Dell Force10 S2410-01-10GE-24P Quick Reference Guide

SFTOS Configuration Guide

Notes, Cautions, and Warnings

NOTE: A NOTE indicates important information that helps you make better use of your computer.

CAUTION: A CAUTION indicates potential damage to hardware or loss of data if instruction are not followed. WARNING: A WARNING indicates a potential for property damage, personal injury, or death.

Reproduction of these materials in any manner whatsoever without the written permission of Dell Inc. is strictly forbidden. Trademarks used in this text: Dell™, the DELL logo, Dell Precision™, OptiPlex™, Latitude™, PowerEdge™, PowerVault™,

PowerConnect™, OpenManage™, EqualLogic™, KACE™, FlexAddress™ and Vostro™ are trademarks of Dell Inc. Intel Core™ and Celeron Opteron™, AMD Phenom™, and AMD Sempron™ are trademarks of Advanced Micro Devices, Inc. Microsoft

Server

, MS-DOS® and Windows Vista® are either trademarks or registered trademarks of Microsoft Corporation in the United States and/or other countries. Red Hat Enterprise Linux countries. Novell registered trademark of Oracle Corporation and/or its affiliates. Citrix or trademarks of Citrix Systems, Inc. in the United States and/or other countries. VMware

are registered trademarks of Intel Corporation in the U.S. and other countries. AMD® is a registered trademark and AMD

is a registered trademark and SUSE ™ is a trademark of Novell Inc. in the United States and other countries. Oracle® is a

and Enterprise Linux® are registered trademarks of Red Hat, Inc. in the United States and/or other

, Xen®, XenServer® and XenMotion® are either registered trademarks

, Virtual SMP®, vMotion®, vCenter®, and vSphere®

, Pentium®, Xeon®,

, Windows®, Windows

are registered trademarks or trademarks of VMWare, Inc. in the United States or other countries. Other trademarks and trade names may be used in this publication to refer to either the entities claiming the marks and names or their products.

Dell Inc. disclaims any proprietary interest in trademarks and trade names other than its own.

November 2011 P/N —

New Features

SFTOS 2.5.3 improves SFTOS internals only, with no new features.

SFTOS 2.5.2 adds:

• A substantial support interface that is not accessible through the standard CLI modes and is not publicly documented

• Support for new S-Series platforms, including the S50N, S50N-DC, and S25P-DC

Other Changes to the Document

Changes in this edition include:

• The major change in this edition is that the example configuration sequence for VLAN Stacking is corrected. See Configuring a VLAN Tunnel (DVLAN or VLAN-Stack) on page 229.

Changes to this book in the previous edition included:

• The SFTOS Web User Interface (Web UI) chapter is removed, because changes to SFTOS 2.5.2.1 were not promulgated to the Web UI, which made some parts of the Web UI unreliable or non-functional.

• The ACL chapter now states that both MAC and IP ACLs can be applied to the same interface.

• Both the VLAN and LAG chapters state more explicitly that the Default VLAN, VLAN 1, cannot be changed, and will not allow a LAG or tagged port as a member of it.

New Features | 3

www.dell.com | support.dell.com

4 | New Features

Table of Contents

New Features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3

Other Changes to the Document . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .3

1 About this Guide . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15

Objectives . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .15

Audience . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .16

Introduction to the Guide . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .16

Conventions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .16

Related Dell Force10 Documents and Additional Information . . . . . . . . . . . . . . . . . . . . .16

Contact Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .17

Documentation Feedback . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .17

Technical Support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .17

The iSupport Website . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .17

Accessing iSupport Services. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .18

Contacting the Technical Assistance Center. . . . . . . . . . . . . . . . . . . . . . . . . . . .18

2 SFTOS Features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .19

Overview of SFTOS Features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .19

Layer 2 Package Feature Details . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .20

Basic Routing and Switching Support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .20

QoS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .21

VLAN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .21

Multicast Protocols . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .21

Security and Packet Control Features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .21

Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .21

Stacking . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .22

Layer 3 Package Feature Details . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .22

Extended Routing and Switching Support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .22

Routing Protocol Support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .22

Multicast Protocols . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .23

Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .23

Load Balancing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .24

Notable Differences between S-Series and E-Series . . . . . . . . . . . . . . . . . . . . . . . . . . .24

Port Naming Convention . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .26

3 Getting Started . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27

Setting up a Management Connection to the Switch . . . . . . . . . . . . . . . . . . . . . . . . . . . .28

Connecting to the Console Port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .29

Command Line Interface (CLI) Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .31

CLI Command Modes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .31

Getting Help From the CLI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .32

Controlling Pagination . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .32

Table of Contents | 5

Checking Status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .32

Viewing the Software Version and Switch Numbers . . . . . . . . . . . . . . . . . . . . . . . . .32

Verifying Details about the Switch . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .32

Showing Network Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .34

Displaying Supported Features and System Up-time . . . . . . . . . . . . . . . . . . . . . . . .34

Displaying Statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .36

User Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .36

Creating a User and Password . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .36

Showing and Removing Created Users . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .37

Setting SNMP Read/Write Access . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .37

Setting the Enable Password . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .38

www.dell.com | support.dell.com

Enabling Interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .38

Enabling Ports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .38

Setting the Management IP Address . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .39

Enabling Telnet to the Switch . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .39

Configuring an Interface with an IP Address . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .40

Using the Show IP Interface Command . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .40

Setting up SNMP Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .41

Creating VLANS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .41

Important Points to Remember — VLANs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .41

Setting Up the Management VLAN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .42

Creating a VLAN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .42

Enabling Spanning Tree Protocol . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .42

Managing Configuration and Software Files . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .43

Important Points to Remember — Files . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .44

Downloading and Uploading Files . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .44

Points to Remember when Transferring Files . . . . . . . . . . . . . . . . . . . . . . . . . . .45

Downloading a Software Image . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .45

Using Xmodem to Download Software . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .46

Using TFTP to Download Software . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .47

Saving the Running Configuration. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .49

Installing System Software . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .50

Managing SFTOS Software with SFTOS Version 2.5.1 . . . . . . . . . . . . . . . . . . .50

Managing the Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .56

Clearing the Running Configuration. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .57

Saving the Startup Configuration to the Network. . . . . . . . . . . . . . . . . . . . . . . . .57

Configuring from the Network . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .58

Restoring the System to the Factory Default Configuration. . . . . . . . . . . . . . . . .58

Resetting the Pre-configured System . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .59

Using Configuration Scripts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .60

Creating a Configuration Script . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .60

Viewing a Configuration Script File . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .60

Uploading a Configuration Script to a TFTP Server . . . . . . . . . . . . . . . . . . . . . .61

6 | Table of Contents

Deleting a Script . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .61

Downloading a Configuration Script from a TFTP Server . . . . . . . . . . . . . . . . . .62

Troubleshooting a Downloaded Script. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .62

Applying a Configuration Script . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .63

Listing Configuration Scripts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .64

Displaying Logs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .65

4 Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 67

Creating the Management IP Address . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .67

Changing the Management VLAN from the Default . . . . . . . . . . . . . . . . . . . . . . . . . . . .68

Verifying Access to a Management Port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .69

Verifying Management Port Connectivity . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .69

Setting Stack Management Preferences . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .69

Setting the Host Name Prompt . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .70

Restoring the Configuration to Factory Defaults . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .70

Setting up SNMP Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .71

Managing SNMP Traps . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .73

router BGP config mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .74

Link Layer Discovery Protocol (LLDP) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .75

Setting up Remote Network Monitoring (RMON) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .75

Important Points to Remember . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .76

RMON Command Set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .76

Configuring RMON Alarms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .76

Example of configuring an RMON alarm. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .78

Setting the System Date and Time . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .78

Setting the System Date and Time Manually . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .78

SNTP Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .79

CLI Examples of SNTP Setup . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .80

Example #1: Configuring SNTP client mode . . . . . . . . . . . . . . . . . . . . . . . . . . . .80

Example #2: Configuring SNTP client port . . . . . . . . . . . . . . . . . . . . . . . . . . . . .80

Example #3: Configuring SNTP server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .80

Example #4: show sntp client . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .80

Example #5: show sntp server. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .81

Gathering Details about the Switch . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .81

5 Stacking S-Series Switches. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 83

S-Series Stackability Features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .83

Important Points to Remember . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .83

Stacking Commands Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .85

Management Unit Selection Algorithm . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .85

Unit Number Assignment . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .86

Stack Management and Functionality . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .86

Adding a Switch to a Stack . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .89

Table of Contents | 7

Best Practices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .89

Removing a Switch from a Stack . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .90

Setting Management Unit Preferences . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .91

Inspecting Management Preferences . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .93

Hardware Management Preference. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .93

Administrative Management Preference . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .94

Unsetting Management Preference. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .94

Management Preference and MAC Address. . . . . . . . . . . . . . . . . . . . . . . . . . . .94

Upgrading Software in a Stack . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .94

Copying SFTOS Software to a Member Switch . . . . . . . . . . . . . . . . . . . . . . . . . . . .95

Configuration example: Upgrading software on a new member switch. . . . . . . .95

www.dell.com | support.dell.com

Using show Commands for Stacking Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .98

6 System Logs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 101

Logging Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .101

Configuring the System Log . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .102

Displaying the System Log . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .103

Interpreting system log messages. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .104

Using the Persistent Event Log . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .105

Displaying the SNMP Trap Log . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .106

Configuring Syslog Server Host Connections . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .107

Configure a syslog server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .108

7 Configuring Interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 111

Interface Support in SFTOS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .111

Viewing Interface Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .112

Viewing Layer 3 Interface Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .117

Configuring Physical Interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .117

Enabling an Interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .120

Configuring Speed and Duplex Mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .120

Configuring Layer 3 Mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .122

Clearing Interface Counters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .122

Enabling Power over Ethernet Ports (PoE) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .123

Bulk Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .126

Using Interface Range Mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .126

Bulk Configuration Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .127

Configure a single range . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .127

Configure multiple ranges . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .127

8 DHCP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 129

DHCP Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .129

Protocol Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .129

8 | Table of Contents

Configuring the Switch as a DHCP Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .130

Important Points to Remember . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .130

Configuration Task List . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .130

Configuring a DHCP address pool (required) . . . . . . . . . . . . . . . . . . . . . . . . . .131

Excluding IP addresses (optional). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .131

Enabling the SFTOS DHCP Server feature (required) . . . . . . . . . . . . . . . . . . .131

Verifying the DHCP Server Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .131

Using the Switch as a BootP/DHCP Relay Agent . . . . . . . . . . . . . . . . . . . . . . . . . . . . .132

DHCP Relay Agent Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .132

Configuring the Switch as a DHCP Relay Agent . . . . . . . . . . . . . . . . . . . . . . . . . . .133

Verifying the DHCP Relay Agent Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . .133

Configuration Example — DHCP Server and Relay Agent . . . . . . . . . . . . . . . . . . . . . .133

9 Providing User Access Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 135

Choosing a TACACS+ Server and Authentication Method . . . . . . . . . . . . . . . . . . . . . .135

Configuring TACACS+ Server Connection Options . . . . . . . . . . . . . . . . . . . . . . . . . . .137

Configuring a RADIUS Connection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .138

Using the CLI to Configure Access through RADIUS . . . . . . . . . . . . . . . . . . . . . . .138

Enabling Secure Management with SSH . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .140

Enabling SSH . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .142

10 Spanning Tree. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 145

SFTOS STP Switching Features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .145

Forwarding, Aging, and Learning . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .145

Spanning Tree Protocol (STP, IEEE 802.1D) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .146

Basic STP (802.1D) CLI Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .146

Basic STP CLI Port Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .147

Rapid Spanning Tree Protocol (RSTP, IEEE 802.1w) . . . . . . . . . . . . . . . . . . . . . . . . . .147

RSTP Implementation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .147

Port Roles . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .147

Port States. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .148

Port Costs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .148

BPDU Format . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .148

Convergence with RSTP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .148

Multiple Spanning-Tree Protocol (MSTP, IEEE 802.1s) . . . . . . . . . . . . . . . . . . . . . . . .148

Important Points to Remember . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .149

MST Regions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .149

MST Interactions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .149

MSTP Standards . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .149

MSTP CLI Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .150

Spanning Tree Configuration Tasks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .150

Setting the STP Version Parameter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .151

Enabling STP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .152

Table of Contents | 9

Example of configuring STP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .152

Influencing the Spanning Tree Topology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .153

Example of influencing the spanning tree configuration . . . . . . . . . . . . . . . . . .154

Changing Spanning Tree Global Parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . .155

Enabling an Edge Port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .156

MSTP Configuration Example . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .156

Display Spanning Tree Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .157

Displaying STP, MSTP, and RSTP Operation . . . . . . . . . . . . . . . . . . . . . . . . . . . .163

11 Link Aggregation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 165

Link Aggregation—IEEE 802.3 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .165

www.dell.com | support.dell.com

LAG Load Distribution . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .166

LAG Implementation Restrictions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .167

Link Aggregation—MIB Support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .167

Static LAG Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .167

Link Aggregation Group (LAG) Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .168

Privileged Exec and User Exec mode commands. . . . . . . . . . . . . . . . . . . . . . .168

Global Config mode commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .168

Interface Port Channel Config mode commands. . . . . . . . . . . . . . . . . . . . . . . .168

Interface Config mode commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .170

Static LAG CLI Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .170

Configuring a LAG . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .170

LAG Configuration Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .171

Basic LAG configuration example . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .172

Adding a LAG to a VLAN. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .173

Using the Interface Range mode. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .174

Link Aggregation Control Protocol (LACP) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .174

LACP Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .175

LACP configuration example. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .175

Displaying LAGs (Port Channels) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .176

12 Quality of Service . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 177

Using Differentiated Services (DiffServ) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .177

Deploying DiffServ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .180

Creating Class-maps/DiffServ Classes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .180

Creating a Policy-Map . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .182

Applying Policies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .183

Enabling Differentiated Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .184

Monitoring DiffServ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .184

Using the show class-map Command . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .184

Using the show diffserv Command . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .186

10 | Table of Contents

show class-map. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .185

Using the “show policy-map” Command . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .187

Using the show service-policy Command . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .190

Configuring Differentiated Services by Department . . . . . . . . . . . . . . . . . . . . . . . . . . .191

Configuring Differentiated Services for Voice over IP . . . . . . . . . . . . . . . . . . . . . . . . . .194

13 Access Control . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 197

SFTOS Support for Access Control Lists . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .197

Common ACL Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .198

MAC ACL Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .198

IP ACL Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .200

Standard IP ACLs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .200

Extended IP ACLs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .200

Protecting the Management Interface with a Loopback ACL . . . . . . . . . . . . . . . . .201

Access Control List Configuration Example . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .202

Applying an IP ACL to the Loopback Interface . . . . . . . . . . . . . . . . . . . . . . . . . . . .203

Restrictions on the usage of loopback interface ACL . . . . . . . . . . . . . . . . . . . .204

Example of loopback interface configuration sequence . . . . . . . . . . . . . . . . . .204

Enabling Broadcast Storm Control . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .205

14 VLANs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 207

Introduction to VLAN Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .207

Important Points to Remember . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .208

Implementing VLANs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .209

Forwarding Rules. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .209

Egress Rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .209

Exempt Frames . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .209

VLAN Mode Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .210

Configuration Task List for VLANs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .211

Creating a VLAN and Adding Ports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .211

Example of creating a VLAN and assigning interfaces . . . . . . . . . . . . . . . . . . .212

Assign an interface to multiple VLANs. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .213

Clearing/Resetting a VLAN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .214

Adding a LAG to a VLAN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .215

Example of adding a LAG to a VLAN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .216

Creating a Routed VLAN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .217

Example of creating a routed VLAN on one switch . . . . . . . . . . . . . . . . . . . . . .217

GARP and GVRP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .218

GARP VLAN Registration Protocol (GVRP) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .219

GARP Timers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .219

GARP Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .220

Using GVRP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .220

Enabling Dynamic VLANs with GVRP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .220

Example of Creating a Dynamic VLAN through GVRP . . . . . . . . . . . . . . . . . . .221

Table of Contents | 11

Displaying GARP, GVRP, GMRP Properties . . . . . . . . . . . . . . . . . . . . . . . . . . . . .222

show garp and show gvrp configuration all commands. . . . . . . . . . . . . . . . . . .222

Creating an IP Subnet-based VLAN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .223

Configuring a Private Edge VLAN (PVLAN) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .223

Configuring a Native VLAN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .224

Example of configuring a native VLAN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .227

Configuring a VLAN Tunnel (DVLAN or VLAN-Stack) . . . . . . . . . . . . . . . . . . . . . . . . .229

DVLAN Tagging Considerations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .229

DVLAN Configuration Sequence . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .229

DVLAN configuration example. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .231

Displaying VLAN Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .233

www.dell.com | support.dell.com

15 IGMP Snooping. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 237

Enabling IGMP Snooping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .237

Monitoring IGMP Snooping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .238

16 Port Mirroring. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 241

Port Mirroring Features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .241

Port Mirroring Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .242

Port Mirroring Configuration Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .242

Preparing to Configure Port Mirroring . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .242

Configuring the mirrored port and destination port . . . . . . . . . . . . . . . . . . . . . .243

Starting a mirroring session. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .243

Stopping the mirroring session and removing probe and mirrored ports. . . . . .244

Verifying Port Mirroring . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .244

Verifying port mirroring session status. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .244

Using other commands that show port mirroring status . . . . . . . . . . . . . . . . . .245

17 Layer 3 Routing. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 247

Enabling Routing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .248

Port Routing Configuration Example . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .250

IGMP Proxy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .251

IGMP Proxy Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .252

RIP Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .255

RIP Configuration Example . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .256

OSPF Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .257

OSPF Configuration Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .257

VLAN Routing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .262

12 | Table of Contents

IGMP Proxy configuration example. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .252

Verifying the configuration. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .254

Configuring OSPF on an S-Series operating as an inter-area router . . . . . . . .257

Configuring OSPF on an S-Series operating as a border router. . . . . . . . . . . .260

VLAN IP Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .262

VLAN Routing Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .263

Example of creating a routed VLAN between switches. . . . . . . . . . . . . . . . . . .263

VLAN Routing OSPF Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .264

VLAN Routing RIP Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .267

Link Aggregation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .269

Link Aggregation Layer 3 Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .269

Virtual Router Redundancy Protocol . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .271

Configuring VRRP: Master Router (Router 1) . . . . . . . . . . . . . . . . . . . . . . . . . . . . .272

Configuring VRRP: Backup Router (Router 2) . . . . . . . . . . . . . . . . . . . . . . . . . . . .273

18 Troubleshooting. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 275

Recovering from Flash File System Corruption . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .275

Recovering from a Software Upgrade Failure . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .276

Recovering from a Lost Password . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .277

Recovering from Switch Stack Problems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .277

Preventing Auto-negotiation Mismatches . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .278

Monitoring SFPs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .280

Monitoring 10 GE Interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .281

Monitoring CPU and Memory Utilization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .281

Software Forwarding . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .281

Troubleshooting No Output on the Console . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .282

A RFCs, MIBs, and Traps. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 285

IEEE Compliance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .285

RFC Compliance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .286

General Switching Protocols . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .286

IP Multicast (in Layer 3 Package only) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .286

Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .287

OSPF (in Layer 3 Package only). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .287

QoS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .288

RIP (in Layer 3 Package only). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .288

RMON . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .288

Routing (in Layer 3 Package only). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .288

Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .289

SNMP-related RFCs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .289

MIBs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .290

Industry MIBs Supported by SFTOS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .290

Force 10 MIBs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .291

SNMP Traps . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .293

Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 295

Table of Contents | 13

www.dell.com | support.dell.com

14 | Table of Contents

About this Guide

This chapter covers the following topics:

• Objectives on page 15

• Audience on page 16

• Introduction to the Guide on page 16

• Conventions on page 16

• Related Dell Force10 Documents and Additional Information on page 16

• Contact Information on page 17

• Documentation Feedback on page 17

• The iSupport Website on page 17

• Objectives

• Audience

• Conventions

• Related Dell Force10 Documents and Additional Information

Objectives

This document provides configuration instructions and examples for the following S-Series switches:

• S50

• S50V

• S50N, S50N-DC

• S25P, S25P-DC

It includes information on the protocols and features found in SFTOS protocols is included to describe the capabilities of SFTOS.

