Page 1
Dell PowerConnect
8024, 8024F, 8132, 8132F, 8164,
and 8164F Switch
User’s Configuration
Guide
Regulatory Models: PC8024, PC8024F,
PC8132, PC8132F, PC8164, PC8164F
Page 2
Notes and Cautions
NOTE: A NOTE indicates important information that helps you make better use of
your computer.
CAUTION: A CAUTION indicates potential damage to hardware or loss of data if
instructions are not followed.
____________
Information in this publication is subject to change without notice.
© 2012 Dell Inc. All rights reserved.
Reproduction of these materials in any manner whatsoever without the written permission of Dell Inc.
is strictly forbidden.
Trademarks used in this text: Dell™, the DELL logo, EqualLogic™, PowerConnect™, and
OpenManage™ are trademarks of Dell Inc. Microsoft
and Windows Vista
United States and/or other countries. sFlow
is a registered trademark of Cisco Systems. Mozilla
Mozilla Foundation.
Other trademarks and trade names may be used in this publication to refer to either the entities claiming
the marks and names or their products. Dell Inc. disclaims any proprietary interest in trademarks and
trade names other than its own.
®
are either trademarks or registered trademarks of Microsoft Corporation in the
®
is a registered trademark of InMon Corporation. Cisco®
®
, Windows®, Windows Server®, MS-DOS®,
®
and Firefox® are registered trademarks of the
Regulatory Models: PC8024, PC8024F, PC8132, PC8132F, PC8164, PC8164F
June 2012 Rev. A03
Page 3
Contents
1 Introduction . . . . . . . . . . . . . . . . . . . . . . . 49
About This Document . . . . . . . . . . . . . . . . . . 49
Audience . . . . . . . . . . . . . . . . . . . . . . . . . 50
Document Conventions . . . . . . . . . . . . . . . . . 50
Additional Documentation
. . . . . . . . . . . . . . . . 51
2 Switch Features . . . . . . . . . . . . . . . . . . . 53
System Management Features . . . . . . . . . . . . . 54
Multiple Management Options
System Time Management . . . . . . . . . . . . . 54
Log Messages
Integrated DHCP Server . . . . . . . . . . . . . . 55
Management of Basic Network Information. . . . 55
IPv6 Management Features . . . . . . . . . . . . 55
Dual Software Images . . . . . . . . . . . . . . . 55
File Management
Switch Database Management Templates. . . . . 56
Automatic Installation of Firmware and
Configuration
sFlow . . . . . . . . . . . . . . . . . . . . . . . . 57
SNMP Alarms and Trap Logs . . . . . . . . . . . . 57
CDP Interoperability through ISDP
Remote Monitoring (RMON) . . . . . . . . . . . . 57
Stacking Features . . . . . . . . . . . . . . . . . . . . 58
High Port Count
. . . . . . . . . . . . . . . . . . . 54
. . . . . . . . . . . . . . . . . . 56
. . . . . . . . . . . . . . . . . . . . 56
. . . . . . . . . . . . . . . . . . . 58
. . . . . . . . . . . 54
. . . . . . . . . 57
Contents 3
Page 4
Single IP Management . . . . . . . . . . . . . . . 58
Automatic Firmware Update for New Stack M
. . . . . . . . . . . . . . . . . . . . . . . 58
embers
Master Failover with Transparent Transition
Nonstop Forwarding on the Stack
. . . . . . . . . 59
. . . . 59
Hot Add/Delete and Firmware
Synchronization
. . . . . . . . . . . . . . . . . . . 59
Security Features . . . . . . . . . . . . . . . . . . . . 59
Configurable Access and Authentication
. . . . . . . . . . . . . . . . . . . . . . . 59
Profiles
Password-Protected Management Access . . . . 60
Strong Password Enforcement
. . . . . . . . . . . 60
TACACS+ Client . . . . . . . . . . . . . . . . . . . 60
RADIUS Support . . . . . . . . . . . . . . . . . . 60
SSH/SSL
. . . . . . . . . . . . . . . . . . . . . . . 61
Inbound Telnet Control . . . . . . . . . . . . . . . 61
Denial of Service . . . . . . . . . . . . . . . . . . 61
Port Protection
. . . . . . . . . . . . . . . . . . . 61
Captive Portal . . . . . . . . . . . . . . . . . . . . 62
Dot1x Authentication (IEEE 802.1X) . . . . . . . . . 62
MAC-Based 802.1X Authentication
. . . . . . . . . 62
Dot1x Monitor Mode . . . . . . . . . . . . . . . . 63
MAC-Based Port Security . . . . . . . . . . . . . 63
Access Control Lists (ACL)
. . . . . . . . . . . . . 63
Time-Based ACLs . . . . . . . . . . . . . . . . . . 64
IP Source Guard (IPSG)
DHCP Snooping
. . . . . . . . . . . . . . . 64
. . . . . . . . . . . . . . . . . . . 64
Dynamic ARP Inspection . . . . . . . . . . . . . . 64
Protected Ports (Private VLAN Edge). . . . . . . . 65
4 Contents
Switching Features . . . . . . . . . . . . . . . . . . . 65
Flow Control Support (IEEE 802.3x)
. . . . . . . . . 65
Head of Line Blocking Prevention . . . . . . . . . 65
Alternate Store and Forward (ASF)
. . . . . . . . . 65
Page 5
Jumbo Frames Support . . . . . . . . . . . . . . . 66
Auto-MDI/MDIX Support . . . . . . . . . . . . . . 66
VLAN-Aware MAC-based Switching. . . . . . . . 66
Back Pressure Support
. . . . . . . . . . . . . . . 66
Auto Negotiation . . . . . . . . . . . . . . . . . . 67
Broadcast Storm Control . . . . . . . . . . . . . . 67
Port Mirroring
. . . . . . . . . . . . . . . . . . . . 67
Static and Dynamic MAC Address Tables . . . . . 68
Link Layer Discovery Protocol (LLDP) . . . . . . . 68
Link Layer Discovery Protocol (LLDP) for
Media Endpoint Devices
. . . . . . . . . . . . . . 68
Priority-based Flow Control (PFC) . . . . . . . . . 68
Data Center Bridging Exchange (DBCx)
Protocol
. . . . . . . . . . . . . . . . . . . . . . . 69
Enhanced Transmission Selection . . . . . . . . . 69
Fibre Channel over Ethernet (FCoE)
Initialization Protocol Snooping
. . . . . . . . . . 69
Cisco Protocol Filtering . . . . . . . . . . . . . . . 70
DHCP Layer 2 Relay
. . . . . . . . . . . . . . . . . 70
Virtual Local Area Network Supported Features
VLAN Support
Port-Based VLANs
. . . . . . . . . . . . . . . . . . . . 70
. . . . . . . . . . . . . . . . . 70
. . . . 70
IP Subnet-based VLAN . . . . . . . . . . . . . . . 71
MAC-based VLAN . . . . . . . . . . . . . . . . . 71
IEEE 802.1v Protocol-Based VLANs
. . . . . . . . 71
GARP and GVRP Support . . . . . . . . . . . . . . 71
Voice VLAN . . . . . . . . . . . . . . . . . . . . . 71
Guest VLAN
. . . . . . . . . . . . . . . . . . . . . 72
Double VLANs . . . . . . . . . . . . . . . . . . . 72
Spanning Tree Protocol Features . . . . . . . . . . . . 73
Spanning Tree Protocol (STP)
. . . . . . . . . . . 73
Spanning Tree Port Settings . . . . . . . . . . . . 73
Rapid Spanning Tree . . . . . . . . . . . . . . . . 73
Contents 5
Page 6
Multiple Spanning Tree . . . . . . . . . . . . . . . 73
Bridge Protocol Data Unit (BPDU) Guard. . . . . . 74
BPDU Filtering . . . . . . . . . . . . . . . . . . . 74
Link Aggregation Features
Link Aggregation
Link Aggregate Control Protocol (LACP)
Routing Features
. . . . . . . . . . . . . . . . . . . . . 76
. . . . . . . . . . . . . . . . 74
. . . . . . . . . . . . . . . . . . 74
. . . . . . 74
Address Resolution Protocol (ARP) Table
Management . . . . . . . . . . . . . . . . . . . . 76
VLAN Routing . . . . . . . . . . . . . . . . . . . . 76
IP Configuration . . . . . . . . . . . . . . . . . . . 76
Open Shortest Path First (OSPF)
. . . . . . . . . . 76
BOOTP/DHCP Relay Agent . . . . . . . . . . . . . 77
IP Helper and UDP Relay . . . . . . . . . . . . . . 77
Routing Information Protocol . . . . . . . . . . . . 77
Router Discovery . . . . . . . . . . . . . . . . . . 77
Routing Table
. . . . . . . . . . . . . . . . . . . . 77
Virtual Router Redundancy Protocol (VRRP) . . . . 78
Tunnel and Loopback Interfaces . . . . . . . . . . 78
IPv6 Routing Features . . . . . . . . . . . . . . . . . . 78
IPv6 Configuration
. . . . . . . . . . . . . . . . . 78
IPv6 Routes . . . . . . . . . . . . . . . . . . . . . 79
. . . . . . . . . . . . . . . . . . . . . . . 79
OSPFv3
DHCPv6 . . . . . . . . . . . . . . . . . . . . . . . 79
6 Contents
Quality of Service (QoS) Features . . . . . . . . . . . . 80
Differentiated Services (DiffServ)
. . . . . . . . . 80
Class Of Service (CoS) . . . . . . . . . . . . . . . 80
Auto Voice over IP (VoIP) . . . . . . . . . . . . . . 80
Internet Small Computer System Interface
(iSCSI) Optimization
. . . . . . . . . . . . . . . . . 81
Page 7
Layer 2 Multicast Features . . . . . . . . . . . . . . . 81
MAC Multicast Support
. . . . . . . . . . . . . . . 81
IGMP Snooping . . . . . . . . . . . . . . . . . . . 81
IGMP Snooping Querier . . . . . . . . . . . . . . 82
MLD Snooping
. . . . . . . . . . . . . . . . . . . 82
Multicast VLAN Registration . . . . . . . . . . . . 82
Layer 3 Multicast Features . . . . . . . . . . . . . . . 83
Distance Vector Multicast Routing Protocol
. . . . 83
Internet Group Management Protocol . . . . . . . 83
IGMP Proxy . . . . . . . . . . . . . . . . . . . . . 83
Protocol Independent Multicast—
Dense Mode
. . . . . . . . . . . . . . . . . . . . 83
Protocol Independent Multicast—
Sparse Mode
. . . . . . . . . . . . . . . . . . . . 84
Protocol Independent Multicast—Source
Specific Multicast
Protocol Independent Multicast IPv6 Support
. . . . . . . . . . . . . . . . . 84
. . . 84
MLD/MLDv2 (RFC2710/RFC3810) . . . . . . . . . . 84
3 Hardware Overview. . . . . . . . . . . . . . . . . 85
PowerConnect 8000-series and 8100-series
Front Panel
. . . . . . . . . . . . . . . . . . . . . . . . 85
PowerConnect 8024 Front Panel
PowerConnect 8024F Front Panel
PowerConnect 8132 Front Panel
. . . . . . . . . . 85
. . . . . . . . . 86
. . . . . . . . . . 87
PowerConnect 8132F Front Panel . . . . . . . . . 87
PowerConnect 8164 Front Panel . . . . . . . . . . 88
PowerConnect 8164F Front Panel
. . . . . . . . . 89
Hot-Pluggable Interface Modules . . . . . . . . . 90
USB Port (Power Connect 8100-series
switches only)
. . . . . . . . . . . . . . . . . . . 92
Port and System LEDs . . . . . . . . . . . . . . . 92
Contents 7
Page 8
PowerConnect 8000-series and 8100-series
Back Panel
. . . . . . . . . . . . . . . . . . . . . . . . 92
Console Port
. . . . . . . . . . . . . . . . . . . . 93
Out-of-Band Management Port. . . . . . . . . . . 93
Power Supplies
. . . . . . . . . . . . . . . . . . . 93
Ventilation System . . . . . . . . . . . . . . . . . 94
LED Definitions. . . . . . . . . . . . . . . . . . . . . . 95
Port LEDs
. . . . . . . . . . . . . . . . . . . . . . 95
System LEDs . . . . . . . . . . . . . . . . . . . . 96
Switch Addresses . . . . . . . . . . . . . . . . . . . . 97
4 Using Dell OpenManage Switch
Administrator . . . . . . . . . . . . . . . . . . . . 101
About Dell OpenManage Switch Administrator. . . . 101
5 Using the Command-Line Interface . . . . 107
8 Contents
Starting the Application
. . . . . . . . . . . . . . . . 102
Understanding the Interface . . . . . . . . . . . . . . 103
Defining Fields . . . . . . . . . . . . . . . . . . . . . 105
Understanding the Device View
Using the Device View Port Features
. . . . . . . . . . . . 106
. . . . . . . 106
Accessing the Switch Through the CLI . . . . . . . . 107
Console Connection
. . . . . . . . . . . . . . . . 107
Telnet Connection. . . . . . . . . . . . . . . . . 108
Page 9
Understanding Command Modes . . . . . . . . . . . . 109
Entering CLI Commands
Using the Question Mark to Get Help
Using Command Completion
. . . . . . . . . . . . . . . . . 111
. . . . . . . 111
. . . . . . . . . . . . 112
Entering Abbreviated Commands . . . . . . . . . 112
Negating Commands . . . . . . . . . . . . . . . . 112
Understanding Error Messages
. . . . . . . . . . 113
Recalling Commands from the History Buffer . . . 113
6 Default Settings. . . . . . . . . . . . . . . . . . . 115
7 Setting the IP Address and Other
Basic Network Information . . . . . . . . . . 119
IP Address and Network Information Overview . . . . 119
What Is the Basic Network Information?
Why Is Basic Network Information Needed? . . . 120
How Is Basic Network Information
Configured?
. . . . . . . . . . . . . . . . . . . . . 121
What Is Out-of-Band Management and
In-Band Management?
. . . . . . . . . . . . . . . 121
. . . . . 119
Default Network Information
. . . . . . . . . . . . . . 123
Configuring Basic Network Information (Web) . . . . . 124
Out-of-Band Interface
. . . . . . . . . . . . . . . 124
IP Interface Configuration (Default VLAN
IP Address)
. . . . . . . . . . . . . . . . . . . . . 125
Route Entry Configuration (Switch Default
Gateway)
Domain Name Server
Default Domain Name
. . . . . . . . . . . . . . . . . . . . . . 126
. . . . . . . . . . . . . . . . 128
. . . . . . . . . . . . . . . 129
Host Name Mapping . . . . . . . . . . . . . . . . 130
Contents 9
Page 10
Dynamic Host Name Mapping . . . . . . . . . . 131
Configuring Basic Network Information (CLI)
Enabling the DHCP Client on the OOB Port
. . . . . 132
. . . . 132
Enabling the DHCP Client on the Default
. . . . . . . . . . . . . . . . . . . . . . . 132
VLAN
Managing DHCP Leases . . . . . . . . . . . . . 133
Configuring Static Network Information on the
OOB Port
. . . . . . . . . . . . . . . . . . . . . 134
Configuring Static Network Information on the
Default VLAN
. . . . . . . . . . . . . . . . . . . 134
Configuring and Viewing Additional Network
Information
. . . . . . . . . . . . . . . . . . . . 135
Basic Network Information Configuration
Example
. . . . . . . . . . . . . . . . . . . . . . . . 136
8 Managing QSFP Ports . . . . . . . . . . . . . . 139
9 Managing a Switch Stack . . . . . . . . . . . 141
Stacking Overview . . . . . . . . . . . . . . . . . . . 141
Creating a PowerConnect 8000/8100 Series
Stack . . . . . . . . . . . . . . . . . . . . . . . 142
How is the Stack Master Selected? . . . . . . . 144
Adding a Switch to the Stack
Removing a Switch from the Stack
How is the Firmware Updated on the Stack? . . . 147
What is Stacking Standby? . . . . . . . . . . . . 147
What is Nonstop Forwarding?
Switch Stack MAC Addressing and Stack
Design Considerations
NSF Network Design Considerations
Why is Stacking Needed? . . . . . . . . . . . . 151
. . . . . . . . . . . 145
. . . . . . . . 146
. . . . . . . . . . 147
. . . . . . . . . . . . . . 150
. . . . . . . 151
10 Contents
Page 11
Default Stacking Values . . . . . . . . . . . . . . . . . 152
Managing and Monitoring the Stack (Web)
Unit Configuration
Stack Summary
. . . . . . . . . . . . . . . . . 153
. . . . . . . . . . . . . . . . . . . 155
. . . . . . . 153
Stack Firmware Synchronization . . . . . . . . . . 156
Supported Switches . . . . . . . . . . . . . . . . 157
Stack Port Summary
. . . . . . . . . . . . . . . . 158
Stack Port Counters . . . . . . . . . . . . . . . . 159
Stack Port Diagnostics . . . . . . . . . . . . . . . 159
NSF Summary
. . . . . . . . . . . . . . . . . . . . 160
Checkpoint Statistics . . . . . . . . . . . . . . . . 161
Managing the Stack (CLI) . . . . . . . . . . . . . . . . 162
Configuring Stack Member, Stack Port, and
NSF Settings
. . . . . . . . . . . . . . . . . . . . 162
Viewing and Clearing Stacking and NSF
Information
Stacking and NSF Usage Scenarios
Basic Failover
Preconfiguring a Stack Member
. . . . . . . . . . . . . . . . . . . . . 164
. . . . . . . . . . . 164
. . . . . . . . . . . . . . . . . . . . 166
. . . . . . . . . . 168
NSF in the Data Center . . . . . . . . . . . . . . . 170
NSF and VoIP . . . . . . . . . . . . . . . . . . . . 171
NSF and DHCP Snooping
. . . . . . . . . . . . . . 172
NSF and the Storage Access Network . . . . . . . 173
NSF and Routed Access
. . . . . . . . . . . . . . 175
10 Configuring Authentication,
Authorization, and Accounting . . . . . . . 177
AAA Overview . . . . . . . . . . . . . . . . . . . . . . 177
Methods
Access Lines
. . . . . . . . . . . . . . . . . . . . . . 178
. . . . . . . . . . . . . . . . . . . . 179
Contents 11
Page 12
Authentication . . . . . . . . . . . . . . . . . . . . . 179
Authorization
Exec Authorization Capabilities
. . . . . . . . . . . . . . . . . . . . . . 180
. . . . . . . . . . 181
Accounting . . . . . . . . . . . . . . . . . . . . . . . 182
Authentication Examples . . . . . . . . . . . . . . . 183
Local Authentication Example
. . . . . . . . . . 183
TACACS+ Authentication Example . . . . . . . . 184
RADIUS Authentication Example . . . . . . . . . 186
Authorization Examples . . . . . . . . . . . . . . . . 187
Local Authorization Example—Direct Login
to Privileged EXEC Mode
. . . . . . . . . . . . . 187
TACACS+ Authorization Example—Direct
Login to Privileged EXEC Mode
. . . . . . . . . . 187
TACACS+ Authorization Example—
Administrative Profiles
. . . . . . . . . . . . . . 188
TACACS+ Authorization Example—Custom
Administrative Profile
. . . . . . . . . . . . . . . 189
TACACS+ Authorization Example—
Per-command Authorization
. . . . . . . . . . . 190
RADIUS Authorization Example—Direct Login
to Privileged EXEC Mode
. . . . . . . . . . . . . 191
RADIUS Authorization Example—
Administrative Profiles
. . . . . . . . . . . . . . 191
12 Contents
Using RADIUS Servers to Control Management
. . . . . . . . . . . . . . . . . . . . . . . . . 192
Access
How Does RADIUS Control Management
Access?
