How it Works
Dell
Loading...
Force10 S2410-01-10GE-24P
Quick Reference Guide
306 pgs2.36 Mb0
Installation Manual
42 pgs2.15 Mb0
Quick Start Manual
30 pgs653.51 Kb0
Owner's Manual
6 pgs491.83 Kb0
Quick Reference Guide
514 pgs2.59 Mb0
Table of contents
Loading...

Dell Force10 S2410-01-10GE-24P Quick Reference Guide

SFTOS Configuration Guide
Notes, Cautions, and Warnings
NOTE: A NOTE indicates important information that helps you make better use of your computer.
CAUTION: A CAUTION indicates potential damage to hardware or loss of data if instruction are not followed. WARNING: A WARNING indicates a potential for property damage, personal injury, or death.
Information in this publication is subject to change without notice. © 2010 Dell Force10. All rights reserved.
Reproduction of these materials in any manner whatsoever without the written permission of Dell Inc. is strictly forbidden. Trademarks used in this text: Dell™, the DELL logo, Dell Precision™, OptiPlex™, Latitude™, PowerEdge™, PowerVault™,
PowerConnect™, OpenManage™, EqualLogic™, KACE™, FlexAddress™ and Vostro™ are trademarks of Dell Inc. Intel Core™ and Celeron Opteron™, AMD Phenom™, and AMD Sempron™ are trademarks of Advanced Micro Devices, Inc. Microsoft
®
Server
, MS-DOS® and Windows Vista® are either trademarks or registered trademarks of Microsoft Corporation in the United States and/or other countries. Red Hat Enterprise Linux countries. Novell registered trademark of Oracle Corporation and/or its affiliates. Citrix or trademarks of Citrix Systems, Inc. in the United States and/or other countries. VMware
®
are registered trademarks of Intel Corporation in the U.S. and other countries. AMD® is a registered trademark and AMD
®
®
is a registered trademark and SUSE ™ is a trademark of Novell Inc. in the United States and other countries. Oracle® is a
and Enterprise Linux® are registered trademarks of Red Hat, Inc. in the United States and/or other
®
, Xen®, XenServer® and XenMotion® are either registered trademarks
®
, Virtual SMP®, vMotion®, vCenter®, and vSphere®
®
, Pentium®, Xeon®,
®
, Windows®, Windows
are registered trademarks or trademarks of VMWare, Inc. in the United States or other countries. Other trademarks and trade names may be used in this publication to refer to either the entities claiming the marks and names or their products.
Dell Inc. disclaims any proprietary interest in trademarks and trade names other than its own.
November 2011 P/N —

New Features

SFTOS 2.5.3 improves SFTOS internals only, with no new features.
SFTOS 2.5.2 adds:
A substantial support interface that is not accessible through the standard CLI modes and is not publicly documented
Support for new S-Series platforms, including the S50N, S50N-DC, and S25P-DC

