter actually specifies the subnet mask of the route. The <wildcard> parameter specifies the por t ion of the subnet mask t o match against. F or exam ple, the <destin[...]
-
Страница 996
954 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring OSPF 29 The commands in this example configure some st atic IP r outes, then co nfigure a rout e map and use the rout e map for redistributing stati c IP routes into OSPF . The ip route commands configure the static IP rout es. The rout e- ma p command begins configuration [...]
-
Страница 997
PowerConnect B-Series FCX Configuration Guide 955 53-1002266-01 Configuring OSPF 29 NOTE For an e xternal r oute that is redistributed int o OSPF thr ough a route map, the metric v alue of the rout e remains the same un less the metric is set by a set metric command inside th e rout e ma p. The default-metric <num> command has no eff ect on t[...]
-
Страница 998
956 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring OSPF 29 • Po werConnect->R4 • Po werConnect->R5 • Po werConnect->R6 Normally , the Dell Po werCo nnect switch will ch oose the path to the R1 with the lower metric. F o r example, if R3 metric is 1 400 and R4 metric is 600, the Dell Po werConne ct switch will[...]
-
Страница 999
PowerConnect B-Series FCX Configuration Guide 957 53-1002266-01 Configuring OSPF 29 PowerConnect(config-ospf-router)#summary-address 10.1.0.0 255.255.0.0 The command in this example configures summar y address 1 0.1 .0.0, which includes addresses 1 0. 1. 1.0, 1 0.1 .2.0, 10. 1.3.0, and so on. F or all of these networks, only the address 10. 1.0.0 ([...]
-
Страница 1000
958 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring OSPF 29 If the Lay er 3 Switch is an ASBR, y ou can use the “alwa ys” option when you enable the default r oute originati on. The always opt ion ca uses the ASBR to creat e and advertise a default r oute if it does not already ha ve one configured. If default r oute ori[...]
-
Страница 1001
PowerConnect B-Series FCX Configuration Guide 959 53-1002266-01 Configuring OSPF 29 Y ou can set the dela y and hold time t o lower value s to cause the La yer 3 Switch t o change to alternat e paths more quickly in the ev ent of a rout e failure. Note that lo wer values require more CPU processing time. Y ou can change one or both of the timers. T[...]
-
Страница 1002
960 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring OSPF 29 • Inter -area routes • External r outes The default f or all these OSPF ro ute types is 11 0. NOTE This f eature does not influence the choice of routes within OSPF . For ex ample, an OSPF intra-area rout e is alwa ys preferred o ver an OSPF inter -area rout e, [...]
-
Страница 1003
PowerConnect B-Series FCX Configuration Guide 961 53-1002266-01 Configuring OSPF 29 Syntax: [ no ] timers lsa-group-pacing <secs> The <secs> paramet er specif ies the number of second s and can be from 1 0 throug h 1800 (30 minutes). The default is 2 40 seconds (4 minutes). T o restore the pacing int er val to its def ault value, enter [...]
-
Страница 1004
962 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring OSPF 29 Example T o reinstate the trap, enter the following command. PowerConnect(config-ospf-router)#trap neighbor-state-change-trap Syntax: [ no ] trap <ospf-trap> Specifying the types of OSPF Syslog messages to log Y ou can specify which kinds of OSPF-relat ed Sysl[...]
-
Страница 1005
PowerConnect B-Series FCX Configuration Guide 963 53-1002266-01 Configuring OSPF 29 NOTE Po werConnect devices dynamically allocat e OSPF memor y as needed. Ref er to “Dynamic OSPF memor y” on page 930. T o modify the exit o ver flow interval to 60 seconds, ent er the following command. PowerConnect(config-ospf-router)#database-overflow-interva[...]
-
Страница 1006
964 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Clearing OSPF information 29 Enabling and disabling OS PF graceful restart OSPF graceful restar t is enabled by def ault on a Pow erConnect La ye r 3 switch. T o disable it, use the fo llowing commands. PowerConnect (config)# router ospf PowerConnect (config-ospf-router)# no graceful-r[...]
-
Страница 1007
PowerConnect B-Series FCX Configuration Guide 965 53-1002266-01 Clearing OSPF information 29 • OSPF area inf orm ation, including rout es received from OSPF neighbors wi thin an area, as w ell as rout es impor ted int o the area. Y ou can clear area inf ormation for all OSPF areas, or f o r a specified OSPF area The OSPF infor mation is cleared d[...]
-
Страница 1008
966 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Displaying OSPF informatio n 29 Syntax: clear ospf redistribution This command clears all rout es in the OSPF r o uting table that are redistributed fr om other pro tocols, including direct connect ed, static, RIP , and BGP . T o import redistributed routes fr om othe r protoc ol s, u [...]
-
Страница 1009
PowerConnect B-Series FCX Configuration Guide 967 53-1002266-01 Displaying OSPF information 29 • T rap state inf ormation – refer t o “Displaying OSPF trap status” on page 9 78. • OSPF graceful restar t - ref er to “Displaying OSPF gracef ul restart information” on page 9 78. Displaying general OSPF configuration information T o displ[...]
-
Страница 1010
968 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Displaying OSPF informatio n 29 Displaying CPU utilization statistics Y ou can display CPU utilization statist ics for OSPF and o ther IP protocols. T o display CPU utilization statistics for OSPF f or the previous one-second, one-m inute, five-minut e, and fifteen-minute int er vals, [...]
-
Страница 1011
PowerConnect B-Series FCX Configuration Guide 969 53-1002266-01 Displaying OSPF information 29 The <num> paramet er specifies the number of seconds and can be from 1 thr ough 900. If you use this parameter , the command lists the usage statistics only f or the specified number of seconds. If you do not use this paramet er , the command lists [...]
-
Страница 1012
970 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Displaying OSPF informatio n 29 Syntax: show ip ospf neighbor [ r outer -id <ip-addr> ] | [ <num> ] | [ detail ] The ro ute r-i d <ip -addr> parameter displa ys only the neighbor entries for the specified r outer . The <num> parameter displa ys only the entr y i[...]
-
Страница 1013
PowerConnect B-Series FCX Configuration Guide 971 53-1002266-01 Displaying OSPF information 29 Displaying OSPF interface information T o display OSPF interface information, en ter the f ollowing command at any CLI le vel. State The state of t he conversation be tween the Lay er 3 Switch and the neighbor . This field can hav e one of the f ollowing [...]
-
Страница 1014
972 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Displaying OSPF informatio n 29 Syntax: show ip ospf interface [ <ip-addr> ] The <ip-addr> parameter displa ys the OSPF interface information f or the specified IP address. The follo wing table defines the highlighted fiel ds sho wn in the above example output of the sho w [...]
-
Страница 1015
PowerConnect B-Series FCX Configuration Guide 973 53-1002266-01 Displaying OSPF information 29 Displaying OSPF route information T o display OSPF r oute information f or the rout er , enter the f o llowing command at an y CLI leve l. Syntax: show ip ospf r outes [ <ip-addr> ] The <ip-addr> parameter specifies a destination IP address. I[...]
-
Страница 1016
974 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Displaying OSPF informatio n 29 Displaying the routes that have been redistributed into OSPF Y ou can display the r outes that ha ve been redist ributed into OSPF . T o displa y the redistributed rout es, enter the f ollowing command at an y level of the CLI. In this example, f our rou[...]
-
Страница 1017
PowerConnect B-Series FCX Configuration Guide 975 53-1002266-01 Displaying OSPF information 29 Displaying OSPF external link state information T o display ext ernal link state information, enter the f ollowing comm and at any CLI lev el. Syntax: show ip ospf data base e xternal-lin k-stat e [ adver tise <num> ] | [ exte n si ve ] | [ link-sta[...]
-
Страница 1018
976 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Displaying OSPF informatio n 29 Displaying OSPF link state information T o display link stat e info rmation, ent er the follo wing command at an y CLI lev el. PowerConnect#show ip ospf database link-state Syntax: show ip ospf database link -state [ advertise <num> ] | [ asbr ] | [...]
-
Страница 1019
PowerConnect B-Series FCX Configuration Guide 977 53-1002266-01 Displaying OSPF information 29 Syntax: show ip ospf data base e xternal-lin k-stat e [ adver tise <num> ] | [ link-stat e-id <ip- addr> ] | [ rout er-id <i p-addr> ] | [ sequence-numbe r <num(Hex)> ] | [ status <num> ] T o determine an e xternal LSA or oth[...]
-
Страница 1020
978 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Displaying OSPF informatio n 29 PowerConnect#show ip ospf border-routers Syntax: show ip ospf border -routers [ <ip-addr> ] The <ip-addr> parameter displa ys the ABR and ASBR entries for the specified IP address. Displaying OSPF trap status All traps are enabled by def ault[...]
-
Страница 1021
PowerConnect B-Series FCX Configuration Guide 979 53-1002266-01 Displaying OSPF information 29 Ta b l e 1 8 0 defines the fields in the show output. TA B L E 1 8 0 CLI displ ay of OSPF database grac e LSA information Field Defini tion Area The OSPF area that the int er face configured f or OSPF graceful restart is in. Interface The interface that i[...]
-
Страница 1022
980 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Displaying OSPF informatio n 29[...]
-
Страница 1023
PowerConnect B-Series FCX Configuration Guide 981 53-1002266-01 Chapter 30 Configuring BGP4 (IPv4) Ta b l e 1 8 1 lists individual Dell P owerCo nnect switches and the BGP4 f eatures they suppor t. BGP4 f eatures are suppor ted on P owerConnect B-Seri es FCX ADV devic es running the full Layer 3 soft ware image. This chapter pr ovides de tails on h[...]
-
Страница 1024
982 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Overview of BGP4 30 Overview of BGP4 BGP4 is the standard Ext erior Gatew ay Pr otocol (E GP) used on the Internet to route traffic between Auto no m ou s S y ste ms (A S ) a nd to m a in ta in lo o p- fr e e ro ut in g. An a uto no m ou s s ys te m i s a co ll ec t io n of networks th[...]
-
Страница 1025
PowerConnect B-Series FCX Configuration Guide 983 53-1002266-01 Overview of BGP4 30 Although a La yer 3 Switch BGP4 r oute table can ha ve multiple r outes t o the same destination, the BGP4 prot ocol evaluat es the rout es and chooses only one of the rout es to send to the IP rout e table. The rout e that BGP4 chooses and sends to th e IP r oute t[...]
-
Страница 1026
984 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Overview of BGP4 30 3. If the weights are the same, prefer the route with the larg est local preference. 4. If the ro utes hav e the same local pref erence, pref er the route that w as originated locally (by this BGP4 Lay er 3 Switch). 5. If the local pref erences are the same, pref er[...]
-
Страница 1027
PowerConnect B-Series FCX Configuration Guide 985 53-1002266-01 Overview of BGP4 30 NOTE Lay er 3 Switches suppor t BGP4 lo ad sharing among multiple equal-cost paths. BGP4 load sharing enables the Lay er 3 Switch to balance th e traf fic across the multiple paths instead of choosing just one path based on r outer ID. F or EBGP routes, load sharing[...]
-
Страница 1028
986 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Overview of BGP4 30 UPDATE message Af ter BGP4 neighbors establish a BGP4 connectio n over T CP and exchange their BGP4 r outing tables, they do no t send periodic r outing updates. I ns t e a d , a BG P 4 n e i g h b o r s e n d s a n up d a t e to i t s neighbor when it has a new r o[...]
-
Страница 1029
PowerConnect B-Series FCX Configuration Guide 987 53-1002266-01 BGP4 graceful restart 30 BGP4 graceful restart BGP4 graceful restar t is a high-availability r outing feature that minimizes disruption in traf fic forwar ding, diminishes route flapping , and provides continuous service during a syst em restar t, switchov er , failov er , or hitless O[...]
-
Страница 1030
988 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 BGP4 parameters 30 NOTE By default, the r outer ID is the IP address configur ed on the lowest numbered loopback inte r face. If the La yer 3 Switch does not ha ve a loopback int er face, the def ault router ID is the lowest numbered IP interface address configured on the de vice. For [...]
-
Страница 1031
PowerConnect B-Series FCX Configuration Guide 989 53-1002266-01 BGP4 parameters 30 • Req uired – Identify BGP4 neighbors. • Optional – Change the K eep Alive Time and Hold Time. • Optional – Change the update timer for r oute changes. • Optional – Enable fast e xternal fallo ver . • Optional – Specify a list of individual networ[...]
-
Страница 1032
990 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 BGP4 parameters 30 Immediately The follo wing parameter changes take ef fect immediat ely: • Enable or disable BGP . • Set or change the local AS. • Add neighbors. • Change the update time r for r oute changes. • Disable or enable fast e xternal fallov er . • Specify indivi[...]
-
Страница 1033
PowerConnect B-Series FCX Configuration Guide 991 53-1002266-01 Memory considerations 30 After disabling and re-e nabling redistribution The following paramet er ch ange takes effect only af ter you disable and then re-enable redistribution: • Change the default MED (metric). Memory considerations BGP4 handles a very large number of rout es and t[...]
-
Страница 1034
992 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Basic configuration tasks 30 Basic configuration tasks The f ollowing sections describe ho w to per fo rm th e configuration tasks that are required to use BGP4 on the Lay er 3 Switch. Y ou can modify man y parameters in addition t o the ones described in this section. Ref er to “Opt[...]
-
Страница 1035
PowerConnect B-Series FCX Configuration Guide 993 53-1002266-01 Basic configuration tasks 30 Setting the local AS number The local AS number identifies th e AS the Dell BGP4 rout er is in. The AS number can be from 1 through 65535 . There is no default. AS nu mbers 645 12 thr ough 65535 are the well-kno wn privat e BGP4 AS numbers and are not adver[...]
-
Страница 1036
994 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Basic configuration tasks 30 NOTE If the Lay er 3 Switch has multiple neighbors with s imilar attributes, you can simplify configuration by configuring a peer gr oup, then addi ng individual neighbors t o it. Th e configuration steps are similar , ex cept you specify a peer group name [...]
-
Страница 1037
PowerConnect B-Series FCX Configuration Guide 995 53-1002266-01 Basic configuration tasks 30 NOTE The Lay er 3 Switch applies the adver tisement inte rval only under cer tain conditions. The Lay er 3 Switch does not apply the advertisement inter val when sending initial updates t o a BGP4 n eighbor . As a result, the La yer 3 Switch sends the updat[...]
-
Страница 1038
996 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Basic configuration tasks 30 filter -list in | out <num,num,...> sp ecif i es a n AS -pa th f ilte r lis t o r a li st of AS -p ath ACLs. The in | out ke yword specifies whe ther the list is applied on updat es received from the ne ighbor or sent to the neighbor . If you specify [...]
-
Страница 1039
PowerConnect B-Series FCX Configuration Guide 997 53-1002266-01 Basic configuration tasks 30 NOTE If you w ant the sof tware to assume that the v alu e you ent er is the clear-t ext f orm, and to encr ypt display of that form, do not enter 0 or 1. I n stead, omit the encr yption option and allow the software to use the default behavior . If you spe[...]
-
Страница 1040
998 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Basic configuration tasks 30 indefinitely f or messages from a neighbor withou t concluding that the neig hbor is dead. The defaults f or these parameters are the currently co nfigured glo bal Keep Aliv e Time and Hold Time. For more informatio n about these paramet ers, refer to “Ch[...]
-
Страница 1041
PowerConnect B-Series FCX Configuration Guide 999 53-1002266-01 Basic configuration tasks 30 Notice that the sof tware has converted the comman ds that specify an auth entication string into the new syntax (described belo w), and has encr yp t ed display of the authentication strings. Command syntax Since the default beha vior does not affect the B[...]
-
Страница 1042
1000 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Basic configuration tasks 30 The enable passw ord-display command enables display of the auth entication string, but only in the output of the show ip bgp neighbors command. Displa y of the string is still encrypted in the star tup-conf ig file and run ning-config. Enter the command a[...]
-
Страница 1043
PowerConnect B-Series FCX Configuration Guide 1001 53-1002266-01 Basic configuration tasks 30 NOTE If you ent er a command to remo ve the remot e AS paramet er from a peer gr oup, the sof tware checks to ensure that the peer gr oup does not contain an y neighbors. If the peer gr oup does contain neighbors, the sof tware does not allo w you t o remo[...]
-
Страница 1044
1002 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Basic configuration tasks 30 • If you add a paramet er to a peer group that alre ady conta ins neighbors, the parameter value is applied to neighbors that do no t already have the paramet er explicitly set. If a neighbor has the parameter e xplicit ly set, the explicitly set valu e [...]
-
Страница 1045
PowerConnect B-Series FCX Configuration Guide 1003 53-1002266-01 Basic configuration tasks 30 [ send-community ] [ sof t-reconfiguration inbound ] [ shutdown ] [ timers keep-alive <num> hold-time <num> ] [ update-sour ce loopback <num> ] [ wei gh t <num> ] The <ip-addr> | <peer -group-name> parameter indicates wh[...]
-
Страница 1046
1004 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Optional configuration tasks 30 NOTE The sof tware also contains an op tion t o end the session with a BGP4 neighbor and thus clear the rout es learned from the neighbor . Unlik e this clear option, the option f or shutting down the neighbor can be sav ed in the star tup-config file a[...]
-
Страница 1047
PowerConnect B-Series FCX Configuration Guide 1005 53-1002266-01 Optional configuratio n tasks 30 For e a ch key wo rd , <num> indicates the number of seconds. The K eep Alive Time can be 0 thr ough 65535. The Hold Time c an be 0 or 3 through 6553 5 (1 and 2 are not allow ed). If you set the Hold Time to 0, the r outer waits indefinitely f or[...]
-
Страница 1048
1006 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Optional configuration tasks 30 Changing the maximum number of paths for BGP4 load sharing Load sharing enables the La yer 3 Switch to balanc e traffic to a route acr oss mu ltiple equal-cost paths of the same type (EBGP or IBGP) f or the rout e. T o configure the Layer 3 Switch t o p[...]
-
Страница 1049
PowerConnect B-Series FCX Configuration Guide 1007 53-1002266-01 Optional configuratio n tasks 30 If an IGP path used b y a BGP4 nex t-hop route path installed in the IP rout e table changes, then the BGP4 paths and IP paths are adjusted accor dingly . For e xample, if one of the OS PF paths to reach the BGP4 next hop goes do wn, the software remov[...]
-
Страница 1050
1008 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Optional configuration tasks 30 • multi-as – Load sharing is enabled for pa ths from different autonomous systems. By default, load sharing applies to EBGP and IBGP paths, and does not apply to paths from different neighboring autonomous syst ems. Specifying a list of networks to [...]
-
Страница 1051
PowerConnect B-Series FCX Configuration Guide 1009 53-1002266-01 Optional configuratio n tasks 30 T o configure a route map, and use it t o set or ch ange ro ute attributes for a network y ou def ine for BGP4 to adv er tise, enter commands such as the f ollowing. PowerConnect(config)#route-map set_net permit 1 PowerConnect(config-routemap set_net)#[...]
-
Страница 1052
1010 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Optional configuration tasks 30 Using the IP default route as a valid next hop for a BGP4 route By default, the Layer 3 Switch does not use a default route t o resolve a BGP4 ne xt-hop rout e. If the IP rout e lookup f or the BGP4 next hop does no t result in a valid IGP r oute (inclu[...]
-
Страница 1053
PowerConnect B-Series FCX Configuration Guide 1011 53-1002266-01 Optional configuratio n tasks 30 Enabling next-hop recursion For each BGP4 rout e a Layer 3 Switch learns, the Lay er 3 Switch per forms a r oute look up to obtain the IP address of the r oute nex t hop. A BGP4 rout e becomes eligible for installation into the IP rout e table only if [...]
-
Страница 1054
1012 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Optional configuration tasks 30 In this ex ample, the Laye r 3 Switch cannot reach 2 40.0.0.0/2 4, because the next-ho p IP address f or the rout e is an IBGP rout e instead of an IGP route, and thus is considered unreachable by th e Lay er 3 Switch. Here is the IP ro ute table entr y[...]
-
Страница 1055
PowerConnect B-Series FCX Configuration Guide 1013 53-1002266-01 Optional configuratio n tasks 30 The first look up results in an IBGP r oute, t o network 1 02.0.0.0/2 4. Since the ro ute to 1 02.0.0. 1/2 4 is not an IGP ro ute, the Lay er 3 Switch cannot reach the ne xt hop through IP , and thus cannot use the BGP r oute. In this case, since recur[...]
-
Страница 1056
1014 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Optional configuration tasks 30 This Laye r 3 Switch can use this route because the Lay er 3 Switch has an IP r oute to the ne xt-hop gate wa y . Without recursive ne xt-hop look ups, th is route w ould not be in the IP rout e table. Enabling recursive next-hop lookups The recursive n[...]