. . . . . . . . . . . . . . . . . . . . . . 192
Which RADIUS Attributes Does the Switch
Support?
. . . . . . . . . . . . . . . . . . . . . . 194
How Are RADIUS Attributes Processed on
the Switch?
. . . . . . . . . . . . . . . . . . . . 196
Page 13
Using TACACS+ Servers to Control Management
. . . . . . . . . . . . . . . . . . . . . . . . . . 197
Access
Which TACACS+ Attributes Does the Switch
Support?
. . . . . . . . . . . . . . . . . . . . . . 198
Default Configurations. . . . . . . . . . . . . . . . . . 199
Method Lists
. . . . . . . . . . . . . . . . . . . . 199
Access Lines (AAA) . . . . . . . . . . . . . . . . 199
Access Lines (Non-AAA)
. . . . . . . . . . . . . . 200
Administrative Profiles . . . . . . . . . . . . . . . 200
11 Monitoring and Logging System
Information . . . . . . . . . . . . . . . . . . . . . . 203
System Monitoring Overview . . . . . . . . . . . . . . 203
What System Information Is Monitored?
Why Is System Information Needed? . . . . . . . 204
Where Are Log Messages Sent?
What Are the Severity Levels? . . . . . . . . . . . 205
What Are the System Startup and Operation
. . . . . . . . . . . . . . . . . . . . . . . . 205
Logs?
What Is the Log Message Format? . . . . . . . . . 206
What Factors Should Be Considered When
Configuring Logging?
. . . . . . . . . . . . . . . . 207
. . . . . . 203
. . . . . . . . . . 204
Default Log Settings . . . . . . . . . . . . . . . . . . . 207
Monitoring System Information and Configuring
Logging (Web)
Device Information
. . . . . . . . . . . . . . . . . . . . . . 208
. . . . . . . . . . . . . . . . . 208
System Health . . . . . . . . . . . . . . . . . . . 209
System Resources . . . . . . . . . . . . . . . . . 210
Integrated Cable Test for Copper Cables
. . . . . . 211
Optical Transceiver Diagnostics . . . . . . . . . . 212
Log Global Settings . . . . . . . . . . . . . . . . . 214
Contents 13
Page 14
RAM Log . . . . . . . . . . . . . . . . . . . . . 215
Log File . . . . . . . . . . . . . . . . . . . . . . 216
Remote Log Server . . . . . . . . . . . . . . . . 216
Email Alert Global Configuration . . . . . . . . . 219
Email Alert Mail Server Configuration . . . . . . 220
Email Alert Subject Configuration
Email Alert To Address Configuration
Email Alert Statistics
. . . . . . . . . . . . . . . 224
. . . . . . . . 222
. . . . . . . 223
Monitoring System Information and Configuring
Logging (CLI)
Viewing System Information
. . . . . . . . . . . . . . . . . . . . . . 225
. . . . . . . . . . . 225
Running Cable Diagnostics . . . . . . . . . . . . 225
Configuring Local Logging . . . . . . . . . . . . 226
Configuring Remote Logging
Configuring Mail Server Settings
. . . . . . . . . . . 228
. . . . . . . . . 229
Configuring Email Alerts for Log Messages . . . 230
Logging Configuration Examples . . . . . . . . . . . 232
Configuring Local and Remote Logging
. . . . . 232
Configuring Email Alerting . . . . . . . . . . . . 233
12 Managing General System Settings . . . 237
14 Contents
System Settings Overview. . . . . . . . . . . . . . . 237
Why Does System Information Need to
Be Configured?
. . . . . . . . . . . . . . . . . . 238
What Are SDM Templates? . . . . . . . . . . . . 239
Why is the System Time Needed?
. . . . . . . . 240
How Does SNTP Work?. . . . . . . . . . . . . . 240
Default General System Information . . . . . . . . . 240
Configuring General System Settings (Web)
System Information
. . . . . . . . . . . . . . . . 241
. . . . . 241
Page 15
CLI Banner . . . . . . . . . . . . . . . . . . . . . 244
SDM Template Preference
. . . . . . . . . . . . . 245
Clock . . . . . . . . . . . . . . . . . . . . . . . . 246
SNTP Global Settings . . . . . . . . . . . . . . . . 247
SNTP Authentication
. . . . . . . . . . . . . . . . 248
SNTP Server . . . . . . . . . . . . . . . . . . . . 250
Summer Time Configuration . . . . . . . . . . . . 254
Time Zone Configuration . . . . . . . . . . . . . . 255
Slot Summary . . . . . . . . . . . . . . . . . . . . 256
Supported Cards . . . . . . . . . . . . . . . . . . 257
Configuring System Settings (CLI) . . . . . . . . . . . . 258
Configuring System Information
. . . . . . . . . . 258
Configuring the Banner. . . . . . . . . . . . . . . 259
Managing the SDM Template . . . . . . . . . . . 260
Configuring SNTP Authentication and an
SNTP Server
. . . . . . . . . . . . . . . . . . . . 260
Setting the System Time and Date Manually. . . . 262
Viewing Slot Information . . . . . . . . . . . . . . 263
General System Settings Configuration Examples
Configuring System and Banner Information
Configuring SNTP
Configuring the Time Manually
. . . . . . . . . . . . . . . . . . 267
. . . . . . . . . . . 269
. . . 264
. . . 264
13 Configuring SNMP . . . . . . . . . . . . . . . . . 271
SNMP Overview . . . . . . . . . . . . . . . . . . . . . 271
What Is SNMP?
What Are SNMP Traps? . . . . . . . . . . . . . . 272
Why Is SNMP Needed?
. . . . . . . . . . . . . . . . . . . 271
. . . . . . . . . . . . . . 273
Contents 15
Page 16
Default SNMP Values . . . . . . . . . . . . . . . . . 273
Configuring SNMP (Web)
SNMP Global Parameters
SNMP View Settings
Access Control Group
. . . . . . . . . . . . . . . 275
. . . . . . . . . . . . 275
. . . . . . . . . . . . . . . 276
. . . . . . . . . . . . . . 278
SNMPv3 User Security Model (USM) . . . . . . 280
Communities . . . . . . . . . . . . . . . . . . . 283
Notification Filter
. . . . . . . . . . . . . . . . . 285
Notification Recipients . . . . . . . . . . . . . . 286
Trap Flags . . . . . . . . . . . . . . . . . . . . . 289
OSPFv2 Trap Flags
. . . . . . . . . . . . . . . . 290
OSPFv3 Trap Flags . . . . . . . . . . . . . . . . 291
Trap Log . . . . . . . . . . . . . . . . . . . . . . 292
Configuring SNMP (CLI) . . . . . . . . . . . . . . . . 293
Configuring the SNMPv3 Engine ID
. . . . . . . . 293
Configuring SNMP Views, Groups, and
Users
. . . . . . . . . . . . . . . . . . . . . . . 294
Configuring Communities . . . . . . . . . . . . . 297
Configuring SNMP Notifications (Traps
and Informs)
SNMP Configuration Examples
Configuring SNMPv1 and SNMPv2
Configuring SNMPv3
. . . . . . . . . . . . . . . . . . . . 299
. . . . . . . . . . . . 302
. . . . . . . . 302
. . . . . . . . . . . . . . . 303
14 Managing Images and Files. . . . . . . . . . 307
16 Contents
Image and File Management Overview . . . . . . . . 307
What Files Can Be Managed?
Why Is File Management Needed?
. . . . . . . . . . 307
. . . . . . . . 309
What Methods Are Supported for File
Management?
. . . . . . . . . . . . . . . . . . . 311
Page 17
What Factors Should Be Considered When
Managing Files?
. . . . . . . . . . . . . . . . . . 311
How Is the Running Configuration Saved?. . . . . 313
Managing Images and Files (Web) . . . . . . . . . . . 314
File System
. . . . . . . . . . . . . . . . . . . . . 314
Active Images . . . . . . . . . . . . . . . . . . . 315
USB Flash Drive. . . . . . . . . . . . . . . . . . . 316
File Download. . . . . . . . . . . . . . . . . . . . 317
File Upload
. . . . . . . . . . . . . . . . . . . . . 319
Copy Files . . . . . . . . . . . . . . . . . . . . . . 321
Managing Images and Files (CLI) . . . . . . . . . . . . 322
Downloading and Activating a New
Image (TFTP)
. . . . . . . . . . . . . . . . . . . . 322
Managing Files in Internal Flash . . . . . . . . . . 323
Managing Files on a USB Flash Device
(PowerConnect 8100-series switches only)
. . . . 324
Uploading a Configuration File (SCP) . . . . . . . . 324
Managing Configuration Scripts (SFTP) . . . . . . 325
File and Image Management Configuration
Examples
. . . . . . . . . . . . . . . . . . . . . . . . . 326
Upgrading the Firmware
Managing Configuration Scripts
. . . . . . . . . . . . . . 326
. . . . . . . . . . 329
Managing Files by Using the USB Flash Drive
(PowerConnect 8100-series switches only)
. . . . 331
15 Automatically Updating the Image
and Configuration . . . . . . . . . . . . . . . . . 333
Auto Configuration Overview . . . . . . . . . . . . . . 333
What Is USB Auto Configuration?
What Files Does USB Auto Configuration
. . . . . . . . . . . . . . . . . . . . . . . . . 334
Use?
. . . . . . . . . 334
Contents 17
Page 18
What Is the DHCP Auto Configuration
Process?
. . . . . . . . . . . . . . . . . . . . . 335
Monitoring and Completing the DHCP
Auto Configuration Process
. . . . . . . . . . . 339
What Are the Dependencies for DHCP
Auto Configuration?
. . . . . . . . . . . . . . . . 340
Default Auto Configuration Values . . . . . . . . . . 341
Managing Auto Configuration (Web) . . . . . . . . . 342
Auto-Install Configuration
. . . . . . . . . . . . 342
Managing Auto Configuration (CLI)
Managing Auto Configuration
. . . . . . . . . . 343
. . . . . . . . . . 343
Auto Configuration Example . . . . . . . . . . . . . . 344
Enabling DHCP Auto Configuration and Auto
Image Download
. . . . . . . . . . . . . . . . . 344
16 Monitoring Switch Traffic . . . . . . . . . . . 347
Traffic Monitoring Overview. . . . . . . . . . . . . . 347
What is sFlow Technology?
What is RMON?. . . . . . . . . . . . . . . . . . 350
What is Port Mirroring?
Why is Traffic Monitoring Needed? . . . . . . . 352
Default Traffic Monitoring Values . . . . . . . . . . . 352
Monitoring Switch Traffic (Web)
sFlow Agent Summary
sFlow Receiver Configuration
sFlow Sampler Configuration
sFlow Poll Configuration . . . . . . . . . . . . . 356
Interface Statistics . . . . . . . . . . . . . . . . 357
Etherlike Statistics
. . . . . . . . . . . . 347
. . . . . . . . . . . . . . 351
. . . . . . . . . . . 353
. . . . . . . . . . . . . . 353
. . . . . . . . . . 354
. . . . . . . . . . . 355
. . . . . . . . . . . . . . . . 358
18 Contents
Page 19
GVRP Statistics . . . . . . . . . . . . . . . . . . . 359
EAP Statistics
. . . . . . . . . . . . . . . . . . . . 360
Utilization Summary . . . . . . . . . . . . . . . . 361
Counter Summary. . . . . . . . . . . . . . . . . . 362
Switchport Statistics
. . . . . . . . . . . . . . . . 363
RMON Statistics . . . . . . . . . . . . . . . . . . 364
RMON History Control Statistics . . . . . . . . . . 365
RMON History Table . . . . . . . . . . . . . . . . 367
RMON Event Control . . . . . . . . . . . . . . . . 368
RMON Event Log
. . . . . . . . . . . . . . . . . . 370
RMON Alarms . . . . . . . . . . . . . . . . . . . 371
Port Statistics. . . . . . . . . . . . . . . . . . . . 373
LAG Statistics
. . . . . . . . . . . . . . . . . . . . 374
Port Mirroring. . . . . . . . . . . . . . . . . . . . 375
Monitoring Switch Traffic (CLI) . . . . . . . . . . . . . 378
Configuring sFlow
. . . . . . . . . . . . . . . . . . 378
Configuring RMON . . . . . . . . . . . . . . . . . 380
Viewing Statistics. . . . . . . . . . . . . . . . . . 382
Configuring Port Mirroring
. . . . . . . . . . . . . 383
Traffic Monitoring Configuration Examples
Configuring sFlow
Configuring RMON
. . . . . . . . . . . . . . . . . . 384
. . . . . . . . . . . . . . . . . 386
. . . . . . . 384
17 Configuring iSCSI Optimization . . . . . . . 387
iSCSI Optimization Overview . . . . . . . . . . . . . . 387
What Does iSCSI Optimization Do?
How Does the Switch Detect iSCSI Traffic
. . . . . . . . . . . . . . . . . . . . . . . . 388
Flows?
How Is Quality of Service Applied to iSCSI
Traffic Flows?
. . . . . . . . . . . . . . . . . . . . 388
How Does iSCSI Optimization Use ACLs? . . . . . 389
. . . . . . . . . 388
Contents 19
Page 20
What Information Does the Switch Track in
iSCSI Traffic Flows?
. . . . . . . . . . . . . . . . 389
How Does iSCSI Optimization Interact With
Dell EqualLogic Arrays?
. . . . . . . . . . . . . . 390
What Occurs When iSCSI Optimization Is
Enabled or Disabled?
. . . . . . . . . . . . . . . 390
How Does iSCSI Optimization Interact with
. . . . . . . . . . . . . . . . . . . . . . . 391
DCBx?
How Does iSCSI Optimization Interact with
Dell Compellent Arrays?
. . . . . . . . . . . . . 391
Default iSCSI Optimization Values. . . . . . . . . . . 392
Configuring iSCSI Optimization (Web)
iSCSI Global Configuration
iSCSI Targets Table
iSCSI Sessions Table
. . . . . . . . . . . . . . . . 394
. . . . . . . . . . . . . . . 395
. . . . . . . . . 393
. . . . . . . . . . . . 393
iSCSI Sessions Detailed . . . . . . . . . . . . . 396
Configuring iSCSI Optimization (CLI) . . . . . . . . . 397
iSCSI Optimization Configuration Examples
. . . . . 399
Configuring iSCSI Optimization Between
Servers and a Disk Array . . . . . . . . . . . . . 399
18 Configuring a Captive Portal . . . . . . . . . 401
Captive Portal Overview . . . . . . . . . . . . . . . . 401
What Does a Captive Portal Do?
Is the Captive Portal Feature Dependent on
Any Other Feature?
. . . . . . . . . . . . . . . . 402
What Factors Should Be Considered When
Designing and Configuring a Captive Portal?
How Does Captive Portal Work? . . . . . . . . . 404
What Captive Portal Pages Can Be
Customized?
. . . . . . . . . . . . . . . . . . . . 405
. . . . . . . . . 401
. . . 403
20 Contents
Page 21
Default Captive Portal Behavior and Settings . . . . . 406
Configuring the Captive Portal (Web)
Captive Portal Global Configuration
Captive Portal Configuration
Local User
User Group
Interface Association
. . . . . . . . . . . . . . . . . . . . . 414
. . . . . . . . . . . . . . . . . . . . . 418
. . . . . . . . . . . . . . . . 420
. . . . . . . . . . 408
. . . . . . . . 408
. . . . . . . . . . . . 409
Captive Portal Global Status . . . . . . . . . . . . 421
Captive Portal Activation and Activity Status . . . 422
Interface Activation Status. . . . . . . . . . . . . 423
Interface Capability Status . . . . . . . . . . . . . 424
Client Summary . . . . . . . . . . . . . . . . . . . 425
Client Detail . . . . . . . . . . . . . . . . . . . . . 426
Captive Portal Interface Client Status
. . . . . . . 427
Captive Portal Client Status . . . . . . . . . . . . 428
Configuring a Captive Portal (CLI) . . . . . . . . . . . . 429
Configuring Global Captive Portal Settings
. . . . . 429
Creating and Configuring a Captive Portal . . . . . 430
Configuring Captive Portal Groups and Users . . . 433
Managing Captive Portal Clients . . . . . . . . . . 434
Captive Portal Configuration Example . . . . . . . . . 435
Configuration Overview
Detailed Configuration Procedures
. . . . . . . . . . . . . . . 436
. . . . . . . . 437
19 Configuring Port Characteristics . . . . . 439
Port Overview . . . . . . . . . . . . . . . . . . . . . . 439
What Physical Port Characteristics Can
Be Configured?
