Page 1
Dell EMC Networking N-Series
N1100-ON, N1500, N2000,
N2100-ON, N2200-ON, N3000E-
ON, N3100-ON and N3200-ON
Switches
User’s Configuration
Guide
Version 6.6.3
Regulatory Models: E04W, E05W, E06W,
E07W, E15W, E16W, E17W, E18W, E30W,
E31W, E32W, E41W
Page 2
Notes and Cautions
NOTE: A NOTE indicates important information that helps you make better use of
your computer.
CAUTION: A CAUTION indicates potential damage to hardware or loss of data if
instructions are not followed.
____________
Information in this publication is subject to change without notice.
Copyright © 2020 Dell EMC Inc. All rights reserved.
Reproduction of these materials in any manner whatsoever without the written permission of Dell Inc.
is strictly forbidden.
This product is protected by U.S. and international copyright and intellectual property laws. Dell
EMC™ and the Dell EMC logo are trademarks of Dell EMC Inc. in the United States and/or other
jurisdictions. All other marks and names mentioned herein may be trademarks of their respective
companies.
Marketing Models: N1108T-ON, N1108P-ON, N1108EP-ON, N1124T-ON, N1124P-ON, N1148T-ON, N1148P-ON, N1524, N1524P, N1548,
N1548P, N2024, N2024P, N2048, N2048P, N2128PX-ON, N2224X-ON, N2224PX-ON, N2248X-ON, N2248PX-ON, N3000E-ON, N3132PX-ON,
N3208PX-ON, N3224T-ON, N3224F-ON, N3248X-ON, N3248TE-ON, N3224PX-ON, N3224P-ON, N3248P-ON, N3248PXE-ON
Regulatory Models: E04W, E05W, E06W, E07W, E15W, E16W, E17W, E18W, E30W, E31W, E32W, E41W
2020 - 09 Rev. A10
Page 3
Contents
1 Introduction . . . . . . . . . . . . . . . . . . . . . . . 55
About This Document . . . . . . . . . . . . . . . . . . 55
Audience
Document Conventions
Additional Documentation
. . . . . . . . . . . . . . . . . . . . . . . . . 56
. . . . . . . . . . . . . . . . . 56
. . . . . . . . . . . . . . . . 57
2 Switch Feature Overview . . . . . . . . . . . . 59
System Management Features . . . . . . . . . . . . . 60
Multiple Management Options
System Time Management
Log Messages
System Reset
. . . . . . . . . . . . . . . . . . . 61
. . . . . . . . . . . . . . . . . . . . 61
Integrated DHCP Server
Management of Basic Network Information
IPv6 Management Features
Dual Software Images
File Management
. . . . . . . . . . . . . . . . . . 63
Switch Database Management Templates
Automatic Installation of Firmware and Configuration
. . . . . . . . . . . . . . . . . . . . . . . . 64
sFlow
SNMP Alarms and Trap Logs
CDP Interoperability Through ISDP
Remote Monitoring (RMON)
. . . . . . . . . . . 60
. . . . . . . . . . . . . 60
. . . . . . . . . . . . . . 61
. . . . 62
. . . . . . . . . . . . 62
. . . . . . . . . . . . . . . 62
. . . . 63
63
. . . . . . . . . . . . 64
. . . . . . . . 65
. . . . . . . . . . . . 65
Stacking Features
. . . . . . . . . . . . . . . . . . . . 65
Mixed and Single Series Stacking
. . . . . . . . . 65
Contents 3
Page 4
Single IP Management . . . . . . . . . . . . . . . 66
Master Failover with Transparent Transition
Nonstop Forwarding on the Stack
. . . . . . . . . 67
Hot Add/Delete and Firmware Synchronization
. . . . 67
. . 67
Security Features
. . . . . . . . . . . . . . . . . . . . 68
Configurable Access and Authentication Profiles
Password-Protected Management Access
Strong Password Enforcement
TACACS+ Client
RADIUS Support
SSH/SSL
. . . . . . . . . . . . . . . . . . . 68
. . . . . . . . . . . . . . . . . . 69
. . . . . . . . . . . . . . . . . . . . . . . 69
Inbound Telnet Control
Denial of Service
Port Protection
Captive Portal
. . . . . . . . . . . . . . . . . . 69
. . . . . . . . . . . . . . . . . . . 70
. . . . . . . . . . . . . . . . . . . . 71
802.1X Authentication (IEEE 802.1X)
MAC-Based 802.1X Authentication
802.1X Monitor Mode
Port Security
. . . . . . . . . . . . . . . . 72
. . . . . . . . . . . . . . . . . . . . 73
Access Control Lists (ACLs)
Time-Based ACLs
. . . . . . . . . . . . . . . . . . 73
IP Source Guard (IPSG)
DHCP Snooping
. . . . . . . . . . . . . . . . . . . 74
Dynamic ARP Inspection
. . . . . . . . . . . 68
. . . . . . . . . . . . . . . 69
. . . . . . . . 71
. . . . . . . . . 72
. . . . . . . . . . . . 73
. . . . . . . . . . . . . . . 74
. . . . . . . . . . . . . . 74
Protected Ports (Private VLAN Edge)
. 68
. . . . 68
. . . . . . . . 74
4 Contents
Green Technology Features
Energy Detect Mode
Energy Efficient Ethernet
Power Utilization Reporting
. . . . . . . . . . . . . . . 75
. . . . . . . . . . . . . . . . 75
. . . . . . . . . . . . . . 75
. . . . . . . . . . . . . 76
Power over Ethernet (PoE) Features
PD Detection
. . . . . . . . . . . . . . . . . . . . 76
. . . . . . . . . . . 76
Page 5
Legacy (Reduced Capacitor) Detection . . . . . . 76
Classification
Port Start Up
Overload Detection and Port Shutdown
Disconnect Detection
IC Thermal Monitoring
Over-Temperature Protection
4-Pair Ports
IEEE 802.3bt Capability
PoE Port Capabilities and Power Limits
Key PoE Plus Features
Power Over Ethernet (PoE) Support
PoE Plus Support
PoE 60W Support
Powered Device Detection
PoE Power Management Modes
Power Management in Guard Band
PoE Plus Default Settings
. . . . . . . . . . . . . . . . . . . . 77
. . . . . . . . . . . . . . . . . . . . 77
. . . . . . 77
. . . . . . . . . . . . . . . 77
. . . . . . . . . . . . . . . 77
. . . . . . . . . . . 78
. . . . . . . . . . . . . . . . . . . . . 78
. . . . . . . . . . . . . . . 79
. . . . . . 80
. . . . . . . . . . . . . . . 82
. . . . . . . . 83
. . . . . . . . . . . . . . . . . . 83
. . . . . . . . . . . . . . . . . . 83
. . . . . . . . . . . . . 84
. . . . . . . . . . 84
. . . . . . . . 86
. . . . . . . . . . . . . . 88
Switching Features
Flow Control Support (IEEE 802.3x)
Head of Line Blocking Prevention
Jumbo Frames Support
Auto-MDI/MDIX Support
. . . . . . . . . . . . . . . . . . . 89
. . . . . . . . . 89
. . . . . . . . . 89
. . . . . . . . . . . . . . . 89
. . . . . . . . . . . . . . 89
VLAN-Aware MAC-based Switching
Back Pressure Support
Auto-negotiation
Storm Control
Port Mirroring
. . . . . . . . . . . . . . . . . . . . 90
. . . . . . . . . . . . . . . . . . . . 91
. . . . . . . . . . . . . . . 90
. . . . . . . . . . . . . . . . . . 90
Static and Dynamic MAC Address Tables
Link Layer Discovery Protocol (LLDP)
Link Layer Discovery Protocol (LLDP) for Media
Endpoint Devices
. . . . . . . . . . . . . . . . . . 92
Connectivity Fault Management (IEEE 802.1ag)
. . . . . . . . 89
. . . . . 91
. . . . . . . 91
. . 93
Contents 5
Page 6
Cisco Protocol Filtering . . . . . . . . . . . . . . . 93
DHCP Layer-2 Relay
. . . . . . . . . . . . . . . . . 93
Virtual Local Area Network Supported Features
VLAN Support
Port-Based VLANs
IP Subnet-based VLAN
MAC-based VLAN
IEEE 802.1v Protocol-Based VLANs
Voice VLAN
GARP and GVRP Support
Guest VLAN
Unauthorized VLAN
Double VLANs
Spanning Tree Protocol Features
Spanning Tree Protocol (STP)
Spanning Tree Port Settings
Rapid Spanning Tree
Multiple Spanning Tree
Bridge Protocol Data Unit (BPDU) Guard
BPDU Filtering
RSTP-PV and STP-PV
Link Aggregation Features
Link Aggregation
Link Aggregate Control Protocol (LACP)
Multi-Switch LAG (MLAG)
. . . . . . . . . . . . . . . . . . . . 94
. . . . . . . . . . . . . . . . . 94
. . . . . . . . . . . . . . . 94
. . . . . . . . . . . . . . . . . . 94
. . . . . . . . . 94
. . . . . . . . . . . . . . . . . . . . . 95
. . . . . . . . . . . . . . 95
. . . . . . . . . . . . . . . . . . . . . 95
. . . . . . . . . . . . . . . . . 95
. . . . . . . . . . . . . . . . . . . . 95
. . . . . . . . . . . . 97
. . . . . . . . . . . 97
. . . . . . . . . . . . 97
. . . . . . . . . . . . . . . . 97
. . . . . . . . . . . . . . . 97
. . . . . . 98
. . . . . . . . . . . . . . . . . . . . 98
. . . . . . . . . . . . . . . . 98
. . . . . . . . . . . . . . . . 99
. . . . . . . . . . . . . . . . . . 99
. . . . . . 100
. . . . . . . . . . . . . 100
. . . . 94
6 Contents
Routing Features
. . . . . . . . . . . . . . . . . . . . . 101
Address Resolution Protocol (ARP) Table
Management
VLAN Routing
IP Configuration
. . . . . . . . . . . . . . . . . . . . 101
. . . . . . . . . . . . . . . . . . . . 101
. . . . . . . . . . . . . . . . . . . 101
Open Shortest Path First (OSPF)
. . . . . . . . . . 102
Page 7
Border Gateway Protocol (BGP) . . . . . . . . . . 102
Virtual Routing and Forwarding (VRF)
BOOTP/DHCP Relay Agent
IP Helper and DHCP Relay
. . . . . . . . . . . . . 103
. . . . . . . . . . . . . 103
Routing Information Protocol
Router Discovery
Routing Table
. . . . . . . . . . . . . . . . . . 103
. . . . . . . . . . . . . . . . . . . . 103
Virtual Router Redundancy Protocol (VRRP)
Tunnel and Loopback Interfaces
. . . . . . . 102
. . . . . . . . . . . . 103
. . . . 104
. . . . . . . . . . 104
IPv6 Routing Features
IPv6 Configuration
IPv6 Routes
. . . . . . . . . . . . . . . . . . . . . . . 105
OSPFv3
DHCPv6
Quality of Service (QoS) Features
Differentiated Services (DiffServ)
Class Of Service (CoS)
Auto Voice over IP (VoIP)
. . . . . . . . . . . . . . . . . . 105
. . . . . . . . . . . . . . . . . 105
. . . . . . . . . . . . . . . . . . . . . 105
. . . . . . . . . . . . . . . . . . . . . . . 105
. . . . . . . . . . . . 106
. . . . . . . . . 106
. . . . . . . . . . . . . . . 106
. . . . . . . . . . . . . . 106
Internet Small Computer System Interface (iSCSI)
Optimization
Layer-2 Multicast Features
MAC Multicast Support
IGMP Snooping
IGMP Snooping Querier
MLD Snooping
Multicast VLAN Registration
Layer-3 Multicast Features
. . . . . . . . . . . . . . . . . . . . . 107
. . . . . . . . . . . . . . . 107
. . . . . . . . . . . . . . . 107
. . . . . . . . . . . . . . . . . . . 107
. . . . . . . . . . . . . . 108
. . . . . . . . . . . . . . . . . . . 108
. . . . . . . . . . . . 108
. . . . . . . . . . . . . . . 109
Distance Vector Multicast Routing Protocol
Internet Group Management Protocol
IGMP Proxy
. . . . . . . . . . . . . . . . . . . . . 109
Protocol Independent Multicast—Dense Mode
. . . . 109
. . . . . . . 109
. . 109
Contents 7
Page 8
Protocol Independent Multicast—Sparse Mode . 110
Protocol Independent Multicast—Source Specific
Multicast
Protocol Independent Multicast IPv6 Support
MLD/MLDv2 (RFC2710/RFC3810)
. . . . . . . . . . . . . . . . . . . . . . 110
. . . 110
. . . . . . . . . . 110
3 Hardware Overview . . . . . . . . . . . . . . . . 111
Dell EMC Networking N1100-ON Series Switch Hardware 111
N1100-ON Series Front Panel
N1100-ON Series Power Supply
N1100-ON Series Ventilation System
N1100-ON Series Thermal Shutdown
N1100-ON Series LED Definitions
Power Consumption for N1100-ON Series PoE
Switches . . . . . . . . . . . . . . . . . . . . . . 118
N1100-ON Series Wall Installation
. . . . . . . . . . . . 111
. . . . . . . . . . 114
. . . . . . . . 114
. . . . . . . . 114
. . . . . . . . . . 114
. . . . . . . . . 119
8 Contents
Dell EMC Networking N1500 Series Switch Hardware
N1500 Series Front Panel
N1500 Series Back Panel
N1500 Series LED Definitions
. . . . . . . . . . . . . . 121
. . . . . . . . . . . . . . 124
. . . . . . . . . . . . 126
. 121
Power Consumption for N1500 Series PoE Switches
Dell EMC Networking N2000 Series Switch Hardware
N2000 Series Front Panel
N2000 Series Back Panel
N2000 Series LED Definitions
. . . . . . . . . . . . . . 130
. . . . . . . . . . . . . . 133
. . . . . . . . . . . . 135
. 129
Power Consumption for N2000 Series PoE Switches
Dell EMC Networking N2100-ON Series Switch Hardware
N2100-ON Series Front Panel
N2100-ON Series Back Panel
N2100-ON Series LED Definitions
. . . . . . . . . . . . 140
. . . . . . . . . . . . 142
. . . . . . . . . . 142
128
138
140
Page 9
Power Consumption for N2100-ON Series PoE Switches 146
Dell EMC Networking N2200-ON Series Switch Hardware
N2200-ON Series Front Panel
N2200-ON Series Rear Panel
N2200X-ON Series Switch Ports
N2200-ON Series Console Port
N2200-ON Series USB Port
N2200-ON Series Reset Button
N2200-ON Series Port and System LEDs
. . . . . . . . . . . 149
. . . . . . . . . . . . 149
. . . . . . . . . . 150
. . . . . . . . . . . 151
. . . . . . . . . . . . . 152
. . . . . . . . . . . 152
. . . . . . 152
N2200-ON Series Stack Master LED and Stack
Number Display
N2200-ON Series Power Supplies
N2200-ON Series LED Definitions
. . . . . . . . . . . . . . . . . . . 152
. . . . . . . . . 153
. . . . . . . . . 154
Dell EMC Networking N3000E-ON Series Switch Hardware
Front Panel
Back Panel
LED Definitions
Power Consumption for PoE Switches
. . . . . . . . . . . . . . . . . . . . . 158
. . . . . . . . . . . . . . . . . . . . . 164
. . . . . . . . . . . . . . . . . . . 166
. . . . . . . 171
Dell EMC Networking N3100-ON Series Switch Hardware
N3100-ON Series Front Panel
N3100-ON Series Back Panel
N3100-ON Series LED Definitions
. . . . . . . . . . . 173
. . . . . . . . . . . 175
. . . . . . . . . 175
Power Consumption for N3100-ON Series PoE
Switches
. . . . . . . . . . . . . . . . . . . . . . 180
149
158
173
Dell EMC Networking N3200-ON Series Switch Hardware
N3200-ON Series Front Panel
N3200-ON Series Rear Panel
N3200-ON Series Switch Ports
N3200-ON Series Console Port
N3200-ON Series USB Port
N3200-ON Series Reset Button
. . . . . . . . . . . 183
. . . . . . . . . . . . 183
. . . . . . . . . . . 184
. . . . . . . . . . . 185
. . . . . . . . . . . . . 186
. . . . . . . . . . . 186
Contents 9
183
Page 10
N3200-ON Series Port and System LEDs . . . . . . 187
N3200-ON Series Stack Master LED and Stack
Number Display
N3200-ON Series Power Supplies
N3200-ON Series LED Definitions
. . . . . . . . . . . . . . . . . . . 187
. . . . . . . . . 187
. . . . . . . . . . 188
Switch MAC Addresses
. . . . . . . . . . . . . . . . . 201
4 Using Dell EMC OpenManage Switch
Administrator
About Dell EMC OpenManage Switch Administrator. . 203
Starting the Application
Understanding the Interface
Using the Switch Administrator Buttons and Links
Defining Fields
Understanding the Device View
Using the Device View Port Features
Using the Device View Switch Locator Feature
. . . . . . . . . . . . . . . . . . . . . 203
. . . . . . . . . . . . . . . . . 204
. . . . . . . . . . . . . . . 205
. . . 207
. . . . . . . . . . . . . . . . . . . . . . 208
. . . . . . . . . . . . . 208
. . . . . . . . 208
. . 209
5 Using the Command-Line Interface . . . . 211
Accessing the Switch Through the CLI . . . . . . . . . 211
Console Connection
Telnet Connection
. . . . . . . . . . . . . . . . . 211
. . . . . . . . . . . . . . . . . . 212
10 Contents
Understanding Command Modes
Entering CLI Commands
. . . . . . . . . . . . . . . . . 215
Using the Question Mark to Get Help
Using Command Completion
. . . . . . . . . . . . 213
. . . . . . . . 215
. . . . . . . . . . . . 216
Page 11
Entering Abbreviated Commands . . . . . . . . . 216
Negating Commands
Command Output Paging
Understanding Error Messages
Recalling Commands from the History Buffer
. . . . . . . . . . . . . . . . 216
. . . . . . . . . . . . . . 216
. . . . . . . . . . 217
. . . 217
6 Default Settings. . . . . . . . . . . . . . . . . . . 219
7 Setting the IP Address and Other Basic
Network Information
IP Address and Network Information Overview . . . . 223
What Is the Basic Network Information?
Why Is Basic Network Information Needed?
How Is Basic Network Information Configured?
What Is Out-of-Band Management and In-Band
Management?
. . . . . . . . . . . . . . . 223
. . . . . 223
. . . 224
. . 225
. . . . . . . . . . . . . . . . . . . 225
Default Network Information
. . . . . . . . . . . . . . 228
Configuring Basic Network Information (Web)
Out-of-Band Interface
. . . . . . . . . . . . . . . 229
IP Interface Configuration (Default VLAN IP Address)
Route Entry Configuration (Switch Default Gateway)
Domain Name Server
Default Domain Name
Host Name Mapping
Dynamic Host Name Mapping
Configuring Basic Network Information (CLI)
. . . . . . . . . . . . . . . . 234
. . . . . . . . . . . . . . . 235
. . . . . . . . . . . . . . . . 236
. . . . . . . . . . . 237
. . . . . . 238
Enabling the DHCP Client on the OOB Port
Enabling the DHCP Client on the Default VLAN
Managing DHCP Leases
. . . . . . . . . . . . . . 239
. . . . . 229
230
232
. . . . . 238
. . 238
Contents 11
Page 12
Configuring Static Network Information on the OOB
Port
. . . . . . . . . . . . . . . . . . . . . . . . . 240
Configuring Static Network Information on the
Default VLAN . . . . . . . . . . . . . . . . . . . . 241
Configuring and Viewing Additional Network
Information
. . . . . . . . . . . . . . . . . . . . . 242
Basic Network Information Configuration Examples
. . 244
Configuring Network Information Using the OOB
. . . . . . . . . . . . . . . . . . . . . . . . . 244
Port
Configuring Network Information Using the Serial
Interface
. . . . . . . . . . . . . . . . . . . . . . 246
8 Stacking . . . . . . . . . . . . . . . . . . . . . . . . . 249
Stacking Overview. . . . . . . . . . . . . . . . . . . . 249
Dell EMC Networking Stacking Compatibility
How is the Stack Master Selected?
