Dell MX9116n User Manual

Dell EMC SmartFabric OS10 User Guide

Release 10.5.0

Notes, cautions, and warnings

NOTE: A NOTE indicates important information that helps you make better use of your product.

CAUTION: A CAUTION indicates either potential damage to hardware or loss of data and tells you how to avoid the

problem.

WARNING: A WARNING indicates a potential for property damage, personal injury, or death.

Other trademarks may be trademarks of their respective owners.

2019 - 12

Rev. A03

Contents

1 Change history........................................................................................................................... 28

2 Getting Started.......................................................................................................................... 31

Switch with factory-installed OS10....................................................................................................................................31

Log in ..............................................................................................................................................................................32

Check OS10 version...................................................................................................................................................... 32

OS10 upgrade.................................................................................................................................................................33

Check OS10 license.......................................................................................................................................................40

Re-install license ........................................................................................................................................................... 40

Switch without OS installed...............................................................................................................................................40

Uninstall existing OS.......................................................................................................................................................41

Download OS10 image................................................................................................................................................... 41

Installation using ONIE.................................................................................................................................................. 42

Log in ..............................................................................................................................................................................45

Install OS10 license........................................................................................................................................................ 46

Switch deployment options................................................................................................................................................48

Manual CLI configuration..............................................................................................................................................48

ZTD-automated switch deployment........................................................................................................................... 48

Ansible-automated switch provisioning...................................................................................................................... 48

Remote access.................................................................................................................................................................... 48

Configure Management IP address.............................................................................................................................48

Configure Management route .................................................................................................................................... 49

Configure user name and password............................................................................................................................49

3 CLI Basics.................................................................................................................................. 51

CONFIGURATION mode....................................................................................................................................................52

Check device status............................................................................................................................................................52

Command help.....................................................................................................................................................................54

Candidate configuration..................................................................................................................................................... 54

Copy running configuration ...............................................................................................................................................57

Restore startup configuration ...........................................................................................................................................57

Reload system image.......................................................................................................................................................... 58

Filter show commands........................................................................................................................................................58

Common OS10 commands.................................................................................................................................................59

boot................................................................................................................................................................................. 59

commit............................................................................................................................................................................ 59

configure.........................................................................................................................................................................59

copy.................................................................................................................................................................................60

delete............................................................................................................................................................................... 61

dir.....................................................................................................................................................................................62

discard.............................................................................................................................................................................63

do.....................................................................................................................................................................................63

end...................................................................................................................................................................................63

exit...................................................................................................................................................................................64

Contents 3

hostname........................................................................................................................................................................64

license..............................................................................................................................................................................64

lock.................................................................................................................................................................................. 65

management route........................................................................................................................................................65

move................................................................................................................................................................................66

no.....................................................................................................................................................................................66

ping.................................................................................................................................................................................. 67

ping6................................................................................................................................................................................68

reload...............................................................................................................................................................................70

show boot.......................................................................................................................................................................70

show candidate-configuration...................................................................................................................................... 71

show environment......................................................................................................................................................... 73

show inventory...............................................................................................................................................................73

show ip management-route......................................................................................................................................... 74

show ipv6 management-route.....................................................................................................................................74

show license status....................................................................................................................................................... 75

show running-configuration......................................................................................................................................... 75

show startup-configuration.......................................................................................................................................... 77

show system...................................................................................................................................................................78

show version.................................................................................................................................................................. 80

start.................................................................................................................................................................................80

system..............................................................................................................................................................................81

system-cli disable........................................................................................................................................................... 81

system-user linuxadmin disable.................................................................................................................................... 81

system identifier.............................................................................................................................................................82

terminal........................................................................................................................................................................... 82

traceroute.......................................................................................................................................................................82

unlock.............................................................................................................................................................................. 83

username password role...............................................................................................................................................84

write................................................................................................................................................................................ 85

4 Advanced CLI tasks.................................................................................................................... 86

Command alias.....................................................................................................................................................................86

Multi-line alias.................................................................................................................................................................87

alias..................................................................................................................................................................................89

alias (multi-line)..............................................................................................................................................................90

default (alias).................................................................................................................................................................. 91

description (alias)........................................................................................................................................................... 91

line (alias).........................................................................................................................................................................91

show alias........................................................................................................................................................................92

Batch mode..........................................................................................................................................................................93

batch............................................................................................................................................................................... 93

Linux shell commands......................................................................................................................................................... 94

Using OS9 commands........................................................................................................................................................ 95

feature config-os9-style...............................................................................................................................................96

5 Zero-touch deployment.............................................................................................................. 97

ZTD DHCP server configuration....................................................................................................................................... 99

ZTD provisioning script.......................................................................................................................................................99

Contents

ZTD CLI batch file..............................................................................................................................................................100

Post-ZTD script................................................................................................................................................................. 100

ZTD commands...................................................................................................................................................................101

reload ztd....................................................................................................................................................................... 101

show ztd-status............................................................................................................................................................101

ztd cancel......................................................................................................................................................................102

6 OS10 provisioning..................................................................................................................... 103

Using Ansible...................................................................................................................................................................... 103

Example: Configure an OS10 switch using Ansible........................................................................................................104

7 SmartFabric Services................................................................................................................ 107

SmartFabric Services personalities..................................................................................................................................107

SmartFabric Services for leaf and spine....................................................................................................................107

SmartFabric Services for PowerEdge MX................................................................................................................108

SmartFabric Services for leaf and spine......................................................................................................................... 109

SmartFabric Services Components .................................................................................................................................110

SmartFabric Services logical entities................................................................................................................................ 111

Uplinks............................................................................................................................................................................ 112

Uplink bonding options................................................................................................................................................. 112

Spanning tree considerations...................................................................................................................................... 113

Dynamic onboarding for integrated devices..............................................................................................................113

Statically onboarded server......................................................................................................................................... 113

Static onboarding for nonintegrated devices............................................................................................................113

Enable SmartFabric Services on the switches................................................................................................................113

Enable SmartFabric Services using GUI.....................................................................................................................114

SmartFabric Services Graphical User Interface..............................................................................................................114

Configure SmartFabric Services initial setup............................................................................................................ 115

Update Default Fabric, Switch Names, and Descriptions wizard...........................................................................115

Create Uplink for External Network Connectivity wizard....................................................................................... 116

Breakout Switch Ports wizard.....................................................................................................................................117

Configure Jump Host wizard.......................................................................................................................................118

Update Network Configuration wizard...................................................................................................................... 118

Onboard a Server onto the Fabric wizard................................................................................................................. 118

Edit Default Fabric Settings wizard............................................................................................................................118

Fabric operations and life cycle management.................................................................................................................119

SmartFabric commands.....................................................................................................................................................119

smartfabric l3fabric enable.......................................................................................................................................... 119

show smartfabric cluster.............................................................................................................................................120

show smartfabric cluster member............................................................................................................................. 120

show smartfabric details.............................................................................................................................................. 121

show smartfabric networks.........................................................................................................................................121

show smartfabric nodes..............................................................................................................................................122

show smartfabric personality......................................................................................................................................123

show smartfabric uplinks.............................................................................................................................................123

show smartfabric validation-error..............................................................................................................................124

8 SmartFabric Director.................................................................................................................125

Enable SmartFabric Director mode on a switch............................................................................................................ 125

Contents

Support for SmartFabric Director....................................................................................................................................125

gRPC Network Management Interface agent...............................................................................................................125

Lifecycle Management using SmartFabric Director...................................................................................................... 127

SmartFabric Director commands.....................................................................................................................................128

switch-operating mode............................................................................................................................................... 128

gnmi-security-profile....................................................................................................................................................129

show switch-operating-mode.................................................................................................................................... 129

show sfd status............................................................................................................................................................129

9 System management................................................................................................................. 131

System banners.................................................................................................................................................................. 131

Login banner.................................................................................................................................................................. 131

MOTD banner...............................................................................................................................................................132

System banner commands..........................................................................................................................................132

User session management................................................................................................................................................133

User session management commands......................................................................................................................134

Telnet server.......................................................................................................................................................................135

Telnet commands.........................................................................................................................................................135

Simple Network Management Protocol..........................................................................................................................136

SNMP security models and levels..............................................................................................................................136

MIBs...............................................................................................................................................................................136

SNMPv3........................................................................................................................................................................ 137

Configure SNMP..........................................................................................................................................................138

SNMP commands........................................................................................................................................................ 142

Example: Configure SNMP.........................................................................................................................................150