What is Link Dependency?
What Interface Types are Supported? . . . . . . . 442
What is Interface Configuration Mode? . . . . . . 442
. . . . . . . . . . . . . . . . . . . 439
. . . . . . . . . . . . . 440
Contents 21
Page 22
Default Port Values. . . . . . . . . . . . . . . . . . . 444
Configuring Port Characteristics (Web)
Port Configuration
. . . . . . . . . . . . . . . . . 445
Link Dependency Configuration
. . . . . . . . 445
. . . . . . . . . 448
Link Dependency Summary . . . . . . . . . . . . 450
Configuring Port Characteristics (CLI). . . . . . . . . 451
Configuring Port Settings
. . . . . . . . . . . . . 451
Configuring Link Dependencies . . . . . . . . . 452
Port Configuration Examples . . . . . . . . . . . . . 454
Configuring Port Settings
. . . . . . . . . . . . . 454
Configuring a Link Dependency Groups . . . . . 455
20 Configuring Port and System
Security . . . . . . . . . . . . . . . . . . . . . . . . . 457
IEEE 802.1X . . . . . . . . . . . . . . . . . . . . . . . 458
What is IEEE 802.1X?
What are the 802.1X Port States?. . . . . . . . . 459
What is MAC-Based 802.1X Authentication?
What is the Role of 802.1X in VLAN
Assignment?
What is Monitor Mode?
How Does the Authentication Server Assign
DiffServ Filters?
What is the Internal Authentication Server?
Default 802.1X Values . . . . . . . . . . . . . . . 466
Configuring IEEE 802.1X (Web) . . . . . . . . . . 467
Configuring IEEE 802.1X (CLI)
Configuring Internal Authentication Server
. . . . . . . . . . . . . . . . . . . . . . . 481
Users
IEEE 802.1X Configuration Examples . . . . . . . 481
. . . . . . . . . . . . . . . 458
. . . . . . . . . . . . . . . . . . . 461
. . . . . . . . . . . . . . 463
. . . . . . . . . . . . . . . . . . 465
. . . . . . . . . . . 476
. . . 460
. . . 465
22 Contents
Page 23
Port Security (Port-MAC Locking). . . . . . . . . . . . 495
Default 802.1X Values
. . . . . . . . . . . . . . . . 495
Configuring Port Security (CLI) . . . . . . . . . . . 498
Denial of Service . . . . . . . . . . . . . . . . . . . . 499
21 Configuring Access Control Lists . . . . . 501
ACL Overview . . . . . . . . . . . . . . . . . . . . . . 501
What Are MAC ACLs?
What Are IP ACLs?
What Is the ACL Redirect Function? . . . . . . . . 503
What Is the ACL Mirror Function? . . . . . . . . . 503
What Is ACL Logging
What Are Time-Based ACLs?. . . . . . . . . . . . 504
What Are the ACL Limitations?. . . . . . . . . . . 505
How Are ACLs Configured?
Preventing False ACL Matches. . . . . . . . . . . 506
Configuring ACLs (Web) . . . . . . . . . . . . . . . . . 508
IP ACL Configuration
IP ACL Rule Configuration . . . . . . . . . . . . . 510
MAC ACL Configuration . . . . . . . . . . . . . . 512
MAC ACL Rule Configuration
IPv6 ACL Configuration
IPv6 ACL Rule Configuration
ACL Binding Configuration
Time Range Entry Configuration
. . . . . . . . . . . . . . . 502
. . . . . . . . . . . . . . . . . 503
. . . . . . . . . . . . . . . . 504
. . . . . . . . . . . . . 506
. . . . . . . . . . . . . . . . 508
. . . . . . . . . . . . 514
. . . . . . . . . . . . . . . 515
. . . . . . . . . . . . 516
. . . . . . . . . . . . . 518
. . . . . . . . . . 519
Configuring ACLs (CLI) . . . . . . . . . . . . . . . . . . 521
Configuring an IPv4 ACL
. . . . . . . . . . . . . . 521
Configuring a MAC ACL. . . . . . . . . . . . . . . 523
Configuring an IPv6 ACL . . . . . . . . . . . . . . 525
Configuring a Time Range
. . . . . . . . . . . . . 527
Contents 23
Page 24
ACL Configuration Examples. . . . . . . . . . . . . . 529
Configuring an IP ACL
. . . . . . . . . . . . . . . 529
Configuring a MAC ACL . . . . . . . . . . . . . . 531
Configuring a Time-Based ACL . . . . . . . . . . 533
Configuring a Management Access List . . . . . 534
22 Configuring VLANs. . . . . . . . . . . . . . . . . 539
VLAN Overview . . . . . . . . . . . . . . . . . . . . 539
Switchport Modes
VLAN Tagging . . . . . . . . . . . . . . . . . . . 543
GVRP . . . . . . . . . . . . . . . . . . . . . . . 544
Double-VLAN Tagging
Voice VLAN . . . . . . . . . . . . . . . . . . . . 545
Private VLANs. . . . . . . . . . . . . . . . . . . 547
Additional VLAN Features
. . . . . . . . . . . . . . . . 542
. . . . . . . . . . . . . . 544
. . . . . . . . . . . . 553
24 Contents
Default VLAN Behavior
. . . . . . . . . . . . . . . . 554
Configuring VLANs (Web) . . . . . . . . . . . . . . . 556
VLAN Membership
. . . . . . . . . . . . . . . . 556
VLAN Port Settings . . . . . . . . . . . . . . . . 561
VLAN LAG Settings . . . . . . . . . . . . . . . . 562
Bind MAC to VLAN . . . . . . . . . . . . . . . . 564
Bind IP Subnet to VLAN. . . . . . . . . . . . . . 565
GVRP Parameters
Protocol Group
. . . . . . . . . . . . . . . . . 567
. . . . . . . . . . . . . . . . . . 569
Adding a Protocol Group . . . . . . . . . . . . . 570
Double VLAN Global Configuration
Double VLAN Interface Configuration
. . . . . . . . 572
. . . . . . 573
Voice VLAN . . . . . . . . . . . . . . . . . . . . 575
Configuring VLANs (CLI) . . . . . . . . . . . . . . . . 576
Creating a VLAN
. . . . . . . . . . . . . . . . . 576
Page 25
Configuring a Port in Access Mode . . . . . . . . 577
Configuring a Port in General Mode . . . . . . . . 578
Configuring a Port in Trunk Mode . . . . . . . . . 579
Configuring VLAN Settings for a LAG . . . . . . . 581
Configuring Double VLAN Tagging . . . . . . . . . 582
Configuring MAC-Based VLANs . . . . . . . . . . 583
Configuring IP-Based VLANs. . . . . . . . . . . . 584
Configuring a Protocol-Based VLAN
Configuring GVRP
. . . . . . . . . . . . . . . . . . 586
. . . . . . . . 584
Configuring Voice VLANs. . . . . . . . . . . . . . 588
VLAN Configuration Examples . . . . . . . . . . . . . 589
Configuring VLANs Using Dell OpenManage
Administrator
. . . . . . . . . . . . . . . . . . . . 592
Configure the VLANs and Ports on Switch 2 . . . . 596
Configuring VLANs Using the CLI. . . . . . . . . . 597
Configuring a Voice VLAN . . . . . . . . . . . . . 601
23 Configuring the Spanning Tree
Protocol . . . . . . . . . . . . . . . . . . . . . . . . 605
STP Overview . . . . . . . . . . . . . . . . . . . . . . 605
What Are Classic STP, Multiple STP, and
Rapid STP? . . . . . . . . . . . . . . . . . . . . . 605
How Does STP Work? . . . . . . . . . . . . . . . 606
How Does MSTP Operate in the Network?
MSTP with Multiple Forwarding Paths
What are the Optional STP Features? . . . . . . . 612
. . . . . . . 611
. . . . 607
Default STP Values
. . . . . . . . . . . . . . . . . . . 615
Configuring Spanning Tree (Web) . . . . . . . . . . . . 616
STP Global Settings
. . . . . . . . . . . . . . . . . 616
STP Port Settings. . . . . . . . . . . . . . . . . . 618
STP LAG Settings. . . . . . . . . . . . . . . . . . 620
Contents 25
Page 26
Rapid Spanning Tree . . . . . . . . . . . . . . . 621
MSTP Settings . . . . . . . . . . . . . . . . . . 624
MSTP Interface Settings . . . . . . . . . . . . . 626
Configuring Spanning Tree (CLI)
Configuring Global STP Bridge Settings
Configuring Optional STP Features
. . . . . . . . . . . . 628
. . . . . 628
. . . . . . . . 629
Configuring STP Interface Settings. . . . . . . . 630
Configuring MSTP Switch Settings . . . . . . . . 631
Configuring MSTP Interface Settings . . . . . . 632
STP Configuration Examples. . . . . . . . . . . . . . 633
Configuring STP
. . . . . . . . . . . . . . . . . . 633
Configuring MSTP. . . . . . . . . . . . . . . . . 635
24 Discovering Network Devices . . . . . . . . 637
Device Discovery Overview . . . . . . . . . . . . . . 637
What Is ISDP?
What is LLDP?. . . . . . . . . . . . . . . . . . . 637
What is LLDP-MED? . . . . . . . . . . . . . . . 638
Why are Device Discovery Protocols
Needed?
Default IDSP and LLDP Values. . . . . . . . . . . . . 639
. . . . . . . . . . . . . . . . . . . 637
. . . . . . . . . . . . . . . . . . . . . . 638
26 Contents
Configuring ISDP and LLDP (Web)
ISDP Global Configuration
ISDP Cache Table
. . . . . . . . . . . . . . . . . 642
. . . . . . . . . . . 641
. . . . . . . . . . . . 641
ISDP Interface Configuration . . . . . . . . . . . 643
ISDP Statistics . . . . . . . . . . . . . . . . . . 645
LLDP Configuration
. . . . . . . . . . . . . . . . 646
LLDP Statistics . . . . . . . . . . . . . . . . . . 648
LLDP Connections. . . . . . . . . . . . . . . . . 649
LLDP-MED Global Configuration
. . . . . . . . . 651
Page 27
LLDP-MED Interface Configuration . . . . . . . . 652
LLDP-MED Local Device Information
. . . . . . . 654
LLDP-MED Remote Device Information . . . . . . 655
Configuring ISDP and LLDP (CLI) . . . . . . . . . . . . 656
Configuring Global ISDP Settings
. . . . . . . . . 656
Enabling ISDP on a Port . . . . . . . . . . . . . . 657
Viewing and Clearing ISDP Information . . . . . . 657
Configuring Global LLDP Settings . . . . . . . . . 658
Configuring Port-based LLDP Settings . . . . . . . 658
Viewing and Clearing LLDP Information . . . . . . 659
Configuring LLDP-MED Settings . . . . . . . . . . 660
Viewing LLDP-MED Information . . . . . . . . . . 661
Device Discovery Configuration Examples . . . . . . . 661
Configuring ISDP
. . . . . . . . . . . . . . . . . . 661
Configuring LLDP . . . . . . . . . . . . . . . . . . 662
25 Configuring Port-Based Traffic
Control . . . . . . . . . . . . . . . . . . . . . . . . . 665
Port-Based Traffic Control Overview . . . . . . . . . . 665
What is Flow Control?
What is Storm Control?. . . . . . . . . . . . . . . 666
What are Protected Ports?
What is Link Local Protocol Filtering? . . . . . . . 667
. . . . . . . . . . . . . . . 666
. . . . . . . . . . . . . 667
Default Port-Based Traffic Control Values . . . . . . . 668
Configuring Port-Based Traffic Control (Web)
Flow Control (Global Port Parameters)
Storm Control
Protected Port Configuration
. . . . . . . . . . . . . . . . . . . . 670
. . . . . . . . . . . . 672
. . . . . 669
. . . . . . . 669
LLPF Configuration . . . . . . . . . . . . . . . . . 674
Contents 27
Page 28
Configuring Port-Based Traffic Control (CLI) . . . . . 676
Configuring Flow Control and Storm Control
. . . 676
Configuring Protected Ports . . . . . . . . . . . 677
Configuring LLPF . . . . . . . . . . . . . . . . . 678
Port-Based Traffic Control Configuration
Example
. . . . . . . . . . . . . . . . . . . . . . . . 679
26 Configuring L2 Multicast Features . . . . 681
L2 Multicast Overview . . . . . . . . . . . . . . . . . 681
What Are the Multicast Bridging Features?
L2 Multicast Forwarding Modes . . . . . . . . . 682
What Is IP Multicast Traffic?
. . . . . . . . . . . 682
What Is IGMP Snooping? . . . . . . . . . . . . . 683
What Is MLD Snooping? . . . . . . . . . . . . . 683
What Is Multicast VLAN Registration?
When Are L3 Multicast Features Required? . . . 685
What Are GARP and GMRP? . . . . . . . . . . . 686
Snooping Switch Restrictions. . . . . . . . . . . . . 687
Partial IGMPv3 and MLDv2 Support
MAC Address-Based Multicast Group . . . . . . 687
IGMP Snooping in a Multicast Router
Topologies Where the Multicast Source Is
Not Directly Connected to the Querier
. . . 681
. . . . . . 684
. . . . . . . 687
. . . . . . 687
. . . . . . 687
28 Contents
Current MLD Snooping Functional Limitations
Summary
. . . . . . . . . . . . . . . . . . . . . . . . 688
Default L2 Multicast Values . . . . . . . . . . . . . . 689
Configuring L2 Multicast Features (Web) . . . . . . . 691
Multicast Global Parameters
. . . . . . . . . . . 691
Bridge Multicast Group . . . . . . . . . . . . . . 692
Page 29
Bridge Multicast Forwarding . . . . . . . . . . . . 695
MRouter Status. . . . . . . . . . . . . . . . . . . 696
General IGMP Snooping . . . . . . . . . . . . . . 697
Global Querier Configuration . . . . . . . . . . . . 700
VLAN Querier . . . . . . . . . . . . . . . . . . . . 701
VLAN Querier Status
. . . . . . . . . . . . . . . . 704
MFDB IGMP Snooping Table . . . . . . . . . . . . 705
MLD Snooping General. . . . . . . . . . . . . . . 706
MLD Snooping Global Querier Configuration
MLD Snooping VLAN Querier
. . . . . . . . . . . 709
. . . 708
MLD Snooping VLAN Querier Status . . . . . . . . 712
MFDB MLD Snooping Table . . . . . . . . . . . . 713
MVR Global Configuration
. . . . . . . . . . . . . 714
MVR Members . . . . . . . . . . . . . . . . . . . 715
MVR Interface Configuration . . . . . . . . . . . . 716
MVR Statistics . . . . . . . . . . . . . . . . . . . 719
GARP Timers . . . . . . . . . . . . . . . . . . . . 720
GMRP Parameters
MFDB GMRP Table
. . . . . . . . . . . . . . . . . 722
. . . . . . . . . . . . . . . . . 724
Configuring L2 Multicast Features (CLI)
Configuring Bridge Multicasting
Configuring IGMP Snooping
. . . . . . . . . 725
. . . . . . . . . . 725
. . . . . . . . . . . . 727
Configuring IGMP Snooping on VLANs . . . . . . 728
Configuring IGMP Snooping Querier . . . . . . . . 729
Configuring MLD Snooping
. . . . . . . . . . . . . 730
Configuring MLD Snooping on VLANs . . . . . . . 731
Configuring MLD Snooping Querier . . . . . . . . 732
Configuring MVR
. . . . . . . . . . . . . . . . . . 733
Configuring GARP Timers and GMRP . . . . . . . 735
Case Study on a Real-World Network Topology . . . . 736
Multicast Snooping Case Study
. . . . . . . . . . 736
Contents 29
Page 30
27 Snooping and Inspecting Traffic . . . . . . 743
Traffic Snooping and Inspection Overview . . . . . . 743
What Is DHCP Snooping?
How Is the DHCP Snooping Bindings Database
Populated?
. . . . . . . . . . . . . . . . . . . . 745
What Is IP Source Guard? . . . . . . . . . . . . 747
What is Dynamic ARP Inspection? . . . . . . . . 748
Why Is Traffic Snooping and Inspection
Necessary?
. . . . . . . . . . . . . . . . . . . . 749
Default Traffic Snooping and Inspection Values . . . 749
Configuring Traffic Snooping and Inspection
. . . . . . . . . . . . . . . . . . . . . . . . . . 751
(Web)
DHCP Snooping Configuration
DHCP Snooping Interface Configuration . . . . . 752
DHCP Snooping VLAN Configuration . . . . . . . 754
DHCP Snooping Persistent Configuration . . . . 756
DHCP Snooping Static Bindings
Configuration
. . . . . . . . . . . . . . . . . . . 757
DHCP Snooping Dynamic Bindings
Summary
. . . . . . . . . . . . . . . . . . . . . 759
DHCP Snooping Statistics
IPSG Interface Configuration . . . . . . . . . . . 761
IPSG Binding Configuration. . . . . . . . . . . . 762
IPSG Binding Summary
DAI Global Configuration . . . . . . . . . . . . . 764
DAI Interface Configuration . . . . . . . . . . . 765
DAI VLAN Configuration
DAI ACL Configuration . . . . . . . . . . . . . . 768
DAI ACL Rule Configuration. . . . . . . . . . . . 769
DAI Statistics
. . . . . . . . . . . . . . . . . . . 771
. . . . . . . . . . . . . 744
. . . . . . . . . . 751
. . . . . . . . . . . . 760
. . . . . . . . . . . . . . 763
. . . . . . . . . . . . . 767
30 Contents
Configuring Traffic Snooping and Inspection
(CLI)
. . . . . . . . . . . . . . . . . . . . . . . . . . 772
Configuring DHCP Snooping
. . . . . . . . . . . 772
Page 31
Configuring IP Source Guard . . . . . . . . . . . . 774
Configuring Dynamic ARP Inspection . . . . . . . 775
Traffic Snooping and Inspection Configuration
Examples
. . . . . . . . . . . . . . . . . . . . . . . . . 777
Configuring DHCP Snooping
. . . . . . . . . . . . 777
Configuring IPSG . . . . . . . . . . . . . . . . . . 779
28 Configuring Link Aggregation . . . . . . . . 781
Link Aggregation Overview . . . . . . . . . . . . . . . 781
Why Are Link Aggregation Groups
Necessary?