For more complete information on protocols, refer to other documentation and IETF RFCs.

Note: For S2410 documentation, see the S2410 Documentation CD-ROM.

™

. Background on networking

About this Guide | 15

Audience

This document is intended for system administrators who are responsible for configuring or maintaining networks. This guide assumes you are knowledgeable in Layer 2 and Layer 3 networking technologies.

Introduction to the Guide

This guide provides examples of the use of E-Series switches in a typical network. It describes the use and advantages of specific functions provided by the E-Series, and includes instructions on how to configure those functions using the Command Line Interface (CLI).

www.dell.com | support.dell.com

Some E-Series switches operate purely as a Layer 2 switch, some also as a Layer 3 router or a combination switch/router. The switch also includes support for network management and Quality of Service functions such as Access Control Lists and Differentiated Services. Which functions you choose to activate will depend on the size and complexity of your network; this document provides detailed information on some of the most-used functions. For details on SFTOS features, see SFTOS Features on page 19.

Note: Note that, while BGP and bandwidth allocation are not supported in this release, they may appear in the command output examples in this document.

Conventions

This document uses the following conventions to describe command syntax:

Convention Description

keyword Keywords are in bold and should be entered in the CLI as listed.

parameter

{X} Keywords and parameters within braces must be entered in the CLI. [X] Keywords and parameters within brackets are optional. x | y Keywords and parameters separated by bar require you to choose one.

Parameters are in italics and require a variable—sometimes a number, sometimes a word, sometimes either—to be entered in the CLI. Shown between less-than and greater-than signs in the CLI help: <parameter>

Contact Information

For technical support, see The iSupport Website on page 17. For other questions, contact Dell Force10 using the following address:

Dell Force10, Inc. 350 Holger Way San Jose, CA 95134 USA

Documentation Feedback

If appropriate, please include the following information with your comments:

• Document name

• Document part number

• Page number

• Software release version

Technical Support

The iSupport Website

Dell Force10 iSupport provides a range of support programs to assist you with effectively using Dell Force10 equipment and mitigating the impact of network outages. Through iSupport you can obtain technical information regarding Dell Force10 products, access to software upgrades and patches, and open and manage your Technical Assistance Center (TAC) cases. Dell Force10 iSupport provides integrated, secure access to these services.

About this Guide | 17

Accessing iSupport Services

The URL for iSupport is www.force10networks.com/support/. To access iSupport services you must have a userid and password. If you do not have one, you can request one at the website:

1. On the Dell Force10 iSupport page, click the Account Request link.

2. Fill out the User Account Request form and click Send. You will receive your userid and password by

email.

3. To access iSupport services, click the Log in link, and enter your userid and password.

Contacting the Technical Assistance Center

www.dell.com | support.dell.com

How to Contact Dell Force10 TAC

Information to Submit When Opening a Support Case

Managing Your Case Log in to iSupport, and select the Service Request tab to view all open cases and RMAs. Downloading Software

Updates Technical Documentation Log in to iSupport, and select the Documents tab. This page can be accessed without

Contact Information E-mail: support@force10networks.com

• Your name, company name, phone number, and email address

• Preferred method of contact

• Model number

• Software version number

• Symptom description

• Screen shots illustrating the symptom, including any error messages

• Serial number, if requesting an RMA

logging in via the Documentation link on the iSupport page.

Web: www.force10networks.com/support/ Telephone: US and Canada: 866.965.5800 International: 408.965.5800

For more on using the iSupport website and accessing services, see the Dell Force10 Service and Support

Guide.

18 | About this Guide

SFTOS Features

This chapter contains these major sections:

• Overview of SFTOS Features on page 19

• Layer 2 Package Feature Details on page 20

• Layer 3 Package Feature Details on page 22

• Notable Differences between S-Series and E-Series on page 24

• Port Naming Convention on page 26

The SFTOS software is available in two packages—the “Layer 2 Package” (“Switching”) and the “Layer 3 Package” (“Routing”). The Layer 2 Package consists of the core software that comes installed on every S-Series switch (with the exception of the Stacking module, which is not included on the S2410), while the Layer 3 Package includes both the core software and software that supports Layer 3 of the OSI 7-Layer Model. The Layer 3 Package is only available for some S-Series models.

Overview of SFTOS Features

The functions supported by SFTOS software include:

• Access control lists, used to control access to specified resources (see

(DiffServ) on page 177)

• Differentiated Services, which you can use to define traffic classes and how they will be treated, including traffic acceptance, transmission and bandwidth guarantees. See

Services (DiffServ) on page 177.

• Layer 2 Switching:

• Bridging support (the default) for IEEE 802.1D — Spanning Tree plus IEEE 802.1w — Rapid

Reconfiguration and IEEE 802.1s — Multiple Spanning Tree (see

• Virtual LAN (VLAN) operation conforming to IEEE 802.1Q, including Generic Attribute

Registration Protocol (GARP), GARP Multicast Registration Protocol (GMRP) and GARP VLAN Registration Protocol (GVRP) (see VLANs on page 207

• Support for extensions to the Ethernet protocol:

— VLAN tagging, required for VLAN support (formerly IEEE 802.3ac, now included in

IEEE 802.3-2002)

— Link Aggregation, which you may choose to implement to improve bandwidth and

reliability for critical connections (formerly IEEE 802.3ad) (see

Aggregation) (see also Chapter 17, Layer 3 Routing, for use of LAGs in Layer 3)

Using Differentiated Services

Using Differentiated

Chapter 10, Spanning Tree)

)

Chapter 11, Link

SFTOS Features | 19

— Flow Control at the MAC layer: you may configure the switch or a port to temporarily

halt traffic when necessary to prevent overload (formerly IEEE 802.3x)

• Additional functions you can use to manage the network including IGMP Snooping (see

Chapter 15, IGMP Snooping), Port Mirroring (see Chapter 16, Port Mirroring), and Broadcast

Storm Recovery.

• Layer 3 Routing (see

• Base routing protocols, including support for the Address Resolution Protocol (ARP), IP Mapping,

the

Internet Control Message Protocol (ICMP) and Classless Inter-Domain Routing

(CIDR)

• Support for protocols used by routers to exchange network topology information:

— Routing Information Protocol (RIP) versions 1 and 2, recommended for use in small

to medium sized networks

www.dell.com | support.dell.com

• Support for the Virtual Router Redundancy Protocol (VRRP) used to improve the reliability of

network connections

• Support for the MD5 Message-Digest Algorithm defined in RFC 1321 used for digital signature

applications

• Support for the use of Dynamic Host Configuration Protocol (DHCP) to assign IP addresses,

including the Relay Agent Information option defined in RFC 3046

• VLAN Routing (see processed by the Layer 3 routing function.

— Open Shortest Path First (OSPF) version 2, used in larger, more complex networks

Chapter 17, Layer 3 Routing)

VLAN Routing on page 262): Allows traffic received on a VLAN port to be

Layer 2 Package Feature Details

The core Layer 2 Package software provides support for the following features:

Basic Routing and Switching Support

• BootP (RFC 951, RFC 1542)

• BootP/DHCP Relay and Server (RFC 2131)

• Host Requirements (RFC 1122)

• UDP (RFC 768)

• IP (RFC 791)

• ICMP (RFC 792)

• TCP (RFC 793)

• STP (Spanning Tree Protocol) (IEEE 802.1d)

• Rapid Spanning Tree (IEEE 802.1w)

• MSTP (IEEE 802.1s)

• 10 GigE (IEEE 802.3ae)

• 1000 Base-T (IEEE 802.3ab)

• Flow Control (IEEE 802.3x)

• IEEE 802.3ad

20 | SFTOS Features

• 16k MAC Address Table

• Jumbo Frame Support

QoS

• 802.1p Priority Marking

• ACL Entries (L2 + L3)

• Bandwidth-based Rate Limiting

• Priority Queues

• Layer 2 Classification

• Layer 3 DSCP

• Wirespeed ACLs (L2/L3/L4)

VLAN

• IEEE 802.1q Support

• Frame Extensions (IEEE 802.3ac)

• GVRP, GARP, GMRP

• Port-based VLANs

• Protocol-based VLANs

• Supported Number of VLANs

Multicast Protocols

• IGMP Snooping

• Layer 2 Multicast Forwarding

Security and Packet Control Features

• Access Profiles on Routing Protocols

• DOS Protection

• IEEE 802.1x

• Ingress Rate Limiting

• Login Access Control

• MAC-based Port Security

• Port Mirroring

• RADIUS

• SSH2 Server Support

Management

• External Redundant Power System

SFTOS Features | 21

• HTML-based Management

• HTTPS/SSL

• RMON Groups

• SNMP v1/v2c

• SNTP Support

• SSHv2

• Syslog

• Telnet (RFC 854)

• TFTP (RFC 783)

www.dell.com | support.dell.com

Stacking

• Stacking Multiple Units

• LAG across Units in a Stack

• Hot Insertion and Removal of Units in a Stack

• Auto Master Election

• Auto Configuration

Layer 3 Package Feature Details

The “Layer 3 Package” (“Routing image”) version (optional for certain S-Series models) of SFTOS includes all of the features listed above, along with the following features.

Extended Routing and Switching Support

• 4k IPv4 Routing Table Entry

• ARP (RFC 826)

• CIDR (RFC 1519)

• IPv4 (RFC 1812)

• IPv4 Router Discovery (RFC 1256)

• Proxy ARP (RFC 1027)

• VRRP (RFC 2338)

Routing Protocol Support

• RIPv1/v2

• OSPF (RFC 2328, 1587, 1765, 2370)

• Static Routes

22 | SFTOS Features

Multicast Protocols

• IGMP v1/v2 (RFC 1112, 2236)

• PIM-SM-edge

• DVMRP

• PIM-DM

Management

• ECMP

SFTOS Features | 23

Load Balancing

• LAG Load Balancing: For IPv4 packets, LAG load balancing is provided automatically by a hash

algorithm that is based on an XOR (eXclusive OR) of the 3 LSBs (Least Significant Bits) of the source and destination IP addresses.

For all other packet types, the 3 LSBs of the source and destination MAC addresses are used. Broadcast, unknown unicast, and Layer 2 multicast packets are sent over a single port in the LAG. MAC addresses must be learned first in order for load balancing to take place.

ECMP Load Balancing: ECMP (Equal Cost Multi-path Routing) is supported for OSPF, not for RIP.

•

2048 IP routes of the 3072 routes that are supported by SFTOS can be ECMP routes. Six ECMP paths are supported.

www.dell.com | support.dell.com

ECMP load balancing is like LAG load balancing in that it is provided automatically by a hash algorithm that is based on an XOR (eXclusive OR) of the 3 LSBs (Least Significant Bits) of the source and destination IP addresses.

Use the maximum-paths command to set the number of paths. For details, see the maximum-paths command in Chapter 20, “OSPF Commands”, of the SFTOS Command Reference.

Notable Differences between S-Series and E-Series

This section describes the major differences in how command usage on the S-Series differs from the E-Series. Users familiar with the E-Series CLI will notice enough similarities in the CLI environment on the S-Series that they can quickly learn the variations in syntax and usage.

The primary goal of SFTOS Release 2.3 (and associated dot releases) was to make SFTOS more like FTOS. Of course, there are still differences because FTOS requires more commands, usually with more detailed options than in SFTOS, to support the more complex E-Series switches.

Note: As you can see in some command descriptions, below, the major difference between SFTOS and FTOS is that in commands that contain a port reference, FTOS expresses the location as slot/port, while SFTOS uses unit/slot/port. For physical identifiers, unit is the stack member number in an S50 stack. For details, see Port Naming Convention on page 26.

• The

• CLI command modes: SFTOS Release 2.3 modifies the command mode tree of SFTOS to be more

• Creating a static route: The SFTOS command

24 | SFTOS Features

aaa authentication command: This FTOS command is available in SFTOS as authentication.

like FTOS, so that their modes are basically equivalent at the base, differing toward the leaves.

next-hop router, while

ip route supports only IP addresses for setting the

ip route in the FTOS also supports physical interfaces. In other words:

— In SFTOS Layer 3, you can only put an IP address as the source and destination:

ip route source-ip-address mask destination-ip-address

— In FTOS, you can have a physical interface as a destination as well as an IP address:

ip route source-ip-address mask {destination interface | ip address}

• Displaying the MAC address table: Both FTOS and SFTOS have the show mac-address-table command, but the SFTOS command provided different results than the FTOS command before SFTOS Release 2.3. The SFTOS syntax still contains the unit/slot/port form cited above, for example,

show mac-addr-table interface 1/0/4.

• Displaying port information: FTOS and SFTOS have different sets of the show interface and show

interfaces commands. SFTOS also has a similar show port command for displaying whether a port is

up or not, as shown in Figure 2-1:

Figure 2-1. Using the show port Command

(Force10 S50) #show port 1/0/2

Admin Physical Physical Link Link LACP

Intf Type Mode Mode Status Status Trap Mode

------ ------ ------- ---------- ---------- ------ ------- ------1/0/2 Enable Auto Down Enable Enable

(Force10 S50) #

• Displaying system information: The FTOS command

show linecard is similar to show version in

SFTOS, which shows basic information, including the running software version and up time. Other similar commands in SFTOS are

show hardware and show sysinfo, and show tech-support provides

the results of a group of those similar commands.

• The

terminal length command: This FTOS command (often shortened to “term len”) was not available

in SFTOS before SFTOS Release 2.3.

• The

service timestamps command: This FTOS command is not available in SFTOS. SFTOS sets

timestamps automatically.

• OSPF area ID: In SFTOS, OSPF only accepts the IP address format for the area ID, not the number within a range.

• File management:

Table 2-1. Switch File Management

FTOS references system file locations as: SFTOS references system file locations as:

flash:// nvram: slot0:// system:

• Management address: SFTOS Release 2.3 modifies the creation of a management address to be more like FTOS, but there are still some differences.

• Setting the size of the logging buffer: The FTOS command

logging buffered has a parameter that

enables you to set the size of the buffer, while SFTOS does not. Both FTOS and SFTOS invoke debug logging with the number 7 as the severity level parameter. For example, the

logging buffered 7.

SFTOS command is

SFTOS Features | 25

• Software naming convention: E-Series software uses this naming convention: FTOS-EF-x.x.x.x Through version 2.3.1.5, the S-Series used a different format that ends with an “.opr” extension.

Starting with SFTOS 2.4.1, SFTOS software image file names have a new naming format that is more descriptive and is consistent with the E-Series software naming convention: "SFTOS-<platform>-<version>-<switching | routing>.bin" for example: SFTOS-S2410-2.4.1.1-switching.bin.

Port Naming Convention

SFTOS supports stacking (one virtual switch made by connecting several switches) with the port naming convention “

www.dell.com | support.dell.com

in the stack, slot 0, port 11. If the port were in unit 2 of the stack, the command should be

0/11.

In more detail, the physical entities that define this convention are as follows:

• Unit—The switch ID in a stack of switches (begins with the number 1, so the ports of a standalone switch are numbered

• Slot—slot numbers for modular entities within the switch. Although S-Series switches have optional port modules that might qualify for a slot number, S-Series switches currently always list the slot number as 0 (listing all physical ports as channel.

• Port—physical interface (port numbers are sequential starting at 1).

unit/slot/port<lucindaRgOb>”. For example, in show interface 1/0/11, 1/0/11 represents unit 1

1/slot/port).

show interface 2/

unit/0/port) unless representing a logical entity, such as a port

Logical interface identifiers are automatically generated by SFTOS. They also use the unit/slot/port convention, but:

• Logical unit numbers are always 0.

• Logical slot numbers are sequential and start with a 1.

• Logical interface numbers (in the third position) are also sequential starting at 1 for each slot.

VLAN routing interfaces and port channels (LAGs) are logical entities. Logical interface identifiers are defined by the system upon creation.

26 | SFTOS Features

Getting Started

This chapter summarizes the following basic tasks:

• Connecting to the Console Port on page 29

• Command Line Interface (CLI) Overview on page 31

• Checking Status on page 32

— Displaying Statistics on page 36 — Viewing the Software Version and Switch Numbers on page 32 — Showing Network Settings on page 34 — Displaying Supported Features and System Up-time on page 34 — Verifying Details about the Switch on page 32

• User Management on page 36

— Creating a User and Password on page 36 — Showing and Removing Created Users on page 37 — Setting SNMP Read/Write Access on page 37 — Setting the Enable Password on page 38

• Enabling Interfaces on page 38

— Enabling Ports on page 38 — Setting the Management IP Address on page 39 — Enabling Telnet to the Switch on page 39 — Configuring an Interface with an IP Address on page 40 — Setting up SNMP Management on page 41

• Creating VLANS on page 41

• Managing Configuration and Software Files on page 43

— Downloading and Uploading Files on page 44 — Downloading a Software Image on page 45 — Installing System Software on page 50 — Managing the Configuration on page 56 — Saving the Startup Configuration to the Network on page 57 — Clearing the Running Configuration on page 57 — Configuring from the Network on page 58 — Restoring the System to the Factory Default Configuration on page 58 — Resetting the Pre-configured System on page 59 — Using Configuration Scripts on page 60 — Creating a Configuration Script on page 60

Getting Started | 27

Setting up a Management Connection to the Switch

You have a choice of methods to manage the switch. You can access the SFTOS command line interface (CLI) through either the console port on the switch or through an out-of-band method such as Telnet or SSH. To use any method other than the console port (VT100 emulation), you must first configure a management IP address on the switch. This chapter includes the procedures that connect you to the console and to set up a management IP address:

• Console connection (VT100 interface): See Connecting to the Console Port on page 29.

• Management IP address: See Setting the Management IP Address on page 39. See also Showing

Network Settings on page 34.

www.dell.com | support.dell.com

After setting up the management IP address, you can use one of the following connection methods:

• Simple Network Management Protocol (SNMP): For details on setting up SNMP, see Setting

SNMP Read/Write Access on page 37 and Setting up SNMP Management on page 71.

Note: The Dell Force10 Management System (FTMS) is a graphical network management software product that provides a global view of your complete Dell Force10 network. FTMS includes Node Manager, which not only provides GUI-based device management, it also includes the ability to execute CLI commands, either individually from Node Manager or by having Node Manager open a Telnet window to the device.

• Telnet: See Enabling Telnet to the Switch on page 39. To use SSH to enable secure access over Telnet, see Enabling SSH on page 142.

Note: You can also use a configuration script to set up the switch. The maximum number of configuration file command lines is 2000. See Using Configuration Scripts on page 60.