Adding a Switch to the Stack
Removing a Switch from the Stack
. . . . . . . . 254
. . . . . . . . . . . . 255
. . . . . . . . . 256
How is the Firmware Updated on the Stack?
What is Stacking Standby?
What is Nonstop Forwarding?
. . . . . . . . . . . . . 257
. . . . . . . . . . . 258
Switch Stack MAC Addressing and Stack Design
Considerations
. . . . . . . . . . . . . . . . . . . 261
NSF Network Design Considerations
Why is Stacking Needed?
. . . . . . . . . . . . . 262
. . . 253
. . . . 257
. . . . . . . . 261
12 Contents
Default Stacking Values
. . . . . . . . . . . . . . . . . 262
Managing and Monitoring the Stack (Web)
Unit Configuration
Stack Summary
Stack Firmware Synchronization
. . . . . . . . . . . . . . . . . . 264
. . . . . . . . . . . . . . . . . . . 265
. . . . . . . . . . 266
. . . . . . . 264
Page 13
Supported Switches . . . . . . . . . . . . . . . . 267
Stack Port Summary
Stack Port Counters
Stack Port Diagnostics
NSF Summary
Checkpoint Statistics
. . . . . . . . . . . . . . . . 268
. . . . . . . . . . . . . . . . 269
. . . . . . . . . . . . . . . 269
. . . . . . . . . . . . . . . . . . . . 270
. . . . . . . . . . . . . . . . 271
Managing the Stack (CLI)
. . . . . . . . . . . . . . . . 272
Configuring Stack Member, Stack Port, SFS and
NSF Settings
Viewing and Clearing Stacking and NSF Information
. . . . . . . . . . . . . . . . . . . . 272
274
Connecting to the Management Console from a
Stack Member
Stacking and NSF Usage Scenarios
Basic Failover
Preconfiguring a Stack Member
NSF in the Data Center
NSF and VoIP
NSF and DHCP Snooping
NSF and the Storage Access Network
NSF and Routed Access
. . . . . . . . . . . . . . . . . . . 275
. . . . . . . . . . . 275
. . . . . . . . . . . . . . . . . . . . 275
. . . . . . . . . . 277
. . . . . . . . . . . . . . . 279
. . . . . . . . . . . . . . . . . . . . 280
. . . . . . . . . . . . . . 281
. . . . . . . 282
. . . . . . . . . . . . . . 284
9 Authentication, Authorization, and Accounting
287
AAA Introduction . . . . . . . . . . . . . . . . . . . . 287
Methods
Method Lists
Access Lines
Enabling SSH Access
Access Lines (AAA)
Access Lines (Non-AAA)
. . . . . . . . . . . . . . . . . . . . . . 288
. . . . . . . . . . . . . . . . . . . . 289
. . . . . . . . . . . . . . . . . . . . 290
. . . . . . . . . . . . . . . . 291
. . . . . . . . . . . . . . . . 291
. . . . . . . . . . . . . . 292
Contents 13
Page 14
Authentication . . . . . . . . . . . . . . . . . . . . . . 293
Authentication Access Types
Authentication Manager
Using RADIUS
Using TACACS+
. . . . . . . . . . . . . . . . . . . . 303
. . . . . . . . . . . . . . . . . . 308
Dynamic ACL Overview
Authentication Examples
Public Key SSH Authentication Example
Associating a User With an SSH Key
. . . . . . . . . . . 293
. . . . . . . . . . . . . . 294
. . . . . . . . . . . . . . . 310
. . . . . . . . . . . . . . 317
. . . . . . 325
. . . . . . . . 334
Authorization
Exec Authorization Capabilities
Authorization Examples
RADIUS Change of Authorization
TACACS Authorization
Accounting
RADIUS Accounting
IEEE 802.1X
What is IEEE 802.1X?
. . . . . . . . . . . . . . . . . . . . . . . 336
. . . . . . . . . . . 336
. . . . . . . . . . . . . . . 338
. . . . . . . . . . 340
. . . . . . . . . . . . . . . 344
. . . . . . . . . . . . . . . . . . . . . . . . 348
. . . . . . . . . . . . . . . . 348
. . . . . . . . . . . . . . . . . . . . . . . . 351
. . . . . . . . . . . . . . . . 351
What are the 802.1X Port Authentication Modes?
What are Authentication Host Modes
What is MAC Authentication Bypass?
What is the Role of 802.1X in VLAN Assignment?
What is Monitor Mode?
. . . . . . . . . . . . . . . 360
How Does the Authentication Server Assign
DiffServ Policy or ACLs?
. . . . . . . . . . . . . . 362
What is the Internal Authentication Server?
Default 802.1X Values
Configuring IEEE 802.1X (Web)
. . . . . . . . . . . . . . . . 363
. . . . . . . . . . . 364
. 352
. . . . . . . 353
. . . . . . . 354
. 356
. . . . 362
14 Contents
Captive Portal
Captive Portal Overview
. . . . . . . . . . . . . . . . . . . . . . 388
. . . . . . . . . . . . . . 388
Default Captive Portal Behavior and Settings
. . . 396
Page 15
Configuring Captive Portal (Web) . . . . . . . . . 398
Configuring Captive Portal (CLI)
Captive Portal Configuration Example
In Case Of Problems in Captive Portal Deployment
. . . . . . . . . . 414
. . . . . . . 420
424
10 Monitoring and Logging System Information 425
System Monitoring Overview . . . . . . . . . . . . . . 425
What System Information Is Monitored?
Why Is System Information Needed?
Where Are Log Messages Sent?
What Are the Severity Levels?
. . . . . . . . . . . 427
What Are the System Startup and Operation Logs?
What Is the Log Message Format?
What Factors Should Be Considered When
Configuring Logging?
. . . . . . . . . . . . . . . . 430
. . . . . . 425
. . . . . . . 426
. . . . . . . . . . 426
427
. . . . . . . . . 428
Default Log Settings
. . . . . . . . . . . . . . . . . . . 431
Monitoring System Information and Configuring Logging
(Web)
. . . . . . . . . . . . . . . . . . . . . . . . . . . 432
Device Information
System Health
System Resources
Unit Power Usage History
Integrated Cable Test for Copper Cables
Optical Transceiver Diagnostics
Log Global Settings
RAM Log
Log File
. . . . . . . . . . . . . . . . . . . . . . 440
. . . . . . . . . . . . . . . . . . . . . . . 442
SYSLOG Server
Email Alert Global Configuration
Email Alert Mail Server Configuration
Email Alert Subject Configuration
. . . . . . . . . . . . . . . . . 432
. . . . . . . . . . . . . . . . . . . 434
. . . . . . . . . . . . . . . . . 435
. . . . . . . . . . . . . 436
. . . . . . 437
. . . . . . . . . . 438
. . . . . . . . . . . . . . . . . 439
. . . . . . . . . . . . . . . . . . . 442
. . . . . . . . . . 445
. . . . . . . 445
. . . . . . . . . 447
Contents 15
Page 16
Email Alert To Address Configuration . . . . . . . 448
Email Alert Statistics
. . . . . . . . . . . . . . . . 448
Monitoring System Information and Configuring Logging (CLI)
Viewing System Information and Enabling the
Locator LED
Running Cable Diagnostics
Configuring Local Logging
Configuring Remote Logging
Configuring Mail Server Settings
Configuring Email Alerts for Log Messages
Logging Configuration Examples
Configuring Local and Remote Logging
Configuring Email Alerting
. . . . . . . . . . . . . . . . . . . . . 450
. . . . . . . . . . . . . 450
. . . . . . . . . . . . . 452
. . . . . . . . . . . . 453
. . . . . . . . . . 454
. . . . 455
. . . . . . . . . . . . 457
. . . . . . 457
. . . . . . . . . . . . . 460
11 Managing General System Settings . . . 463
System Settings Overview . . . . . . . . . . . . . . . . 463
Why Does System Information Need to Be
Configured?
What Are SDM Templates?
Why is the System Time Needed?
How Does SNTP Work?
What Configuration Is Required for Plug-In
Modules?
. . . . . . . . . . . . . . . . . . . . . 464
. . . . . . . . . . . . . 465
. . . . . . . . . 468
. . . . . . . . . . . . . . . 468
. . . . . . . . . . . . . . . . . . . . . . 469
450
16 Contents
Default General System Information
. . . . . . . . . . 469
Configuring General System Settings (Web)
System Information
CLI Banner
SDM Template Preference
Clock
. . . . . . . . . . . . . . . . . . . . . . . . 475
SNTP Global Settings
. . . . . . . . . . . . . . . . . 470
. . . . . . . . . . . . . . . . . . . . . 473
. . . . . . . . . . . . . 474
. . . . . . . . . . . . . . . . 476
. . . . . . 470
Page 17
SNTP Authentication . . . . . . . . . . . . . . . . 477
SNTP Server
Summer Time Configuration
Time Zone Configuration
Card Configuration
Slot Summary
Supported Cards
Power Over Ethernet Global Configuration
Power Over Ethernet Unit Configuration
Power Over Ethernet Interface Configuration
. . . . . . . . . . . . . . . . . . . . 479
. . . . . . . . . . . . 482
. . . . . . . . . . . . . . 483
. . . . . . . . . . . . . . . . . 484
. . . . . . . . . . . . . . . . . . . . 485
. . . . . . . . . . . . . . . . . . 486
. . . . . 487
. . . . . . 488
. . . 489
Configuring System Settings (CLI)
Configuring System Information
Configuring the Banner
Managing the SDM Template
. . . . . . . . . . . . 491
. . . . . . . . . . 491
. . . . . . . . . . . . . . . 492
. . . . . . . . . . . 493
Configuring SNTP Authentication and an SNTP
Server. . . . . . . . . . . . . . . . . . . . . . . . 493
Setting the System Time and Date Manually
Configuring the Expansion Slots
Viewing Slot Information
Configuring PoE Settings
. . . . . . . . . . 496
. . . . . . . . . . . . . . 497
. . . . . . . . . . . . . . 497
General System Settings Configuration Examples
Configuring System and Banner Information
Configuring SNTP
Configuring the Time Manually
. . . . . . . . . . . . . . . . . . 502
. . . . . . . . . . . 504
. . . . 495
. . . 499
. . . 499
12 SNMP. . . . . . . . . . . . . . . . . . . . . . . . . . . 505
SNMP Overview . . . . . . . . . . . . . . . . . . . . . 505
What Is SNMP?
What Are SNMP Traps?
Why Is SNMP Needed?
. . . . . . . . . . . . . . . . . . . 505
. . . . . . . . . . . . . . 506
. . . . . . . . . . . . . . 507
Default SNMP Values
. . . . . . . . . . . . . . . . . . 507
Contents 17
Page 18
Configuring SNMP (Web) . . . . . . . . . . . . . . . . 509
SNMP Global Parameters
SNMP View Settings
Access Control Group
SNMPv3 User Security Model (USM)
Communities
Notification Filter
. . . . . . . . . . . . . . . . . . . . 517
. . . . . . . . . . . . . . . . . . 519
Notification Recipients
Trap Flags
. . . . . . . . . . . . . . . . . . . . . . 522
OSPFv2 Trap Flags
OSPFv3 Trap Flags
Trap Log
. . . . . . . . . . . . . . . . . . . . . . . 525
. . . . . . . . . . . . . 509
. . . . . . . . . . . . . . . . 510
. . . . . . . . . . . . . . . 512
. . . . . . . 514
. . . . . . . . . . . . . . . 520
. . . . . . . . . . . . . . . . . 523
. . . . . . . . . . . . . . . . . 524
Configuring SNMP (CLI)
Configuring the SNMPv3 Engine ID
Configuring SNMP Views, Groups, and Users
Configuring Communities
. . . . . . . . . . . . . . . . . 527
. . . . . . . . . 527
. . . 528
. . . . . . . . . . . . . . 531
Configuring SNMP Notifications (Traps and
Informs) . . . . . . . . . . . . . . . . . . . . . . . 533
SNMP Configuration Examples
Configuring SNMPv1 and SNMPv2
Configuring SNMP Management Station Access
Configuring SNMPv3
. . . . . . . . . . . . . 536
. . . . . . . . . 536
. 537
. . . . . . . . . . . . . . . . 538
13 Images and File Management . . . . . . . . 543
Image and File Management Overview . . . . . . . . . 543
What Files Can Be Managed?
Why Is File Management Needed?
What Methods Are Supported for File
Management?
. . . . . . . . . . . . . . . . . . . . 548
What Factors Should Be Considered When
Managing Files?
. . . . . . . . . . . . . . . . . . . 549
. . . . . . . . . . . 543
. . . . . . . . . 545
18 Contents
Page 19
How Is the Running Configuration Saved? . . . . . 552
Managing Images and Files (Web)
File System
Active Images
USB Flash Drive
File Download
File Upload
Copy Files
. . . . . . . . . . . . . . . . . . . . . 553
. . . . . . . . . . . . . . . . . . . . 554
. . . . . . . . . . . . . . . . . . . 555
. . . . . . . . . . . . . . . . . . . . 556
. . . . . . . . . . . . . . . . . . . . . 558
. . . . . . . . . . . . . . . . . . . . . . 560
Managing Images and Files (CLI)
Downloading and Activating a New Image (TFTP)
Managing Files in Internal Flash
Managing Files on a USB Flash Device
Uploading a Configuration File (SCP)
Managing Configuration Scripts (SFTP)
SCP Server
. . . . . . . . . . . . . . . . . . . . . 567
File and Image Management Configuration Examples
Upgrading the Firmware
Managing Configuration Scripts
Managing Files by Using the USB Flash Drive
. . . . . . . . . . . 553
. . . . . . . . . . . . 561
. 562
. . . . . . . . . . 563
. . . . . . 564
. . . . . . . . 565
. . . . . . 566
. 568
. . . . . . . . . . . . . . 568
. . . . . . . . . . 571
. . . 573
14 DHCP and USB Auto-Configuration. . . . 575
Auto Configuration Overview . . . . . . . . . . . . . . 575
What Is USB Auto Configuration?
What Files Does USB Auto Configuration Use?
. . . . . . . . . 576
. . 576
How Does USB Auto Configuration Use the Files
on the USB Device?
What Is the Setup File Format?
What Is the DHCP Auto Configuration Process?
. . . . . . . . . . . . . . . . 577
. . . . . . . . . . . 579
. . 580
Monitoring and Completing the DHCP Auto
Configuration Process
. . . . . . . . . . . . . . . 585
Contents 19
Page 20
What Are the Dependencies for DHCP Auto
Configuration?
. . . . . . . . . . . . . . . . . . . . 586
Default Auto Configuration Values
Managing Auto Configuration (Web)
Auto-Install Configuration
Managing Auto Configuration (CLI)
Managing Auto Configuration
Auto Configuration Example
. . . . . . . . . . . 588
. . . . . . . . . . 589
. . . . . . . . . . . . . 589
. . . . . . . . . . . 590
. . . . . . . . . . . 590
. . . . . . . . . . . . . . . 591
Enabling USB Auto Configuration and Auto Image
Download
. . . . . . . . . . . . . . . . . . . . . . 591
Enabling DHCP Auto Configuration and Auto Image
Download
Easy Firmware Upgrade/Downgrade via USB
. . . . . . . . . . . . . . . . . . . . . . 592
. . . 594
15 Monitoring Switch Traffic . . . . . . . . . . . 595
Traffic Monitoring Overview. . . . . . . . . . . . . . . 595
What is sFlow Technology?
What is RMON?
. . . . . . . . . . . . . . . . . . . 598
What is Port Mirroring?
Port Mirroring Behaviors
. . . . . . . . . . . . . . . . . . . . . . . 603
RSPAN
Remote Capture
. . . . . . . . . . . . . . . . . . . 604
Why is Traffic Monitoring Needed?
. . . . . . . . . . . . . 595
. . . . . . . . . . . . . . . 599
. . . . . . . . . . . . . . 601
. . . . . . . . 605
20 Contents
Default Traffic Monitoring Values
Monitoring Switch Traffic (Web)
sFlow Agent Summary
. . . . . . . . . . . . . . . 606
sFlow Receiver Configuration
sFlow Sampler Configuration
. . . . . . . . . . . . 605
. . . . . . . . . . . . 606
. . . . . . . . . . . 607
. . . . . . . . . . . . 608
Page 21
sFlow Poll Configuration . . . . . . . . . . . . . . 609
Interface Statistics
Etherlike Statistics
GVRP Statistics
EAP Statistics
Utilization Summary
Counter Summary
Switchport Statistics
RMON Statistics
RMON History Control Statistics
RMON History Table
RMON Event Control
RMON Event Log
RMON Alarms
Port Statistics
LAG Statistics
Port Mirroring
. . . . . . . . . . . . . . . . . 610
. . . . . . . . . . . . . . . . . 611
. . . . . . . . . . . . . . . . . . . 612
. . . . . . . . . . . . . . . . . . . . 613
. . . . . . . . . . . . . . . . 614
. . . . . . . . . . . . . . . . . . 615
. . . . . . . . . . . . . . . . 616
. . . . . . . . . . . . . . . . . . 617
. . . . . . . . . . 617
. . . . . . . . . . . . . . . . 620
. . . . . . . . . . . . . . . . 621
. . . . . . . . . . . . . . . . . . 623
. . . . . . . . . . . . . . . . . . . . 624
. . . . . . . . . . . . . . . . . . . . 626
. . . . . . . . . . . . . . . . . . . . 627
. . . . . . . . . . . . . . . . . . . . 628
Monitoring Switch Traffic (CLI)
Configuring sFlow
. . . . . . . . . . . . . . . . . . 630
Configuring RMON
Viewing Statistics
. . . . . . . . . . . . . . . . . . 634
Configuring Port Mirroring
Configuring RSPAN
Traffic Monitoring Examples
Showing Interface Traffic
Configuring sFlow
. . . . . . . . . . . . . . . . . . 641
Configuring RMON
Configuring Remote Capture
Configuring RSPAN
. . . . . . . . . . . . . 630
. . . . . . . . . . . . . . . . . 632
. . . . . . . . . . . . . 635
. . . . . . . . . . . . . . . . . 636
. . . . . . . . . . . . . . 640
. . . . . . . . . . . . . 640
. . . . . . . . . . . . . . . . . 643
. . . . . . . . . . . . 644
. . . . . . . . . . . . . . . . . 649
16 iSCSI Optimization . . . . . . . . . . . . . . . . . 653
iSCSI Optimization Overview . . . . . . . . . . . . . . 653
Contents 21
Page 22
What Does iSCSI Optimization Do? . . . . . . . . . 653
What Occurs When iSCSI Optimization Is Enabled
or Disabled?
How Does the Switch Detect iSCSI Traffic Flows?
. . . . . . . . . . . . . . . . . . . . . 654
. 654
How Is Quality of Service Applied to iSCSI Traffic
. . . . . . . . . . . . . . . . . . . . . . . . 654
Flows?
How Does iSCSI Optimization Use ACLs?
. . . . . 655
What Information Does the Switch Track in iSCSI
Traffic Flows?
. . . . . . . . . . . . . . . . . . . . 655
How Does iSCSI Optimization Interact With Dell
EqualLogic and Compellent Arrays?
. . . . . . . . 656
How Does iSCSI Optimization Interact with Other
SAN Arrays?
. . . . . . . . . . . . . . . . . . . . 656
Default iSCSI Optimization Values
Configuring iSCSI Optimization (Web)
iSCSI Global Configuration
Configuring iSCSI Optimization (CLI)
iSCSI Optimization Configuration Examples
. . . . . . . . . . . 657
. . . . . . . . . . 658
. . . . . . . . . . . . . 658
. . . . . . . . . . 659
. . . . . . 660
Configuring iSCSI Optimization Between Servers
and a Disk Array
. . . . . . . . . . . . . . . . . . 660
17 Port Characteristics. . . . . . . . . . . . . . . . 663
Port Overview . . . . . . . . . . . . . . . . . . . . . . 663
What Physical Port Characteristics Can Be
Configured?