What Is the Difference Between Static and
Dynamic Link Aggregation?
What is LAG Hashing? . . . . . . . . . . . . . . . 783
How Do LAGs Interact with Other Features?
LAG Configuration Guidelines
Default Link Aggregation Values . . . . . . . . . . . . 785
Configuring Link Aggregation (Web) . . . . . . . . . . 786
LAG Configuration
LACP Parameters. . . . . . . . . . . . . . . . . . 788
LAG Membership . . . . . . . . . . . . . . . . . . 790
LAG Hash Configuration
LAG Hash Summary
. . . . . . . . . . . . . . . . . . . . . 782
. . . . . . . . . . . . 782
. . . . 784
. . . . . . . . . . . 785
. . . . . . . . . . . . . . . . . 786
. . . . . . . . . . . . . . 791
. . . . . . . . . . . . . . . . 792
Configuring Link Aggregation (CLI)
Configuring LAG Characteristics
Configuring Link Aggregation Groups
Configuring LACP Parameters
. . . . . . . . . . . 793
. . . . . . . . . . 793
. . . . . . . 794
. . . . . . . . . . . 796
Link Aggregation Configuration Examples . . . . . . . 797
Configuring Dynamic LAGs
. . . . . . . . . . . . . 797
Configuring Static LAGs . . . . . . . . . . . . . . 798
Contents 31
Page 32
29 Configuring Data Center Bridging
Features . . . . . . . . . . . . . . . . . . . . . . . . 799
Data Center Bridging Technology Overview . . . . . 799
Default DCB Values
. . . . . . . . . . . . . . . . 800
Priority Flow Control
PFC Operation and Behavior
Configuring PFC Using the Web Interface
. . . . . . . . . . . . . . . . . . 801
. . . . . . . . . . . 801
. . . . 802
Configuring PFC Using the CLI . . . . . . . . . . 804
PFC Configuration Example . . . . . . . . . . . . 806
DCB Capability Exchange . . . . . . . . . . . . . . . 807
Interoperability with IEEE DCBx
. . . . . . . . . 808
DCBx and Port Roles . . . . . . . . . . . . . . . 808
Configuration Source Port Selection
Process
. . . . . . . . . . . . . . . . . . . . . . 810
Disabling DCBX . . . . . . . . . . . . . . . . . . 811
Configuring DCBx
FIP Snooping
. . . . . . . . . . . . . . . . . . . . . . 814
Enabling and Disabling FIP Snooping
Configuring the FC Map Value
. . . . . . . . . . . . . . . . . 812
. . . . . . . 815
. . . . . . . . . . 815
Configuring Ports for FIP Snooping . . . . . . . . 815
Configuring FIP Snooping (CLI) . . . . . . . . . . 815
FIP Snooping Configuration Example
Enhanced Transmission Selection
ETS Operation
Commands
. . . . . . . . . . . . . . . . . . . 820
. . . . . . . . . . . . . . . . . . . . 823
. . . . . . . 817
. . . . . . . . . . . 819
ETS Configuration Example . . . . . . . . . . . . 824
ETS Theory of Operation . . . . . . . . . . . . . 830
32 Contents
Page 33
30 Managing the MAC Address Table . . . . 837
MAC Address Table Overview. . . . . . . . . . . . . . 837
How Is the Address Table Populated?
What Information Is in the MAC Address
. . . . . . . . . . . . . . . . . . . . . . . . 838
Table?
How Is the MAC Address Table Maintained
Across a Stack?
. . . . . . . . . . . . . . . . . . 838
. . . . . . . 837
Default MAC Address Table Values
. . . . . . . . . . . 838
Managing the MAC Address Table (Web). . . . . . . . 839
Static Address Table
. . . . . . . . . . . . . . . . 839
Dynamic Address Table . . . . . . . . . . . . . . 841
Managing the MAC Address Table (CLI) . . . . . . . . 842
Managing the MAC Address Table
. . . . . . . . . 842
31 Configuring Routing Interfaces . . . . . . . 843
Routing Interface Overview . . . . . . . . . . . . . . . 843
What Are VLAN Routing Interfaces?
What Are Loopback Interfaces? . . . . . . . . . . 844
What Are Tunnel Interfaces?. . . . . . . . . . . . 845
Why Are Routing Interfaces Needed?
Default Routing Interface Values
Configuring Routing Interfaces (Web)
IP Interface Configuration
. . . . . . . . . . . . . 849
DHCP Lease Parameters . . . . . . . . . . . . . . 850
VLAN Routing Summary . . . . . . . . . . . . . . 850
Tunnel Configuration . . . . . . . . . . . . . . . . 851
Tunnels Summary
. . . . . . . . . . . . . . . . . . 852
Loopbacks Configuration . . . . . . . . . . . . . . 853
. . . . . . . . 843
. . . . . . . 846
. . . . . . . . . . . . 848
. . . . . . . . . . 849
Contents 33
Page 34
Loopbacks Summary . . . . . . . . . . . . . . . 854
Configuring Routing Interfaces (CLI)
Configuring VLAN Routing Interfaces (IPv4)
Configuring Loopback Interfaces
Configuring Tunnels
. . . . . . . . . . . . . . . . 858
. . . . . . . . . 855
. . . 855
. . . . . . . . . 857
32 Configuring DHCP Server Settings . . . . 859
DHCP Overview . . . . . . . . . . . . . . . . . . . . 859
How Does DHCP Work?
What are DHCP Options? . . . . . . . . . . . . . 860
What Additional DHCP Features Does the
Switch Support?
Default DHCP Server Values. . . . . . . . . . . . . . 861
Configuring the DHCP Server (Web)
DHCP Server Network Properties
Address Pool
. . . . . . . . . . . . . . . . . . . 864
Address Pool Options. . . . . . . . . . . . . . . 868
DHCP Bindings . . . . . . . . . . . . . . . . . . 870
DHCP Server Reset Configuration
DHCP Server Conflicts Information . . . . . . . . 872
DHCP Server Statistics . . . . . . . . . . . . . . 873
. . . . . . . . . . . . . . 859
. . . . . . . . . . . . . . . . . 861
. . . . . . . . . . 862
. . . . . . . . 862
. . . . . . . . 871
34 Contents
Configuring the DHCP Server (CLI) . . . . . . . . . . 874
Configuring Global DHCP Server Settings
. . . . 874
Configuring a Dynamic Address Pool. . . . . . . 875
Configuring a Static Address Pool
. . . . . . . . 876
Monitoring DHCP Server Information . . . . . . 877
DHCP Server Configuration Examples. . . . . . . . . 878
Configuring a Dynamic Address Pool
. . . . . . . 878
Configuring a Static Address Pool . . . . . . . . 880
Page 35
33 Configuring IP Routing . . . . . . . . . . . . . 883
IP Routing Overview . . . . . . . . . . . . . . . . . . . 883
Default IP Routing Values . . . . . . . . . . . . . . . . 885
Configuring IP Routing Features (Web) . . . . . . . . . 887
IP Configuration
IP Statistics . . . . . . . . . . . . . . . . . . . . . 888
ARP Create . . . . . . . . . . . . . . . . . . . . . 889
ARP Table Configuration
Router Discovery Configuration . . . . . . . . . . 891
Router Discovery Status . . . . . . . . . . . . . . 892
Route Table
Best Routes Table . . . . . . . . . . . . . . . . . 894
Route Entry Configuration . . . . . . . . . . . . . 895
Configured Routes
Route Preferences Configuration . . . . . . . . . 898
Configuring IP Routing Features (CLI) . . . . . . . . . . 899
Configuring Global IP Routing Settings
Adding Static ARP Entries and Configuring
ARP Table Settings
Configuring Router Discovery (IRDP). . . . . . . . 901
Configuring Route Table Entries and Route
Preferences
. . . . . . . . . . . . . . . . . . . 887
. . . . . . . . . . . . . . 890
. . . . . . . . . . . . . . . . . . . . . 893
. . . . . . . . . . . . . . . . . 897
. . . . . . . 899
. . . . . . . . . . . . . . . . . 900
. . . . . . . . . . . . . . . . . . . . . 902
IP Routing Configuration Example . . . . . . . . . . . 904
Configuring PowerConnect Switch A
Configuring PowerConnect Switch B
. . . . . . . 905
. . . . . . . 906
34 Configuring L2 and L3 Relay
Features . . . . . . . . . . . . . . . . . . . . . . . . 907
L2 and L3 Relay Overview . . . . . . . . . . . . . . . . 907
What Is L3 DHCP Relay?
. . . . . . . . . . . . . . 907
Contents 35
Page 36
What Is L2 DHCP Relay? . . . . . . . . . . . . . 908
What Is the IP Helper Feature? . . . . . . . . . . 909
Default L2/L3 Relay Values. . . . . . . . . . . . . . . 913
Configuring L2 and L3 Relay Features (Web)
DHCP Relay Global Configuration
DHCP Relay Interface Configuration
DHCP Relay Interface Statistics
. . . . . 914
. . . . . . . . . 914
. . . . . . . 915
. . . . . . . . . 917
DHCP Relay VLAN Configuration . . . . . . . . . 918
DHCP Relay Agent Configuration . . . . . . . . . 919
IP Helper Global Configuration . . . . . . . . . . 920
IP Helper Interface Configuration . . . . . . . . 922
IP Helper Statistics
. . . . . . . . . . . . . . . . 924
Configuring L2 and L3 Relay Features (CLI) . . . . . . 925
Configuring L2 DHCP Relay
. . . . . . . . . . . . 925
Configuring L3 Relay (IP Helper) Settings . . . . 927
Relay Agent Configuration Example . . . . . . . . . . 929
35 Configuring OSPF and OSPFv3. . . . . . . . 931
OSPF Overview. . . . . . . . . . . . . . . . . . . . . 932
What Are OSPF Areas and Other OSPF
Topology Features?
What Are OSPF Routers and LSAs?
How Are Routes Selected?
How Are OSPF and OSPFv3 Different? . . . . . . 933
. . . . . . . . . . . . . . . . 932
. . . . . . . 933
. . . . . . . . . . . . 933
36 Contents
OSPF Feature Details. . . . . . . . . . . . . . . . . . 934
Max Metric
. . . . . . . . . . . . . . . . . . . . 934
Static Area Range Cost . . . . . . . . . . . . . . 936
LSA Pacing
. . . . . . . . . . . . . . . . . . . . 937
Flood Blocking . . . . . . . . . . . . . . . . . . 938
Page 37
Default OSPF Values . . . . . . . . . . . . . . . . . . . 940
Configuring OSPF Features (Web)
OSPF Configuration
. . . . . . . . . . . . . . . . . 942
OSPF Area Configuration
OSPF Stub Area Summary
. . . . . . . . . . . . 942
. . . . . . . . . . . . . . 944
. . . . . . . . . . . . . 947
OSPF Area Range Configuration . . . . . . . . . . 948
OSPF Interface Statistics. . . . . . . . . . . . . . 949
OSPF Interface Configuration
. . . . . . . . . . . 950
OSPF Neighbor Table . . . . . . . . . . . . . . . . 951
OSPF Neighbor Configuration . . . . . . . . . . . 952
OSPF Link State Database
. . . . . . . . . . . . . 953
OSPF Virtual Link Configuration . . . . . . . . . . 953
OSPF Virtual Link Summary. . . . . . . . . . . . . 955
OSPF Route Redistribution Configuration . . . . . 956
OSPF Route Redistribution Summary. . . . . . . . 957
NSF OSPF Configuration
. . . . . . . . . . . . . . 958
Configuring OSPFv3 Features (Web) . . . . . . . . . . 959
OSPFv3 Configuration
. . . . . . . . . . . . . . . 959
OSPFv3 Area Configuration. . . . . . . . . . . . . 960
OSPFv3 Stub Area Summary
OSPFv3 Area Range Configuration
. . . . . . . . . . . . 963
. . . . . . . . . 964
OSPFv3 Interface Configuration . . . . . . . . . . 965
OSPFv3 Interface Statistics . . . . . . . . . . . . 966
OSPFv3 Neighbors
. . . . . . . . . . . . . . . . . 967
OSPFv3 Neighbor Table. . . . . . . . . . . . . . . 968
OSPFv3 Link State Database . . . . . . . . . . . . 969
OSPFv3 Virtual Link Configuration
. . . . . . . . . 970
OSPFv3 Virtual Link Summary . . . . . . . . . . . 972
OSPFv3 Route Redistribution Configuration . . . . 973
OSPFv3 Route Redistribution Summary
. . . . . . 974
NSF OSPFv3 Configuration . . . . . . . . . . . . . 975
Configuring OSPF Features (CLI) . . . . . . . . . . . . 976
Configuring Global OSPF Settings
. . . . . . . . . 976
Contents 37
Page 38
Configuring OSPF Interface Settings . . . . . . . 979
Configuring Stub Areas and NSSAs
Configuring Virtual Links
. . . . . . . . . . . . . 983
Configuring OSPF Area Range Settings
. . . . . . . 981
. . . . . 985
Configuring OSPFv3 Features (CLI) . . . . . . . . . . 987
Configuring Global OSPFv3 Settings
. . . . . . . 987
Configuring OSPFv3 Interface Settings . . . . . . 989
Configuring Stub Areas and NSSAs . . . . . . . 991
Configuring Virtual Links . . . . . . . . . . . . . 993
Configuring an OSPFv3 Area Range . . . . . . . 994
Configuring OSPFv3 Route Redistribution
Settings
. . . . . . . . . . . . . . . . . . . . . . 995
OSPF Configuration Examples . . . . . . . . . . . . . 996
Configuring an OSPF Border Router and Setting
Interface Costs
. . . . . . . . . . . . . . . . . . 996
Configuring Stub and NSSA Areas for OSPF
and OSPFv3
. . . . . . . . . . . . . . . . . . . . 999
Configuring a Virtual Link for OSPF and
OSPFv3
. . . . . . . . . . . . . . . . . . . . . . 1003
Interconnecting an IPv4 Backbone and
Local IPv6 Network
. . . . . . . . . . . . . . . . 1005
Configuring the Static Area Range Cost . . . . . 1008
Configuring Flood Blocking . . . . . . . . . . . . 1013
36 Configuring RIP . . . . . . . . . . . . . . . . . . 1019
38 Contents
RIP Overview. . . . . . . . . . . . . . . . . . . . . . 1019
How Does RIP Determine Route
Information?
What Is Split Horizon?
. . . . . . . . . . . . . . . . . . . . 1019
. . . . . . . . . . . . . . 1020
What RIP Versions Are Supported? . . . . . . . 1020
Page 39
Default RIP Values . . . . . . . . . . . . . . . . . . . 1021
Configuring RIP Features (Web)
RIP Configuration
. . . . . . . . . . . . . . . . . 1022
RIP Interface Configuration
RIP Interface Summary
. . . . . . . . . . . . 1022
. . . . . . . . . . . 1023
. . . . . . . . . . . . . . 1024
RIP Route Redistribution Configuration . . . . . 1025
RIP Route Redistribution Summary. . . . . . . . 1026
Configuring RIP Features (CLI)
Configuring Global RIP Settings
Configuring RIP Interface Settings
. . . . . . . . . . . . . 1027
. . . . . . . . . 1027
. . . . . . . . 1028
Configuring Route Redistribution Settings . . . . 1029
RIP Configuration Example . . . . . . . . . . . . . . 1031
37 Configuring VRRP . . . . . . . . . . . . . . . . 1035
VRRP Overview . . . . . . . . . . . . . . . . . . . . 1035
How Does VRRP Work?
What Is the VRRP Router Priority?
What Is VRRP Preemption?. . . . . . . . . . . . 1036
What Is VRRP Accept Mode? . . . . . . . . . . 1037
What Are VRRP Route and Interface
Tra ck in g?
. . . . . . . . . . . . . . . . . . . . . 1037
. . . . . . . . . . . . . . 1035
. . . . . . . . 1036
Default VRRP Values. . . . . . . . . . . . . . . . . . 1039
Configuring VRRP Features (Web)
VRRP Configuration
. . . . . . . . . . . . . . . . 1040
VRRP Virtual Router Status
VRRP Virtual Router Statistics
. . . . . . . . . . . 1040
. . . . . . . . . . . . 1041
. . . . . . . . . . 1042
VRRP Router Configuration . . . . . . . . . . . . 1043
VRRP Route Tracking Configuration . . . . . . . 1044
VRRP Interface Tracking Configuration
. . . . . 1046
Contents 39
Page 40
Configuring VRRP Features (CLI). . . . . . . . . . . . 1048
Configuring VRRP Settings
. . . . . . . . . . . . 1048
VRRP Configuration Example
VRRP with Load Sharing
VRRP with Route and Interface Tracking
. . . . . . . . . . . . . 1050
. . . . . . . . . . . . . 1050
. . . . . 1054
38 Configuring IPv6 Routing . . . . . . . . . . . 1059
IPv6 Routing Overview . . . . . . . . . . . . . . . . . 1059
How Does IPv6 Compare with IPv4?
How Are IPv6 Interfaces Configured?