Other Changes to the Document

Changes in this edition include:
The major change in this edition is that the example configuration sequence for VLAN Stacking is corrected. See Configuring a VLAN Tunnel (DVLAN or VLAN-Stack) on page 229.
Changes to this book in the previous edition included:
The SFTOS Web User Interface (Web UI) chapter is removed, because changes to SFTOS 2.5.2.1 were not promulgated to the Web UI, which made some parts of the Web UI unreliable or non-functional.
The ACL chapter now states that both MAC and IP ACLs can be applied to the same interface.
Both the VLAN and LAG chapters state more explicitly that the Default VLAN, VLAN 1, cannot be changed, and will not allow a LAG or tagged port as a member of it.
New Features | 3
www.dell.com | support.dell.com
4 | New Features
Table of Contents
New Features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
Other Changes to the Document . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .3
1 About this Guide . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
Objectives . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .15
Audience . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .16
Introduction to the Guide . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .16
Conventions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .16
Related Dell Force10 Documents and Additional Information . . . . . . . . . . . . . . . . . . . . .16
Contact Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .17
Documentation Feedback . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .17
Technical Support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .17
The iSupport Website . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .17
Accessing iSupport Services. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .18
Contacting the Technical Assistance Center. . . . . . . . . . . . . . . . . . . . . . . . . . . .18
2 SFTOS Features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .19
Overview of SFTOS Features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .19
Layer 2 Package Feature Details . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .20
Basic Routing and Switching Support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .20
QoS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .21
VLAN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .21
Multicast Protocols . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .21
Security and Packet Control Features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .21
Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .21
Stacking . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .22
Layer 3 Package Feature Details . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .22
Extended Routing and Switching Support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .22
Routing Protocol Support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .22
Multicast Protocols . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .23
Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .23
Load Balancing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .24
Notable Differences between S-Series and E-Series . . . . . . . . . . . . . . . . . . . . . . . . . . .24
Port Naming Convention . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .26
3 Getting Started . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27
Setting up a Management Connection to the Switch . . . . . . . . . . . . . . . . . . . . . . . . . . . .28
Connecting to the Console Port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .29
Command Line Interface (CLI) Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .31
CLI Command Modes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .31
Getting Help From the CLI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .32
Controlling Pagination . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .32
Table of Contents | 5
Checking Status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .32
Viewing the Software Version and Switch Numbers . . . . . . . . . . . . . . . . . . . . . . . . .32
Verifying Details about the Switch . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .32
Showing Network Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .34
Displaying Supported Features and System Up-time . . . . . . . . . . . . . . . . . . . . . . . .34
Displaying Statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .36
User Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .36
Creating a User and Password . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .36
Showing and Removing Created Users . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .37
Setting SNMP Read/Write Access . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .37
Setting the Enable Password . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .38
www.dell.com | support.dell.com
Enabling Interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .38
Enabling Ports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .38
Setting the Management IP Address . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .39
Enabling Telnet to the Switch . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .39
Configuring an Interface with an IP Address . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .40
Using the Show IP Interface Command . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .40
Setting up SNMP Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .41
Creating VLANS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .41
Important Points to Remember — VLANs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .41
Setting Up the Management VLAN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .42
Creating a VLAN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .42
Enabling Spanning Tree Protocol . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .42
Managing Configuration and Software Files . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .43
Important Points to Remember — Files . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .44
Downloading and Uploading Files . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .44
Points to Remember when Transferring Files . . . . . . . . . . . . . . . . . . . . . . . . . . .45
Downloading a Software Image . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .45
Using Xmodem to Download Software . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .46
Using TFTP to Download Software . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .47
Saving the Running Configuration. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .49
Installing System Software . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .50
Managing SFTOS Software with SFTOS Version 2.5.1 . . . . . . . . . . . . . . . . . . .50
Managing the Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .56
Clearing the Running Configuration. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .57
Saving the Startup Configuration to the Network. . . . . . . . . . . . . . . . . . . . . . . . .57
Configuring from the Network . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .58
Restoring the System to the Factory Default Configuration. . . . . . . . . . . . . . . . .58
Resetting the Pre-configured System . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .59
Using Configuration Scripts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .60
Creating a Configuration Script . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .60
Viewing a Configuration Script File . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .60
Uploading a Configuration Script to a TFTP Server . . . . . . . . . . . . . . . . . . . . . .61
6 | Table of Contents
Deleting a Script . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .61
Downloading a Configuration Script from a TFTP Server . . . . . . . . . . . . . . . . . .62
Troubleshooting a Downloaded Script. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .62
Applying a Configuration Script . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .63
Listing Configuration Scripts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .64
Displaying Logs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .65
4 Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 67
Creating the Management IP Address . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .67
Changing the Management VLAN from the Default . . . . . . . . . . . . . . . . . . . . . . . . . . . .68
Verifying Access to a Management Port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .69
Verifying Management Port Connectivity . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .69
Setting Stack Management Preferences . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .69
Setting the Host Name Prompt . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .70
Restoring the Configuration to Factory Defaults . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .70
Setting up SNMP Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .71
Managing SNMP Traps . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .73
router BGP config mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .74
Link Layer Discovery Protocol (LLDP) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .75
Setting up Remote Network Monitoring (RMON) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .75
Important Points to Remember . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .76
RMON Command Set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .76
Configuring RMON Alarms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .76
Example of configuring an RMON alarm. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .78
Setting the System Date and Time . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .78
Setting the System Date and Time Manually . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .78
SNTP Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .79
CLI Examples of SNTP Setup . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .80
Example #1: Configuring SNTP client mode . . . . . . . . . . . . . . . . . . . . . . . . . . . .80
Example #2: Configuring SNTP client port . . . . . . . . . . . . . . . . . . . . . . . . . . . . .80
Example #3: Configuring SNTP server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .80
Example #4: show sntp client . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .80
Example #5: show sntp server. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .81