Auto-Negotiation
Maximum Transmission Unit
What is Link Dependency?
What Interface Types are Supported?
What is Interface Configuration Mode?
. . . . . . . . . . . . . . . . . . . . . 663
. . . . . . . . . . . . . . . . . . 665
. . . . . . . . . . . . 665
. . . . . . . . . . . . . 666
. . . . . . . 668
. . . . . . 668
22 Contents
Page 23
What Are the Green Ethernet Features? . . . . . . 670
Switchport Modes
. . . . . . . . . . . . . . . . . 671
Default Port Values
. . . . . . . . . . . . . . . . . . . 672
Configuring Port Characteristics (Web)
Port Configuration
Link Dependency Configuration
Link Dependency Summary
. . . . . . . . . . . . . . . . . 674
. . . . . . . . . . 677
. . . . . . . . . . . . 679
Port Green Ethernet Configuration
Port Green Ethernet Statistics
Port Green Ethernet LPI History
. . . . . . . . . . . 681
. . . . . . . . . . 683
Configuring Port Characteristics (CLI)
Configuring Port Settings
Configuring Link Dependencies
Configuring Green Features
Port Configuration Examples
Configuring Port Settings
. . . . . . . . . . . . . . 684
. . . . . . . . . . 686
. . . . . . . . . . . . 687
. . . . . . . . . . . . . . 688
. . . . . . . . . . . . . . 688
Configuring a Link Dependency Groups
Configuring a Port in Access Mode
Configuring a Port in Trunk Mode
Configuring a Port in General Mode
. . . . . . . . . 674
. . . . . . . . . 680
. . . . . . . . . 684
. . . . . . 689
. . . . . . . . 689
. . . . . . . . . 690
. . . . . . . . 693
18 Port and System Security . . . . . . . . . . . 695
Port Security . . . . . . . . . . . . . . . . . . . . . . . 695
Denial of Service
. . . . . . . . . . . . . . . . . . . . 702
19 Access Control Lists . . . . . . . . . . . . . . . 703
ACL Overview . . . . . . . . . . . . . . . . . . . . . . 703
ACL Counters
. . . . . . . . . . . . . . . . . . . . 705
Contents 23
Page 24
What Are MAC ACLs? . . . . . . . . . . . . . . . 705
What Are IP ACLs?
ACL Actions
What Is the ACL Redirect Function?
What Is the ACL Mirror Function?
What Is ACL Logging
What Are Time-Based ACLs?
ACL Limitations
. . . . . . . . . . . . . . . . . 706
. . . . . . . . . . . . . . . . . . . . . 706
. . . . . . . . 707
. . . . . . . . . 708
. . . . . . . . . . . . . . . . 708
. . . . . . . . . . . . 708
. . . . . . . . . . . . . . . . . . . 709
ACL Configuration Details
. . . . . . . . . . . . . . . . 714
How Are ACLs Configured?
Editing Access Lists
. . . . . . . . . . . . . . . . . 714
Preventing False ACL Matches
Using IP and MAC Address Masks
Policy-Based Routing
Packet Classification
. . . . . . . . . . . . . . . . . . 717
. . . . . . . . . . . . . . . . 717
Route-Map Processing
Route-Map Actions
. . . . . . . . . . . . . . . . . 719
ACLs and Policy Interaction
Limitations
Configuring ACLs (Web)
IP ACL Configuration
. . . . . . . . . . . . . . . . . . . . . . 722
. . . . . . . . . . . . . . . . . 725
. . . . . . . . . . . . . . . . 725
IP ACL Rule Configuration
MAC ACL Configuration
MAC ACL Rule Configuration
IPv6 ACL Configuration
IPv6 ACL Rule Configuration
ACL Binding Configuration
Time Range Configuration
. . . . . . . . . . . . . 714
. . . . . . . . . . . 714
. . . . . . . . . 716
. . . . . . . . . . . . . . . 718
. . . . . . . . . . . . 721
. . . . . . . . . . . . . 728
. . . . . . . . . . . . . . . 730
. . . . . . . . . . . . 732
. . . . . . . . . . . . . . . 733
. . . . . . . . . . . . 734
. . . . . . . . . . . . . 736
. . . . . . . . . . . . . 737
24 Contents
Configuring ACLs (CLI)
Configuring an IPv4 ACL
Configuring a MAC ACL
. . . . . . . . . . . . . . . . . . 739
. . . . . . . . . . . . . . 739
. . . . . . . . . . . . . . . 745
Page 25
Configuring an IPv6 ACL . . . . . . . . . . . . . . 749
Configuring a Time Range
. . . . . . . . . . . . . 752
ACL Configuration Examples
Basic Rules
. . . . . . . . . . . . . . . . . . . . . 754
Internal System ACLs
Complete ACL Example
Advanced Examples
Policy-Based Routing Examples
. . . . . . . . . . . . . . 754
. . . . . . . . . . . . . . . . 755
. . . . . . . . . . . . . . . 756
. . . . . . . . . . . . . . . . 760
. . . . . . . . . . 772
20 VLANs . . . . . . . . . . . . . . . . . . . . . . . . . . 777
VLAN Overview . . . . . . . . . . . . . . . . . . . . . 777
VLAN Tagging
GVRP
Double-VLAN Tagging
Voice VLAN
Private VLANs
Additional VLAN Features
Default VLAN Behavior
Configuring VLANs (Web)
VLAN Membership
VLAN Port Settings
VLAN LAG Settings
Bind MAC to VLAN
Bind IP Subnet to VLAN
GVRP Parameters
Protocol Group
Adding a Protocol Group
Double VLAN Global Configuration
Double VLAN Interface Configuration
Voice VLAN
. . . . . . . . . . . . . . . . . . . . 780
. . . . . . . . . . . . . . . . . . . . . . . . 781
. . . . . . . . . . . . . . . 782
. . . . . . . . . . . . . . . . . . . . . 783
. . . . . . . . . . . . . . . . . . . 789
. . . . . . . . . . . . . 795
. . . . . . . . . . . . . . . . . 796
. . . . . . . . . . . . . . . . 798
. . . . . . . . . . . . . . . . . 798
. . . . . . . . . . . . . . . . . 803
. . . . . . . . . . . . . . . . . 804
. . . . . . . . . . . . . . . . . 806
. . . . . . . . . . . . . . 806
. . . . . . . . . . . . . . . . . . 808
. . . . . . . . . . . . . . . . . . . 810
. . . . . . . . . . . . . . 811
. . . . . . . . . 813
. . . . . . . 814
. . . . . . . . . . . . . . . . . . . . . 816
Contents 25
Page 26
Configuring VLANs (CLI) . . . . . . . . . . . . . . . . . 817
Creating a VLAN
Configuring VLAN Settings for a LAG
Configuring Double VLAN Tagging
Configuring MAC-Based VLANs
Configuring IP-Based VLANs
Configuring a Protocol-Based VLAN
Configuring GVRP
Configuring Voice VLANs
Configuring a Voice VLAN (Extended Example)
Enterprise Voice VLAN Configuration With QoS
MLAG with RPVST and Voice VLAN
Assigning an 802.1p Priority to VLAN Traffic
Configuring a Private VLAN
Configuring Inter-Switch Private VLANs
. . . . . . . . . . . . . . . . . . 817
. . . . . . . . 818
. . . . . . . . . 819
. . . . . . . . . . 822
. . . . . . . . . . . . 824
. . . . . . . . 826
. . . . . . . . . . . . . . . . . . 829
. . . . . . . . . . . . . . 831
. . 833
. . 834
. . . . . . . . 837
. . . . 844
. . . . . . . . . . . . . 845
. . . . . . 847
21 Spanning Tree Protocol . . . . . . . . . . . . . 861
26 Contents
VLAN Configuration Examples
. . . . . . . . . . . . . . 848
Configuring VLANs Using the Dell EMC
OpenManage Switch Administrator
Configuring VLANs Using the CLI
. . . . . . . . 848
. . . . . . . . . . 856
STP Overview . . . . . . . . . . . . . . . . . . . . . . 861
What Are Classic STP, Multiple STP, and
Rapid STP?
How Does STP Work?
How Does MSTP Operate in the Network?
MSTP with Multiple Forwarding Paths
MSTP and VLAN IDs
What are the Optional STP Features?
RSTP-PV
DirectLink Rapid Convergence
. . . . . . . . . . . . . . . . . . . . . 861
. . . . . . . . . . . . . . . 862
. . . . . 863
. . . . . . . 867
. . . . . . . . . . . . . . . . 868
. . . . . . . 868
. . . . . . . . . . . . . . . . . . . . . . . . . 870
. . . . . . . . . . . 872
Page 27
IndirectLink Rapid Convergence Feature . . . . . 874
Interoperability Between STP-PV and RSTP-PV
Modes. . . . . . . . . . . . . . . . . . . . . . . . 876
Interoperability With IEEE Spanning Tree Protocols
Configuration Examples
. . . . . . . . . . . . . . 881
876
Default STP Values
Configuring Spanning Tree (Web)
STP Global Settings
STP Port Settings
STP LAG Settings
Rapid Spanning Tree
MSTP Settings
MSTP Interface Settings
PVST/RPVST Global Configuration
PVST/RPVST VLAN Configuration
. . . . . . . . . . . . . . . . . . . 882
. . . . . . . . . . . . 883
. . . . . . . . . . . . . . . . . 883
. . . . . . . . . . . . . . . . . . 885
. . . . . . . . . . . . . . . . . . 887
. . . . . . . . . . . . . . . . 888
. . . . . . . . . . . . . . . . . . . 890
. . . . . . . . . . . . . . 892
. . . . . . . . . 893
. . . . . . . . . 894
PVST/RPVST Interface Configuration
PVST/RPVST Statistics
Configuring Spanning Tree (CLI)
. . . . . . . . . . . . . . . 897
. . . . . . . . . . . . 898
Configuring Global STP Bridge Settings
Configuring Optional STP Features
. . . . . . . . . 899
Configuring STP Interface Settings
Configuring MSTP Switch Settings
. . . . . . . . . 901
Configuring MSTP Interface Settings
STP Configuration Examples
STP Configuration Example
MSTP Configuration Example
. . . . . . . . . . . . . . 903
. . . . . . . . . . . . . 903
. . . . . . . . . . . 905
RSTP-PV Access Switch Configuration Example
. . . . . . . 896
. . . . . . 898
. . . . . . . . 900
. . . . . . . 902
. 908
22 Discovering Network Devices. . . . . . . . 913
Device Discovery Overview . . . . . . . . . . . . . . . 913
Contents 27
Page 28
What Is ISDP?. . . . . . . . . . . . . . . . . . . . 913
What is IPDT?
What is LLDP?
What is LLDP-MED?
Why are Device Discovery Protocols Needed?
. . . . . . . . . . . . . . . . . . . . 913
. . . . . . . . . . . . . . . . . . . . 914
. . . . . . . . . . . . . . . . 914
. . 914
Default IDSP and LLDP Values
Default IPDT Values
. . . . . . . . . . . . . . . . . . . 916
. . . . . . . . . . . . . . 915
Configuring ISDP and LLDP (Web)
ISDP Global Configuration
ISDP Neighbor Table
. . . . . . . . . . . . . 917
. . . . . . . . . . . . . . . . 919
ISDP Interface Configuration
ISDP Statistics
LLDP Configuration
LLDP Statistics
LLDP Connections
. . . . . . . . . . . . . . . . . . . 921
. . . . . . . . . . . . . . . . . 922
. . . . . . . . . . . . . . . . . . . 924
. . . . . . . . . . . . . . . . . . 925
LLDP-MED Global Configuration
LLDP-MED Interface Configuration
LLDP-MED Local Device Information
LLDP-MED Remote Device Information
Configuring ISDP and LLDP (CLI)
Configuring Global ISDP Settings
Enabling ISDP on a Port
. . . . . . . . . . . . . . . 930
Viewing and Clearing ISDP Information
Configuring Global LLDP Settings
Configuring Port-based LLDP Settings
Viewing and Clearing LLDP Information
Configuring LLDP-MED Settings
Viewing LLDP-MED Information
. . . . . . . . . . . . 917
. . . . . . . . . . . . 920
. . . . . . . . . . 926
. . . . . . . . . 927
. . . . . . . . 928
. . . . . . 928
. . . . . . . . . . . . 929
. . . . . . . . . . 929
. . . . . . 930
. . . . . . . . . . 931
. . . . . . . 931
. . . . . . 932
. . . . . . . . . . 933
. . . . . . . . . . 934
28 Contents
Device Discovery Configuration Examples
Configuring ISDP
Configuring LLDP
. . . . . . . . . . . . . . . . . . 934
. . . . . . . . . . . . . . . . . . 935
. . . . . . . 934
Page 29
Configuring IPDT . . . . . . . . . . . . . . . . . . 937
23 Port-Based Traffic Control . . . . . . . . . . 939
Port-Based Traffic Control Overview . . . . . . . . . . 939
What is Flow Control?
What is Storm Control?
What are Protected Ports?
What is Error Recovery?
What is Link Local Protocol Filtering?
What is Loop Protection?
. . . . . . . . . . . . . . . 940
. . . . . . . . . . . . . . . 940
. . . . . . . . . . . . . 941
. . . . . . . . . . . . . . 941
. . . . . . . 941
. . . . . . . . . . . . . . 943
Default Port-Based Traffic Control Values
Configuring Port-Based Traffic Control (Web)
Flow Control (Global Port Parameters)
Storm Control
. . . . . . . . . . . . . . . . . . . . 946
Protected Port Configuration
LLPF Configuration
. . . . . . . . . . . . . . . . . 950
Configuring Port-Based Traffic Control (CLI)
Configuring Flow Control and Storm Control
Configuring Protected Ports
Configuring LLPF
. . . . . . . . . . . . . . . . . . 953
. . . . . . . . . . . . 952
Port-Based Traffic Control Configuration Example
. . . . . . . 944
. . . . . 945
. . . . . . . 945
. . . . . . . . . . . . 948
. . . . . . 951
. . . . 951
. . . 954
24 Layer-2 Multicast Features . . . . . . . . . . 957
L2 Multicast Overview. . . . . . . . . . . . . . . . . . 957
Multicast Flooding and Forwarding
What Are the Multicast Bridging Features?
What Is L2 Multicast Traffic?
What Is IGMP Snooping?
. . . . . . . . . . . . . . 959
. . . . . . . . 957
. . . . 958
. . . . . . . . . . . . 959
Contents 29
Page 30
What Is MLD Snooping? . . . . . . . . . . . . . . 961
What Is Multicast VLAN Registration?
When Are Layer-3 Multicast Features Required?
What Are GARP and GMRP?
. . . . . . . . . . . . 964
. . . . . . . 963
. 964
Snooping Switch Restrictions
. . . . . . . . . . . . . . 966
MAC Address-Based Multicast Group
Topologies Where the Multicast Source Is Not
Directly Connected to the Querier
. . . . . . . . . 966
Using Static Multicast MAC Configuration
IGMP Snooping and GMRP
Default L2 Multicast Values
. . . . . . . . . . . . . 966
. . . . . . . . . . . . . . . 967
Configuring L2 Multicast Features (Web)
Multicast Global Parameters
Bridge Multicast Group
MFDB Summary
MRouter Status
. . . . . . . . . . . . . . . . . . . 973
. . . . . . . . . . . . . . . . . . . 974
General IGMP Snooping
Global Querier Configuration
VLAN Querier
. . . . . . . . . . . . . . . . . . . . 979
VLAN Querier Status
MFDB IGMP Snooping Table
MLD Snooping General
. . . . . . . . . . . . 969
. . . . . . . . . . . . . . . 970
. . . . . . . . . . . . . . 975
. . . . . . . . . . . . 978
. . . . . . . . . . . . . . . . 981
. . . . . . . . . . . . 982
. . . . . . . . . . . . . . . 983
MLD Snooping Global Querier Configuration
MLD Snooping VLAN Querier
. . . . . . . . . . . . 986
MLD Snooping VLAN Querier Status
MFDB MLD Snooping Table
MVR Global Configuration
MVR Members
. . . . . . . . . . . . . . . . . . . 991
MVR Interface Configuration
MVR Statistics
GARP Timers
GMRP Parameters
. . . . . . . . . . . . . . . . . . . 994
. . . . . . . . . . . . . . . . . . . . 995
. . . . . . . . . . . . . . . . . 997
MFDB GMRP Table
. . . . . . . . . . . . 989
. . . . . . . . . . . . . 990
. . . . . . . . . . . . 991
. . . . . . . . . . . . . . . . . 999
. . . . . . . 966
. . . . . 966
. . . . . . . . 969
. . . . 985
. . . . . . . . 988
30 Contents
Page 31
Configuring L2 Multicast Features (CLI). . . . . . . . 1000
Configuring Layer-2 Multicasting
Configuring IGMP Snooping on VLANs
Configuring IGMP Snooping Querier
Configuring MLD Snooping on VLANs
Configuring MLD Snooping Querier
Configuring MVR
. . . . . . . . . . . . . . . . . 1005
Configuring GARP Timers and GMRP
. . . . . . . . . 1000
. . . . . 1001
. . . . . . . 1002
. . . . . . 1003
. . . . . . . 1004
. . . . . . 1007
Case Study on a Real-World Network Topology
Multicast Snooping Case Study
. . . . . . . . . 1008
. . . 1008
25 Connectivity Fault Management . . . . . 1013
Dot1ag Overview. . . . . . . . . . . . . . . . . . . . 1013
How Does Dot1ag Work Across a Carrier Network?
What Entities Make Up a Maintenance Domain?
What is the Administrator’s Role?
Default Dot1ag Values
. . . . . . . . . . . . . . . . . 1018
Configuring Dot1ag (Web)
Dot1ag Global Configuration
Dot1ag MD Configuration
Dot1ag MA Configuration
Dot1ag MEP Configuration
Dot1ag MIP Configuration
Dot1ag RMEP Summary
Dot1ag L2 Ping
. . . . . . . . . . . . . . . . . . 1024
Dot1ag L2 Traceroute
Dot1ag L2 Traceroute Cache
Dot1ag Statistics
. . . . . . . . . . . . . . . . . 1025
. . . . . . . . . . . . . . . 1019
. . . . . . . . . . . . . 1023
. . . . . . . . . . . . . . . 1024
. . . . . . . . 1017
. . . . . . . . . . . 1019
. . . . . . . . . . . . . 1019
. . . . . . . . . . . . . 1020
. . . . . . . . . . . . 1021
. . . . . . . . . . . . 1022
. . . . . . . . . . . 1025
1014
1015
Configuring Dot1ag (CLI)
. . . . . . . . . . . . . . . . 1027
Contents 31
Page 32
Configuring Dot1ag Global Settings and Creating
Domains
Configuring MEP Information
Dot1ag Ping and Traceroute
. . . . . . . . . . . . . . . . . . . . . . 1027
. . . . . . . . . . . 1028
. . . . . . . . . . . 1029
Dot1ag Configuration Example
. . . . . . . . . . . . 1030
26 Ethernet Ring Protection . . . . . . . . . . . 1033
Ethernet Ring Protection Switching Port Role . . . . 1035
RPL Owner Port
RPL Neighbor Port
Normal Port
R-APS Channel
Traffic Channel
Ring Scope
. . . . . . . . . . . . . . . . . . . . . . . 1036
Ethernet Ring Protection Port Status
Ethernet Ring Protection Timers
Hold-off
Wait-to-Restore
Guard Timer
Wait-to-Block
. . . . . . . . . . . . . . . . . . 1035
. . . . . . . . . . . . . . . . 1035
. . . . . . . . . . . . . . . . . . . . 1035
. . . . . . . . . . . . . . . . . . . . . 1035
. . . . . . . . . . . . . . . . . . . . . 1036
. . . . . . . . . 1036
. . . . . . . . . . . . 1037
. . . . . . . . . . . . . . . . . . . . . . 1037
. . . . . . . . . . . . . . . . . . 1037
. . . . . . . . . . . . . . . . . . . . 1037
. . . . . . . . . . . . . . . . . . . 1037
32 Contents
Revertive and Non-Revertive Operation Modes
Revertive
Non-Revertive
ERPS Subrings
Without R-APS Virtual Channel
With R-APS Virtual Channel
. . . . . . . . . . . . . . . . . . . . . 1038
. . . . . . . . . . . . . . . . . . . 1038
. . . . . . . . . . . . . . . . . . . . . 1038
. . . . . . . . . . 1039
. . . . . . . . . . . 1039
. . . . 1038
Page 33
Topology Change Notification. . . . . . . . . . . . . 1039
Protection Switching Triggers
Ring Failure Detection
Ring Protection Example
. . . . . . . . . . . . 1039
. . . . . . . . . . . . . . . . . 1040
. . . . . . . . . . . . . . . 1040
27 Snooping and Inspecting Traffic. . . . . 1043
Traffic Snooping and Inspection Overview . . . . . . 1043
What Is DHCP Snooping?