Default IPv6 Routing Values
. . . . . . . . . . . . . . 1061
Configuring IPv6 Routing Features (Web) . . . . . . . 1063
Global Configuration
. . . . . . . . . . . . . . . 1063
Interface Configuration . . . . . . . . . . . . . . 1064
Interface Summary . . . . . . . . . . . . . . . . 1065
IPv6 Statistics. . . . . . . . . . . . . . . . . . . 1066
IPv6 Neighbor Table
. . . . . . . . . . . . . . . . 1067
DHCPv6 Client Parameters . . . . . . . . . . . . 1068
IPv6 Route Entry Configuration . . . . . . . . . . 1069
IPv6 Route Table
. . . . . . . . . . . . . . . . . 1070
IPv6 Route Preferences. . . . . . . . . . . . . . 1071
Configured IPv6 Routes . . . . . . . . . . . . . . 1072
. . . . . . . 1060
. . . . . . 1060
40 Contents
Configuring IPv6 Routing Features (CLI)
Configuring Global IP Routing Settings
Configuring IPv6 Interface Settings
Configuring IPv6 Neighbor Discovery
. . . . . . . . 1073
. . . . . . 1073
. . . . . . . 1074
. . . . . . 1075
Configuring IPv6 Route Table Entries and
Route Preferences
. . . . . . . . . . . . . . . . 1077
IPv6 Show Commands . . . . . . . . . . . . . . 1079
Page 41
IPv6 Static Reject and Discard Routes . . . . . . . . 1080
39 Configuring DHCPv6 Server and
Relay Settings . . . . . . . . . . . . . . . . . . . 1083
DHCPv6 Overview . . . . . . . . . . . . . . . . . . . 1083
What Is a DHCPv6 Pool?
What Is a Stateless Server? . . . . . . . . . . . 1084
What Is the DHCPv6 Relay Agent Information
Option?
. . . . . . . . . . . . . . . . . . . . . . 1084
What Is a Prefix Delegation? . . . . . . . . . . . 1084
Default DHCPv6 Server and Relay Values. . . . . . . 1085
. . . . . . . . . . . . . 1084
Configuring the DHCPv6 Server and Relay (Web)
DHCPv6 Global Configuration
DHCPv6 Pool Configuration
Prefix Delegation Configuration
. . . . . . . . . . 1086
. . . . . . . . . . . . 1087
. . . . . . . . . 1089
. . . 1086
DHCPv6 Pool Summary. . . . . . . . . . . . . . 1090
DHCPv6 Interface Configuration . . . . . . . . . 1091
DHCPv6 Server Bindings Summary
. . . . . . . 1093
DHCPv6 Statistics. . . . . . . . . . . . . . . . . 1094
Configuring the DHCPv6 Server and Relay (CLI) . . . 1095
Configuring Global DHCP Server and Relay
Agent Settings
. . . . . . . . . . . . . . . . . . 1095
Configuring a DHCPv6 Pool for Stateless
Server Support
. . . . . . . . . . . . . . . . . . 1095
Configuring a DHCPv6 Pool for Specific
. . . . . . . . . . . . . . . . . . . . . . . 1096
Hosts
Configuring DHCPv6 Interface Information
. . . 1097
Monitoring DHCPv6 Information . . . . . . . . . 1098
DHCPv6 Configuration Examples . . . . . . . . . . . 1099
Configuring a DHCPv6 Stateless Server
. . . . . 1099
Contents 41
Page 42
Configuring the DHCPv6 Server for Prefix
Delegation
. . . . . . . . . . . . . . . . . . . . . 1100
Configuring an Interface as a DHCPv6
Relay Agent
. . . . . . . . . . . . . . . . . . . . 1101
40 Configuring Differentiated Services . . 1103
DiffServ Overview . . . . . . . . . . . . . . . . . . . 1103
How Does DiffServ Functionality Vary Based
on the Role of the Switch? . . . . . . . . . . . . 1104
What Are the Elements of DiffServ
Configuration?
. . . . . . . . . . . . . . . . . . 1104
Default DiffServ Values
. . . . . . . . . . . . . . . . 1105
Configuring DiffServ (Web) . . . . . . . . . . . . . . 1106
DiffServ Configuration
. . . . . . . . . . . . . . 1106
Class Configuration . . . . . . . . . . . . . . . . 1107
Class Criteria . . . . . . . . . . . . . . . . . . . 1108
Policy Configuration . . . . . . . . . . . . . . . 1110
Policy Class Definition . . . . . . . . . . . . . . 1112
Service Configuration . . . . . . . . . . . . . . . 1115
Service Detailed Statistics
. . . . . . . . . . . . 1117
Flow-Based Mirroring . . . . . . . . . . . . . . 1118
Configuring DiffServ (CLI) . . . . . . . . . . . . . . . 1119
DiffServ Configuration (Global)
. . . . . . . . . . 1119
DiffServ Class Configuration for IPv4 . . . . . . . 1119
DiffServ Class Configuration for IPv6 . . . . . . . 1121
DiffServ Policy Creation
. . . . . . . . . . . . . . 1122
DiffServ Policy Attributes Configuration . . . . . 1123
DiffServ Service Configuration . . . . . . . . . . 1125
DiffServ Configuration Examples . . . . . . . . . . . 1126
Providing Subnets Equal Access to External
Network
. . . . . . . . . . . . . . . . . . . . . . 1126
42 Contents
Page 43
DiffServ for VoIP . . . . . . . . . . . . . . . . . 1130
41 Configuring Class-of-Service . . . . . . . 1133
CoS Overview . . . . . . . . . . . . . . . . . . . . . 1133
What Are Trusted and Untrusted Port
Modes? . . . . . . . . . . . . . . . . . . . . . . 1134
How Is Traffic Shaping Used on Egress
. . . . . . . . . . . . . . . . . . . . . . 1134
Traffic?
How Are Traffic Queues Defined?
Which Queue Management Methods Are
Supported?
. . . . . . . . . . . . . . . . . . . . 1135
CoS Queue Usage . . . . . . . . . . . . . . . . 1136
Default CoS Values . . . . . . . . . . . . . . . . . . 1136
. . . . . . . . 1135
Configuring CoS (Web)
Mapping Table Configuration
Interface Configuration
Interface Queue Configuration
. . . . . . . . . . . . . . . . 1137
. . . . . . . . . . . 1137
. . . . . . . . . . . . . . 1140
. . . . . . . . . . 1141
Interface Queue Drop Precedence
Configuration
. . . . . . . . . . . . . . . . . . . 1142
Configuring CoS (CLI) . . . . . . . . . . . . . . . . . 1144
Mapping Table Configuration
. . . . . . . . . . . 1144
CoS Interface Configuration Commands . . . . . 1145
Interface Queue Configuration
. . . . . . . . . . 1145
Configuring Interface Queue Drop
Precedence
. . . . . . . . . . . . . . . . . . . . 1146
Contents 43
Page 44
CoS Configuration Example . . . . . . . . . . . . . . 1147
42 Configuring Auto VoIP . . . . . . . . . . . . . 1151
Auto VoIP Overview . . . . . . . . . . . . . . . . . . 1151
How Does Auto-VoIP Use ACLs?
. . . . . . . . . 1152
Default Auto VoIP Values . . . . . . . . . . . . . . . 1152
Configuring Auto VoIP (Web) . . . . . . . . . . . . . 1153
Auto VoIP Global Configuration
. . . . . . . . . . 1153
Auto VoIP Interface Configuration . . . . . . . . 1153
Configuring Auto VoIP (CLI) . . . . . . . . . . . . . . 1156
43 Managing IPv4 and IPv6 Multicast . . . 1157
L3 Multicast Overview . . . . . . . . . . . . . . . . . 1157
What Is IP Multicast Traffic?
What Multicast Protocols Does the
Switch Support?
. . . . . . . . . . . . . . . . . 1159
What Are the Multicast Protocol Roles? . . . . . 1159
When Is L3 Multicast Required on the
. . . . . . . . . . . . . . . . . . . . . . 1160
Switch?
What Is the Multicast Routing Table? . . . . . . 1160
What Is Multicast Tunneling?
What Is IGMP?
. . . . . . . . . . . . . . . . . . 1161
What Is MLD?. . . . . . . . . . . . . . . . . . . 1162
What Is PIM? . . . . . . . . . . . . . . . . . . . 1163
What Is DVMRP? . . . . . . . . . . . . . . . . . 1165
. . . . . . . . . . . 1158
. . . . . . . . . . . 1161
44 Contents
Page 45
Default L3 Multicast Values . . . . . . . . . . . . . . 1167
Configuring General IPv4 Multicast Features
(Web)
. . . . . . . . . . . . . . . . . . . . . . . . . . 1169
Multicast Global Configuration
. . . . . . . . . . 1169
Multicast Interface Configuration . . . . . . . . 1170
Multicast Route Table . . . . . . . . . . . . . . 1171
Multicast Admin Boundary Configuration
. . . . 1172
Multicast Admin Boundary Summary . . . . . . 1173
Multicast Static MRoute Configuration . . . . . 1174
Multicast Static MRoute Summary
. . . . . . . . 1175
Configuring IPv6 Multicast Features (Web) . . . . . . 1176
IPv6 Multicast Route Table
. . . . . . . . . . . . 1176
Configuring IGMP and IGMP Proxy (Web) . . . . . . 1177
IGMP Global Configuration
. . . . . . . . . . . . 1177
IGMP Interface Configuration . . . . . . . . . . 1178
IGMP Interface Summary . . . . . . . . . . . . 1179
IGMP Cache Information
IGMP Interface Source List Information
IGMP Proxy Interface Configuration
. . . . . . . . . . . . . 1180
. . . . . 1181
. . . . . . . 1182
IGMP Proxy Configuration Summary. . . . . . . 1183
IGMP Proxy Interface Membership Info . . . . . 1184
Detailed IGMP Proxy Interface Membership
Information
. . . . . . . . . . . . . . . . . . . . 1185
Configuring MLD and MLD Proxy (Web)
MLD Global Configuration
. . . . . . . . . . . . 1186
MLD Routing Interface Configuration
MLD Routing Interface Summary
. . . . . . . 1186
. . . . . . 1187
. . . . . . . . . 1188
MLD Routing Interface Cache Information. . . . 1189
MLD Routing Interface Source List
Information
MLD Traffic
. . . . . . . . . . . . . . . . . . . . 1190
. . . . . . . . . . . . . . . . . . . . 1191
MLD Proxy Configuration . . . . . . . . . . . . . 1192
Contents 45
Page 46
MLD Proxy Configuration Summary . . . . . . . 1193
MLD Proxy Interface Membership
Information
. . . . . . . . . . . . . . . . . . . . 1194
Detailed MLD Proxy Interface Membership
Information
. . . . . . . . . . . . . . . . . . . . 1195
Configuring PIM for IPv4 and IPv6 (Web)
PIM Global Configuration
PIM Global Status
. . . . . . . . . . . . . 1196
. . . . . . . . . . . . . . . . . 1198
PIM Interface Configuration
. . . . . . . 1196
. . . . . . . . . . . 1199
PIM Interface Summary . . . . . . . . . . . . . 1200
Candidate RP Configuration . . . . . . . . . . . 1201
Static RP Configuration
. . . . . . . . . . . . . . 1203
SSM Range Configuration . . . . . . . . . . . . 1205
BSR Candidate Configuration. . . . . . . . . . . 1207
BSR Candidate Summary
. . . . . . . . . . . . . 1208
Configuring DVMRP (Web). . . . . . . . . . . . . . . 1209
DVMRP Global Configuration
. . . . . . . . . . . 1209
DVMRP Interface Configuration . . . . . . . . . 1210
DVMRP Configuration Summary . . . . . . . . . 1211
DVMRP Next Hop Summary . . . . . . . . . . . 1212
DVMRP Prune Summary . . . . . . . . . . . . . 1213
DVMRP Route Summary . . . . . . . . . . . . . 1214
Configuring L3 Multicast Features (CLI)
. . . . . . . . 1215
Configuring and Viewing IPv4 Multicast
Information . . . . . . . . . . . . . . . . . . . . 1215
Configuring and Viewing IPv6 Multicast
Route Information
. . . . . . . . . . . . . . . . . 1217
Configuring and Viewing IGMP . . . . . . . . . . 1218
Configuring and Viewing IGMP Proxy . . . . . . 1220
Configuring and Viewing MLD
. . . . . . . . . . 1221
Configuring and Viewing MLD Proxy . . . . . . . 1222
Configuring and Viewing PIM-DM for IPv4
Multicast Routing
. . . . . . . . . . . . . . . . . 1223
46 Contents
Page 47
Configuring and Viewing PIM-DM for IPv6
Multicast Routing
. . . . . . . . . . . . . . . . . 1224
Configuring and Viewing PIM-SM for IPv4
Multicast Routing
. . . . . . . . . . . . . . . . . 1225
Configuring and Viewing PIM-SM for IPv6
Multicast Routing
. . . . . . . . . . . . . . . . . 1227
Configuring and Viewing DVMRP
Information
. . . . . . . . . . . . . . . . . . . . 1230
L3 Multicast Configuration Examples . . . . . . . . . 1231
Configuring Multicast VLAN Routing With
IGMP and PIM-SM
Configuring DVMRP
. . . . . . . . . . . . . . . . 1231
. . . . . . . . . . . . . . . 1235
A Feature Limitations and Platform
Constants . . . . . . . . . . . . . . . . . . . . . . . . . 1237
Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1247
Contents 47
Page 48
48 Contents
Page 49
1
Introduction
The Dell PowerConnect 8024, 8024F, 8132, 8132F, 8164, and 8164F switches
are stackable Layer 2 and Layer 3 switches that extend the Dell
PowerConnect LAN switching product range.
NOTE:
Throughout this document, the PowerConnect 8024 and 8024F switches
are referred to as the PowerConnect 8000-series switches, and the
PowerConnect 8132, 8132F, 8164, 8164F switches are referred to as the
PowerConnect 8100-series switches.
These switches include the following features:
• 1U form factor, rack-mountable chassis design.
• Support for all data-communication requirements for a multi-layer switch,
including layer 2 switching, IPv4 routing, IPv6 routing, IP multicast,
quality of service, security, and system management features.
• High availability with hot swappable stack members.
Each of the PowerConnect 8000-series and 8100-series switches has 24 or 48
ports of 10-Gb Ethernet in 10GBase-T or SFP+ with redundant power
supplies to provide high performance and high availability. PowerConnect
8000-series and 8100-series switches can be stacked with other PowerConnect
switches of the same model number using the 10G SFP+ or QSFP fiber
ports.
About This Document
This guide describes how to configure, monitor, and maintain a Dell
PowerConnect 8000-series and 8100-series switch by using web-based Dell
OpenManage Switch Administrator utility or the command-line interface
(CLI).
Introduction 49
Page 50
Audience
This guide is for network administrators in charge of managing one or more
PowerConnect 8024, 8024F, 8132, 8132F, 8164, and 8164F switches. To
obtain the greatest benefit from this guide, you should have a basic
understanding of Ethernet networks and local area network (LAN) concepts.
Document Conventions
Table 1-1 describes the typographical conventions this document uses.
Table 1-1. Document Conventions
Convention Description
Bold Page names, field names, menu options, button names, and
CLI commands and keywords.
courier font
[ ] In a command line, square brackets indicate an optional
{ } In a command line, inclusive brackets indicate a selection of
Italic
In a command line, indicates a variable.
<Enter> Any individual key on the keyboard.
CTRL + Z A keyboard combination that involves pressing the Z key
Command-line text (CLI output) and file names
entry.
compulsory parameters separated by the | character. One
option must be selected. For example:
{stp|rstp|mstp} means that for the spanning-tree mode
command you must enter either stp, rstp, or mstp
while holding the CTRL key.
spanning-tree mode
50 Introduction
Page 51
Additional Documentation
The following documents for the PowerConnect 8024, 8024F, 8132, 8132F,
8164, and 8164F switches are available at support.dell.com/manuals:
•
Getting Started Guide—
the series, including front and back panel features. It also describes the
installation and initial configuration procedures.
CLI Reference Guide—
•
interface (CLI) commands used to configure and manage the switch. The
document provides in-depth CLI descriptions, syntax, default values, and
usage guidelines.
provides information about the switch models in
provides information about the command-line
Introduction 51
Page 52
52 Introduction
Page 53
Switch Features
This section describes the switch user-configurable software features.
NOTE: Before proceeding, read the release notes for this product. The release
notes are part of the firmware download.
The topics covered in this section include:
2
• System Management
Fea tu re s
•Stacking Features
• Security Features
• Switching Features
• Virtual Local Area Network
Supported Features
• Spanning Tree Protocol
Fea tu re s
• Link Aggregation Features
•Routing Features
• IPv6 Routing Features
• Quality of Service (QoS)
Fea tu re s
• Layer 2 Multicast Features
• Layer 3 Multicast Features
Switch Features 53
Page 54
System Management Features
Multiple Management Options
You can use any of the following methods to manage the switch:
• Use a web browser to access the Dell OpenManage Switch Administrator
interface. The switch contains an embedded Web server that serves
HTML pages.
• Use a telnet client, SSH client, or a direct console connection to access the
CLI. The CLI
common industry practice.
• Use a network management system (NMS) to manage and monitor the
system through SNMP. The switch supports
UDP/IP transport protocol.
System Time Management
You can configure the switch to obtain the system time and date through a
remote Simple Network Time Protocol (SNTP) server, or you can set the time
and date locally on the switch. You can also configure the time zone and
information about time shifts that might occur during summer months. If
you use SNTP to obtain the time, you can require communications between
the switch and the SNTP server to be encrypted.
For information about configuring system time settings, see "Managing
General System Settings" on page 237.
syntax and semantics conform as much as possible to
SNMP v1/v2c/v3 over the
Log Messages
The switch maintains in-memory log messages as well as persistent logs. You
can also configure remote logging so that the switch sends log messages to a
remote log server. You can also configure the switch to send log messages to a
configured SMTP server. This allows you to receive the log message in an email account of your choice. Switch auditing messages, CLI command
logging, Web logging, and SNMP logging can be enabled or disabled.
For information about configuring system logging, see "Monitoring and
Logging System Information" on page 203.