System clock....................................................................................................................................................................... 151

Time zones and UTC offset reference......................................................................................................................152

System Clock commands............................................................................................................................................167

Network Time Protocol.....................................................................................................................................................168

Enable NTP................................................................................................................................................................... 169

Broadcasts.................................................................................................................................................................... 170

Source IP address........................................................................................................................................................ 170

Authentication............................................................................................................................................................... 171

Sample NTP configuration...........................................................................................................................................171

NTP commands............................................................................................................................................................174

Dynamic Host Configuration Protocol.............................................................................................................................179

Packet format and options......................................................................................................................................... 180

DHCP server..................................................................................................................................................................181

Automatic address allocation.......................................................................................................................................181

Hostname resolution....................................................................................................................................................182

Manual binding entries.................................................................................................................................................183

DHCP relay agent.........................................................................................................................................................184

View DHCP Information..............................................................................................................................................185

System domain name and list.....................................................................................................................................185

DHCP snooping............................................................................................................................................................ 186

DHCP commands........................................................................................................................................................202

DHCP snooping commands....................................................................................................................................... 208

DNS commands............................................................................................................................................................213

IPv4 DHCP limitations................................................................................................................................................. 215

Contents

10 Interfaces............................................................................................................................... 216

Ethernet interfaces............................................................................................................................................................216

Unified port groups............................................................................................................................................................216

Z9264F-ON port-group profiles.......................................................................................................................................218

Port-groups on S5200F-ON switches............................................................................................................................219

L2 mode configuration......................................................................................................................................................226

L3 mode configuration......................................................................................................................................................226

Fibre Channel interfaces...................................................................................................................................................227

Configuring wavelength..............................................................................................................................................229

Management interface .................................................................................................................................................... 229

Management interface .............................................................................................................................................. 230

VLAN interfaces................................................................................................................................................................ 230

User-configured default VLAN........................................................................................................................................230

VLAN scale profile..............................................................................................................................................................231

Loopback interfaces.......................................................................................................................................................... 231

Port-channel interfaces....................................................................................................................................................232

Create port-channel....................................................................................................................................................232

Add port member........................................................................................................................................................ 232

Minimum links...............................................................................................................................................................233

Assign Port Channel IP Address................................................................................................................................233

Remove or disable port-channel................................................................................................................................234

Load balance traffic.....................................................................................................................................................234

Change hash algorithm...............................................................................................................................................235

Configure interface ranges.............................................................................................................................................. 235

Switch-port profiles.......................................................................................................................................................... 236

S4148-ON Series port profiles................................................................................................................................... 237

S4148U-ON port profiles............................................................................................................................................ 237

Configure negotiation modes on interfaces...................................................................................................................238

Configure breakout mode................................................................................................................................................ 239

Breakout auto-configuration............................................................................................................................................240

Reset default configuration.............................................................................................................................................. 241

Forward error correction..................................................................................................................................................242

Energy-efficient Ethernet................................................................................................................................................ 243

Enable energy-efficient Ethernet.............................................................................................................................. 243

Clear EEE counters..................................................................................................................................................... 244

View EEE status/statistics.........................................................................................................................................244

EEE commands............................................................................................................................................................245

View interface configuration............................................................................................................................................247

Digital optical monitoring..................................................................................................................................................250

Enable DOM and DOM traps......................................................................................................................................251

Interface commands.........................................................................................................................................................252

channel-group..............................................................................................................................................................252

default interface.......................................................................................................................................................... 252

default vlan-id.............................................................................................................................................................. 254

description (Interface)................................................................................................................................................255

duplex............................................................................................................................................................................256

enable dom...................................................................................................................................................................256

enable dom traps.........................................................................................................................................................256

feature auto-breakout.................................................................................................................................................257

Contents

fec..................................................................................................................................................................................257

interface breakout.......................................................................................................................................................258

interface ethernet....................................................................................................................................................... 258

interface loopback.......................................................................................................................................................258

interface mgmt............................................................................................................................................................259

interface null.................................................................................................................................................................259

interface port-channel................................................................................................................................................259

interface range............................................................................................................................................................ 260

interface vlan............................................................................................................................................................... 260

link-bundle-utilization...................................................................................................................................................261

mode.............................................................................................................................................................................. 261

mode l3......................................................................................................................................................................... 262

mtu................................................................................................................................................................................ 262

negotiation....................................................................................................................................................................263

port mode Eth..............................................................................................................................................................264

port-group....................................................................................................................................................................265

profile............................................................................................................................................................................ 265

scale-profile vlan..........................................................................................................................................................266

show discovered-expanders......................................................................................................................................266

show interface.............................................................................................................................................................266

show interface transceiver “Tunable wavelength”.................................................................................................268

show inventory media.................................................................................................................................................268

show link-bundle-utilization........................................................................................................................................270

show port-channel summary..................................................................................................................................... 270

show port-group...........................................................................................................................................................271

show switch-port-profile............................................................................................................................................272

show system................................................................................................................................................................ 272

show unit-provision..................................................................................................................................................... 273

show vlan......................................................................................................................................................................273

shutdown......................................................................................................................................................................274

speed (Fibre Channel).................................................................................................................................................274

speed (Management)................................................................................................................................................. 275

switch-port-profile...................................................................................................................................................... 275

switchport access vlan................................................................................................................................................277

switchport mode..........................................................................................................................................................277

switchport trunk allowed vlan....................................................................................................................................278

unit-provision................................................................................................................................................................278

wavelength...................................................................................................................................................................279

11 PowerEdge MX Ethernet I/O modules....................................................................................... 280

Operating modes...............................................................................................................................................................280

Changing operating modes.............................................................................................................................................. 282

Restrictions........................................................................................................................................................................ 282

Port groups on I/O modules............................................................................................................................................ 282

Double-density QSFP28 interfaces................................................................................................................................ 282

Virtual ports........................................................................................................................................................................284

Single-density QSFP28 interfaces.................................................................................................................................. 287

Server-facing interfaces...................................................................................................................................................289

Replace MX Ethernet IO modules in SmartFabric .......................................................................................................290

Deployment instructions.............................................................................................................................................290

Contents

Replace an IOM in SmartFabric.................................................................................................................................290

12 Fibre Channel..........................................................................................................................294

Fibre Channel over Ethernet........................................................................................................................................... 295

Configure FIP snooping.............................................................................................................................................. 295

Terminology........................................................................................................................................................................297

Virtual fabric.......................................................................................................................................................................297

Fibre Channel zoning........................................................................................................................................................ 299

F_Port on Ethernet........................................................................................................................................................... 301

Pinning FCoE traffic to a specific port of a port-channel.............................................................................................301

Sample FSB configuration on VLT network.............................................................................................................303

Sample FC Switch configuration on VLT network..................................................................................................305

Sample FSB configuration on non-VLT network.....................................................................................................307

Sample FC Switch configuration on non-VLT network......................................................................................... 309

Multi-hop FIP-snooping bridge.........................................................................................................................................310

Configuration notes..................................................................................................................................................... 310

Configure multi-hop FSB............................................................................................................................................. 311

Verify multi-hop FSB configuration............................................................................................................................317

Sample Multi-hop FSB configuration.........................................................................................................................318

Configuration guidelines....................................................................................................................................................331

NPIV Proxy Gateway cascading...................................................................................................................................... 331

Support for untagged VLAN in FCoE............................................................................................................................. 334

F_Port commands.............................................................................................................................................................334

fc alias........................................................................................................................................................................... 334

fc zone.......................................................................................................................................................................... 334

fc zoneset.....................................................................................................................................................................335

feature fc......................................................................................................................................................................335

member (alias).............................................................................................................................................................335

member (zone)............................................................................................................................................................336

member (zoneset).......................................................................................................................................................336

show fc alias.................................................................................................................................................................337

show fc interface-area-id mapping........................................................................................................................... 337

show fc ns switch........................................................................................................................................................337

show fc zone................................................................................................................................................................338

show fc zoneset.......................................................................................................................................................... 339

zone default-zone permit...........................................................................................................................................340

zoneset activate..........................................................................................................................................................340

NPG commands................................................................................................................................................................ 340

fc port-mode F............................................................................................................................................................. 341

feature fc npg...............................................................................................................................................................341

show npg devices.........................................................................................................................................................341

F_Port and NPG commands............................................................................................................................................342

clear fc statistics..........................................................................................................................................................342

fcoe .............................................................................................................................................................................. 342

name..............................................................................................................................................................................343

show fc statistics.........................................................................................................................................................343

show fc switch.............................................................................................................................................................344

show running-config vfabric...................................................................................................................................... 344

show vfabric.................................................................................................................................................................344

vfabric...........................................................................................................................................................................345