28 | Getting Started

Connecting to the Console Port

fn00162s50

To access the console port, follow the procedure below:

Step Task

1 Caution: Install a straight-through RJ-45 copper cable (for example, an Ethernet cable) into the console

port. This is different from many other implementations that require a crossover (rollover) cable. If connecting to a terminal server and using an Ethernet crossover cable, daisychain another crossover cable to effectively get a straight-through cable connection. Many console terminal servers use octopus cables that are crossover cables. As above, connect an additional crossover cable.

Connect the RJ-45/DB-9 adapter that is shipped with the switch to the RJ-45 cable. Note: The console port pinout:

Pin 1 = NC Pin 2 = NC Pin 3 = RXD Pin 4 = GND Pin 5 = GND Pin 6 = TXD Pin 7 = NC Pin 8 = NC

3 4

Connect the adapter to a laptop. Once a connection is established, ensure the following terminal settings (default settings) at both ends: 9600

baud rate, no parity, 8 data bits, 1 stop bit, no flow control (console port only). If you want to change the settings (such as if you want to download software at a higher speed), you must change the serial configuration on both the switch and computer. See the command options in the following step. For more on changing settings, see the hardware guide or the Quick Reference.

Getting Started | 29

Step Task (continued)

Enter Line Config mode by logging in, entering Privileged Exec mode (enable command), Global Config mode (config command), then lineconfig. In Line Config mode, use the serial timeout command to set the console inactivity timeout (0 for no timeout; up to 160 minutes):

Figure 3-2. Using the Line Config Mode and the serial timeout Command

User:admin Password: Force10 >enable Password:

Force10 #configure Force10 (Config)#lineconfig

www.dell.com | support.dell.com

Force10 (Line)#? exit To exit from the mode. serial Configure EIA-232 parameters and inactivity timeout. session-limit Configure the maximum number of outbound telnet sessions allowed. session-timeout Configure the outbound telnet login inactivity timeout. transport Displays the protocol list to use for outgoing connections. Force10 (Line)#serial ? baudrate Set the serial baudrate. timeout Configure the serial port login inactivity timeout.

Force10 (Line)#serial timeout ? <0-160> Enter time in minutes.

Force10 (Line)#serial timeout 0 Force10 (Line)#exit Force10 (Config)#

To display serial (console) port configuration, enter the command show serial:

Figure 3-3. Using the show serial Command

Force10 #show serial

Serial Port Login Timeout (minutes)............ 30

Baud Rate (bps)................................ 9600

Character Size (bits).......................... 8

Flow Control................................... Disable

Stop Bits...................................... 1

Parity......................................... none

For more on setting serial settings, see the hardware guide for your system or the System Management Commands chapter in the SFTOS Command Reference.

The default CLI user, admin, has read/write access, with no password until you create one. For details, see

Creating a User and Password on page 36. There is also one mode-level password. See Setting the Enable Password on page 38.

30 | Getting Started

Command Line Interface (CLI) Overview

The SFTOS Command Line Interface (CLI) is the main way to manage S-Series switches. You can use the CLI through:

• Console port: As described above (Connecting to the Console Port on page 29), the port is the one located at bottom right of the front panel (Use only the console port of the management unit in an S50 stack. The management unit is indicated by the lit LED labeled “PRI” on the top left of the S50 front panel.)

• Telnet (including SSH): You can use any connected and enabled port in the management VLAN (configured with a Management IP address). See Setting the Management IP Address on page 39.

CLI Command Modes

The CLI of SFTOS follows the industry convention of mode-based access to functionality. In other words, you specify through CLI commands which mode you want to access, and then, in that mode, you enter commands that are specific to that mode. For example, if you want to configure a VLAN, you would first enter VLAN mode. For details on using the modes, see Chapter 4, Using the Command Line Interface, in the SFTOS Command Reference.

The main CLI command modes and the default prompts are as follows:

• User Exec: hostname >

Note: The default text for the hostname part of the prompt is “Force10 S50”. You can modify that part of the prompt by using the hostname command. See Setting the Host Name Prompt

on page 70.

• Privileged Exec (also called “enable mode”):

• Global Config (also called “config mode”):

• Interface Config:

hostname (Interface ifnumber)#

hostname #

hostname (Config)#

• Interface VLAN Config (often shortened to “VLAN mode”):

Here is an example of navigating to these modes:

Figure 3-4. Example of Navigating to CLI Modes

Force10 >enable Password: Force10 #configure Force10 (Config)#interface 1/0/5 Force10 (Interface 1/0/5)#exit Force10 (Config)#interface vlan 20 Force10 (conf-if-vl-20)#exit Force10 (Config)#exit Force10 #lineconfig Force10 (Line)#

Note: Note the use of “1/0/5”. For more on the port naming convention, see Port Naming

Convention on page 26.

hostname (conf-if-vl-vlan-id)

Getting Started | 31

Getting Help From the CLI

The following help commands are the same as those found in the E-Series:

• Use “

?” at the prompt to get a list of commands in that mode: “Force10# ?” ?” with a partial command to see what initial command words in that mode begin with that

string: “

“

Force10# i?”

?” after a command or partial command to get a list of commands that start with that word:

Force10# ip ?”

Controlling Pagination

www.dell.com | support.dell.com

Starting in SFTOS Release 2.3, you can use the terminal length command to set how much of the output of a CLI “

terminal length command. For details, see the System Configuration Commands chapter in the SFTOS

show” command to display. Use the show terminal command to display the current setting of the

Command Line Reference.

Checking Status

SFTOS follows the industry convention of using “show” commands to generate status reports through the command interface.

Viewing the Software Version and Switch Numbers

If you are concerned that you might not have the correct software version, you can select from several commands to see the installed code version. The following is an example of using

show switch , which you

can execute in either User Exec or Privileged Exec modes:

Figure 3-5. Using the show switch Command

Force10 #show switch

Management Preconfig Plugged-in Switch Code Switch Status Model ID Model ID Status Version

------ ------------ ------------- ------------- --------------------- -------1 Mgmt Switch SA-01-GE-48T SA-01-GE-48T OK 2.3.1

Force10 #

The Switch column shows the switch ID, which is useful if the switch is in a stack. For example, if the switch ID were 2, the switch’s physical interfaces would be identified as 2/0/

port-number.

Verifying Details about the Switch

The following example is of the show switch unit command for getting more details about the switch:

32 | Getting Started

Figure 3-6. Verifying Details about the Switch

Force10 #show switch

Management Preconfig Plugged-in Switch Code Switch Status Model ID Model ID Status Version

------ ------------ ------------- ------------- --------------------- -------1 Mgmt Switch SA-01-GE-48T SA-01-GE-48T OK 2.3.1

Force10 #show switch 1

Switch............................ 1

Management Status................. Management Switch

Hardware Management Preference.... Unassigned

Admin Management Preference....... 1

Switch Type....................... 0x56950202

Preconfigured Model Identifier.... SA-01-GE-48T

Plugged-in Model Identifier....... SA-01-GE-48T

Switch Status..................... OK

Switch Description................

Expected Code Type................ 0x100b000

Detected Code Version............. 2.3.1

Detected Code in Flash............ 2.3.1

Serial Number..................... DE4000106

Up Time........................... 0 days 10 hrs 11 mins 52 secs

You can also use the show hardware command to display the running code version. See the sample output in the section Downloading a Software Image on page 45.

The

show version command displays more details about the software packages installed, and also the

hardware present on the system. This command provides the details shown by the

show hardware and

show sysinfo commands, along with interface information, the u-boot version number, and the system

image file version. The

show tech-support command is the most lengthy, because it includes the output

from each of these other commands:

• show version

• show logging

• show eventlog

• show port all

• show memory

• show process cpu

• show running-config

Because output from the show tech-support command is so lengthy, Dell Force10 recommends that you set the storage buffer high on your terminal access program, then use the

tech-support non-paged — to collect the full report for off-line analysis.

non-paged option — show

Getting Started | 33

Showing Network Settings

Execute the show interface managementethernet command from either the User Exec or Privileged Exec modes. The resulting display, as shown in the example below, displays all the settings relating to IP-based management connections to the switch. The data includes the management IP address, subnet mask, default gateway, MAC information, etc., as shown below:

Figure 3-7. Using the show network Command to Display Network Settings

Force10 #show interface managementethernet

IP Address..................................... 10.10.1.151

Subnet Mask.................................... 255.255.255.0

Default Gateway................................ 10.10.1.254

Burned In MAC Address.......................... 00:01:E8:D5:A0:39

Locally Administered MAC Address............... 00:00:00:00:00:00

www.dell.com | support.dell.com

MAC Address Type............................... Burned In

Network Configuration Protocol Current......... None

Management VLAN ID............................. 1

Web Mode....................................... Enable

Java Mode...................................... Disable

For details on setting up the management address, see Setting the Management IP Address on page 39. See also Setting up a Management Connection to the Switch on page 28.

Note: SFTOS v. 2.3 replaced the show network command with show interface managementethernet.

Displaying Supported Features and System Up-time

The following is an example of using show version to display all supported features and system up-time:

34 | Getting Started

Figure 3-8. Displaying All Supported Features and System Uptime

Force10 #show version Switch: 1

System Description............................. Force10 S50

Vendor ID...................................... 07

Plant ID....................................... 01

Country Code................................... 04

Date Code...................................... 062005

Serial Number.................................. DE4000126

Part Number.................................... 759-00001-00

Revision....................................... 0A

Catalog Number................................. SA-01-GE-48T

Burned In MAC Address.......................... 0001.E8D5.A151

Software Version............................... 2.2.1

Additional Packages............................ Force10 QOS

Force10 Stacking

10/100 Ethernet/802.3 interface(s)............. 0

Gig Ethernet/802.3 interface(s)................ 2

10Gig Ethernet/802.3 interface(s).............. 0

Virtual Ethernet/802.3 interface(s)............ 0

System Name....................................

System Location................................

System Contact.................................

System Object ID............................... force10

System Up Time................................. 1 days 22 hrs 55 mins 34 secs

MIBs Supported: RFC 1907 - SNMPv2-MIB The MIB module for SNMPv2 entities RFC 2819 - RMON-MIB Remote Network Monitoring Management Information Base FORCE10-REF-MIB Force10 Reference MIB SNMP-COMMUNITY-MIB This MIB module defines objects to help support coexistence between SNMPv1, SNMPv2, and SNMPv3. SNMP-FRAMEWORK-MIB The SNMP Management Architecture MIB SNMP-MPD-MIB The MIB for Message Processing and Dispatching SNMP-NOTIFICATION-MIB The Notification MIB Module SNMP-TARGET-MIB The Target MIB Module SNMP-USER-BASED-SM-MIB The management information definitions for the SNMP User-based Security Model. SNMP-VIEW-BASED-ACM-MIB The management information definitions for the View-based Access Control Model for SNMP.

USM-TARGET-TAG-MIB SNMP Research, Inc. F10OS-POWER-ETHERNET-MIB F10OS Power Ethernet Extensions MIB POWER-ETHERNET-MIB Power Ethernet MIB LAG-MIB The Link Aggregation module for managing IEEE 802.3ad RFC 1213 - RFC1213-MIB Management Information Base for Network Management of TCP/IP-based internets: MIB-II RFC 1493 - BRIDGE-MIB Definitions of Managed Objects for Bridges (dot1d) RFC 2674 - P-BRIDGE-MIB The Bridge MIB Extension module for managing Priority and Multicast Filtering, defined by IEEE 802.1D-1998. RFC 2674 - Q-BRIDGE-MIB The VLAN Bridge MIB module for managing Virtual Bridged Local Area Networks RFC 2737 - ENTITY-MIB Entity MIB (Version 2) RFC 2863 - IF-MIB The Interfaces Group MIB using SMIv2 RFC 3635 - Etherlike-MIB Definitions of Managed Objects for the Ethernet-like Interface Types F10OS-SWITCHING-MIB F10OS Switching - Layer 2 F10OS-INVENTORY-MIB F10OS Unit and Slot configuration. F10OS-PORTSECURITY-PRIVATE-MIB Port Security MIB.

--More-- or (q)uit

Getting Started | 35

Displaying Statistics

Privileged Exec mode commands to display statistics include:

• Switch summary statistics:

— show interface switchport

• Interface summary statistics:

— show interface unit/slot/port

• Switch detailed statistics:

— show interface ethernet switchport

• Interface detailed statistics:

— show interface ethernet unit/slot/port

www.dell.com | support.dell.com

User Management

This section contains the following subsections:

• Creating a User and Password on page 36

• Showing and Removing Created Users on page 37

• Setting the Enable Password on page 38

• Enabling Ports on page 38

• Setting the Management IP Address on page 39

The default CLI user,

User and Password on page 36). The only way to recover from a lost admin password is to reload the

switch using factory defaults. See Restoring the System to the Factory Default Configuration on page 58.

You can also control user access through access control servers, such as TACACS+ and RADIUS and with SSH. See Chapter 9, “Providing User Access Security,” on page 135 for details. The local users you create (up to six, including admin) all have read/write access.

There is one mode-level password — commonly called the “enable” password — that you can configure to allow the user to move from User Exec mode to Privileged Exec mode in the CLI. See Setting the Enable

Password on page 38.

admin, has read/write access, with no password until you create one (see Creating a

Creating a User and Password

The username passwd command creates the username and password in one statement. You can change a password either by reentering the command with the new password or by removing the user with the

username command and reentering the user with a new password.

36 | Getting Started

Figure 3-9. Creating a User and a Password

Force10 (Config)#username w_turner passwd willspwd User login name and password are set.

Force10 (Config)#no username w_turner

Force10 (Config)#username w_turner passwd newpwd User login name and password are set.Password Changed!

Note: SFTOS 2.5.1.3 adds support for the following special characters: , . { } | , in other words, period, comma, open bracket, close bracket, and bar.

Showing and Removing Created Users

An alternative to the no username command shown above is to use the clear pass command to delete all created users. The following example shows the

Figure 3-10. Showing Created Users

Force10 #show users

SNMPv3 SNMPv3 SNMPv3

User Name User Access Mode Access Mode Authentication Encryption

---------- ---------------- ----------- -------------- ---------admin Read/Write Read/Write None None w_turner Read/Write Read Only None None

show users command and the clear pass command:

Force10 #clear pass Are you sure you want to reset all passwords? (y/n)y Passwords Reset!

Setting SNMP Read/Write Access

The command users snmpv3 accessmode username {readonly | readwrite} enables you to set SNMP privileges for specific users. As used above (Showing and Removing Created Users on page 37), the

users command displays the read and write privileges for each defined user:

Force10 (Config)#users snmpv3 accessmode student2 readwrite Force10 #show users

SNMPv3 SNMPv3 SNMPv3 User Name User Access Mode Access Mode Authentication Encryption

---------- ---------------- ----------- -------------- ---------admin Read/Write Read/Write None None student1 Read Only Read Only None None student2 Read Only Read/Write None None

show

Getting Started | 37

Figure 3-11. Creating and Displaying SNMP Access Levels

For details on SNMP, see Setting up SNMP Management on page 71.

Setting the Enable Password

To change the Privileged Exec password (also called the “Enable” password) in SFTOS Version 2.3.1 and above, you do so in Global Config mode. Enter

Figure 3-12. Setting the Enable Password

Force10 #enable passwd

www.dell.com | support.dell.com

Enter new password:******* Confirm new password:******* Password Changed!

Enabling Interfaces

This section covers the enabling of ports, VLANs, and management interfaces (Telnet, SNMP):

enable passwd, press Enter, and enter a new password:

• Enabling Ports on page 38

• Setting the Management IP Address on page 39

• Enabling Telnet to the Switch on page 39

• Configuring an Interface with an IP Address on page 40

• Using the Show IP Interface Command on page 40

• Setting up SNMP Management on page 41

Enabling Ports

When the switch is first installed, all ports are disabled. To enable all ports in Layer 2, enter no shutdown

all in Global Config mode (see Figure 3-13). Alternatively, you can use the no shutdown command in

Interface Config mode (for the selected interface — see Figure 3-14).

Figure 3-13. Enabling Ports Globally

Force10 >enable Force10 #config Force10 (Config)#no shutdown all Force10 (Config)#

38 | Getting Started

Figure 3-14. Enabling an Individual Port

Force10 >enable Force10 #config Force10 (Config)#interface 1/0/22 Force10 (Interface 1/0/22)#no shutdown

For more on setting up ports, see Configuring Interfaces on page 111.

Setting the Management IP Address

On first startup, you have management access only through the console port. If you want to manage the switch through an IP-based access method (Telnet, SSH, SNMP, TFTP, etc.), you must configure a management IP interface, using the following the procedure.

Step Command Syntax Command Mode Purpose

1 show interface managementethernet User Exec or

Privileged Exec

3 4 ip address ipaddr subnetmask

management route default gateway Global Config Set the IP gateway of the management

interface managementethernet Global Config Invoke the (Config-if-ma)# prompt.

(Config-if-ma)# prompt within the Global Config mode

Note: Creating a management IP address is supported by both the Layer 2 (Switching) and Layer 3 (Routing) licenses of SFTOS.

By default, the management address is reachable from all ports on the default VLAN, VLAN 1. One or more ports in that VLAN must be enabled, as described in Enabling Ports, above. To change to another VLAN, see Setting Up the Management VLAN on page 42.

After you enable and connect ports in the management VLAN and configure the management IP address, as described above, you can manage the switch through a variety of means. The following procedures describe enabling Telnet and SNMP, respectively.

Display current management IP configuration.

interface.

Set the IP address and subnet mask of the management interface.

Enabling Telnet to the Switch

Access to the switch through Telnet is disabled by default. If you want to access the switch through an SSH client, you would leave Telnet disabled and set up the SSH connection, as described in Enabling Secure

Management with SSH on page 140.

To enable Telnet access, execute the

ip telnet server enable command.

Getting Started | 39

Configuring an Interface with an IP Address

Note: You must have the optional SFTOS Layer 3 Package installed to configure routing

commands and to set IP addressing an interface. Use the show version command (see

Figure 3-8 on page 35) to determine what software is installed.

To assign an IP address to an interface, use the following commands:

Command Syntax Command Mode Purpose

ip routing Global Config Enables routing for the switch.

www.dell.com | support.dell.com

ip address Interface Config Configures an IP address on an interface. The IP

Force10 #configure Force10 (Config)#ip routing Force10 (Config)#interface 1/0/3 Force10 (Interface 1/0/3)#ip address 50.0.0.2 255.255.255.0 Force10 (Interface 1/0/3)#routing

Note: You must configure ip routing at a global level, AND ‘routing’ at an interface level for you to be able to ping from, and to, the address. Note: To configure the management interface with an IP address, see Setting the Management IP

Address on page 39.

IP configuration takes precedence over VLAN configuration on a port. Therefore, configuring an IP Address and ‘routing’ on an interface disables participation in VLANs on that interface.

Using the Show IP Interface Command

Use the show ip interface command to display information about a particular IP interface:

address may be a secondary IP address.

Figure 3-15. Using the show ip interface Command

Force10 #show ip interface 1/0/3

IP Address..................................... 50.0.0.2

Subnet Mask.................................... 255.255.255.0

Routing Mode................................... Enable

Administrative Mode............................ Enable

Forward Net Directed Broadcasts................ Disable

Active State................................... Active

Link Speed Data Rate........................... 1000 Full

MAC Address.................................... 00:03:E8:0D:20:01

Encapsulation Type............................. Ethernet

IP Mtu......................................... 1500

Force10 #

40 | Getting Started

Use the show ip interface brief command to display a smaller set of information about all IP interfaces.