54 Switch Features
Page 55
Integrated DHCP Server
PowerConnect 8000-series and 8100-series switches include an integrated
DHCP server that can deliver host-specific configuration information to
hosts on the network. The switch DHCP server allows you to configure IP
address pools (scopes), and when a host’s DHCP client requests an address,
the switch DHCP server automatically assigns the host an address from the
pool.
For information about configuring the DHCP server settings, see
"Configuring DHCP Server Settings" on page 859.
Management of Basic Network Information
The DHCP client on the switch allows the switch to acquire information such
as the IP address and default gateway from a network DHCP server. You can
also disable the DHCP client and configure static network information.
Other configurable network information includes a Domain Name Server
(DNS), hostname to IP address mapping, and a default domain name.
If the switch detects an IP address conflict on the management interface, it
generates a trap and sends a log message.
For information about configuring basic network information, see "Setting
the IP Address and Other Basic Network Information" on page 119.
IPv6 Management Features
PowerConnect 8000-series and 8100-series switches provide IPv6 support for
many standard management features including HTTP, HTTPS/SSL, Telnet,
SSH, SNMP, SNTP, TFTP, and traceroute.
Dual Software Images
PowerConnect 8000-series and 8100-series switches can store up to two
software images. The dual image feature allows you to upgrade the switch
without deleting the older software image. You designate one image as the
active image and the other image as the backup image.
For information about managing the switch image, see "Managing Images
and Files" on page 307.
Switch Features 55
Page 56
File Management
You can upload and download files such as configuration files and system
images by using HTTP (web only), TFTP, Secure FTP (SFTP), or Secure
Copy (SCP). Configuration file uploads from the switch to a server are a good
way to back up the switch configuration. You can also download a
configuration file from a server to the switch to restore the switch to the
configuration in the downloaded file.
For information about uploading, downloading, and copying files, see
"Managing Images and Files" on page 307.
Switch Database Management Templates
Switch Database Management (SDM) templates enable you to reallocate
system resources to support a different mix of features based on your network
requirements. PowerConnect 8000-series and 8100-series switches support
the following three templates:
• Dual IPv4 and IPv6 (default)
•IPv4 Routing
•IPv4 Data Center
For information about setting the SDM template, see "Managing General
System Settings" on page 237.
Automatic Installation of Firmware and Configuration
The Auto Install feature allows the switch to upgrade or downgrade to a
newer software image and update the configuration file automatically during
device initialization with limited administrative configuration on the device.
The switch can obtain the necessary information from a DHCP server on the
network.
For information about Auto Install, see "Automatically Updating the Image
and Configuration" on page 333.
56 Switch Features
Page 57
sFlow
sFlow is the standard for monitoring high-speed switched and routed
networks. sFlow technology is built into network equipment and gives
complete visibility into network activity, enabling effective management and
control of network resources. The PowerConnect 8000-series and 8100-series
switches support sFlow version 5.
For information about configuring managing sFlow settings, see "Monitoring
Switch Traffic" on page 347.
SNMP Alarms and Trap Logs
The system logs events with severity codes and timestamps. The events are
sent as SNMP traps to a trap recipient list.
For information about configuring SNMP traps and alarms, see "Configuring
SNMP" on page 271.
CDP Interoperability through ISDP
Industry Standard Discovery Protocol (ISDP) allows the PowerConnect
switch to interoperate with Cisco devices running the Cisco Discovery
Protocol (CDP). ISDP is a proprietary Layer 2 network protocol which interoperates with Cisco network equipment and is used to share information
between neighboring devices (routers, bridges, access servers, and switches).
For information about configuring ISDP settings, see "Discovering Network
Devices" on page 637.
Remote Monitoring (RMON)
RMON is a standard Management Information Base (MIB) that defines
current and historical MAC-layer statistics and control objects, allowing realtime information to be captured across the entire network.
For information about configuring managing RMON settings, see
"Monitoring Switch Traffic" on page 347.
Switch Features 57
Page 58
Stacking Features
For information about creating and maintaining a stack of switches, see
"Managing a Switch Stack" on page 141.
High Port Count
You can stack PowerConnect 8000-series and 8100-series switches up to six
switches high, supporting up to 132 front-panel ports when two ports on each
unit are configured as stacking ports. The stack can contain any combination
of Power Connect 8024 and PowerConnect 8024F switches as long as all
switches are running the same firmware version.
Single IP Management
When multiple switches are connected together through the stack ports, they
operate as a single unit with a larger port count. The stack operates and is
managed as a single entity. One switch acts as the master, and the entire stack
is managed through the management interface (Web, CLI, or SNMP) of the
stack master.
Automatic Firmware Update for New Stack Members
By default, if a switch is added to a stack and the switch is running a different
backup version of firmware than the active version on the stack master, the
backup firmware on the new member is automatically updated to match the
stack master, the backup version of firmware on the new member is activated,
and the new member is rebooted.
58 Switch Features
Page 59
Master Failover with Transparent Transition
The stacking feature supports a
stack master role if the stack master fails. As soon as a stack master failure is
detected, the standby unit initializes the control plane and enables all other
stack units with the current configuration. The standby unit maintains a
synchronized copy of the running configuration for the stack.
standby
or backup unit that assumes the
Nonstop Forwarding on the Stack
The Nonstop Forwarding (NSF) feature allows the forwarding plane of stack
units to continue to forward packets while the control and management
planes restart as a result of a power failure, hardware failure, or software fault
on the stack master and allows the standby switch to quickly takeover as the
master.
Hot Add/Delete and Firmware Synchronization
You can add and remove units to and from the stack without cycling the
power. When you add a unit, the Stack Firmware Synchronization feature
automatically synchronizes the firmware version with the version running on
the stack master. The synchronization operation may result in either an
upgrade or a downgrade of firmware on the mismatched stack member. In
addition, the running-config on the member is updated to match the master
switch. The startup-config on the standby and member switches is not
updated to match the master switch. The hardware configuration of every
switch is updated to match the master switch (unit number, slot
configuration, stack member number, etc.).
Security Features
Configurable Access and Authentication Profiles
You can configure rules to limit access to the switch management interface
based on criteria such as access type and source IP address of the
management host. You can also require the user to be authenticated locally or
by an external server, such as a RADIUS server.
For information about configuring access and authentication profiles, see
"Configuring Authentication, Authorization, and Accounting" on page 177.
Switch Features 59
Page 60
Password-Protected Management Access
Access to the Web, CLI, and SNMP management interfaces is password
protected, and there are no default users on the system.
For information about configuring local user accounts, see "Configuring
Authentication, Authorization, and Accounting" on page 177.
Strong Password Enforcement
The Strong Password feature enforces a baseline password strength for all
locally administered users. Password strength is a measure of the effectiveness
of a password in resisting guessing and brute-force attacks. The strength of a
password is a function of length, complexity and randomness. Using strong
passwords lowers overall risk of a security breach.
For information about configuring password settings, see "Configuring
Authentication, Authorization, and Accounting" on page 177.
TACACS+ Client
The switch has a TACACS+ client. TACACS+ provides centralized security
for validation of users accessing the switch. TACACS+ provides a centralized
user management system while still retaining consistency with RADIUS and
other authentication processes.
For information about configuring TACACS+ client settings, see
"Configuring Authentication, Authorization, and Accounting" on page 177.
RADIUS Support
The switch has a Remote Authentication Dial In User Service (RADIUS)
client and can support up to 32 named authentication and accounting
RADIUS servers. The switch also supports RADIUS Attribute 4, which is the
configuration of a NAS-IP address. You can also configure the switch to
accept RADIUS-assigned VLANs.
For information about configuring RADIUS client settings, see "Configuring
Authentication, Authorization, and Accounting" on page 177.
60 Switch Features
Page 61
SSH/SSL
The switch supports Secure Shell (SSH) for secure, remote connections to
the CLI and Secure Sockets Layer (SSL) to increase security when accessing
the web-based management interface.
For information about configuring SSH and SSL settings, see "Configuring
Authentication, Authorization, and Accounting" on page 177.
Inbound Telnet Control
You can configure the switch to prevent new Telnet sessions from being
established with the switch. Additionally, the Telnet port number is
configurable.
For information about configuring inbound Telnet settings, see "Configuring
Authentication, Authorization, and Accounting" on page 177.
Denial of Service
The switch supports configurable Denial of Service (DoS) attack protection
for eight different types of attacks.
For information about configuring DoS settings, see "Configuring Port and
System Security" on page 457.
Port Protection
A port may be put into the disabled state for any of the following reasons:
• BPDU Storm Protection: By default, if Spanning Tree Protocol (STP)
bridge protocol data units (BPDUs) are received at a rate of 15pps or
greater for three consecutive seconds on a port, the port will be
diagnostically disabled. The threshold is not configurable.
• DHCP Snooping: If DHCP packets are received on a port at a rate that
exceeds 15 pps, the port will be diagnostically disabled. The threshold is
configurable up to 300 pps for up to 15s long using the
snooping limit
The default protection limit is 15 pps.
command. DHCP snooping is disabled by default.
ip dhcp
Switch Features 61
Page 62
• Dynamic ARP Inspection: By default, if Dynamic ARP Inspection packets
are received on a port at a rate that exceeds 15 pps for 1 second, the port
will be diagnostically disabled. The threshold is configurable up to 300 pps
and the burst is configurable up to 15s long using the
inspection limit
A port that is diagnostically disabled due to exceeding one of the above limits
may be returned to service using the no shut command.
command.
ip arp
Captive Portal
The Captive Portal feature blocks clients from accessing the network until
user verification has been established. When a user attempts to connect to
the network through the switch, the user is presented with a customized Web
page that might contain username and password fields or the acceptable use
policy. You can require users to be authenticated by a local or remote RADIUS
database before access is granted.
For information about configuring the Captive Portal features, see
"Configuring a Captive Portal" on page 401.
Dot1x Authentication (IEEE 802.1X)
Dot1x authentication enables the authentication of system users through a
local internal server or an external server. Only authenticated and approved
system users can transmit and receive data. Supplicants are authenticated
using the Extensible Authentication Protocol (EAP). Also supported are
PEAP, EAP-TTL, EAP-TTLS, and EAP-TLS.
For information about configuring IEEE 802.1X settings, see "Configuring
Port and System Security" on page 457.
MAC-Based 802.1X Authentication
MAC-based authentication allows multiple supplicants connected to the
same port to each authenticate individually. For example, a system attached
to the port might be required to authenticate in order to gain access to the
network, while a VoIP phone might not need to authenticate in order to send
voice traffic through the port.
For information about configuring MAC-based 802.1X authentication, see
"Configuring Port and System Security" on page 457.
62 Switch Features
Page 63
Dot1x Monitor Mode
Monitor mode can be enabled in conjunction with Dot1x authentication to
allow network access even when the user fails to authenticate. The switch logs
the results of the authentication process for diagnostic purposes. The main
purpose of this mode is to help troubleshoot the configuration of a Dot1x
authentication on the switch without affecting the network access to the
users of the switch.
For information about enabling the Dot1X Monitor mode, see "Configuring
Port and System Security" on page 457.
MAC-Based Port Security
The port security feature limits access on a port to users with specific MAC
addresses. These addresses are manually defined or learned on that port.
When a frame is seen on a locked port, and the frame source MAC address is
not tied to that port, the protection mechanism is invoked.
For information about configuring MAC-based port security, see "Configuring
Port and System Security" on page 457.
Access Control Lists (ACL)
Access Control Lists (ACLs) ensure that only authorized users have access to
specific resources while blocking off any unwarranted attempts to reach
network resources. ACLs are used to provide traffic flow control, restrict
contents of routing updates, decide which types of traffic are forwarded or
blocked, and above all provide security for the network. The switch supports
the following ACL types:
•IPv4 ACLs
•IPv6 ACLs
•MAC ACLs
For all ACL types, you can apply the ACL rule when the packet enters or exits
the physical port, LAG, or VLAN interface.
For information about configuring ACLs, see "Configuring Access Control
Lists" on page 501.
Switch Features 63
Page 64
Time-Based ACLs
With the Time-based ACL feature, you can define when an ACL is in effect
and the amount of time it is in effect.
For information about configuring time-based ACLs, see "Configuring Access
Control Lists" on page 501.
IP Source Guard (IPSG)
IP source guard (IPSG) is a security feature that filters IP packets based on
the source ID. The source ID may either be source IP address or a source IP
address source MAC address pair.
For information about configuring IPSG, see "Snooping and Inspecting
Traffic" on page 743.
DHCP Snooping
DHCP Snooping is a security feature that monitors DHCP messages between
a DHCP client and DHCP server. It filters harmful DHCP messages and
builds a bindings database of (MAC address, IP address, VLAN ID, port)
tuples that are specified as authorized. DHCP snooping can be enabled
globally and on specific VLANs. Ports within the VLAN can be configured to
be trusted or untrusted. DHCP servers must be reached through trusted ports.
For information about configuring DHCP Snooping, see "Snooping and
Inspecting Traffic" on page 743.
Dynamic ARP Inspection
Dynamic ARP Inspection (DAI) is a security feature that rejects invalid and
malicious ARP packets. The feature prevents a class of man-in-the-middle
attacks, where an unfriendly station intercepts traffic for other stations by
poisoning the ARP caches of its unsuspecting neighbors. The malicious
station sends ARP requests or responses mapping another station's IP address
to its own MAC address.
Dynamic ARP Inspection relies on DHCP Snooping.
For information about configuring DAI, see "Snooping and Inspecting Traffic"
on page 743.
64 Switch Features
Page 65
Protected Ports (Private VLAN Edge)
Private VLAN Edge (PVE) ports are a Layer 2 security feature that provides
port-based security between ports that are members of the same VLAN. It is
an extension of the common VLAN. Traffic from protected ports is sent only
to the uplink ports and cannot be sent to other ports within the VLAN.
For information about configuring IPSG, see "Configuring Port-Based Traffic
Control" on page 665.
Switching Features
Flow Control Support (IEEE 802.3x)
Flow control enables lower speed switches to communicate with higher speed
switches by requesting that the higher speed switch refrains from sending
packets. Transmissions are temporarily halted to prevent buffer overflows.
For information about configuring flow control, see "Configuring Port-Based
Traffic Control" on page 665.
Head of Line Blocking Prevention
Head of Line (HOL) blocking prevention prevents traffic delays and frame
loss caused by traffic competing for the same egress port resources. HOL
blocking queues packets, and the packets at the head of the queue are
forwarded before packets at the end of the queue.
Alternate Store and Forward (ASF)
The Alternate Store and Forward (ASF) feature reduces latency for large
packets. When ASF is enabled, the memory management unit (MMU) can
forward a packet to the egress port before it has been entirely received on the
Cell Buffer Pool (CBP) memory.
AFS, which is also known as cut-through mode, is configurable through the
command-line interface. For information about how to configure the AFS
feature, see the
CLI Reference Guide
available at support.dell.com/manuals.
Switch Features 65
Page 66
Jumbo Frames Support
Jumbo frames enable transporting data in fewer frames to ensure less
overhead, lower processing time, and fewer interrupts.
For information about configuring the port MTU, see "Configuring Port
Characteristics" on page 439.
Auto-MDI/MDIX Support
Your switch supports auto-detection between crossed and straight-through
cables. Media-Dependent Interface (MDI) is the standard wiring for end
stations, and the standard wiring for hubs and switches is known as MediaDependent Interface with Crossover (MDIX).
VLAN-Aware MAC-based Switching
Packets arriving from an unknown source address are sent to the CPU and
added to the Hardware Table. Future packets addressed to or from this
address are more efficiently forwarded.
Back Pressure Support
On half-duplex links, a receiver may prevent buffer overflows by jamming the
link so that it is unavailable for additional traffic. On full-duplex links, a
receiver may send a PAUSE frame indicating that the transmitter should
cease transmission of frames for a specified period.
When flow control is enabled, the PowerConnect 8000-series and 8100-series
switches will observe received PAUSE frames or jamming signals, but will not
issue them when congested.
66 Switch Features
Page 67
Auto Negotiation
Auto negotiation allows the switch to advertise modes of operation. The auto
negotiation function provides the means to exchange information between
two switches that share a point-to-point link segment, and to automatically
configure both switches to take maximum advantage of their transmission
capabilities.
PowerConnect 8000-series and 8100-series switches enhance auto negotiation
by providing configuration of port advertisement. Port advertisement allows
the system administrator to configure the port speeds that are advertised.
For information about configuring auto negotiation, see "Configuring Port
Characteristics" on page 439.
Broadcast Storm Control
When Layer 2 frames are forwarded, broadcast, unknown unicast, and
multicast frames are flooded to all ports on the relevant virtual local area
network (VLAN). The flooding occupies bandwidth, and loads all nodes
connected on all ports. Storm control limits the amount of broadcast,
unknown unicast, and multicast frames accepted and forwarded by the
switch.
For information about configuring Broadcast Storm Control settings, see
"Configuring Port-Based Traffic Control" on page 665.
Port Mirroring
Port mirroring monitors and mirrors network traffic by forwarding copies of
incoming and outgoing packets from up to four source ports to a monitoring
port. The switch also supports flow-based mirroring, which allows you to copy
certain types of traffic to a single destination port. This provides flexibility—
instead of mirroring all ingress or egress traffic on a port the switch can mirror
a subset of that traffic. You can configure the switch to mirror flows based on
certain kinds of Layer 2, Layer 3, and Layer 4 information.
For information about configuring port mirroring, see "Monitoring Switch
Traffic" on page 347.
Switch Features 67
Page 68
Static and Dynamic MAC Address Tables
You can add static entries to the switch’s MAC address table and configure
the aging time for entries in the dynamic MAC address table. You can also
search for entries in the dynamic table based on several different criteria.
For information about viewing and managing the MAC address table, see
"Managing the MAC Address Table" on page 837.
Link Layer Discovery Protocol (LLDP)
The IEEE 802.1AB defined standard, Link Layer Discovery Protocol (LLDP),
allows the switch to advertise major capabilities and physical descriptions.