-
Страница 1057
PowerConnect B-Series FCX Configuration Guide 1015 53-1002266-01 Optional configuratio n tasks 30 Lower administrativ e distances ar e preferred over higher distances. F or example, if the router receives r outes f or the same network from OSPF and fr om RIP , the rout er will prefer the OSPF route by default. The administrative di stances are conf[...]
-
Страница 1058
1016 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Optional configuration tasks 30 PowerConnect(config-bgp-router)#as-path-ignore This command disables comparison of the AS-Pat h lengths of ot her wise equal paths. When you disable AS-Path length comparison , the BGP4 algorithm shown in “How BGP4 sele cts a path for a rou te ” on [...]
-
Страница 1059
PowerConnect B-Series FCX Configuration Guide 1017 53-1002266-01 Optional configuratio n tasks 30 Y ou can enable the Lay er 3 Switch to alwa ys co mpare the MEDs, regar dless of the AS information in the paths. For example, if the r outer receiv es UPDA TES for the same r oute fr om neighbors in three autonomo us systems, the rout er would compare[...]
-
Страница 1060
1018 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Optional configuration tasks 30 • A cluster is a gr oup of IGP rout ers organized into r oute reflect ors and route re flector clients. Y ou configure the cluster b y ass igning a cluster ID on the r oute reflector and identifying the IGP neighbors that are members of that cluster .[...]
-
Страница 1061
PowerConnect B-Series FCX Configuration Guide 1019 53-1002266-01 Optional configuratio n tasks 30 FIGURE 1 4 7 Example of a route reflector configuration Support for RFC 2796 Rout e reflection on Dell Pow erConnect devices is based on RFC 279 6. This updated RFC helps eliminate r outing loop s that are possible in some implementations of the older [...]
-
Страница 1062
1020 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Optional configuration tasks 30 • A Lay er 3 Switch configured as a rout e reflector sets the ORI GINA T OR_ID attribute to the r outer ID of the r outer that originat ed the rout e. Moreov er , the r oute reflecto r sets the attribute only if this is the first time the route is bei[...]
-
Страница 1063
PowerConnect B-Series FCX Configuration Guide 1021 53-1002266-01 Optional configuratio n tasks 30 If you need t o disable rout e reflection between clients, enter the f ollowing co mmand. When t he fe ature is disabled, rout e reflection does not occu r betw een clients but reflection does still occur between cl ients and non-clients. PowerConnect([...]
-
Страница 1064
1022 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Optional configuration tasks 30 FIGURE 1 48 Ex ample of a BGP4 confederation In this example, f our switches are configured in to two sub-autonomous systems, each containing two of the switches. The sub-aut onomous system s are members of conf ederation 1 0. Switches within a sub-AS m[...]
-
Страница 1065
PowerConnect B-Series FCX Configuration Guide 1023 53-1002266-01 Optional configuratio n tasks 30 • Configure the conf ederation ID. The confederation ID is the A S number by which BGP switches outside the confed eration know the confed eration. Thus, a BGP switch outside the conf ederation is not aware and does not care that y our BGP switches a[...]
-
Страница 1066
1024 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Optional configuration tasks 30 Commands for router C PowerConnectC(config)#router bgp PowerConnectC(config-bgp-router)#local-as 64513 PowerConnectC(config-bgp-router)#confederation identifier 10 PowerConnectC(config-bgp-router)#confederation peers 64512 64513 PowerConnectC(config-bgp[...]
-
Страница 1067
PowerConnect B-Series FCX Configuration Guide 1025 53-1002266-01 Configuring BGP4 graceful restart 30 The advert ise-map <map-name> parameter configures the r outer t o adver tise the more specific rout es in the specified r oute map. The attribut e-map <map-name> parameter configures the r outer t o set attributes f or the aggregate ro[...]
-
Страница 1068
1026 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 BGP null0 routing 30 Configuring the BGP4 graceful restart stale ro utes timer Use the f ollowing command t o specify the maximum am ount of time a helper device will wait f or a n end-of-RIB message fr om a peer before delet ing routes from that peer . PowerConnect (config-bgp)# grac[...]
-
Страница 1069
PowerConnect B-Series FCX Configuration Guide 1027 53-1002266-01 BGP null0 routing 30 Figure 149 shows a t o pology for a null0 routing application ex ample. FIGURE 1 49 Ex ample of a null0 routing application The follo wing steps configu re a null0 routing applicat ion for st opping denial of ser vice attack s from remote hosts on the int ernet. C[...]
-
Страница 1070
1028 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 BGP null0 routing 30 Configuration examples S6 The following configuration defines specific prefixes t o filter . PowerConnect(config)#ip route 110.0.0.40/29 ethernet 3/7 tag 50 PowerConnect(config)#ip route 115.0.0.192/27 ethernet 3/7 tag 50 PowerConnect(config)#ip route 120.014.0/23[...]
-
Страница 1071
PowerConnect B-Series FCX Configuration Guide 1029 53-1002266-01 BGP null0 routing 30 Show commands Af ter configuring the null0 applicat ion, y ou can display the output. S6 The following is the show ip r oute static output for S6. S1 and S2 The following is the show ip r oute static output for S1 and S2. S6 The following is the show ip bgp rout e[...]
-
Страница 1072
1030 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Modifying redistribution parameters 30 S1 and S2 The show ip r oute output f or S1 and S2 shows "drop" under the Port column for the network prefixes you configured with null0 ro uting. Modifying redistribution parameters By default, the La yer 3 Switch does not redistri but[...]
-
Страница 1073
PowerConnect B-Series FCX Configuration Guide 1031 53-1002266-01 Modifying redistri bution parameters 30 Re fe r t o t he fo l l ow i n g s e c t i on s fo r d et a i l s o n redistrib uting specific rout es using the CLI: • “Redistributing connect ed route s” on page 103 1 • “Redistributing RIP r outes” on page 1 03 1 • “Redistribu[...]
-
Страница 1074
1032 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Modifying redistribution parameters 30 Syntax: redistribute ospf [ match in ternal | exte rn al 1 | ex te rn a l2 ] [ metric <num> ] [ ro u te- m ap <map-name> ] The ospf parameter indicat es that you are redi stributing OSPF ro utes into BGP4. The match intern al | ex ter[...]
-
Страница 1075
PowerConnect B-Series FCX Configuration Guide 1033 53-1002266-01 Filtering 30 T o disable re-advertisement of BGP4 rout es to BG P4 neighbors e xcept for r outes that the software also instal ls in the rout e tabl e, ent er the following command. PowerConnect(config-bgp-router)#no readvertise Syntax: [ no ] readvert ise T o re-enable re-advertiseme[...]
-
Страница 1076
1034 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Filtering 30 NOTE Once you define a filter , the default action f or ad dresses that do no t match a filter is “den y”. T o change the default action to “permit”, configure the last filter as “permit an y any”. Address filt ers can be referre d to by a BGP neighbor 's[...]
-
Страница 1077
PowerConnect B-Series FCX Configuration Guide 1035 53-1002266-01 Filtering 30 If you enable the soft ware t o display IP subnet ma sks in CIDR fo rmat, the mask is sav ed in the file in “/ <mask-bits> ” f o rmat. T o enable the software to displa y the CIDR masks, ent er the ip show-subnet-len gth command at the global CONFIG le vel of th[...]
-
Страница 1078
1036 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Filtering 30 The <as-path> paramet er indicates the AS-path inf ormatio n. Y ou can enter an e x act AS-path stri ng if you w ant to filt er for a specific v alue. Y o u al so can use regu lar expressions in the filt er string. Defining an AS-path ACL T o conf igure an AS -path [...]
-
Страница 1079
PowerConnect B-Series FCX Configuration Guide 1037 53-1002266-01 Filtering 30 Special characters When you ent er as single-character e xpression or a list of charact ers, you also can use the follo win g special characters. Ta b l e 1 8 2 on page 1 03 7 lists the special characters. The description for each special character includes an e xample. N[...]
-
Страница 1080
1038 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Filtering 30 If you want t o filter f or a special character instead of u sing the special charact er , enter “” (backslash) in front of the charact er . For e xampl e, to filt er on AS-path strings cont aining an asterisk, ent er the asterisk por tion of the regular e xpression [...]
-
Страница 1081
PowerConnect B-Series FCX Configuration Guide 1039 53-1002266-01 Filtering 30 NOTE The La yer 3 Switch cannot actively support commun it y filters and community list ACLs at the same time. Use one method or the other but do not mix methods. NOTE Once you define a filt er or ACL, the de fault action fo r com munities that do not match a filter or A [...]
-
Страница 1082
1040 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Filtering 30 The no-export keyw ord filt ers for r outes with the w ell -known community “NO_EXPORT”. A r oute in this community should no t be adver tised to an y BGP4 neighbors outside the local AS . If the rout er is a member of a conf ederation, the Lay er 3 Switch advertises [...]
-
Страница 1083
PowerConnect B-Series FCX Configuration Guide 1041 53-1002266-01 Filtering 30 The <regular-e xpression> parameter specifies a regular e xpr ession fo r matching on community names. For inf ormation about regu lar expression syntax, ref er to “Using regular expressions” on page 1 036. Y ou can specify a regular expressi on only in an e xte[...]
-
Страница 1084
1042 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Filtering 30 Defining neighbor distribute lists A neighbor di stribute list is a list of BGP4 addre ss filters or A CLs that filter the traf fic to or fr om a neighbor . T o configure a neighbo r distribute list, use either of the follo wing methods. T o configure a distribute list th[...]
-
Страница 1085
PowerConnect B-Series FCX Configuration Guide 1043 53-1002266-01 Filtering 30 If the r oute map contains set stat ements, rout es that are permitted b y the rout e map match statements are modified acco r ding to the set statements. Match statements com pare the ro ute ag ainst one or more of the follo wing: • The rout e BGP4 MED (metric) • A s[...]
-
Страница 1086
1044 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Filtering 30 As shown in this e xample, the command pro mpt changes to the R oute Map lev el. Y ou can enter the match and set stat ements at this level. R efer t o “Specifying the match conditions” on page 1 044 and “Setting parameters in the rout es” on page 1 04 7. The <[...]
-
Страница 1087
PowerConnect B-Series FCX Configuration Guide 1045 53-1002266-01 Filtering 30 NOTE The filters must al ready be configured. The community <num> parameter specifies a community ACL. NOTE The ACL must already be configured. The community <ACL> exac t -m at ch parameter matches a r oute if (and only if) the r oute's community attribut[...]
-
Страница 1088
1046 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Filtering 30 PowerConnect(config)#ip community-list 1 permit 123:2 PowerConnect(config)#route-map CommMap permit 1 PowerConnect(config-routemap CommMap)#match community 1 Syntax: match community <string> The <str ing> parameter specifies a co mmunity list AC L. T o configu[...]
-
Страница 1089
PowerConnect B-Series FCX Configuration Guide 1047 53-1002266-01 Filtering 30 The first command configures an IP AC L that ma tches on rout es received fr om 192. 168.6.0/2 4. The remaining commands conf igure a rout e map th at matches on all BGP 4 r outes advertised by the BGP4 neighbors whose addresses match addresses in the IP prefix list. Y ou[...]
-
Страница 1090
1048 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Filtering 30 [ dampening [ <half-life> <reuse> <sup press> <max-suppress-time> ]] [[ default ] interface null0 | [ ip [ default ] ne xt hop <ip-addr> ] [ ip ne xt-hop peer-address ] | [ local-pref erence <num> ] | [ metric [ + | - ] <num> | no[...]
-
Страница 1091
PowerConnect B-Series FCX Configuration Guide 1049 53-1002266-01 Filtering 30 The metric-type type-1 | type-2 paramet er changes the metric type of a rout e redistributed into OSPF . The metric -type internal paramet er s ets the rout e's ME D to the same value as the IGP metric of the BGP4 nex t-hop rout e. The parameter does this when adv er[...]
-
Страница 1092
1050 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Filtering 30 These commands configure a route map that matches on r outes whose destination network is specified in ACL 1, a nd sets the next hop in the rout es to the neighbor address (inbound filt ering) or the local IP address of the BGP4 session (outbound filtering ). Syntax: set [...]
-
Страница 1093
PowerConnect B-Series FCX Configuration Guide 1051 53-1002266-01 Filtering 30 T o create a r oute map and identify it as a tabl e map, enter commands such as f ollowing. These commands create a r oute map that uses an address filter . For r outes that match the address filt er , the rout e map changes the tag v alue to 1 00. This ro ut e ma p is th[...]
-
Страница 1094
1052 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Filtering 30 PowerConnect(config)#ip prefix-list Routesfrom1234 deny 20.20.0.0/24 PowerConnect(config)#ip prefix-list Routesfrom1234 permit 0.0.0.0/0 le 32 PowerConnect(config)#router bgp PowerConnect(config-bgp-router)#neighbor 1.2.3.4 prefix-list Routesfrom1234 in PowerConnect(confi[...]
-
Страница 1095
PowerConnect B-Series FCX Configuration Guide 1053 53-1002266-01 Filtering 30 T o per form a soft reset of a neighbor session and send ORFs t o the neighbor , enter a command such as the fo llowing. PowerConnect#clear ip bgp neighbor 1.2.3.4 soft in prefix-list Syntax: clear ip bgp neighbor <ip-addr> [ sof t in prefix-filter ] If you use the [...]
-
Страница 1096
1054 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring route flap dampening 30 Configuring route flap dampening A “rout e flap” is the change in a rout e state, fr om up to down or do wn to up. When a r oute state changes, the state change causes changes in the r o ute tables of the ro uters that suppor t the r oute. F req[...]
-
Страница 1097
PowerConnect B-Series FCX Configuration Guide 1055 53-1002266-01 Configuring route flap dampening 30 Globally configuring route flap dampening T o enable rout e flap dampening using the default values, ent er the follo wing command. PowerConnect(config-bgp-router)#dampening Syntax: dampeni ng [ <half-life> <reuse> <suppress> <m[...]
-
Страница 1098
1056 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring route flap dampening 30 The address-filter commands in this e xample configure two BGP4 address filters, f or networks 209. 15 7 .22.0 and 209. 15 7 .23.0. The first r oute- map command creates an entry in a route map called “DAMPENING_MAP”. Within this entry of the ro[...]
-
Страница 1099
PowerConnect B-Series FCX Configuration Guide 1057 53-1002266-01 Configuring route flap dampening 30 PowerConnect(config)#route-map DAMPENING_MAP_ENABLE permit 1 PowerConnect(config-routemap DAMPENING_MAP_ENABLE)#exit PowerConnect(config)#route-map DAMPENING_MAP_NEIGHBOR_A permit 1 PowerConnect(config-routemap DAMPENING_MAP_NEIGHBOR_A)#set dampenin[...]
-
Страница 1100
1058 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring route flap dampening 30 Here is an example. The aggregate-address command conf igures an aggregate address. The summar y -only p arameter prev ents the Layer 3 Switch fr om adver tising more specific routes contained within the aggregat e ro ute. The show ip bgp r oute com[...]
-
Страница 1101
PowerConnect B-Series FCX Configuration Guide 1059 53-1002266-01 Configuring route flap dampening 30 Displaying and clearing route flap dampening statistics The sof tware pro vides many options for displa ying an d clearing r oute flap statistics. T o display the statistics, use either of the f ollowing methods. Displaying route flap dampening stat[...]
-
Страница 1102
1060 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Generating traps for BGP 30 Y ou also can display all the dampened rout es by ente ring the sho w ip bgp dampened-paths command. Clearing route flap dampening statistics T o clear rout e flap dampening statis tics, use the following CLI method. NOTE Clearing the dampening statistics f[...]
-
Страница 1103
PowerConnect B-Series FCX Configuration Guide 1061 53-1002266-01 Displaying BGP4 informatio n 30 Syntax: [ no ] snmp-ser ver enable traps bgp Use the no for m o f t h e c om m a n d t o disable BGP traps. Displaying BGP4 information Y ou can display the fo l lowing configuration information and statistics for the BGP4 pr otocol on the rou te r: •[...]
-
Страница 1104
1062 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Displaying BGP4 information 30 Ta b l e 1 8 4 lists the field definitions f or the command output. TA B L E 1 8 4 BGP4 summa r y information Field Des cription Rout er ID The Layer 3 Swit ch router ID . Local AS Number The BGP4 AS number the rout er is in. Conf ederation Identifier Th[...]
-
Страница 1105
PowerConnect B-Series FCX Configuration Guide 1063 53-1002266-01 Displaying BGP4 informatio n 30 State The state of this router neighbo r session with each neighbor. The states are from this r outer perspectiv e of the session, not the neighbor perspecti ve. The stat e values are based on the BGP4 state machine values descri bed in RFC 1 77 1 and c[...]
-
Страница 1106
1064 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Displaying BGP4 information 30 Displaying the active BGP4 configuration T o view the active BGP4 configuration inf ormatio n contained in the running-config without displaying the entire running-confi g, use the f ollowing CLI method. T o display the d evice activ e BGP4 configuration[...]
-
Страница 1107
PowerConnect B-Series FCX Configuration Guide 1065 53-1002266-01 Displaying BGP4 informatio n 30 If the soft ware has been running less than 15 minutes (the maximum interval for utilization statistics), the command indicat es how long the software has been running. Her e is an example. T o display utilization statistics for a specific number of sec[...]
-
Страница 1108
1066 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Displaying BGP4 information 30 Displaying summary neighbor information T o display summary neighbor information, ent er a command such as the follo w ing at any le vel of the CLI. Syntax: show ip bgp neighbors [ <ip-addr> ] | [ rout es-summary ] Ta b l e 1 8 5 lists the field de[...]
-
Страница 1109
PowerConnect B-Series FCX Configuration Guide 1067 53-1002266-01 Displaying BGP4 informatio n 30 Displaying BGP4 neighbor information T o view BGP4 neighbor info rmatio n including the values f or all the configured parameters, enter the f ollowing command. NOTE The display sho ws all the configured param et er s fo r the neighbor . Only the parame[...]
-
Страница 1110
1068 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Displaying BGP4 information 30 This example sho ws how to displa y information for a specific neighbor , by specifying the neighbor IP address with the command. None of the o ther disp lay options are used; thus, all of the information is display ed for the neighbor . The number in th[...]
-
Страница 1111
PowerConnect B-Series FCX Configuration Guide 1069 53-1002266-01 Displaying BGP4 informatio n 30 The attribute-entries option shows the attribute-entries associated with r outes received fr om the neighbor . The flap-statistics option sho ws the route flap statistics f or rout es received from or se nt to the neighbor . The last-pack et-with-error [...]
-
Страница 1112
1070 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Displaying BGP4 information 30 Rout erID The neighbor rout er ID. Description The descripti on you gav e the neighbor when you configured it on the La yer 3 Switch. State The state of the r outer session with the neig hbor . The states are fr om this router perspective of the session,[...]
-
Страница 1113
PowerConnect B-Series FCX Configuration Guide 1071 53-1002266-01 Displaying BGP4 informatio n 30 Remo vePrivat eAs Wheth er this option is enabled for the neigh bor . Refresh Capability Whether this Lay er 3 Switch has received con f irmation fr om the neighbor that the neighbor suppo r ts the dynamic refresh capabili ty. Coopera tiveFilteringCa pa[...]
-
Страница 1114
1072 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Displaying BGP4 information 30 Last Connection R eset Rea so n The reason the pre vious session with this neighbor ended. The reason can be one of the f ollowing. Reaso ns described in the BGP specifi cations: • Message Header E rror • Connection Not Synch ronized • Bad Message [...]
-
Страница 1115
PowerConnect B-Series FCX Configuration Guide 1073 53-1002266-01 Displaying BGP4 informatio n 30 Notification Sent If the rout er receives a NO TIFICA TION message from the neighbor , the messag e contains an e rror code corresp onding to one of the following errors. Some errors hav e subcodes that clarify the reason f or the error . Where applicab[...]
-
Страница 1116
1074 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Displaying BGP4 information 30 T CP Connection state The state of the connect ion with the neighbor . The connection can ha ve one of the fol l ow i ng s ta t es : • LISTEN – Waiting for a connection request. • SYN-SENT – W aiting for a matchi ng connection request after havi [...]
-
Страница 1117
PowerConnect B-Series FCX Configuration Guide 1075 53-1002266-01 Displaying BGP4 informatio n 30 Displaying route information for a neighbor Y ou can display r outes based on the f ollowing criteria: • A summar y of the r outes fo r a specific neighbor . • The rout es received fr om the neighbor that the La yer 3 Switch select ed as the best r [...]
-
Страница 1118
1076 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Displaying BGP4 information 30 T A B L E 187 BGP4 route s ummar y information f or a neighbor Field Des cription Rout es Received How many r outes the Lay er 3 Switch has received fr om the neighbor during the current BGP4 sessio n: • Accepted/Ins talled – Ind icates how man y o f[...]