Contents

vfabric (interface)....................................................................................................................................................... 345

vlan................................................................................................................................................................................346

FIP-snooping commands..................................................................................................................................................346

feature fip-snooping....................................................................................................................................................346

fip-snooping enable..................................................................................................................................................... 347

fip-snooping fc-map....................................................................................................................................................347

fip-snooping port-mode..............................................................................................................................................347

FCoE commands............................................................................................................................................................... 348

clear fcoe database.....................................................................................................................................................348

clear fcoe statistics..................................................................................................................................................... 348

fcoe-pinned-port ........................................................................................................................................................ 349

fcoe max-sessions-per-enodemac............................................................................................................................349

fcoe priority-bits.......................................................................................................................................................... 349

lldp tlv-select dcbxp-appln fcoe................................................................................................................................350

show fcoe enode.........................................................................................................................................................350

show fcoe fcf................................................................................................................................................................351

show fcoe pinned-port................................................................................................................................................351

show fcoe sessions......................................................................................................................................................351

show fcoe statistics.................................................................................................................................................... 352

show fcoe system....................................................................................................................................................... 352

show fcoe vlan.............................................................................................................................................................353

13 Layer 2................................................................................................................................... 354

802.1X.................................................................................................................................................................................354

Port authentication..................................................................................................................................................... 355

EAP over RADIUS....................................................................................................................................................... 356

Configure 802.1X.........................................................................................................................................................356

Enable 802.1X...............................................................................................................................................................357

Identity retransmissions..............................................................................................................................................358

Failure quiet period......................................................................................................................................................358

Port control mode....................................................................................................................................................... 359

Reauthenticate port....................................................................................................................................................360

Configure timeouts...................................................................................................................................................... 361

802.1X commands....................................................................................................................................................... 362

Far-end failure detection..................................................................................................................................................366

Enable FEFD globally...................................................................................................................................................368

Enable FEFD on interface...........................................................................................................................................368

Reset FEFD err-disabled interface............................................................................................................................368

Display FEFD information........................................................................................................................................... 368

FEFD Commands........................................................................................................................................................ 369

Link Aggregation Control Protocol..................................................................................................................................372

Modes........................................................................................................................................................................... 372

Configuration................................................................................................................................................................372

Interfaces......................................................................................................................................................................373

Rates............................................................................................................................................................................. 373

Sample configuration...................................................................................................................................................374

LACP fallback............................................................................................................................................................... 377

LACP commands.........................................................................................................................................................380

Link Layer Discovery Protocol.........................................................................................................................................386

Optional TLVs.............................................................................................................................................................. 388

Contents

Basic TLVs....................................................................................................................................................................388

Organizationally specific TLVs...................................................................................................................................388

Media endpoint discovery.......................................................................................................................................... 390

Network connectivity device.....................................................................................................................................390

LLDP-MED capabilities TLV........................................................................................................................................391

Network policies TLVs.................................................................................................................................................391

Define network policies...............................................................................................................................................392

Packet timer values.....................................................................................................................................................393

Disable and enable LLDP ........................................................................................................................................... 393

Disable and enable LLDP on management ports.....................................................................................................394

Advertise TLVs............................................................................................................................................................ 395

Network policy advertisement...................................................................................................................................398

Fast start repeat count...............................................................................................................................................398

View LLDP configuration............................................................................................................................................398

Adjacent agent advertisements.................................................................................................................................400

Time to live....................................................................................................................................................................401

Advertise management address TLVs in a VLT domain..........................................................................................401

LLDP commands......................................................................................................................................................... 402

Media Access Control........................................................................................................................................................414

Static MAC Address.................................................................................................................................................... 414

MAC Address Table..................................................................................................................................................... 414

Clear MAC Address Table...........................................................................................................................................415

MAC Commands..........................................................................................................................................................415

Spanning-tree protocol......................................................................................................................................................417

EdgePort....................................................................................................................................................................... 418

Spanning-tree extensions........................................................................................................................................... 418

Recover from BPDU guard violations.......................................................................................................................420

MAC flush optimization............................................................................................................................................... 421

Debug configurations..................................................................................................................................................422

Setting spanning-tree link type for rapid state transitions.....................................................................................422

Common STP commands...........................................................................................................................................423

Rapid per-VLAN spanning-tree plus......................................................................................................................... 429

Rapid Spanning-Tree Protocol...................................................................................................................................437

Multiple Spanning-Tree...............................................................................................................................................444

Virtual LANs.......................................................................................................................................................................455

Default VLAN...............................................................................................................................................................456

Create or remove VLANs...........................................................................................................................................456

Access mode................................................................................................................................................................458

Trunk mode.................................................................................................................................................................. 458

Assign IP address........................................................................................................................................................ 459

View VLAN configuration...........................................................................................................................................460

VLAN commands......................................................................................................................................................... 461

Port monitoring..................................................................................................................................................................462

Local port monitoring..................................................................................................................................................462

Remote port monitoring............................................................................................................................................. 463

Encapsulated remote port monitoring......................................................................................................................465

Flow-based monitoring...............................................................................................................................................466

Remote port monitoring on VLT................................................................................................................................467

Port monitoring commands........................................................................................................................................469

Contents

14 Layer 3................................................................................................................................... 474

Virtual routing and forwarding......................................................................................................................................... 474

Configure management VRF......................................................................................................................................474

Configure non-default VRF instances.......................................................................................................................476

VRF configuration........................................................................................................................................................478

View VRF instance information................................................................................................................................. 482

Static route leaking..................................................................................................................................................... 482

VRF commands........................................................................................................................................................... 486

Bidirectional Forwarding Detection.................................................................................................................................493

BFD session states......................................................................................................................................................493

BFD three-way handshake.........................................................................................................................................494

BFD configuration....................................................................................................................................................... 495

Configure BFD globally............................................................................................................................................... 495

BFD for BGP................................................................................................................................................................ 496

BFD for OSPF..............................................................................................................................................................500

BFD for Static routes..................................................................................................................................................504

BFD commands........................................................................................................................................................... 506

Border Gateway Protocol..................................................................................................................................................511

Sessions and peers.......................................................................................................................................................512

Route reflectors........................................................................................................................................................... 513

Multiprotocol BGP....................................................................................................................................................... 513

Attributes...................................................................................................................................................................... 514

Selection criteria...........................................................................................................................................................514

Weight and local preference.......................................................................................................................................515

Multiexit discriminators............................................................................................................................................... 515

Origin............................................................................................................................................................................. 516

AS path and next-hop................................................................................................................................................. 516

Best path selection...................................................................................................................................................... 516

More path support....................................................................................................................................................... 517

Advertise cost...............................................................................................................................................................517

4-Byte AS numbers......................................................................................................................................................517

AS number migration...................................................................................................................................................518

Graceful restart............................................................................................................................................................ 518

Configure Border Gateway Protocol.........................................................................................................................519

Enable BGP...................................................................................................................................................................519

Disable announcements of ASN values....................................................................................................................522

Configure Dual Stack.................................................................................................................................................. 522

Configure administrative distance.............................................................................................................................522

Peer templates.............................................................................................................................................................523

Neighbor fall-over........................................................................................................................................................526

Configure password....................................................................................................................................................528

Fast external fallover.................................................................................................................................................. 529

Passive peering.............................................................................................................................................................531

Local AS.........................................................................................................................................................................531

AS number limit............................................................................................................................................................532

Redistribute routes......................................................................................................................................................533

Additional paths........................................................................................................................................................... 533

MED attributes............................................................................................................................................................ 534

Local preference attribute..........................................................................................................................................534

Contents

Weight attribute.......................................................................................................................................................... 535

Enable multipath..........................................................................................................................................................536

Route-map filters........................................................................................................................................................ 536

Route reflector clusters..............................................................................................................................................537

Aggregate routes.........................................................................................................................................................537

Confederations............................................................................................................................................................ 538

Route dampening........................................................................................................................................................ 539

Timers........................................................................................................................................................................... 540

Neighbor soft-reconfiguration...................................................................................................................................540

Redistribute iBGP route to OSPF.............................................................................................................................. 541

Debug BGP...................................................................................................................................................................543

BGP commands...........................................................................................................................................................544

Equal cost multi-path........................................................................................................................................................576

Load balancing............................................................................................................................................................. 576