Gathering Details about the Switch . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .81
5 Stacking S-Series Switches. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 83
S-Series Stackability Features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .83
Important Points to Remember . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .83
Stacking Commands Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .85
Management Unit Selection Algorithm . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .85
Unit Number Assignment . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .86
Stack Management and Functionality . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .86
Adding a Switch to a Stack . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .89
Table of Contents | 7
Best Practices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .89
Removing a Switch from a Stack . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .90
Setting Management Unit Preferences . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .91
Inspecting Management Preferences . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .93
Hardware Management Preference. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .93
Administrative Management Preference . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .94
Unsetting Management Preference. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .94
Management Preference and MAC Address. . . . . . . . . . . . . . . . . . . . . . . . . . . .94
Upgrading Software in a Stack . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .94
Copying SFTOS Software to a Member Switch . . . . . . . . . . . . . . . . . . . . . . . . . . . .95
Configuration example: Upgrading software on a new member switch. . . . . . . .95
www.dell.com | support.dell.com
Using show Commands for Stacking Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .98
6 System Logs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 101
Logging Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .101
Configuring the System Log . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .102
Displaying the System Log . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .103
Interpreting system log messages. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .104
Using the Persistent Event Log . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .105
Displaying the SNMP Trap Log . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .106
Configuring Syslog Server Host Connections . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .107
Configure a syslog server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .108
7 Configuring Interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 111
Interface Support in SFTOS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .111
Viewing Interface Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .112
Viewing Layer 3 Interface Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .117
Configuring Physical Interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .117
Enabling an Interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .120
Configuring Speed and Duplex Mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .120
Configuring Layer 3 Mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .122
Clearing Interface Counters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .122
Enabling Power over Ethernet Ports (PoE) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .123
Bulk Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .126
Using Interface Range Mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .126
Bulk Configuration Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .127
Configure a single range . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .127
Configure multiple ranges . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .127
8 DHCP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 129
DHCP Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .129
Protocol Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .129
8 | Table of Contents
Configuring the Switch as a DHCP Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .130
Important Points to Remember . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .130
Configuration Task List . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .130
Configuring a DHCP address pool (required) . . . . . . . . . . . . . . . . . . . . . . . . . .131
Excluding IP addresses (optional). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .131
Enabling the SFTOS DHCP Server feature (required) . . . . . . . . . . . . . . . . . . .131
Verifying the DHCP Server Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .131
Using the Switch as a BootP/DHCP Relay Agent . . . . . . . . . . . . . . . . . . . . . . . . . . . . .132
DHCP Relay Agent Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .132
Configuring the Switch as a DHCP Relay Agent . . . . . . . . . . . . . . . . . . . . . . . . . . .133
Verifying the DHCP Relay Agent Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . .133
Configuration Example — DHCP Server and Relay Agent . . . . . . . . . . . . . . . . . . . . . .133
9 Providing User Access Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 135
Choosing a TACACS+ Server and Authentication Method . . . . . . . . . . . . . . . . . . . . . .135
Configuring TACACS+ Server Connection Options . . . . . . . . . . . . . . . . . . . . . . . . . . .137
Configuring a RADIUS Connection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .138
Using the CLI to Configure Access through RADIUS . . . . . . . . . . . . . . . . . . . . . . .138
Enabling Secure Management with SSH . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .140
Enabling SSH . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .142
10 Spanning Tree. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 145
SFTOS STP Switching Features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .145
Forwarding, Aging, and Learning . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .145
Spanning Tree Protocol (STP, IEEE 802.1D) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .146
Basic STP (802.1D) CLI Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .146
Basic STP CLI Port Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .147
Rapid Spanning Tree Protocol (RSTP, IEEE 802.1w) . . . . . . . . . . . . . . . . . . . . . . . . . .147
RSTP Implementation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .147
Port Roles . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .147
Port States. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .148
Port Costs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .148
BPDU Format . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .148
Convergence with RSTP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .148
Multiple Spanning-Tree Protocol (MSTP, IEEE 802.1s) . . . . . . . . . . . . . . . . . . . . . . . .148
Important Points to Remember . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .149
MST Regions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .149
MST Interactions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .149
MSTP Standards . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .149
MSTP CLI Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .150
Spanning Tree Configuration Tasks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .150
Setting the STP Version Parameter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .151
Enabling STP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .152
Table of Contents | 9
Example of configuring STP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .152
Influencing the Spanning Tree Topology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .153
Example of influencing the spanning tree configuration . . . . . . . . . . . . . . . . . .154
Changing Spanning Tree Global Parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . .155
Enabling an Edge Port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .156
MSTP Configuration Example . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .156
Display Spanning Tree Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .157
Displaying STP, MSTP, and RSTP Operation . . . . . . . . . . . . . . . . . . . . . . . . . . . .163
11 Link Aggregation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 165
Link Aggregation—IEEE 802.3 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .165
www.dell.com | support.dell.com
LAG Load Distribution . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .166
LAG Implementation Restrictions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .167
Link Aggregation—MIB Support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .167
Static LAG Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .167
Link Aggregation Group (LAG) Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .168
Privileged Exec and User Exec mode commands. . . . . . . . . . . . . . . . . . . . . . .168
Global Config mode commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .168
Interface Port Channel Config mode commands. . . . . . . . . . . . . . . . . . . . . . . .168
Interface Config mode commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .170
Static LAG CLI Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .170
Configuring a LAG . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .170
LAG Configuration Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .171
Basic LAG configuration example . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .172
Adding a LAG to a VLAN. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .173
Using the Interface Range mode. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .174
Link Aggregation Control Protocol (LACP) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .174
LACP Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .175
LACP configuration example. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .175
Displaying LAGs (Port Channels) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .176
12 Quality of Service . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 177
Using Differentiated Services (DiffServ) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .177
Deploying DiffServ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .180
Creating Class-maps/DiffServ Classes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .180
Creating a Policy-Map . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .182