-
Страница 1119
PowerConnect B-Series FCX Configuration Guide 1077 53-1002266-01 Displaying BGP4 informatio n 30 Displaying advertised routes T o display the r outes the Lay er 3 Switch has adver tised to a specific neighbor f or a specific network, enter a command such as the f ollowing at an y level of the CLI. Y ou also can enter a specif ic rout e, as in the f[...]
-
Страница 1120
1078 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Displaying BGP4 information 30 Displaying the best routes th at were nonetheless not inst alled in the IP route table T o display the B GP4 routes receiv ed from a specific neighbor that are the “best” ro utes to their destinations but are not installed in the Lay er 3 Sw itch IP [...]
-
Страница 1121
PowerConnect B-Series FCX Configuration Guide 1079 53-1002266-01 Displaying BGP4 informatio n 30 Syntax: show ip bgp pee r-group [ <peer-gr oup-name> ] Only the parameters that hav e values dif ferent fr om their defaults are listed. Displaying summary route information T o display summary stat istics for all the r outes in the La yer 3 Switc[...]
-
Страница 1122
1080 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Displaying BGP4 information 30 Displaying the BGP4 route table BGP4 uses filters y ou define as well as the algorithm described in “Ho w BGP4 selects a path for a rou te ” on page 983 to de termine the pref erred ro ute to a destination. BGP4 sends only the pref erred rout e to th[...]
-
Страница 1123
PowerConnect B-Series FCX Configuration Guide 1081 53-1002266-01 Displaying BGP4 informatio n 30 The community option lets you displa y routes f or a specific co mmunity . Y ou can specify local-as , no-export , no-adver tise , internet , or a privat e community number . Y ou can specify the community number as either two fiv e-digit integer values[...]
-
Страница 1124
1082 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Displaying BGP4 information 30 For inf ormation about the f ields in this display , refer t o T a ble 189 on page 1 083. The fields in this display also appear in the sho w ip b gp displa y . Displaying the best BGP4 routes that are n ot in the IP route table When the La yer 3 Switch [...]
-
Страница 1125
PowerConnect B-Series FCX Configuration Guide 1083 53-1002266-01 Displaying BGP4 informatio n 30 Displaying information for a specific route T o display BGP4 network inf ormation by specifyi ng an IP address within the network, enter a command such as the follo wing at any lev el of the CLI. Syntax: show ip bgp [ route ] <ip-addr> / <p ref[...]
-
Страница 1126
1084 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Displaying BGP4 information 30 Displaying route details Here is an e xample of the information displa yed when you use the detail option. In this exam ple, the information f or one route is show n . Wei ght The value that this r outer associat es with rout es from a specific neighbor [...]
-
Страница 1127
PowerConnect B-Series FCX Configuration Guide 1085 53-1002266-01 Displaying BGP4 informatio n 30 These displays show the f ollowing information. TA B L E 19 0 BGP4 route inf ormation Field Des cription T otal number of BGP Rout es The number of BGP4 routes. Status codes A list of the characters the displa y uses to indicate the r oute status. The s[...]
-
Страница 1128
1086 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Displaying BGP4 information 30 Displaying BGP4 route-attribute entries The rout e-attribute entries table lists the se ts of BGP4 attributes st ored in the route r memor y . Each set of attributes is unique an d can be associated with one or more routes. In f act, the router typically[...]
-
Страница 1129
PowerConnect B-Series FCX Configuration Guide 1087 53-1002266-01 Displaying BGP4 informatio n 30 Displaying the routes BG P4 has placed in the IP route table The IP route table indicates the rout es it has re ce ived fr om BGP4 by listing “BGP” as the r oute type. T o display the I P route table, ent er the following command. PowerConnect#show [...]
-
Страница 1130
1088 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Displaying BGP4 information 30 Displaying route flap dampening statistics T o display r oute dampening statistics or all the dampened rout es, enter the f ollowing command at any le vel of the CLI. Syntax: show ip bgp flap-statistics [ regular -expression <regular -expression> |[...]
-
Страница 1131
PowerConnect B-Series FCX Configuration Guide 1089 53-1002266-01 Displaying BGP4 informatio n 30 Y ou also can display all the dampened rout es by ente ring the following command. show ip bgp dam pened-paths . Displaying the active route map configuration T o view the de vice active r oute map configur ation (contained in the running-config) withou[...]
-
Страница 1132
1090 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Updating route information and resetting a neighbor session 30 This example sho ws the active configuration f or a rout e map called “setcomm“. Syntax: show rout e-map [ <map-name> ] Displaying BGP4 graceful restart neighbor information Use the show ip bgp neighbors command [...]
-
Страница 1133
PowerConnect B-Series FCX Configuration Guide 1091 53-1002266-01 Updating route information and reset ting a neighbor session 30 Using soft reconfiguration The sof t reconfiguratio n feature places policy changes into effect wi thout resetting the B GP4 session. Soft reconfiguration does not requ est the ne ighbor or group to send its entire BGP4 t[...]
-
Страница 1134
1092 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Updating route information and resetting a neighbor session 30 NOTE If you do not specify “in”, the command appl ies t o both inbound and outbound updates. NOTE The syntax related to soft reco nfiguration is shown. F or complete command syntax, ref er to “Dynamically refreshing [...]
-
Страница 1135
PowerConnect B-Series FCX Configuration Guide 1093 53-1002266-01 Updating route information and reset ting a neighbor session 30 Syntax: show ip bgp neighbors <ip-addr> receiv ed-routes [ de tail ] The detail paramete r displays detailed inf ormation for the r outes. The e xample abov e shows summary informatio n. NOTE The syntax for displa y[...]
-
Страница 1136
1094 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Updating route information and resetting a neighbor session 30 NOTE The option f or dynamically refreshing rout es rece ived fr om a neighbor requires the neighbor to suppor t dynamic ro ute refresh. If the neighbor doe s not support this feature, the optio n does not take eff ect and[...]
-
Страница 1137
PowerConnect B-Series FCX Configuration Guide 1095 53-1002266-01 Updating route information and reset ting a neighbor session 30 T o dynamically rese nd all the Lay er 3 Switch BGP4 rout es to a n ei gh bo r , enter a command such as the fo llowing. PowerConnect(config-bgp-router)#clear ip bgp neighbor 192.168.1.170 soft out This command applies it[...]
-
Страница 1138
1096 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Updating route information and resetting a neighbor session 30 Closing or resetting a neighbor session Y ou can close a ne ighbor session or rese nd rout e updates t o a neighbor . If you mak e chan ges to filt ers or route maps and the neighbor does not suppor t dynamic rout e refres[...]
-
Страница 1139
PowerConnect B-Series FCX Configuration Guide 1097 53-1002266-01 Clearing traffic counters 30 Switch sends updates to advertise, change, or e ven withdraw r outes on the neighbor as needed. This ensures that the neighbor rece ives on ly the r outes you w ant it to contain. Ev en if the neighbor already contains a rout e learned fr om the L ayer 3 S[...]
-
Страница 1140
1098 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Clearing route flap dampening statistics 30 Syntax: clear ip bgp neighbor all | <ip-addr> | <peer-gr oup-name> | <as-num> traf fic The all | <ip-ad dr> | <pee r -group-n ame> | <as-num> option specifies the neighbo r . The <ip-addr> parameter [...]
-
Страница 1141
PowerConnect B-Series FCX Configuration Guide 1099 53-1002266-01 Clearing diagnostic buffers 30 • The first 400 bytes of the la st packet that contained an error • The last NO TIFICA TION message either sent or receiv ed by the La yer 3 Switch T o display these buffers, use options with the show ip bgp neighbors command. Ref er to “Displaying[...]
-
Страница 1142
1100 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Clearing diagnostic buffers 30[...]
-
Страница 1143
PowerConnect B-Series FCX Configuration Guide 1101 53-1002266-01 Chapter 31 Configuring VRRP and VRRPE Ta b l e 1 9 3 lists the individual Dell Po werConnect swit ches and the VRRP and VRRPE fe atures they suppor t. This chapter describes ho w to configure La yer 3 Switches with the f ollowing route r redundancy pro tocols: • Vir tual Rout er Red[...]
-
Страница 1144
1102 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Overview 31 Overview of VRRP VRRP is a pro tocol that pro vides redundancy to ro uters within a LAN. VRRP allo ws you to pr ovide alternat e router paths f or a host without changing the IP address or MAC ad dress by which the host knows its gate way . Consider the situation shown in [...]
-
Страница 1145
PowerConnect B-Series FCX Configuration Guide 1103 53-1002266-01 Overview 31 FIGURE 1 5 1 Switch 1 and Switch 2 are configured as a VRRP vir tual router for redundant network access for Host1 The dashed box in Figure 1 5 1 represents a VRRP vir tual ro uter . When you configure a vir tual rout er , one of the configuration paramet ers is the vir tu[...]
-
Страница 1146
1104 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Overview 31 When you configure a VRID, the software automati cally as signs its MAC address. When a V RID becomes active, the Mast er router br oadcasts a gratuitous ARP request containing the vir tual rout er MAC add ress for each IP ad dress associated with the vir tual r outer . In[...]
-
Страница 1147
PowerConnect B-Series FCX Configuration Guide 1105 53-1002266-01 Overview 31 Hello messages VRRP routers use Hello messages for negotiation t o determine the Master rout er . VRRP rout ers send Hello messages to IP Multicast address 22 4. 0.0. 18. The frequency wit h which the Master sends Hello messages is the Hello Inter val. Only the Master send[...]
-
Страница 1148
1106 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Overview 31 In Figure 15 1 on page 11 03, the track priority results in Switch 1 VRRP priority becoming low er than Switch 2 VRRP priority . As a result, when Swit ch 2 learns that it now has a higher priority than Switch 1, Switch 2 initiates negotiation for Mast er router and become[...]
-
Страница 1149
PowerConnect B-Series FCX Configuration Guide 1107 53-1002266-01 Overview 31 • VRRPE does not use Owners. All routers are Backups f or a given VRID. The r outer with the highest priority becomes Master . If there is a tie for highest priority , the router with the highest IP address becomes Mast er . The elec t ed Master owns the virtual IP addre[...]
-
Страница 1150
1108 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Overview 31 FIGURE 1 52 Rout er1 and Router2 are configured t o pr ovide dual redundant netw ork access for the host In this ex ample, Switch 1 and Sw itch 2 use VRRPE to load share as well as pr ovide redundancy to the hosts. The load sharing is accomplished by creating two VRRPE gro[...]
-
Страница 1151
PowerConnect B-Series FCX Configuration Guide 1109 53-1002266-01 Comparison of VRRP and VR RPE 31 Configuration note VRRP-E is suppor ted in the ed ge Layer 3 and full La ye r 3 code only . It is not supported in the base Layer 3 code. Comparison of VRRP and VRRPE This section compares r outer redundancy pr otoc ols. VRRP VRRP is a standards-based [...]
-
Страница 1152
1110 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 VRRP and VRRPE parameters 31 Virtual router IP address (the address you are backing up) • VRRP – The virtual router IP address is the same as an IP address or vir tual interface configured on one of the Layer 3 Switches, which is the “Owner” and becomes the def ault Master . ?[...]
-
Страница 1153
PowerConnect B-Series FCX Configuration Guide 1111 53-1002266-01 VRRP and VRRPE parameters 31 VRID MA C address The source MA C address in VRRP or VRRPE packet s sent from the VRID int er face, and the destination f or packets sent to the VRID: • VRRP – A vir tual MAC addr ess def ined as 00-00-5e-00-0 1- <vrid> . The Mas ter owns the Vir[...]
-
Страница 1154
1112 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 VRRP and VRRPE parameters 31 Dead interval The numbe r of seconds a Backup w aits for a Hello message fr om the Maste r for the VRID bef ore determining that the Mast er is no longer active. If the Maste r does not send a Hello message bef ore the dead inte r val expires, the Back ups[...]
-
Страница 1155
PowerConnect B-Series FCX Configuration Guide 1113 53-1002266-01 Configuring basic VRRP parameters 31 Configuring basic VRRP parameters T o implement a simple V RRP configuration u sing all the default v alues, enter commands such as the fo llowing. Configuring the Owner Router1(config)#router vrrp Router1(config)#inter e 1/6 Router1(config-if-1/6)[...]
-
Страница 1156
1114 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Note regarding disabling VRRP or VRRPE 31 NOTE Yo u a l s o c a n u s e t h e enable command t o activate the configuration. This command does the same thing as the activate command. Configuration rules for VRRPE • The interfaces of all routers in a VRID must be in the same IP subne[...]
-
Страница 1157
PowerConnect B-Series FCX Configuration Guide 1115 53-1002266-01 Configuring additional VRRP and VRRPE parameters 31 • Backup priority • Suppression of RIP adv er t isements on Ba ck up routes f or the back ed up int er face • Hello interval • Dead int er val • Backup Hello messages and messag e timer (Backup adv er tisement) • Tr a c k[...]
-
Страница 1158
1116 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring additional VRRP and VRRPE parameters 31 The parameter v alues are the same as for VRRP . Router type A VRRP interface is either an Owner or a Backup f or a given VRID. By default, the Owner becomes the Master f ollowing the negotiation. A B ackup becomes the Mast er only i[...]
-
Страница 1159
PowerConnect B-Series FCX Configuration Guide 1117 53-1002266-01 Configuring additional VRRP and VRRPE parameters 31 Syntax: back up [ priority <value> ] [ track-priority <value> ] The priority <value> parameter specifies the VRRP priority f or this inter face and VRID. Y ou can specify a value fr om 3 – 254. The def ault is 100[...]
-
Страница 1160
1118 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring additional VRRP and VRRPE parameters 31 Dead interval The Dead int er val is the number of seconds a Ba ckup waits f or a Hello message from the Master before determining that the Mast er is dead. When Back ups determine that the Mast er is dead, the Backup with the highes[...]
-
Страница 1161
PowerConnect B-Series FCX Configuration Guide 1119 53-1002266-01 Configuring additional VRRP and VRRPE parameters 31 Syntax: track-port ethernet [ <slo tnum>/ ] <por tnum > | ve <num> The syntax is the same f or VRRP and VRRPE. Track priority When you configure a VRID t o track the link state of other inter faces, if one of the tr[...]
-
Страница 1162
1120 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring additional VRRP and VRRPE parameters 31 Syntax: non-preempt-mode The syntax is the same f or VRRP and VRRPE. Changing the timer scale T o achiev e sub-se cond failo ver times, you can sh orten the duration of all scale timers f or VSRP , VRRP , and VRRP-E by adjusting the [...]
-
Страница 1163
PowerConnect B-Series FCX Configuration Guide 1121 53-1002266-01 Forcing a Master router to abdicate to a standby router 31 T o set the VRRP-E slow star t timer to 30 seconds, enter the following commands. PowerConnect(config)#router vrrp-e PowerConnect(config-vrrpe-router)#slow-start 30 Syntax: [ no ] slow-s tar t <seconds> For <seconds&g[...]
-
Страница 1164
1122 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Displaying VRRP and VRRPE information 31 mode owner priority 99 current priority 99 hello-interval 1 sec ip-address 192.53.5.1 backup routers 192.53.5.2 This exam ple shows that even though this Layer 3 Switch is the Owner of the VRID (“mode owner”), the Lay er 3 Switch priority f[...]
-
Страница 1165
PowerConnect B-Series FCX Configuration Guide 1123 53-1002266-01 Displaying VRRP and VRRPE information 31 The <por tnum> parameter specifies an Ethernet port. If you use this p arameter , the command displays VRRP or VRRPE inf ormation only for the specified por t. The ve <num> parameter specifies a vir tual inter face. If y ou use this[...]
-
Страница 1166
1124 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Displaying VRRP and VRRPE information 31 This exam ple is for a VRRP Owner . Here is an exam ple for a VRRP Back up. Here is an example f or a VRRPE Back u p. Syntax: show ip vrrp brief | ethern et [ <slo tnum> / ] <por tnum> | ve <num> | stat PowerConnect#show ip vr[...]
-
Страница 1167
PowerConnect B-Series FCX Configuration Guide 1125 53-1002266-01 Displaying VRRP and VRRPE information 31 Syntax: show ip vrrp-ex tended brief | ethernet [ <slotnum> /] <por tnum> | ve <nu m> | stat The brief parameter displa ys summary information. Ref er to “Displa ying sum mar y information” on page 1122. The <por tnum&g[...]
-
Страница 1168
1126 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Displaying VRRP and VRRPE information 31 priority The device pref erability f or becoming the Master f or the VRID. During negotiatio n, the router wit h the highest priority becomes the Mast er . If two or more de vices are tied with the highest priority , the Backup int er face with[...]
-
Страница 1169
PowerConnect B-Series FCX Configuration Guide 1127 53-1002266-01 Displaying VRRP and VRRPE information 31 Displaying detailed informat ion for an individual VRID Y ou can displa y informati on about the settings co nf igured for a specified VRRP Vir tual Router ID (VRID). F or example, to display info rmation about VRID 1. Syntax: show ip vrrp vrid[...]
-
Страница 1170
1128 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Displaying VRRP and VRRPE information 31 Displaying statistics T o display statistics on most Dell devices, ent er a command such as the follo wing at any le vel of the CLI. The same statistics are li st ed for VRRP and VRRPE. Syntax: show ip vrrp brief | ethern et [ <slo tnum> [...]
-
Страница 1171
PowerConnect B-Series FCX Configuration Guide 1129 53-1002266-01 Displaying VRRP and VRRPE information 31 Syntax: show ip vrrp-ex tended brief | ethernet [ <slotnum> /] <por tnum> | ve <nu m> | stat The brief parameter displa ys summary information. Ref er to “Displa ying sum mar y information” on page 1122. If you specify a p[...]
-
Страница 1172
1130 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Displaying VRRP and VRRPE information 31 Clearing VRRP or VRRPE statistics Use the f ollowing methods to cl ear VRRP or VR RPE statistics. T o clear VRRP or VRRPE statistics, enter the f ollo wing command at the Priv ileged EXEC lev el or any configuration level of the CLI. Router1#cl[...]
-
Страница 1173
PowerConnect B-Series FCX Configuration Guide 1131 53-1002266-01 Configuration examples 31 When you specify ho w many seconds’ worth of statistics you want to displa y , the sof tware selects the sample that most closely matches the number of seconds y ou specified. In this exam ple, statistics are request ed for the previous two second s. The cl[...]
-
Страница 1174
1132 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuration examples 31 The ip vrrp owner command specif ies that this router owns the IP address you are associating with the VRID. Because this r outer owns the IP address, this rout er is the default Master router and its VRRP priority is thus 255. Configuring Router2 T o configu[...]
-
Страница 1175
PowerConnect B-Series FCX Configuration Guide 1133 53-1002266-01 Configuration examples 31 Configuring Router1 T o configure VRRP Rout er1 in Fi gure 152 on page 11 08, enter the f ollowing commands. Router1(config)#router vrrp-extended Router1(config)#interface ethernet 1/6 Router1(config-if-1/6)#ip address 192.53.5.2/24 Router1(config-if-1/6)#ip [...]
-
Страница 1176
1134 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuration examples 31 NOTE When you configure a Backup r outer , the rout er interface on which you are configuring the VRID mus t have a rea l IP ad dre ss t ha t is in t he s ame subnet as the address associat ed with the VRID by the Owner . Howe ver , the address cannot be the [...]
-
Страница 1177
PowerConnect B-Series FCX Configuration Guide 1135 53-1002266-01 Chapter 32 Securing Access to Management Functions Ta b l e 1 9 9 lists the individual Dell Po werConne ct switches and the se curity access f eatures they suppor t.. This chapter e xplains how to secure access t o management functions on a Dell Po werConnect devic e. NOTE For all Del[...]
-
Страница 1178
1136 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Securing access methods 32 TA B L E 2 0 0 Wa ys to secure management access to Dell P owerConnect de vices Access method How the access method is secured by default Ways to secure the access method See page Serial access t o the CLI Not secured Establish passw ords for manag ement pri[...]
-
Страница 1179
PowerConnect B-Series FCX Configuration Guide 1137 53-1002266-01 Restricting remote access to management functions 32 Restricting remote access to management functions Y ou can restrict acce ss to management functions fr om remote sources, including T elnet, the Web Management Interface, and SNMP . The following methods for restricting remot e acce[...]
-
Страница 1180
1138 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Restricting remote access to management functions 32 • Using ACLs t o restrict T elnet, Web Manag ement Inter face, or SNMP access • Allowing remo te access only fr om specific IP addresses • Allowing T elnet and SSH access on ly fr om specific MAC addresses • All ow ing re mo[...]
-
Страница 1181
PowerConnect B-Series FCX Configuration Guide 1139 53-1002266-01 Restricting remote access to management functions 32 Example PowerConnect(config)#access-list 10 permit host 209.157.22.32 PowerConnect(config)#access-list 10 permit 209.157.23.0 0.0.0.255 PowerConnect(config)#access-list 10 permit 209.157.24.0 0.0.0.255 PowerConnect(config)#access-li[...]