How Is the DHCP Snooping Bindings Database
Populated? . . . . . . . . . . . . . . . . . . . . 1045
What Is IP Source Guard?
What is Dynamic ARP Inspection?
Why Is Traffic Snooping and Inspection
Necessary?
. . . . . . . . . . . . . . . . . . . . 1050
Default Traffic Snooping and Inspection Values
Configuring Traffic Snooping and Inspection (Web)
DHCP Snooping Configuration
DHCP Snooping Interface Configuration
DHCP Snooping VLAN Configuration
DHCP Snooping Persistent Configuration
DHCP Snooping Static Bindings Configuration
DHCP Snooping Dynamic Bindings Summary
DHCP Snooping Statistics
IPSG Interface Configuration
IPSG Binding Configuration
IPSG Binding Summary
DAI Global Configuration
DAI Interface Configuration
DAI VLAN Configuration
DAI ACL Configuration
. . . . . . . . . . . . . 1044
. . . . . . . . . . . . 1048
. . . . . . . . 1049
. . . 1050
. 1052
. . . . . . . . . . 1052
. . . . . 1053
. . . . . . . 1055
. . . . 1056
. 1057
. . 1058
. . . . . . . . . . . . 1059
. . . . . . . . . . . 1060
. . . . . . . . . . . 1060
. . . . . . . . . . . . . . 1061
. . . . . . . . . . . . . 1062
. . . . . . . . . . . 1063
. . . . . . . . . . . . . 1065
. . . . . . . . . . . . . . 1066
Contents 33
Page 34
DAI ACL Rule Configuration. . . . . . . . . . . . 1066
DAI Statistics
. . . . . . . . . . . . . . . . . . . 1067
Configuring Traffic Snooping and Inspection (CLI)
Configuring DHCP Snooping
Configuring IP Source Guard
. . . . . . . . . . . 1069
. . . . . . . . . . . 1071
Configuring Dynamic ARP Inspection
Traffic Snooping and Inspection Configuration Examples
Configuring DHCP Snooping
Configuring IPSG
. . . . . . . . . . . . . . . . . 1077
. . . . . . . . . . . 1075
. . 1069
. . . . . . 1072
1075
28 Link Aggregation . . . . . . . . . . . . . . . . . 1079
Link Aggregation . . . . . . . . . . . . . . . . . . . . 1079
Overview
Default Link Aggregation Values
Configuring Link Aggregation (Web)
Configuring Link Aggregation (CLI)
Link Aggregation Configuration Examples
Multi-Switch LAG (MLAG)
Overview
Deployment Scenarios
Definitions
Configuration Consistency
Operation in the Network
Layer-2 Configuration Steps
Switch Firmware Upgrade Procedure
Static Routing on MLAG Interfaces
Caveats and Limitations
Basic Configuration Example
A Complete MLAG Example
. . . . . . . . . . . . . . . . . . . . . 1079
. . . . . . . . . 1083
. . . . . . . . . 1084
. . . . . . . . . . 1090
. . . . 1094
. . . . . . . . . . . . . . . 1097
. . . . . . . . . . . . . . . . . . . . . 1097
. . . . . . . . . . . . . . 1098
. . . . . . . . . . . . . . . . . . . . . 1100
. . . . . . . . . . . . 1101
. . . . . . . . . . . . . 1104
. . . . . . . . . . . 1108
. . . . . . 1111
. . . . . . . . 1112
. . . . . . . . . . . . . . 1119
. . . . . . . . . . . 1125
. . . . . . . . . . . . 1133
34 Contents
Page 35
29 MAC Addressing and Forwarding . . . . 1151
MAC Address Table Overview . . . . . . . . . . . . 1151
How Is the Address Table Populated?
What Information Is in the MAC Address Table?
How Is the MAC Address Table Maintained
Across a Stack?
. . . . . . . . . . . . . . . . . 1152
. . . . . . 1151
1152
Default MAC Address Table Values
Managing the MAC Address Table (Web)
Static Address Table
Global Address Table
. . . . . . . . . . . . . . . 1153
. . . . . . . . . . . . . . . 1155
Managing the MAC Address Table (CLI)
Managing the MAC Address Table
. . . . . . . . . . 1152
. . . . . . 1153
. . . . . . . 1156
. . . . . . . . 1156
30 DHCP Server Settings . . . . . . . . . . . . . 1159
DHCP Overview . . . . . . . . . . . . . . . . . . . . 1159
How Does DHCP Work?
What are DHCP Options?
What Additional DHCP Features Does the Switch
Support?
. . . . . . . . . . . . . . . . . . . . . 1161
Default DHCP Server Values
Configuring the DHCP Server (Web)
DHCP Server Network Properties
Address Pool
. . . . . . . . . . . . . . . . . . . 1165
Address Pool Options
DHCP Bindings
. . . . . . . . . . . . . . . . . . 1171
DHCP Server Reset Configuration
DHCP Server Conflicts Information
DHCP Server Statistics
. . . . . . . . . . . . . 1160
. . . . . . . . . . . . . 1161
. . . . . . . . . . . . . . 1162
. . . . . . . . . . 1163
. . . . . . . . 1163
. . . . . . . . . . . . . . . 1169
. . . . . . . . 1171
. . . . . . . . 1172
. . . . . . . . . . . . . . 1173
Contents 35
Page 36
Configuring the DHCP Server (CLI) . . . . . . . . . . 1174
Configuring Global DHCP Server Settings
Configuring a Dynamic Address Pool
Configuring a Static Address Pool
Monitoring DHCP Server Information
. . . . 1174
. . . . . . . 1175
. . . . . . . . 1176
. . . . . . 1177
DHCP Server Configuration Examples
Configuring a Dynamic Address Pool
Configuring a Static Address Pool
. . . . . . . . . 1178
. . . . . . . 1178
. . . . . . . . 1180
31 IP Routing. . . . . . . . . . . . . . . . . . . . . . . 1183
IP Routing Overview . . . . . . . . . . . . . . . . . . 1183
Default IP Routing Values
IP Path MTU and Path MTU Discovery
ARP Table
. . . . . . . . . . . . . . . . . . . . . . . 1187
Configuring IP Routing Features (Web)
IP Configuration
IP Statistics
ARP Create
. . . . . . . . . . . . . . . . . . . . 1190
ARP Table Configuration
Router Discovery Configuration
Router Discovery Status
Route Table
Best Routes Table
Route Entry Configuration
Configured Routes
Route Preferences Configuration
. . . . . . . . . . . . . . . 1185
. . . . . . . . 1186
. . . . . . . . 1188
. . . . . . . . . . . . . . . . . . 1188
. . . . . . . . . . . . . . . . . . . . 1189
. . . . . . . . . . . . . 1191
. . . . . . . . . 1192
. . . . . . . . . . . . . 1193
. . . . . . . . . . . . . . . . . . . . 1194
. . . . . . . . . . . . . . . . . 1195
. . . . . . . . . . . . . 1196
. . . . . . . . . . . . . . . . 1198
. . . . . . . . . 1199
36 Contents
Configuring IP Routing Features (CLI)
Configuring Global IP Routing Settings
Configuring ARP Settings
. . . . . . . . . . . . . 1201
. . . . . . . . . 1200
. . . . . . 1200
Page 37
Configuring Router Discovery (IRDP). . . . . . . 1202
Configuring Route Table Entries and Route
Preferences
. . . . . . . . . . . . . . . . . . . . 1203
IP Routing Configuration Example
. . . . . . . . . . 1205
Configuring Dell EMC Networking N-Series
Switch A
. . . . . . . . . . . . . . . . . . . . . 1206
Configuring Dell EMC Networking N-Series
Switch B
. . . . . . . . . . . . . . . . . . . . . 1207
32 Routing Interfaces. . . . . . . . . . . . . . . . 1209
Routing Interface Overview . . . . . . . . . . . . . . 1209
What Are VLAN Routing Interfaces?
What Are Loopback Interfaces?
What Are Tunnel Interfaces?
Why Are Routing Interfaces Needed?
Default Routing Interface Values
Configuring Routing Interfaces (Web)
IP Interface Configuration
DHCP Lease Parameters
VLAN Routing Summary
Tunnel Configuration
Tunnels Summary
Loopbacks Configuration
Loopbacks Summary
. . . . . . . . . . . . 1215
. . . . . . . . . . . . . 1216
. . . . . . . . . . . . . 1216
. . . . . . . . . . . . . . . 1217
. . . . . . . . . . . . . . . . . 1218
. . . . . . . . . . . . . 1219
. . . . . . . . . . . . . . . 1220
. . . . . . . 1209
. . . . . . . . . 1210
. . . . . . . . . . . 1211
. . . . . . 1212
. . . . . . . . . . . 1214
. . . . . . . . . 1215
Configuring Routing Interfaces (CLI)
Configuring VLAN Routing Interfaces (IPv4)
Configuring Loopback Interfaces
Configuring Tunnels
. . . . . . . . . . . . . . . 1224
. . . . . . . . . 1221
. . . 1221
. . . . . . . . . 1223
Contents 37
Page 38
33 Layer-2 and Layer-3 Relay Features . . 1225
L2 and L3 Relay Overview . . . . . . . . . . . . . . . 1225
What Is L2 DHCP Relay?
What Is L3 DHCP Relay?
What Is the IP Helper Feature?
. . . . . . . . . . . . . 1225
. . . . . . . . . . . . . 1229
. . . . . . . . . . 1230
Default L2/L3 Relay Values
Configuring L2 and L3 Relay Features (Web)
L2 DHCP Relay Global Configuration
L2 DHCP Relay Interface Configuration
L2 DHCP Relay Interface Statistics
L2 DHCP Relay VLAN Configuration
DHCP Relay Agent Configuration
IP Helper (L3 DHCP Relay) Global Configuration
IP Helper (L3 DHCP Relay) Interface Configuration
IP Helper Statistics
Configuring L2 and L3 Relay Features (CLI)
Configuring L2 DHCP Relay
Configuring L3 Relay (IP Helper) Settings
Relay Agent Configuration Example
. . . . . . . . . . . . . . . 1234
. . . . . 1235
. . . . . . . 1235
. . . . . 1236
. . . . . . . . 1238
. . . . . . . 1239
. . . . . . . . . 1239
. 1241
1243
. . . . . . . . . . . . . . . . 1245
. . . . . . 1246
. . . . . . . . . . . . 1246
. . . . 1248
. . . . . . . . . . 1250
34 OSPF and OSPFv3. . . . . . . . . . . . . . . . . 1253
OSPF Overview. . . . . . . . . . . . . . . . . . . . . 1254
What Are OSPF Areas and Other OSPF Topology
Features?
What Are OSPF Routers and LSAs?
How Are Routes Selected?
How Are OSPF and OSPFv3 Different?
. . . . . . . . . . . . . . . . . . . . . 1254
. . . . . . . 1255
. . . . . . . . . . . . 1255
. . . . . . 1255
38 Contents
OSPF Feature Details
. . . . . . . . . . . . . . . . . . 1256
Page 39
Stub Router . . . . . . . . . . . . . . . . . . . . 1256
Static Area Range Cost
LSA Pacing
. . . . . . . . . . . . . . . . . . . . 1259
Flood Blocking
. . . . . . . . . . . . . . . . . . . . . . . . 1261
MTU
. . . . . . . . . . . . . . 1258
. . . . . . . . . . . . . . . . . . 1260
OSPFv3 MIB Support
Default OSPF Values
. . . . . . . . . . . . . . . . . . 1261
. . . . . . . . . . . . . . . . . . 1262
Configuring OSPF Features (Web)
OSPF Configuration
OSPF Area Configuration
OSPF Stub Area Summary
. . . . . . . . . . . . . . . . 1265
. . . . . . . . . . . . . 1266
. . . . . . . . . . . . 1269
OSPF Area Range Configuration
OSPF Interface Statistics
. . . . . . . . . . . . . 1271
OSPF Interface Configuration
OSPF Neighbor Table
. . . . . . . . . . . . . . . 1273
OSPF Neighbor Configuration
OSPF Link State Database
. . . . . . . . . . . . 1275
OSPF Virtual Link Configuration
OSPF Virtual Link Summary
. . . . . . . . . . . . 1277
OSPF Route Redistribution Configuration
OSPF Route Redistribution Summary
NSF OSPF Configuration
. . . . . . . . . . . . . 1280
Configuring OSPFv3 Features (Web)
OSPFv3 Configuration
OSPFv3 Area Configuration
. . . . . . . . . . . . . . 1281
. . . . . . . . . . . . 1281
OSPFv3 Stub Area Summary
OSPFv3 Area Range Configuration
OSPFv3 Interface Configuration
OSPFv3 Interface Statistics
OSPFv3 Neighbors
. . . . . . . . . . . . . . . . 1289
OSPFv3 Neighbor Table
. . . . . . . . . . . 1288
. . . . . . . . . . . . . 1290
OSPFv3 Link State Database
. . . . . . . . . . . 1265
. . . . . . . . . 1270
. . . . . . . . . . 1272
. . . . . . . . . . 1274
. . . . . . . . . 1275
. . . . 1278
. . . . . . . 1279
. . . . . . . . . 1281
. . . . . . . . . . . 1285
. . . . . . . . 1286
. . . . . . . . . 1287
. . . . . . . . . . . 1291
Contents 39
Page 40
OSPFv3 Virtual Link Configuration . . . . . . . . 1292
OSPFv3 Virtual Link Summary
OSPFv3 Route Redistribution Configuration
OSPFv3 Route Redistribution Summary
NSF OSPFv3 Configuration
. . . . . . . . . . 1294
. . . 1295
. . . . . 1296
. . . . . . . . . . . . 1297
Configuring OSPF Features (CLI)
Configuring Global OSPF Settings
Configuring OSPF Interface Settings
Configuring Stub Areas and NSSAs
Configuring Virtual Links
Configuring OSPF Area Range Settings
Configuring NSF Settings for OSPF
Configuring OSPFv3 Features (CLI)
Configuring Global OSPFv3 Settings
Configuring OSPFv3 Interface Settings
Configuring Stub Areas and NSSAs
Configuring Virtual Links
Configuring an OSPFv3 Area Range
. . . . . . . . . . . . 1298
. . . . . . . . 1298
. . . . . . . 1301
. . . . . . . 1303
. . . . . . . . . . . . . 1305
. . . . . 1307
. . . . . . . . 1309
. . . . . . . . . . 1310
. . . . . . . 1310
. . . . . . 1312
. . . . . . . 1314
. . . . . . . . . . . . . 1316
. . . . . . . 1317
Configuring OSPFv3 Route Redistribution Settings
Configuring NSF Settings for OSPFv3
OSPF Configuration Examples
. . . . . . . . . . . . . 1320
. . . . . . . 1319
Configuring an OSPF Border Router and Setting
Interface Costs
. . . . . . . . . . . . . . . . . . 1320
Configuring Stub and NSSA Areas for OSPF and
OSPFv3 . . . . . . . . . . . . . . . . . . . . . . 1323
Configuring a Virtual Link for OSPF and OSPFv3
Interconnecting an IPv4 Backbone and Local IPv6
Network . . . . . . . . . . . . . . . . . . . . . . 1329
Configuring the Static Area Range Cost
Configuring Flood Blocking
. . . . . . . . . . . . 1337
. . . . . 1332
1318
. 1326
40 Contents
Configuring OSPF VRFs
. . . . . . . . . . . . . . . . 1342
Page 41
35 VRF. . . . . . . . . . . . . . . . . . . . . . . . . . . . 1345
VRF Resource Sharing . . . . . . . . . . . . . . . . . 1346
VRF ARP Entries
VRF Route Entries
. . . . . . . . . . . . . . . . . 1346
. . . . . . . . . . . . . . . . . 1346
36 RIP . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1351
RIP Overview. . . . . . . . . . . . . . . . . . . . . . 1351
How Does RIP Determine Route Information?
What Is Split Horizon?
What RIP Versions Are Supported?
. . . . . . . . . . . . . . 1352
. . . . . . . 1352
. . 1351
Default RIP Values
Configuring RIP Features (Web)
RIP Configuration
RIP Interface Configuration
RIP Interface Summary
RIP Route Redistribution Configuration
RIP Route Redistribution Summary
Configuring RIP Features (CLI)
Configuring Global RIP Settings
Configuring RIP Interface Settings
Configuring Route Redistribution Settings
RIP Configuration Example
. . . . . . . . . . . . . . . . . . . 1353
. . . . . . . . . . . . 1354
. . . . . . . . . . . . . . . . . 1354
. . . . . . . . . . . 1355
. . . . . . . . . . . . . . 1356
. . . . . 1357
. . . . . . . . 1358
. . . . . . . . . . . . . 1359
. . . . . . . . . 1359
. . . . . . . . 1360
. . . . 1361
. . . . . . . . . . . . . . 1363
37 VRRP . . . . . . . . . . . . . . . . . . . . . . . . . . 1367
VRRP Overview . . . . . . . . . . . . . . . . . . . . 1367
How Does VRRP Work?
What Is the VRRP Router Priority?
. . . . . . . . . . . . . . 1367
. . . . . . . . 1368
Contents 41
Page 42
What Is VRRP Preemption? . . . . . . . . . . . . 1368
What Is VRRP Accept Mode?
What Are VRRP Route and Interface Tracking?