Applying Policies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .183
Enabling Differentiated Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .184
Monitoring DiffServ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .184
Using the show class-map Command . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .184
Using the show diffserv Command . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .186
10 | Table of Contents
show class-map. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .185
Using the “show policy-map” Command . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .187
Using the show service-policy Command . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .190
Configuring Differentiated Services by Department . . . . . . . . . . . . . . . . . . . . . . . . . . .191
Configuring Differentiated Services for Voice over IP . . . . . . . . . . . . . . . . . . . . . . . . . .194
13 Access Control . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 197
SFTOS Support for Access Control Lists . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .197
Common ACL Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .198
MAC ACL Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .198
IP ACL Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .200
Standard IP ACLs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .200
Extended IP ACLs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .200
Protecting the Management Interface with a Loopback ACL . . . . . . . . . . . . . . . . .201
Access Control List Configuration Example . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .202
Applying an IP ACL to the Loopback Interface . . . . . . . . . . . . . . . . . . . . . . . . . . . .203
Restrictions on the usage of loopback interface ACL . . . . . . . . . . . . . . . . . . . .204
Example of loopback interface configuration sequence . . . . . . . . . . . . . . . . . .204
Enabling Broadcast Storm Control . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .205
14 VLANs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 207
Introduction to VLAN Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .207
Important Points to Remember . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .208
Implementing VLANs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .209
Forwarding Rules. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .209
Egress Rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .209
Exempt Frames . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .209
VLAN Mode Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .210
Configuration Task List for VLANs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .211
Creating a VLAN and Adding Ports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .211
Example of creating a VLAN and assigning interfaces . . . . . . . . . . . . . . . . . . .212
Assign an interface to multiple VLANs. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .213
Clearing/Resetting a VLAN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .214
Adding a LAG to a VLAN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .215
Example of adding a LAG to a VLAN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .216
Creating a Routed VLAN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .217
Example of creating a routed VLAN on one switch . . . . . . . . . . . . . . . . . . . . . .217
GARP and GVRP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .218
GARP VLAN Registration Protocol (GVRP) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .219
GARP Timers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .219
GARP Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .220
Using GVRP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .220
Enabling Dynamic VLANs with GVRP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .220
Example of Creating a Dynamic VLAN through GVRP . . . . . . . . . . . . . . . . . . .221
Table of Contents | 11
Displaying GARP, GVRP, GMRP Properties . . . . . . . . . . . . . . . . . . . . . . . . . . . . .222
show garp and show gvrp configuration all commands. . . . . . . . . . . . . . . . . . .222
Creating an IP Subnet-based VLAN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .223
Configuring a Private Edge VLAN (PVLAN) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .223
Configuring a Native VLAN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .224
Example of configuring a native VLAN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .227
Configuring a VLAN Tunnel (DVLAN or VLAN-Stack) . . . . . . . . . . . . . . . . . . . . . . . . .229
DVLAN Tagging Considerations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .229
DVLAN Configuration Sequence . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .229
DVLAN configuration example. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .231
Displaying VLAN Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .233
www.dell.com | support.dell.com
15 IGMP Snooping. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 237
Enabling IGMP Snooping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .237
Monitoring IGMP Snooping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .238
16 Port Mirroring. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 241
Port Mirroring Features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .241
Port Mirroring Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .242
Port Mirroring Configuration Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .242
Preparing to Configure Port Mirroring . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .242
Configuring the mirrored port and destination port . . . . . . . . . . . . . . . . . . . . . .243
Starting a mirroring session. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .243
Stopping the mirroring session and removing probe and mirrored ports. . . . . .244
Verifying Port Mirroring . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .244
Verifying port mirroring session status. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .244
Using other commands that show port mirroring status . . . . . . . . . . . . . . . . . .245
17 Layer 3 Routing. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 247
Enabling Routing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .248
Port Routing Configuration Example . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .250
IGMP Proxy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .251
IGMP Proxy Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .252
RIP Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .255
RIP Configuration Example . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .256
OSPF Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .257
OSPF Configuration Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .257
VLAN Routing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .262
12 | Table of Contents
IGMP Proxy configuration example. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .252
Verifying the configuration. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .254
Configuring OSPF on an S-Series operating as an inter-area router . . . . . . . .257
Configuring OSPF on an S-Series operating as a border router. . . . . . . . . . . .260
VLAN IP Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .262
VLAN Routing Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .263
Example of creating a routed VLAN between switches. . . . . . . . . . . . . . . . . . .263
VLAN Routing OSPF Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .264
VLAN Routing RIP Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .267
Link Aggregation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .269
Link Aggregation Layer 3 Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .269
Virtual Router Redundancy Protocol . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .271
Configuring VRRP: Master Router (Router 1) . . . . . . . . . . . . . . . . . . . . . . . . . . . . .272
Configuring VRRP: Backup Router (Router 2) . . . . . . . . . . . . . . . . . . . . . . . . . . . .273
18 Troubleshooting. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 275
Recovering from Flash File System Corruption . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .275
Recovering from a Software Upgrade Failure . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .276
Recovering from a Lost Password . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .277
Recovering from Switch Stack Problems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .277
Preventing Auto-negotiation Mismatches . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .278
Monitoring SFPs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .280
Monitoring 10 GE Interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .281
Monitoring CPU and Memory Utilization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .281
Software Forwarding . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .281
Troubleshooting No Output on the Console . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .282
A RFCs, MIBs, and Traps. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 285
IEEE Compliance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .285
RFC Compliance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .286
General Switching Protocols . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .286
IP Multicast (in Layer 3 Package only) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .286
Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .287
OSPF (in Layer 3 Package only). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .287
QoS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .288
RIP (in Layer 3 Package only). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .288
RMON . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .288
Routing (in Layer 3 Package only). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .288
Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .289
SNMP-related RFCs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .289
MIBs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .290
Industry MIBs Supported by SFTOS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .290
Force 10 MIBs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .291
SNMP Traps . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .293
Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 295
Table of Contents | 13
www.dell.com | support.dell.com
14 | Table of Contents