-
Страница 1182
1140 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Restricting remote access to management functions 32 Using ACLs to res trict SNMP access T o restrict SNMP access to the device usin g ACLs, ent er commands such as the follo wing. NOTE The syntax for using A CLs for SNMP access is diff erent fr om the syntax for contr olling T elnet,[...]
-
Страница 1183
PowerConnect B-Series FCX Configuration Guide 1141 53-1002266-01 Restricting remote access to management functions 32 NOTE In RADIUS, the standard attribute Idle- Timeout is used to defin e the console s ession timeo ut value. The attribute Idle- Timeout value is specified in se conds. Within the switch, it is tru ncated to the nearest minute, beca[...]
-
Страница 1184
1142 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Restricting remote access to management functions 32 Restricting SNMP access to a specific IP address T o allow SNMP access (which includes Br ocade Ne twork Advisor) t o the Dell Pow erConnect device only to the host with IP address 209. 15 7 .22. 14, enter the f ollowing command. Po[...]
-
Страница 1185
PowerConnect B-Series FCX Configuration Guide 1143 53-1002266-01 Restricting remote access to management functions 32 T o allow SSH access to the Dell Po werConnect de vice to a host with an y IP address and MA C address 000 7 .e90f.e9a0, ente r the following command. PowerConnect(config)#ip ssh client any 0007.e90f.e9a0 Syntax: [ no ] ip ssh clien[...]
-
Страница 1186
1144 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Restricting remote access to management functions 32 Specifying the maximum nu mber of login attempts for Telnet access If you are co nnecting to the de vice using T eln et, the devic e pro mpts you for a username and password. By default, y ou have up to 4 chances to enter a correct [...]
-
Страница 1187
PowerConnect B-Series FCX Configuration Guide 1145 53-1002266-01 Restricting remote access to management functions 32 The command in this example conf igures the de vice to allo w T elnet management access only t o clients connected t o por t s within por t-based VLAN 1 0. Clients connected t o por ts that are not in VLAN 1 0 are denied management [...]
-
Страница 1188
1146 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Restricting remote access to management functions 32 Y ou also can configure up to five def ault gatewa ys for the designated VL AN, and associate a metric with each one. The sof tware uses the ga te way with the lowest metric. The other gat ewa ys reside in the configuration but are [...]
-
Страница 1189
PowerConnect B-Series FCX Configuration Guide 1147 53-1002266-01 Restricting remote access to management functions 32 The zeroize paramet er deletes the currently operative dsa key pair . In addition, you must use AAA authentication to creat e a password t o allow SSHv2 access. F o r exam ple the following command configures AAA auth entication to [...]
-
Страница 1190
1148 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Restricting remote access to management functions 32 Disabling specific access methods Y ou can specifically disable the follo wing access methods: • Te l n e t a c c e s s • Web management access • SNMP access • TFTP NOTE If you disable T elnet access, you will not be able to[...]
-
Страница 1191
PowerConnect B-Series FCX Configuration Guide 1149 53-1002266-01 Setting passwords 32 Disabling SNMP access SNMP is requir ed if you want t o manage a Dell PowerConnect device using Brocade Netw ork Adv is or . T o disable SNMP management of the de vice. PowerConnect(config)#no snmp-server T o later re-enable SNMP management of the device. PowerCon[...]
-
Страница 1192
1150 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Setting passwords 32 Set the passwor d “letmein” fo r T elnet access t o the CLI using the f ollowing com mand at the global CONFIG lev el. PowerConnect(config)#enable telnet password letmein Syntax: [ no ] enable telnet password <s tring> Suppressing Telnet conn ection reje[...]
-
Страница 1193
PowerConnect B-Series FCX Configuration Guide 1151 53-1002266-01 Setting passwords 32 PowerConnect#configure terminal PowerConnect(config)# 3. Enter the following command t o set the Su per User lev el password. PowerConnect(config)#enable super-user-password <text> NOTE Y ou must set the Su per User lev el password bef ore you can set other [...]
-
Страница 1194
1152 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Setting passwords 32 In this co mmand, configure specifies that the enhanced access is f or a command at the global CONFIG lev el of the CLI. The level 4 paramet er indicates that the enhanced access is for management privilege level 4 (P or t Conf iguration). All user s with Port Con[...]
-
Страница 1195
PowerConnect B-Series FCX Configuration Guide 1153 53-1002266-01 Setting passwords 32 1. Star t a CLI session over the serial int er face to the device. 2. Reboot th e device. 3. At the initial boot prom pt at system star tup, enter b to ent er the boot monitor mode. 4. Enter no passwor d at the prompt . (Y ou cannot abbre viate this command.) Thi [...]
-
Страница 1196
1154 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Setting u p local user acco unts 32 PowerConnect(config)#enable password-min-length 8 Syntax: enable password-min-length <number -of-charact er s> The <number -of-charact er s> can be from 1 – 48. Setting up local user accounts Y ou can define up to 1 6 local user accoun[...]
-
Страница 1197
PowerConnect B-Series FCX Configuration Guide 1155 53-1002266-01 Setting up local user accounts 32 • Users are lock ed out (disabled) if they f ail to lo gin af ter three att empts. This fe ature is automatically enabled. Use the disable-on-login-failure command to change the number of login attem pts (up to 1 0) before users are locked out. The [...]
-
Страница 1198
1156 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Setting u p local user acco unts 32 Enabling user password masking By default, when y ou use the CLI t o create a user password, the passw ord displa ys on the console as you type it. For enhanced securit y , you can conf igure the Dell Pow erConnect device to mask the passwor d chara[...]
-
Страница 1199
PowerConnect B-Series FCX Configuration Guide 1157 53-1002266-01 Setting up local user accounts 32 • The username password expires When a username set-time configuration is removed, it no longer appears in the sho w running configuratio n output. Note that if a username does not ha ve an assigned password, the username will not hav e a set-time c[...]
-
Страница 1200
1158 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Setting u p local user acco unts 32 Setting passwords to expire Y ou can set a user passw ord to e xpire. Once a pa sswor d expires, the administrator must assign a new passw ord to the user . T o configure a user passwor d to e xpire, enter the f ollowing. PowerConnect(config)#userna[...]
-
Страница 1201
PowerConnect B-Series FCX Configuration Guide 1159 53-1002266-01 Setting up local user accounts 32 Local user accounts with unencrypted passwords If you want t o use unencr ypted passwords f or lo cal user acc ounts, enter a command such as the following at the g lobal CONF IG level of the CLI . PowerConnect(config)#username wonka password willy If[...]
-
Страница 1202
1160 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Setting u p local user acco unts 32 Local accounts with encrypted passwords Y ou can create loc al user accounts with MD5 encrypted passw ords using one of the f ollowing methods: • Issuing the ser vice password-encryption command af ter creating the local user acc ount with a usern[...]
-
Страница 1203
PowerConnect B-Series FCX Configuration Guide 1161 53-1002266-01 Configuring SSL security for the Web Management I nterface 32 Changing a local user password T o change a local user passw ord fo r an existing local user account, ent er a command such as the following at the g lobal CONF IG level of the CLI . NOTE Y ou must be logged on with Super U[...]
-
Страница 1204
1162 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring SSL security for the Web Mana gement Interface 32 PowerConnect(config)#web-management https Syntax: [ no ] web-management http | https Y ou can enable either the HTTP or HTT Ps ser ver s with this command. Y ou can disable both the HTTP and HTTPs ser vers b y entering the [...]
-
Страница 1205
PowerConnect B-Series FCX Configuration Guide 1163 53-1002266-01 Configuring TACA CS/TACACS+ security 32 If you w ant to allow the Dell PowerCo n nect de vice to create the digital cer tificates, ref er to the ne xt section, “Generating an SSL cer tifica te” . If you choose to impor t an RS A cer tif icate and private k ey file from a client, y[...]
-
Страница 1206
1164 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring TACACS/TACACS+ security 32 NOTE Y ou cannot authenticate Brocade Netw ork Advisor (SNMP) access to a De ll Po werConnect device using T ACA CS/T ACA CS+. The T ACA CS and T A CACS+ pr otocols define ho w au thentication, authorization, and accounting information is sent be[...]
-
Страница 1207
PowerConnect B-Series FCX Configuration Guide 1165 53-1002266-01 Configuring TACA CS/TACACS+ security 32 Configuring TACACS/TACACS+ fo r devices in a Dell IronStack Because devices opera ting in a Dell IronStack topology present multiple co nsole por ts, you must take additio nal steps to se cure these por ts when configuring T ACACS /T ACA CS+. Th[...]
-
Страница 1208
1166 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring TACACS/TACACS+ security 32 6 closed SSH connections: 1 closed 2 closed 3 closed 4 closed 5 closed stack9# stack9#show telnet Console connections (by unit number): 1 established you are connecting to this session 1 minutes 5 seconds in idle 2 established 1 hours 4 minutes 1[...]
-
Страница 1209
PowerConnect B-Series FCX Configuration Guide 1167 53-1002266-01 Configuring TACA CS/TACACS+ security 32 TACACS+ authentication When T ACA CS+ authentication takes place, the follo w ing e vents occur . 1. A user attempts t o gain access to the Dell P owerConnect de vice by doing one of the following: • Logging into the de vice using T elnet, SSH[...]
-
Страница 1210
1168 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring TACACS/TACACS+ security 32 TACACS+ accounting T ACA CS+ accounting works as f ollows. 1. One of the f ollowing ev ents occur on the Dell P owerConnect de vice: • A user logs into the manage ment inter face using T elnet or SSH • A user enters a command f o r whic h acc[...]
-
Страница 1211
PowerConnect B-Series FCX Configuration Guide 1169 53-1002266-01 Configuring TACA CS/TACACS+ security 32 AAA security for commands past ed into the running-config If AAA security is enabled on the de vice, comman ds pasted int o the running-config are subject to the same AAA operations as if they we re entered manually . When you past e commands in[...]
-
Страница 1212
1170 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring TACACS/TACACS+ security 32 • Y ou can configure the Dell Po werConnect de vice to authenticate using a T A CACS or T ACA CS+ server , not both. TACACS configuration procedure Follo w the procedure giv en below for T ACA CS configuration s. 1. Identify T ACA CS ser vers. [...]
-
Страница 1213
PowerConnect B-Series FCX Configuration Guide 1171 53-1002266-01 Configuring TACA CS/TACACS+ security 32 Syntax: tacacs-ser ver host <ip-addr> | <ipv6-addr> | <hostname> [ auth-por t <number > ] The <ip-addr> | <ipv6-addr> | <hos tname> paramet er specifies the IP address or host name of the server . Y ou c[...]
-
Страница 1214
1172 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring TACACS/TACACS+ security 32 Af ter authentication tak es place, the ser ver that per formed the authenticat ion is used f o r authorization and accounting. If the authenticating server cannot perform the req uested function, then the next server in the configured list of se[...]
-
Страница 1215
PowerConnect B-Series FCX Configuration Guide 1173 53-1002266-01 Configuring TACA CS/TACACS+ security 32 Setting the retransmission limit The retransmit parameter specifies ho w many times the De ll P owerConnect device will resend an authentication request when the T ACA CS/T A CACS+ server does not respon d. The retransmit limit can be from 1 –[...]
-
Страница 1216
1174 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring TACACS/TACACS+ security 32 The command abo ve causes T ACA CS/T AC ACS+ to be the primar y authenticati on method f or securing access to Privileged EXEC le vel and CO NFIG lev els of the CLI. If T ACA CS/T ACA CS+ authentication fails due to an error with the ser v er , l[...]
-
Страница 1217
PowerConnect B-Series FCX Configuration Guide 1175 53-1002266-01 Configuring TACA CS/TACACS+ security 32 PowerConnect(config)#aaa authentication login privilege-mode Syntax: aaa authentication login privilege-mode The user privilege level is based on the privilege le vel granted during login. Configuring enable authentication to prompt for password[...]
-
Страница 1218
1176 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring TACACS/TACACS+ security 32 A user privilege le vel is obtained fr om the T ACA CS+ server in the “foundry-privlvl” A -V pair . If the aaa authorization ex ec default tacacs command e xists in the configuration, the device assigns the use r the privilege level specified[...]
-
Страница 1219
PowerConnect B-Series FCX Configuration Guide 1177 53-1002266-01 Configuring TACA CS/TACACS+ security 32 service = exec { privlvl = 15 } } The attribute name in the A -V pair is not significa n t; the Dell Po werConnect devic e uses the last one that has a numeric value. How ever , the Dell Po werConnect device int erprets the value f or a non-”f[...]
-
Страница 1220
1178 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring TACACS/TACACS+ security 32 • 0 – Authorization is per formed fo r commands a vailable at the Su per User le vel (all commands) • 4 – A uthorization is performed f or commands a vailable at the Port Conf iguration lev el (por t-config and read-only commands) • 5 ?[...]
-
Страница 1221
PowerConnect B-Series FCX Configuration Guide 1179 53-1002266-01 Configuring TACA CS/TACACS+ security 32 Configuring TACACS+ acco unting for CLI commands Y ou can configure T ACA CS+ accounting f or CLI co mmands by specifying a privilege le vel whose commands require accountin g. For e xample , to co nfigure the Dell Po werConnect device t o per f[...]
-
Страница 1222
1180 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring TACACS/TACACS+ security 32 Displaying TACACS/TAC ACS+ statistics and configuration information The show aaa command displays inf ormation about all T A CA CS+ and RADIUS ser vers identified on the device. The f ollowing table describes the T ACA CS/T ACA CS+ information di[...]
-
Страница 1223
PowerConnect B-Series FCX Configuration Guide 1181 53-1002266-01 Configuring RADIUS security 32 Example Syntax: show w eb connection Use the f ollowing command to clear w eb connections: PowerConnect#clear web-connection Syntax: clear web connection Af ter issuing the clear w eb connection command, the show web connection command displa ys the foll[...]
-
Страница 1224
1182 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring RADIUS securi ty 32 2. The user is pr ompted f or a username and passwor d. 3. The user enters a usern ame and password. 4. The Dell Po werConnect device sends a RADI US Access-Request packet containing the username and passwor d to the RADIUS server . 5. The RADIUS server[...]
-
Страница 1225
PowerConnect B-Series FCX Configuration Guide 1183 53-1002266-01 Configuring RADIUS security 32 1. One of the f ollowing ev ents occur on the Dell P owerConnect de vice: • A user logs into the manage ment inter face using T elnet or SSH • A user enters a command f o r whic h accounting has been co nfigured • A system e vent occurs, such as a [...]
-
Страница 1226
1184 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring RADIUS securi ty 32 AAA security for commands past ed Into the running-config If AAA security is enabled on the de vice, comman ds pasted int o the running-config are subject to the same AAA operations as if they we re entered manually . When you past e commands into the r[...]
-
Страница 1227
PowerConnect B-Series FCX Configuration Guide 1185 53-1002266-01 Configuring RADIUS security 32 • Y ou can map up to eight RADIUS ser vers to ea ch por t on the Dell Po werConnect device. The por t will authenticate users using only the RADIUS se r vers to which it is mapped. I f there are no RADIUS servers mapped t o a por t, it will us e the ?[...]
-
Страница 1228
1186 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring RADIUS securi ty 32 Y ou must add these three Dell vendor -specific attrib utes to y our RADIUS ser ver configuration, and configure the attributes in the in dividual or gr oup profiles of the users that will access the Dell PowerC on nec t d evic e. Dell V endor-ID is 199[...]
-
Страница 1229
PowerConnect B-Series FCX Configuration Guide 1187 53-1002266-01 Configuring RADIUS security 32 Enabling SNMP to configure RADIUS T o enable SNMP access to RADIUS MIB objects on the device , enter a command such as the following. PowerConnect(config)#enable snmp config-radius foundry -access -list 5 string Specifi es the access control list t o be [...]
-
Страница 1230
1188 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring RADIUS securi ty 32 Syntax: [ no ] enable snmp <config-radius | config-tacacs> The <config-radius> parameter specifies the RADIUS config uration mode. RADIUS is disabl ed by default. The <config-tacacs> parameter specifies the T ACA CS configuratio n mode[...]
-
Страница 1231
PowerConnect B-Series FCX Configuration Guide 1189 53-1002266-01 Configuring RADIUS security 32 Configuring a RADIUS server per port Y ou can optionally configure a RADIUS server per por t , indicating that it will be used only t o authenticate users on po r ts to which it is mapped. A RA DIUS ser ver that is not explicitly configured as a RADIUS s[...]
-
Страница 1232
1190 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring RADIUS securi ty 32 Mapping a RADIUS server to individual ports Y ou can map up to eight RAD IUS ser vers t o each por t on the Dell Po werConnect device. The por t will authenticate users using only the RADIUS server s to which the por t is mapped. If there are no RADIUS [...]
-
Страница 1233
PowerConnect B-Series FCX Configuration Guide 1191 53-1002266-01 Configuring RADIUS security 32 PowerConnect(config)#radius-server key mirabeau Syntax: radius-ser ver k ey [ 0 | 1 ] <string> When you displa y the configuration of the Dell P owe rConnect d evice, the RADIUS k ey is encr ypted. Example PowerConnect(config)#radius-server key 1 a[...]
-
Страница 1234
1192 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring RADIUS securi ty 32 Configuring authentication-method lists for RADIUS Y ou can use RADIUS to authenticate T elnet/SSH ac cess and access t o Privileged EXEC lev el and CONFIG lev els of the CLI. When config uring RADI US authentication, you creat e authentication-method l[...]
-
Страница 1235
PowerConnect B-Series FCX Configuration Guide 1193 53-1002266-01 Configuring RADIUS security 32 NOTE For e xamples of how t o define authen tication-method lists for types of authentication other than RADIUS, refer t o “Configuring authentication-method lists” on page 1 198. Entering privileged EXEC mode after a Telnet or SSH login By default, [...]
-
Страница 1236
1194 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring RADIUS securi ty 32 Configuring RADIUS authorization Dell Po werConnect de vices suppor t RADIUS author ization f or controlling access t o managem ent functions in the CLI. T wo kinds of RADIUS authorization are suppor ted: • Exec authorization de termines a user privil[...]
-
Страница 1237
PowerConnect B-Series FCX Configuration Guide 1195 53-1002266-01 Configuring RADIUS security 32 • 5 – A uthorization is performed f or commands a v ailable at the R ead Only lev el (read-only commands) NOTE RADIUS command authorization can be per formed only f or commands ent ered from T elnet or SSH sessions, or from the consol e. No authoriza[...]
-
Страница 1238
1196 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring RADIUS securi ty 32 Configuring RADIUS accounting for CLI commands Y ou can configure RADIUS accounting f or CLI commands by specifying a privilege lev el whose commands require accountin g. For e xample , to co nfigure the Dell Po werConnect device t o per form RADIUS acc[...]
-
Страница 1239
PowerConnect B-Series FCX Configuration Guide 1197 53-1002266-01 Configuring RADIUS security 32 Example The f ollowing table describes the RADIUS inf ormation display ed by the show aaa command. The sh ow web co nn ec t io n command displays the privilege lev el of Web Management Int er face users. Example Syntax: show w eb connection Use the f oll[...]
-
Страница 1240
1198 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring authentication-m ethod lists 32 PowerConnect#clear web-connection Syntax: clear web connection Af ter issuing the clear w eb connection command, the show web connection command displa ys the follo win g output: Configuring authentication-method lists T o implement on e or [...]
-
Страница 1241
PowerConnect B-Series FCX Configuration Guide 1199 53-1002266-01 Configuring authentication-m ethod lists 32 NOTE If an authentication method is working properly and the password (and user name, if applic able) is not known t o that method, this is not an err or . The authentication attempt stops, and the user is denied access. The sof tware will c[...]
-
Страница 1242
1200 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring authentication-m ethod lists 32 This command con figures th e device to use the loca l user accounts to authenticate access to the devic e through the W eb Management Inter face. If the device does not ha ve a user account that matches the user name and passw ord ent ered [...]
-
Страница 1243
PowerConnect B-Series FCX Configuration Guide 1201 53-1002266-01 TCP Flags - edge port security 32 NOTE T ACA CS/T ACA CS+ and RADIUS are suppor ted only with the enable and login parameters. The <method1> paramet er specifies the primar y authenti cation method. The remaining optio nal <method> parameters specify additional methods t o[...]
-
Страница 1244
1202 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 TCP Flags - edge port security 32 • Match-all - Indicates that incoming TCP traffic must be matched against all of the T CP flags configured as part of the match-all ACL rule. In CAM hardware, ther e will be only one ACL rule for all conf igured flags. Example PowerConnect(config-ex[...]