VRRP and OSPF Interoperability
. . . . . . . . . . . 1369
. 1369
. . . . . . . . . 1370
Default VRRP Values
Configuring VRRP Features (Web)
VRRP Configuration
VRRP Virtual Router Status
VRRP Virtual Router Statistics
VRRP Router Configuration
VRRP Route Tracking Configuration
VRRP Interface Tracking Configuration
Configuring VRRP Features (CLI)
Configuring VRRP Settings
VRRP Configuration Example
VRRP with Load Sharing
Troubleshooting VRRP
VRRP with Route and Interface Tracking
Configuring VRRP in a VRF
. . . . . . . . . . . . . . . . . . 1371
. . . . . . . . . . . 1372
. . . . . . . . . . . . . . . . 1372
. . . . . . . . . . . . 1373
. . . . . . . . . . 1374
. . . . . . . . . . . . 1375
. . . . . . . 1376
. . . . . 1378
. . . . . . . . . . . . 1380
. . . . . . . . . . . . 1380
. . . . . . . . . . . . . 1382
. . . . . . . . . . . . . 1382
. . . . . . . . . . . . . . 1385
. . . . . 1386
. . . . . . . . . . . . 1389
38 BGP . . . . . . . . . . . . . . . . . . . . . . . . . . . 1393
Overview . . . . . . . . . . . . . . . . . . . . . . . . 1394
Autonomous Systems
Graceful Restart
. . . . . . . . . . . . . . . 1396
. . . . . . . . . . . . . . . . . . 1396
42 Contents
BGP Operations
. . . . . . . . . . . . . . . . . . . . 1396
Decision Process Overview
Path Attributes
. . . . . . . . . . . . . . . . . . 1398
BGP Finite State Machine (FSM)
Detecting Loss of Adjacency
. . . . . . . . . . . 1396
. . . . . . . . . 1401
. . . . . . . . . . . 1403
Page 43
Authentication . . . . . . . . . . . . . . . . . . 1404
Outbound Update Groups
Removing Private AS Numbers
Templates
. . . . . . . . . . . . . . . . . . . . . 1405
Resolving Interface Routes
Originating BGP Routes
Equal Cost Multipath (ECMP)
BGP Next-Hop Resolution
Address Aggregation
Routing Policy
Inbound Policy
. . . . . . . . . . . . . . . . . . . 1413
. . . . . . . . . . . . . . . . . . 1414
Outbound Policy
Routing Policy Changes
BGP Timers
Communities
. . . . . . . . . . . . . . . . . . . . 1416
. . . . . . . . . . . . . . . . . . . 1417
Routing Table Overflow
Route Reflection
VRF Support
. . . . . . . . . . . . . . . . . . . . 1419
BGP Neighbor Configuration
Extended Communities
VPNv4/VRF Route Distribution via MP-BGP
. . . . . . . . . . . . . . . . . . . . . . . . 1425
IPv6
. . . . . . . . . . . . . 1404
. . . . . . . . . . 1405
. . . . . . . . . . . . 1407
. . . . . . . . . . . . . . 1407
. . . . . . . . . . . 1408
. . . . . . . . . . . . 1409
. . . . . . . . . . . . . . . 1411
. . . . . . . . . . . . . . . . . 1414
. . . . . . . . . . . . . 1415
. . . . . . . . . . . . . . 1417
. . . . . . . . . . . . . . . . . 1418
. . . . . . . . . . . 1419
. . . . . . . . . . . . . . 1419
. . . 1422
BGP Limitations
BGP Configuration Examples
Enabling BGP
BGP Example
Network Example
. . . . . . . . . . . . . . . . . . . . 1431
. . . . . . . . . . . . . 1433
. . . . . . . . . . . . . . . . . . . 1433
. . . . . . . . . . . . . . . . . . . 1434
. . . . . . . . . . . . . . . . . 1435
BGP Redistribution of OSPF Example
Configuring the Multi-Exit Discriminator in BGP
Advertised Routes
Configuring Communities in BGP
Configuring a Route Reflector
. . . . . . . . . . . . . . . . 1437
. . . . . . . . . 1438
. . . . . . . . . . 1439
. . . . . . 1436
Contents 43
Page 44
Campus Network MP-BGP and OSPF Configuration 1441
Configuring MP-eBGP and Extended Communities
1457
39 Bidirectional Forwarding Detection . . 1465
Overview . . . . . . . . . . . . . . . . . . . . . . . . 1465
BFD Operational Modes
Asynchronous Mode
Demand Mode
Echo Function
Limitations
BFD Example
. . . . . . . . . . . . . . . . . . . . . . . 1467
. . . . . . . . . . . . . . . . . . . . . . 1468
. . . . . . . . . . . . . . . . 1466
. . . . . . . . . . . . . . . 1466
. . . . . . . . . . . . . . . . . . 1466
. . . . . . . . . . . . . . . . . . . 1467
40 Unicast Reverse Path Forwarding . . . . 1471
Limitations . . . . . . . . . . . . . . . . . . . . . . . 1472
41 IPv6 Routing. . . . . . . . . . . . . . . . . . . . . 1473
IPv6 Routing Overview . . . . . . . . . . . . . . . . . 1473
How Does IPv6 Compare with IPv4?
How Are IPv6 Interfaces Configured?
Default IPv6 Routing Values
. . . . . . . . . . . . . . 1476
Configuring IPv6 Routing Features (Web)
Global Configuration
Interface Configuration
Interface Summary
IPv6 Statistics
IPv6 Neighbor Table
. . . . . . . . . . . . . . . 1478
. . . . . . . . . . . . . . 1479
. . . . . . . . . . . . . . . . 1480
. . . . . . . . . . . . . . . . . . . 1481
. . . . . . . . . . . . . . . 1482
. . . . . . . 1474
. . . . . . 1474
. . . . . . . 1478
44 Contents
Page 45
DHCPv6 Client Parameters . . . . . . . . . . . . 1483
DHCPv6 Client Statistics
IPv6 Router Entry Configuration
IPv6 Route Table
IPv6 Route Preferences
Configured IPv6 Routes
. . . . . . . . . . . . . 1484
. . . . . . . . . 1485
. . . . . . . . . . . . . . . . . 1486
. . . . . . . . . . . . . 1487
. . . . . . . . . . . . . . 1488
Configuring IPv6 Routing Features (CLI)
Configuring Global IP Routing Settings
Configuring IPv6 Interface Settings
Configuring IPv6 Neighbor Discovery
. . . . . . . . 1489
. . . . . . 1489
. . . . . . . 1490
. . . . . . 1491
Configuring IPv6 Route Table Entries and Route
Preferences
IPv6 Show Commands
IPv6 Static Reject and Discard Routes
IPv6 Router Advertisement Guard
. . . . . . . . . . . . . . . . . . . . 1493
. . . . . . . . . . . . . . 1495
. . . . . . . . 1496
. . . . . . . . . . . 1497
42 DHCPv6 Server Settings . . . . . . . . . . . 1501
DHCPv6 Overview . . . . . . . . . . . . . . . . . . . 1501
What Is a DHCPv6 Pool?
What Is a Stateless Server?
What Is the DHCPv6 Relay Agent Information
. . . . . . . . . . . . . . . . . . . . . . 1502
Option?
What Is a Prefix Delegation?
Default DHCPv6 Server and Relay Values
. . . . . . . . . . . . . 1502
. . . . . . . . . . . 1502
. . . . . . . . . . . 1502
. . . . . . . 1503
Configuring the DHCPv6 Server and Relay (Web)
DHCPv6 Global Configuration
DHCPv6 Pool Configuration
Prefix Delegation Configuration
DHCPv6 Pool Summary
. . . . . . . . . . 1504
. . . . . . . . . . . . 1505
. . . . . . . . . 1507
. . . . . . . . . . . . . . 1508
. . . 1504
Contents 45
Page 46
DHCPv6 Interface Configuration . . . . . . . . . 1509
DHCPv6 Server Bindings Summary
DHCPv6 Statistics
. . . . . . . . . . . . . . . . . 1512
. . . . . . . . 1511
Configuring the DHCPv6 Server and Relay (CLI)
. . . . 1513
Configuring Global DHCP Server and Relay Agent
Settings
. . . . . . . . . . . . . . . . . . . . . . 1513
Configuring a DHCPv6 Pool for Stateless Server
Support
. . . . . . . . . . . . . . . . . . . . . . 1513
Configuring a DHCPv6 Pool for Specific Hosts
Configuring DHCPv6 Interface Information
Monitoring DHCPv6 Information
DHCPv6 Configuration Examples
. . . . . . . . . 1516
. . . . . . . . . . . 1518
Configuring a DHCPv6 Stateless Server
. . 1514
. . . . 1515
. . . . . 1518
Configuring the DHCPv6 Server for Prefix
Delegation
. . . . . . . . . . . . . . . . . . . . . 1519
Configuring an Interface as a DHCPv6 Relay
Agent
. . . . . . . . . . . . . . . . . . . . . . . 1519
43 Differentiated Services . . . . . . . . . . . . 1521
DiffServ Overview . . . . . . . . . . . . . . . . . . . 1521
How Does DiffServ Functionality Vary Based on
the Role of the Switch?
What Are the Elements of DiffServ Configuration?
Class-Map Processing
. . . . . . . . . . . . . . 1522
1522
. . . . . . . . . . . . . . 1523
46 Contents
Default DiffServ Values
. . . . . . . . . . . . . . . . 1524
Configuring DiffServ (Web)
DiffServ Configuration
Class Configuration
Class Criteria
. . . . . . . . . . . . . . . . . . . 1527
Policy Configuration
. . . . . . . . . . . . . . 1525
. . . . . . . . . . . . . . 1525
. . . . . . . . . . . . . . . . 1526
. . . . . . . . . . . . . . . 1529
Page 47
Policy Class Definition . . . . . . . . . . . . . . 1531
Service Configuration
Service Detailed Statistics
Flow-Based Mirroring
. . . . . . . . . . . . . . 1534
. . . . . . . . . . . . 1535
. . . . . . . . . . . . . . 1536
Configuring DiffServ (CLI)
DiffServ Configuration (Global)
DiffServ Class Configuration for IPv4
DiffServ Class Configuration for IPv6
DiffServ Protocol Matching
DiffServ Policy Creation
. . . . . . . . . . . . . . . 1537
. . . . . . . . . . 1537
. . . . . . . 1538
. . . . . . . 1539
. . . . . . . . . . . 1541
. . . . . . . . . . . . . 1542
Simple DiffServ Policy Attributes Configuration
DiffServ Service Configuration
DiffServ Configuration Examples
. . . . . . . . . . 1545
. . . . . . . . . . . 1546
Providing Subnets Equal Access to External
Network
Configuring DiffServ Policy Using ACLs
DiffServ for VoIP
WRED
WRED Processing
WRED Drop Probabilities
Exponential Weighting Constant
WRED Color-Aware Processing
Simple Meter Implementation
Single Rate Meter Implementation
Two-Rate Meter Implementation
. . . . . . . . . . . . . . . . . . . . . . 1546
. . . . . 1548
. . . . . . . . . . . . . . . . . 1550
. . . . . . . . . . . . . . . . . . . . . . . . . . 1553
. . . . . . . . . . . . . . . . 1553
. . . . . . . . . . . . . 1553
. . . . . . . . . 1554
. . . . . . . . . 1554
. . . . . . . . . . 1555
. . . . . . . . 1555
. . . . . . . . . 1556
. 1542
44 Class-of-Service . . . . . . . . . . . . . . . . . 1557
CoS Overview . . . . . . . . . . . . . . . . . . . . . 1557
What Are Trusted and Untrusted Port Modes?
How Is Traffic Shaping Used on Egress Traffic?
. 1558
. 1558
Contents 47
Page 48
How Are Traffic Queues Configured? . . . . . . 1559
Which Queue Management Methods Are
Supported? . . . . . . . . . . . . . . . . . . . . 1560
CoS Queue Usage
. . . . . . . . . . . . . . . . . 1561
Default CoS Values
Configuring CoS (Web)
Mapping Table Configuration
Interface Configuration
Interface Queue Configuration
. . . . . . . . . . . . . . . . . . . 1561
. . . . . . . . . . . . . . . . . 1563
. . . . . . . . . . . 1563
. . . . . . . . . . . . . . 1565
. . . . . . . . . . 1566
Interface Queue Drop Precedence Configuration
Configuring CoS (CLI)
Mapping Table Configuration
. . . . . . . . . . . . . . . . . 1569
. . . . . . . . . . . 1569
CoS Interface Configuration Commands
Interface Queue Configuration
. . . . . . . . . . 1570
Configuring Interface Queue Drop Probability
CoS Configuration Example
Explicit Congestion Notification
Enabling ECN in Microsoft Windows
Example 1: SLA Configuration
Example 2: Long-Lived Congestion
. . . . . . . . . . . . . . 1573
. . . . . . . . . . . . 1576
. . . . . . . 1577
. . . . . . . . . . 1578
. . . . . . . . 1582
Example 3: Data Center TCP (DCTCP) Configuration
1567
. . . . . 1570
. . 1572
1582
45 Auto VoIP . . . . . . . . . . . . . . . . . . . . . . . 1585
48 Contents
Auto VoIP Overview . . . . . . . . . . . . . . . . . . 1585
How Does Auto VoIP Use ACLs?
Default Auto VoIP Values
. . . . . . . . . . . . . . . 1586
Configuring Auto VoIP (Web)
Auto VoIP Global Configuration
. . . . . . . . . 1586
. . . . . . . . . . . . . 1587
. . . . . . . . . . 1587
Page 49
Auto VoIP Interface Configuration . . . . . . . . 1587
Configuring Auto VoIP (CLI)
. . . . . . . . . . . . . . 1589
46 IPv4 and IPv6 Multicast. . . . . . . . . . . . 1591
L3 Multicast Overview. . . . . . . . . . . . . . . . . 1591
What Is IP Multicast Traffic?
Multicast Addressing
What Multicast Protocols Does the Switch
Support?
. . . . . . . . . . . . . . . . . . . . . 1593
What Are the Multicast Protocol Roles?
When Is L3 Multicast Required on the Switch?
What Is the Multicast Routing Table?
What Is IGMP?
What Is MLD?
What Is PIM?
What Is DVMRP?
. . . . . . . . . . . . . . . . . . 1596
. . . . . . . . . . . . . . . . . . . 1597
. . . . . . . . . . . . . . . . . . . 1597
. . . . . . . . . . . . . . . . . 1608
Default L3 Multicast Values
Configuring General IPv4 Multicast Features (Web)
Multicast Global Configuration
Multicast Interface Configuration
Multicast Route Table
Multicast Admin Boundary Configuration
Multicast Admin Boundary Summary
Multicast Static MRoute Configuration
Multicast Static MRoute Summary
. . . . . . . . . . . 1592
. . . . . . . . . . . . . . . 1592
. . . . . 1594
. 1594
. . . . . . 1595
. . . . . . . . . . . . . . 1611
. 1613
. . . . . . . . . . 1613
. . . . . . . . 1614
. . . . . . . . . . . . . . 1615
. . . . 1616
. . . . . . 1617
. . . . . 1617
. . . . . . . . 1618
Configuring IPv6 Multicast Features (Web)
IPv6 Multicast Route Table
. . . . . . . . . . . . 1619
Configuring IGMP and IGMP Proxy (Web)
IGMP Global Configuration
. . . . . . . . . . . . 1620
. . . . . . 1619
. . . . . . 1620
Contents 49
Page 50
IGMP Interface Configuration . . . . . . . . . . 1621
IGMP Interface Summary
IGMP Cache Information
IGMP Interface Source List Information
IGMP Proxy Interface Configuration
IGMP Proxy Configuration Summary
IGMP Proxy Interface Membership Info
. . . . . . . . . . . . . 1622
. . . . . . . . . . . . . 1622
. . . . . 1623
. . . . . . . 1624
. . . . . . . 1625
. . . . . 1626
Detailed IGMP Proxy Interface Membership
Information
. . . . . . . . . . . . . . . . . . . . 1627
Configuring MLD and MLD Proxy (Web)
MLD Global Configuration
. . . . . . . . . . . . 1628
MLD Routing Interface Configuration
MLD Routing Interface Summary
. . . . . . . . . 1630
MLD Routing Interface Cache Information
MLD Routing Interface Source List Information
MLD Traffic
MLD Proxy Configuration
. . . . . . . . . . . . . . . . . . . . 1632
. . . . . . . . . . . . . 1633
MLD Proxy Configuration Summary
MLD Proxy Interface Membership Information
Detailed MLD Proxy Interface Membership
Information
. . . . . . . . . . . . . . . . . . . . 1636
Configuring PIM for IPv4 and IPv6 (Web)
PIM Global Configuration
PIM Global Status
PIM Interface Configuration
PIM Interface Summary
Candidate RP Configuration
Static RP Configuration
SSM Range Configuration
BSR Candidate Configuration
BSR Candidate Summary
. . . . . . . . . . . . . 1637
. . . . . . . . . . . . . . . . . 1639
. . . . . . . . . . . 1640
. . . . . . . . . . . . . 1641
. . . . . . . . . . . 1642
. . . . . . . . . . . . . . 1644
. . . . . . . . . . . . 1646
. . . . . . . . . . . 1648
. . . . . . . . . . . . . 1649
. . . . . . . . 1628
. . . . . . 1629
. . . . 1630
. 1631
. . . . . . . 1634
. 1635
. . . . . . . 1637
50 Contents
Configuring DVMRP (Web)
DVMRP Global Configuration
. . . . . . . . . . . . . . . 1650
. . . . . . . . . . . 1650
Page 51
DVMRP Interface Configuration . . . . . . . . . 1651
DVMRP Configuration Summary
DVMRP Next Hop Summary
DVMRP Prune Summary
DVMRP Route Summary
. . . . . . . . . 1652
. . . . . . . . . . . 1653
. . . . . . . . . . . . . 1654
. . . . . . . . . . . . . 1654
Configuring L3 Multicast Features (CLI)
. . . . . . . . 1655
Configuring and Viewing IPv4 Multicast
Information
. . . . . . . . . . . . . . . . . . . . 1655
Configuring and Viewing IPv6 Multicast Route
Information . . . . . . . . . . . . . . . . . . . . 1657
Configuring and Viewing IGMP
Configuring and Viewing IGMP Proxy
Configuring and Viewing MLD
Configuring and Viewing MLD Proxy
. . . . . . . . . . 1658
. . . . . . 1660
. . . . . . . . . . 1661
. . . . . . . 1662
Configuring and Viewing PIM-DM for IPv4
Multicast Routing
. . . . . . . . . . . . . . . . . 1663
Configuring and Viewing PIM-DM for IPv6
Multicast Routing
. . . . . . . . . . . . . . . . . 1664
Configuring and Viewing PIM-SM for IPv4
Multicast Routing . . . . . . . . . . . . . . . . . 1665
Configuring and Viewing PIM-SM for IPv6
Multicast Routing . . . . . . . . . . . . . . . . . 1667
Configuring and Viewing DVMRP Information
L3 Multicast Configuration Examples
. . . . . . . . . 1671
Configuring Multicast VLAN Routing With IGMP
and PIM-SM
Configuring DVMRP
. . . . . . . . . . . . . . . . . . . 1671
. . . . . . . . . . . . . . . 1675
. . 1670
47 Multiple Registration Protocol . . . . . . 1677
Overview . . . . . . . . . . . . . . . . . . . . . . . . 1677
MVRP
. . . . . . . . . . . . . . . . . . . . . . . . . . 1678
Contents 51
Page 52
MMRP . . . . . . . . . . . . . . . . . . . . . . . . . 1679
MRP Configuration Example
. . . . . . . . . . . . . . 1680
48 OpenFlow . . . . . . . . . . . . . . . . . . . . . . . 1683
Dell EMC Networking OpenFlow Hybrid Overview . . 1683
Enable Dell EMC Networking OpenFlow Hybrid
Interaction with OpenFlow Controllers
Deploy OpenFlow Controller Flows
Collect Port and Queue Status and Statistics
Usage Scenarios
Eligible Interfaces
OpenFlow Hybrid
Example Configuration
. . . . . . . . . . . . . . . . . 1721
. . . . . . . . . . . . . . . . . 1721
. . . . . . . . . . . . . . . . . . . . 1722
. . . . . . . . . . . . . . . . . 1722
Interaction with Other Switch Functions
OpenSSL
IP Stack
VLANs
LAGs
Ports
Network Interface ARP Table
Routing Interface ARP Table
QoS
. . . . . . . . . . . . . . . . . . . . . 1723
. . . . . . . . . . . . . . . . . . . . . . 1723
. . . . . . . . . . . . . . . . . . . . . . . 1723
. . . . . . . . . . . . . . . . . . . . . . . . 1724
. . . . . . . . . . . . . . . . . . . . . . . . 1724
. . . . . . . . . . 1724
. . . . . . . . . . . 1724
. . . . . . . . . . . . . . . . . . . . . . . . 1724
IP Routing, IP Multicast, and Layer-2 Multicast
LLDP and Voice VLAN
. . . . . . . . . . . . . . 1725
. . . . . . . . 1716
. . . . . . . 1723
. 1684
. . . . . . 1686
. . 1721
. 1725
52 Contents
Limitations, Restrictions, and Assumptions
. . . . . . 1726
List of OpenFlow—Dell EMC Networking Component
Interferences
OpenFlow Configuration Example
. . . . . . . . . . . . . . . . . . . 1726
. . . . . . . . . . . 1727
Page 53
49 Dell EMC Networking Python Support. 1729
A Appendix . . . . . . . . . . . . . . . . . . . . . . . 1737
Feature Limits and Platform Constants . . . . . . . . 1737
System Process Definitions
SupportAssist
. . . . . . . . . . . . . . . . . . . . . 1758
. . . . . . . . . . . . . . 1751
Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1761
Contents 53
Page 54
54 Contents
Page 55
1
Introduction
The switches in the N-Series are stackable Layer-2 and Layer-3 switches.
These switches include the following features:
• 1U form factor, rack-mountable chassis design.
• Support for all data-communication requirements for a multi-layer switch,
including Layer-2 switching, IPv4 routing, IPv6 routing, IP multicast,
quality of service, security, and system management features.