Figure 3-16. Using the show ip interface brief Command

Force10 #show ip interface brief

Netdir Multi Interface IP Address IP Mask Bcast CastFwd

--------- --------------- --------------- -------- -------1/0/3 50.0.0.2 255.255.255.0 Disable Disable 1/0/4 66.1.1.1 255.255.255.0 Disable Disable

Force10 #

Setting up SNMP Management

To use an SNMP-based network management tool, you must enable a management IP address for the switch, as described above (see Setting the Management IP Address on page 39) and have the switch join an SNMP community (see Setting up SNMP Management on page 71 in the Management chapter). Most SNMP traps are enabled by default. For details, see Managing SNMP Traps on page 73 in the Management chapter.

Creating VLANS

This section contains these subsections:

• Important Points to Remember — VLANs

• Setting Up the Management VLAN

• Creating a VLAN on page 42

• Enabling Spanning Tree Protocol on page 42

Important Points to Remember — VLANs

• The default management VLAN is VLAN 1 by default.

• By default, ALL ports are members of VLAN 1 untagged.

• A physical interface can be tagged for zero or more VLANs.

• A physical interface can be untagged in one and only one VLAN.

• Each interface must have a single native VLAN (tagged or untagged) at all times.

• It is possible to set the management VLAN to a VLAN that does not exist.

• If you cannot reach anything from the management address, check the management VLAN using

interface managementethernet or show running-config.

show

For details on setting up VLANs, see the chapter VLANs on page 207. If routing is enabled with the Layer 3 package of SFTOS, see also VLAN Routing on page 262 in the Routing chapter.

Getting Started | 41

Setting Up the Management VLAN

As described in Setting the Management IP Address on page 39, when you set up a management IP address, you can manage the switch through an IP-based access method (SNMP, Telnet, etc.); any enabled port in the management VLAN is available for the IP-based access.

By default, the management VLAN is set up on the default VLAN 1, which, on first startup, includes every port (although, by default, all ports are shut down until you enable them—see Enabling Ports on page 38.)

To set up a different VLAN to be the management VLAN, see Creating a VLAN, next, and then see

Changing the Management VLAN from the Default on page 68 in the Management chapter.

www.dell.com | support.dell.com

Creating a VLAN

Note: As noted in Enabling Ports on page 38, all ports are disabled by default. Enable them

with no shutdown all (Global Config mode), or individually with the no shutdown command on each port.

Here is an example of using the CLI to create a VLAN (55) and add interfaces to it:

Figure 3-17. Using the CLI to Configure a VLAN

Force10 (Config)#interface vlan 55 Force10 (Conf-if-vl-55)#tagged 1/0/5 Force10 (Conf-if-vl-55)#untagged 1/0/6

Note: If you need to assign many ports to the VLAN, you might use the Interface Range mode.

The tagged 1/0/5 command in Figure 3-17 not only assigns the port to VLAN 55, it also sets the Port VLAN ID (PVID) to 55, causing untagged frames transmitted by this port to be tagged as part of traffic for VLAN 55.

Enabling Spanning Tree Protocol

Spanning Tree Protocol (STP) is off by default. Enable STP globally, and then enable STP on the desired ports. Using the CLI, you can enable spanning tree globally, and on all the ports with just two commands —

spanning-tree and spanning-tree port mode enable all:

42 | Getting Started

Figure 3-18. Example of Entering STP Commands in CLI

Force10 #configure Force10 (Config)#spanning-tree Force10 (Config)#spanning-tree port mode enable all Force10 (Config)#exit Force10 #show spanning-tree summary

Spanning Tree Adminmode........... Enabled

Spanning Tree Version............. IEEE 802.1s

Configuration Name................ 00-01-E8-D5-A0-F7

Configuration Revision Level...... 0

Configuration Digest Key..........

0xac36177f50283cd4b83821d8ab26de62

Configuration Format Selector..... 0

No MST instances to display.

Force10 #show spanning-tree interface 1/0/1

Hello Time..................................... 0

Port Mode...................................... Enabled

Port Up Time Since Counters Last Cleared....... 0 day 0 hr 19 min 38 sec

STP BPDUs Transmitted.......................... 2

STP BPDUs Received............................. 593

RSTP BPDUs Transmitted......................... 0

RSTP BPDUs Received............................ 0

For more on Spanning Tree Protocol, see the chapter Spanning Tree on page 145 and the Spanning Tree (STP) Commands chapter in the

SFTOS Command Reference.

Managing Configuration and Software Files

This section contains the following major subsections, in this order:

• Important Points to Remember — Files on page 44

• Downloading and Uploading Files on page 44

• Downloading a Software Image on page 45

• Installing System Software on page 50

• Managing the Configuration on page 56

• Using Configuration Scripts on page 60

The S-Series switch contains several discrete system management files, including a startup configuration file (“startup-config”), a running-config file, SFTOS, and a system software file (“boot code”). There are various reasons why you might want to replace one or the other. For example, for the configuration file, if you lose your password, you will need to replace the running configuration with the factory default. If you back up the startup-config file, you can copy that file to the rebooted switch to be used as the configuration on the next reload.

Regarding the SFTOS software (“software image”), if you move an S50 into a stack, that S50 must run the same software version as the other members of the stack. This section details procedures that pertain to those file management activities.

Getting Started | 43

Important Points to Remember — Files

• Beginning with SFTOS Version 2.3, when you save the running-config to the startup-config file, the startup-config is converted to text, if it is not already. Upgrading the software to Version 2.3 or above automatically invokes a conversion of the binary configuration file to text. The conversion also includes updating configuration statements to statements that conform to the current version.

• While you cannot cut and paste the configuration file, you can cut and paste output from the

running-config (show run) command into a text file, and paste it in through Telnet or console.

For a sample of the output, see the Guide, or see Displaying VLAN Information on page 233

Downloading and Uploading Files

www.dell.com | support.dell.com

Use the copy command (in Privileged Exec mode) to download or upload various files using TFTP or Xmodem. The following files can be uploaded from the switch:

• CLI banner (

• Event log (

the Persistent Event Log on page 105.

• System log ( see Displaying the System Log on page 103.

• configuration script (

• startup configuration file (nvram:startup-config)

• trap log (

copy nvram:clibanner)

nvram:errorlog): This log is also called the persistent log. For details on the log, see Using

nvram:log): This log is also called the buffered log or message log. For details on the log,

nvram:traplog): For details on the log, see Displaying the SNMP Trap Log on page 106.

show

show running-config command in the SFTOS Command Reference

in this guide.

nvram:script scriptname)

When using TFTP, the following example command shows the format for uploading from the switch. Enter:

copy nvram:startup-config tftp://tftp_server_ip_address/path/filename

In place of tftp_server_ip_address, specify a URL for the TFTP destination. An example of path/filename is s50/clibanner.txt. See also Managing the Configuration on page 56.

If you use Xmodem instead, the syntax is

xmodem:path/filename .

Using TFTP, the following commands download files to the switch:

copy tftp://tftp_server_ip_address/path/filename nvram:startup-config copy tftp://tftp_server_ip_address/path/filename system:image (previous to SFTOS 2.5.1) copy tftp://tftp_server_ip_address/path/filename {image1 | image2} (starting with SFTOS 2.5.1)

(For details on downloading SFTOS, see

copy tftp://tftp_server_ip_address/path/filename nvram:script copy tftp://tftp_server_ip_address/path/filename nvram:sslpem-root copy tftp://tftp_server_ip_address/path/filename nvram:sslpem-server copy tftp://tftp_server_ip_address/path/filename nvram:sslpem-dhweak copy tftp://tftp_server_ip_address/path/filename nvram:sslpem-dhstrong copy tftp://tftp_server_ip_address/path/filename nvram:sshkey-rsa1 copy tftp://tftp_server_ip_address/path/filename nvram:sshkey-rsa2 copy tftp://tftp_server_ip_address/path/filename nvram:sshkey-dsa copy tftp://tftp_server_ip_address/path/filename nvram:clibanner

Installing System Software on page 50.)

For example: #copy tftp://192.168.0.10/dsa.key nvram:sshkey-dsa

44 | Getting Started

For information on the SSL and SSH files listed above, see the Secure Communications folder on the S-Series Documentation and Software CD-ROM.

Points to Remember when Transferring Files

Points to remember when downloading software code or configuration files include:

• Code:

— In SFTOS 2.5.1.x , a download of SFTOS overwrites SFTOS code in the designated

section of flash memory, denoted by the and image2.

• Configuration:

— Configuration is stored in NVRAM. — Active configuration is distinct from the stored configuration. — Changes to active configuration are not retained across resets unless explicitly saved. — A download replaces the stored configuration. — A download is stopped if a configuration error is found.

• Upload code, configuration, or logs.

• File transfer uses Xmodem or TFTP depending on platform.

• Specify the following TFTP server information.

— IP address — File path (up to 31 characters) — File name (up to 31 characters)

• Progress of the TFTP transfer is displayed.

• Use

dir nvram (Privileged Exec mode) to display the files stored in NVRAM.

copy command with the location names image1

Downloading a Software Image

After you have set up the hardware, determine if you need a software upgrade. An S-Series switch is shipped with the base Layer 2 software installed, but you might need to install either a more recent image or the optional, extended Layer 3 image.

Note: For the migration to SFTOS Version 2.3 and above from versions below 2.3, see the Release Notes that accompanies the software release, because a software upgrade includes an automatic conversion of the binary configuration file to text. Note: SFTOS Version 2.5.1 introduces support for dual software image management on the switch, so that you can download a new image and keep it on the system without installing it until you are ready. You can also keep the previous image on the system if you need to revert to it.

Execute one of the “show” commands, such as the currently running software version:

show hardware, show switch, or show version, that display

Getting Started | 45

Figure 3-19. Displaying the Current Software Version

Force10 #show hardware

Switch: 1

System Description............................. Force10 S50

Vendor ID...................................... 07

Plant ID....................................... 01

Country Code................................... 04

Date Code......................................

Serial Number.................................. 114

Part Number....................................

Revision.......................................

Catalog Number................................. SA-01-GE-48T

Burned In MAC Address.......................... 00:D0:95:B7:CD:2E

www.dell.com | support.dell.com

Software Version............................... F.2.2.1.6

Additional Packages............................ Force10 QOS

Force10 Stacking

There are two options for downloading a new software image to the switch:

• Method 1—Xmodem: A slower but simpler way to retrieve the software image is to use Xmodem. See Using Xmodem to Download Software on page 46

• Method 2—TFTP: Download the image from a TFTP server, detailed below in Using TFTP to

Download Software on page 47.

Both the TFTP and Xmodem procedures download the image to the switch with the image filename unchanged.

If the copy process is incomplete or the copied file is corrupt, you can revert to the previous OS version, if it was intact and working. If corruption is detected in the new image before it downloads the current image into flash memory, the original image remains intact in flash. CRC fails once the image is downloaded into memory or a packet's checksum fails during download.

If the image gets corrupted in flash, the only recourse before SFTOS v. 2.5.1 was to download a new image using Xmodem, described next. After you install v. 2.5.1, which has support for on-board storage of two SFTOS images, it is easier to revert to the previous image.

Using Xmodem to Download Software

An alternative to using TFTP to upgrade the software image is to use the Xmodem protocol at the console port. You can use the

1. From Privileged Exec mode, enter the command

2. You then have 2 seconds to select option 2, as shown below in Figure 3-20 on page 47.

3. Then, from the boot menu, select 4 to choose the “XMODEM” option.

copy xmodem command or the reload command, as used here:

reload.

46 | Getting Started

Or, typically, before starting the download, users want to increase the transfer rate to the maximum. So, instead of immediately selecting 4, you would select option 2, which accesses a menu that enables you to change the baud rate to 115200. Typically, you would then also need to modify your terminal software settings to 115200. After changing the terminal session rate to 1152000, and the connection is re-established, for example in Hyperterminal, press the ‘?’ key to refresh to the Boot Menu text.

Figure 3-20. Example of Launching the Boot Menu to select a Code Download through Xmodem

Force10 #reload Management switch has unsaved changes. Would you like to save them now? (y/n) n

Configuration Not Saved! Are you sure you want to reload the stack? (y/n) y

Reloading all switches. Force10 Boot Code... Version 01.00.26 06/03/2005

Select an option. If no selection in 2 seconds then operational code will start.

1 - Start operational code. 2 - Start Boot Menu. Select (1, 2):2 Boot Menu Version 30 Aug 2006 Options available 1 - Start operational code 2 - Change baud rate 3 - Retrieve event log using XMODEM (64KB).

4 - Load new operational code using XMODEM

5 - Display operational code vital product data 6 - Run flash diagnostics 7 - Update boot code 8 - Delete operational code 9 - Reset the system 10 - Restore Configuration to factory defaults (delete config files) 11 - Activate Backup Image [Boot Menu] 4

“Activate Backup Image” new in v.2.5.1

4. After selecting option 4 for an Xmodem software transfer, use the transfer sub-menu to browse the file system for the desired software image.

5. After the transfer is complete, you can verify the current software image and save the running configuration (recommended), as described in the TFTP procedure (Using TFTP to Download

Software on page 47). When you are ready to install the software, see Installing System Software on page 50.

Using TFTP to Download Software

1. Using the CLI, gain access to the switch by logging in and issuing the enable command:

Getting Started | 47

Figure 3-21. Logging In and Using the enable Command

Force10 User:admin Password:

NOTE: Enter '?' for Command Help. Command help displays all options that are valid for the 'normal' and 'no' command forms. For the syntax of a particular command form, please consult the documentation.

Force10 >enable Password:

2. Set the management IP address, subnet mask, and gateway address, as described in Setting the

Management IP Address on page 39.

www.dell.com | support.dell.com

3. Make sure that you have a port enabled in the management VLAN. See Enabling Ports on page 38.

4. Ping the gateway to ensure access to the server from which to download the software image.

Figure 3-22. Using the ping Command

Force10 #ping 10.10.1.254

Send count=3, Receive count=3 from 10.16.1.254

5. Ping the TFTP server from which you wish to download the software image:

Force10 #ping 10.16.1.56

Send count=3, Receive count=3 from 10.16.1.56

6. Download the software image by using the

Figure 3-23. Downloading New Software

Address of TFTP server

copy command:

The file name extension is either .opr or .bin, depending on the release.

Before v.2.5.1, the syntax for downloading an image was “system:image”.

Force10 #copy tftp://10.16.1.56/f10r1v1m6.opr image1

Mode........................................... TFTP

Set TFTP Server IP............................. 10.16.1.56

TFTP Path...................................... ./

TFTP Filename.................................. f10r1v1m6.opr

Data Type...................................... Code

Are you sure you want to start? (y/n) y TFTP code transfer starting TFTP receive complete... storing in Flash File System...

File transfer operation completed successfully.

Force10 #

48 | Getting Started

With all versions of SFTOS, using the copy command to download SFTOS software to the management switch automatically propagates that software to all stack members. You also have the option of using the following version of the

copy {image1 | image2} unit://unit/{image1 | image2}

copy command to copy an image from the management unit to a stack member:

For details on managing software in a stack of switches, see Upgrading Software in a Stack on page 94 in the Stacking chapter.

Saving the Running Configuration

After downloading new SFTOS software, and before installing it, consider the effect on your network configuration. If you have no interest in preserving the configuration, you can go ahead with the installation. See Installing System Software on page 50.

However, in most cases, you will want to save the current running configuration. The first step is to save it to NVRAM, which overwrites the startup configuration

The easy way to do that is to enter, in Privileged Exec mode, the write command (no parameters; the

command defaults to

write memory.)

An alternative is to use the

Note: You can only save the running config to NVRAM (the running configuration cannot be directly saved to the network).

Figure 3-24. Saving the Current Running Configuration to NVRAM

Force10 #copy system:running-config nvram:startup-config

This operation may take a few minutes. Management interfaces will not be available during this time.

Are you sure you want to save? (y/n) y

Configuration Saved!

copy command shown in Figure 3-24.

In some cases, you must (or might want to) restore the configuration to factory defaults. This is typically recommended for upgrading from the Layer 2 Package to the Layer 3 Package, and is required when converting from the Layer 3 Package to the Layer 2 Package. See Restoring the System to the Factory

Default Configuration on page 58. For more on managing configuration files, see Managing the Configuration on page 56.

After overwriting the startup configuration file with the running config, the second step in backing up the configuration is to save the startup configuration file to the network. See Saving the Startup Configuration

to the Network on page 57.

Getting Started | 49

Installing System Software

After downloading a new software image (see Downloading a Software Image on page 45) and backing up the configuration (see Saving the Running Configuration on page 49), you are ready to install the new software. Execute the

on page 53.

Managing SFTOS Software with SFTOS Version 2.5.1

SFTOS v. 2.5.1 adds the Dual Image Management feature. It enables you to keep two SFTOS images on each stack member. Benefits include being able to revert easily to the previous SFTOS image if you discover that a newly installed image is problematic. It also enables you to defer installing the newly

www.dell.com | support.dell.com

downloaded image through one or more reboots.

The

copy command, when used to download a new SFTOS software image, propagates the software to all

units in the stack. In addition, the selected stack member, typically a new member that does not yet have the software version that is set to be installed in the next reboot. For details, see Copying SFTOS Software to a Member Switch on page 95 in the Stacking chapter.

The

reload [unit] command now provides selective rebooting of stack members. Combined with the ability

in SFTOS 2.5.1 to select which software image is invoked in a reboot, you have various options in choosing which software is launched in specific stack members. For example, you might choose to reboot a particular member without installing the new code copied to it.

reload command, as shown in Using the reload command to upgrade to SFTOS 2.5.1

copy command provides an option to manually copy an image to a

50 | Getting Started

SFTOS Version 2.5.1 provides several new or revised software management commands:

Command Syntax Command Mode Usage

boot system image2}

copy tftp://tftp_server_ip_address/

path/filename {

copy {image1 | image2} unit://

unit/{image1 | image2}

delete filedescr [unit] {image1 |

image2} text-description

reload [unit]

show bootvar [unit]

[unit] {image1 |

image1 | image2}

[unit] {image1 | image2}

Privileged Exec Activate a particular image on the target system (“activate”,

here, means to identify, to the system, the software to install on the next reboot).

Privileged Exec The system image download command revised for SFTOS

2.5.1. (Previous to 2.5.1, the command was copy tftp://

tftp_server_ip_address/path/filename system:image.)

Privileged Exec Copy a selected software image from the management

switch to selected switches.

Privileged Exec Delete a specified software image. Privileged Exec

Privileged Exec Reboots the selected stack member. When unit is not

Privileged Exec Display version information and activation status for the

Adds a name to the image associated with “image1” or

“

image2”. The name shows up as the SNMP trap receiver

name and in the output of the show bootvar command. The maximum length is 16 case-sensitive alphanumeric characters, with no spaces.

specified, all stack members are rebooted.

current active and backup images on the specified stack member. If you do not specify a unit number, the command displays image details for all nodes on the stack.

update bootcode [unit]

Note: The following parameter definitions apply to the commands provided by the Dual Image Management feature:

• unit — the stack member number; only used for stacks. Not specifying a number causes all stack members to be affected by the command.