Maximum ECMP groups and paths.......................................................................................................................... 579

ECMP commands....................................................................................................................................................... 580

IPv4 routing........................................................................................................................................................................584

Assign interface IP address........................................................................................................................................584

Configure static routing..............................................................................................................................................585

Address Resolution Protocol......................................................................................................................................586

IPv4 routing commands..............................................................................................................................................586

IPv6 routing........................................................................................................................................................................ 591

Enable or disable IPv6..................................................................................................................................................591

IPv6 addresses............................................................................................................................................................ 592

Stateless autoconfiguration....................................................................................................................................... 593

Neighbor Discovery.....................................................................................................................................................594

Duplicate address discovery...................................................................................................................................... 595

Static IPv6 routing...................................................................................................................................................... 595

IPv6 destination unreachable.....................................................................................................................................596

IPv6 hop-by-hop options........................................................................................................................................... 596

View IPv6 information................................................................................................................................................ 596

IPv6 commands........................................................................................................................................................... 597

Open shortest path first...................................................................................................................................................608

Autonomous system areas.........................................................................................................................................608

Areas, networks, and neighbors................................................................................................................................ 608

Router types................................................................................................................................................................ 609

Designated and backup designated routers............................................................................................................. 610

Link-state advertisements.......................................................................................................................................... 610

Router priority............................................................................................................................................................... 611

Shortest path first throttling....................................................................................................................................... 611

OSPFv2......................................................................................................................................................................... 612

OSPFv3........................................................................................................................................................................ 644

Object tracking manager..................................................................................................................................................663

Interface tracking........................................................................................................................................................ 664

Host tracking............................................................................................................................................................... 665

Set tracking delays......................................................................................................................................................666

Object tracking............................................................................................................................................................ 666

View tracked objects.................................................................................................................................................. 666

OTM commands..........................................................................................................................................................667

Policy-based routing......................................................................................................................................................... 669

Contents

Access-list to match route-map................................................................................................................................669

Set address to match route-map..............................................................................................................................670

Assign route-map to interface...................................................................................................................................670

View PBR information.................................................................................................................................................670

Policy-based routing per VRF.....................................................................................................................................671

Configuring PBR per VRF........................................................................................................................................... 671

PBR and VLT................................................................................................................................................................672

Sample configuration.................................................................................................................................................. 675

Track route reachability.............................................................................................................................................. 676

Use PBR to permit and block specific traffic...........................................................................................................677

View PBR configuration..............................................................................................................................................678

PBR commands........................................................................................................................................................... 678

Virtual Router Redundancy Protocol...............................................................................................................................681

Configuration................................................................................................................................................................ 681

Create virtual router....................................................................................................................................................682

Group version...............................................................................................................................................................683

Virtual IP addresses.....................................................................................................................................................683

Configure virtual IP address.......................................................................................................................................683

Configure virtual IP address in a VRF.......................................................................................................................685

Set group priority........................................................................................................................................................ 685

Authentication............................................................................................................................................................. 686

Disable preempt...........................................................................................................................................................686

Advertisement interval................................................................................................................................................687

Interface/object tracking........................................................................................................................................... 688

Configure tracking.......................................................................................................................................................688

VRRP commands........................................................................................................................................................ 689

15 Multicast................................................................................................................................695

Important notes.................................................................................................................................................................695

Configure multicast routing............................................................................................................................................. 695

Unknown multicast flood control.................................................................................................................................... 696

Enable multicast flood control................................................................................................................................... 697

Multicast Commands........................................................................................................................................................697

multicast snooping flood-restrict...............................................................................................................................697

Internet Group Management Protocol...........................................................................................................................698

Standards compliance.................................................................................................................................................698

Important notes...........................................................................................................................................................698

Supported IGMP versions..........................................................................................................................................699

Query interval.............................................................................................................................................................. 699

Last member query interval....................................................................................................................................... 699

Maximum response time............................................................................................................................................ 699

IGMP immediate leave................................................................................................................................................699

Select an IGMP version.............................................................................................................................................. 700

View IGMP-enabled interfaces and groups............................................................................................................. 700

IGMP snooping............................................................................................................................................................. 701

IGMP commands.........................................................................................................................................................702

Multicast Listener Discovery Protocol.............................................................................................................................712

MLD snooping...............................................................................................................................................................713

MLD snooping commands...........................................................................................................................................714

Protocol Independent Multicast...................................................................................................................................... 720

Contents

PIM terminology........................................................................................................................................................... 721

Standards compliance..................................................................................................................................................721

PIM-SM......................................................................................................................................................................... 721

PIM-SSM......................................................................................................................................................................722

Configure expiry timers for S, G entries................................................................................................................... 722

Configure static rendezvous point............................................................................................................................ 723

Configure dynamic RP using the BSR mechanism..................................................................................................723

Configure designated router priority.........................................................................................................................726

PIM commands............................................................................................................................................................726

PIM-SM sample configuration................................................................................................................................... 737

PIM-SSM sample configuration..................................................................................................................................741

Multicast VRF sample configuration...............................................................................................................................745

VLT multicast routing........................................................................................................................................................754

Multicast routing table synchronization....................................................................................................................754

IGMP message synchronization................................................................................................................................ 754

Egress mask................................................................................................................................................................. 754

Spanned VLAN.............................................................................................................................................................754

Deployment considerations........................................................................................................................................ 754

Example: Spanned L3 VLAN IIF.................................................................................................................................755

Example: Active-active PIM in a square VLT topology...........................................................................................762

VLT multicast routing show commands................................................................................................................... 792

16 VXLAN ...................................................................................................................................794

VXLAN concepts...............................................................................................................................................................794

VXLAN as NVO solution...................................................................................................................................................795

Configure VXLAN..............................................................................................................................................................795

Configure source IP address on VTEP..................................................................................................................... 796

Configure a VXLAN virtual network..........................................................................................................................796

Configure VLAN-tagged access ports......................................................................................................................797

Configure untagged access ports............................................................................................................................. 798

Enable overlay routing between virtual networks................................................................................................... 798

Advertise VXLAN source IP address ....................................................................................................................... 800

Configure VLT.............................................................................................................................................................. 801

L3 VXLAN route scaling ...................................................................................................................................................801

DHCP relay on VTEPs ..................................................................................................................................................... 803

View VXLAN configuration.............................................................................................................................................. 803

VXLAN MAC addresses................................................................................................................................................... 805

VXLAN commands............................................................................................................................................................807

hardware overlay-routing-profile...............................................................................................................................807

interface virtual-network............................................................................................................................................808

ip virtual-router address............................................................................................................................................. 808

ip virtual-router mac-address.................................................................................................................................... 809

member-interface....................................................................................................................................................... 809

nve................................................................................................................................................................................. 810

remote-vtep..................................................................................................................................................................810

show hardware overlay-routing-profile mode..........................................................................................................810

show interface virtual-network...................................................................................................................................811

show nve remote-vtep.................................................................................................................................................811

show nve remote-vtep counters............................................................................................................................... 812

show nve vxlan-vni...................................................................................................................................................... 812

Contents

show virtual-network...................................................................................................................................................813

show virtual-network counters.................................................................................................................................. 813

show virtual-network interface counters..................................................................................................................814

show virtual-network interface.................................................................................................................................. 814

show virtual-network vlan...........................................................................................................................................815

show vlan (virtual network)........................................................................................................................................815

source-interface loopback.......................................................................................................................................... 815

virtual-network............................................................................................................................................................. 816

virtual-network untagged-vlan...................................................................................................................................816

vxlan-vni........................................................................................................................................................................ 817

VXLAN MAC commands...................................................................................................................................................817

clear mac address-table dynamic nve remote-vtep................................................................................................ 817

clear mac address-table dynamic virtual-network................................................................................................... 817

show mac address-table count extended.................................................................................................................818

show mac address-table count nve...........................................................................................................................818

show mac address-table count virtual-network...................................................................................................... 819

show mac address-table extended...........................................................................................................................820

show mac address-table nve.....................................................................................................................................820

show mac address-table virtual-network................................................................................................................. 821

Example: VXLAN with static VTEP.................................................................................................................................822

BGP EVPN for VXLAN.....................................................................................................................................................835

BGP EVPN compared to static VXLAN................................................................................................................... 835

VXLAN BGP EVPN operation....................................................................................................................................835

Configure BGP EVPN for VXLAN............................................................................................................................. 837

VXLAN BGP EVPN routing.........................................................................................................................................841