• High availability with automatic failover and checkpointing of dynamic
state.
The Dell EMC Networking N-Series includes the following switch models:
N1108T-ON, N1108P-ON, N1108EP-ON, N1124T-ON, N1124P-ON,
N1148T-ON, N1148P-ON, N1524, N1524P, N1548, N1548P, N2024, N2024P,
N2048, N2048P, N2128PX-ON, N2224-ON, N2224PX-ON, N2248-ON,
N2248PX-ON, N3132PX-ON, N3208PX-ON, N3224T-ON, N3224F-ON,
N3248X-ON, N3248TE-ON, N3224PX-ON, N3224P-ON, N3248P-ON,
N3248PXE-ON
NOTE: Switch administrators are strongly advised to maintain Dell EMC
Networking N-Series switches on the latest version of the Dell EMC Networking
Operating System. Dell EMC Networking continually improves the features and
functions based on feedback from you, the customer. For critical infrastructure,
prestaging of a new release into a non-critical portion of the network is
recommended to verify network configuration and operation with any new
version of Dell EMC Networking N-Series switch firmware.
About This Document
This guide discusses and provides examples on how to configure, monitor,
and maintain Dell EMC Networking N-Series switches by using web-based
Dell EMC OpenManage Switch Administrator utility or the command-line
interface (CLI).
Introduction 55
Page 56
Examples given in this guide may not include complete CLI syntax as the
preference is to present CLI syntax relevant to the configuration task. Refer to
the Dell EMC Networking N1100-ON, N1500, N2000, N2100-ON, N2200ON, N3000E-ON, N3100-ON, and N3200-ON Series Switches CLI Reference
Guide for definitive syntax for any particular command. The parameter
ranges listed in the examples or text may vary from the allowed range on any
particular switch due to product limitations. Refer to the Feature Limits and
Platform Constants section located in the Appendix of this document for
range limits relevant to a particular switch model.
Audience
This guide is for network administrators in charge of managing one or more
Dell EMC Networking N-Series switches. To obtain the greatest benefit from
this guide, you should have a basic understanding of Ethernet networks and
local area network (LAN) concepts.
Document Conventions
Table 1-1 describes the typographical conventions this document uses.
Table 1-1. Document Conventions
Convention Description
Bold Page names, field names, menu options, button names, and
CLI commands and keywords.
courier font
[ ] In a command line, square brackets indicate an optional
{ } In a command line, inclusive brackets indicate a selection of
Italic In a command line, indicates a variable.
<Enter> Any individual key on the keyboard.
Command-line text (CLI output) and file names
entry.
compulsory parameters separated by the | character. One
option must be selected. For example:
{stp|rstp|mstp} means that for the spanning-tree mode
command, stp, rstp, or mstp must be entered.
spanning-tree mode
56 Introduction
Page 57
Table 1-1. Document Conventions
Convention Description
CTRL + Z A keyboard combination that involves pressing the Z key
while holding the CTRL key.
Additional Documentation
The following documents for the Dell EMC Networking N-Series switches are
available at www.dell.com/support:
• Getting Started Guide—provides information about the switch models in
the series, including front and back panel features. It also describes the
installation and initial configuration procedures.
• CLI Reference Guide—provides information about the command-line
interface (CLI) commands used to configure and manage the switch. The
document provides in-depth CLI descriptions, syntax, default values, and
usage guidelines.
Introduction 57
Page 58
58 Introduction
Page 59
Switch Feature Overview
This section describes the switch user-configurable software features.
NOTE: Before proceeding, read the release notes for this product. The release
notes are part of the firmware download.
The topics covered in this section include:
2
• System Management
Features
• Stacking Features
• Security Features
• Green Technology Features
• Power over Ethernet (PoE)
Features
• Switching Features
• Virtual Local Area Network
Supported Features
• Spanning Tree Protocol
Features
• Link Aggregation Features
• Routing Features
• IPv6 Routing Features
• Quality of Service (QoS)
Features
• Layer-2 Multicast Features
• Layer-3 Multicast Features
Switch Feature Overview 59
Page 60
System Management Features
Multiple Management Options
Any of the following methods can be used to manage the switch:
• Use a web browser to access the
Administrator
that serves HTML pages.
support HTTP and HTTPS over IPv4 or IPv6.
• Use a Telnet client, SSH client, or a direct console connection to access
the CLI. The CLI
common industry practice. Dell EMC Networking N-Series switches
support Telnet and SSH access over IPv4 or IPv6.
• Use a network management system (NMS), like the Dell EMC
OpenManage Network Manager, to manage and monitor the system
through SNMP. The switch supports
transport protocol.
Nearly all switch features support a pre-configuration capability, even when
the feature is not enabled or the required hardware is not present. Preconfigured capabilities become active only when enabled (typically via an
admin mode control) or when the required hardware is present (or both). For
example, a port can be preconfigured with both trunk and access mode
information. The trunk mode information is applied only when the port is
placed into trunk mode and the access mode information is only applied
when the port is placed into access mode. Likewise, OSPF routing can be
configured in the switch without being enabled on any port. This capability is
present in all of the switch management options.
interface. The switch contains an embedded Web server
syntax and semantics conform as much as possible to
Dell EMC OpenManage Switch
Dell EMC Networking N-Series switches
SNMP v1/v2c/v3 over the UDP/IP
System Time Management
The switch can be configured to obtain the system time and date through a
remote Simple Network Time Protocol (SNTP) server, or the time and date
can be set locally on the switch. The time zone and information about time
shifts that might occur during summer months can also be configured. When
SNTP is used to obtain the time, communications between the switch and
the SNTP server can be encrypted.
The Dell EMC Networking SNTP client supports connection to SNTP
servers over IPv4 or IPv6.
60 Switch Feature Overview
Page 61
For information about configuring system time settings, see "Managing
General System Settings" on page 463.
Log Messages
The switch maintains in-memory log messages as well as persistent logs.
Remote logging can be configured so that the switch sends log messages to a
remote syslog server. The switch can also be configured to email log messages
to a configured SMTP server. This allows the administrator to receive the log
message in a specified e-mail account. Switch auditing messages, CLI
command logging, Web logging, and SNMP logging can be enabled or
disabled.
Dell EMC Networking N-Series switches support logging to syslog servers
over IPv4 or IPv6.
For information about configuring system logging, see "Monitoring and
Logging System Information" on page 425.
System Reset
When the switch is reset, it logs the reason in the persistent log, which is
displayed in the log on startup. The possible reasons for a switch reset are:
• Switch was reset due to operator intervention.
• Switch was reset due to a software exception.
• Switch was reset due to a watchdog expiration.
• Switch was reset due to a Stack Manager conflict.
• Switch was reset due to software-initiated exit.
• Switch was reset due to power disruption or unexpected restart
(error[0x0]).
The last reason code is the default if none of the other conditions are
detected.
Integrated DHCP Server
NOTE: This feature is not supported on the Dell EMC Networking
N1100-ON/N1500 Series switches.
Switch Feature Overview 61
Page 62
Dell EMC Networking N-Series switches include an integrated DHCP server
that can deliver host-specific configuration information to hosts on the
network. The switch DHCP server allows the configuration of IPv4 address
pools (scopes), and when a host’s DHCP client requests an address, the
switch DHCP server automatically assigns the host an address from the pool.
For information about configuring the DHCP server settings, see "DHCP
Server Settings" on page 1159.
Management of Basic Network Information
The DHCP client on the switch allows the switch to acquire information such
as the IPv4 or IPv6 address and default gateway from a network DHCP server.
The DHCP client can also be disabled and static network information can be
configured instead. Other configurable network information includes a
Domain Name Server (DNS), hostname to IP address mapping, and a default
domain name.
If the switch detects an IP address conflict on the management interface, it
generates a trap and sends a log message.
For information about configuring basic network information, see "Setting
the IP Address and Other Basic Network Information" on page 223.
IPv6 Management Features
Dell EMC Networking N-Series switches provide IPv6 support for many
standard management features including HTTP, HTTPS/SSL, Telnet, SSH,
syslog, SNTP, TFTP, and traceroute on both the in-band and out-of-band
management ports.
Dual Software Images
Dell EMC Networking N-Series switches can store up to two software images.
The dual image feature enables upgrading the switch without deleting the
older software image. One image is designated as the active image and the
other image as the backup image.
For information about managing the switch image, see "Images and File
Management" on page 543.
62 Switch Feature Overview
Page 63
File Management
Files, such as configuration files and system images, can be uploaded and
downloaded using HTTP (web only), TFTP, Secure FTP (SFTP), or Secure
Copy (SCP). Configuration file uploads from the switch to a server are a good
way to back up the switch configuration. A configuration file can also be
downloaded from a server to the switch to restore the switch to the
configuration in the downloaded file.
Files can be copied to and from a USB Flash drive that is plugged into the
USB port on the front panel of the switch. Or, the switch can be automatically
upgraded by booting it with a newer firmware image on a USB drive plugged
into the switch. Dell EMC Networking N-Series switches support file copy
protocols to both IPv4 and IPv6 servers.
For information about uploading, downloading, and copying files, see "Images
and File Management" on page 543.
Switch Database Management Templates
Switch Database Management (SDM) templates enable reallocating system
resources to support a different mix of features based on network
requirements. Dell EMC Networking N-Series switches support the following
three templates:
• Dual IPv4 and IPv6 (default)
• IPv4 Routing
• IPv4 Data Center
For information about setting the SDM template, see "Managing General
System Settings" on page 463.
Automatic Installation of Firmware and Configuration
The Auto Install feature allows the switch to upgrade or downgrade to a
newer software image and update the configuration file automatically during
device initialization with limited administrative configuration on the device.
If a USB device is connected to the switch and contains a firmware image
and/or configuration file, the Auto Install feature installs the image or
configuration file from USB device. Otherwise, the switch can obtain the
necessary information from a DHCP server on the network.
Switch Feature Overview 63
Page 64
NOTE: Automatic migration of the startup configuration to the next version of
firmware from the current and previous versions of firmware is supported; the
syntax is automatically updated when it is read into the running-config. Check
the release notes to determine if any parts of the configuration cannot be
migrated. Save the running-config to maintain the updated syntax. Migration of
configuration is not assured on a firmware downgrade. When upgrading or
downgrading firmware, check the configuration to ensure that it implements the
desired configuration. Meta-configuration data (stack-port and slot
configuration) is always reset to the defaults on a downgrade on each stack unit.
As an example, Ethernet ports configured as stacking ports default back to
Ethernet mode on a downgrade.
Migration of configuration information is never assured when errors are shown
while the system is booting. Although the errored lines are displayed, commands
that enter a sub-configuration mode followed by an exit command cause the CLI
to exit Global Configuration mode, and subsequent configuration commands are
ignored. Always hand-edit the startup-config if errors are shown on the screen
during bootup.
For information about Auto Install, see "DHCP and USB AutoConfiguration" on page 575.
sFlow
sFlow is the standard for monitoring high-speed switched and routed
networks. sFlow technology is built into network equipment and gives
complete visibility into network activity, enabling effective management and
control of network resources. The Dell EMC Networking N-Series switches
support sFlow version 5.
For information about configuring managing sFlow settings, see "Monitoring
Switch Traffic" on page 595.
SNMP Alarms and Trap Logs
The system logs events with severity codes and timestamps. The events are
sent as SNMP traps to a trap recipient list.
For information about configuring SNMP traps and alarms, see "SNMP" on
page 505.
64 Switch Feature Overview
Page 65
CDP Interoperability Through ISDP
Industry Standard Discovery Protocol (ISDP) allows the Dell EMC
Networking N-Series switch to interoperate with Cisco devices running the
Cisco Discovery Protocol (CDP). ISDP is a proprietary Layer-2 network
protocol which inter-operates with Cisco network equipment and is used to
share information between neighboring devices (routers, bridges, access
servers, and switches).
For information about configuring ISDP settings, see "Discovering Network
Devices" on page 913.
Remote Monitoring (RMON)
RMON is a standard Management Information Base (MIB) that defines
current and historical MAC-layer statistics and control objects, allowing realtime information to be captured across the entire network.
For information about configuring managing RMON settings, see
"Monitoring Switch Traffic" on page 595.
Stacking Features
For information about creating and maintaining a stack of switches, see
"Stacking" on page 249.
Mixed and Single Series Stacking
The Dell EMC Networking N2000, N2100-ON, N3000E-ON, N3100-ON,
and N3200-ON Series switches include a stacking feature that allows multiple
switches of the same or different series to operate as a single unit as listed
below.
Dell EMC Networking N1100-ON Series switches stack with other Dell EMC
N1100-ON Series switches and Dell EMC Networking N1500 Series switches
stack with other Dell EMC N1500 Series switches.
The Dell EMC Networking N1124T-ON/N1124P-ON/N1148P-ON/N1148TON switches stack up to four units using 10G Ethernet ports configured for
stacking. The Dell EMC Networking N1500 Series switches stack up to four
units using 10GB Ethernet links configured as stacking.
Switch Feature Overview 65
Page 66
Dell EMC Networking N2000 Series switches stack with other Dell EMC
Networking N2000 Series switches and with Dell EMC Networking N2100ON Series switches stack in a stack of up to 12 units. Dell EMC Networking
N2000 and N2100-ON Series switches have two fixed mini-SAS stacking
connectors at the rear. Any unit may be the stack master. The mixed stacking
image name is N2000N2100Stdv6.5.1.X.itb. Dell EMC Networking N2200ON Series switches stack with other Dell EMC Networking N2200-ON Series
switches in a stack of up to twelve units. The image name is N2200EONv6.6.X.Y.stk.
Dell EMC Networking N2100-ON and N2000 switch series firmware is also
available without mixed stacking capabilities. These images are named as
follows:
N2100Stdv6.5.1.X.stk - N2100 only stack
N2000Stdv6.5.1.X.stk - N2000 only stack
Dell EMC Networking N3100-ON Series switches stack with the Dell EMC
Networking N3000E-ON switches in a stack of up to twelve units. The image
name is N3000N3100Advv6.5.1.x.itb. Any unit may be the stack master.
N3024/N3024P/N3034F/N3048/N3048P units will be recognized if stacked
with this image. However, the front panel interfaces will remain detached and
inoperable.
Dell EMC Networking N3100-ON and N3000E-ON switch series firmware is
also available without mixed stacking capabilities. These images are named as
follows:
N3100Advv6.5.1.X.stk - N3100 only stack
N3000E-ONAdvv6.5.1.X.stk - N3000E-ON only stack
Dell EMC Networking N3200-ON Series switches stack with other Dell EMC
Networking N3200-ON Series switches in a stack of up to twelve units using
the 2x50G stacking ports. The image name is N3200-ONv6.6.X.Y.stk.
Single IP Management
When multiple switches are connected together through the stack ports, they
operate as a single unit with a larger port count. The stack operates and is
managed as a single entity. One switch acts as the master, and the entire stack
is managed through the management interface (Web, CLI, or SNMP) of the
stack master.
66 Switch Feature Overview
Page 67
Master Failover with Transparent Transition
The stacking feature supports a standby or backup unit that assumes the
stack master role if the stack master fails. As soon as a stack master failure is
detected, the standby unit initializes the control plane and enables all other
stack units with the current configuration. The standby unit maintains a
synchronized copy of the running configuration for the stack.
Nonstop Forwarding on the Stack
The Nonstop Forwarding (NSF) feature allows the forwarding plane of stack
units to continue to forward packets while the control and management
planes restart as a result of a power failure, hardware failure, or software fault
on the stack master and allows the standby switch to quickly takeover as the
master.
Hot Add/Delete and Firmware Synchronization
Units can be added to and deleted from the stack without cycling the power
on the stack. Units to be added to the stack must be powered off prior to
cabling into the stack to avoid election of a new master unit and a possible
downgrade of the stack. When the newly added unit is powered on, the Stack
Firmware Synchronization feature, if enabled, automatically synchronizes the
firmware version with the version running on the stack master. The
synchronization operation may result in either an upgrade or a downgrade of
firmware on the mismatched stack member. Once the firmware is
synchronized on a member unit, the running-config on the member is
updated to match the master switch. The startup-config on the standby and
member switches is not updated to match the master switch due to
configuration changes on the master switch. Saving the startup config on the
master switch also saves it to the startup config on all the other stack
members. The hardware configuration of every switch is updated to match
the master switch (unit number, slot configuration, stack member number,
etc.).
NOTE: ALWAYS POWER OFF a unit to be added to a stack prior to cabling it into
the stack. Newly added units must be powered on one-at-a-time beginning with
the unit directly connected to an already powered on stack member.
Switch Feature Overview 67
Page 68
Security Features
Configurable Access and Authentication Profiles
Rules can be configured to limit access to the switch management interface
based on criteria such as access type and source IP address of the
management host. The user can also be required to be authenticated locally
or by an external server, such as a RADIUS server.
For information about configuring access and authentication profiles, see
"Authentication, Authorization, and Accounting" on page 287.
Password-Protected Management Access
Access to the Web, CLI, and SNMP management interfaces is password
protected, and there are no default users on the system.
For information about configuring local user accounts, see "Authentication,
Authorization, and Accounting" on page 287.
Strong Password Enforcement
The Strong Password feature enforces a baseline password strength for all
locally administered users. Password strength is a measure of the effectiveness
of a password in resisting guessing and brute-force attacks. The strength of a
password is a function of length, complexity and randomness. Using strong
passwords lowers overall risk of a security breach.
For information about configuring password settings, see "Authentication,
Authorization, and Accounting" on page 287.
TACACS+ Client
The switch has a TACACS+ client. TACACS+ provides centralized security
for validation of users accessing the switch. TACACS+ provides a centralized
user management system while still retaining consistency with RADIUS and
other authentication processes.
For information about configuring TACACS+ client settings, see
"Authentication, Authorization, and Accounting" on page 287.
68 Switch Feature Overview
Page 69
RADIUS Support
The switch has a Remote Authentication Dial In User Service (RADIUS)
client and can support up to 32 named authentication and accounting
RADIUS servers. The switch also supports configuration of multiple RADIUS
Attributes and accepts RADIUS COA termination requests. The switch can
also be configured to accept RADIUS-assigned VLANs, ACLs and DiffServ
Policies.
For information about configuring RADIUS client settings, see
"Authentication, Authorization, and Accounting" on page 287.
SSH/SSL
The switch supports Secure Shell (SSH) for secure, remote connections to
the CLI and Secure Sockets Layer (SSL) to increase security when accessing
the web-based management interface. The SSH server can be enabled using
the ip ssh server command or disabled using the no ip ssh server command.
For information about configuring SSH and SSL settings, see
"Authentication, Authorization, and Accounting" on page 287.
Inbound Telnet Control
By default, the switch allows access over Telnet. The administrator can enable
or disable the Telnet server using the ip telnet server command. Additionally,
the Telnet port number is configurable using the same command.
For information about configuring inbound Telnet settings, see
"Authentication, Authorization, and Accounting" on page 287.
Denial of Service
The switch supports configurable Denial of Service (DoS) attack protection
for eight different types of attacks.
For information about configuring DoS settings, see "Port and System
Security" on page 695.
Switch Feature Overview 69
Page 70
Port Protection
A port may be put into the error-disabled state for any of the following
reasons:
• BPDU Storm: By default, if Spanning Tree Protocol (STP) bridge protocol
data units (BPDUs) are received at a rate of 15pps or greater for three
consecutive seconds on a port, the port will be error-disabled. The
threshold is not configurable.
• Broadcast, Multicast, Unicast Storm: If broadcast, unknown multicast, or
unknown unicast packets are received at a rate greater than the configured
limit and the configured action is to disable the port, the port will be errordisabled. Storm control is not enabled by default. See the storm-control
commands for further information. A trap is issued for ports disabled by
Storm Control.
• DHCP Rate Limit: If DHCP packets are received on a port at a rate that
exceeds 15 pps, the port will be error-disabled. The threshold is
configurable up to 300 pps for up to 15s long using the
limit
command. DHCP snooping is disabled by default. The default
protection limit is 15 pps. A trap is issued for interfaces disabled by DHCP
Snooping.