-
Страница 1245
PowerConnect B-Series FCX Configuration Guide 1203 53-1002266-01 Chapter 33 Configuring SSH2 and SCP Ta b l e 2 0 8 lists individual Dell PowerCo n nect switches and the SSH2 and Secure Copy features they support. SSH version 2 support Secure Shell (SSH) is a mechanis m for allowing s ecure remot e access to management functions on a Dell Po werCon[...]
-
Страница 1246
1204 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 SSH version 2 support 33 • SSH Fingerprint F ormat • SSH Pr otocol Assigned Numbers • SSH T ranspor t Layer Encryption Modes • SCP/SFTP/SSH URI F ormat Tested SSH2 clients The follo wing SSH clients ha ve been test ed with SSH2: • SSH Secure Shell 3.2. 3 • V an Dy k e Sec [...]
-
Страница 1247
PowerConnect B-Series FCX Configuration Guide 1205 53-1002266-01 AES encryption for SSH2 33 AES encryption for SSH2 Encr yption is pro vided wit h 3des-cbc , aes128-cbc , aes192-cbc or aes256-cbc . AES encr yption has been adopted b y the U.S. Go vernment as an encryption standard. A total of five SSH connections can be active on a Dell Po werConne[...]
-
Страница 1248
1206 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring SSH2 33 • Passwor d authentication , where users attempting t o gain access to the device using an SSH client are authenticated with passwords stored on the device or o n a T ACA CS/T ACA CS+ or RADIUS server Both kinds of user authentication are enabled by default. Y ou[...]
-
Страница 1249
PowerConnect B-Series FCX Configuration Guide 1207 53-1002266-01 Configuring SSH2 33 When a host ke y pair is generated, it is sav ed t o the flash memor y of all management modules. T o disable SSH2 on a Dell Po werConnect device , enter the fo llowing command. PowerConnect(config)#crypto key zeroize When SSH is disabled, it is delet ed from th e [...]
-
Страница 1250
1208 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring SSH2 33 1. The client sends its public key t o the Dell PowerConnect de vice. 2. The Brocade device compares the client public k ey t o those stored in memory. 3. If there is a match, the Dell P owerConnect de vice uses the public k ey to encr ypt a random sequence of b yt[...]
-
Страница 1251
PowerConnect B-Series FCX Configuration Guide 1209 53-1002266-01 Setting optional parameters 33 The <filename> variable is the name of the dsa public key file that you want to impor t into the Dell PowerC on nec t d evic e. The remov e parameter delet es the key fr om the system. T o display the c u rrently loaded publ ic ke ys, enter the f o[...]
-
Страница 1252
1210 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Setting opti onal parameters 33 • A specific interface t o be used as the source f or all SSH traf fic from the d evice • The maximum idle time for SSH sessions Setting the number of SSH authentication retries By default, the Dell Po werConnect device att empts to negotiat e a con[...]
-
Страница 1253
PowerConnect B-Series FCX Configuration Guide 1211 53-1002266-01 Setting optional parameters 33 T o enable empty passwor d logins, enter the f ollowing co mmand. PowerConnect(config)#ip ssh permit-empty-passwd yes Syntax: ip ssh permit-empty-passwd no | ye s Setting the SSH port number By default, SSH traffic occurs on TC P por t 22. Y o u can chan[...]
-
Страница 1254
1212 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Filtering SSH access using ACLs 33 Filtering SSH access using ACLs Y ou can permit or deny SSH access t o the Dell Po we rC on ne ct dev ic e u si ng A C Ls. T o use ACLs, fir st create the ACLs y ou want to use. Y ou can specify a numbered standar d IPv4 AC L, a named standard IPv4 A[...]
-
Страница 1255
PowerConnect B-Series FCX Configuration Guide 1213 53-1002266-01 Using Secure copy with SSH2 33 Example Syntax: show who [ begin <expression> | e xclude <expression> | include <expres sion> ] Using Secure copy with SSH2 Secure Copy (SCP) uses security built into SSH to transfer image and configuration f iles to and from the device[...]
-
Страница 1256
1214 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Using Secure copy with SSH2 33 Configuration notes • When using SCP , enter the scp commands on the SCP-enabled client, rather than the console on the Dell PowerConnect device. • Cer tain SCP client options, including -p and -r , are ignored by the SCP server on the Dell de vice. [...]
-
Страница 1257
PowerConnect B-Series FCX Configuration Guide 1215 53-1002266-01 Using Secure copy with SSH2 33 Copying a software imag e file to flash memory PowerConnect B-Series FCX Devices T o copy a software image file fr om an SCP-enabled client t o the primar y flash on an Pow erConnect B-Series FCX de vice, enter one of the f ollowing commands. C:> scp[...]
-
Страница 1258
1216 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Using Secure copy with SSH2 33[...]
-
Страница 1259
PowerConnect B-Series FCX Configuration Guide 1217 53-1002266-01 Chapter 34 Configuring 802.1X Port Security T a b l e 210 lists individual Dell Pow erConnect switches and the 802.1X port security features the y suppor t. IETF RFC support Dell Po werConnect de vices suppor t the IEEE 802. 1X standard f or authenticating devices attached to LAN port[...]
-
Страница 1260
1218 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 How 802.1X port security works 34 How 802.1X port security works This section explains the basic concepts behind 80 2. 1X por t security , incl uding device r oles, how the devices c ommunicate, and the pr oced ure used for authenticating clients. NOTE 802. 1X Port Security cannot be [...]
-
Страница 1261
PowerConnect B-Series FCX Configuration Guide 1219 53-1002266-01 How 802.1X port security works 34 Client/Supplicant – The device that seeks t o gain access to the network. Clients must be running software that supports the 802. 1X standar d (for e xample, the Windo ws XP operating system). Clients can either be directly connect ed to a por t on [...]
-
Страница 1262
1220 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 How 802.1X port security works 34 FIGURE 1 55 Controlled and uncontrolled ports before and af ter client authentication Before a Client is authenticated, only the uncont rolled port on the Auth enticator is open. The uncontrolled por t allows only EAPOL frames to be e xchanged betw ee[...]
-
Страница 1263
PowerConnect B-Series FCX Configuration Guide 1221 53-1002266-01 How 802.1X port security works 34 FIGURE 1 56 Message exchange between client/supplic ant, authenticat or , and authentication server In this example, the A u thenticator (the P owerConnect switch) initiates commun ication with an 802. 1X-enabled Client. When the Client responds , it [...]
-
Страница 1264
1222 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 How 802.1X port security works 34 activities. Since EAP-TLS req uires PKI digi ta l cer tificates on both the clients and the authentication ser vers, the roll out, maintenance, and scalability of this authen tication method is much more complex than o ther methods. EAP-T LS is best f[...]
-
Страница 1265
PowerConnect B-Series FCX Configuration Guide 1223 53-1002266-01 How 802.1X port security works 34 EAP pass-through support EAP pass-through is supported on PowerCo nnect devices that ha ve 802. 1X enabled. EAP pass-through suppor t is fully complia nt with RFC 3 7 48, in which, by default, compliant pass-through authenticator im plementa tions for[...]
-
Страница 1266
1224 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 How 802.1X port security works 34 FIGURE 1 57 Multiple hosts connect ed to a single 802.1X-enabled por t If there are multiple hosts connect ed to a sing le 802. 1X-enabled por t, the Dell P owerConnect devic e authenticates each of them individually . Each host authentication status [...]
-
Страница 1267
PowerConnect B-Series FCX Configuration Guide 1225 53-1002266-01 How 802.1X port security works 34 5. If authentica tion f or the C lient is unsuccessful the fir st time, multiple attem pt s to authenticat e the client will be made as det ermined by the attem pts vari ab le i n th e auth-fail-max-attempts command. • Refe r to “Specifying the nu[...]
-
Страница 1268
1226 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 How 802.1X port security works 34 • Dynamic multipl e VLAN assignment f or 802. 1X por ts. R efer “Dynamic multiple VLAN assignment fo r 802. 1X por ts” on page 12 3 1. • Configure a restriction to f or ward auth e nticated and unauthenticated tagged and untagged clients to a [...]
-
Страница 1269
PowerConnect B-Series FCX Configuration Guide 1227 53-1002266-01 Configuring 802.1X port security 34 1. A RADIUS ser ver successfully authenticates an 802 .1X client. 2. If 802. 1X accounting is enabled, the Dell P o werConnect de vice sends an 802. 1X Accounting Star t packet to the RADIUS server , in dicating the star t of a new session. 3. The R[...]
-
Страница 1270
1228 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring 802.1X port security 34 Example PowerConnect(config)#aaa authentication dot1x default radius Syntax: [ no ] aaa authentication dot1x default <method-lis t> For t h e <method-list> , ent er at least one of the fo llowing authentication methods radius – Use the[...]
-
Страница 1271
PowerConnect B-Series FCX Configuration Guide 1229 53-1002266-01 Configuring 802.1X port security 34 • Session-Timeout (2 7) – RFC 286 5 • T ermination- Action (29) – RFC 2865 • Calling-Station-ID (3 1) – RFC 2865 • NAS-Port-T ype (61) š RFC 2865 • T unnel- T ype (64) – RFC 2868 • T unnel-Med ium- T ype (65) – RFC 28 68 • E[...]
-
Страница 1272
1230 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring 802.1X port security 34 The <seconds> paramet er specifies the number of second s the devic e will wait to re-authenticat e a user af ter a timeout. The minimum value is 1 0 seconds. The maximum value is 2 16 -1 (maximum unsigned 1 6-bit value). Deny user access to t[...]
-
Страница 1273
PowerConnect B-Series FCX Configuration Guide 1231 53-1002266-01 Configuring 802.1X port security 34 NOTE When a show run command is issued during a session, th e dynamically -assigned VLAN is not display ed. Enable 802. 1X VLAN ID suppor t by adding the foll owing attribut es to a user pr ofile on the RADIUS ser ver . The device reads the attribut[...]
-
Страница 1274
1232 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring 802.1X port security 34 T o specify an untagged VLAN, use the f ollowing. "U:1 0" or "U:marketing" When the RADIUS server specifies an untag g ed VLAN ID, the por t default VLAN ID (or PVID ) is c h a n g ed f ro m t h e s y s t e m D E FAU LT-V L A N ([...]
-
Страница 1275
PowerConnect B-Series FCX Configuration Guide 1233 53-1002266-01 Configuring 802.1X port security 34 Syntax: sav e-dynamicvlan-to-config By default, the dynamic VLAN assignme nts are not sa ved to the running-config file. Entering the show running-conf ig command does not displa y dynamic VLAN assignments, although the y can be display ed with the [...]
-
Страница 1276
1234 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring 802.1X port security 34 Example PowerConnect(config)#int e 3/2 PowerConnect(config-if-e1000-3/2)#port security PowerConnect(config-port-security-e1000-3/2)#maximum 2 PowerConnect(config-port-security-e1000-3/2)#exit Refe r to Chapt er 35, “Using the MAC Port Security Fea[...]
-
Страница 1277
PowerConnect B-Series FCX Configuration Guide 1235 53-1002266-01 Configuring 802.1X port security 34 • A dynamic IP A CL will take prec edence over an IP ACL that is bound to a port (por t ACL). When a client authenticates with a dynamic IP A C L, th e port ACL will not be applied. Also, future clients on the same por t will authenticate with a d[...]
-
Страница 1278
1236 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring 802.1X port security 34 PowerConnect(config)#interface e 1 PowerConnect(config-if-e1000-1)#dot1x disable-filter-strict-security T o re-enable strict security mode for a n in ter fa c e, en te r t he fol l owi ng c om m an d. PowerConnect(config-if-e1000-1)#no dot1x disable[...]
-
Страница 1279
PowerConnect B-Series FCX Configuration Guide 1237 53-1002266-01 Configuring 802.1X port security 34 • Dynamic A CL filters are supported only for the inbound direction. Dynamic outbou nd A CL filters are not suppor ted. • MA C address filters are suppor ted only f or the inbound direction. Outbound MA C address filters are not suppor ted. • [...]
-
Страница 1280
1238 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring 802.1X port security 34 Syntax: [ no ] dot1x-enable At the do t1x configuration lev el, you can enable 802. 1X por t security on all int er faces at once, on individual interfaces, or on a range of int er faces. For e xample, to enable 802. 1X por t security on all int er [...]
-
Страница 1281
PowerConnect B-Series FCX Configuration Guide 1239 53-1002266-01 Configuring 802.1X port security 34 When an interface control type is set to auto , the cont rolled port i s initially set to unauthorized, bu t is changed to authorized w hen the conne cting Client is success fully authenticated by an Authentication Ser ver . The por t control type c[...]
-
Страница 1282
1240 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring 802.1X port security 34 For e xample, to re-authenticate Clients connect ed to interface 3/1, enter the f ollowing command. PowerConnect#dot1x re-authenticate e 3/1 Syntax: dot1x re-aut henticat e ethernet <por t> Specify the <por t> v a ri a b l e i n th e fo [...]
-
Страница 1283
PowerConnect B-Series FCX Configuration Guide 1241 53-1002266-01 Configuring 802.1X port security 34 Setting the maximum number of EAP frame retransmissions The Dell Po werConnect device re transmits the EAP-request/identity frame a maximu m of two times. If no EAP-response/identity frame is received from the Client after two EAP-request/identity f[...]
-
Страница 1284
1242 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring 802.1X port security 34 Setting the maximum number of EAP frame retransmissions Y ou can optionally specify the number of times the Dell P owerConnect de vice will retransmit the EAP-request frame. Y ou can specify between 1 – 1 0 frame retransmissions. For exam ple, to [...]
-
Страница 1285
PowerConnect B-Series FCX Configuration Guide 1243 53-1002266-01 Configuring 802.1X port security 34 Configuring 802.1X multip le-host authentication When multiple hosts are connect ed to the same 802. 1X-enabled por t, the func tionality described in “How 802. 1X Mu ltiple-host authen tication works” on page 122 4 is enabled by def ault. Y o u[...]
-
Страница 1286
1244 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring 802.1X port security 34 • Permitted do t1x-mac-sessions, which are the dot1x-ma c-sessions for authenticated Clients, as well as f or non-authenticated Clients whose por t s ha ve been placed in the restrict ed VLAN, are aged out if no traf fic is received fr om the Clie[...]
-
Страница 1287
PowerConnect B-Series FCX Configuration Guide 1245 53-1002266-01 Configuring 802.1X port security 34 Clearing a dot1x-mac-se ssion for a MAC address Y ou can clear the dot1x-mac-session for a specified MAC address, so that the Client with that MA C address can be re-authenticat ed by the RADIUS server . Example PowerConnect#clear dot1x mac-session [...]
-
Страница 1288
1246 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring 802.1X accounting 34 Configuring 802.1X accounting 802. 1X accounting enables the recording of information about 802. 1X clients who were successfully authenticated and allo wed access to the network. When 802.1X accounting is enabled on the Dell Po werConnect device, it s[...]
-
Страница 1289
PowerConnect B-Series FCX Configuration Guide 1247 53-1002266-01 Displaying 802.1X inform ation 34 Enabling 802.1X accounting T o enable 802. 1X accounting, enter the f ollowing command. PowerConnect(config)#aaa accounting dot1x default start-stop radius none Syntax: aaa accounting dot1x default star t-stop radius | none radius – Use the list of [...]
-
Страница 1290
1248 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Displaying 802.1X information 34 T o display inf ormation about the 802. 1X configurat ion on an individual por t, enter a command such as the fo llowing. TA B L E 21 2 Output fr om the show dot1x command This field... Displays... P AE Capability The Por t Access Entity ( PAE) r ole f[...]
-
Страница 1291
PowerConnect B-Series FCX Configuration Guide 1249 53-1002266-01 Displaying 802.1X inform ation 34 Syntax: show dot1x config ethernet <por t> Specify the <por t> v a ri a b l e i n th e fo l l ow in g fo r m a ts : • Po werConnect B-Series FCX stackable switches – <s tack-unit/slotnum/portnum> The follo wi ng additional inform[...]
-
Страница 1292
1250 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Displaying 802.1X information 34 Displaying 802.1X statistics T o display 80 2.1X statistic s fo r an individual port, enter a command such as the following Syntax: show dot1x statistics ethernet <port> Specify the <por t> v a ri a b l e i n th e fo l l ow in g fo r m a ts[...]
-
Страница 1293
PowerConnect B-Series FCX Configuration Guide 1251 53-1002266-01 Displaying 802.1X inform ation 34 Clearing 802.1X statistics Y ou can clear the 802. 1X statistics counters on all inter faces at once, on in dividual int er faces, or on a range of inter faces. For e xample, to clear the 802. 1X statistics coun t ers on all inter faces on the device,[...]
-
Страница 1294
1252 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Displaying 802.1X information 34 In this examp le, the 802.1X -enabled por t has been moved from VLAN 1 to VLAN 2. When the client disconnects, the port will be moved back t o VLAN 1. The sho w run command also indicates the VLAN to which the por t has been dynamically assigned. The o[...]
-
Страница 1295
PowerConnect B-Series FCX Configuration Guide 1253 53-1002266-01 Displaying 802.1X inform ation 34 PowerConnect#show dot1x mac-address filter Port 1/3 (User defined MAC Address Filter) : mac filter 1 permit any any Syntax: show dot1x mac-address-filter T o display the user -defined IP A CLs active on the d evice, enter the f ollowing co mmand. Synt[...]
-
Страница 1296
1254 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Displaying 802.1X information 34 The all ke yword displays all dynamically appl ied IP ACLs activ e on the device. Specify the <por t> v a ri a b l e i n th e fo l l ow in g fo r m a ts : • Po werConnect B-Series FCX stackable switches – <s tack-unit/slotnum/portnum> D[...]
-
Страница 1297
PowerConnect B-Series FCX Configuration Guide 1255 53-1002266-01 Displaying 802.1X inform ation 34 • Po werConnect B-Series FCX stackable switches – <s tack-unit/slotnum/portnum> Displaying 802.1X multiple-hos t authentication information Y ou can display the fo l lowing inf ormatio n about 802. 1X multiple-host authenti cation: • Infor[...]
-
Страница 1298
1256 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Displaying 802.1X information 34 The output of the show dot1x config command for an interface displa ys the configured por t control f or the inter face. This command also displa ys information relat ed to 802. 1X multiple host-authentication. The following is an e xampl e of the outp[...]
-
Страница 1299
PowerConnect B-Series FCX Configuration Guide 1257 53-1002266-01 Displaying 802.1X inform ation 34 Example Syntax: show dot1x mac-session Ta b l e 2 17 lists the new fields in the displa y . Displaying information about the ports in an 802.1X mu ltiple-host configuration T o display inf ormatio n about the por ts in an 802. 1X mult iple-host config[...]
-
Страница 1300
1258 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Sample 802.1X configurations 34 1/1/7 0 0 no no no 1/1/8 0 0 no no no 1/1/9 0 0 no no no 1/1/10 0 0 no no no 1/1/11 0 0 no no no 1/1/12 0 0 no no no 1/1/13 0 0 no no no 1/1/14 0 0 no no no 1/1/15 0 0 no no no 1/1/16 0 0 no no no Syntax: show dot1x mac-session brief The follo wing tabl[...]
-
Страница 1301
PowerConnect B-Series FCX Configuration Guide 1259 53-1002266-01 Sample 802.1X configurations 34 Point-to-point configuration Figure 158 illustrates a samp le 802. 1X configuration with Clients connected t o three por ts on the Dell Po werConnect device. In a point-to-point configuration, only one 802. 1X Client can be co nn ec ted to ea ch po r t.[...]
-
Страница 1302
1260 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Sample 802.1X configurations 34 Hub configuration Figure 159 illustrates a configuration where three 802. 1X-enabled Clients are connect ed to a hub, which is connect ed to a por t on the Dell P owerCo nne ct device. The configuration is similar to that in Figure 158 , except that 802[...]
-
Страница 1303
PowerConnect B-Series FCX Configuration Guide 1261 53-1002266-01 Sample 802.1X configurations 34 802.1X Authentication with dynamic VLAN assignment Figure 160 illustrates 802. 1X authen tication with dynamic VLAN assignment . In this configuration, two user PCs are co nnected to a hub, which is connected t o por t e2. Port e2 is configured as a dua[...]
-
Страница 1304
1262 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Using multi-device port au thentication and 802.1X security on the same port 34 ! interface ethernet 2 dot1x port-control auto dual-mode If User 1 is successfully authenticat ed before User 2, the PVID for por t e2 would be changed fr om the default VLAN to VLAN 3. Had User 2 been the[...]
-
Страница 1305
PowerConnect B-Series FCX Configuration Guide 1263 53-1002266-01 Chapter 35 Using the MAC Port Security Feature Ta b l e 2 1 9 lists the individual Del l Po werConnect switches and the MAC port security features they suppor t. This chapter describes ho w to configure De ll Pow erConnect devices t o lea rn “secure” MAC addresses on an in te rfac[...]