BGP EVPN with VLT.................................................................................................................................................. 842

VXLAN BGP commands.............................................................................................................................................843

VXLAN EVPN commands.......................................................................................................................................... 846

Example: VXLAN with BGP EVPN............................................................................................................................852

Example: VXLAN BGP EVPN — Multiple AS topology .........................................................................................873

Example: VXLAN BGP EVPN — Centralized L3 gateway.................................................................................... 894

Example: VXLAN BGP EVPN — Border leaf gateway with asymmetric IRB..................................................... 896

Controller-provisioned VXLAN........................................................................................................................................ 899

Configure controller-provisioned VXLAN.................................................................................................................900

Configure and control VXLAN from VMware vCenter.......................................................................................... 903

Example: VXLAN with a controller configuration....................................................................................................906

VXLAN Controller commands.................................................................................................................................... 910

17 UFT modes..............................................................................................................................916

Configure UFT modes....................................................................................................................................................... 917

IPv6 extended prefix routes....................................................................................................................................... 918

UFT commands..................................................................................................................................................................918

hardware forwarding-table mode.............................................................................................................................. 918

hardware l3 ipv6-extended-prefix ............................................................................................................................ 919

show hardware forwarding-table mode....................................................................................................................919

show hardware forwarding-table mode all...............................................................................................................920

show hardware l3........................................................................................................................................................920

18 Security..................................................................................................................................921

Contents

AAA authentication............................................................................................................................................................921

User re-authentication......................................................................................................................................................922

Password strength............................................................................................................................................................922

Simple password check....................................................................................................................................................923

Obscure passwords.......................................................................................................................................................... 923

Role-based access control...............................................................................................................................................924

Assign user role..................................................................................................................................................................924

Bootloader protection.......................................................................................................................................................925

Linuxadmin user configuration.........................................................................................................................................925

AAA authentication........................................................................................................................................................... 926

RADIUS authentication.....................................................................................................................................................927

RADIUS over TLS authentication....................................................................................................................................928

TACACS+ authentication.................................................................................................................................................929

Unknown user role............................................................................................................................................................ 930

SSH server.........................................................................................................................................................................930

Virtual terminal line ACLs.................................................................................................................................................. 931

Restrict SNMP access..................................................................................................................................................... 932

Enable AAA accounting.................................................................................................................................................... 932

Enable user lockout...........................................................................................................................................................932

Limit concurrent login sessions....................................................................................................................................... 933

Enable login statistics........................................................................................................................................................933

Privilege levels .................................................................................................................................................................. 934

Configure privilege levels............................................................................................................................................934

Configure enable password........................................................................................................................................935

Audit log..............................................................................................................................................................................936

Security commands...........................................................................................................................................................937

aaa accounting.............................................................................................................................................................937

aaa authentication login..............................................................................................................................................937

aaa re-authenticate enable........................................................................................................................................ 938

boot protect disable username..................................................................................................................................938

boot protect enable username password.................................................................................................................939

clear logging audit....................................................................................................................................................... 939

crypto ssh-key generate............................................................................................................................................ 939

disable........................................................................................................................................................................... 940

enable............................................................................................................................................................................940

enable password priv-lvl..............................................................................................................................................941

ip access-class..............................................................................................................................................................941

ip radius source-interface...........................................................................................................................................942

ip tacacs source-interface..........................................................................................................................................942

ipv6 access-class.........................................................................................................................................................942

ip ssh server challenge-response-authentication....................................................................................................943

ip ssh server cipher..................................................................................................................................................... 943

ip ssh server enable.....................................................................................................................................................944

ip ssh server hostbased-authentication................................................................................................................... 944

ip ssh server kex..........................................................................................................................................................944

ip ssh server mac.........................................................................................................................................................945

ip ssh server password-authentication.....................................................................................................................946

ip ssh server port.........................................................................................................................................................946

ip ssh server pubkey-authentication.........................................................................................................................947

ip ssh server vrf........................................................................................................................................................... 947

Contents

line vty...........................................................................................................................................................................947

logging audit enable.....................................................................................................................................................948

login concurrent-session limit.................................................................................................................................... 948

login-statistics enable................................................................................................................................................. 948

mac address-table static............................................................................................................................................949

password-attributes....................................................................................................................................................949

password-attributes max-retry lockout-period.......................................................................................................950

privilege........................................................................................................................................................................ 950

radius-server host........................................................................................................................................................951

radius-server host tls.................................................................................................................................................. 952

radius-server retransmit.............................................................................................................................................952

radius-server timeout..................................................................................................................................................953

radius-server vrf..........................................................................................................................................................953

service obscure-password......................................................................................................................................... 953

service simple-password............................................................................................................................................ 954

show boot protect...................................................................................................................................................... 954

show crypto ssh-key...................................................................................................................................................955

show ip ssh...................................................................................................................................................................955

show mac address-table count................................................................................................................................. 956

show logging audit...................................................................................................................................................... 956

show login-statistics................................................................................................................................................... 957

show privilege.............................................................................................................................................................. 957

show running-configuration privilege....................................................................................................................... 958

show users................................................................................................................................................................... 958

system-user linuxadmin disable................................................................................................................................. 958

system-user linuxadmin password............................................................................................................................ 959

tacacs-server host......................................................................................................................................................959

tacacs-server timeout................................................................................................................................................ 960

tacacs-server vrf.........................................................................................................................................................960

username password role............................................................................................................................................. 961

username sshkey..........................................................................................................................................................961

username sshkey filename......................................................................................................................................... 962

userrole inherit............................................................................................................................................................. 963

X.509v3 certificates......................................................................................................................................................... 964

X.509v3 concepts.......................................................................................................................................................964

Public key infrastructure............................................................................................................................................ 964

Manage CA certificates..............................................................................................................................................965

Certificate revocation................................................................................................................................................. 967

Request and install host certificates.........................................................................................................................968

Self-signed certificates ...............................................................................................................................................971

Security profiles........................................................................................................................................................... 973

Cluster security............................................................................................................................................................974

X.509v3 commands.................................................................................................................................................... 976

Example: Configure RADIUS over TLS with X.509v3 certificates........................................................................986

19 OpenFlow............................................................................................................................... 988

OpenFlow logical switch instance...................................................................................................................................989

OpenFlow controller......................................................................................................................................................... 989

OpenFlow version 1.3........................................................................................................................................................989

Ports............................................................................................................................................................................. 989

Contents

Flow table.....................................................................................................................................................................989

Group table.................................................................................................................................................................. 990

Meter table...................................................................................................................................................................990

Instructions.................................................................................................................................................................. 990

Action set..................................................................................................................................................................... 990

Action types..................................................................................................................................................................991

Counters........................................................................................................................................................................991

OpenFlow protocol......................................................................................................................................................992

OpenFlow use cases....................................................................................................................................................... 1004

Configure OpenFlow....................................................................................................................................................... 1004

Establish TLS connection......................................................................................................................................... 1006

OpenFlow commands..................................................................................................................................................... 1006

controller.....................................................................................................................................................................1006

dpid-mac-address......................................................................................................................................................1007

in-band-mgmt............................................................................................................................................................ 1008

max-backoff............................................................................................................................................................... 1008

mode openflow-only..................................................................................................................................................1009

openflow..................................................................................................................................................................... 1009

probe-interval..............................................................................................................................................................1010

protocol-version..........................................................................................................................................................1010

rate-limit packet_in..................................................................................................................................................... 1011

show openflow.............................................................................................................................................................1011

show openflow flows................................................................................................................................................. 1012

show openflow ports..................................................................................................................................................1013

show openflow switch............................................................................................................................................... 1014

show openflow switch controllers............................................................................................................................1015

switch...........................................................................................................................................................................1015

OpenFlow-only mode commands...................................................................................................................................1016

20 Access Control Lists.............................................................................................................. 1018

IP ACLs.............................................................................................................................................................................. 1018

MAC ACLs.........................................................................................................................................................................1018

Control-plane ACLs..........................................................................................................................................................1019

Control-plane ACL qualifiers..................................................................................................................................... 1019

IP fragment handling.......................................................................................................................................................1020

L3 ACL rules.....................................................................................................................................................................1020

Assign sequence number to filter...................................................................................................................................1021

Delete ACL rule................................................................................................................................................................ 1022

L2 and L3 ACLs................................................................................................................................................................1022

Assign and apply ACL filters...........................................................................................................................................1023

Ingress ACL filters............................................................................................................................................................1024

Egress ACL filters............................................................................................................................................................ 1024