About this Guide

This chapter covers the following topics:
Objectives on page 15
Audience on page 16
Introduction to the Guide on page 16
Conventions on page 16
Related Dell Force10 Documents and Additional Information on page 16
Contact Information on page 17
Documentation Feedback on page 17
The iSupport Website on page 17
Objectives
Audience
Conventions
Related Dell Force10 Documents and Additional Information
1

Objectives

This document provides configuration instructions and examples for the following S-Series switches:
S50
S50V
S50N, S50N-DC
S25P, S25P-DC
It includes information on the protocols and features found in SFTOS protocols is included to describe the capabilities of SFTOS.
For more complete information on protocols, refer to other documentation and IETF RFCs.
Note: For S2410 documentation, see the S2410 Documentation CD-ROM.
. Background on networking
About this Guide | 15

Audience

This document is intended for system administrators who are responsible for configuring or maintaining networks. This guide assumes you are knowledgeable in Layer 2 and Layer 3 networking technologies.

Introduction to the Guide

This guide provides examples of the use of E-Series switches in a typical network. It describes the use and advantages of specific functions provided by the E-Series, and includes instructions on how to configure those functions using the Command Line Interface (CLI).
www.dell.com | support.dell.com
Some E-Series switches operate purely as a Layer 2 switch, some also as a Layer 3 router or a combination switch/router. The switch also includes support for network management and Quality of Service functions such as Access Control Lists and Differentiated Services. Which functions you choose to activate will depend on the size and complexity of your network; this document provides detailed information on some of the most-used functions. For details on SFTOS features, see SFTOS Features on page 19.
Note: Note that, while BGP and bandwidth allocation are not supported in this release, they may appear in the command output examples in this document.

Conventions

This document uses the following conventions to describe command syntax:
Convention Description
keyword Keywords are in bold and should be entered in the CLI as listed.
parameter
{X} Keywords and parameters within braces must be entered in the CLI. [X] Keywords and parameters within brackets are optional. x | y Keywords and parameters separated by bar require you to choose one.
Parameters are in italics and require a variable—sometimes a number, sometimes a word, sometimes either—to be entered in the CLI. Shown between less-than and greater-than signs in the CLI help: <parameter>

Related Dell Force10 Documents and Additional Information

The following documents provide information on using Dell Force10 S-Series switches and SFTOS software. All of the documents are available on the Documents tab of iSupport (the Dell Force10 support website — http://www.force10networks.com/support:
SFTOS Command Reference
16 | About this Guide
SFTOS Configuration Guide
SFTOS and S-Series Release Notes
S50 Quick Reference (also included as a printed booklet with the system)
Hardware installation guides
MIBs files
S-Series Tech Tips and FAQ
Except for the Tech Tips and FAQ documents, all of the documents listed above are also on the S-Series CD-ROM. Training slides are also on the S-Series CD-ROM. Currently, access to user documentation on iSupport (see The iSupport Website on page 17) is available without a customer account. However, in the future, if you need to request an account for access, you can do so through that website.

Contact Information

For technical support, see The iSupport Website on page 17. For other questions, contact Dell Force10 using the following address:
Dell Force10, Inc. 350 Holger Way San Jose, CA 95134 USA

Documentation Feedback

If appropriate, please include the following information with your comments:
Document name
Document part number
Page number
Software release version

Technical Support

The iSupport Website

Dell Force10 iSupport provides a range of support programs to assist you with effectively using Dell Force10 equipment and mitigating the impact of network outages. Through iSupport you can obtain technical information regarding Dell Force10 products, access to software upgrades and patches, and open and manage your Technical Assistance Center (TAC) cases. Dell Force10 iSupport provides integrated, secure access to these services.
About this Guide | 17
Accessing iSupport Services
The URL for iSupport is www.force10networks.com/support/. To access iSupport services you must have a userid and password. If you do not have one, you can request one at the website:
1. On the Dell Force10 iSupport page, click the Account Request link.
2. Fill out the User Account Request form and click Send. You will receive your userid and password by
email.
3. To access iSupport services, click the Log in link, and enter your userid and password.
Contacting the Technical Assistance Center
www.dell.com | support.dell.com
How to Contact Dell Force10 TAC
Information to Submit When Opening a Support Case
Managing Your Case Log in to iSupport, and select the Service Request tab to view all open cases and RMAs. Downloading Software
Updates Technical Documentation Log in to iSupport, and select the Documents tab. This page can be accessed without
Contact Information E-mail: support@force10networks.com
Log in to iSupport at www.force10networks.com/support/, and select the Service Request tab.
Your name, company name, phone number, and email address
Preferred method of contact
Model number
Software version number
Symptom description
Screen shots illustrating the symptom, including any error messages
Serial number, if requesting an RMA
Log in to iSupport, and select the Software Center tab.
logging in via the Documentation link on the iSupport page.
Web: www.force10networks.com/support/ Telephone: US and Canada: 866.965.5800 International: 408.965.5800
For more on using the iSupport website and accessing services, see the Dell Force10 Service and Support
Guide.
18 | About this Guide

SFTOS Features

This chapter contains these major sections:
Overview of SFTOS Features on page 19
Layer 2 Package Feature Details on page 20
Layer 3 Package Feature Details on page 22
Notable Differences between S-Series and E-Series on page 24
Port Naming Convention on page 26
The SFTOS software is available in two packages—the “Layer 2 Package” (“Switching”) and the “Layer 3 Package” (“Routing”). The Layer 2 Package consists of the core software that comes installed on every S-Series switch (with the exception of the Stacking module, which is not included on the S2410), while the Layer 3 Package includes both the core software and software that supports Layer 3 of the OSI 7-Layer Model. The Layer 3 Package is only available for some S-Series models.
2