• image1 and image2 — the two possible stored software images. Use the copy command to set the association between a particular SFTOS file and the keywords image1 or image2.

The syntax statements for the commands in the Dual Image Management feature are in the System Configuration chapter of the SFTOS Command Reference.

Note that the association of a particular SFTOS file name with either “ command, above, sets the association that is used by all other commands that use the keywords.

For example, if the currently running software image is associated with new image as

Privileged Exec Update the bootcode (boot loader) on the designated switch.

(The bootcode is read from the active image for subsequent reboots).

image1” or “image2” in the copy

image1 and image2

image1, then you then download a

image1, a reload that boots image1 will boot that new image.

Getting Started | 51

The Boot Menu is also revised in SFTOS v. 2.5.1 to allow the user to select either image from the boot menu (or also to download a replacement image). This choice is available in two cases:

• If the user interrupts the boot sequence

• If the boot sequence fails to launch either saved software image. This can happen if the images become corrupted (if the CRC check fails on the image).

When you are first installing SFTOS 2.5.1, you use the standard

on page 45), configuration backup (see Saving the Running Configuration on page 49), and

commands (see Figure 3-25) that are common to all previous SFTOS versions. Note that the installation of v. 2.5.1 incurs a pause of several minutes while the switch reformats its flash to accommodate the Dual Image Management feature.

www.dell.com | support.dell.com

copy (see Downloading a Software Image

reload

52 | Getting Started

The example in Figure 3-25 shows the boot messages when loading the switch (all switches in the stack are reloaded if a stack exists) with SFTOS 2.5.1:

Figure 3-25. Using the reload command to upgrade to SFTOS 2.5.1

Force10 #reload Are you sure you want to reload the stack? (y/n) y

Reloading all switches.

Force10 Boot Code...

tffsDevCreate failed.

Storing configuration files Storing Code base usrTffsConfig returned 0xffffffff, formatting... Calling FORMAT ROUTINE

Format routine returned with status 0x0 Recover configuration files CPU Card ID: 0x508245 dimInitialize returned 3 adding the default image - code.bin to the list dimImageAdd returned -3 Boot Menu Version: 30 Aug 2006 Version 02.01.42 08/30/2006

Select an option. If no selection in 2 seconds then operational code will start.

Pause of up to several minutes

Shorter pause

1 - Start operational code. 2 - Start Boot Menu. Select (1, 2):

Operational Code Date: Mon Oct 16 05:17:13 2006

Uncompressing.....

50% 100% ||||||||||||||||||||||||||||||||||||||||||||||||||| Attaching interface lo0...done

Adding 40747 symbols for standalone. PCI device attached as unit 0. PCI device attached as unit 1. PCI device attached as unit 2. PCI device attached as unit 3. PCI device attached as unit 4. PCI device attached as unit 5. PCI device attached as unit 6. Configuring CPUTRANS TX Configuring CPUTRANS RX MonitorTask - Active ConsoleDebugger - Disabled

(Unit 1)>STACK: master on 0:1:e8:d5:a0:57 (1 cpu, 7 units) STACK: attach 7 units on 1 cpu This switch is manager of the stack.

User:

Saved Configuration being applied...Please Wait....

Configuration applied successfully.

Getting Started | 53

After installing SFTOS 2.5.1 on the management switch and the stack, as described above, use the following procedure for subsequent upgrades:

Step Command Syntax

Command Mode Purpose

show bootvar [unit]

2 copy {image1 | image2} unit://

unit/{image1 | image2}

www.dell.com | support.dell.com

3 boot system [unit] {image1 |

image2}

write Privileged Exec (OPTIONAL) Overwrite the startup configuration file

copy nvram:startup-config tftp:/ /tftp_server_ip_address/path/

filename

6 reload [unit]

Privileged Exec (OPTIONAL) Display SFTOS version information and

activation status on the specified stack member. If you do not specify a unit number, the command displays image details for all nodes on the stack.

Privileged Exec (OPTIONAL) Copy a selected software image from the

management switch to selected stack members. For details on managing software in a stack of switches, see

Upgrading Software in a Stack on page 94in the

Stacking chapter.

Privileged Exec

Privileged Exec (OPTIONAL) Copy the startup configuration file to

Privileged Exec Install the designated SFTOS software image (see Step

Identify the image (image1 or image2) to install during the next reboot, on all stack members or only on the selected unit.

with the running-config.

network storage.

3) on all switches in the stack or on the selected unit. See Figure 3-26 on page 55.

Caution: If you are converting from a Routing image

to a Switching image, you must interrupt the reboot to revert the switch to factory defaults. See Restoring the

System to the Factory Default Configuration on page 58.

54 | Getting Started

Figure 3-26. Example of Launching the Boot Menu to select the Backup Image

Force10 #reload Management switch has unsaved changes. Would you like to save them now? (y/n) n

Configuration Not Saved! Are you sure you want to reload the stack? (y/n) y

Reloading all switches. Force10 Boot Code... Version 01.00.26 06/03/2005

Select an option. If no selection in 2 seconds then operational code will start.

4 - Load new operational code using XMODEM

Note the“Activate Backup Image” new in v.2.5.1

Getting Started | 55

When converting from a Routing image to a Switching image, you must interrupt the reboot to revert the switch to factory defaults, as shown in Figure 3-27:

Figure 3-27. Restoring Factory Defaults when Converting from Routing to Switching Image

Force10 #reload Management switch has unsaved changes.

Would you like to save them now? (y/n) y Configuration Saved! Are you sure you want to reload the stack? (y/n) y

Reloading all switches.

Force10 Boot Code...Version 01.00.26 06/03/2005

Select an option. If no selection in 2 seconds then operational code will start.

www.dell.com | support.dell.com

1 - Start operational code. 2 - Start Boot Menu. Select (1, 2):2

Boot Menu Version 01.00.27 11/18/2005

Options available 1 - Start operational code 2 - Change baud rate 3 - Retrieve event log using XMODEM (64KB). 4 - Load new operational code using XMODEM 5 - Display operational code vital product data 6 - Update Boot Code 7 - Delete operational code

8 - Reset the system 9 - Restore Configuration to factory defaults (delete config files)

Select 2 and press Enter within 2 seconds to invoke the Boot Menu.

[Boot Menu] 9 [Boot Menu] [Boot Menu] [Boot Menu] 8

Select 9 and press Enter.

Select 8 and press Enter.

Managing the Configuration

This section contains the following major subsections, in this order:

• Clearing the Running Configuration on page 57

• Saving the Startup Configuration to the Network on page 57

• Configuring from the Network on page 58

• Restoring the System to the Factory Default Configuration on page 58

• Resetting the Pre-configured System on page 59

56 | Getting Started

When the switch is booted, its configuration is managed by the startup configuration (“startup-config”) file that is stored in non-volatile memory (NVRAM). As you make configuration changes, those changes are stored in volatile system memory as the “running config” until you copy them to the startup-config. The quickest way to do that is to use the You can also use the command

write memory command (executed from the Privileged Exec mode).

copy system:running-config nvram:startup-config. For more detail, see

Saving the Running Configuration on page 49.

Beginning with SFTOS Version 2.3, making changes to the startup-config file causes that file to be stored as a text file. A major benefit of that text file, in addition to faster reboots, is that you can edit the file after you copy it to a TFTP server. You can then download the edited file to any switch to use as the startup-config file.

Caution: Beginning with Version 2.3, the following commands must be present and occur in the same

relative locations in the startup-config file as if they had been automatically generated. Failure to do so will result in unpredictable behavior:

interface vlan vlan id

vlan configuration commands

exit configure

stack member commands (for example

exit

member unit switchindex)

Clearing the Running Configuration

When downloading the startup-config file to the system from a TFTP server, the file will not take effect as the startup configuration of the switch until a reboot ( of using the

clear config command, followed by the script apply startup-config command to use the newly

reload) is performed. However, you have the option

downloaded startup-config without rebooting the switch. For details in this chapter on using script commands, see Using Configuration Scripts on page 60.

The following example shows the

Figure 3-28. Clearing the Running Configuration

Force10 #clear config Are you sure you want to clear the configuration? (y/n)y Clearing configuration. Please wait for login prompt. Force10 # (Unit 1)>

clear config command for clearing the running-config from memory:

Saving the Startup Configuration to the Network

The following is an example of how to save the startup configuration to a TFTP site on the network.

Getting Started | 57

Figure 3-29. Using the copy nvram:startup-config Command

Force10 #copy nvram:startup-config tftp://10.16.1.56/s50_1

Mode........................................... TFTP

Set TFTP Server IP............................. 10.16.1.56

TFTP Path...................................... ./

TFTP Filename.................................. s50_1

Data Type...................................... Config File

Are you sure you want to start? (y/n) y

File transfer operation completed successfully.

www.dell.com | support.dell.com

Configuring from the Network

The following example is of installing a configuration file from the network. Starting with SFTOS v. 2.3, you can save a startup-config file as a text file to a server, edit it, and then download it to any switch.

Figure 3-30. Using the copy tftp Command to Download Startup-Config

Force10 #copy tftp://10.16.1.56/s50_1 nvram:startup-config

Mode........................................... TFTP

Set TFTP Server IP............................. 10.16.1.56

TFTP Path...................................... ./

TFTP Filename.................................. s50_1

Data Type...................................... Config

Download configuration file. Current configuration will be cleared.

Are you sure you want to start? (y/n) y TFTP config transfer starting

TFTP download operation completed successfully.

Force10 # (Unit 1)> User:

You are now logged off

Restoring the System to the Factory Default Configuration

As discussed above in Clearing the Running Configuration on page 57, you can replace the running-config with the startup-config without rebooting the switch. However, if you have lost your CLI password, you might not be able to issue the necessary commands. In that case, you have the option of rebooting the switch with the factory default startup-config (recommended by TAC when upgrading from the Layer 2 Package to the Layer 3 Package, and required when converting from the Layer 3 to the Layer 2 image). To do so, use the following procedure:

1. If you have access to the CLI, use the to power-cycle the switch.

2. When the system reboots, select 2 within two seconds to invoke the Boot Menu, as shown in

Figure 3-31.

58 | Getting Started

reload command. Otherwise, remove and reinsert the power cord

3. Select 10 to restore the configuration to factory defaults (deletes the configuration file).

Note: Resetting to factory defaults is more powerful than executing the clear config command, because it resets all internal values.

4. Select option 9 to reload/boot the switch.

Figure 3-31. Restoring the Configuration to Factory Defaults

Force10 Boot Code... Version 01.00.27 11/18/2005

Select an option. If no selection in 2 seconds then operational code will start.

1 - Start operational code. 2 - Start Boot Menu. Select (1, 2):2

Boot Menu Version: 30 Aug 2006 Options available 1 - Start operational code 2 - Change baud rate 3 - Retrieve event log using XMODEM 4 - Load new operational code using XMODEM 5 - Display operational code vital product data 6 - Run flash diagnostics 7 - Update boot code 8 - Delete operational code 9 - Reset the system

10 - Restore configuration to factory defaults (delete config files)

11 - Activate Backup Image [Boot Menu]

If you have previously backed up the running-config, you can download and reapply it. See Downloading

and Uploading Files on page 44 or Configuring from the Network on page 58.

Resetting the Pre-configured System

If you are bringing up a system that had been previously configured in a stack, you must ensure the system is set to the correct unit number if installing into a new stack. If the system is not reconfigured to the correct unit number, it will come up as the switch number from the previous stack. For details, see

Chapter 5, Stacking S-Series Switches. To ensure that the unit comes up with the correct unit number in the

new stack, use the

Command Syntax

switch oldunit renumber newunit

switch renumber command to change the unit number:

Command Mode Purpose

Global Config This command changes the switch identifier for a switch in the stack. The

oldunit is the current switch identifier on the switch whose identifier is to be changed. The newunit is the updated value of the switch identifier.

Getting Started | 59

Using Configuration Scripts

This section contains:

• Creating a Configuration Script on page 60

• Viewing a Configuration Script File on page 60

• Uploading a Configuration Script to a TFTP Server on page 61

• Deleting a Script on page 61

• Downloading a Configuration Script from a TFTP Server on page 62

• Applying a Configuration Script on page 63

• Listing Configuration Scripts on page 64

www.dell.com | support.dell.com

Configuration scripts are ‘flat’ configuration files stored in the NVRAM. Their file names are appended with the “.scr” extension.

The configuration scripts are editable text files that can be uploaded and downloaded to and from the switch and a TFTP server.

See the Configuration Scripting section in the System Configuration chapter of the SFTOS Command Reference for details on all scripting commands.

Creating a Configuration Script

One way to create a “config script” is to use a variation of the show running-config command:

Command Syntax Command Mode Purpose

show running-config <scriptname>.scr

Force10 #show running-config test.scr

Config script created successfully.

Privileged Exec Create a configuration script by specific name.

Viewing a Configuration Script File

To view the config script, use the script show scriptname.scr command.

60 | Getting Started

Note: Starting with Release 2.3, you can use show running-config startup-config to achieve the

same effect as you can with show running-config <scriptname>.scr. The resulting startup-config is a text file that you can save to a server and download to any switch.

Command Syntax Command Mode Purpose

script show scriptname.scr Privileged Exec To view a configuration script by specific name.

Figure 3-32. Using the script show Command

Force10 #script show test.scr

1 : !Current Configuration: 2 : ! 3 : hostname "Force10" 4 : network parms 10.10.1.33 255.255.255.0 10.10.1.254 5 : interface vlan 11 6 : !System Description "Force10 S50" 10 : !System Description F.5.6.2 ...

Uploading a Configuration Script to a TFTP Server

To upload a “config script” to a TFTP server, use the copy command.

Command Syntax Command Mode Purpose

copy nvram:script

x.x.x.x/scriptname.scr

scriptname.scr tftp://

Privileged Exec Copies the config script from the NVRAM to a TFTP

server.

Figure 3-33. Using the copy nvram:script Command

Force10 #copy nvram:script test.scr tftp://10.16.1.56/test.scr

Mode........................................... TFTP

Set TFTP Server IP............................. 10.16.1.56

TFTP Path......................................

TFTP Filename.................................. test.scr

Data Type...................................... Config Script

Source Filename................................ test.scr

Are you sure you want to start? (y/n) y

File transfer operation completed successfully.

Deleting a Script

To delete a “config script”, use the script delete command.

Command Syntax Command Mode Purpose

script delete <scriptname.scr> Privileged Exec Deletes the named script from the switch memory.

Getting Started | 61

Force10 #script delete test.scr

Are you sure you want to delete the configuration script(s)? (y/n)y

1 configuration script(s) deleted.

Downloading a Configuration Script from a TFTP Server

To download a “config script”, use the copy command, as in the following.

www.dell.com | support.dell.com

Command Syntax Command Mode Purpose

copy tftp://x.x.x.x/scriptname.scr nvram:script scriptname.scr

Figure 3-34. Using the copy tftp Command for a Script

Force10 #copy tftp://10.16.1.56/test.scr nvram:script test.scr

Mode........................................... TFTP

Set TFTP Server IP............................. 10.16.1.56

TFTP Path......................................

TFTP Filename.................................. test.scr

Data Type...................................... Config Script

Destination Filename........................... test.scr

Are you sure you want to start? (y/n) y Validating configuration script...

hostname "Force10"

interface managementethernet ip address 10.10.1.33 255.255.255.0 exit management route default 10.10.1.254

interface vlan 11 <output deleted>

Privileged Exec Downloads the named script from the TFTP server

identified by the URL.

Troubleshooting a Downloaded Script

While attempting to download a config script, the system validates the downloaded file. If the validation fails an error message like the following will appear:

62 | Getting Started

Figure 3-35. Example of a Script Validation Error Message

Configuration script validation failed. Following lines in the script may have problem: Line 29:: permit 01:80:c2:00:00:00 any assign-queue 4 Line 30:: permit any 01:80:c2:00:00:ff assign-queue 3 redirect 1/0/10 Line 31:: permit 01:80:c2:00:00:ee any assign-queue 4 Line 36:: match cos 5 Line 44:: police-simple 500000 64 conform-action transmit violate-action drop Line 45:: police-simple 500000 64 conform-action transmit violate-action drop

Total error Lines :: 6 The file being downloaded has potential problems. Do you want to save this file?

Applying a Configuration Script

To apply a “config script”, use the script apply command, as in the following.

Command Syntax Command Mode Purpose

script apply scriptname.scr Privileged Exec To do

Figure 3-36. Using the script apply Command

Force10 #script apply test.scr

Are you sure you want to apply the configuration script? (y/n)y

The system has unsaved changes. Would you like to save them now? (y/n) n

Configuration Not Saved!

hostname "Force10"

interface managementethernet ip address 10.10.1.33 255.255.255.0 exit management route default 10.10.1.254

interface vlan 11 exit exit Configuration script 'test.scr' applied.

Applying a configuration script on a machine with certain previously configured features may result in an error. This is because the syntax for entering the configuration mode that allows for editing the feature may be different than the syntax that exists in the configuration (and was used to create the feature initially). There are several such features.

Getting Started | 63

For example, the command to create a class-map called “cm-1” is class-map match-all cm-1, while the command to edit cm-1 later is

Services (DiffServ) on page 177.) Attempting to apply an unmodified config script containing cm-1 to a

machine that already has a class-map called cm-1 results in an error similar to the following example (see

Figure 3-37 on page 64).

Figure 3-37. Example of a Scripting Error

class-map match-all cm-1 This Diffserv class already exists.

Error in configuration script file at line number 33. CLI Command :: class-map match-all cm-1. Aborting script.

www.dell.com | support.dell.com

Execution of configuration script 'test.scr' could not be completed.

WARNING: The running configuration may not be the desired configuration. You might want to reload the saved configuration.

Failure to apply a config script can be resolved by one of the following solutions:

class-map cm-1 (For more on class-map, see Using Differentiated

• Issue the

clear config command before applying the script.

Note: Do not issue the clear config command if you telnet into the system, otherwise you will lose contact with the system. This command should be issued at the console port.

• Edit the script to use the proper syntax to edit the structure (ACL, map etc.).

• Edit the script by adding the

no form of a command to delete a feature, then add a command to

reconfigure the same feature.

Listing Configuration Scripts

The script list command lists the configured scripts in a system:

Figure 3-38. Using the script list Command

Force10 #script list

Configuration Script Name Size(Bytes)

-------------------------------- ----------test.scr 2689

1 configuration script(s) found. 2045 Kbytes free.

Force10 #

64 | Getting Started

Displaying Logs

The switch maintains four logs:

• Event log (“Persistent log”) — exception messages and critical boot-up messages; saved on switch reset

— Use the command

• System log, “buffered log”) – system trace information; cleared on switch reset

— Use the commands

• List of logging hosts

— Use the command

• Traps – enabled trap events; cleared on switch reset

— Use the command

For details on the logs and logging, see the chapter System Logs on page 101. See also the System Log chapter in the SFTOS Command Reference.

show eventlog.

show logging or show logging history.

show logging hosts.

show logging traplogs.