VTY ACLs..........................................................................................................................................................................1025

SNMP ACLs..................................................................................................................................................................... 1025

Clear access-list counters.............................................................................................................................................. 1025

IP prefix-lists.....................................................................................................................................................................1025

Route-maps......................................................................................................................................................................1026

Match routes....................................................................................................................................................................1027

Set conditions...................................................................................................................................................................1027

Continue clause................................................................................................................................................................1028

Contents

ACL flow-based monitoring............................................................................................................................................1028

Enable flow-based monitoring........................................................................................................................................1029

View ACL table utilization report...................................................................................................................................1030

Known behavior.......................................................................................................................................................... 1031

ACL logging....................................................................................................................................................................... 1031

Important notes..........................................................................................................................................................1032

ACL commands................................................................................................................................................................1032

clear ip access-list counters..................................................................................................................................... 1032

clear ipv6 access-list counters.................................................................................................................................1032

clear mac access-list counters.................................................................................................................................1033

deny............................................................................................................................................................................. 1033

deny (IPv6).................................................................................................................................................................1034

deny (MAC)................................................................................................................................................................1034

deny icmp....................................................................................................................................................................1035

deny icmp (IPv6)....................................................................................................................................................... 1036

deny ip.........................................................................................................................................................................1036

deny ipv6.....................................................................................................................................................................1037

deny tcp...................................................................................................................................................................... 1037

deny tcp (IPv6)..........................................................................................................................................................1038

deny udp..................................................................................................................................................................... 1039

deny udp (IPv6)......................................................................................................................................................... 1039

description.................................................................................................................................................................. 1040

ip access-group..........................................................................................................................................................1040

ip access-list................................................................................................................................................................1041

ip as-path access-list................................................................................................................................................. 1041

ip community-list standard deny..............................................................................................................................1042

ip community–list standard permit..........................................................................................................................1042

ip extcommunity-list standard deny........................................................................................................................ 1043

ip extcommunity-list standard permit..................................................................................................................... 1043

ip prefix-list description.............................................................................................................................................1043

ip prefix-list deny........................................................................................................................................................1044

ip prefix-list permit.....................................................................................................................................................1044

ip prefix-list seq deny.................................................................................................................................................1044

ip prefix-list seq permit..............................................................................................................................................1045

ipv6 access-group..................................................................................................................................................... 1045

ipv6 access-list...........................................................................................................................................................1046

ipv6 prefix-list deny................................................................................................................................................... 1046

ipv6 prefix-list description........................................................................................................................................ 1046

ipv6 prefix-list permit.................................................................................................................................................1047

ipv6 prefix-list seq deny............................................................................................................................................ 1047

ipv6 prefix-list seq permit......................................................................................................................................... 1047

mac access-group..................................................................................................................................................... 1048

mac access-list...........................................................................................................................................................1048

permit.......................................................................................................................................................................... 1049

permit (IPv6)..............................................................................................................................................................1049

permit (MAC).............................................................................................................................................................1050

permit icmp..................................................................................................................................................................1051

permit icmp (IPv6)..................................................................................................................................................... 1051

permit ip...................................................................................................................................................................... 1052

permit ipv6..................................................................................................................................................................1052

Contents

permit tcp................................................................................................................................................................... 1053

permit tcp (IPv6)....................................................................................................................................................... 1053

permit udp...................................................................................................................................................................1054

permit udp (IPv6)...................................................................................................................................................... 1055

remark......................................................................................................................................................................... 1056

seq deny......................................................................................................................................................................1056

seq deny (IPv6)..........................................................................................................................................................1057

seq deny (MAC).........................................................................................................................................................1057

seq deny icmp............................................................................................................................................................ 1058

seq deny icmp (IPv6)................................................................................................................................................ 1058

seq deny ip..................................................................................................................................................................1059

seq deny ipv6............................................................................................................................................................. 1060

seq deny tcp...............................................................................................................................................................1060

seq deny tcp (IPv6)....................................................................................................................................................1061

seq deny udp.............................................................................................................................................................. 1062

seq deny udp (IPv6)..................................................................................................................................................1063

seq permit...................................................................................................................................................................1064

seq permit (IPv6).......................................................................................................................................................1064

seq permit (MAC)......................................................................................................................................................1065

seq permit icmp..........................................................................................................................................................1065

seq permit icmp (IPv6)............................................................................................................................................. 1066

seq permit ip............................................................................................................................................................... 1067

seq permit ipv6...........................................................................................................................................................1067

seq permit tcp............................................................................................................................................................ 1068

seq permit tcp (IPv6)................................................................................................................................................1069

seq permit udp........................................................................................................................................................... 1069

seq permit udp (IPv6)............................................................................................................................................... 1070

show access-group.................................................................................................................................................... 1071

show access-lists....................................................................................................................................................... 1072

show acl-table-usage detail...................................................................................................................................... 1074

show ip as-path-access-list .....................................................................................................................................1077

show ip community-list..............................................................................................................................................1077

show ip extcommunity-list........................................................................................................................................ 1077

show ip prefix-list.......................................................................................................................................................1078

show logging access-list........................................................................................................................................... 1078

Route-map commands....................................................................................................................................................1078

continue.......................................................................................................................................................................1078

match as-path............................................................................................................................................................ 1079

match community...................................................................................................................................................... 1079

match extcommunity.................................................................................................................................................1079

match interface..........................................................................................................................................................1080

match ip address........................................................................................................................................................1080

match ip next-hop..................................................................................................................................................... 1080

match ipv6 address.................................................................................................................................................... 1081

match ipv6 next-hop..................................................................................................................................................1081

match metric...............................................................................................................................................................1081

match origin................................................................................................................................................................1082

match route-type.......................................................................................................................................................1082

match tag....................................................................................................................................................................1082

route-map................................................................................................................................................................... 1083

Contents

set comm-list add...................................................................................................................................................... 1083

set comm-list delete..................................................................................................................................................1084

set community............................................................................................................................................................1084

set extcomm-list add.................................................................................................................................................1084

set extcomm-list delete............................................................................................................................................ 1085

set extcommunity......................................................................................................................................................1085

set local-preference.................................................................................................................................................. 1085

set metric....................................................................................................................................................................1086

set metric-type.......................................................................................................................................................... 1086

set next-hop............................................................................................................................................................... 1087

set origin......................................................................................................................................................................1087

set tag......................................................................................................................................................................... 1088

set weight................................................................................................................................................................... 1088

show route-map.........................................................................................................................................................1088

21 Quality of service...................................................................................................................1090

Configure quality of service............................................................................................................................................1090

Ingress traffic classification............................................................................................................................................1092

Data traffic classification.......................................................................................................................................... 1092

Control-plane policing............................................................................................................................................... 1096

Egress traffic classification.............................................................................................................................................. 1101

Policing traffic...................................................................................................................................................................1102

Mark Traffic.......................................................................................................................................................................1103

Color traffic....................................................................................................................................................................... 1103

Modify packet fields.........................................................................................................................................................1103

Shaping traffic.................................................................................................................................................................. 1103

Bandwidth allocation........................................................................................................................................................1104

Strict priority queuing...................................................................................................................................................... 1105

Rate adjustment............................................................................................................................................................... 1106

Buffer management......................................................................................................................................................... 1107

Configure ingress buffer............................................................................................................................................ 1107

Configure egress buffer.............................................................................................................................................1109

Deep Buffer mode...................................................................................................................................................... 1109

Congestion avoidance...................................................................................................................................................... 1110

Storm control.....................................................................................................................................................................1112

RoCE for faster access and lossless connectivity........................................................................................................ 1112

Configure RoCE on the switch..................................................................................................................................1113

RoCE for VXLAN over VLT........................................................................................................................................1114

Buffer statistics tracking............................................................................................................................................1123

Port to port-pipe and MMU mapping............................................................................................................................ 1124

QoS commands.................................................................................................................................................................1128

bandwidth....................................................................................................................................................................1128

buffer-statistics-tracking...........................................................................................................................................1129

class..............................................................................................................................................................................1129

class-map.....................................................................................................................................................................1129

clear qos statistics......................................................................................................................................................1130

clear qos statistics type............................................................................................................................................. 1130

control-plane................................................................................................................................................................ 1131

control-plane-buffer-size........................................................................................................................................... 1131

flowcontrol...................................................................................................................................................................1132