This information can help you identify system topology and detect bad
configurations on the LAN.
For information about configuring LLDP, settings see "Discovering Network
Devices" on page 637.
Link Layer Discovery Protocol (LLDP) for Media Endpoint Devices
The Link Layer Discovery Protocol for Media Endpoint Devices (LLDPMED) provides an extension to the LLDP standard for network configuration
and policy, device location, Power over Ethernet management, and inventory
management.
For information about configuring LLDP-MED, settings see "Discovering
Network Devices" on page 637.
Priority-based Flow Control (PFC)
The Priority-based Flow Control feature allows the switch to pause or inhibit
transmission of individual priorities within a single physical link. By
configuring PFC to pause a congested priority (priorities) independently,
protocols that are highly loss sensitive can share the same link with traffic that
has different loss tolerances. Priorities are differentiated by the priority field
of the 802.1Q VLAN header. The PowerConnect 8000-series and 8100-series
switches support lossless transport of frames on up to two priority classes.
NOTE: An interface that is configured for PFC is automatically disabled for 802.3x
flow control.
68 Switch Features
Page 69
For information about configuring the PFC feature, see "Configuring Data
Center Bridging Features" on page 799.
Data Center Bridging Exchange (DBCx) Protocol
The Data Center Bridging Exchange Protocol (DCBx) is used by DCB
devices to exchange configuration information with directly connected peers.
The protocol is also used to detect misconfiguration of the peer DCB devices
and, optionally, for configuration of peer DCB devices. For information about
configuring DCBx settings, see "Configuring Data Center Bridging Features"
on page 799. DCBx is a link-local protocol and operates only on individual
links. When configuring FIP snooping on a port channel, ensure that all of
the physical links in the port channel utilize the same auto configuration
setting.
Enhanced Transmission Selection
Enhanced Transmission Selection (ETS) allows the switch to allocate
bandwidth to traffic classes and share unused bandwidth with lower-priority
traffic classes while coexisting with strict-priority traffic classes. ETS is
supported on the PowerConnect 8000-series and 8100-series switches and can
be configured manually or automatically using the auto configuration feature.
For more information about ETS, see "Enhanced Transmission Selection" on
page 819.
Fibre Channel over Ethernet (FCoE) Initialization Protocol Snooping
The FCoE Initialization Protocol (FIP) is used to perform the functions of
FC_BB_E device discovery, initialization, and maintenance as defined in the
ANSI T11 FC-BB-5 specification. The PC8024/PC8024F switch supports FIP
snooping, which is a frame inspection method used by FIP Snooping Bridges
to monitor FIP frames and apply policies based upon the L2 header
information in those frames. For information about configuring the FIP
Snooping feature, see "Configuring Data Center Bridging Features" on
page 799.
Switch Features 69
Page 70
Cisco Protocol Filtering
The Cisco Protocol Filtering feature (also known as Link Local Protocol
Filtering) filters Cisco protocols that should not normally be relayed by a
bridge. The group addresses of these Cisco protocols do not fall within the
IEEE defined range of the 802.1D MAC Bridge Filtered MAC Group
Addresses (01-80-C2-00-00-00 to 01-80-C2-00-00-0F).
For information about configuring LLPF, settings see "Configuring PortBased Traffic Control" on page 665.
DHCP Layer 2 Relay
This feature permits Layer 3 Relay agent functionality in Layer 2 switched
networks. The switch supports L2 DHCP relay configuration on individual
ports, link aggregation groups (LAGs) and VLANs.
For information about configuring L2 DHCP Relay settings see "Configuring
L2 and L3 Relay Features" on page 907.
Virtual Local Area Network Supported Features
For information about configuring VLAN features see "Configuring VLANs"
on page 539.
VLAN Support
VLANs are collections of switching ports that comprise a single broadcast
domain. Packets are classified as belonging to a VLAN based on either the
VLAN tag or a combination of the ingress port and packet contents. Packets
sharing common attributes can be groups in the same VLAN. The
PowerConnect 8000-series and 8100-series switches are in full compliance
with IEEE 802.1Q VLAN tagging.
Port-Based VLANs
Port-based VLANs classify incoming packets to VLANs based on their ingress
port. When a port uses 802.1X port authentication, packets can be assigned
to a VLAN based on the result of the 802.1X authentication a client uses
when it accesses the switch. This feature is useful for assigning traffic to
Guest VLANs or Voice VLANs.
70 Switch Features
Page 71
IP Subnet-based VLAN
This feature allows incoming untagged packets to be assigned to a VLAN and
traffic class based on the source IP address of the packet.
MAC-based VLAN
This feature allows incoming untagged packets to be assigned to a VLAN and
traffic class based on the source MAC address of the packet.
IEEE 802.1v Protocol-Based VLANs
VLAN classification rules are defined on data-link layer (Layer 2) protocol
identification. Protocol-based VLANs are used for isolating Layer 2 traffic for
differing Layer 3 protocols.
GARP and GVRP Support
The switch supports the configuration of Generic Attribute Registration
Protocol (GARP) timers GARP VLAN Registration Protocol (GVRP) relies on
the services provided by GARP to provide IEEE 802.1Q-compliant VLAN
pruning and dynamic VLAN creation on 802.1Q trunk ports. When GVRP is
enabled, the switch registers and propagates VLAN membership on all ports
that are part of the active spanning tree protocol topology.
For information about configuring GARP timers see "Configuring L2
Multicast Features" on page 681.
Voice VLAN
The Voice VLAN feature enables switch ports to carry voice traffic with
defined priority. The priority level enables the separation of voice and data
traffic coming onto the port. Voice VLAN is the preferred solution for
enterprises wishing to deploy voice services in their network.
Switch Features 71
Page 72
Guest VLAN
The Guest VLAN feature allows a switch to provide a distinguished service to
unauthenticated users. This feature provides a mechanism to allow visitors
and contractors to have network access to reach external network with no
ability to browse information on the internal LAN.
For information about configuring the Guest VLAN see "Configuring Port
and System Security" on page 457.
Double VLANs
The Double VLAN feature (IEEE 802.1QinQ) allows the use of a second tag
on network traffic. The additional tag helps differentiate between customers
in the Metropolitan Area Networks (MAN) while preserving individual
customer’s VLAN identification when they enter their own 802.1Q domain.
72 Switch Features
Page 73
Spanning Tree Protocol Features
For information about configuring Spanning Tree Protocol features, see
"Configuring the Spanning Tree Protocol" on page 605.
Spanning Tree Protocol (STP)
Spanning Tree Protocol (IEEE 802.1D) is a standard requirement of Layer 2
switches that allows bridges to automatically prevent and resolve L2
forwarding loops.
Spanning Tree Port Settings
The STP feature supports a variety of per-port settings including path cost,
priority settings, Port Fast mode, STP Root Guard, Loop Guard, TCN Guard,
and Auto Edge. These settings are also configurable per-LAG.
Rapid Spanning Tree
Rapid Spanning Tree Protocol (RSTP) detects and uses network topologies to
enable faster spanning tree convergence after a topology change, without
creating forwarding loops. The port settings supported by STP are also
supported by RSTP.
Multiple Spanning Tree
Multiple Spanning Tree (MSTP) operation maps VLANs to spanning tree
instances. Packets assigned to various VLANs are transmitted along different
paths within MSTP Regions (MST Regions). Regions are one or more
interconnected MSTP bridges with identical MSTP settings. The MSTP
standard lets administrators assign VLAN traffic to unique paths.
The switch supports IEEE 802.1Q-2005, which is a version of corrects
problems associated with the previous version, provides for faster transitionto-forwarding, and incorporates new features for a port (restricted role and
restricted TCN).
Switch Features 73
Page 74
Bridge Protocol Data Unit (BPDU) Guard
Spanning Tree BPDU Guard is used to disable the port in case a new device
tries to enter the already existing topology of STP. Thus devices, which were
originally not a part of STP, are not allowed to influence the STP topology.
BPDU Filtering
When spanning tree is disabled on a port, the BPDU Filtering feature allows
BPDU packets received on that port to be dropped. Additionally, the BPDU
Filtering feature prevents a port in Port Fast mode from sending and receiving
BPDUs. A port in Port Fast mode is automatically placed in the forwarding
state when the link is up to increase convergence time.
Link Aggregation Features
For information about configuring link aggregation (port-channel) features,
see "Configuring Link Aggregation" on page 781.
Link Aggregation
Up to eight ports can combine to form a single Link Aggregated Group
(LAG). This enables fault tolerance protection from physical link disruption,
higher bandwidth connections and improved bandwidth granularity.
Per IEEE 802.1AX, only links with the same operational characteristics, such
as speed and duplex setting, may be aggregated. PowerConnect switches
aggregate links only if they have the same operational speed and duplex
setting, as opposed to the configured speed and duplex setting. This allows
operators to aggregate links that use auto negotiation to set values for speed
and duplex. Dissimilar ports will not become active in the LAG if their
operational settings do not match those of the first member of the LAG.
PowerConnect switches also support setting the MTU on a LAG. When a link
becomes active in a LAG, its MTU is dynamically changed to the LAG MTU.
When the link leaves the LAG, its MTU reverts to the link setting.
Link Aggregate Control Protocol (LACP)
Link Aggregate Control Protocol (LACP) uses peer exchanges across links to
determine, on an ongoing basis, the aggregation capability of various links,
and continuously provides the maximum level of aggregation capability
74 Switch Features
Page 75
achievable between a given pair of systems. LACP automatically determines,
configures, binds, and monitors the binding of ports to aggregators within the
system.
Switch Features 75
Page 76
Routing Features
Address Resolution Protocol (ARP) Table Management
You can create static ARP entries and manage many settings for the dynamic
ARP table, such as age time for entries, retries, and cache size.
For information about managing the ARP table, see "Configuring IP Routing"
on page 883.
VLAN Routing
PowerConnect 8000-series and 8100-series switches support VLAN routing.
You can also configure the software to allow traffic on a VLAN to be treated as
if the VLAN were a router port.
For information about configuring VLAN routing interfaces, see "Configuring
Routing Interfaces" on page 843.
IP Configuration
The switch IP configuration settings to allow you to configure network
information for VLAN routing interfaces such as IP address and subnet mask,
MTU size, and ICMP redirects. Global IP configuration settings for the
switch allow you to enable or disable the generation of several types of ICMP
messages and enable or disable the routing mode.
For information about managing global IP settings, see "Configuring IP
Routing" on page 883.
Open Shortest Path First (OSPF)
Open Shortest Path First (OSPF) is a dynamic routing protocol commonly
used within medium-to-large enterprise networks. OSPF is an interior
gateway protocol (IGP) that operates within a single autonomous system.
For information about configuring OSPF, see "Configuring OSPF and
OSPFv3" on page 931.
76 Switch Features
Page 77
BOOTP/DHCP Relay Agent
The switch BootP/DHCP Relay Agent feature relays BootP and DHCP
messages between DHCP clients and DHCP servers that are located in
different IP subnets.
For information about configuring the BootP/DHCP Relay agent, see
"Configuring L2 and L3 Relay Features" on page 907.
IP Helper and UDP Relay
The IP Helper and UDP Relay features provide the ability to relay various
protocols to servers on a different subnet.
For information about configuring the IP helper and UDP relay features, see
"Configuring L2 and L3 Relay Features" on page 907.
Routing Information Protocol
Routing Information Protocol (RIP), like OSPF, is an IGP used within an
autonomous Internet system. RIP is an IGP that is designed to work with
moderate-size networks.
For information about configuring RIP, see "Configuring RIP" on page 1019.
Router Discovery
For each interface, you can configure the Router Discovery Protocol (RDP) to
transmit router advertisements. These advertisements inform hosts on the
local network about the presence of the router.
For information about configuring router discovery, see "Configuring IP
Routing" on page 883.
Routing Table
The routing table displays information about the routes that have been
dynamically learned. You can configure static and default routes and route
preferences. A separate table shows the routes that have been manually
configured.
For information about viewing the routing table, see "Configuring IP
Routing" on page 883.
Switch Features 77
Page 78
Virtual Router Redundancy Protocol (VRRP)
VRRP provides hosts with redundant routers in the network topology without
any need for the hosts to reconfigure or know that there are multiple routers.
If the primary (master) router fails, a secondary router assumes control and
continues to use the virtual router IP (VRIP) address.
VRRP Route Interface Tracking extends the capability of VRRP to allow
tracking of specific route/interface IP states within the router that can alter
the priority level of a virtual router for a VRRP group.
For information about configuring VRRP settings, see "Configuring VRRP"
on page 1035.
Tunnel and Loopback Interfaces
PowerConnect 8000-series and 8100-series switches support the creation,
deletion, and management of tunnel and loopback interfaces. Tunnel
interfaces facilitate the transition of IPv4 networks to IPv6 networks. A
loopback interface is always expected to be up, so you can configure a stable
IP address that other network devices use to contact or identify the switch.
For information about configuring tunnel and loopback interfaces, see
"Configuring Routing Interfaces" on page 843.
IPv6 Routing Features
IPv6 Configuration
The switch supports IPv6, the next generation of the Internet Protocol. You
can globally enable IPv6 on the switch and configure settings such as the IPv6
hop limit and ICMPv6 rate limit error interval. You can also control whether
IPv6 is enabled on a specific interface. The switch supports the configuration
of many per-interface IPv6 settings including the IPv6 prefix and prefix
length.
For information about configuring general IPv6 routing settings, see
"Configuring IPv6 Routing" on page 1059.
78 Switch Features
Page 79
IPv6 Routes
Because IPv4 and IPv6 can coexist on a network, the router on such a network
needs to forward both traffic types. Given this coexistence, each switch
maintains a separate routing table for IPv6 routes. The switch can forward
IPv4 and IPv6 traffic over the same set of interfaces.
For information about configuring IPv6 routes, see "Configuring IPv6
Routing" on page 1059.
OSPFv3
OSPFv3 provides a routing protocol for IPv6 networking. OSPFv3 is a new
routing component based on the OSPF version 2 component. In dual stack
IPv6, you can configure and use both OSPF and OSPFv3 components.
For information about configuring OSPFv3, see "Configuring OSPF and
OSPFv3" on page 931.
DHCPv6
DHCPv6 incorporates the notion of the “stateless” server, where DHCPv6 is
not used for IP address assignment to a client, rather it only provides other
networking information such as DNS, Network Time Protocol (NTP), and/or
Session Initiation Protocol (SIP) information.
For information about configuring DHCPv6 settings, see "Configuring
DHCPv6 Server and Relay Settings" on page 1083.
Switch Features 79
Page 80
Quality of Service (QoS) Features
NOTE: Some features that can affect QoS, such as ACLs and Voice VLAN, are
described in other sections within this chapter.
Differentiated Services (DiffServ)
The QoS Differentiated Services (DiffServ) feature allows traffic to be
classified into streams and given certain QoS treatment in accordance with
defined per-hop behaviors. PowerConnect 8000-series and 8100-series
switches support both IPv4 and IPv6 packet classification.
For information about configuring DiffServ, see "Configuring Differentiated
Services" on page 1103.
Class Of Service (CoS)
The Class Of Service (CoS) queueing feature lets you directly configure
certain aspects of switch queuing. This provides the desired QoS behavior for
different types of network traffic when the complexities of DiffServ are not
required. CoS queue characteristics, such as minimum guaranteed
bandwidth and transmission rate shaping, are configurable at the queue (or
port) level.
For information about configuring CoS, see "Configuring Class-of-Service" on
page 1133.
Auto Voice over IP (VoIP)
This feature provides ease of use for the user in setting up VoIP for IP phones
on a switch. This is accomplished by enabling a VoIP profile that a user can
select on a per port basis.
For information about configuring Auto VoIP, see "Configuring Auto VoIP" on
page 1151.
80 Switch Features
Page 81
Internet Small Computer System Interface (iSCSI) Optimization
The iSCSI Optimization feature helps network administrators track iSCSI
traffic between iSCSI initiator and target systems. This is accomplished by
monitoring, or snooping traffic to detect packets used by iSCSI stations in
establishing iSCSI sessions and connections. Data from these exchanges may
optionally be used to create classification rules to assign the traffic between
the stations to a configured traffic class. This affects how the packets in the
flow are queued and scheduled for egress on the destination port.
For information about configuring iSCSI settings, see "Configuring iSCSI
Optimization" on page 387.
Layer 2 Multicast Features
For information about configuring L2 multicast features, see "Configuring L2
Multicast Features" on page 681.
MAC Multicast Support
Multicast service is a limited broadcast service that allows one-to-many and
many-to-many connections. In Layer 2 multicast services, a single frame
addressed to a specific multicast address is received, and copies of the frame
to be transmitted on each relevant port are created.
IGMP Snooping
Internet Group Management Protocol (IGMP) Snooping is a feature that
allows a switch to forward multicast traffic intelligently on the switch.
Multicast IP traffic is traffic that is destined to a host group. Host groups are
identified by class D IP addresses, which range from 224.0.0.0 to
239.255.255.255. Based on the IGMP query and report messages, the switch
forwards traffic only to the ports that request the multicast traffic. This
prevents the switch from broadcasting the traffic to all ports and possibly
affecting network performance.
Switch Features 81
Page 82
IGMP Snooping Querier
When Protocol Independent Multicast (PIM) and IGMP are enabled in a
network with IP multicast routing, the IP multicast router acts as the IGMP
querier. However, if it is desirable to keep the multicast network Layer 2
switched only, the IGMP Snooping Querier can perform the query functions
of a Layer 3 multicast router.
MLD Snooping
In IPv4, Layer 2 switches can use IGMP Snooping to limit the flooding of
multicast traffic by dynamically configuring Layer 2 interfaces so that
multicast traffic is forwarded to only those interfaces associated with IP
multicast address.
In IPv6, MLD snooping performs a similar function. With MLD snooping,
IPv6 multicast data is selectively forwarded to a list of ports intended to
receive the data (instead of being flooded to all of the ports in a VLAN). This
list is constructed by snooping IPv6 multicast control packets.