-
Страница 1306
1264 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring the MAC port security feature 35 Local and global resources The MAC por t security feature us es a concep t of local and global “resou rces” to deter mine how many MAC addresses can b e secured on each interfac e. In this conte xt, a “resource” is the ability to st[...]
-
Страница 1307
PowerConnect B-Series FCX Configuration Guide 1265 53-1002266-01 Configuring the MAC port security feature 35 Enabling the MAC port security feature By default, the MA C por t security feature is disabl ed on all int er faces. Y ou can enable or disable the fe a ture on all int er faces at once , or on individual int er faces. T o enable the f eatu[...]
-
Страница 1308
1266 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring the MAC port security feature 35 PowerConnect(config)#interface ethernet 7/11 PowerConnect(config-if-e1000-7/11)#port security PowerConnect(config-port-security-e1000-7/11)#age 10 Syntax: [ no ] age <minutes> The <minut es> variable specifies a range fr om 0 th[...]
-
Страница 1309
PowerConnect B-Series FCX Configuration Guide 1267 53-1002266-01 Configuring the MAC port security feature 35 Syntax: [ no ] autosa ve <minut es> The <minutes> variable can be from 15 thr oug h 1 4 40 minutes. By default, sec ure MAC addresses are not autosa ved to the startu p-config file. Specifying the action taken when a security vi[...]
-
Страница 1310
1268 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Clearing port se curity statistics 35 Disabling the port f or a specified amount of time Y ou can configure the de vice to disable the port f or a specified amount of time when a security violation occurs. T o shut down the por t for 5 minut es when a security violation occurs, ent er[...]
-
Страница 1311
PowerConnect B-Series FCX Configuration Guide 1269 53-1002266-01 Displaying port se curity information 35 • The por t security settings f o r an individual por t or f or all the por ts on a specified module • The secure MA C addresses configured on the de vice • Port security sta tistics f or an inter face or f or a module Displaying port sec[...]
-
Страница 1312
1270 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Displaying port security information 35 Displaying port security statistics Y ou can display port security st atisti cs f or an interface or for a module. For e xample, to displa y por t security statistics fo r i nte r fa c e 7 /11 , e n te r t he fo ll ow i ng co m m an d . Syntax: [...]
-
Страница 1313
PowerConnect B-Series FCX Configuration Guide 1271 53-1002266-01 Displaying port se curity information 35 Displaying restricted MAC addresses on a port T o displa y a list of restrict ed MAC addresses on a port, enter a command such as the f ollowing. PowerConnect#show port security ethernet 1/5 restricted-macs Syntax: show por t security ethernet [...]
-
Страница 1314
1272 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Displaying port security information 35[...]
-
Страница 1315
PowerConnect B-Series FCX Configuration Guide 1273 53-1002266-01 Chapter 36 Configuring Multi-Device Port Authentication Ta b l e 2 2 4 lists individu al Dell Po werConnect switches and the Multi-device port authentication fe atures they suppor t. NOTE Po werConnect B-Series FCX devices do not suppor t: - multi-device authentication on dynamic (LAC[...]
-
Страница 1316
1274 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 How multi-device port authentication works 36 How multi-device port authentication works Multi-device port authentication is a way t o configure a Dell Po werConnect device t o forward or block traf fic from a MA C address based on information receiv ed from a RADIUS server . The mult[...]
-
Страница 1317
PowerConnect B-Series FCX Configuration Guide 1275 53-1002266-01 How multi-device port authentication works 36 Supported RADIUS attributes Dell Po werConnect devic es suppor t the fo llowin g RADIUS attribut es for multi-de vice por t authentication: • Username (1) – RFC 2865 • NAS-IP- Address (4) – RFC 2865 • NAS-Port (5) – RFC 2865 ?[...]
-
Страница 1318
1276 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Using multi-device port au thentication and 802.1X security on the same port 36 Support for source guard protection The Dell proprietar y Source Guard Prot ection feature, a f orm of IP Source Guard , can be used in conjunction with multi-device por t au thentication. For details, ref[...]
-
Страница 1319
PowerConnect B-Series FCX Configuration Guide 1277 53-1002266-01 Using multi-device port authentication an d 802.1X security on the same port 36 Configuring Dell-specific attributes on the RADIUS server If the RADIUS authentication pr ocess is succe ssful, the RADIUS server sends an Access-Accept message to the Dell P owerConnec t device, authenti [...]
-
Страница 1320
1278 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring multi-device port authentication 36 Configuring multi-device port authentication Configuring mult i-device port au thentication on the Dell Po werConnect device consists of the following tasks: • Enabling mult i-device por t authentication globally and on in dividual int[...]
-
Страница 1321
PowerConnect B-Series FCX Configuration Guide 1279 53-1002266-01 Configuring multi-device port authentication 36 Y ou can also configure mult i-device port authen tication commands on a range of inter faces. Example PowerConnect(config)#int e 3/1 to 3/12 PowerConnect(config-mif-3/1-3/12)#mac-authentication enable Specifying the format of the MAC ad[...]
-
Страница 1322
1280 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring multi-device port authentication 36 PowerConnect(config)#interface e 3/1 PowerConnect(config-if-e1000-3/1)#mac-authentication auth-fail-action block-traffic Syntax: [ no ] mac-authen tication auth-fail-action block-traf fic Dropping traf fic from non-authenticat ed MAC add[...]
-
Страница 1323
PowerConnect B-Series FCX Configuration Guide 1281 53-1002266-01 Configuring multi-device port authentication 36 If one of the attributes in the Ac cess- Accept mess age specifies one or more VLAN identifiers, and the VLAN is av ailable on the Dell Pow erConnect de vice, the por t is moved fr om its default VLAN to the specified VLAN. T o enable dy[...]
-
Страница 1324
1282 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring multi-device port authentication 36 • If an untagged port had previously been assigned to a VLAN thr ough dy namic VLAN assignment, and then another MA C address is authenticat ed on the sa me por t, but the RADIUS Access- Accept m essage for the second MAC address speci[...]
-
Страница 1325
PowerConnect B-Series FCX Configuration Guide 1283 53-1002266-01 Configuring multi-device port authentication 36 Y ou can optionally specify an alt ernate VLAN to which to mov e the por t when the MAC session for the address is delet ed. For example, to place the po r t in the restricted VLAN, ent er commands such as the fo llowing. PowerConnect(co[...]
-
Страница 1326
1284 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring multi-device port authentication 36 The dynamic IP A CL is active as long as the clie nt is connected t o the network. When the c lient disconnects from the network, the IP A CL is no lo nger applied to the por t. If an IP ACL had been applied to the port prior to multi-de[...]
-
Страница 1327
PowerConnect B-Series FCX Configuration Guide 1285 53-1002266-01 Configuring multi-device port authentication 36 • The dynamic ACL must be an e xtended A C L. Standar d ACLs are no t suppor ted. • Multi-device po r t authentication and 802. 1x can be used t ogether on the same por t. How ever , Dell does not recommend the use of multi-de vice p[...]
-
Страница 1328
1286 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring multi-device port authentication 36 Enabling source guard protection Source Guar d Protec tion is a form of IP Source Guar d used in conju nction with multi-device por t authentication. When Sour ce Guar d Pr otection is enabled, IP traf fic is blocked until the system lea[...]
-
Страница 1329
PowerConnect B-Series FCX Configuration Guide 1287 53-1002266-01 Configuring multi-device port authentication 36 In the abo ve output, f or por t 6/12, Source Guar d Prot ection is enabled and the Source Guard A CL is applied to the MA C sess ion, as indicated by SG in t he AC L colu mn. For por t 6/13, Source Guard Prot ection is a lso enabled, bu[...]
-
Страница 1330
1288 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring multi-device port authentication 36 Disabling aging for authenticated MAC addresses MA C addresses that have be en authenticated or denied b y a RADIUS ser ver are aged out if no traf fic is received from the MAC ad dress for a cert ain period of time: • Authenticat ed M[...]
-
Страница 1331
PowerConnect B-Series FCX Configuration Guide 1289 53-1002266-01 Configuring multi-device port authentication 36 Aging of the Lay er 2 hardware entry for a block ed MAC address occurs in tw o phases, known as hardware aging and sof tware aging. On Po werConnect devices, the har dware aging pe riod f or blocked MA C addresses is fixed at 70 seconds [...]
-
Страница 1332
1290 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring multi-device port authentication 36 Y ou can better contr ol por t behavior when a RADIUS tim eout occurs by configuri ng a por t on the Dell Po werConnect de vice to automatically pass or fail user a uthentication . A pass essentially bypasses the authentic ation process [...]
-
Страница 1333
PowerConnect B-Series FCX Configuration Guide 1291 53-1002266-01 Displaying multi-device port authentication information 36 Multi-device port authentication password override The multi-device por t authentica tion feature commun icates with the RADIUS ser ver t o authenticate a newly f ound MA C address. The RADIUS server is configured with the use[...]
-
Страница 1334
1292 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Displaying multi-device port aut hentication informatio n 36 Displaying authenticated MAC address information T o display inf ormation about authenticated MA C addresses on the por ts where the multi-device por t authentication feature is en abled, ent er the following command. Syntax[...]
-
Страница 1335
PowerConnect B-Series FCX Configuration Guide 1293 53-1002266-01 Displaying multi-device port authentication information 36 Displaying multi-device port authentication information for a specific MAC address or port T o display authentication inf ormation for a specif ic MAC address or port, enter a command such as the fo llowing. Syntax: show auth-[...]
-
Страница 1336
1294 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Displaying multi-device port aut hentication informatio n 36 Displaying the authenticated MAC addresses T o display the MA C addresses that ha ve been successfully authenticat ed, enter the show auth-mac-addresses authorized-mac command. Syntax: show auth-mac-addresses authorized-mac [...]
-
Страница 1337
PowerConnect B-Series FCX Configuration Guide 1295 53-1002266-01 Displaying multi-device port authentication information 36 Displaying multi-device port authentication information for a port T o display a summary of Multi-Device P or t Authenti cation f or por ts on a device, ent er the following command Syntax: show auth-mac-address ethernet <p[...]
-
Страница 1338
1296 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Displaying multi-device port aut hentication informatio n 36 Omitting the eth ernet <por t> parameter displays inf ormation for all int er faces where the multi-device por t authenti cation fe ature is enabled. The follo wing table describes the information displa yed by the sho[...]
-
Страница 1339
PowerConnect B-Series FCX Configuration Guide 1297 53-1002266-01 Displaying multi-device port authentication information 36 Port Default Vlan The VLAN to which the p or t is assigned, and whether the por t had been dynamically assigne d to the VLAN by a RADIUS server . Port VLA N state Indi cates the state of the por t VLAN. Th e State can be one o[...]
-
Страница 1340
1298 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Displaying multi-device port aut hentication informatio n 36 Displaying the MAC authentication table for PowerConnect B-Series FCX devices For P owerConnect B- Series FCX devices, there are three commands you can use t o display MA C authentication information: • show table <mac [...]
-
Страница 1341
PowerConnect B-Series FCX Configuration Guide 1299 53-1002266-01 Example configurations 36 PowerConnect#show table allowed-mac ------------------------------------------------------------------------------- MAC Address PortVlanAuthenticatedTimeAgedot1x ------------------------------------------------------------------------------- 0000.0010.100a 1/[...]
-
Страница 1342
1300 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Example configurations 36 Multi-device port authentication with dynamic VLAN assignment Figure 162 illustrates multi-de vice por t auth entication with dynamic VLAN assignment on a Dell Pow erConne ct device. In this configu ration, a PC and an IP phone are connected t o a hub, which [...]
-
Страница 1343
PowerConnect B-Series FCX Configuration Guide 1301 53-1002266-01 Example configurations 36 The mac-authentication disa ble-ingress-filtering command enab les tagged packets on the por t, eve n i f t h e p o r t i s n o t a m e m b e r o f th e V L A N . I f this fe ature is not enabled, authentica tion works as in “Example 2” Example 2 Figure 1[...]
-
Страница 1344
1302 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Example configurations 36 The par t of the running-config related to multi-de vic e por t auth entication wou ld be a s follo w s. mac-authentication enable mac-authentication auth-fail-vlan-id 1023 interface ethernet 1 mac-authentication enable mac-authentication auth-fail-action res[...]
-
Страница 1345
PowerConnect B-Series FCX Configuration Guide 1303 53-1002266-01 Example configurations 36 FIGURE 1 63 Us ing multi-device port authentication an d 802.1X authentication on the same port When the devices att empt to connect t o the networ k, they are first subject to multi-device por t authentication. When the MAC ad dress of the IP phone is authen[...]
-
Страница 1346
1304 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Example configurations 36 When the PC is authenticat ed using multi-device po rt authentication, the por t PVID is cha nged to “Login-VLAN”, which is VLAN 1 02 4 in this example. When User 1 is authenticat ed using 802. 1X authentication, the por t PVID is changed t o “User -V L[...]
-
Страница 1347
PowerConnect B-Series FCX Configuration Guide 1305 53-1002266-01 Example configurations 36 Since there is no pr ofile for the PC MA C addr ess on the RADIUS ser ver , multi-device port authentication for this MA C address fails. Or dina rily, this would mean that the PVID for the por t would be changed to that of the restrict ed VLAN, or t raf fic [...]
-
Страница 1348
1306 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Example configurations 36[...]
-
Страница 1349
PowerConnect B-Series FCX Configuration Guide 1307 53-1002266-01 Chapter 37 Configuring Web Authentication Ta b l e 2 31 lists individual Dell Pow erConnect switches and the Web A uthentication features they suppor t. Overview Authentication is impor tant i n enterprise netw orks because the network is considered a secure area: it contains sensitiv[...]
-
Страница 1350
1308 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuration considerations 37 While a MAC add ress is in the authenticated st at e, the host can forward data thr ough the Po werConnect switch. The MA C address remains au thenticat ed un til one of the f ollowing events occurs: • The host MAC address is remo ved from a list of M[...]
-
Страница 1351
PowerConnect B-Series FCX Configuration Guide 1309 53-1002266-01 Configuration tasks 37 • Each Web A uthentication VLAN must have a virtual inter face (VE). • The VE must ha ve at least one assigned IPv4 address. Web A uthentication is enabled on a VLAN. That VLAN becomes a W eb Authentication VLAN that does the f ollowing: • Forwards traffic[...]
-
Страница 1352
1310 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuration tasks 37 • On a Lay er 3 Pow erConnect switch, assign an IP address to a vir tual inter face (VE) for each VLAN on which W eb Auth entic ation will be enabled. PowerConnect#configure terminal PowerConnect(config)#vlan 10 PowerConnect(config-vlan-10)#router-interface ve[...]
-
Страница 1353
PowerConnect B-Series FCX Configuration Guide 1311 53-1002266-01 Enabling and disablin g web authentication 37 Once enabled, the CLI changes t o the "webauth " c onfiguration level. In the example abo ve, VLAN 10 will require hosts to be authenticated using Web Authentication bef ore they can forward traffic. 6. Configure the We b Authent[...]
-
Страница 1354
1312 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring the web a uthentication mo de 37 Using local user databases Web A uthentication suppor ts the use of local user databases consisti ng of usernames and passwords, t o authenticate devices. Users are bl ock ed from accessing the switch until they enter a valid username and p[...]
-
Страница 1355
PowerConnect B-Series FCX Configuration Guide 1313 53-1002266-01 Configuring the web authentication mode 37 The first command changes the configuration le v el to the local user database level f or user db1 . If the database does not already exist, it is crea ted. The second command adds the user recor d marcia to the userdb1 database. Syntax: user[...]
-
Страница 1356
1314 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring the web a uthentication mo de 37 For <password1> , <passwor d2> , etc., enter up to 29 ASCII charact ers. Be sure to Insert a cursor return ( <cr> ) after each user record. Y ou can enter up to 30 user recor ds per text file. Importing a text file of user[...]
-
Страница 1357
PowerConnect B-Series FCX Configuration Guide 1315 53-1002266-01 Configuring the web authentication mode 37 PowerConnect(config-vlan-10-webauth)#auth-mode username-password auth-methods local Syntax: auth-mode username-p asswor d auth-methods local T o rev er t back to using the RADIUS server , enter the follo wing command. PowerConnect(config-vlan[...]
-
Страница 1358
1316 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring the web a uthentication mo de 37 Configuration steps Follo w the steps giv en below to config ure the de vice t o use the passcode authentication mode. 1. Optionally create up to four static passcodes 2. Enable passcode authen tication 3. Configure other options Creating s[...]
-
Страница 1359
PowerConnect B-Series FCX Configuration Guide 1317 53-1002266-01 Configuring the web authentication mode 37 The next dynamically-created passcode will be 1 0 digits in length, for e xample, 0 123456789. Syntax: auth-mode passcode length <value> For <value> , enter a number fro m 4 to 1 6. Configuring the passcode refresh method Passcode[...]
-
Страница 1360
1318 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring the web a uthentication mo de 37 T o c on f ig ur e t h e s wi t ch to r ef r es h p as sc o de s a t a c er ta in t im e o f day, en ter c om ma n ds su ch a s t he following. PowerConnect(config-vlan-10-webauth)#auth-mode passcode refresh-type time 6:00 PowerConnect(conf[...]
-
Страница 1361
PowerConnect B-Series FCX Configuration Guide 1319 53-1002266-01 Configuring the web authentication mode 37 Syntax: auth-mode passcode flush-ex pired Disabling and re-enab ling passcode logging The sof tware generat es a Syslog message and SN MP trap message every time a new passcode is generat ed and passcode authentication is attempted ,. This is[...]
-
Страница 1362
1320 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring web authentication option s 37 Using automatic authentication By default, if W eb Authentication is enabled, hosts need t o login and enter authentication credentials in order to gain access t o the network. If a re-authentic ation period is configured, the host will be as[...]
-
Страница 1363
PowerConnect B-Series FCX Configuration Guide 1321 53-1002266-01 Configuring web authenticati on options 37 Syntax: [ no ] accounting Enter the no accounting command to disable RADIUS acc ounting for W eb Authentication. Changing the login mode (HTTPS or HTTP) Web A uthentication can be configured to use secure (HTTPS) or non-secure (HTTP) login an[...]
-
Страница 1364
1322 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring web authentication option s 37 Instead of just entering a duration f or how long the MA C address remains authenticated, you can specify the MA C address to be added by th e specified por t that is a member of the VLAN. T o do this, enter v alues for the ethernet <port&[...]
-
Страница 1365
PowerConnect B-Series FCX Configuration Guide 1323 53-1002266-01 Configuring web authenticati on options 37 Enter a number from 0 to 64, whe re 0 means there is no limit to the number of W eb Authentication attempts. The default is 5. Clearing authenticated hosts from the web authentication table Use the f ollowing commands to clear dynamically- au[...]
-
Страница 1366
1324 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring web authentication option s 37 Enter 0 – 128000 for <seconds> . The default is the current v alue of block duration comman d. Entering a va lue of "0" means the MAC address is block ed permanently . Entering no block mac <mac-address> duration <s[...]
-
Страница 1367
PowerConnect B-Series FCX Configuration Guide 1325 53-1002266-01 Configuring web authenticati on options 37 PowerConnect(config-vlan-10-webauth)#port-down-auth-mac-cleanup Syntax: [ no ] por t-down-auth-mac-cleanup While this command is enabled, the de vice checks the link stat e of all por ts that are members of the We b Authentication VLAN. If th[...]
-
Страница 1368
1326 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring web authentication option s 37 For <string> , enter up to 64 alphanumeric characters. Y ou can enter any v alue for <string> , but entering the name on the security cer tificate pre ven ts the display of err or messages saying that the security cer tificate doe[...]
-
Страница 1369
PowerConnect B-Series FCX Configuration Guide 1327 53-1002266-01 Configuring web authenticati on options 37 FIGURE 1 67 Ex ample of a login page when automatic authenti cation is disabled and local user database is enabled The user enters a user name and password, which are then sent for authentication. If passcode authentication is enabl ed, the f[...]
-
Страница 1370
1328 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring web authentication option s 37 FIGURE 1 69 Ex ample of a tr y again page If the limit f or the number of authenticated user s on the network is e xceeded, the Maximum Host Limit page is displa yed ( Figure 1 70 ). FIGURE 1 70 Example of a maximum Host limit page If the num[...]
-
Страница 1371
PowerConnect B-Series FCX Configuration Guide 1329 53-1002266-01 Configuring web authenticati on options 37 FIGURE 1 72 Example of a web authentication success page Once a host is authenticat ed, that host can ma nually de-authenticate by clicking the ’Logout’ button in the Login Success pa ge . The host remains logged in until the re-authentic[...]
-
Страница 1372
1330 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring web authentication option s 37 Syntax: show webauth vlan <vlan-id> webpag e Customizing web authentication pages Y ou can customize the f ollowing objects in the W eb Authentication pages sho wn in Figure 166 through Figure 1 72 : • Title bar • Banner imag e (the[...]