• DoS: Interfaces on which a denial of service attack is detected are errordisabled. Refer to the dos-control command for configuration options.
• ARP Inspection: By default, if Dynamic ARP Inspection packets are
received on a port at a rate that exceeds 15 pps for 1 second, the port will
be error-disabled. The threshold is configurable up to 300 pps and the
burst is configurable up to 15s long using the
command. A trap is issued for interfaces disabled by Dynamic ARP
Inspection.
• SFP Mismatch: Insertion of an unsupported SFP transceiver will errordisable the interface. This behavior can be suppressed using the service
unsupported-transceiver command.
• SFP+ transceivers: SFP+ transceivers are not compatible with SFP slots
(N3024F front-panel ports). To avoid damage to SFP+ transceivers
mistakenly inserted into SFP ports, the SFP port is error-disabled when an
SFP+ transceiver is detected.
• UDLD: Interfaces on which unidirectional packet flow is detected are
error-disabled.
ip arp inspection limit
ip dhcp snooping
70 Switch Feature Overview
Page 71
• ICMP storms: Ports on which ICMP storms are detected are errordisabled. The rate limit and burst sizes are configurable separately for IPv4
and IPv6.
• PML: Interfaces on which the port security violation is configured to shut
down the interface are error-disabled when a violation occurs.
• Loop Protect: Loop protection diagnostically disables ports on which a
loop is detected. A log message may be issued when a port is disabled by
Loop Protection.
• BPDU Guard: An interface that receives a BPDU with BPDU guard
enabled is error-disabled. Use the spanning-tree bpdu-protection
command to enable BPDU guard.
A port that is error-disabled may be returned to service using the no
shutdown command. Alternatively, the operator may configure the auto
recovery service to return the error disabled ports to service after a
configurable period of time. Refer to the errdisable recovery command for
more information.
Captive Portal
The Captive Portal feature blocks clients from accessing the network until
user verification has been established. When a user attempts to connect to
the network through the switch, the user is presented with a customized Web
page that might contain username and password fields or the acceptable use
policy. Users can be required to be authenticated by a local or remote
RADIUS database before access is granted.
For information about configuring the Captive Portal features, see "Captive
Portal" on page 388.
802.1X Authentication (IEEE 802.1X)
802.1X authentication enables the authentication of network clients through
a local internal server or an external server. Only authenticated and approved
network clients can transmit and receive frames over the port. Clients are
authenticated using the Extensible Authentication Protocol (EAP). EAPMD5 authentication with no privacy protocol is supported for switchinitiated (server-side) authentication to remote authentication servers. Local
(IAS) authentication supports EAP-MD5 only. MAB supports EAP, PAP, and
CHAP. Encrypted communication with authentication servers is not
Switch Feature Overview 71
Page 72
supported; however, the switch will transport encrypted packets, such as
PEAP or EAP-TLS packets, between the supplicant and authentication server
in support of mutual authentication and privacy.
For information about configuring IEEE 802.1X settings, see "IEEE 802.1X"
on page 351.
MAC-Based 802.1X Authentication
MAC-based authentication allows multiple supplicants connected to the
same port to each authenticate individually. The switch uses the device’s
MAC address to restrict access to the port to only the devices that have
authenticated. For example, a system attached to the port might be required
to authenticate in order to gain access to the network, while a VoIP phone
might not need to authenticate in order to send voice traffic through the port.
For information about configuring MAC-based 802.1X authentication, see
"IEEE 802.1X" on page 351.
802.1X Monitor Mode
Monitor mode is intended to provide network administrators with a way of
validating authentication access in a test environment. Because monitor
mode always allows network access whenever possible, it should never be used
in a production network with real users except on a limited temporary basis.
Use monitor mode with test users or in a non-production environment to
troubleshoot 802.1X configurations.
Monitor mode can be enabled in conjunction with 802.1X authentication to
allow network access even when the user fails to authenticate. The switch logs
the results of the authentication process for diagnostic purposes. The only
purpose of this mode is to help troubleshoot the configuration of 802.1X
authentication on the switch without affecting the network access to the
users of the switch.
For information about enabling the 802.1X Monitor mode, see "IEEE 802.1X"
on page 351.
72 Switch Feature Overview
Page 73
Port Security
The port security feature limits access on a port to users with specific MAC
addresses. These addresses are manually defined or learned on that port.
When a frame is seen on a locked port, and the frame source MAC address is
not tied to that port, the protection mechanism is invoked.
For information about configuring port security, see "Port and System
Security" on page 695.
Access Control Lists (ACLs)
Access Control Lists (ACLs) can help to ensure network availability for
legitimate users while blocking attempts to access the network by
unauthorized users or to restrict legitimate users from accessing the network.
ACLs may be used to provide traffic flow control, restrict contents of routing
updates, decide which types of traffic are forwarded or blocked, and above all,
provide some level of security for the network. The switch supports the
following ACL types:
• IPv4 ACLs
• IPv6 ACLs
• MAC ACLs
For all ACL types, the ACL rule can be configured to filter traffic when a
packet enters or exits the Ethernet port, LAG, or VLAN interface. ACLs work
only on switched ports. They do not operate on the out-of-band port.
ACLs can be used to implement policy-based routing (PBR) to implement
packet routing according to specific organizational policies.
For information about configuring ACLs and PBR, see "Access Control Lists"
on page 703.
Time-Based ACLs
With the Time-based ACL feature, the administrator can define when an
ACL is in effect and the amount of time it is in effect.
For information about configuring time-based ACLs, see "Access Control
Lists" on page 703.
Switch Feature Overview 73
Page 74
IP Source Guard (IPSG)
IP source guard (IPSG) is a security feature that filters IP packets based on
the source ID. The source ID may either be source IP address or a source IP
address source MAC address pair as found in the local DHCP snooping
database. IPSG depends on DHCP Snooping to associate IP address with
MAC addresses.
For information about configuring IPSG, see "Snooping and Inspecting
Traffic" on page 1043.
DHCP Snooping
DHCP Snooping is a security feature that monitors DHCP messages between
a DHCP client and DHCP server. It filters harmful DHCP messages and
builds a bindings database of (MAC address, IP address, VLAN ID, port)
tuples that are specified as authorized. DHCP snooping can be enabled
globally and on specific VLANs. Ports within the VLAN can be configured to
be trusted or untrusted. DHCP servers must be reached through trusted ports.
For information about configuring DHCP Snooping, see "Snooping and
Inspecting Traffic" on page 1043.
Dynamic ARP Inspection
Dynamic ARP Inspection (DAI) is a security feature that rejects invalid and
malicious ARP packets. The feature prevents a class of man-in-the-middle
attacks, where an unfriendly station intercepts traffic for other stations by
poisoning the ARP caches of its unsuspecting neighbors. The malicious
station sends ARP requests or responses mapping another station's IP address
to its own MAC address.
Dynamic ARP Inspection relies on DHCP Snooping.
For information about configuring DAI, see "Snooping and Inspecting Traffic"
on page 1043.
Protected Ports (Private VLAN Edge)
Private VLAN Edge (PVE) ports are a Layer-2 security feature that provides
port-based security between ports that are members of the same VLAN. It is
an extension of the common VLAN. Traffic from protected ports is sent only
to the uplink ports and cannot be sent to other ports within the VLAN.
74 Switch Feature Overview
Page 75
For information about configuring IPSG, see "Port-Based Traffic Control" on
page 939.
Green Technology Features
For information about configuring Green Technology features, see "Port
Characteristics" on page 663.
Energy Detect Mode
When the Energy Detect mode is enabled and the port link is down, the PHY
automatically goes down for short period of time and then wakes up
periodically to check link pulses. This mode reduces power consumption on
the port when no link partner is present. Energy Detect is proprietary and
operates independently from EEE.
Energy Efficient Ethernet
Dell EMC Networking switches support IEEE 802.3az Energy Efficient
Ethernet (EEE) Lower Power Idle Mode on front panel copper ports, which
enables both the send and receive sides of the link to disable some
functionality for power savings when the link is lightly loaded. EEE is
standardized by the IEEE and operates independently of Energy Detect. EEE
requires auto-negotiation to be enabled. Setting a port to a forced speed
disables EEE.
EEE and Energy Detect are supported on the Dell EMC Networking N1100ON, N2000, N2100-ON, N3000E-ON, N3100-ON, and N3200-ON Series 1G
copper ports. EEE is supported on Gigabit Ethernet ports 1-8 on the N1108
Series switches, on Gigabit Ethernet ports 5-20 on the N1124 Series switches,
and Gigabit Ethernet ports 9-24 and 29-44 on the N1148 Series switches.
EEE is supported on Gigabit Ethernet ports 1-17 on the N1524 and Gigabit
Ethernet ports 9-41 on the N1548. Energy detect is supported on all Gigabit
Ethernet ports on the N1100 and N1500 Series switches.
EEE and Energy Detect are enabled by default on the N-Series copper ports.
Neither Energy Detect nor EEE are supported on out-of-band, 2.5G or 5G
NBASE-T ports.
Switch Feature Overview 75
Page 76
Power Utilization Reporting
The switch displays the current power consumption of the power supply (or
power supplies). This information is available from the management
interface.
Power over Ethernet (PoE) Features
Dell EMC Networking PoE switches implement IEEE 802.3af and IEEE
802.3at functionality as well as legacy (capacitor) and pre-standard PDs
detection. IEEE 802.3bt capability is also supported on the N2200 and N3200
model. Moreover, additional protections, such as short circuit and dV/dT
protection upon startup, are supported.
PD Detection
The PD detection feature detects a valid AF or AT load, as specified in the
AF/AT standard. PD detection is based on four different voltage levels
generated to the PD (the load), as illustrated in the following figure.
Figure 2-1. PD Detection
Legacy (Reduced Capacitor) Detection
In cases where legacy detection is enabled, the PD Detection mechanism
detects and powers up legacy PDs as well as AF/AT-compliant PDs. This
mechanism is designed to detect and power up pre-standard legacy PDs.
76 Switch Feature Overview
Page 77
Classification
The classification process takes place immediately after PD detection has
successfully completed. The goal of the classification process is to detect the
PD class, as specified in IEEE802.3AF and AT standards.
• In AF mode, the classification mechanism is based on a single event, and
the device is classified as a Type 1 PD.
• In AT mode, the classification mechanism is based on two events as
defined in IEEE802.3AT-2009, and the device is classified as a Type 1 or a
Type 2 PD.
Port Start Up
Upon a successful detection and classification process, power is applied to the
load using a controlled Start Up mechanism. During this period, inrush
current is limited to 425 milliampere (mA) for a typical duration of 65
milliseconds (ms), which allows PD load to charge to a steady state power
condition.
Overload Detection and Port Shutdown
After power up, the switch automatically initializes its internal protection
mechanisms. These are utilized to monitor and disconnect power from the
PD in the cases where extreme conditions occur, as specified in the
IEEE802.3AF/AT standard. These conditions include over-current or short
ports terminals scenarios.
Disconnect Detection
The PoE switches support a DC Disconnect Function, per the
IEEE802.3AF/AT standard. This mechanism continuously monitors load
current and disconnects power in cases where the load current is below 7.5mA
(typical) for more than 324 ms.
IC Thermal Monitoring
The PoE IC contains a thermal sensor that is sampled every 20ms so the die
temperature is monitored at all times. In case the die exceeds the 150°C, the
system ports will be disconnected to protect the ICs.
Switch Feature Overview 77
Page 78
Over-Temperature Protection
In addition to the die thermal sensor, there are thermal sensors on each
MOSFET that continuously monitor per port main MOSFETs junction
temperature and will shut down the port load power in cases where the
temperature exceeds 200°C.
4-Pair Ports
In order to have the ability to deliver more than 30w to the PD, 4-pair
powering is used. 4-pair powering utilizes all eight Registered Jack-45 (RJ-45)
wires for delivering the power. It is implemented by utilizing two separate
front-ends, each capable of delivering maximum AT power, enabling delivery
of 60W over four pairs. The two front ends drive separate pairs and connect
together inside the PD.
The combined front ends follow certain rules:
1
Line detection:
• In case one pair fails pre-detection, the port will turn on as a 2-pair
port.
• In case both pairs pass pre-detection and fail line detection, the port
will not power on.
2
Classification:
• PD must have a mechanism that counts the number of class events
and determines the PSE type.
• 2 class events — PSE is two pairs AT.
• 4 class events — PSE is four pairs AT/UPoE.
• When one of the classes (or both) is class error, both pairs will not turn
on.
• When the ports have different class levels, the switch will not turn on
any of the pairs.
3
Startup:
• Startup of the ports is done simultaneously with maximum gap of
10ms.
4
Port disconnection:
78 Switch Feature Overview
Page 79
• In case one of the pairs disconnects due to fault (OVL, UDL, OVT,
SC, TLIM), the second pair will immediately follow and also
disconnect.
IEEE 802.3bt Capability
The Dell Networking N2224PX-ON/N2248PX-ON switches implement
802.3bt Type 3 power sourcing equipment capability. The
N3208P/N3224P/N3248P switches implement 802.3bt Type 2 power sourcing
equipment capability. The N3224PX/N3248PXE switches implement 802.3bt
Type 4 power sourcing equipment capability. These switches are capable of
negotiating the capabilities with the powered device via LLDP. IEEE 802.3bt
support allows 2 pair class 0-4, 4 pair, class 0-4, and 2, 3, or 4 pair class 5-6
power. The N3224PX-ON and N3248PX-ON models also support IEEE
802.3bt 4-pair class 7-8 power.
There are two modes of operation as determined by the power inline
detection configuration. The 802.3bt-capable switches do not allow static
management of the power limit. The power inline limit and power inline
management static commands are deprecated on these models.
Configuring the switch with power inline detection dot3bt implements a
strictly compliant IEEE 802.3bt classification.
Configuring the switch with power inline detection dot3bt+legacy
implements the IEEE 802.3bt classification with the following differences for
4-pairs matrix (60W) operation. This mode is a special Type 3 802.3bt
compliant classification up to 60W, with the exception that Class 4
single-signature PD will be treated as Class 6 to support Class 4 60W (4 class
events will be generated). The maximum logical power is 60W. A
legacy-detected PD will be treated as a single signature PD. The special Class
4 single-signature PD will not be power demoted, that is, if power is not
available the port will not power up. Classes 7 and 8 are power demoted to
Class 6 under an insufficient power condition. Other classes will be power
demoted when power is not available, based on IEEE 802.3bt behavior. For
example, Classes 5 and 6 will be demoted to Class 4 30W under an
insufficient power condition. Any classification error will not be powered up.
Class 0 PDs are treated as 802.3bt Class 3.
Switch Feature Overview 79
Page 80
PoE Port Capabilities and Power Limits
Table 2-1 identifies the PoE capabilities of each switch.
NOTE: These power limits are measured at the PSE (switch). Due to insertion losses, the
power received by the PD may be less than the requested power feed. For example, a
class 8 device requesting 90W power over a Cat5e/6 cable will receive between 72W and
95W depending on the insertion loss.
Table 2-1. Switch PoE Capabilities
Technology Maximum Power (at PSE)
PoE 802.3af 15.4W
PoE+ 802.3at 30W
PoE 60W four-pair 60W
802.3bt Type 3 60W
802.3bt Type 4 90W
80 Switch Feature Overview
Page 81
Table 2-2. Models and Ports/Technology
Model Ports/Technology
N1124P-ON 12xPoE or 6xPoE+
N1148P-ON 24xPoE or 12xPoE+
N1524P 24xPoE+
N1548P 48xPoE+
N2024P 12x30W PoE+ & 12x60W PoE 60W
N2048P 36x30W PoE+ & 12x60W PoE 60W
N2128PX-ON 24x30W PoE+ & 4x60W PoE 60W
N2224PX-ON 12x30W PoE+ & 12x60W PoE 60W
N2248PX-ON 24x30W PoE+ & 24x60W PoE 60W
N3024EP-ON 12x30W PoE+ & 12x60W PoE 60W
N3048EP-ON 36x30W PoE+ & 12x60W PoE 60W
N3132PX-ON 24x30W PoE & 8x60W PoE 60W
N3208PX-ON 8x90W PoE++
N3224P-ON 24x30W PoE+
N3248P-ON 48x30W PoE+
N3224PX-ON 24x90W PoE++
N3248PXE-ON 48x90W PoE++
Table 2-3. IEEE 802.3bt Class Power Limits and Margin
Class Limit Margin
0 15.4W +15%
1 4W +15%
2 7W +15%
3 15.4W +6%
4 30W +6%
5 45W +6%
6 60W +6%
Switch Feature Overview 81
Page 82
Table 2-3. IEEE 802.3bt Class Power Limits and Margin (Continued)
Class Limit Margin
7 75W +6%
8 90W +6%
Table 2-4. IEEE 802.3at Class Power Limits and Margin
Class Limit Margin
0 16.4W +5%
1 5W +5%
2 8W +5%
3 16.4W +5%
4 32W +5%
4-pair class 4 AT 64W +5%
For information about configuring PoE Plus features, see
System Settings" on page 463
.
"Managing General
Key PoE Plus Features
Table 2-5 describes some of the key PoE Plus features.
Table 2-5. PoE Plus Key Features
Feature Description
Global Usage
Threshold
Per-Port Power
Prioritization
Per-Port Power Limit Configurable power limit for each PoE-Plus port.
82 Switch Feature Overview
Provides the ability to specify a power limit as a percentage
of the maximum power available to PoE ports. Setting a
limit prevents the PoE switch from reaching an overload
condition.
Provides the ability to assign a priority to each PoE port.
When the power budget of the PoE switch has been
exhausted, the higher-priority ports are given preference
over the lower-priority ports. Lower priority ports are
automatically stopped from supplying power in order to
provide power to higher-priority ports.
Page 83
Table 2-5. PoE Plus Key Features (Continued)
Feature Description
Power Management
Modes
Power Detection Mode Sets the mode to 802.3at or 802.3at+legacy detection.
Supports three power-management modes:
• Static—Reserves a configurable amount of power for a PoE
port.
• Dynamic—Power is not reserved for the port at any point
of time. Power is supplied based upon the detected
powered device (PD) signature.
• Class-based—Reserves a classed-based amount of power
for a PoE port. The final power delivered is determined via
LLDP-MED negotiation, which allows for refinement of
the power limit.
Power Over Ethernet (PoE) Support
PoE switches implement the PoE specification (IEEE 802.3af) and support
configuration for power threshold, power priority, SNMP traps, and PoE
legacy device support. Power can be limited on a per-port basis.
PoE Plus Support
PoE Plus-capable switches implement the PoE Plus specification (IEEE
802.3at), in addition to the IEEE 802.3af specification. This allows power to
be supplied to Class 4 PD devices that require power greater than 15.4 Watts.
Each port is capable of delivering up to 30W of power. Real-time power
supply status is also available on the switch as part of the PoE Plus
implementation.
PoE 60W Support
PoE 60W allows power to be supplied to Class 4 powered devices that require
power up to 60 watts. PoE 60W power must be configured manually for
802.3AT switches.
Class D or better cabling is required for feeds in excess of 30 watts. Normally,
CAT 5E cabling does meet this requirement.
Switch Feature Overview 83
Page 84
PoE-capable switches that are connected to another PSE supplying power will
stop supplying power on the affected ports. PSE capability should be disabled
when connecting
Dell EMC
PoE enabled ports to other PSE equipment.
Powered Device Detection
The switch is capable, based upon configuration, of detecting legacy, AF, AT
or BT devices in two-pair or four-pair modes. BT/AT detection is initiated
first, followed by AF detection, and if configured, legacy detection. The
switch supplies limited power to the port during power up and prior to
performing detection. Only 802.3BT-capable switches are capable of BT
detection.
PoE Power Management Modes
PoE-capable switches can be configured to manage powered devices (PD)
using a dynamic, static, or class-based management. The power management
mode is configured using the power inline management command. Static
mode is not available on 802.3BT-capable switches.
Static Power Management
In this mode, the power reserved for the port is the configured limit regardless
of whether the port is powered or not. The device may draw up to the
configured limit. This mode is useful for devices that do not support
LLDP-MED.