Contents

hardware deep-buffer-mode.....................................................................................................................................1132

match........................................................................................................................................................................... 1132

match cos.................................................................................................................................................................... 1133

match dscp..................................................................................................................................................................1133

match precedence......................................................................................................................................................1134

match queue................................................................................................................................................................1134

match vlan................................................................................................................................................................... 1135

mtu............................................................................................................................................................................... 1135

pause............................................................................................................................................................................ 1135

pfc-cos.........................................................................................................................................................................1136

pfc-max-buffer-size...................................................................................................................................................1136

pfc-shared-buffer-size...............................................................................................................................................1137

pfc-shared-headroom-buffer-size............................................................................................................................1137

police.............................................................................................................................................................................1137

policy-map................................................................................................................................................................... 1138

priority.......................................................................................................................................................................... 1138

priority-flow-control mode........................................................................................................................................ 1139

qos-group dot1p..........................................................................................................................................................1139

qos-group dscp...........................................................................................................................................................1139

qos-map traffic-class................................................................................................................................................. 1140

qos-rate-adjust........................................................................................................................................................... 1140

queue-limit...................................................................................................................................................................1140

queue bandwidth......................................................................................................................................................... 1141

queue qos-group.........................................................................................................................................................1142

queue qos-group (Z9332F-ON)............................................................................................................................... 1142

random-detect (interface)........................................................................................................................................ 1142

random-detect (queue)............................................................................................................................................. 1143

random-detect color.................................................................................................................................................. 1143

random-detect ecn.....................................................................................................................................................1143

random-detect ecn.....................................................................................................................................................1144

random-detect pool....................................................................................................................................................1144

random-detect weight............................................................................................................................................... 1144

service-policy.............................................................................................................................................................. 1145

set cos..........................................................................................................................................................................1145

set dscp........................................................................................................................................................................1145

set qos-group..............................................................................................................................................................1146

shape............................................................................................................................................................................1146

show class-map...........................................................................................................................................................1147

show control-plane buffers....................................................................................................................................... 1147

show control-plane buffer-stats...............................................................................................................................1148

show control-plane info............................................................................................................................................. 1149

show control-plane statistics.................................................................................................................................... 1149

show hardware deep-buffer-mode..........................................................................................................................1150

show interface priority-flow-control.........................................................................................................................1151

show qos interface......................................................................................................................................................1151

show policy-map.........................................................................................................................................................1152

show qos control-plane..............................................................................................................................................1152

show qos egress buffers interface...........................................................................................................................1152

show qos egress buffer-statistics-tracking............................................................................................................ 1153

show qos egress buffer-stats interface.................................................................................................................. 1154

Contents

show qos headroom-pool buffer-statistics-tracking............................................................................................. 1154

show qos ingress buffers interface..........................................................................................................................1155

show qos ingress buffer-statistics-tracking........................................................................................................... 1155

show qos ingress buffer-stats interface..................................................................................................................1156

show qos maps........................................................................................................................................................... 1156

show qos maps (Z9332F-ON)..................................................................................................................................1158

show qos port-map details........................................................................................................................................1159

show qos-rate-adjust................................................................................................................................................. 1164

show qos service-pool buffer-statistics-tracking...................................................................................................1164

show qos system........................................................................................................................................................ 1164

show qos system buffers.......................................................................................................................................... 1165

show qos wred-profile............................................................................................................................................... 1166

show queuing statistics..............................................................................................................................................1167

system qos...................................................................................................................................................................1168

trust dot1p-map.......................................................................................................................................................... 1168

trust dscp-map........................................................................................................................................................... 1168

trust-map.....................................................................................................................................................................1169

wred............................................................................................................................................................................. 1169

22 Virtual Link Trunking.............................................................................................................. 1170

Terminology........................................................................................................................................................................1171

VLT domain........................................................................................................................................................................ 1171

VLT interconnect..............................................................................................................................................................1172

Graceful LACP with VLT..................................................................................................................................................1172

Configure VLT...................................................................................................................................................................1174

Configure a Spanning Tree Protocol........................................................................................................................1175

Create the VLT domain..............................................................................................................................................1178

Configure the VLTi..................................................................................................................................................... 1179

Configure the VLT MAC address..............................................................................................................................1179

Configure the delay restore timer.............................................................................................................................1179

Configure the VLT peer liveliness check................................................................................................................. 1180

Configure a VLT port channel...................................................................................................................................1184

Configure VLT peer routing.......................................................................................................................................1185

Configure VRRP Active-Active mode............................................................................................................................1185

Migrate VMs across data centers with eVLT...............................................................................................................1185

View VLT information...................................................................................................................................................... 1189

VLT commands.................................................................................................................................................................1190

backup destination..................................................................................................................................................... 1190

delay-restore............................................................................................................................................................... 1190

discovery-interface..................................................................................................................................................... 1191

peer-routing................................................................................................................................................................. 1191

peer-routing-timeout.................................................................................................................................................. 1191

primary-priority............................................................................................................................................................1192

show running-configuration vlt.................................................................................................................................1192

show spanning-tree virtual-interface ......................................................................................................................1193

show vlt........................................................................................................................................................................1194

show vlt backup-link...................................................................................................................................................1195

show vlt mac-inconsistency......................................................................................................................................1195

show vlt mismatch..................................................................................................................................................... 1196

show vlt role................................................................................................................................................................1199

Contents

show vlt vlt-port-detail.............................................................................................................................................. 1199

vlt-domain...................................................................................................................................................................1200

vlt-port-channel......................................................................................................................................................... 1200

vlt-mac.........................................................................................................................................................................1201

vrrp mode active-active.............................................................................................................................................1201

23 Uplink Failure Detection......................................................................................................... 1202

Configure uplink failure detection..................................................................................................................................1203

Uplink failure detection on VLT......................................................................................................................................1205

Sample configurations of UFD on VLT....................................................................................................................1206

UFD commands............................................................................................................................................................... 1208

clear ufd-disable.........................................................................................................................................................1208

defer-time...................................................................................................................................................................1209

downstream................................................................................................................................................................1209

downstream auto-recover.........................................................................................................................................1210

downstream disable links........................................................................................................................................... 1210

enable...........................................................................................................................................................................1210

name..............................................................................................................................................................................1211

show running-configuration uplink-state-group .....................................................................................................1211

show uplink-state-group ........................................................................................................................................... 1211

uplink-state-group ..................................................................................................................................................... 1212

upstream......................................................................................................................................................................1213

24 Converged data center services.............................................................................................. 1214

Priority flow control..........................................................................................................................................................1214

PFC configuration notes............................................................................................................................................1215

Configure PFC.............................................................................................................................................................1217

PFC commands..........................................................................................................................................................1220

Enhanced transmission selection...................................................................................................................................1223

ETS configuration notes............................................................................................................................................1223

Configure ETS............................................................................................................................................................ 1224

ETS commands.......................................................................................................................................................... 1226

Data center bridging eXchange .................................................................................................................................... 1226

DCBX configuration notes........................................................................................................................................ 1227

Configure DCBX ........................................................................................................................................................1227

DCBX commands.......................................................................................................................................................1230

Internet small computer system interface....................................................................................................................1233

iSCSI configuration notes......................................................................................................................................... 1234

Configure iSCSI optimization....................................................................................................................................1234

iSCSI synchronization on VLT.................................................................................................................................. 1236

iSCSI commands........................................................................................................................................................ 1237

Converged network DCB example................................................................................................................................1240

25 sFlow....................................................................................................................................1247

Enable sFlow.....................................................................................................................................................................1247

Max-header size configuration...................................................................................................................................... 1248

Collector configuration....................................................................................................................................................1249

Polling-interval configuration......................................................................................................................................... 1250

Sample-rate configuration..............................................................................................................................................1250

Contents

Source interface configuration....................................................................................................................................... 1251

View sFlow information...................................................................................................................................................1252

sFlow commands............................................................................................................................................................. 1253

sflow collector............................................................................................................................................................ 1253

sflow enable................................................................................................................................................................1253

sflow max-header-size..............................................................................................................................................1254

sflow polling-interval..................................................................................................................................................1254

sflow sample-rate...................................................................................................................................................... 1254

sflow source-interface.............................................................................................................................................. 1255

show sflow..................................................................................................................................................................1255

26 Telemetry ............................................................................................................................ 1257

Telemetry terminology.................................................................................................................................................... 1257

YANG-modeled telemetry data......................................................................................................................................1257

Configure telemetry........................................................................................................................................................ 1259

View telemetry configuration.........................................................................................................................................1260