-
Страница 1373
PowerConnect B-Series FCX Configuration Guide 1331 53-1002266-01 Configuring web authenticati on options 37 FIGURE 1 73 Objects in the web authentication pages that can be cust omized Customizing t he title bar Y ou can customize the title bar that appear s on all Web A u thentication pages (refer t o Figure 1 73 ). T o do so, enter a command such [...]
-
Страница 1374
1332 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring web authentication option s 37 NOTE This command downloads the image file and stores it in the de vice flash memor y . Theref ore, it is not necessar y to f ollow this command with a write memo r y . The <ip-address> parameter spec ifies the address of the TFTP serve[...]
-
Страница 1375
PowerConnect B-Series FCX Configuration Guide 1333 53-1002266-01 Displaying web authen tication information 37 The <filename> parameter is the name of the text file on the TFTP ser ver . T o rev er t back to the default t ext box (none), enter the command no webpage terms . Customizing t he login button Y ou can customize the Login butt on th[...]
-
Страница 1376
1334 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Displaying web authentication information 37 authentication mode: username and password (Default) authentication methods: radius Local user database name: <none> Radius accounting: Enable (Default) Trusted port list: None Secure Login (HTTPS): Enable (Default) Web Page Customiza[...]
-
Страница 1377
PowerConnect B-Series FCX Configuration Guide 1335 53-1002266-01 Displaying web authen tication information 37 Syntax: show webauth [ vlan <vlan-id> ] The show webauth command b y its elf displays inf ormation for all VLANs on which Web Authentication is enabled. Use the vlan <vlan-id> parameter t o display inf ormation for a specific V[...]
-
Страница 1378
1336 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Displaying web authentication information 37 Displaying a list of hosts attempting to authenticate Enter the following command t o display a list of hosts that are tr ying to authenticate. The repor t shows the f ollowing information. Syntax: show webauth authenticating -list Displayi[...]
-
Страница 1379
PowerConnect B-Series FCX Configuration Guide 1337 53-1002266-01 Displaying web authen tication information 37 Syntax: show webauth blocked-list Displaying a list of local user databases The following command displays a list of a ll loca l user databases configur ed on the P owerConnect switch and the number of users in each datab ase. Syntax: show[...]
-
Страница 1380
1338 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Displaying web authentication information 37 Syntax: show local-userdb <db-name> Displaying passcodes If the passcode Web authentication mode is enab led, you can use the follo wing command to display current passcodes. Syntax: show webauth vlan <vlan-id> passcode PowerCon[...]
-
Страница 1381
PowerConnect B-Series FCX Configuration Guide 1339 53-1002266-01 Chapter 38 Protecting Against Denial of Service Attacks Ta b l e 2 3 2 lists individual Dell PowerCo n nect switch es and the DoS pr otection f eatures they suppor t. This chapter explains ho w to prot ect your Dell Pow erConnect devices fr om Denial of Service (DoS) attacks. In a Den[...]
-
Страница 1382
1340 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Protecting against Smurf a ttacks 38 For each ICMP echo request packet sent by the attacker , a number of ICMP replies eq ual to the number of hosts on the intermediary network are se nt to the victim. If the attacker generates a large volume of ICMP echo req uest packets, and the in [...]
-
Страница 1383
PowerConnect B-Series FCX Configuration Guide 1341 53-1002266-01 Protecting against TCP SYN attacks 38 The burst-max <value> paramter can be fr om 1 through 1 00,000 packe ts per second. The lockup < v alue> parameter can be fr om 1 through 1 0,000 seconds. This command is suppor t ed on Et hernet and Layer 3 inte r faces. The number o [...]
-
Страница 1384
1342 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Protecting against TCP SYN attacks 38 For La yer 3 r outer code, if the int er face is part of a VLAN that has a rout er VE, you must conf igure T CP/SYN attack pr otection at the VE lev el. Ot her wise, y ou can configure this f eature at the interface level as shown in the pre vio u[...]
-
Страница 1385
PowerConnect B-Series FCX Configuration Guide 1343 53-1002266-01 Protecting against TCP SYN attacks 38 • Blind TCP reset attack using the synchronization (S YN) bit • Blind TCP pack et injection attack The T C P security enhanceme nt is automatically enabled. Protecting against a blind TCP reset attack using the RST bit In a blind T CP reset at[...]
-
Страница 1386
1344 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Protecting against TCP SYN attacks 38 Syntax: show statistics dos-attack T o clear statistics about ICMP and TCP S YN packets dro pped beca use burst thresholds were ex ceeded, enter the f ollowing command. PowerConnect#clear statistics dos-attack Syntax: clear statistics dos-attack P[...]
-
Страница 1387
PowerConnect B-Series FCX Configuration Guide 1345 53-1002266-01 Chapter 39 Inspecting and Tracking DHCP Packets Ta b l e 2 3 3 lists individual Dell PowerCo n nect switch es and the DHCP pack et inspection and tracking features th ey suppor t. Dynamic ARP inspection For enhanced ne twork security , you can configure the Dell P owerConnect de vice [...]
-
Страница 1388
1346 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Dynamic ARP inspection 39 How DAI works DAI allo ws only valid ARP requests and responses to be f o rwarded. A Dell Pow erConnect device on which D AI is configured does the following: • Inter cepts ARP packe ts received by the syst em CPU • Inspects all ARP requests and responses[...]
-
Страница 1389
PowerConnect B-Series FCX Configuration Guide 1347 53-1002266-01 Dynamic ARP inspection 39 • DHCP-Snooping ARP – inf ormation collected fr om snooping DHCP packets when DHCP snooping is enabled on VLANs. The status of an ARP entry is either pending or valid: • Va l i d – the mapping is valid, and the port is resolv ed. This is always the ca[...]
-
Страница 1390
1348 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Dynamic ARP inspection 39 Configuring an inspection ARP entry Static ARP and static inspection ARP entries need to be configured for hosts on untrusted ports. Other wise, when DAI checks ARP packets from these hosts against e ntries in the ARP table, it will not find an y entries for [...]
-
Страница 1391
PowerConnect B-Series FCX Configuration Guide 1349 53-1002266-01 DHCP snooping 39 Displaying ARP inspection status and ports T o display the ARP inspection status f or a VLAN and the trusted/untrust ed por t, enter the f ollowing command. Syntax: show ip arp inspection [ vlan <vlan_id> ] The <vlan_id> variable specifies the ID of a conf[...]
-
Страница 1392
1350 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 DHCP snooping 39 How DHCP snooping works When enabled on a VLAN, DHCP snooping stands between untrusted por ts (those connect ed to host por ts) and trusted por ts (those connected to DHCP servers). A VLAN with DHCP snooping enabled f or wards D HCP request packe ts from clie nts and [...]
-
Страница 1393
PowerConnect B-Series FCX Configuration Guide 1351 53-1002266-01 DHCP snooping 39 About client IP-to-MAC address mappings Client IP addresses need not be on directly-connect ed networ ks, as long as the client MA C address is learned on the client port and the client por t is in the same VLAN as the DHCP server por t. In this case, the system will [...]
-
Страница 1394
1352 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 DHCP snooping 39 1. Enable DHCP snooping on a VLAN.Ref er to “E nabling DHCP snooping on a VLAN” on page 1352. 2. For ports that are connected t o a DHCP ser ver , change their trust setting to trusted.R efer t o “Enabling trust on a por t” on page 1 352. The f ollowing shows [...]
-
Страница 1395
PowerConnect B-Series FCX Configuration Guide 1353 53-1002266-01 DHCP snooping 39 T o remove all entries fr om the DHCP bind ing database, enter the f ollowing command. PowerConnect#clear dhcp T o clear entries for a specific IP addres s, enter a command such as the f ollowing. PowerConnect#clear dhcp 10.10.102.4 Syntax: clear dhcp [ <ip-addr>[...]
-
Страница 1396
1354 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 DHCP relay agent information (DHCP Option 82) 39 PowerConnect(config)#vlan 2 PowerConnect(config-vlan-2)#untagged ethe 1/3 to 1/4 PowerConnect(config-vlan-2)#router-interface ve 2 PowerConnect(config-vlan-2)#exit PowerConnect(config)#ip dhcp snooping vlan 2 PowerConnect(config)#vlan 2[...]
-
Страница 1397
PowerConnect B-Series FCX Configuration Guide 1355 53-1002266-01 DHCP relay agent information (DHCP Option 82) 39 As illustrated in Figure 1 78 , the DHC P relay agent (the PowerConne ct switch), inserts DH CP option 82 attributes when relaying a DHCP req uest pack et to a DHCP ser ver . FIGURE 1 78 DHCP Option 82 attribut es added to t he DHCP pac[...]
-
Страница 1398
1356 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 DHCP relay agent information (DHCP Option 82) 39 Sub-option 1 – circuit id The Circuit ID (CID) identifies the circuit or port from which a DHCP client req uest was sent. The PowerC on nec t s wit ch use s th is infor ma tio n to r el ay DH CP r esp on ses ba ck to th e prop er ci r[...]
-
Страница 1399
PowerConnect B-Series FCX Configuration Guide 1357 53-1002266-01 DHCP relay agent information (DHCP Option 82) 39 Configuring DHCP option 82 When DHCP snooping is enabled on a VLAN, b y defaul t, DHCP option 82 also is enabled . Y ou do not need t o per form any e xtra configuration steps t o enable this feature. T o enable DHCP snooping, ref er to[...]
-
Страница 1400
1358 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 DHCP relay agent information (DHCP Option 82) 39 Changing the forwarding policy When the Dell Pow erConnect device receives a DHCP message that contains rela y agent information, by default, the de vice replaces the info rmation with its own relay a gent inf ormation. If desired, y ou[...]
-
Страница 1401
PowerConnect B-Series FCX Configuration Guide 1359 53-1002266-01 DHCP relay agent information (DHCP Option 82) 39 Viewing information about DHCP option 82 processing Use the commands in this section to view inf ormation about DH CP option 82 processing. Viewing the circuit Id, remo te id, and forwarding policy Use the show ip dhcp rela y informatio[...]
-
Страница 1402
1360 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 IP source g uard 39 Viewing the status of DHCP op tion 82 and the subscriber id Use the show interface s ethernet co mm and to o bta in infor ma tio n a b out the status of DHCP option 82 and the configured subscriber ID, if applicable. In the ex ample below , the te xt in bold type d[...]
-
Страница 1403
PowerConnect B-Series FCX Configuration Guide 1361 53-1002266-01 IP source guard 39 When a new IP source entry binding on the por t is creat ed or deleted, the ACL will be recalculat ed an d r e ap p li e d i n h a rd wa r e to re f l ec t t h e c h a ng e i n I P s ou rc e b in d i ng . B y de f au l t , i f IP S o u rc e G u a rd is enabled witho[...]
-
Страница 1404
1362 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 IP source g uard 39 • The number of configured A C L rules affect the rat e at which hardwa re resources are used when IP Sourc e Guard is enabled. Use the sho w access -list hw-usage on command to enable hardw are usage for an AC L, follow ed by a show access-list <access-list-i[...]
-
Страница 1405
PowerConnect B-Series FCX Configuration Guide 1363 53-1002266-01 IP source guard 39 The [vlan <vlannum> ] parameter is optional. If y ou enter a VLAN number , the binding applies to that VLAN only . If you do no t ent er a VLAN number , the static binding applies to all VLANs associated with the por t . Not e that since static IP sour ce bind[...]
-
Страница 1406
1364 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 IP source g uard 39[...]
-
Страница 1407
PowerConnect B-Series FCX Configuration Guide 1365 53-1002266-01 Chapter 40 Securing SNMP Access Ta b l e 2 3 6 lists individual Dell PowerConnect swit ches and the SNMP access me thods they suppor t. These f eatures are suppor ted in th e Layer 2, base Lay er 3, edge Lay er 3, and full Lay er 3 soft ware images, e xcept where explicitly no ted. SN[...]
-
Страница 1408
1366 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Establishing SNMP community strings 40 Restricting SNMP access using A CL, VLAN, or a speci fic IP address constitute the first leve l of defense when the packet arrives at a Dell PowerConnect device. The next le vel uses on e of the following methods: • Community string match In SN[...]
-
Страница 1409
PowerConnect B-Series FCX Configuration Guide 1367 53-1002266-01 Establishing SNMP community strings 40 T o add an en cr ypted community string, enter commands such as the f ollowing. PowerConnect(config)#snmp-server community private rw PowerConnect(config)#write memory Syntax: snmp-server community [ 0 | 1 ] <string> ro | rw [ vie w <vie[...]
-
Страница 1410
1368 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Establishing SNMP community strings 40 The view <viewname> paramet er is optional. It allows y o u to associat e a view t o the members of this community string. Enter up to 32 alphanumeric charact ers. If no view is specified, access to the full MIB is granted. The view that yo[...]
-
Страница 1411
PowerConnect B-Series FCX Configuration Guide 1369 53-1002266-01 Using the user-based security model 40 NOTE If display o f the strings is encr ypted, the strings ar e not display ed. Encr yption is enabled by default. Using the user-based security model SNMP version 3 ( RFC 25 70 through 25 75) introduc es a User -Based Security model (RFC 25 7 4)[...]
-
Страница 1412
1370 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Using the user-based security model 40 Defining the engine id A default engine ID is generat ed during system star t up. T o determine what the default engine ID of the device is, enter the show snmp engineid command and find the follo wing line: Local SNMP Engine ID: 800007c70300e052[...]
-
Страница 1413
PowerConnect B-Series FCX Configuration Guide 1371 53-1002266-01 Using the user-based security model 40 NOTE This command is not used for SNMP version 1 and SNMP version 2. In these version s, gr o ups and group views are created int ernal ly using community strings. (ref er to “Establishing SNMP community strings” on page 1366.) When a com mun[...]
-
Страница 1414
1372 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Using the user-based security model 40 PowerConnect(config)#snmp-s user bob admin v3 access 2 auth md5 bobmd5 priv des bobdes The CLI for creating SNMP v ersion 3 users has been updat ed as follows. Syntax: [ no ] snmp-server user <n ame> <groupname> v3 [[ access <stand[...]
-
Страница 1415
PowerConnect B-Series FCX Configuration Guide 1373 53-1002266-01 Defining SNMP views 40 • If AES is the priv acy prot ocol to be used, ente r aes follo wed by the AES password k ey . F or a small pa sswor d ke y , enter 12 charact ers. For a big passwor d key , enter 1 6 characters. If you include the encrypted ke yword, ent er a password string [...]
-
Страница 1416
1374 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 SNMP version 3 traps 40 Y ou can exclude por tions of the MIB within an inclusion scope. For example, if y ou want to e xclude the snAgentSys objects, which begin with 1.3.6. 1.4.1 .1 99 1.1 . 1.2 object identi fier from the admin view , enter a second command such as the follo wing. [...]
-
Страница 1417
PowerConnect B-Series FCX Configuration Guide 1375 53-1002266-01 SNMP version 3 traps 40 Defining the UDP port for SNMP v3 traps The SNMP host command enhancemen ts allow configuration of notif ications in SMIv2 format, with or without encr yption, in addition to the previously suppor ted SMIv1 trap f orma t. Y ou can define a por t that receives t[...]
-
Страница 1418
1376 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 SNMP version 3 traps 40 Backward compatibility with SMIv1 trap format T h e D e l l P owe r C o n n e c t d ev i c e w i ll c o n t i n u e to s u p p o r t c r e a t i o n o f tr a p s i n S M I v 1 for m a t , a s b e fo r e . T o allow the device to send notifications in SMIv 2 for[...]
-
Страница 1419
PowerConnect B-Series FCX Configuration Guide 1377 53-1002266-01 Displaying SNMP Information 40 Displaying SNMP Information This section lists the commands for viewing SNMP-related information. Displaying the Engine ID T o display the engine ID of a managem ent mo dule, enter a comm and such as the follo wing. PowerConnect#show snmp engineid Local [...]
-
Страница 1420
1378 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Displaying SNMP Information 40 PowerConnect#show snmp group groupname = exceptifgrp security model = v3 security level = authNoPriv ACL id = 2 readview = exceptif writeview = <none> Syntax: show snmp gr oup The value f or security lev el can be one of the f ollowing. Displaying [...]
-
Страница 1421
PowerConnect B-Series FCX Configuration Guide 1379 53-1002266-01 SNMP v3 Configuration examples 40 SNMP v3 Configuration examples The follo wing sections present examples of ho w to configure SNMP v3. Simple SNMP v3 configuration PowerConnect(config)#snmp-s group admingrp v3 priv read all write all notify all PowerConnect(config)#snmp-s user adminu[...]
-
Страница 1422
1380 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 SNMP v3 Configuration examples 40[...]
-
Страница 1423
PowerConnect B-Series FCX Configuration Guide 1381 53-1002266-01 Chapter 41 Using Syslog Ta b l e 2 37 li sts individual Dell PowerConnect switches and the Syslog f e atures they support. This chapter describes ho w to displa y Syslog mess ages and ho w to configure the Syslog f acility , and lists the Syslog messages th at De ll PowerCo n nect de [...]
-
Страница 1424
1382 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Displayi ng Syslog messages 41 • Errors • War n i ng s • Notifications • Informational • Debugging The device writ es the messages to a loc al buf fer . Y ou also can specify the IP address or host name of up to six Syslog servers. When you specify a Syslog server , the Dell[...]
-
Страница 1425
PowerConnect B-Series FCX Configuration Guide 1383 53-1002266-01 Configuring the Syslog service 41 Enabling real-time display of Syslog messages By d e fa ul t , to vi ew S ys l o g m e s sa g e s g e ne r a te d b y a Dell Pow erConnect device, you need t o display the Syslog buffer or the log on a Syslog ser ver used b y the Dell Po werConnect de[...]
-
Страница 1426
1384 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring the Syslog s ervice 41 • Specify a Syslog server . Y ou ca n configure the Dell P owerConnect de vice to use up t o six Syslog servers. (Use of a Syslog server is op tional. The system can ho ld up t o 1 000 Syslog messages in an internal buffer .) • Change the lev el [...]
-
Страница 1427
PowerConnect B-Series FCX Configuration Guide 1385 53-1002266-01 Configuring the Syslog service 41 Static and dynamic buffers T he s oft w ar e pr o vi d es tw o b uff er s : • Static – logs pow er supply failures, fan f a ilures, and temp erature warning or shutdown messages • Dynamic – logs all other mes sage types In the static log, ne w[...]
-
Страница 1428
1386 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring the Syslog s ervice 41 When you clear log entries, you can selectively clea r the static or dynamic buffer , or you can clear both. Fo r example, t o clear only the dynamic buf f er , enter the f ollowing command at the Privileged EXEC lev el. PowerConnect#clear logging dy[...]
-
Страница 1429
PowerConnect B-Series FCX Configuration Guide 1387 53-1002266-01 Configuring the Syslog service 41 Example of Syslog messages on a device wih the onboard clock not set The example sho ws the format of messages on a devi ce where th e onboard syst em clock is not set. Each time stamp shows the amount of time the device had been running when the mess[...]
-
Страница 1430
1388 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring the Syslog s ervice 41 This command enables local Syslog logging with the f ollowing def aults: • Messages of all sev erity levels (E mergencies – Debugging) are logged. • Up t o 50 messages are retained in the local Syslog buffer . • No Syslog ser ver is spec ifie[...]
-
Страница 1431
PowerConnect B-Series FCX Configuration Guide 1389 53-1002266-01 Configuring the Syslog service 41 Changing the number of entr ies the local buffer can hold Y ou also can use the logging buf f ered command to change the number of entries the local Syslog buffer can stor e. For exam ple. PowerConnect(config)#logging buffered 100 PowerConnect(config)[...]
-
Страница 1432
1390 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring the Syslog s ervice 41 • sys1 0 – reser ved f or system use • sys1 1 – reser ved f or system use • sys12 – re ser ved f or system use • sys13 – reserved for syst em use • sys1 4 – reser ved f or system use • cron – cr on/at subsystem • local0 – [...]
-
Страница 1433
PowerConnect B-Series FCX Configuration Guide 1391 53-1002266-01 Syslog messages 41 T o display T CP or UDP por t numbers instead of their names, enter the f ollowing command. PowerConnect(config)#ip show-service-number-in-log Syntax: [ no ] ip show-ser vice-number-in-log Retaining Syslog messages after a soft reboot Y ou can configure the device t[...]
-
Страница 1434
1392 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Syslog messages 41 TA B L E 2 3 9 Syslog messages Message level Message Explanation Aler t <num-modules> modules and 1 po wer supply , need more power sup ply!! Indicat es that the chassis needs more power supplies to run the modules in the chassis. The <num-modules> param[...]
-
Страница 1435
PowerConnect B-Series FCX Configuration Guide 1393 53-1002266-01 Syslog messages 41 Alert Management module at slot <slot-num> state changed fr om <modu le-state> to <module-s tate> . Indicat es a stat e change in a m anagement module. The <slot-num> indicat es the chassis slo t containing the module . The <module-stat e&[...]