Available Power = Power Limit of the Sources – Total Configured Power
The total configured power is calculated as the sum of the configured power
allocation for each port. Static mode reserves maximum power for the port,
for example, 30W for two-pair mode and 60W for four-pair mode, unless a
lower limit is configured by the administrator. Power is not reserved until a
PD is connected to the port. The powered device may draw up to the
configured limit. LLDP-MED packets requesting power are ignored in static
mode. Do not configure the powered device to use LLDP-MED to request
power in this mode.
Dynamic Power Management
In this mode, power is allocated based upon the detected PD class signature.
Available Power = Power Limit of the Sources – Total Allocated Power
84 Switch Feature Overview
Page 85
The total allocated power is calculated as the sum of the power consumed by
each port. Dynamic mode does not reserve power for the port (the port power
limit is 0). Dynamic power management ignores LLDP-MED packets sent by
the powered device. Do not configure the powered device to send LLDPMED
packets in this mode. The powered device may draw up to the detected class
limit plus 5%.
Class-Based Power Management
Class-based power management allocates power based on the class selected by
the detected powered device signature and LLDP-MED. The detection
method must be configured as dot3at+legacy (dot3bt+legacy) for pre-AF
signature devices to be detected.
Available Power = Power Limit of the Sources – Total Class Configured Power
The total class configured power is calculated as the sum of the class-based
power allocation for each port. Note that class-based power management
mode allocates the class limit for the port. The powered device may draw up
to the class maximum based upon the detected powered device signature.
The powered device need not draw all of the requested power. The
Consumed Power display from the show power inline command takes into
account the class reserved power. Configure the powered device to send
LLDP-MED packets in this mode. It may take up to 60 seconds to fully power
up a device in class-based management mode because LLDP-MED packets
need to be exchanged in order to configure the desired power.
Power is supplied to the device in class mode per Table 2-6.
Switch Feature Overview 85
Page 86
Table 2-6. Class-based Power Management
Class Usage AF/AT Device (Watts) BT Device (Watts) PD Type
0 Default 15.4 4 1 802.3af
1 Optional 4 4 1 802.3af
2 Optional 7 7 1 802.3af
3 Optional 15.4 15.4 1 802.3af
4 802.3at
or
802.3bt
5 802.3bt NA 45 3 802.3bt
6 802.3bt NA 60 3 802.3bt
7 802.3bt NA 90 4 802.3bt
8 802.3bt NA 90 4 802.3bt
30 30 2 802.3at
In four-pair mode, for classes 0-4, twice the power listed in Table 2-6 above is
delivered. Classes 5 and 6 may be two, three, or four-pair power. Classes 7 and
8 are four-pair power. For information about the available system power, see
the Hardware Overview chapter.
Power Management in Guard Band
All Dell EMC Networking PoE-capable switches support a dynamic guard
band, which means that the guard band used varies depending upon the
following factors:
• Power management mode
• Class of the device being powered up.
Prior to a device being powered up, the switch calculates the following:
threshold power – guard band – (current power consumption + computed
power draw of the new device)
If this value is less than zero (which means powering up the new PD device
will put the total power draw into the guard band or above the switch power
capacity), then the switch does not power up the new device. A device being
86 Switch Feature Overview
Page 87
powered up in class or dynamic mode is always supplied with 15.4 watts at
startup. Once the device class or power draw is determined, power to the
device may be reduced or increased.
The power management mode is configured using the power inline
management command. The guard band is calculated by the switch as shown
below. The user- defined threshold power limit can be found with the show
power inline detailed command, and is configured with the power inline
usage-threshold command. Threshold Power is reduced by the guard band
when powering up a port.
If the remaining available power (threshold power - guard band - current
power consumption) is less than the computed power draw of the new device,
the device is not powered up.
Ports may have a PoE priority assigned. If a device is plugged into a higher
priority port, lower priority ports will be de-powered to power the higher
priority port. Among ports with the same priority, lower numbered ports have
priority over higher numbered ports.
Regardless of the power management mode, the guard band is configured
according to the device class.
Dynamic or Static Power Management Mode Guard Band
In these modes, the guard band for the port being powered up is 32 watts.
Class-Based Power Management Mode Guard Band
In this mode, the dynamic guard band for the port being powered up is:
• For Class 0 device: 16.4 watts
• For Class 1 device: 5 watts
• For Class 2 device: 8 watts
• For Class 3 device: 16.4 watts
• For Class 4 device: 32 watts
• For Class 5 device: 47.5 watts
• For Class 6 device: 63 watts
• For Class 7 device: 95 watts
• For Class 8 device: 95 watts
Switch Feature Overview 87
Page 88
PoE Plus Default Settings
Table 2-7 shows the default PoE settings for the Dell EMC Networking PoEcapable switches.
Table 2-7. PoE Key Features
Feature Description
Global Usage Threshold 90%
Per-Port Admin Status Auto
Per-Port Power Prioritization Enabled (globally, per-port priority is Low
Per-Port Power Limit None
Power Management Mode Dynamic
Power Detection Mode 802.3at+legacy (802.3bt+legacy for capable
devices)
Power Pairs alternative-a
88 Switch Feature Overview
Page 89
Switching Features
Flow Control Support (IEEE 802.3x)
Flow control enables lower speed switches to communicate with higher speed
switches by requesting that the higher speed switch refrain from sending
packets for a limited period of time. Transmissions are temporarily halted to
prevent buffer overflows.
For information about configuring flow control, see "Port-Based Traffic
Control" on page 939.
Head of Line Blocking Prevention
Head of Line (HOL) blocking prevention prevents traffic delays and frame
loss caused by traffic competing for the same egress port resources. HOL
blocking queues packets, and the packets at the head of the queue are
forwarded before packets at the end of the queue.
Jumbo Frames Support
Jumbo frames enable transporting data in fewer frames to ensure less
overhead, lower processing time, and fewer interrupts.
For information about configuring the switch MTU, see "Port Characteristics"
on page 663.
Auto-MDI/MDIX Support
The switch supports auto-detection between crossed and straight-through
cables. Media-Dependent Interface (MDI) is the standard wiring for end
stations, and the standard wiring for hubs and switches is known as MediaDependent Interface with Crossover (MDIX). Auto-negotiation must be
enabled for the switch to detect the wiring configuration. NBASE-T ports
(2.5G and 5G) do not support auto-detection. Use the correct crossover or
straight-through cable on 2.5/5G NBASE-T interfaces.
VLAN-Aware MAC-based Switching
Packets arriving from an unknown source address are sent to the CPU and
added to the Hardware Table. Future packets addressed to or from this
address are more efficiently forwarded.
Switch Feature Overview 89
Page 90
Back Pressure Support
On half-duplex links, a receiver may prevent buffer overflows by jamming the
link so that it is unavailable for additional traffic. On full-duplex links, a
receiver may send a PAUSE frame indicating that the transmitter should
cease transmission of frames for a specified period.
NOTE: Dell EMC Networking N2000/N2100-ON/N3000E-ON/N3100-ON Series
switches do not support half-duplex operation.
When flow control is enabled, the Dell EMC Networking N-Series switches
will observe received PAUSE frames or jamming signals, but will not issue
them when congested.
Auto-negotiation
Auto-negotiation allows the switch to advertise modes of operation. The
auto-negotiation function provides the means to exchange information
between two switches that share a point-to-point link segment and to
automatically configure both switches to take maximum advantage of their
transmission capabilities.
Dell EMC Networking N-Series switches enhance auto-negotiation by
providing configuration of port advertisement. Port advertisement allows the
system administrator to configure the port speeds that are advertised.
For information about configuring auto-negotiation, see "Port
Characteristics" on page 663.
Storm Control
When Layer-2 frames are processed, broadcast, unknown unicast, and
multicast frames are flooded to all ports on the relevant virtual local area
network (VLAN). The flooding occupies bandwidth and loads all nodes
connected on all ports. Storm control limits the amount of broadcast,
unknown unicast, and multicast frames accepted and forwarded by the
switch.
For information about configuring Broadcast Storm Control settings, see
"Port-Based Traffic Control" on page 939.
90 Switch Feature Overview
Page 91
Port Mirroring
Port mirroring mirrors network traffic by forwarding copies of incoming and
outgoing packets from multiple source ports to a monitoring port. Source
ports may be VLANs, Ethernet interfaces, port-channels, or the CPU port.
The switch also supports flow-based mirroring, which allows copying certain
types of traffic to a single destination port using an ACL. This provides
flexibility—instead of mirroring all ingress or egress traffic on a port the
switch can mirror a subset of that traffic. The switch can be configured to
mirror flows based on certain kinds of Layer-2, Layer-3, and Layer-4
information.
Destination (probe) ports must be connected to a passive monitoring device.
Traffic sent from the probe into the switch probe port is dropped. Mirrored
traffic sent to the probe device will contain control plane traffic such as
spanning-tree, LLDP, DHCP, etc.
Dell EMC Networking N-Series switches support RSPAN destinations where
traffic can be tunneled across the operational network. Mirrored traffic is
flooded in the RSPAN VLAN from the source(s) to the destination(s) across
any intermediate switches. This allows the administrator flexibility in
connecting destination (probe) ports to the RSPAN. RSPAN does not support
configuration of the CPU port as a source.
For information about configuring port mirroring, see "Monitoring Switch
Traffic" on page 595.
Static and Dynamic MAC Address Tables
Static entries can be added to the switch’s MAC address table and the aging
time can be configured for entries in the dynamic MAC address table. Entries
can also be searched in the dynamic table based on several different criteria.
For information about viewing and managing the MAC address table, see
"MAC Addressing and Forwarding" on page 1151.
Link Layer Discovery Protocol (LLDP)
The IEEE 802.1AB defined standard, Link Layer Discovery Protocol (LLDP),
allows the switch to advertise major capabilities and physical descriptions.
This information can be used to help identify system topology and detect bad
configurations on the LAN.
Switch Feature Overview 91
Page 92
For information about configuring LLDP, settings see "Discovering Network
Devices" on page 913.
Link Layer Discovery Protocol (LLDP) for Media Endpoint Devices
The Link Layer Discovery Protocol for Media Endpoint Devices (LLDPMED) provides an extension to the LLDP standard for network configuration
and policy, device location, and Power over Ethernet.
For information about configuring LLDP-MED, settings see "Discovering
Network Devices" on page 913.
92 Switch Feature Overview
Page 93
Connectivity Fault Management (IEEE 802.1ag)
NOTE: This feature is available on the Dell EMC NetworkingN1500/N2200
Switches Series switches only.
The Connectivity Fault Management (CFM) feature, also known as Dot1ag,
supports Service Level Operations, Administration, and Management
(OAM). CFM is the OAM Protocol provision for end-to-end service layer
instance in carrier networks. The CFM feature provides mechanisms to help
perform connectivity checks, fault detection, fault verification and isolation,
and fault notification per service in a network domain.
For information about configuring IEEE 802.1ag settings, see "Connectivity
Fault Management" on page 1013.
Cisco Protocol Filtering
The Cisco Protocol Filtering feature (also known as Link Local Protocol
Filtering) filters Cisco protocols that should not normally be relayed by a
bridge. The group addresses of these Cisco protocols do not fall within the
IEEE defined range of the 802.1D MAC Bridge Filtered MAC Group
Addresses (01-80-C2-00-00-00 to 01-80-C2-00-00-0F).
For information about configuring LLPF, settings see "Port-Based Traffic
Control" on page 939.
DHCP Layer-2 Relay
This feature permits Layer-3 relay agent functionality in Layer-2 switched
networks. The switch supports Layer-2 DHCP relay configuration on
individual ports, link aggregation groups (LAGs) and VLANs.
For information about configuring Layer-2 DHCP relay settings see "Layer-2
and Layer-3 Relay Features" on page 1225.
Switch Feature Overview 93
Page 94
Virtual Local Area Network Supported Features
For information about configuring VLAN features see "VLANs" on page 777.
VLAN Support
VLANs are collections of switching ports that comprise a single broadcast
domain. Incoming packets are classified as belonging to a VLAN based on
either the VLAN tag or a combination of the ingress port and packet contents.
Transmitted packets are forwarded tagged or untagged based upon the
configuration of the egress port. The Dell EMC Networking N-Series
switches are in full compliance with IEEE 802.1Q VLAN tagging.
Port-Based VLANs
Port-based VLANs classify incoming packets to VLANs based on their ingress
port configuration and the VLAN tag, if present. When a port uses 802.1X
port authentication, packets can be assigned to a VLAN based on the result of
the 802.1X authentication a client uses when it accesses the switch. This
feature is useful for assigning traffic to Guest VLANs or Voice VLANs.
IP Subnet-based VLAN
This feature allows incoming untagged packets to be assigned to a VLAN and
traffic class based on the source IP address of the packet.
MAC-based VLAN
This feature allows incoming untagged packets to be assigned to a VLAN and
traffic class based on the source MAC address of the packet.
IEEE 802.1v Protocol-Based VLANs
VLAN classification rules are defined on data-link layer (Layer-2) protocol
identification. Protocol-based VLANs are used for isolating Layer-2 traffic.
94 Switch Feature Overview
Page 95
Voice VLAN
The Voice VLAN feature enables switch ports to carry voice traffic with a
configured QoS and to optionally authenticate phones on the network. This
allows preferential treatment of voice traffic over data traffic transiting the
switch. Voice VLAN is the preferred solution for enterprises wishing to deploy
VoIP services in their network.
GARP and GVRP Support
The switch supports the Generic Attribute Registration Protocol (GARP).
GARP VLAN Registration Protocol (GVRP) relies on the services provided by
GARP to provide IEEE 802.1Q-compliant VLAN pruning and dynamic
VLAN creation on 802.1Q trunk ports. When GVRP is enabled, the switch
registers and propagates VLAN membership on all ports that are part of the
active spanning tree protocol topology.
For information about configuring GARP timers see "Layer-2 Multicast
Features" on page 957.
Guest VLAN
The Guest VLAN feature allows the administrator to provide service to
unauthenticated users, i.e., users that are unable to support 802.1X
authentication.
For information about configuring the Guest VLAN see "Guest VLAN" on
page 359.
Unauthorized VLAN
The Unauthorized VLAN feature allows the administrator to configure a
VLAN for 802.1X-aware hosts that attempt authentication and fail.
Double VLANs
NOTE: DVLAN is not available on the N3000E-ON running the AGREGATION
ROUTER image.
Switch Feature Overview 95
Page 96
The Double VLAN feature (IEEE 802.1QinQ) allows the use of a second tag
on network traffic. The additional tag helps differentiate between customers
in the Metropolitan Area Networks (MAN) while preserving individual
customer’s VLAN identification when they enter their own 802.1Q domain.
96 Switch Feature Overview
Page 97
Spanning Tree Protocol Features
For information about configuring Spanning Tree Protocol features, see
"Spanning Tree Protocol" on page 861.
Spanning Tree Protocol (STP)
Spanning Tree Protocol (IEEE 802.1D) is a standard requirement of Layer-2
switches that allows bridges to automatically prevent and resolve Layer-2
forwarding loops.
Spanning Tree Port Settings
The STP feature supports a variety of per-port settings including path cost,
priority settings, Port Fast mode, STP Root Guard, Loop Guard, TCN Guard,
and Auto Edge. These settings are also configurable per-LAG.
Rapid Spanning Tree
Rapid Spanning Tree Protocol (RSTP) detects and uses network topologies to
enable faster spanning tree convergence after a topology change, without
creating forwarding loops. The port settings supported by STP are also
supported by RSTP.
Multiple Spanning Tree
Multiple Spanning Tree (MSTP) operation maps VLANs to spanning tree
instances. Packets assigned to various VLANs are transmitted along different
paths within MSTP Regions (MST Regions). Regions are one or more
interconnected MSTP bridges with identical MSTP settings. The MSTP
standard lets administrators assign VLAN traffic to unique paths.
The switch supports IEEE 802.1Q-2005, which corrects problems associated
with the previous version, provides for faster transition-to-forwarding, and
incorporates new features for a port (restricted role and restricted TCN).
Switch Feature Overview 97
Page 98
Bridge Protocol Data Unit (BPDU) Guard
Spanning Tree BPDU Guard is used to disable the port in case a new device
tries to enter the already existing topology of STP. Thus devices, which were
originally not a part of STP, are not allowed to influence the STP topology.
BPDU Filtering
When spanning tree is disabled on a port, the BPDU Filtering feature allows
BPDU packets received on that port to be dropped. Additionally, the BPDU
Filtering feature prevents a port in Port Fast mode from sending and receiving
BPDUs. A port in Port Fast mode is automatically placed in the forwarding
state when the link is up to increase convergence time.
RSTP-PV and STP-PV
Dell EMC Networking N-Series switches support both Rapid Spanning Tree
Per VLAN (RSTP-PV) and Spanning Tree Per VLAN (STP-PV). RSTP-PV is
the IEEE 802.1w (RSTP) standard implemented per VLAN. A single instance
of rapid spanning tree (RSTP) runs on each configured VLAN. Each RSTP
instance on a VLAN has a root switch. STP-PV is the IEEE 802.1s (STP)
standard implemented per VLAN.
98 Switch Feature Overview
Page 99
Link Aggregation Features
For information about configuring link aggregation (port-channel) features,
see "Link Aggregation" on page 1079.
Link Aggregation
Up to eight ports can combine to form a single Link Aggregation Group
(LAG). This enables fault tolerance protection from physical link disruption,
higher bandwidth connections and improved bandwidth granularity. LAGs
are formed from similarly configured physical links; i.e., the speed, duplex,
auto-negotiation, PFC configuration, DCBX configuration, etc., must be
compatible on all member links.
Per IEEE 802.1AX, only links with the identical operational characteristics,
such as speed and duplex setting, may be aggregated. Dell EMC Networking
N-Series switches aggregate links only if they have the same operational speed
and duplex setting, as opposed to the configured speed and duplex setting.
This allows operators to aggregate links that use auto-negotiation to set values
for speed and duplex or to aggregate ports with SFP+ technology operating at
a lower speed, e.g., 1G. Dissimilar ports will not become active in the LAG if
their operational settings do not match those of the first member of the LAG.
In practice, some ports in a LAG may auto-negotiate a different operational
speed than other ports depending on the far-end settings and any link
impairments. Per the above, these ports will not become active members of
the LAG. On a reboot or on flapping the LAG links, a lower-speed port may
be the first port selected to be aggregated into the LAG. In this case, the
higher-speed ports are not aggregated. Use the lacp port-priority command to
select one or more primary links to lead the formation of the aggregation
group.
While it is a requirement of a port-channel that the link members operate at
the same duplex and speed settings, administrators should be aware that
copper ports have larger latencies than fiber ports. If fiber and copper ports
are aggregated together, packets sent over the fiber ports would arrive
significantly sooner at the destination than packets sent over the copper
ports. This can cause significant issues in the receiving host (e.g., a TCP
receiver) as it would be required to buffer a potentially large number of out-
Switch Feature Overview 99
Page 100
of-order frames. Devices unable to buffer the requisite number of frames will
show excessive frame discard. Configuring copper and fiber ports together in
an aggregation group is not recommended.
Logically, port channels are distinct from the member ports. This means that
configuration of the port channel affects the operational characteristics of the
member ports, not the configured characteristics. For example, shutting
down a port channel will operationally disable the port channel members
without altering the member port configuration.
Link Aggregate Control Protocol (LACP)
Link Aggregate Control Protocol (LACP) uses peer exchanges across links to
determine, on an ongoing basis, the aggregation capability of various links,
and continuously provides the maximum level of aggregation capability
achievable between a given pair of systems. LACP automatically determines,
configures, binds, and monitors the binding of ports to aggregators within the
system.
Multi-Switch LAG (MLAG)
Dell EMC Networking N-Series switches support the MLAG feature to
extend the LAG bandwidth advantage across multiple Dell EMC Networking
N-Series switches connected to a LAG partner device. The LAG partner
device is unaware that it is connected to two peer Dell EMC Networking
N-Series switches; instead, the two switches appear as a single switch to the
partner. When using MLAG, all links can carry data traffic across a physically
diverse topology and, in the case of a link or switch failure, traffic can
continue to flow with minimal disruption.
100 Switch Feature Overview
Loading...