Overview of SFTOS Features

The functions supported by SFTOS software include:
Access control lists, used to control access to specified resources (see
(DiffServ) on page 177)
Differentiated Services, which you can use to define traffic classes and how they will be treated, including traffic acceptance, transmission and bandwidth guarantees. See
Services (DiffServ) on page 177.
Layer 2 Switching:
Bridging support (the default) for IEEE 802.1D — Spanning Tree plus IEEE 802.1w — Rapid
Reconfiguration and IEEE 802.1s — Multiple Spanning Tree (see
Virtual LAN (VLAN) operation conforming to IEEE 802.1Q, including Generic Attribute
Registration Protocol (GARP), GARP Multicast Registration Protocol (GMRP) and GARP VLAN Registration Protocol (GVRP) (see VLANs on page 207
Support for extensions to the Ethernet protocol:
— VLAN tagging, required for VLAN support (formerly IEEE 802.3ac, now included in
IEEE 802.3-2002)
— Link Aggregation, which you may choose to implement to improve bandwidth and
reliability for critical connections (formerly IEEE 802.3ad) (see
Aggregation) (see also Chapter 17, Layer 3 Routing, for use of LAGs in Layer 3)
Using Differentiated Services
Using Differentiated
Chapter 10, Spanning Tree)
)
Chapter 11, Link
SFTOS Features | 19
— Flow Control at the MAC layer: you may configure the switch or a port to temporarily
halt traffic when necessary to prevent overload (formerly IEEE 802.3x)
Additional functions you can use to manage the network including IGMP Snooping (see
Chapter 15, IGMP Snooping), Port Mirroring (see Chapter 16, Port Mirroring), and Broadcast
Storm Recovery.
Layer 3 Routing (see
Base routing protocols, including support for the Address Resolution Protocol (ARP), IP Mapping,
the
Internet Control Message Protocol (ICMP) and Classless Inter-Domain Routing
(CIDR)
Support for protocols used by routers to exchange network topology information:
— Routing Information Protocol (RIP) versions 1 and 2, recommended for use in small
to medium sized networks
www.dell.com | support.dell.com
Support for the Virtual Router Redundancy Protocol (VRRP) used to improve the reliability of
network connections
Support for the MD5 Message-Digest Algorithm defined in RFC 1321 used for digital signature
applications
Support for the use of Dynamic Host Configuration Protocol (DHCP) to assign IP addresses,
including the Relay Agent Information option defined in RFC 3046
VLAN Routing (see processed by the Layer 3 routing function.
— Open Shortest Path First (OSPF) version 2, used in larger, more complex networks
Chapter 17, Layer 3 Routing)
VLAN Routing on page 262): Allows traffic received on a VLAN port to be

Layer 2 Package Feature Details

The core Layer 2 Package software provides support for the following features:

Basic Routing and Switching Support

BootP (RFC 951, RFC 1542)
BootP/DHCP Relay and Server (RFC 2131)
Host Requirements (RFC 1122)
UDP (RFC 768)
IP (RFC 791)
ICMP (RFC 792)
TCP (RFC 793)
STP (Spanning Tree Protocol) (IEEE 802.1d)
Rapid Spanning Tree (IEEE 802.1w)
MSTP (IEEE 802.1s)
10 GigE (IEEE 802.3ae)
1000 Base-T (IEEE 802.3ab)
Flow Control (IEEE 802.3x)
IEEE 802.3ad
20 | SFTOS Features
16k MAC Address Table
Jumbo Frame Support
QoS
802.1p Priority Marking
ACL Entries (L2 + L3)
Bandwidth-based Rate Limiting
Priority Queues
Layer 2 Classification
Layer 3 DSCP
Wirespeed ACLs (L2/L3/L4)

VLAN

IEEE 802.1q Support
Frame Extensions (IEEE 802.3ac)
GVRP, GARP, GMRP
Port-based VLANs
Protocol-based VLANs
Supported Number of VLANs

Multicast Protocols

IGMP Snooping
Layer 2 Multicast Forwarding

Security and Packet Control Features

Access Profiles on Routing Protocols
DOS Protection
IEEE 802.1x
Ingress Rate Limiting
Login Access Control
MAC-based Port Security
Port Mirroring
RADIUS
SSH2 Server Support

Management

External Redundant Power System
SFTOS Features | 21
HTML-based Management
HTTPS/SSL
RMON Groups
SNMP v1/v2c
SNTP Support
SSHv2
Syslog
Telnet (RFC 854)
TFTP (RFC 783)
www.dell.com | support.dell.com

Stacking

Stacking Multiple Units
LAG across Units in a Stack
Hot Insertion and Removal of Units in a Stack
Auto Master Election
Auto Configuration

Layer 3 Package Feature Details

The “Layer 3 Package” (“Routing image”) version (optional for certain S-Series models) of SFTOS includes all of the features listed above, along with the following features.

Extended Routing and Switching Support

4k IPv4 Routing Table Entry
ARP (RFC 826)
CIDR (RFC 1519)
IPv4 (RFC 1812)
IPv4 Router Discovery (RFC 1256)
Proxy ARP (RFC 1027)
VRRP (RFC 2338)

Routing Protocol Support

RIPv1/v2
OSPF (RFC 2328, 1587, 1765, 2370)
Static Routes
22 | SFTOS Features

Multicast Protocols

IGMP v1/v2 (RFC 1112, 2236)
PIM-SM-edge
DVMRP
PIM-DM

Management

ECMP
SFTOS Features | 23

Load Balancing

LAG Load Balancing: For IPv4 packets, LAG load balancing is provided automatically by a hash
algorithm that is based on an XOR (eXclusive OR) of the 3 LSBs (Least Significant Bits) of the source and destination IP addresses.
For all other packet types, the 3 LSBs of the source and destination MAC addresses are used. Broadcast, unknown unicast, and Layer 2 multicast packets are sent over a single port in the LAG. MAC addresses must be learned first in order for load balancing to take place.
ECMP Load Balancing: ECMP (Equal Cost Multi-path Routing) is supported for OSPF, not for RIP.
2048 IP routes of the 3072 routes that are supported by SFTOS can be ECMP routes. Six ECMP paths are supported.
www.dell.com | support.dell.com
ECMP load balancing is like LAG load balancing in that it is provided automatically by a hash algorithm that is based on an XOR (eXclusive OR) of the 3 LSBs (Least Significant Bits) of the source and destination IP addresses.
Use the maximum-paths command to set the number of paths. For details, see the maximum-paths command in Chapter 20, “OSPF Commands”, of the SFTOS Command Reference.