-
Страница 1436
1394 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Syslog messages 41 Aler t System: Mod ule in slot <slot-num> encountered unreco verable PCI config read failure. M odule will be deleted. The module encount ered an unrecov erable hardware conf igurat ion read failure. The module will be disabl ed or powered down. Aler t System:[...]
-
Страница 1437
PowerConnect B-Series FCX Configuration Guide 1395 53-1002266-01 Syslog messages 41 Inf ormational IPv6: IPv6 prot ocol enabled on the device from <se ssion-id> IPv6 pro tocol was enabled on the de vice during the speci fied session. Inf ormational MAC Filt er applied to port <port-id> by <usernam e> from <session-id> (filte[...]
-
Страница 1438
1396 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Syslog messages 41 Informational Bridge root changed, vlan <vlan-id> , new root ID <string> , root interface <por tnum> A Spanni ng T ree Protocol (STP) topology change has occurred. The <vlan- id> i s t he ID of th e VL AN in wh ic h the STP topology cha nge o[...]
-
Страница 1439
PowerConnect B-Series FCX Configuration Guide 1397 53-1002266-01 Syslog messages 41 Informational DOT1X : por t <por tnum> - mac <mac address> is unauthorized because syst em resource is not enough or the invalid infor mation to set the dynamic assigne d IP ACLs or MA C address filters 802. 1X authentica tion failed for the Client with [...]
-
Страница 1440
1398 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Syslog messages 41 Informational ER R_DISABLE : Inter face ethernet 16, err-di sable recovery timeout If the w ait time (port is down an d is waiting to come up) expires and t he por t is br ought up the fo llowing message is di splaye d. Inf ormational ERR_DISABLE: Link flaps on port[...]
-
Страница 1441
PowerConnect B-Series FCX Configuration Guide 1399 53-1002266-01 Syslog messages 41 Inf ormational Security: t elnet | SSH logout by <username> from sr c IP <ip-address> , src MA C <mac-a ddress> to USE R | PRIVILEGE EXEC mode The specified user logged out of th e device. The user was using T elnet or SSH to access the de vice fro[...]
-
Страница 1442
1400 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Syslog messages 41 Informational Sy slog ser ver <IP-address> deleted | added | modified from console | t elnet | ssh | web | snmp OR Syslog operation e nabled | disabled from console | telne t | ssh | web | snmp A user made Syslog configurati on changes to the specifi ed Syslog[...]
-
Страница 1443
PowerConnect B-Series FCX Configuration Guide 1401 53-1002266-01 Syslog messages 41 Inf ormational telnet | SSH | w eb access [by <username> ] from sr c IP <source ip address>, sr c MAC <source MAC address> reje cted, <n> attempt s There were failed web, SSH, or T elnet login access atte mpts from the specified source IP and[...]
-
Страница 1444
1402 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Syslog messages 41 Inf ormational vlan <vlan-id> Bridge is R ootBridge <mac-a ddress> (MgmtPriChg) 802. 1W changed the curr ent bridge to be the root bridge o f the given topol ogy due to administrative change in bridge pr iority. Inf ormational vlan <vlan-id> Bridge[...]
-
Страница 1445
PowerConnect B-Series FCX Configuration Guide 1403 53-1002266-01 Syslog messages 41 Notification Authentication Disabled on <por tnum> The multi-de vice por t authentication feature was disabled on the on the specified <portnum> . Notification Authentication Enabled on <portnum> The multi-device port authentication f eature was en[...]
-
Страница 1446
1404 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Syslog messages 41 Notification Local ICMP ex ceeds <burst-max> burst packets , stopping f or <lockup> seconds!! The number of ICMP pack ets exceeds the <burst-max> threshold se t by the ip icmp burst command. The Dell P owerConnect device ma y be the victim of a Den[...]
-
Страница 1447
PowerConnect B-Series FCX Configuration Guide 1405 53-1002266-01 Syslog messages 41 Notification OSPF inter face stat e changed, rid <rout er-id> , intf addr <ip-addr> , state <ospf-state> Indicat es that the state of an OSPF interface has changed. The <router -id> is the router ID of the De ll Po werConnect device. The <[...]
-
Страница 1448
1406 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Syslog messages 41 Notification OSPF intf config error , rid <router -id> , intf addr <ip-addr> , pkt src addr <src-ip-addr> , error type <error-type> , pkt type <pkt-type> Indicat es that an OSPF inter face configuration error has occurred. The <route[...]
-
Страница 1449
PowerConnect B-Series FCX Configuration Guide 1407 53-1002266-01 Syslog messages 41 Notification OSPF intf rcvd bad pkt: Bad Chec ksum, rid <ip-addr> , intf add r <ip-addr> , pkt size <num> , che cksum <num> , pkt src addr <ip-addr> , pkt type <type> The device receiv ed an OSPF packet that had an invalid checksu[...]
-
Страница 1450
1408 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Syslog messages 41 Notification OSPF intf retransmit, r id <router -id> , intf addr <ip-addr> , nbr rid <nbr -router -id>, pkt type is <pkt-type> , LSA type <lsa-ty pe> , LSA id <lsa-id > , LSA rid <lsa-rout er-id> An OSPF inter face on the D [...]
-
Страница 1451
PowerConnect B-Series FCX Configuration Guide 1409 53-1002266-01 Syslog messages 41 Notification OSPF nbr state changed, rid <rout er-id> , nbr addr <ip-addr> , nbr rid <nbr-r outer -Id>, state <ospf- stat e> Indicat es that the state of an OSPF neighbor h as changed. The <router -id> is the router ID of the De ll Po w[...]
-
Страница 1452
1410 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Syslog messages 41 Notification OSPF vir tual intf authen fai lure, rid <rout er-id> , intf addr <ip-addr> , pkt src addr <sr c-ip-addr>, error type <error-type> , pkt typ e <pkt-type> Indicat es that an OSPF vir tual r outing interface authenticatio n fa[...]
-
Страница 1453
PowerConnect B-Series FCX Configuration Guide 1411 53-1002266-01 Syslog messages 41 Notification OSPF vir tual intf config erro r , rid <rout er-id> , intf addr <ip-addr> , pkt src addr <sr c-ip-addr>, error type <error-type> , pkt typ e <pkt-type> Indicat es that an OSPF vir tual r outing interface configuration err o[...]
-
Страница 1454
1412 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Syslog messages 41 Notification OSPF vir tual intf retransmit, rid <r outer-id> , intf addr <ip-addr> , nbr rid <nbr -router -id>, pkt type is <pkt-type> , LSA type <lsa-ty pe> , LSA id <lsa-id > , LSA rid <lsa-router-id> An OSPF inter face on[...]
-
Страница 1455
PowerConnect B-Series FCX Configuration Guide 1413 53-1002266-01 Syslog messages 41 Notification OSPF vir tua l nbr state changed, rid <rout er-id> , nbr addr <ip-a d dr> , nbr rid <nbr-r outer -id>, state <ospf-s tate> Indicat es that the state of an OSPF virtual neighbor h as changed. The <router -id> is the router I[...]
-
Страница 1456
1414 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Syslog messages 41 Notification V RRP intf stat e changed, intf <portnum> , vrid <vir tual-router-id>, state <vrrp-state> A state change has occurred in a Virtual Router Redundancy Protocol (VRRP) interface. The <portnum> is the por t. The <virtual-rout er-i[...]
-
Страница 1457
PowerConnect B-Series FCX Configuration Guide 1415 53-1002266-01 Syslog messages 41 War n in g li s t <ACL -num> denied <ip-proto> <src-ip-addr> (<src-tcp/ud p-por t>) (Ethernet <por tnum> <mac-addr> ) -> <dst-ip-addr> (<dst -tcp/udp-por t>), 1 ev ent(s) Indicates that an A ccess Control List (ACL)[...]
-
Страница 1458
1416 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Syslog messages 41 Warning N o global IP! cannot se nd IGMP msg. The device is config ured for ip multicast active but th er e i s n o c o nf ig ur ed IP ad dr es s and the device can not send out IGMP queries. War ning No of prefixes received fr om BGP peer <ip-addr> ex ceeds w[...]
-
Страница 1459
PowerConnect B-Series FCX Configuration Guide 1417 53-1002266-01 Appendix A Network Monitoring Ta b l e 24 0 lists the individual Dell Pow erConnect swit ches and the netw ork monitoring features they support. Basic management The following sections contain procedur es f or basic sys tem management tasks. Viewing system information Y ou can access [...]
-
Страница 1460
1418 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Basic manageme nt A The follo wing hardware details are list ed in the output of the show version co mmand: • Chassis type • PROM type (if applicable) • Chassis serial number • Management and int er f ace module serial numbers and ASIC types For a description of the sof tware [...]
-
Страница 1461
PowerConnect B-Series FCX Configuration Guide 1419 53-1002266-01 Basic manageme nt A T o determine the available show c ommands for the syste m or a specific level of the CLI, enter the following command. PowerConnect#show ? Syntax: show <option> Y ou also can enter “show” at the c ommand prompt, then press the T AB ke y . Viewing port st[...]
-
Страница 1462
1420 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Basic manageme nt A Link T he link state. State T he S TP state. Dupl The mode (full-duplex or half-duplex). Speed The por t speed (1 0M, 100M, or 1 000M). T runk The trun k group number , if the por t is a member of a trunk group. T ag Whether the por t is a tagge d member o f a VLAN[...]
-
Страница 1463
PowerConnect B-Series FCX Configuration Guide 1421 53-1002266-01 Basic manageme nt A Viewing STP statistics Y ou can view a summar y of STP statistics f or Laye r 2 Switches and La yer 3 Switches. S TP statistics are by def ault polled ev er y 10 seconds. T o view spanning tree statistics, enter the show span command. T o view S TP statistics for a[...]
-
Страница 1464
1422 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Basic manageme nt A Viewing egress queue counters on Po werConnect B-Series FCX devices The show int er face command displays the number of packets on a port that were queued f or each QoS priority (traff ic class) an d dropped bec ause of congestion. NOTE These counters do no t inclu[...]
-
Страница 1465
PowerConnect B-Series FCX Configuration Guide 1423 53-1002266-01 RMON su pport A Clearing the egress queue counters Y ou can clear egress queue statistics (reset them to zero), using the clear statistics and clear statistics ethernet < por t > command. Syntax: clear statistics [ ethernet < port >] Specify the <por t> variable in t[...]
-
Страница 1466
1424 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 RMON support A Statistics (RMON group 1) Count inf ormation on multicas t and br oa dcast packets, to tal packets sent, under sized and ov er sized packets, CRC alignment errors, jabbers, collision, fragments and dropped e vents is collecte d for each port on a Lay er 2 Switch or Lay [...]
-
Страница 1467
PowerConnect B-Series FCX Configuration Guide 1425 53-1002266-01 RMON su pport A Multicast pkts The total number of good pack ets received that wer e directed to a multicast address. This number does not include pack ets directed t o the broadcas t address. CRC alignment err ors The to tal number of packets receiv ed that were from 64 – 15 18 oct[...]
-
Страница 1468
1426 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 RMON support A History (RMON group 2) All active por ts by default will generat e two hist ory control data entries per activ e Lay er 2 Switch por t or Lay er 3 Switch inter face. An active port is defined as one with a link up. If the link goes down the tw o entries are automaticall[...]
-
Страница 1469
PowerConnect B-Series FCX Configuration Guide 1427 53-1002266-01 sFlow A PowerConnect(config)#rmon event 1 description ‘testing a longer string’ log-and-trap public owner nyc02 Syntax: rmon ev ent <event-e ntr y> description <text-s tring> log | trap | log-and-trap owner <rmon-station> sFlow NOTE Po werConnect device s suppor [...]
-
Страница 1470
1428 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 sFlow A The configuration procedures for sFlow v ersio n 5 ar e the same as f or sFlow v ersion 2, ex cept where explicitly not ed. Conf iguration procedures for sFlo w are in the sectio n “Configuring and enabling sFlow” on page 1 430. The features and CLI commands that are speci[...]
-
Страница 1471
PowerConnect B-Series FCX Configuration Guide 1429 53-1002266-01 sFlow A Configuration considerations This section lists the sFlow configu ration considerations on Dell PowerConnect de vices. Po werConnect B-Series FC X devices, y ou can use QoS queue 1 for priority traffic, ev en when sFlow is enabled on the port. • If an Pow erConnect B-Series [...]
-
Страница 1472
1430 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 sFlow A NOTE If an IP address is not already configured when y ou enable sFlow , the feature uses the source address 0.0.0.0. T o display the agent_address, enable sFlow , then enter the sho w sflow command. Refe r to “Enabling sFlo w forwarding” on page 14 35 and “Displaying sF[...]
-
Страница 1473
PowerConnect B-Series FCX Configuration Guide 1431 53-1002266-01 sFlow A Specifying the collector sFlow e xpor ts traf fic statistics to an ex ternal collect or . Y ou can specify up to four collect ors. Y ou can specify more than one collector with the same IP address if the UDP port numbers are unique. Y ou can hav e up to four unique combination[...]
-
Страница 1474
1432 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 sFlow A The default polling interval is 20 seco nds. Y ou ca n change the int er val to a value fr om 1 to any higher value. The interval value applies to all inte r faces on which sFlo w is enabled. If you set the po lli ng in ter va l to 0, co un ter d at a s amp li ng is d is ab le[...]
-
Страница 1475
PowerConnect B-Series FCX Configuration Guide 1433 53-1002266-01 sFlow A While different por ts on a module may be config ured to ha ve different sampling rat es, the hardware f or the module will be programmed t o take samples at a single rate (the module sampling rate). The module sampling rat e will be the high est sampli ng rate (i.e. lowest nu[...]
-
Страница 1476
1434 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 sFlow A • 209 7 152 • 8388608 • 33554432 • 13421 7728 • 5368 709 12 • 2 14 7 483648 For e xample, if the configured sampling rate is 1 000, then the actual rate is 2048 and 1 in 2048 packets are sampled by the hardw are. Changing the sampling rat e of a module Y ou cannot [...]
-
Страница 1477
PowerConnect B-Series FCX Configuration Guide 1435 53-1002266-01 sFlow A Enabling sFlow forwarding sFlow ex por t s data only for the int er faces on wh ich you enable sFlow f or warding. Y ou can enable sFlow forwarding on Ethernet interfaces . T o enable sFlow f or war ding,per form the f ollowing: • Globally enable the sFlow f eature • Enabl[...]
-
Страница 1478
1436 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 sFlow A NOTE When you enable sFlow f or war ding on a trunk por t, only the primar y por t of the trunk group f orwards sFlow samples. T o enable sFlow f or war ding on a trunk po r t, e nter commands s uch as the following. PowerConnect(config)#sflow enable PowerConnect(config)#trunk[...]
-
Страница 1479
PowerConnect B-Series FCX Configuration Guide 1437 53-1002266-01 sFlow A Specifying the sFlo w agent IP address The sampled sFlow data sent to the collectors includ es an agent_address field. This field identifies the device (the sFlo w agent) that sent the data. By default, the de vice automatically selects the sFlow agent IP address based on the [...]
-
Страница 1480
1438 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 sFlow A Exporting CPU and memo ry usage information to the sFlow collector With sFlow verion 5, you can optionally c onfigure the sFlow agent on the Dell Pow erConnect device to e xpor t inf o rmation about CPU and me mor y usage to the sFlow collector . T o expor t CPU usage and memo[...]
-
Страница 1481
PowerConnect B-Series FCX Configuration Guide 1439 53-1002266-01 sFlow A Syntax: [ no ] sflow export cpu-traf fic <rate> The default sam pling rate depends on the Dell P owerConnect de vice being configured. Re fer t o “Changing the sampling rate” on page 1 432 for the def ault sampling rate f or each kind of Dell Pow erCon nect device. D[...]
-
Страница 1482
1440 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 sFlow A PowerConnect#show sflow sFlow version:5 sFlow services are enabled. sFlow agent IP address: 123.123.123.1 4 collector destinations configured: Collector IP 192.168.4.204, UDP 6343 Collector IP 192.168.4.200, UDP 6333 Collector IP 192.168.4.202, UDP 6355 Collector IP 192.168.4.[...]
-
Страница 1483
PowerConnect B-Series FCX Configuration Guide 1441 53-1002266-01 sFlow A Syntax: show sflow This command shows the following inf ormation. TA B L E 24 4 sFlow information This field... Displays... sFlow v ersion The version of sFlo w enabled on the device, which can be one of the fol l ow i ng : • 2 • 5 sFlow services The feature s tate, which [...]
-
Страница 1484
1442 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring a utilization list for an uplink port A Clearing sFlow statistics T o clear the UDP packet and sF low sample counters in th e show sflow displa y, ent er the following command. PowerConnect#clear statistics Syntax: clear statistics This command clears the values in the fol[...]
-
Страница 1485
PowerConnect B-Series FCX Configuration Guide 1443 53-1002266-01 Configuring a utilization list for an uplink port A • One or more uplink por ts • One or more downlink por ts Each list displays the uplink port and the percenta ge of that por t bandwidth that was utilized by the downlink ports over the most recent 30-second int er val. Y ou can [...]
-
Страница 1486
1444 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Configuring a utilization list for an uplink port A NOTE The example abov e represe nts a pure configura tion in which traf fic is exchanged only by ports 1/2 and 1/1, and b y por ts 1/3 and 1/1. F or this reason, the percentages f or the two do wnlink por ts equal 1 00%. In some case[...]
-
Страница 1487
PowerConnect B-Series FCX Configuration Guide 1445 53-1002266-01 Appendix B Software Specifications IEEE compliance Dell Po werConnect devices suppo r t the f ollowing standards. RFC support The f ollowing table lists the RFCs supported by Dell P owerConnect de vices. TA B L E 24 5 IEEE compliance Standard Description PowerConnect B-Series FCX 802.[...]
-
Страница 1488
1446 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 RFC support B NOTE Some device s suppor t only a subset of the RFCs . For e xample, Lay er 2 Switches do not suppor t rout er- specific RFCs. For a list o f features supported on y our device, ref er to the data she et or the soft ware release not es for the v er sion of software runn[...]
-
Страница 1489
PowerConnect B-Series FCX Configuration Guide 1447 53-1002266-01 RFC support B 12 12 Concise MIB Definitions Y es 12 13 MI B II Definition s Y es 12 15 SNMP generic traps Y es 1256 ICMP Router Discovery Protocol (IRDP) Y e s 1267 Border Gatew ay Prot ocol version 3 Y es 1269 Definitions of Managed Objects for the Border Gatewa y Protocol: Version 3[...]
-
Страница 1490
1448 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 RFC support B 1850 OSPF T raps Y es 1850 OSPF version 2 MIB Y es 1905 Protocol Operations f or version 2 of the Simple Netw ork Management Prot ocol (SNMPv2) Ye s 1906 T ranspor t Mappings for v ersion 2 of the Simple Netw ork Management Prot ocol (SNMPv2) Ye s 1965 Autonomous Syst em[...]
-
Страница 1491
PowerConnect B-Series FCX Configuration Guide 1449 53-1002266-01 RFC support B 2336 IGMP version 2 Y es 2338 Vir tual Router R edundancy Protocol (VRRP) Ye s 2362 IP Multicast PIM Spar se Y es 23 70 The OSPF Opaque LSA Option Y es 2385 TCP MD5 Signature Option (for BGP4) Y es 2 439 BG P Route Flap Dampen ing Y es 2 482 Language T agging in Unicode [...]
-
Страница 1492
1450 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 RFC support B 2866 RADIUS Accounting Y es 2869 RADIUS Extensions Y es 2889 Benchmarking Methodology for LAN Switching Devices Ye s 2918 Rou te Re f re sh Ca p ab il it y fo r B GP 4 Y e s 2932 IPv4 Multicast Routing MIB Y es 2933 Internet Group Management Pr otocol MIB Y es 2934 Proto[...]
-
Страница 1493
PowerConnect B-Series FCX Configuration Guide 1451 53-1002266-01 RFC support B 4252 The Secure Shell (SSH) Authentication Prot ocol Ye s 4253 The Secure Shell (SSH) T ranspor t Prot ocol Y es 4254 The Secure Shell (SSH) Connection Prot ocol Ye s 4330 Simple Network Time Prot ocol (SNTP) ver s io n 4 Ye s Authentication , Authorization , and Account[...]
-
Страница 1494
1452 PowerConnect B-Series FCX Configuration Guide 53-1002266-01 Internet drafts B Internet drafts In addit ion to the RFCs listed in “RFC suppor t” on page 1 4 45, Dell PowerC onnect devices support the fo llowing Internet drafts: • ietf-idmr -dvmrp version 3.05, obsolet es RFC 1 0 75 • draft-ietf-magma-igmp-pr oxy .txt • draft-ietf-pim-[...]