Getting Started | 65

www.dell.com | support.dell.com

66 | Getting Started

Management

This chapter covers the following management tasks:

• Creating the Management IP Address

• Changing the Management VLAN from the Default on page 68

• Verifying Access to a Management Port on page 69

• Verifying Management Port Connectivity on page 69

• Setting Stack Management Preferences on page 69

• Setting the Host Name Prompt on page 70

• Restoring the Configuration to Factory Defaults on page 70

• Setting up SNMP Management on page 71

• Link Layer Discovery Protocol (LLDP) on page 75

• Setting up Remote Network Monitoring (RMON) on page 75

• Setting the System Date and Time on page 78

• Gathering Details about the Switch on page 81

Creating the Management IP Address

The procedure for creating the management IP address is introduced in Setting the Management IP

Address on page 39 in the Getting Started chapter. Figure 4-39 shows the use of that procedure:

Figure 4-39. Creating the Management Port IP Address

Force10 (Config)#management route default 10.10.1.254 Force10 (Config)#interface managementethernet Force10 (Config-if-ma)#ip address 10.10.1.251 255.255.255.0 Force10 (Config-if-ma)#exit Force10 (Config)#exit Force10 #show interface managementethernet

IP Address..................................... 10.10.1.151

Subnet Mask.................................... 255.255.255.0

Default Gateway................................ 10.10.1.254

Burned In MAC Address.......................... 00:01:E8:D5:A0:39

Locally Administered MAC Address............... 00:00:00:00:00:00

MAC Address Type............................... Burned In

Network Configuration Protocol Current......... None

Management VLAN ID............................. 1

Web Mode....................................... Disable

Java Mode...................................... Disable

Management | 67

Changing the Management VLAN from the Default

As stated in Setting Up the Management VLAN on page 42 in the Getting Started chapter, the default management VLAN is the default VLAN 1, so, when you configure the management IP interface (see

Creating the Management IP Address on page 67), any port that is part of the default VLAN will carry

management traffic.

On first startup, the default VLAN 1 includes every port (although, by default, all ports are shut down until you enable them—see Enabling Ports on page 38.) If you want to change the management VLAN from the default VLAN to another VLAN, create the new VLAN (see Creating a VLAN on page 42), and then use the following command sequence and example as your guide.

www.dell.com | support.dell.com

Step Command Syntax Command Mode Purpose

1 show vlan id

interface managementethernet

vlan participation vlan-id Interface

show interface managementethernet

vlan-id Privileged Exec Inspect the VLAN that you want to assign as the

In the following example, we create and name VLAN 5, add one port to it (you can add more), and then designate the VLAN as the management VLAN.

Figure 4-40. Changing the Management VLAN from the Default

Force10 (Config)#interface vlan 5 Force10 (conf-if-vl-5)#name management_vlan Force10 (conf-if-vl-5)#interface 1/0/43 Force10 (conf-if-vl-5)#exit Force10 (Config)#interface managementethernet Force10 (Config-if-ma)#vlan participation 5 Force10 (Config-if-ma)#exit Force10 (Config)#

management VLAN.

Global Config Enter the Interface ManagementEthernet mode.

Select a VLAN to act as the management

ManagementEthernet

Privileged Exec Verify the management VLAN and other

VLAN. The VLAN number, designated in

vlan-id, must be from 1 to 3965.

Note: If you set the management VLAN to a VLAN that does not exist, there is no error message. Note: This is the only mode in which you use the vlan participation command.

management settings.

For more on VLANs, see Chapter 14, “VLANs,” on page 207.

68 | Management

Verifying Access to a Management Port

It is possible to set the management VLAN to a VLAN that does not exist. If you cannot reach anything from the management address, inspect the management VLAN with the commands

managementethernet or show running-config, to inspect the management IP settings, as shown in

Figure 4-41.

Figure 4-41. Verifying Management Port Network

Force10 #show interface managementethernet

IP Address..................................... 192.168.0.50

Subnet Mask.................................... 255.255.255.0

Default Gateway................................ 192.168.0.11

Burned In MAC Address.......................... 00:01:E8:0D:30:9A

Locally Administered MAC Address............... 00:00:00:00:00:00

MAC Address Type............................... Burned In

Network Configuration Protocol Current......... None

Management VLAN ID............................. 5

Web Mode....................................... Disable

Java Mode...................................... Disable

show interface

Verifying Management Port Connectivity

Figure 4-42. Verifying Management Port Connectivity

Force10 #ping 192.168.0.100 Send count=3, Receive count=3 from 192.168.0.100 Verify management port connectivity

Note: For more on management access, see Protecting the Management Interface with a

Loopback ACL on page 201.

Setting Stack Management Preferences

For details on combining S-Series switches into virtual single switches through stacking commands, see

Chapter 5, Stacking S-Series Switches.

Note: Each model in the S-Series line is only capable of stacking with other switches of the same model, and the S2410 models do not stack at all.

Management | 69

Setting the Host Name Prompt

If you have more than one individually managed S-Series switch, you can differentiate them by creating a unique CLI host name prompt for each switch. Use the edit the prompt, as shown in Figure 4-43:

Figure 4-43. Setting the Host Name

Force10 (Config)#hostname Force10_S50 Force10_S50 (Config)#

hostname command, in Global Config mode, to

www.dell.com | support.dell.com

The host name is case-sensitive and can be up to 64 characters in length.

Restoring the Configuration to Factory Defaults

Note: If you reset the switch to factory defaults while you access the switch by Telnet

connection, you lose connectivity to the switch.

Restoring S-Series switches to the factory default settings is useful when:

• You upgrade from the Layer 2 Package (switching) to the Layer 3 Package (routing)

• You lose the system passwords.

• You want to remove an undesirable configuration.

• The configuration has become very complex.

• You want to move a switch from one network to another.

Note: When upgrading from SFTOS version 2.2.x to 2.3.x, you do not need to be concerned about manually reconfiguring the switch to use the new SFTOS version 2.3.x commands, because the upgrade process includes an automatic mapping of 2.2.x settings to 2.3.x expressions of those settings.

Before you reset the switch to factory defaults, consider backing up your configuration, which you can do through one of these means:

• Back up your configuration on a TFTP server.

• Copy your configuration to a text file.

• Copy the configuration locally on the flash memory device.

To reset an S-Series switch to factory defaults, you need access to the switch console through either a physical console or a Telnet connection.

1. If you have lost your password, you must disconnect and reconnect the power cord. Or If you have your password, execute the

70 | Management

reload command from the Exec Privilege mode.

When the S50 starts to reload, the following text appears at the console:

Figure 4-44. Rebooting

Reloading all switches. Force10 Boot Code... Version 01.00.26 06/03/2005 Select an option. If no selection in 2 seconds then operational code will start. 1 - Start operational code. 2 - Start Boot Menu. Select (1, 2):2

2. When the text above appears, you have two seconds to enter 2 (as shown) and then press Enter. If you are not fast enough, the router will boot normally.

If you are successful, the following menu appears:

Figure 4-45. Boot Menu

Boot Menu Version: 30 Aug 2006

Options available

1 - Start operational code 2 - Change baud rate 3 - Retrieve event log using XMODEM (64KB). 4 - Load new operational code using XMODEM 5 - Display operational code vital product data 6 - Run flash diagnostics 7 - Update boot code 8 - Delete operational code 9 - Reset the system 10 - Restore configuration to factory defaults (delete config files) 11 - Activate Backup Image

[Boot Menu]

3. Select option 9 to delete the current configuration, including any admin and enable passwords.

4. Select option 8 to restart the system. When the S50 finishes rebooting, you can configure the router from scratch.

For other methods of managing running-config and system-config files, see Managing the Configuration

on page 56.

Setting up SNMP Management

Simple Network Management Protocol (SNMP) communicates management information between SNMP-based network management stations and SNMP agents in the switch. S-Series systems support SNMP versions 1, 2c, and 3, supporting both read-only and read-write modes. SFTOS sends SNMP traps, which are messages informing network management stations about the network.

SFTOS supports up to six simultaneous SNMP trap receivers. SFTOS does not support SNMP on VLANs.

Management | 71

SFTOS SNMP support conforms to RFC 1157 (SNMP v1), RFC 1213 (SNMP v2 (MIB-II)), and RFC 2570 (SNMP v3). For more on the MIBs and SNMP-related RFCs supported by SFTOS, refer to the SNMP appendix to this guide (see RFCs, MIBs, and Traps on page 285). That appendix also discusses the SNMP traps that SFTOS generates.

The MIB files are on the S-Series product CD-ROM and on the iSupport website (password required):

https://www.force10networks.com/csportal20/KnowledgeBase/Documentation.aspx

As a best practice, Dell Force10 recommends polling several SNMP object IDs (OIDs), as described here. SNMP is especially valuable in certain cases — for example when a console connection is unavailable.

All MIBs listed in the output of the Specifically, the S50 supports counter MIBs, including the 32-bit and 64-bit IF-MIB and IP-MIB

www.dell.com | support.dell.com

(accessing 64-bit counters requires SNMPv2c); hardware-related MIB variables, such as the Inventory MIB and Entity MIB; protocol-related MIBs, such as OSPF and VRRP; Layer 2 MIBs, such as the F10OS-SWITCHING-MIB; Layer 3 MIBs, such as F10OS-ROUTING-MIB, and the RMON MIB.

For general MIB queries, the OIDs start from 1.3.6.1.2.1. For private MIB queries, the OIDs start from

1.3.6.1.4.1.6027.1, where 6027 is the Dell Force10 Enterprise Number.

This section provides basic configuration steps for enabling SNMP.

Command Syntax Command Mode Usage interface managementethernet Global Config Access the Interface Managementethernet mode in order to

[no] snmp-server community

community-name

show sysinfo command for a particular SFTOS image can be polled.

configure a management IP address, which is required for SNMP management. For details, see Setting up a

Management Connection to the Switch on page 28.

Global Config Identify an SNMP community for the switch to join. Dell

Force10 suggests that you use the same community name for all chassis that you will manage with your SNMP management system. If you have previously entered a string for another SNMP manager and agent, use the existing string.

[no] snmptrap name ipaddr

[no] snmp-server enable trap

violation

Other commands that configure the SNMP server connection include:

•

snmp-server: Sets the name and the physical location of the switch, and the organization responsible

for the network.

•

snmp-server community ipaddr: Sets a client IP address for an SNMP community.

72 | Management

Global Config Adds an SNMP trap receiver name and IP address to the

SNMP community. The maximum name length is 16 case-sensitive alphanumeric characters.

Interface Config or Interface Range

Optionally, enable the sending of new violation traps for a specified interface designating when a packet with a disallowed MAC address is received on a locked port. Except for this trap, all traps are enabled by default. For details on trap options, see Managing SNMP Traps on

page 73, below.

• snmp-server community ipmask: Sets a client IP mask for an SNMP community.

•[

no] snmp-server community mode name: Activates [deactivates] the designated SNMP community.

All configured communities are enabled by default.

•

snmp-server community ro: Restricts access to switch information to read-only. snmp-server community rw: Sets access to switch information to read/write.

•

snmptrap ipaddr: Assigns an IP address to a specified community name.

•[

no] snmptrap mode: Activates [deactivates] an SNMP trap receiver name.

In Privileged Exec mode:

• To view the SNMP configuration, use the

• To display SNMP trap receiver entries, use the

show snmpcommunity command.

show snmptrap command.

See also Link Layer Discovery Protocol (LLDP) on page 75.

Managing SNMP Traps

SNMP trap events are logged and sent out via SNMP. For trap management, use the CLI commands listed below.

Traps can be enabled for the following features:

• Authentication

• Link up/down

• Multiple users

• Spanning Tree

• OSPF

• DVMRP

• PIM (both DM and SM with one command)

Note: The DVMRP, OSPF, and PIM traps and associated commands are supported only in the

Layer 3 software image of SFTOS.

Commands to [disable] enable traps are listed here. Global Config Mode:

•[

no] ip dvmrp trapflags: This command sets the DVMRP Traps flag (disabled by default).

•[

no] ip pim-trapflags: This command sets the PIM Traps flag (disabled by default).

•[

no] snmp-server enable traps bcaststorm: This command sets Broadcast Storm flag (sending of

traps enabled by default).

•[

no] snmp-server enable traps linkmode: This command sets the Link Up/Down flag (traps enabled

by default).

•[

no] snmp-server enable traps multiusers: This command sets the Multiple Users flag (traps

enabled by default).

•[

no] snmp-server enable traps stpmode: This command sets the Spanning Tree flag (traps enabled

by default).

Management | 73

• [no] snmp-server enable trap violation: This command enables the sending of new violation traps designating when a packet with a disallowed MAC address is received on a locked port (traps disabled by default).

•[

no] snmp-server traps enable: This command sets the Authentication flag (traps disabled by

default).

Interface Config Mode:

•

snmp trap link-status: This command enables link status traps by interface.

•

snmptrap snmpversion name ipaddr {snmpv1 | snmpv2}: This command selects between SNMP

version 1 and version 2 traps to be sent for the selected SNMP trap name.

www.dell.com | support.dell.com

router BGP config mode

— [no] trapflags

Router OSPF Config Mode:

no] trapflags: This command sets the OSPF Traps flag (enabled by default).

•[

Privileged Exec Mode:

•

show trapflags: As shown in Figure 4-46, this command displays the status of each of the SNMP trap

flags noted above. The final three in this example only appear when the Routing Package is loaded.

Figure 4-46. Using the show trapflags Command

Force10 #show trapflags

Authentication Flag............................ Enable

Link Up/Down Flag.............................. Enable

Multiple Users Flag............................ Enable

Spanning Tree Flag............................. Enable

Broadcast Storm Flag........................... Enable

DVMRP Traps.................................... Disable

OSPF Traps..................................... Disable

PIM Traps...................................... Disable

For information on the SNMP trap log, see also Displaying the SNMP Trap Log on page 106. That section also notes the relationship between the trap log and the System log.

For information on S-Series SNMP traps, MIBs, and SNMP-related RFCs, see RFCs, MIBs, and Traps on

page 285. See also the techtip “What Should I Poll with SNMP?” on the iSupport website: https://www.force10networks.com/csportal20/KnowledgeBase/ToolTipsSSeries.aspx

For more on SNMP commands, see the SNMP Community Commands section in the Management chapter of the

74 | Management

SFTOS Command Reference.

Note: SFTOS supports the RMON (Remote Network Monitoring) MIB (RFC 2819), which is enabled by default and cannot be disabled. SFTOS contains no commands for configuring RMON or displaying RMON data. For more on RMON support, see the RMON techtip on iSupport, or see the RMON MIB file, which is on both the S-Series product CD and iSupport.

Link Layer Discovery Protocol (LLDP)

The IEEE 802.1AB standard defines the Link Layer Discovery Protocol (LLDP). This protocol allows a switch residing on an 802 VLAN to advertise connectivity, physical description, management information, and major capabilities. The information distributed via this protocol is stored by its recipients in a standard Management Information Base (MIB), facilitating multi-vendor interoperability and use of standard management tools to discover and make available physical topology information for network management. The command set includes:

• Configure LLDP globally (Global Config mode):

—[

no] lldp {[mode {tx | rx | both}] [hello seconds] [multiplier integer]}

Enter either

mode, hello, or multiplier, followed by a value for the associated variable.

• Configure LLDP on a single port (timers not supported on one interface) (Interface Config mode):

no] lldp mode {tx | rx | both}

—[

• Display LLDP information (Privileged Config mode):

show lldp interface [all | interface unit/slot/port] show lldp local-device [all | interface unit/slot/port] show lldp neighbors [all | interface unit/slot/port] show lldp remote-device [all | interface unit/slot/port]

• Clear LLDP information (Global Config mode):

clear lldp neighbors [interface unit/slot/port] clear lldp counters [interface unit/slot/port]

Setting up Remote Network Monitoring (RMON)

Remote Network Monitoring (RMON) in SFTOS is based on industry RMON RFC standards, providing both 32-bit and 64-bit monitoring of S-Series switches, along with long-term statistics collection.

RMON is an extension of SNMP, and requires an agent to be running on the devices to be monitored. The SFTOS implementation of RMON allows the user to configure alarms and events (actions: enter log entry or send trap).

SFTOS supports the following RMON MIB groups defined in RFC-2819, RFC-3273, and RFC-3434:

Statistics (OID 1.3.6.1.2.1.16.1)

History (OID 1.3.6.1.2.1.16.2)

Contains statistics measured by the probe for each monitored interface on this device — packets dropped, packets sent, bytes sent (octets), broadcast packets, multicast packets, CRC errors, runts, giants, fragments, jabbers, collisions, and counters for packets ranging from 64 to 128, 128to 256, 256 to 512, 512 to 1024, and 1024 to 1518 bytes.

Records periodic statistical samples from a network and stores for retrieval — sample period, number of samples, items sampled.

Management | 75

Alarm (OID 1.3.6.1.2.1.16.3)

Periodically takes statistical samples and compares them with set thresholds for events generation — includes the alarm table and requires the implementation of the event group. Alarm type, interval, starting threshold, stop threshold.

Events (OID 1.3.6.1.2.1.16.9)

Controls the generation and notification of events from this device — event type, description, last time event sent.

SFTOS does not support the RMON 1 MIB groups Host, HostTopN, Matrix, Filters, Packet Capture, or Token Ring or the RMON 2 groups.

Important Points to Remember

www.dell.com | support.dell.com

• Collected data is lost during an S-Series chassis reboot.

• Only SNMP GET/GETNEXT access is supported. Configure RMON using the RMON commands.

RMON Command Set

For details on RMON command syntax, see the RMON chapter in the SFTOS Command Reference.

rmon alarm 1-65535 SNMP_OID 5-3600 {delta | absolute} rising-threshold 0-4294967295 index falling-threshold

0-4294967295 index [owner string]

rmon collection history controlEntry 1-65535 [buckets number] [interval 5-3600] [owner name] rmon collection statistics controlEntry 1-65535 [owner name] rmon event 1-65535 [log] [trap SNMP_community] [description string] [owner name]) show rmon (See Figure 4-48 on page 78.) show rmon alarms and show rmon alarms brief show rmon events and show rmon events brief show rmon history and show rmon history brief show rmon log and show rmon log brief show rmon statistics and show rmon statistics brief

Configuring RMON Alarms

The following steps create an RMON event ID and associates an alarm to it. The example (see Figure 4-48

on page 78) following it shows the use of these commands.

Step Command Syntax Command Mode Purpose

rmon event 1-65535 [log]

trap SNMP_community]

[

description string]

[

owner name]

[

Global Config Add an event ID to the RMON Event Table.

76 | Management

[no] rmon alarm 1-65535

SNMP_OID 5-3600 {

absolute} rising-threshold

0-4294967295 index

falling-threshold 0-4294967295

[owner string]

index

delta |

Global Config Identify the event ID created in Step 1 for which

you want to set [or disable] an alarm, identify the target MIB, and configure the parameters that trigger the alarm.

show rmon alarms brief Privileged Exec Display a summary of the contents of the

RMON Alarm Table.

The event variables are:

• 1-65535: An arbitrary number to be used to refer to this event in the Index

• log: Create an entry in the log table. Default none

• trap:SNMP community used if a trap is to be sent (default: public)

• description: Comment describing this entry, <string-max 127 char >

• owner: Entity that configured this entry, <string-max 127 char>

Figure 4-47. RMON Event Thresholds

Figure 4-47, above, depicts the points at which RMON threshold alarms are triggered. The first concept is

that an event occurs when a threshold is crossed — either crossing a rising threshold or crossing a falling threshold. The other main concept is that a second event of that type cannot occur until the opposite threshold has been crossed in order to end the period of the first event.