Notable Differences between S-Series and E-Series

This section describes the major differences in how command usage on the S-Series differs from the E-Series. Users familiar with the E-Series CLI will notice enough similarities in the CLI environment on the S-Series that they can quickly learn the variations in syntax and usage.
The primary goal of SFTOS Release 2.3 (and associated dot releases) was to make SFTOS more like FTOS. Of course, there are still differences because FTOS requires more commands, usually with more detailed options than in SFTOS, to support the more complex E-Series switches.
Note: As you can see in some command descriptions, below, the major difference between SFTOS and FTOS is that in commands that contain a port reference, FTOS expresses the location as slot/port, while SFTOS uses unit/slot/port. For physical identifiers, unit is the stack member number in an S50 stack. For details, see Port Naming Convention on page 26.
The
CLI command modes: SFTOS Release 2.3 modifies the command mode tree of SFTOS to be more
Creating a static route: The SFTOS command
24 | SFTOS Features
aaa authentication command: This FTOS command is available in SFTOS as authentication.
like FTOS, so that their modes are basically equivalent at the base, differing toward the leaves.
next-hop router, while
ip route supports only IP addresses for setting the
ip route in the FTOS also supports physical interfaces. In other words:
— In SFTOS Layer 3, you can only put an IP address as the source and destination:
ip route source-ip-address mask destination-ip-address
— In FTOS, you can have a physical interface as a destination as well as an IP address:
ip route source-ip-address mask {destination interface | ip address}
Displaying the MAC address table: Both FTOS and SFTOS have the show mac-address-table command, but the SFTOS command provided different results than the FTOS command before SFTOS Release 2.3. The SFTOS syntax still contains the unit/slot/port form cited above, for example,
show mac-addr-table interface 1/0/4.
Displaying port information: FTOS and SFTOS have different sets of the show interface and show
interfaces commands. SFTOS also has a similar show port command for displaying whether a port is
up or not, as shown in Figure 2-1:
Figure 2-1. Using the show port Command
(Force10 S50) #show port 1/0/2
Admin Physical Physical Link Link LACP
Intf Type Mode Mode Status Status Trap Mode
------ ------ ------- ---------- ---------- ------ ------- ------­1/0/2 Enable Auto Down Enable Enable
(Force10 S50) #
Displaying system information: The FTOS command
show linecard is similar to show version in
SFTOS, which shows basic information, including the running software version and up time. Other similar commands in SFTOS are
show hardware and show sysinfo, and show tech-support provides
the results of a group of those similar commands.
The
terminal length command: This FTOS command (often shortened to “term len”) was not available
in SFTOS before SFTOS Release 2.3.
The
service timestamps command: This FTOS command is not available in SFTOS. SFTOS sets
timestamps automatically.
OSPF area ID: In SFTOS, OSPF only accepts the IP address format for the area ID, not the number within a range.
File management:
Table 2-1. Switch File Management
FTOS references system file locations as: SFTOS references system file locations as:
flash:// nvram: slot0:// system:
Management address: SFTOS Release 2.3 modifies the creation of a management address to be more like FTOS, but there are still some differences.
Setting the size of the logging buffer: The FTOS command
logging buffered has a parameter that
enables you to set the size of the buffer, while SFTOS does not. Both FTOS and SFTOS invoke debug logging with the number 7 as the severity level parameter. For example, the
logging buffered 7.
SFTOS command is
SFTOS Features | 25
Software naming convention: E-Series software uses this naming convention: FTOS-EF-x.x.x.x Through version 2.3.1.5, the S-Series used a different format that ends with an “.opr” extension.
Starting with SFTOS 2.4.1, SFTOS software image file names have a new naming format that is more descriptive and is consistent with the E-Series software naming convention: "SFTOS-<platform>-<version>-<switching | routing>.bin" for example: SFTOS-S2410-2.4.1.1-switching.bin.

Port Naming Convention

SFTOS supports stacking (one virtual switch made by connecting several switches) with the port naming convention “
www.dell.com | support.dell.com
in the stack, slot 0, port 11. If the port were in unit 2 of the stack, the command should be
0/11.
In more detail, the physical entities that define this convention are as follows:
Unit—The switch ID in a stack of switches (begins with the number 1, so the ports of a standalone switch are numbered
Slot—slot numbers for modular entities within the switch. Although S-Series switches have optional port modules that might qualify for a slot number, S-Series switches currently always list the slot number as 0 (listing all physical ports as channel.
Port—physical interface (port numbers are sequential starting at 1).
unit/slot/port<lucindaRgOb>”. For example, in show interface 1/0/11, 1/0/11 represents unit 1
1/slot/port).
show interface 2/
unit/0/port) unless representing a logical entity, such as a port
Logical interface identifiers are automatically generated by SFTOS. They also use the unit/slot/port convention, but:
Logical unit numbers are always 0.
Logical slot numbers are sequential and start with a 1.
Logical interface numbers (in the third position) are also sequential starting at 1 for each slot.
VLAN routing interfaces and port channels (LAGs) are logical entities. Logical interface identifiers are defined by the system upon creation.
26 | SFTOS Features