Multicast VLAN Registration
The Multicast VLAN Registration (MVR) protocol, like IGMP Snooping,
allows a Layer 2 switch to listen to IGMP frames and forward the multicast
traffic only to the receivers that request it. Unlike IGMP Snooping, MVR
allows the switch to listen across different VLANs. MVR uses a dedicated
VLAN, which is called the multicast VLAN, to forward multicast traffic over
the Layer 2 network to the various VLANs that have multicast receivers as
members.
82 Switch Features
Page 83
Layer 3 Multicast Features
For information about configuring L3 multicast features, see "Managing IPv4
and IPv6 Multicast" on page 1157.
Distance Vector Multicast Routing Protocol
Distance Vector Multicast Routing Protocol (DVMRP) exchanges probe
packets with all DVMRP-enabled routers, establishing two way neighboring
relationships and building a neighbor table. It exchanges report packets and
creates a unicast topology table, which is used to build the multicast routing
table. This multicast route table is then used to route the multicast packets.
Internet Group Management Protocol
The Internet Group Management Protocol (IGMP) is used by IPv4 systems
(hosts and routers) to report their IP multicast group memberships to any
neighboring multicast routers. PowerConnect 8000-series and 8100-series
switches perform the “multicast router part” of the IGMP protocol, which
means it collects the membership information needed by the active multicast
router.
IGMP Proxy
The IGMP Proxy feature allows the switch to act as a proxy for hosts by
sending IGMP host messages on behalf of the hosts that the switch
discovered through standard IGMP router interfaces.
Protocol Independent Multicast—Dense Mode
Protocol Independent Multicast (PIM) is a standard multicast routing
protocol that provides scalable inter-domain multicast routing across the
Internet, independent of the mechanisms provided by any particular unicast
routing protocol. The Protocol Independent Multicast-Dense Mode (PIMDM) protocol uses an existing Unicast routing table and a Join/Prune/Graft
mechanism to build a tree. PIM-DM creates source-based shortest-path
distribution trees, making use of reverse path forwarding (RPF).
Switch Features 83
Page 84
Protocol Independent Multicast—Sparse Mode
Protocol Independent Multicast-Sparse Mode (PIM-SM) is used to efficiently
route multicast traffic to multicast groups that may span wide area networks,
and where bandwidth is a constraint. PIM-SM uses shared trees by default
and implements source-based trees for efficiency. This data threshold rate is
used to toggle between trees.
Protocol Independent Multicast—Source Specific Multicast
Protocol Independent Multicast—Source Specific Multicast (PIM-SSM) is a
subset of PIM-SM and is used for one-to-many multicast routing
applications, such as audio or video broadcasts. PIM-SSM does not use shared
trees.
Protocol Independent Multicast IPv6 Support
PIM-DM and PIM-SM support IPv6 routes.
MLD/MLDv2 (RFC2710/RFC3810)
MLD is used by IPv6 systems (listeners and routers) to report their IP
multicast addresses memberships to any neighboring multicast routers. The
implementation of MLD v2 is backward compatible with MLD v1.
MLD protocol enables the IPv6 router to discover the presence of multicast
listeners, the nodes that want to receive the multicast data packets, on its
directly attached interfaces. The protocol specifically discovers which
multicast addresses are of interest to its neighboring nodes and provides this
information to the multicast routing protocol that make the decision on the
flow of the multicast data packets.
84 Switch Features
Page 85
3
Combo Ports100M/1G/10GBase-T Auto-sensing
Full Duplex RJ-45 Ports
Hardware Overview
This section provides an overview of the switch hardware. The topics covered
in this section include:
• PowerConnect 8000-series and 8100-series Front Panel
• PowerConnect 8000-series and 8100-series Back Panel
• LED Definitions
•Switch Addresses
PowerConnect 8000-series and 8100-series Front Panel
The following sections describe the ports on the front panel of each switch.
PowerConnect 8024 Front Panel
The PowerConnect 8024 front panel provides 24 100M/1G/10GBase-T ports,
four of which are combined with SFP/SFP+ ports.
Figure 3-1. PowerConnect 8024 Front Panel
Hardware Overview 85
Page 86
• The switch automatically detects crossed and straight-through cables on
SFP/SFP+ Ports Combo Ports
RJ-45 ports.
• RJ-45 ports support full-duplex mode 100/1000/10000 Mbps.
• PowerConnect 8024 switches can be stacked using the 10G SFP+ fiber
ports. The 10G ports default to Ethernet mode and must be configured to
be used as stacking ports.
PowerConnect 8024F Front Panel
The PowerConnect 8024F front panel provides 24 SFP/SFP+ ports, four of
which are combined with 100M/1G/10GBase-T ports.
Figure 3-2. PowerConnect 8024F Front Panel
• The switch automatically detects crossed and straight-through cables on
RJ-45 ports.
• SFP ports support both SX and LX modules.
• RJ-45 ports support full-duplex mode 100/1000/10000 Mbps.
• PowerConnect 8024F switches can be stacked with other PowerConnect
8024F switches using the 10G SFP+ fiber ports.
NOTE: A combo port may have both the RJ-45 and SFP+ ports cabled to a remote
device and, if so, the SFP+ port will be the active port while the RJ-45 port will be
disabled. The SFP+ ports comply with IEC60950-1, IEC60825-1, and IEC60825-2
and are contained within a fire enclosure.
86 Hardware Overview
Page 87
PowerConnect 8132 Front Panel
10GbE Copper Ports Module bay
USB port
The PowerConnect 8132 front panel provides the following ports:
• 24 x 10GbE copper ports
• A USB port. See "USB Port (Power Connect 8100-series switches only)" on
page 92.
• A module bay that supports the following modules:
– 2 x 40 Gig QSFP (each QSFP may be configured as 4 x 10 Gig ports)
–4 x SFP+ module
– 4 x 10GBaseT module
See "Hot-Pluggable Interface Modules" on page 90 for more information.
Figure 3-3. PowerConnect 8132 Front Panel
PowerConnect 8132 switches can be stacked with other PowerConnect 81xx
switches using 10G or 40G SFP+ or QSFP modules in the module bay.
PowerConnect 8132F Front Panel
The PowerConnect 8132F front panel provides the following ports:
• 24 x 10GbE fiber ports
• A USB port. See "USB Port (Power Connect 8100-series switches only)" on
page 92.
• A module bay that supports the following modules:
– 2 x 40 Gig QSFP (each QSFP may be configured as 4 x 10 Gig ports)
Hardware Overview 87
Page 88
–4 x SFP+ module
10GbE Fiber Ports Module bay
USB port
– 4 x 10GBaseT module.
See "Hot-Pluggable Interface Modules" on page 90 for details about these
modules.
Figure 3-4. PowerConnect 8132F Front Panel
PowerConnect 8132F switches can be stacked with other PowerConnect 81xx
switches using 10G or 40G SFP+ or QSFP modules in the module bay.
PowerConnect 8164 Front Panel
The PowerConnect 8164 front panel provides the following ports:
• 48 x 10GbE copper ports
• A USB port. See "USB Port (Power Connect 8100-series switches only)" on
page 92.
• Two fixed QSFP ports, each supporting 4 x 10G or 1 x 40G connections
• One module bay that supports the following modules:
– 2 x 40 Gig QSFP (each QSFP may be configured as 4 x 10 Gig ports)
–4 x SFP+ module
– 4 x 10GBaseT module
See "Hot-Pluggable Interface Modules" on page 90 for more information.
88 Hardware Overview
Page 89
Figure 3-5. PowerConnect 8164 Front Panel
10GbE Copper Ports
USB port
Module bay
Fixed QSFP
PowerConnect 8164 switches can be stacked with other PowerConnect 81xx
switches using the 10G or 40G SFP+ or QSFP modules in the module bay or
fixed QSFP ports.
PowerConnect 8164F Front Panel
The PowerConnect 8164F front panel provides the following ports:
• 48 x 10GbE fiber ports
• A USB port. See "USB Port (Power Connect 8100-series switches only)" on
page 92.
• Two fixed QSFP ports, each supporting 4 x 10G or 1 x 40G connections
• One module bay that supports the following modules:
– 2 x 40 Gig QSFP (each QSFP may be configured as 4 x 10 Gig ports)
–4 x SFP+ module
– 4 x 10GBaseT module
See "Hot-Pluggable Interface Modules" on page 90 for more information.
Hardware Overview 89
Page 90
Figure 3-6. PowerConnect 8164F Front Panel
10GbE Fiber Ports Module bay
Fixed
USB port
PowerConnect 8164F switches can be stacked with other PowerConnect 81xx
switches using the 10G or 40G SFP+ or QSFP modules in the module bay or
fixed QSFP ports.
Hot-Pluggable Interface Modules
The PowerConnect 8132, 8132F, 8164, and 8164F switches support the
following hot-pluggable interface modules:
• PC8100-QSFP - 2 x 40G QSFP port module - defaults to 2x40G
• PC8100-SFP+ - 4 x SFP+ port module - defaults to 4x10G mode
• PC8100-10GBT - 4 x 10GBase-T ports module - defaults to 4x10G mode
• Blank module - defaults to 10G mode
NOTE: The PowerConnect 8024 and 8024F switches do not support
hot-swappable plug-in modules.
A reboot is necessary when a hot-pluggable module is replaced with a module
of different type. Specifically, changing from a 40G module to a 10G module
or from a 10G module to a 40G module requires a reboot.
You must execute a no slot or clear config command prior to
inserting the new module. Note that changing the role of a port from stacking
to Ethernet or vice-versa also requires a switch reboot.
90 Hardware Overview
Page 91
If a no slot command is not issued prior to inserting a module, a message
such as the following will appear:
Card Mismatch: Unit:1 Slot:1 Inserted-Card: Dell 2
Port QSFP Expansion Card Config-Card: Dell 4 Port
10GBase-T Expansion Card
The following sections provides details on each module.
Quad-Port SFP (QSFP) Uplink Module
The QSFP module supports features four ports that support 10G SFP+
transceivers. The QSFP module supports the following features:
• Four 10G ports with quad-breakout/QBO cable or one 40G port
supporting CR4, SR4, and LR4 transceivers
• Front-panel port status LEDs
The QSFP interfaces can be used for stacking. Stacking is supported at
distances of up to 100M.
Quad-Port SFP+ Uplink Module
The PC8100-SFP+ module features four SFP+ ports, each providing the
following features:
• SFP+ SR, LR, and LRM optical interfaces
• SFP+ copper twinax interface
• Front-panel port status LEDs
The SFP+ connections can be used for stacking. Stacking is supported at
distances of up to 100M.
10GBase-T Copper Uplink Module
The 10GBase-T copper module features four copper ports that can support
10GbE/1GbE/100MbE switching and provides following features:
• Complies with IEEE802.3z, IEEE 802.3, IEEE802.3u, IEEE802.3ab,
IEEE802.3az, IEEE802.3an
• Four 10GBase-T/1GBase-T/100MBase-T copper ports.
• Front panel port status LEDs
Hardware Overview 91
Page 92
USB Port (Power Connect 8100-series switches only)
The Type-A, female USB port supports a USB 2.0-compliant flash memory
drive. The PowerConnect switch can read or write to a flash drive formatted
as FAT-32. You can use a USB flash drive to copy switch configuration files
and images between the USB flash drive and the switch. You can also use the
USB flash drive to move and copy configuration files and images from one
switch to other switches in the network.
The USB port does not support any other type of USB device.
Port and System LEDs
The front panel contains light emitting diodes (LEDs) to indicate port
status.
For information about the status that the LEDs indicate, see "LED
Definitions" on page 95.
PowerConnect 8000-series and 8100-series Back Panel
•Console Port
• Out-of-Band Management Port
• Power Supplies
• Ventilation System
92 Hardware Overview
Page 93
The following image show the back panel of the PowerConnect 8000-series
AC powerAC power OOB Ethernet port
RJ-45 serial console port
Fans (3)
and 8100-series switches.
Figure 3-7. PowerConnect 8000-series and 8100-series Rear Panel
Console Port
The console port is for management through a serial interface. This port
provides a direct connection to the switch and allows you to access the CLI
from a console terminal connected to the port through the provided serial
cable (RJ-45 to female DB-9 connectors).
The console port supports asynchronous data of eight data bits, one stop bit, no
parity bit, and no flow control. The default baud rate is 9600 bps.
Out-of-Band Management Port
The Out-of-Band (OOB) management port is a 10/100/1000BASE-T
Ethernet port dedicated to remote switch management. Traffic on this port is
segregated from operational network traffic on the switch ports and cannot be
switched or routed to the operational network.
Power Supplies
Each PowerConnect 8000-series and 8100-series switch has two power
supplies for redundant or loadsharing operation. Each power supply can
support 300W.
CAUTION: Remove the power cable from the modules prior to removing the
module itself. Power must not be connected prior to insertion in the chassis.
Hardware Overview 93
Page 94
Ventilation System
The PowerConnect 8000-series and 8100-series switches have three
removable FANs (see "PowerConnect 8000-series and 8100-series Rear Panel"
on page 93), four Thermal sensors, and a FAN Speed Controller which can be
used to control FAN speeds. You can verify operation by observing the LEDs.
94 Hardware Overview
Page 95
LED Definitions
Speed Link
This section describes the LEDs on the front and back panels of the switch.
Port LEDs
Each port on a PowerConnect 8000-series and 8100-series switches includes
two LEDs. One LED is on the left side of the port, and the second LED is on
the right side of the port. This section describes the LEDs on the switch
ports.
100/1000/10000Base-T Port LEDs
Each 100/1000/10000Base-T port has two LEDs. The following figure
illustrates the 100/1000/10000Base-T port LEDs.
Figure 3-8. 100/1000/10000Base-T Port LEDs
The following table contains 100/1000/10000Base-T port LED definitions.
Table 3-1. 100/1000/10000Base-T Port Definitions
LED Color Definition
Speed Green The port is operating at 10 Gbps.
Amber The port is operating at 100/1000 Mbps.
Link Blinking Activity.
Hardware Overview 95
Page 96
System LEDs
The system LEDs, located on the back panel, provide information about the
power supplies, thermal conditions, and diagnostics.
Table 3-2 shows the System LED definitions for the 8000-series switches.
Table 3-2. System LED Definitions—PowerConnect 8000-Series Switches
LED Color Definition
DIAG Flashing Green A diagnostics test is in progress.
Green The diagnostics test was successfully completed.
Red The diagnostics test failed.
PWR Green Power Supply is operating correctly.
Red Power Supply has failed.
FAN Green Fans are operating correctly.
Red One or more fans have failed.
Temp Amber System temperature has exceeded threshold limit.
Table 3-3 shows the System LED definitions for the 8100-series switches.
96 Hardware Overview
Page 97
Table 3-3. System LED Definitions—PowerConnect 8100-Series Switches
LED Color Definition
System Blinking blue The switch is booting
Solid red A critical system error has occurred.
Blinking red A noncritical system error occurred (fan or power
supply failure).
Temp Off The switch is operating at normal temperature.
Solid amber The thermal sensor’s system temperature threshold of
75°C has been exceeded.
Diag Off The switch is operating normally
Blinking green A diagnostic test is running.
Fan Solid green The fan is powered and is operating at the expected
RPM.
Solid red A fan failure has occurred.
Stack Solid green The switch is in stacking master mode.
Solid amber The switch is in stacking slave mode.
Off The switch is in stand-alone mode.
Locator Blinking green The locator function is enabled.
Solid green The locator function is disabled.
Switch Addresses
The switch allocates MAC addresses from the Vital Product Data information
stored locally in flash. MAC addresses are used as follows:
Table 3-4. MAC Address Use
Base switch address
Base + 1 Out-of-band port
Base + 2 Layer 2
Base + 3 Layer 3
Hardware Overview 97
Page 98
Shown below are three commands that display the MAC addresses used by
the switch:
console#show system
System Description: Dell Ethernet Switch
System Up Time: 0 days, 00h:05m:11s
System Contact:
System Name:
System Location:
Burned In MAC Address: 001E.C9F0.004D
System Object ID: 1.3.6.1.4.1.674.10895.3042
System Model ID: PCT8132
Machine Type: PowerConnect 8132
Temperature Sensors:
Unit Description Temperature Status
---- ----------- ----------- -----1 MAC 32 Good
1 CPU 31 Good
1 PHY (left side) 26 Good
1 PHY (right side) 29 Good
Fans:
Unit Description Status
---- ----------- ----- 1 Fan 1 OK
1 Fan 2 OK
1 Fan 3 OK
1 Fan 4 OK
1 Fan 5 OK
1 Fan 6 No Power
Power Supplies:
Unit Description Status Average Current Since
Power Power Date/Time
(Watts) (Watts)
---- ----------- ----------- ---------- -------- ------------------1 System OK 42.0 43.4
1 Main OK N/A N/A 04/06/2001 16:36:16
1 Secondary No Power N/A N/A 01/01/1970 00:00:00
USB Port Power Status:
---------------------Device Not Present
(Celsius)
98 Hardware Overview
Page 99
console#show ip interface out-of-band
IP Address..................................... 10.27.21.29
Subnet Mask.................................... 255.255.252.0
Default Gateway................................ 10.27.20.1
Configured IPv4 Protocol....................... DHCP
Burned In MAC Address.......................... 001E.C9F0.004E
console#show ip interface vlan 1
Routing Interface Status....................... Down
Primary IP Address............................. 1.1.1.2/255.255.255.0
Method......................................... Manual
Routing Mode................................... Enable
Administrative Mode............................ Enable
Forward Net Directed Broadcasts................ Disable
Proxy ARP...................................... Enable
Local Proxy ARP................................ Disable
Active State................................... Inactive
MAC Address.................................... 001E.C9F0.0050
Encapsulation Type............................. Ethernet
IP MTU......................................... 1500
Bandwidth...................................... 10000 kbps
Destination Unreachables....................... Enabled
ICMP Redirects................................. Enabled
Hardware Overview 99
Page 100
100 Hardware Overview
Loading...