In setting the alarm, you must choose between absolute and delta:

•

absolute — This is an actual value of the selected MIB variable. This choice is better for rate

measurements that vary plus or minus. For example, if a value never falls, the falling threshold will never be reached, and the rising threshold will only be crossed once.

•

delta — This choice is best with counters that only increment. The previous value of the MIB variable

is subtracted from the current value to determine whether the value is incrementing from its previous value by the Rising Threshold amount, or by an amount equal to or less than the Falling Threshold amount.

Management | 77

Example of configuring an RMON alarm

The following example shows the use of the rmon event and rmon alarm commands to create two event IDs and then associate them with an alarm. The event IDs are highlighted in the alarm statement.

Figure 4-48. Configuring an RMON Alarm

Force10# config Force10 (config)#rmon event 10 Force10 (config)#rmon event 20 Force10 (config)#rmon alarm 50 1.3.6.1.4.1.6027.1.1.16.0.2 absolute rising-threshold 200 10

falling-threshold 100 20 Force10 (config)#exit

Force10# show rmon

RMON status

www.dell.com | support.dell.com

Total memory used ..................... 202260 bytes.

Ether statistics table ................ 2 entries, 1184 bytes

Ether history table ................... 9 entries, 198876 bytes

Alarm table ........................... 2 entries, 536 bytes

Event table ........................... 4 entries, 1664 bytes

Log table ............................. 0 entries, 0 bytes

Force10#

Setting the System Date and Time

This section describes how to configure the date and time on the switch. The date and time are used for synchronizing network resources, particularly the timestamps in logs (see System Logs on page 101).

You have the option of using the Simple Network Time Protocol (SNTP) feature or simply setting the clock (both date and time) manually. Once set, the clock updates automatically through a system reboot or shutdown.

Note: Setting the timezone is not supported.

This section contains the following major sub-sections:

• Setting the System Date and Time Manually

• SNTP Overview

• CLI Examples of SNTP Setup on page 80

Setting the System Date and Time Manually

Use the clock time {dd/mm/yyyy | hh:mm:ss} command in Global Config mode to set the software clock. Enter either the date in dd/mm/yyyy format (for example, 10/01/2007 for October 1, 2007) or the time in hh:mm:ss format (for example, 22:45:00, for 10:45 P.M.). If you enter only one parameter (either date or time), while leaving the other parameter unchanged, the unchanged parameter continues to be based on the previous command execution.

78 | Management

The software clock runs only when the software is up. When the switch reboots, the clock restarts, based on the hardware clock. If you set the date and time manually, and then set up SNTP, the automatic update uses the SNTP update.

Use the

show clock command to check the accuracy of the system date and time.

SNTP Overview

SNTP:

• Is an adaptation of NTP

• Provides a synchronized network timestamp

• Can be used in broadcast or unicast mode

• Client is implemented over UDP, which listens on port 123

The SNTP command set consists of:

•

sntp broadcast client poll-interval poll-interval: Set the poll interval for SNTP broadcast clients in

seconds as a power of two, with a range from 6 to 16.

•

sntp client mode [broadcast | unicast]: Enable SNTP client mode and, optionally, set the mode to

either broadcast or unicast.

•

sntp client port port-ID [poll-interval]: Set the SNTP client port ID to a value from 1 to 65535. Then,

optionally, set the poll interval for that client in seconds, as a power of two, in the range from 6 to 10.

•

sntp unicast client poll-interval poll-interval: Set the poll interval for SNTP unicast clients in seconds

as a power of two, with a range from 6 to 16.

•

sntp unicast client poll-timeout timeout: Set the poll timeout for SNTP unicast clients in seconds to a

value from 1-30.

•

sntp unicast client poll-retry: Set the poll retry for SNTP unicast clients to a value from 0 to 10.

•

sntp server: Configure an SNTP server (maximum of three).

•

show sntp: Display SNTP settings and status.

•

show sntp client: Display SNTP client settings.

•

show sntp server: Display SNTP server settings and configured servers.

Management | 79

CLI Examples of SNTP Setup

The following examples show the major command sequences in configuring the SNTP connection.

Example #1: Configuring SNTP client mode

Figure 4-49. Configuring SNTP Client Mode

Force10 (Config)#sntp client mode broadcast ? <cr> Press Enter to execute the command. Force10 (Config)#sntp client mode unicast ? <cr> Press Enter to execute the command. Force10 (Config)#sntp broadcast client poll-interval ? <6-10> Enter value in the range (6 to 10). Poll interval is 2^(value) in seconds.

www.dell.com | support.dell.com

Example #2: Configuring SNTP client port

Figure 4-50. Configuring the SNTP Client Port

Force10 (Config) #sntp client port 1 ? <cr> Press Enter to execute the command. <6-10> Enter value in the range (6 to 10). Poll interval is 2^(value) in seconds.

Example #3: Configuring SNTP server

Figure 4-51. Configuring the SNTP Server Connection

Force10(Config) #sntp server 10.11.8.6 ? <cr> Press Enter to execute the command. <1-3> Enter SNTP server priority from 1 to 3.

Example #4: show sntp client

Figure 4-52. Using the show sntp client Command

Force10 #show sntp client Client Supported Modes: unicast broadcast SNTP Version: 4 Port: 123 Client Mode: unicast Unicast Poll Interval: 6 Poll Timeout (seconds): 5 Poll Retry: 1

80 | Management

Example #5: show sntp server

Figure 4-53. Using the show sntp server Command

Force10 #show sntp server Server IP Address: 10.11.8.6 Server Type: ipv4 Server Stratum: 3 Server Reference Id: NTP Srv: 128.4.1.2 Server Mode: Server Server Maximum Entries: 3 Server Current Entries: 1 SNTP Servers

-----------IP Address: 10.11.8.6 Address Type: IPV4 Priority: 1 Version: 4 Port: 123 Last Update Time: JUNE 18 04:59:13 2005 Last Attempt Time: JUNE 18 11:59:33 2005 Last Update Status: Other Total Unicast Requests: 1111 Failed Unicast Requests: 361

Gathering Details about the Switch

In addition to the show commands demonstrated in this chapter, the section Verifying Details about the

Switch on page 32 in the Getting Started chapter contains a good summary of

gathering typical switch information. See also the section Using show Commands for Stacking Information

on page 98 in the Stacking chapter.

show commands useful for

Management | 81

www.dell.com | support.dell.com

82 | Management

Stacking S-Series Switches

This chapter contains the following sections:

• S-Series Stackability Features

• Important Points to Remember

• Stacking Commands Overview on page 85

• Management Unit Selection Algorithm on page 85

• Unit Number Assignment on page 86

• Stack Management and Functionality on page 86

• Adding a Switch to a Stack on page 89

• Removing a Switch from a Stack on page 90

• Setting Management Unit Preferences on page 91

• Upgrading Software in a Stack on page 94

• Using show Commands for Stacking Information on page 98

S-Series Stackability Features

• Stacking cable length availability:

— Short stacking cable (60 cm) — Long stacking cable (4 meters)

• Management unit (stack manager switch) selection algorithm

• Stacking commands include commands that allow you to pre-configure a stack and commands to manage the existing stack, including the selection of the stack management unit.

Important Points to Remember

• An S-Series stack acts much like a chassis with multiple cards. The management unit of the stack acts like the supervisor (RPM in an C-Series or E-Series), while the member units act like line cards. For example, a VLAN or LAG (port channel) can be comprised of interfaces from different units of the stack.

• You manage the stack as a single switch by connecting to the management unit, which is a stack member that gets elected by an algorithm that you can control. For details, see Management Unit

Selection Algorithm on page 85.

• The S50N, S50V, and S25P models of the S-Series can be stacked together. While the hardware connection limit is a maximum of eight units in the stack, Dell Force10 currently only supports a stack maximum of three units.

Stacking S-Series Switches | 83

• The original S50 model can only be stacked with another S50. The number of S50s in a stack is limited by the number of S50s with 10G modules (the hardware supports stacking eight units, but the current software implementation limits stack size to seven), but, again, Dell Force10 currently only supports a stack maximum of three units.

• Each switch member must run the same version of SFTOS.

• Upgrading the management unit software image automatically upgrades other units in the stack. Starting with SFTOS 2.5.1, you can also upgrade a stack member separately.

• Configuration files are automatically distributed to all units from the management unit.

Figure 5-54 shows two common ways to connect switches together with stacking cables, each with cables

between Stack Port A and Stack Port B (on the back of each S50). However, it does not matter whether you connect an A port to a B port, A to A, B to B, etc. The ports are interchangeable and bi-directional. For

www.dell.com | support.dell.com

more on hardware stacking options, see the installation guide appropriate to your system.

Figure 5-54. Methods for Cabling Stacks

Ring Connection Cascade Connection

Switch 1

Switch 2

Switch 3

Note: The S50V can have up to four stack ports installed, so Figure 5-54 does not depict all possible ways of managing an S50V stack. For details on S50V stack options, see its

Switch 1

Switch 2

Switch 3

Switch 4

installation guide.

84 | Stacking S-Series Switches

Stacking Commands Overview

Command Syntax Command Mode Purpose copy {image1 | image2}

unit://unit/{image1 | image2}

copy tftp://

tftp_server_ip_address/path/ filename {

[no] member unit switchindex Stacking Config This command pre-configures a switch unit number. The unit

movemanagement fromunit

tounit

image1 | image2}

Privileged Exec Starting with SFTOS 2.5.1, this command copies a selected

software image from the management switch to a designated switch.

Note: Before SFTOS 2.5.1, the archive copy-sw command copied the system image from the management unit to the other stack members.

Privileged Exec Starting with SFTOS 2.5.1, this command copies a selected

software image from a TFTP server to the management switch. For supporting commands, see Downloading a Software Image

on page 45 in the Getting Started chapter.

Note: Previous to SFTOS 2.5.1, the archive download-sw command was available, in Stacking Config mode, to download the system image to the switch.

is the new switch ID (1 to 8). For the switchindex (SID), see show supported switchtype.

Use the no member unit command to logically remove a switch from the stack before disconnecting its stacking cables. See Figure 5-58 on page 91.

Stacking Config Move the management unit functionality from one switch to

another. See Figure 5-61 on page 93.

show stack-port Privileged Exec Display summary stack port information for the stack. See

Figure 5-67 on page 98.

show stack-port counters Privileged Exec Display traffic counters for each stack port in the stack. See

Figure 5-68 on page 99.

show switch unit Privileged Exec;

User Exec

show supported switchtype

switchindex

stack Global Config Accesses the Stacking Config mode

switch oldunit renumber newunit Global Config The switch renumber command changes the switch identifier

switch unit priority value Global Config The switch priority command configures the ability of a

Privileged Exec; User Exec

Display information about all stack members or a specific member.

Display information about all supported switch types or for a specific switch type.

(The resulting prompt is “hostname

(config-stack)#

(from 1 through 8) for a switch in the stack.

switch to become the management unit. See Figure 5-60.

”.)

Management Unit Selection Algorithm

• If a stack has an active management unit, and a switch being introduced to the stack is also configured

Stacking S-Series Switches | 85

to be a management unit, then the newly added unit changes its configured value to disable the management unit function.

• Conversely, if the management unit function is enabled or unassigned on the unit and there is no other management unit in the system, then the unit becomes the management unit.

• If the management unit function is disabled on the unit, then it remains a non-management unit.

• The priority preference ( when the current management unit fails.

• When two units that constitute the members of a stack come up at the same time, then whichever has the higher priority or higher MAC address becomes the management unit.

• The current management unit has the highest default preference for staying the manager after a reboot. On reboot, a member switch waits for 30 seconds to hear from the management unit before it begins to determine from its priority if it must become the management unit. Therefore, in addition to the

www.dell.com | support.dell.com

movemanagement command cited above, you could force a change in management units in this way:

1. Power down the current management unit.

switch priority command) is only used to select the next management unit

2. Reset the stack. Enter the

3. Wait more than 30 seconds before powering up the device again. At 30 seconds, the remaining units start the management unit election process.

reload command.

Unit Number Assignment

You can manually assign numbers to stack members. For details, see Adding a Switch to a Stack on

page 89. Otherwise, SFTOS automatically assigns unit numbers based on the following factors.

• If the unit number is configured, but another unit already uses that number, the unit changes its configured unit number to the lowest unassigned unit number.

• If the unit number is unassigned, then the unit sets its configured unit number to the lowest unassigned unit number.

• If the unit number is configured and no other device uses the unit number, then the unit starts using the configured unit number.

• If a unit detects that the maximum number of units already exist, the unit sets its unit number to “unassigned” and stays in the Initialization state.

Stack Management and Functionality

As described above (Management Unit Selection Algorithm on page 85), a management selection algorithm elects one stack member to be the management unit. All other switches in the stack will be subordinate to the management unit and “assume its personality”. Each switch in the stack will have a unit number that you can configure, or they are set automatically by the individual units as they start (Unit

86 | Stacking S-Series Switches

Number Assignment on page 86). Use the show switch command (Figure 5-56 on page 88) to see the

status of the individual members in a stack.

Note: Unit numbers are stored in NVRAM and are persistent, even when a unit is removed from a stack. The exceptions are if: 1) you change the unit number manually; or 2) you plug the unit into a new stack, and it gets assigned a new unit number because a unit in that new stack already has the same number.

It is possible to pre-configure the stack for new units. Use the

member command (see Stacking Commands

Overview on page 85) to accomplish this function. This will logically create the new unit and all the ports

connected to that unit. You can define the new unit in advance, and pre-configure the ports even though the ports do not yet physically exist in the stack. If you do so, make sure you pre-assign the unit number to the new unit so that it will get the proper configuration from the management unit when connected to the stack. See the list of best practices (Best Practices on page 89). Pre-configured ports (not physically present) display in the

show switch command report as “detached”.

Bear in mind that, if you connect a switch that already has a stack number that does not match the pre-configuration you did (perhaps it was previously a member of another stack), the switch will be assigned a default configuration by the management unit. If this occurs, use the

switch renumber

command to assign a stack number that matches the unit number you pre-configured for.

You can also use the the

switch renumber command if you want to remove a unit that is the current

backup to the management unit, and you want this new unit to assume the identity of that removed unit.

The management unit is in charge of the stack. If a new software image is loaded into the management unit, the image will be automatically propagated to all units (in fact it is required that all units run the same version of code). If configuration changes are made and saved, they will be saved to all switches, and remembered by all switches, even if the switches are disconnected from the stack. The management IP address is also included in that configuration information, so you could end up with duplicate addresses on the network if you simply remove the stacking cables from units that are connected to the same network.

If the management unit were to be removed, or it became non-functional for some reason, one of the other switches in the stack would then be elected manager by the management selection algorithm. It is possible to enforce which switch will become the replacement management unit, by configuring it to have the highest switch priority. Changing this priority in an operating stack will not affect the current stack configuration. The priority is only used by the algorithm when a new manager needs to be elected, such as after a power failure, or removal/failure of the current management unit.

You manage the stack from the management unit. When you connect to the console port of the management unit, you will see the expected prompt, and you have mode-based access to all CLI commands (For more on modes, see the CLI Modes chapter in the SFTOS Command Reference.)

If you connect to the console port on a non-management unit in a stack, the prompt is “(Unit number)>”. The number is the one assigned to that switch. No user commands can be executed at that prompt.

Note: On a subordinate unit, the only command that shows up when you type '?' is devshell. This is used to access a low level diagnostic shell that should only be used under the direction of a TAC engineer. Unauthorized use of this shell could disrupt the functioning of your unit.

Stacking S-Series Switches | 87

All of the forwarding protocols run on the management unit. The subordinate units do not run the full stack. The forwarding database resides on the management unit, which then synchronizes the forwarding tables in the other units in the stack. The individual units in the stack then make individual forwarding decisions based on their local copy of the forwarding table.

If a management unit is lost, and a new unit assumes the role of manager for the stack, there is some disruption to traffic as the new management unit is elected, and forwarding tables are flushed and then relearned.

The stacking ports switch traffic between units at a rate of 10 Gbps. Since each unit supports 48 x 1 Gbps ports, and two optional 10 Gbps ports, the switching capacity between units is oversubscribed.

The ring topology provides some performance gains. For example, a two-unit stack with two cables is able

www.dell.com | support.dell.com

to exploit the full bandwidth of both stacking ports, effectively giving 20 Gbps between the units. Ring topology performance gains in larger stacks (4+) will probably not be as great, since transitional traffic will share bandwidth with traffic destined to, or originating from, a given switch.

To display the status of the stacking ports, execute the

show stack or show stack-port command (In this

example, the redundant connection that completes a ring topology is missing.):

Figure 5-55. Example Output from show stack-port Command on an S50

Force10 #show stack-port

Configured Running Stack Stack Link Link Unit Interface Mode Mode Status Speed (Gb/s)

---- ---------------- ---------- ---------- ------------ -----------1 Stack Port A N/A Stack Link Down 10 1 Stack Port B N/A Stack Link Up 10 2 Stack Port A N/A Stack Link Up 10 2 Stack Port B N/A Stack Link Down 10

To display the status of units in the stack and which version of software they are running, use the show

switch command: Figure 5-56. Example Output from show switch Command

Force10 #show switch

Management Preconfig Plugged-in Switch Code Switch Status Model ID Model ID Status Version

------ ------------ ------------- ------------- --------------------- -------1 Mgmt Switch SA-01-GE-48T SA-01-GE-48T OK 2.3.1.5 2 Stack Member SA-01-GE-48T SA-01-GE-48T OK 2.3.1.5

Manager

Member

88 | Stacking S-Series Switches

Adding a Switch to a Stack

Note: Dell Force10 currently supports a stack maximum of three units. S50 models can only

stack with other S50 models. The S25P, S50N, and S50V can be stacked together. See the Quick Reference appropriate to your S-Series model or its installation guide for instructions on making the physical stacking connections.

SFTOS provides three ways to add a switch to a stack:

• Plug the unit into the stack and let the system configure it. The unit is automatically assigned the next unused unit number.

• Power the unit up as a standalone unit to assign a unit number and management unit preference before connecting the unit to the stack. Use the

priority command (Figure 5-60 on page 92).

• Pre-configure the unit number ( connect the unit to the stack. If you are adding multiple units to an existing stack, you can either:

— Configure the unit numbers from the pre-configuration into the standalone units before

connecting them. Or

— Plug the units into the stack in the correct sequence to match the pre-configuration. After a

running configuration has been saved, all units are considered to be pre-configured.

member command) through the stack’s management unit and then

member command (Figure 5-57 on page 90) and switch

Best Practices

As best practices, to minimize disruption to the stack (and network) when connecting units and during failures, you should:

1. Pre-configure unit numbers for each unit in the stack. Use the switch renumber command.

2. Configure the switch priority for each unit to make management unit selection deterministic. Use the

switch priority command.

3. Make sure each unit has the same software version prior to connecting them together. If you do connect them, the CLI will issue an error and not allow the stacking connection.

4. Make sure you save the configuration after making changes. The configuration will be saved to all units in the stack. If you do not save changes, and a management unit were to fail, the changes would be lost. Other units in the stack would not learn about the changes, or store them, unless they are saved.

5. Connect new units to an existing stack prior to powering them up. Failure to do so will not result in physical damage, but a new unit that was previously configured as a management unit, that gets connected to an existing stack, could end up as the manager, disrupting expected stack operation.