Telemetry commands......................................................................................................................................................1263

debug telemetry.........................................................................................................................................................1263

destination...................................................................................................................................................................1263

destination-group (subscription-profile).................................................................................................................1264

destination-group (telemetry)..................................................................................................................................1264

enable.......................................................................................................................................................................... 1264

encoding......................................................................................................................................................................1265

sensor-group (subscription-profile)........................................................................................................................ 1265

sensor-group (telemetry)......................................................................................................................................... 1266

sensor-path.................................................................................................................................................................1266

show telemetry...........................................................................................................................................................1267

source interface......................................................................................................................................................... 1269

subscription-profile.................................................................................................................................................... 1270

telemetry..................................................................................................................................................................... 1270

transport......................................................................................................................................................................1270

Example: Configure streaming telemetry...................................................................................................................... 1271

27 RESTCONF API..................................................................................................................... 1273

Configure RESTCONF API............................................................................................................................................. 1273

CLI commands for RESTCONF API.............................................................................................................................. 1274

rest api restconf......................................................................................................................................................... 1274

rest https cipher-suite...............................................................................................................................................1274

rest https server-certificate..................................................................................................................................... 1275

rest https session timeout........................................................................................................................................ 1275

RESTCONF API tasks..................................................................................................................................................... 1275

View XML structure of CLI commands...................................................................................................................1276

RESTCONF API Examples........................................................................................................................................ 1277

28 Troubleshoot OS10................................................................................................................ 1279

Diagnostic tools................................................................................................................................................................1279

Boot partition and image...........................................................................................................................................1280

Monitor processes..................................................................................................................................................... 1280

LED settings................................................................................................................................................................ 1281

Contents

Packet analysis............................................................................................................................................................1281

Port adapters and modules.......................................................................................................................................1282

Test network connectivity........................................................................................................................................1282

View solution ID..........................................................................................................................................................1283

View diagnostics........................................................................................................................................................ 1285

Diagnostic commands............................................................................................................................................... 1286

Recover Linux password ................................................................................................................................................1293

Recover OS10 user name password ............................................................................................................................ 1294

Restore factory defaults.................................................................................................................................................1296

SupportAssist................................................................................................................................................................... 1297

Important notes..........................................................................................................................................................1297

Configure SupportAssist........................................................................................................................................... 1297

Set company name....................................................................................................................................................1298

Set contact information............................................................................................................................................1299

Schedule activity........................................................................................................................................................1299

View status.................................................................................................................................................................1300

List of country names and codes..............................................................................................................................1301

SupportAssist commands......................................................................................................................................... 1307

Support bundle..................................................................................................................................................................1317

Event notifications......................................................................................................................................................1317

generate support-bundle........................................................................................................................................... 1317

System monitoring........................................................................................................................................................... 1318

System events and alarms.........................................................................................................................................1318

System logging...........................................................................................................................................................1320

System logging over TLS...........................................................................................................................................1321

View system logs........................................................................................................................................................1323

Environmental monitoring.........................................................................................................................................1324

Link-bundle monitoring..............................................................................................................................................1324

Alarm commands....................................................................................................................................................... 1325

Logging commands.................................................................................................................................................... 1331

Log into OS10 device.......................................................................................................................................................1336

Frequently asked questions............................................................................................................................................ 1337

Installation................................................................................................................................................................... 1337

Hardware.....................................................................................................................................................................1337

Configuration..............................................................................................................................................................1338

Security....................................................................................................................................................................... 1338

Layer 2.........................................................................................................................................................................1338

Layer 3.........................................................................................................................................................................1338

System management.................................................................................................................................................1338

Access control lists.................................................................................................................................................... 1339

Quality of service....................................................................................................................................................... 1339

Monitoring...................................................................................................................................................................1339

29 Support resources.................................................................................................................1340

Contents

Change history

The following table provides an overview of the changes to this guide from a previous OS10 release to 10.5.0.3 release. For more information about the new features, see the respective sections.

Table 1. New in 10.5.0.3

Revision Date Feature Description

A03 2019–12-06

Enable SmartFabric Services on the switches

Enable or disable SmartFabric Services in an OS10 switch using OS10 CLI.

SmartFabric Services Graphical User Interface

Disable announcements of ASN values

Table 2. New in 10.5.0.1P1

Revision Date Feature Description

A02 2019–10-07 Priority flow control • Configure the traffic-class to queue mapping for the

queue qos-group (Z9332F-ON) Configure the mapping of different traffic types of traffic classes

show qos maps (Z9332F-ON) Displays the QoS maps configuration of dot1p-to-traffic class,

Table 3. New in 10.5.0.1

Revision Date Feature Description

Facilitates day zero deployment configurations and management of the switches in a Layer 3 fabric formed in leaf and spine topology.

Configure the system to modify the AS_PATH attribute of the received BGP routes and disable prepending the globally configured AS number.

Z9332F-ON.

• View the format of the default traffic-class to queue mapping.

to different queues.

DSCP-to-traffic class, and traffic-class to queue mapping in the device.

A01 2019–09-17 MX Ethernet IO modules replacement

in SmartFabric

SmartFabric Services mode CLI support:

• NTP

• SupportAssist

• Logging

• System Clock

• Security

• F_Port commands

SmartFabric Services show commands

28 Change history

Replace an Ethernet I/O module (IOM) that is part of a SmartFabric.

Configure the following protocols or services using the SmartFabric OS10 CLI:

• NTP

• SupportAssist

• Logging

• SNMP

• System Clock

• Security

• FC Zone

View SmartFabric-related configuration information using show commands.

Revision Date Feature Description

Untagged VLANs support in SmartFabric Services mode

Use any untagged VLAN In SmartFabric Services mode for FCoE uplinks and FCoE supported server ports, which are part of the FCoE VLAN.

Lifecycle Management using SmartFabric Director

gRPC Network Management Interface agent

Management address TLV in VLT domain

Default hostname Sets the default hostname automatically using a module-slot

VLT backup link in SmartFabric Services mode

Table 4. New in 10.5.0.0

Revision Date Feature Description

A00 2019–08-09 VLT multicast routing

DHCP Snooping

Configure dynamic RP using BSR mechanism

The gNMI agent processes image upgrade or downgrade requests from the SmartFabric Director server. The server sends these requests to the gNMI agent using Google Network Operating Interface (gNOI) API calls.

New interface to support OS10 device configuration using gNMI protocol and Openconfig yang models. Supports Create, Read, Update, and Delete (CRUD) operations on OS10, Telemetry agent configuration, OS10 lifecycle management (LCM) through gNOI protocol.

Send virtual addresses corresponding to the VLT peers over management address TLV.

format.

VLT peer liveliness check is auto-configured in SmartFabric Services mode.

Configure multicast routing on a VLT domain for IPv4 networks.

Monitor DHCP messages and block untrusted or rogue DHCP servers.

Automatically discover the Rendezvous Point (RP) for a given multicast group in a multicast network.

• VXLAN - Multi-AS

• Centralized Layer 3 Gateway

Routing

• Border Leaf Gateway

System events and alarms Change the severity of events using Severity Profiles.

Certificate revocation

Redistribute iBGP routes to OSPF Redistribute routes learned using internal BGP to OSPF.

Port to port pipe and MMU mapping

Configure openflow

NPIV Proxy Gateway cascading

Obscure passwords

RADIUS authentication

Simple password check

• Use multi-AS systems in a BGP EVPN environment.

• Configure routing in a centralized gateway topology

• Configure routing in a border-leaf topology

Validate that the peer certificate has not been revoked by the issuing CA.

Recommendation for using interfaces from same port pipes for ingress and egress for optimal performance.

Configure multiple controllers for OpenFlow on both IPv4 and IPv6 networks.

Connect two switches as NPIV Proxy Gateways (NPIV) between Converged Network Adapters (CNA) or Fibre Channel Host Bus Adapter (FC HBA) and FCoE Forwarder (FCF) switches.

Obscure passwords in the show command output so that text characters do not display.

Specify an interface whose IP address is used as the source IP address for user authentication with RADIUS servers.

Turn off the default strong password check and configure simpler passwords with no restrictions.

Change history 29

Revision Date Feature Description

SupportAssist

New updates to SupportAssist for enterprise systems.

System clock

System logging over TLS

VLAN name TLVs

Configure daylight savings time configuration.

Encrypt logged system messages sent to a syslog server using the Transport Layer Security (TLS) protocol.

Configure OS10 to advertise TLVs with the names of VLANs in LLDP PDUs.

30 Change history

+ 1310 hidden pages