Getting Started

This chapter summarizes the following basic tasks:
Connecting to the Console Port on page 29
Command Line Interface (CLI) Overview on page 31
Checking Status on page 32
Displaying Statistics on page 36Viewing the Software Version and Switch Numbers on page 32Showing Network Settings on page 34Displaying Supported Features and System Up-time on page 34Verifying Details about the Switch on page 32
User Management on page 36
Creating a User and Password on page 36Showing and Removing Created Users on page 37Setting SNMP Read/Write Access on page 37Setting the Enable Password on page 38
Enabling Interfaces on page 38
Enabling Ports on page 38Setting the Management IP Address on page 39Enabling Telnet to the Switch on page 39Configuring an Interface with an IP Address on page 40Setting up SNMP Management on page 41
Creating VLANS on page 41
Managing Configuration and Software Files on page 43
Downloading and Uploading Files on page 44Downloading a Software Image on page 45Installing System Software on page 50Managing the Configuration on page 56Saving the Startup Configuration to the Network on page 57Clearing the Running Configuration on page 57Configuring from the Network on page 58Restoring the System to the Factory Default Configuration on page 58Resetting the Pre-configured System on page 59Using Configuration Scripts on page 60Creating a Configuration Script on page 60
3
Getting Started | 27

Setting up a Management Connection to the Switch

You have a choice of methods to manage the switch. You can access the SFTOS command line interface (CLI) through either the console port on the switch or through an out-of-band method such as Telnet or SSH. To use any method other than the console port (VT100 emulation), you must first configure a management IP address on the switch. This chapter includes the procedures that connect you to the console and to set up a management IP address:
Console connection (VT100 interface): See Connecting to the Console Port on page 29.
Management IP address: See Setting the Management IP Address on page 39. See also Showing
Network Settings on page 34.
www.dell.com | support.dell.com
After setting up the management IP address, you can use one of the following connection methods:
Simple Network Management Protocol (SNMP): For details on setting up SNMP, see Setting
SNMP Read/Write Access on page 37 and Setting up SNMP Management on page 71.
Note: The Dell Force10 Management System (FTMS) is a graphical network management software product that provides a global view of your complete Dell Force10 network. FTMS includes Node Manager, which not only provides GUI-based device management, it also includes the ability to execute CLI commands, either individually from Node Manager or by having Node Manager open a Telnet window to the device.
Telnet: See Enabling Telnet to the Switch on page 39. To use SSH to enable secure access over Telnet, see Enabling SSH on page 142.
Note: You can also use a configuration script to set up the switch. The maximum number of configuration file command lines is 2000. See Using Configuration Scripts on page 60.
28 | Getting Started

Connecting to the Console Port

fn00162s50
To access the console port, follow the procedure below:
Step Task
1 Caution: Install a straight-through RJ-45 copper cable (for example, an Ethernet cable) into the console
port. This is different from many other implementations that require a crossover (rollover) cable. If connecting to a terminal server and using an Ethernet crossover cable, daisychain another crossover cable to effectively get a straight-through cable connection. Many console terminal servers use octopus cables that are crossover cables. As above, connect an additional crossover cable.
2
Connect the RJ-45/DB-9 adapter that is shipped with the switch to the RJ-45 cable. Note: The console port pinout:
Pin 1 = NC Pin 2 = NC Pin 3 = RXD Pin 4 = GND Pin 5 = GND Pin 6 = TXD Pin 7 = NC Pin 8 = NC
3 4
Connect the adapter to a laptop. Once a connection is established, ensure the following terminal settings (default settings) at both ends: 9600
baud rate, no parity, 8 data bits, 1 stop bit, no flow control (console port only). If you want to change the settings (such as if you want to download software at a higher speed), you must change the serial configuration on both the switch and computer. See the command options in the following step. For more on changing settings, see the hardware guide or the Quick Reference.
Getting Started | 29
Step Task (continued)
5
Enter Line Config mode by logging in, entering Privileged Exec mode (enable command), Global Config mode (config command), then lineconfig. In Line Config mode, use the serial timeout command to set the console inactivity timeout (0 for no timeout; up to 160 minutes):
Figure 3-2. Using the Line Config Mode and the serial timeout Command
User:admin Password: Force10 >enable Password:
Force10 #configure Force10 (Config)#lineconfig
www.dell.com | support.dell.com
Force10 (Line)#? exit To exit from the mode. serial Configure EIA-232 parameters and inactivity timeout. session-limit Configure the maximum number of outbound telnet sessions allowed. session-timeout Configure the outbound telnet login inactivity timeout. transport Displays the protocol list to use for outgoing connections. Force10 (Line)#serial ? baudrate Set the serial baudrate. timeout Configure the serial port login inactivity timeout.
Force10 (Line)#serial timeout ? <0-160> Enter time in minutes.
Force10 (Line)#serial timeout 0 Force10 (Line)#exit Force10 (Config)#
6
To display serial (console) port configuration, enter the command show serial:
Figure 3-3. Using the show serial Command
Force10 #show serial
Serial Port Login Timeout (minutes)............ 30
Baud Rate (bps)................................ 9600
Character Size (bits).......................... 8
Flow Control................................... Disable
Stop Bits...................................... 1
Parity......................................... none
For more on setting serial settings, see the hardware guide for your system or the System Management Commands chapter in the SFTOS Command Reference.
The default CLI user, admin, has read/write access, with no password until you create one. For details, see
Creating a User and Password on page 36. There is also one mode-level password. See Setting the Enable Password on page 38.
30 | Getting Started
Loading...
+ 276 hidden pages
Buy Points How it Works FAQ Contact Us Questions and Suggestions Privacy Policy Cookie Policy Terms of Use