Use the before physically adding it. In this case, we add the unit as #5:

member unit switchindex command to logically add a unit to a stack as a way to pre-configure it

Stacking S-Series Switches | 89

Figure 5-57. Using the member Command to Add a Unit to a Stack

Force10 #show supported switchtype

Mgmt Code SID Switch Model ID Pref Type

--- -------------------------------- ------------ --------1 SA-01-GE-48T 1 0x100b000 3 SA-01-GE-48T 1 0x100b000 4 SA-01-GE-48T 1 0x100b000

Force10 #configure Force10 (Config)#stack Force10 (config-stack)#member 5 1 Force10 (config-stack)#exit Force10 (Config)#exit Force10 #show switch

www.dell.com | support.dell.com

Management Preconfig Plugged-in Switch Code Switch Status Model ID Model ID Status Version

------ ------------ ------------- ------------- --------------------- -------1 Mgmt Switch SA-01-GE-48T SA-01-GE-48T OK 2.3.1.5 3 Stack Member SA-01-GE-48T SA-01-GE-48T OK 2.3.1.5 4 Stack Member SA-01-GE-48T SA-01-GE-48T OK 2.3.1.5 5 Unassigned SA-01-GE-48T Not Present 0.0.0

Force10 #

Unit 5 added

Removing a Switch from a Stack

Use the following procedure to remove a member switch from a stack (If you are removing the management unit, first use the

Step Command Syntax Command Mode Purpose

1 interface range ethernet

range

shutdown Interface Range Disable all ports in the specified range.

4 5

stack Global Config Access Stacking Config mode. no member unit Stacking Config Remove the unit number from the logical stack so that

movemanagement command, as described above):

Global Config Access the range of interfaces on the switch to be

removed from the stack. The command accesses the Ethernet Range prompt within the Interface Range mode. For example, for Unit 2, enter:

interface range ethernet 2/0/1-2/0/50

Alternatively, you could pull all of the port connections from the switch.

Remove the stacking cables from the unit to be removed from the stack.

it can be recycled when you add another switch to the stack (or you renumber an existing stack member). See

Figure 5-58 on page 91.

90 | Stacking S-Series Switches

Step Command Syntax Command Mode Purpose

Attach the stacking cables to support the new configuration (see Figure 5-54 on page 84).

show stack-port counters Privileged Exec Inspect the stack traffic data to confirm that the stack is

successfully reconfigured. See Figure 5-68 on page 99.

To remove a switch from the stack, use the no member unit command:

Figure 5-58. Using the no member Command to Remove a Switch from a Stack

Force10 (config-stack)#no member 5 Force10 (config-stack)#exit Force10 (Config)#exit Force10 #show switch

Management Preconfig Plugged-in Switch Code Switch Status Model ID Model ID Status Version

------ ------------ ------------- ------------- --------------------- -------1 Mgmt Switch SA-01-GE-48T SA-01-GE-48T OK F32.3.1.5 3 Stack Member SA-01-GE-48T SA-01-GE-48T OK F2.3.1.5 4 Stack Member SA-01-GE-48T SA-01-GE-48T OK F32.3.1.5

Unit 5 removed

Force10 #

If you do not use the no member unit command after removing a switch, the unit number is “Unassigned”:

Figure 5-59. The show switch report Showing “Unassigned” after Removing a Switch from a Stack

Force10 #show switch

Management Preconfig Plugged-in Switch Code

Switch Status Model ID Model ID Status Version

------ ------------ ------------- ------------- --------------------- -------1 Mgmt Switch SA-01-GE-48T SA-01-GE-48T OK2.3.1.5 3 Stack Member SA-01-GE-48T SA-01-GE-48T OK 2.3.1.5 4 Stack Member SA-01-GE-48T SA-01-GE-48T OK 2.3.1.5 5 Unassigned SA-01-GE-48T Not Present 0.0.0.0

Force10 #

Setting Management Unit Preferences

To change the management unit priority of a stack member, use the switch unit priority value command:

Stacking S-Series Switches | 91

Figure 5-60. Changing Switch Unit Priority

Force10 (Config)#switch 4 priority 2 Force10 (Config)#exit Force10 #show switch

Management Preconfig Plugged-in Switch Code Switch Status Model ID Model ID Status Version

------ ------------ ------------- ------------- --------------------- -------1 Stack Member SA-01-GE-48T SA-01-GE-48T OK 2.3.1.5 3 Mgmt Switch SA-01-GE-48T SA-01-GE-48T OK 2.3.1.5 4 Stack Member SA-01-GE-48T SA-01-GE-48T OK 2.3.1.5

Force10 #show switch 4

Switch............................ 4

www.dell.com | support.dell.com

Management Status................. Stack Member

Hardware Management Preference.... Unassigned

Admin Management Preference....... 2

Switch Type....................... 0x56950202

Preconfigured Model Identifier.... SA-01-GE-48T

Plugged-in Model Identifier....... SA-01-GE-48T

Switch Status..................... OK

Switch Description................

Expected Code Type................ 0x100b000

Detected Code Version............. 2.3.1.5

Detected Code in Flash............ 2.3.1.5

Serial Number..................... DE400347

Up Time........................... 0 days 0 hrs 56 mins 51 secs

Value is now set to priority 2

In the example in Figure 5-60, the switch 4 priority 2 command changes the management preference value of Unit #4 to priority 2. The higher the number, the more likely it is that the switch will be selected as the next management unit by the management selection algorithm. The default is 1, so unless other units have been set with a higher priority, Unit #4 will be selected to be the management unit when the current management unit goes down or is removed from the stack.

To move the management function from one unit to another within a stack, use the

movemanagement

command:

92 | Stacking S-Series Switches

Figure 5-61. Moving the Management Unit Function within a Stack

Force10 (config-stack)#movemanagement 1 3 Moving stack management will unconfigure entire stack including all interfaces. Are you sure you want to move stack management? (y/n) y

Force10 (config-stack)# (Unit 1)>This switch is not manager of the stack. STACK: detach 15 units

(Unit 1)>

Unit 1 no longer has CLI

(Unit 3)> (Unit 3)>This switch is manager of the stack. STACK: attach 5 units on 1 cpu

User:Trying to attach more units.....

This switch is manager of the stack. STACK: attach 5 units on 1 cpu

Trying to attach more units.....

This switch is manager of the stack. STACK: attach 5 units on 1 cpu

User:

User:***** Password: Force10 >enable Password:

Force10 #show switch

Management Preconfig Plugged-in Switch Code Switch Status Model ID Model ID Status Version

Log into Unit 3

Management Switch is now Unit 3

Force10 #

Inspecting Management Preferences

The command show switch number (see an example in Figure 5-56 on page 88; see also Verifying Details

about the Switch on page 32) generates a report that displays a field called “Hardware Management

Preference” and one called “Admin Management Preferences”, as described here.

Hardware Management Preference

The “Hardware Management Preference” field indicates whether the device is capable of becoming a management unit. The value for Hardware Management Preference always displays as “Unassigned.” The other valid value for this field is “Disabled”. The attribute cannot be changed through the CLI.

Stacking S-Series Switches | 93

Administrative Management Preference

The “Administrative Management Preference” indicates the preference given to this unit over another units in a stack by an administrator when the management unit fails. The default value is 1. A value of 0 means the unit cannot become a management unit.

This field indicates the administrative management preference value assigned to the switch. This preference value indicates how likely the switch is to be chosen as the management unit. The attribute for “Admin Management Preferences” can be changed through the

switch unit_number priority value command.

Unsetting Management Preference

www.dell.com | support.dell.com

There is no CLI command to set the management preference back to “unassigned”. The management preference information is stored locally on each unit, and can be erased using the boot menu option that deletes all configuration files including the unit number.

Management Preference and MAC Address

The role of each switch in a stack as either manager or member can be changed by setting the management preference and MAC address. Management preference is considered before the MAC address. The higher the management preference value is makes it more likely for that switch to become manager. Likewise, the higher the MAC address value is makes it more likely for that switch to become manager.

The preference decision is made only when the current manager fails and a new manager needs to be selected, or when a stack of units is powered up with none of the units previously holding the management role. If two managers are connected together, then management preference has no effect.

Upgrading Software in a Stack

With all versions of SFTOS, using the copy command to download SFTOS software to the management switch automatically propagates that software to all stack members. You would then use the command to reboot all switches in the stack, which would include installing that new software.

reload

However, in SFTOS 2.5.1, the command to download software while running 2.5.1, you specify in which of two bins (image1 or

image2), the new software will be stored: copy tftp://tftp_server_ip_address/path/filename {image1 | image2}

Previous to SFTOS 2.5.1, the syntax is:

copy tftp://tftp_server_ip_address/path/filename system:image

(If you are using XModem, instead, replace tftp with xmodem.)

94 | Stacking S-Series Switches

copy command syntax is slightly different. When you use the copy

For more on downloading SFTOS, see Downloading a Software Image on page 45 in the Getting Started chapter

. See also the command syntax for the set of Dual Software Image Management commands in that

section of the System Configuration Commands chapter in the SFTOS Command Reference.

The purpose of the two “image” bins is to enable you to easily specify which image to invoke on the next reboot. You do that with the command

boot system [unit] {image1 | image2} before executing the reload

command.

Note that it is possible to download new software into the bin currently occupied by the currently running version. The replacement would only take effect on the next reboot and only if you specified that bin with the

boot system command.

The

reload [unit] command now provides selective rebooting of stack members. Combined with the ability

Copying SFTOS Software to a Member Switch

As described above, downloading SFTOS software to the management switch automatically propagates that software to all stack members. In addition, with SFTOS 2.5.1, the following way to manually copy an image from the management switch to a selected stack member, typically one that does not yet have the software version set to be installed in the next reboot:

copy command provides the

copy {image1 | image2} unit://unit/{image1 | image2}

For

unit, enter a specific member number as an integer from 1 to 6.

An asterisk (* ) indicates that the image should be copied to all members:

unit://*/{image1 | image2}

For more on

Note: This operation can take several minutes.

copy command options, see Downloading and Uploading Files on page 44, above.

Configuration example: Upgrading software on a new member switch

In the following case, a switch has been moved into a stack after you have installed new software to the management unit and to the new member. You have installed the new software in the management unit but not yet in the new member.

Notice, in Figure 5-62, that members are required to run the same code, and the software running in Unit 2 is not current:

show switch reports Unit 2, but show stack does not, because all stack

Stacking S-Series Switches | 95

Figure 5-62. Using the show bootvar Command within a Stack

Force10-S50 #show switch Management Preconfig Plugged-in Switch Code Switch Status Model ID Model ID Status Version

------ ------------ ---------------- ---------------- --------------- -------1 Mgmt Switch SA-01-GE-48T SA-01-GE-48T OK F.10.20.1 2 Stack Member SA-01-GE-48T SA-01-GE-48T Code Version Mismatch F.10.16.2

Force10-S50 #show stack

Configured Running

Unit Interface Mode Mode Status Speed (Gb/s)

---- ---------------- ---------- ---------- ------------ -----------1 Stack Port A N/A Stack Link Up 10

www.dell.com | support.dell.com

1 Stack Port B N/A Stack Link Up 10

In Figure 5-63, you can see that, while Image1 is specified in “next-active” for both switches, the two switches have different code stored in the Image1 bin:

Figure 5-63. Using the show bootvar Command within a Stack

Force10-S50 #show bootvar

Stack Stack Link Link

Image Descriptions

image1 : default image image2 :

Images currently available on Flash

-------------------------------------------------------------------unit image1 image2 current-active next-active

-------------------------------------------------------------------1 F.10.20.1 <none> image1 image1 2 F.10.16.2 F.10.20.1 image1 image1

1. Use the boot system command to set Image2 as the code to install on the next reboot of Unit 2, and then inspect the

show bootvar output again to verify the selection of Image2 in “next-active”:

96 | Stacking S-Series Switches

Figure 5-64. Using the show bootvar Command within a Stack

Force10-S50 #boot system 2 image2 Activating image image2 ..

Force10-S50 #show bootvar

Image Descriptions

image1 : default image image2 :

Images currently available on Flash

-------------------------------------------------------------------unit image1 image2 current-active next-active

-------------------------------------------------------------------1 F.10.20.1 <none> image1 image1 2 F.10.16.2 F.10.20.1 image1 image2

2. After executing the reload 2 command to reboot Unit 2, use the show switch command to verify that

the stack is running the new code:

Figure 5-65. Verifying Stack Sequencing after a Reload with show switch and show stack Commands

Force10-S50 #reload 2

Are you sure you want to reload the switch? (y/n) y

Reloading switch 2.

................

Force10-S50 #STACK: master on 0:1:e8:d5:c2:21 (2 cpus, 12 units)

Trying to attach more units.....

STACK: master on 0:1:e8:d5:c2:21 (2 cpus, 12 units) STACK: attach 7 units on 1 cpu This switch is manager of the stack.

Force10-S50 >show switch

Management Preconfig Plugged-in Switch Code Switch Status Model ID Model ID Status Version

------ ------------ ---------------- ---------------- --------------- -------1 Mgmt Switch SA-01-GE-48T SA-01-GE-48T OK F.10.20.1 2 Stack Member SA-01-GE-48T SA-01-GE-48T OK F.10.20.1

Force10-S50 #show stack

Configured Running Stack Stack Link Link Unit Interface Mode Mode Status Speed (Gb/s)

---- ---------------- ---------- ---------- ------------ -----------1 Stack Port A N/A Stack Link Up 10 1 Stack Port B N/A Stack Link Up 10 2 Stack Port A N/A Stack Link Up 10 2 Stack Port B N/A Stack Link Up 10

Stacking S-Series Switches | 97

Using show Commands for Stacking Information

Use show commands to gather information about stack members. In this chapter, see the following examples of using

show stack-port: See Figure 5-55 on page 88.

•

show switch: See Figure 5-56 on page 88, Figure 5-57 on page 90, Figure 5-58 on page 91, and

Figure 5-59 on page 91.

•

show supported switchtype: See Figure 5-57 on page 90.

•

show bootvar: See Figure 5-62 on page 96, Figure 5-63 on page 96, and Figure 5-64 on page 97. show stack: See Figure 5-65 on page 97 and Figure 5-70 on page 100.

•

show commands:

www.dell.com | support.dell.com

To show information about MAC addresses in a stack, use the

Figure 5-66. Using the show mac-addr-table Command Example

Force10 #show mac-addr-table Mac Address Interface IfIndex Status

----------------------- --------- ------- -----------00:01:00:01:00:00:00:01 2/0/37 87 Learned 00:01:00:01:00:00:00:37 1/0/1 1 Learned 00:01:00:03:00:00:00:03 1/0/2 2 Learned 00:01:00:03:00:00:00:39 2/0/38 88 Learned 00:01:00:04:00:00:00:45 2/0/45 95 Learned 00:01:00:04:00:00:00:46 1/0/45 45 Learned 00:01:00:06:00:00:00:47 2/0/46 96 Learned 00:01:00:06:00:00:00:48 1/0/46 46 Learned 00:01:00:D0:95:B7:CD:2E 0/3/1 401 Management

Note: The “0/3/1” in the Interface column references the CPU.

To show information about stack port status, use the show stack-port command:

Figure 5-67. Using the show stack-port Command Example

Force10 #show stack-port

Stack Stack Link Link Unit Interface Mode Mode Status Speed (Gb/s)

show mac-addr-table command:

Configured Running

To show activity at the stack ports, use the show stack-port counters command:

98 | Stacking S-Series Switches

Figure 5-68. Using the show stack-port counters Command Example on an S50

Force10 #show stack-port counters

------------TX-------------- ------------RX------------- Data Error Data Error Rate Rate Total Rate Rate Total Unit Interface (Mb/s) (Errors/s) Errors (Mb/s) (Errors/s) Errors

---- ---------------- ------ ---------- ---------- ------ ---------- ---------1 Stack Port A 0 0 0 0 0 0 1 Stack Port B 0 0 0 0 0 0 2 Stack Port A 0 0 0 0 0 0 2 Stack Port B 0 0 0 0 0 0

For a summary of all stack members, use the show switch command. For details on one switch, use the

show switch unit command: Figure 5-69. show switch Command Example

Force10 #show switch

Management Preconfig Plugged-in Switch Code Switch Status Model ID Model ID Status Version

Manager Member

Member

Force10 #show switch 1

Switch............................ 1

Management Status................. Management Switch

Hardware Management Preference.... Unassigned

Admin Management Preference....... Unassigned

Switch Type....................... 0x56950202

Preconfigured Model Identifier.... SA-01-GE-48T

Plugged-in Model Identifier....... SA-01-GE-48T

Switch Status..................... OK

Switch Description................

Expected Code Type................ 0x100b000

Detected Code Version............. 2.3.1.5

Detected Code in Flash............ 2.3.1.5

Serial Number..................... DE40047

Up Time........................... 0 days 0 hrs 33 mins 55 secs

The show stack command shows pretty much the same data as the show stack-port command:

Stacking S-Series Switches | 99

Figure 5-70. show stack Command Example

Force10 #show stack

Configured Running Stack Stack Link Link Unit Interface Mode Mode Status Speed (Gb/s)

www.dell.com | support.dell.com

100 | Stacking S-Series Switches

Dell Force10 S2410-01-10GE-24P Quick Reference Guide

Specifications and Main Features

Frequently Asked Questions

User Manual

New Features

Other Changes to the Document

About this Guide

Objectives

Audience

Introduction to the Guide

Conventions

Related Dell Force10 Documents and Additional Information

Contact Information

Documentation Feedback

Technical Support

The iSupport Website

Accessing iSupport Services

Contacting the Technical Assistance Center

SFTOS Features

Overview of SFTOS Features

Layer 2 Package Feature Details

Basic Routing and Switching Support

VLAN

Multicast Protocols

Security and Packet Control Features

Management

Stacking

Layer 3 Package Feature Details

Extended Routing and Switching Support

Routing Protocol Support

Multicast Protocols

Management

Load Balancing

Notable Differences between S-Series and E-Series

Port Naming Convention

Getting Started

Setting up a Management Connection to the Switch

Connecting to the Console Port

Command Line Interface (CLI) Overview

CLI Command Modes

Getting Help From the CLI

Controlling Pagination

Checking Status

Viewing the Software Version and Switch Numbers

Verifying Details about the Switch

Showing Network Settings

Displaying Supported Features and System Up-time

Displaying Statistics

User Management

Creating a User and Password

Showing and Removing Created Users

Setting SNMP Read/Write Access

Setting the Enable Password

Enabling Interfaces

Enabling Ports

Setting the Management IP Address

Enabling Telnet to the Switch

Configuring an Interface with an IP Address

Using the Show IP Interface Command

Setting up SNMP Management

Creating VLANS

Important Points to Remember — VLANs

Setting Up the Management VLAN

Creating a VLAN

Enabling Spanning Tree Protocol

Managing Configuration and Software Files

Important Points to Remember — Files

Downloading and Uploading Files

Points to Remember when Transferring Files

Downloading a Software Image

Using Xmodem to Download Software

Using TFTP to Download Software

Saving the Running Configuration

Installing System Software

Managing SFTOS Software with SFTOS Version 2.5.1

Managing the Configuration

Clearing the Running Configuration

Saving the Startup Configuration to the Network

Configuring from the Network

Restoring the System to the Factory Default Configuration