Dell Networking X4000 User Manual
Dell™ Networking™ X1000 and X4000 Series Switches User Guide
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User
DELL CONFIDENTIAL – PRELIMINARY 8/9/16 – FOR PROOF ONLY
Te mplate Last Updated -03/06/2010
Guide\Dell_AstuteCover.fm
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_AstuteCover.fm
Notes, Cautions, and Warnings
NOTE: A NOTE indicates important information that helps you make better use of
your computer.
CAUTION: A CAUTION indicates either potential damage to hardware, or loss of
data and tells you how to avoid the problem.
WARNING: A WARNING indicates a potential for property damage, personal
injury, or death.
____________________
© Copyright © 2016 Dell Inc. All rights reserved . This product is protected by U.S. and inter national
copyright and intellectual property laws. Dell and the Dell logo are trademarks of Dell Inc. in the
United States and/or other jurisdictions. All other marks and names mentioned herein may be
trademarks of their respective companies.
August 2016 P/N Rev. A06
DELL CONFIDENTIAL – PRELIMINARY 8/9/16 – FOR PROOF ONLY
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User
Guide\Dell_AstuteUG_PrintTOC.fm
Table of Contents
Table of Contents . . . . . . . . . . . . . . . . . . . . . . . 3
1 Preface . . . . . . . . . . . . . . . . . . . . . . . . . . 13
2 Features. . . . . . . . . . . . . . . . . . . . . . . . . . 15
MAC Address Capacity Support . . . . . . . . . . . . . 17
Layer 2 Features . . . . . . . . . . . . . . . . . . . . . 18
VLAN Supported Features
Spanning Tree Protocol Features
Quality of Service Features . . . . . . . . . . . . . . . 23
Device Management Features
Security Features
. . . . . . . . . . . . . . . . 19
. . . . . . . . . . . . 21
. . . . . . . . . . . . . . 24
. . . . . . . . . . . . . . . . . . . . 27
3 Hardware Description . . . . . . . . . . . . . . . 33
Device Models . . . . . . . . . . . . . . . . . . . . . . 34
Device Structure
Managed Mode Button
Reset Button . . . . . . . . . . . . . . . . . . . . . . . 36
. . . . . . . . . . . . . . . . . . . . . . . . . . . 37
Fans
LED Definitions
. . . . . . . . . . . . . . . . . . . . . 35
. . . . . . . . . . . . . . . . . 36
. . . . . . . . . . . . . . . . . . . . . . 37
Contents
3
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User
Guide\Dell_AstuteUG_PrintTOC.fm
Power Supplies . . . . . . . . . . . . . . . . . . . . . 39
4 Using the GUI . . . . . . . . . . . . . . . . . . . . . 43
Starting the Application . . . . . . . . . . . . . . . . . 44
Understanding the Interface . . . . . . . . . . . . . . . 44
Dashboard
Saving Configurations
. . . . . . . . . . . . . . . . . . . . . . . . 45
. . . . . . . . . . . . . . . . . . 45
Information Buttons . . . . . . . . . . . . . . . . . . . 46
Field Definitions
Common GUI Features
. . . . . . . . . . . . . . . . . . . . . 47
. . . . . . . . . . . . . . . . . . 48
5 Dashboard . . . . . . . . . . . . . . . . . . . . . . . 49
Overview . . . . . . . . . . . . . . . . . . . . . . . . . 50
Interfaces
Switch Information
Resources . . . . . . . . . . . . . . . . . . . . . . . . 55
Recent Logged Events
Active Alerts
Ports and VLANs . . . . . . . . . . . . . . . . . . . . . 59
. . . . . . . . . . . . . . . . . . . . . . . . . 51
. . . . . . . . . . . . . . . . . . . . 53
. . . . . . . . . . . . . . . . . . 57
. . . . . . . . . . . . . . . . . . . . . . . 58
4Contents
Configuration Wizards
. . . . . . . . . . . . . . . . . . 60
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User
Guide\Dell_AstuteUG_PrintTOC.fm
6 Switch Management . . . . . . . . . . . . . . . . 71
IP Addressing Overview . . . . . . . . . . . . . . . . . 71
Switch Information . . . . . . . . . . . . . . . . . . . 72
IPv4 Addressing
IPv6 Addressing
. . . . . . . . . . . . . . . . . . . . . 73
. . . . . . . . . . . . . . . . . . . . . 75
File Update and Backup . . . . . . . . . . . . . . . . . 83
Domain Name System (DNS)
Time Synchronization
. . . . . . . . . . . . . . 98
. . . . . . . . . . . . . . . . . . 100
Management Security . . . . . . . . . . . . . . . . . . 110
7 Logs and Alerts . . . . . . . . . . . . . . . . . . . 125
Overview . . . . . . . . . . . . . . . . . . . . . . . . . 125
. . . . . . . . . . . . . . . . . . . . . . . . . . . 126
Logs
Login History . . . . . . . . . . . . . . . . . . . . . . . 127
Remote Log Servers
. . . . . . . . . . . . . . . . . . . 127
8 Statistics and Diagnostics . . . . . . . . . . 129
Monitoring . . . . . . . . . . . . . . . . . . . . . . . . 129
Statistics . . . . . . . . . . . . . . . . . . . . . . . . . 135
Diagnostics
. . . . . . . . . . . . . . . . . . . . . . . 140
Contents
5
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User
Guide\Dell_AstuteUG_PrintTOC.fm
9 Network Administration: VLAN . . . . . . . 143
VLAN Overview . . . . . . . . . . . . . . . . . . . . 143
Standard VLAN . . . . . . . . . . . . . . . . . . . . . 147
Voice VLAN
. . . . . . . . . . . . . . . . . . . . . . . 156
10 Network Administration: Port Settings . 161
Ports . . . . . . . . . . . . . . . . . . . . . . . . . . 161
Address Tables. . . . . . . . . . . . . . . . . . . . . 173
. . . . . . . . . . . . . . . . . . . . . . . . . . 175
UDLD
11 Network Administration: Spanning Tree and LAG
185
Spanning Tree . . . . . . . . . . . . . . . . . . . . . 185
Link Aggregation (LAG)
. . . . . . . . . . . . . . . . 196
12 Network Administration: Link Layer Discovery
Protocol (LLDP) . . . . . . . . . . . . . . . . . . 207
Overview . . . . . . . . . . . . . . . . . . . . . . . . 207
6Contents
LLDP Properties . . . . . . . . . . . . . . . . . . . . 208
LLDP Port Settings
MED Network Policy
MED Port Settings . . . . . . . . . . . . . . . . . . . 211
Neighbors Information
. . . . . . . . . . . . . . . . . . . 209
. . . . . . . . . . . . . . . . . 210
. . . . . . . . . . . . . . . . . 213
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User
Guide\Dell_AstuteUG_PrintTOC.fm
13 Network Administration: Route Settings 215
System Routing Mode . . . . . . . . . . . . . . . . . . 215
IPv4 Route Settings . . . . . . . . . . . . . . . . . . . 216
IPv6 Route Settings
. . . . . . . . . . . . . . . . . . . 220
14 Network Administration: Quality of Service 227
Overview . . . . . . . . . . . . . . . . . . . . . . . . . 227
Global Settings. . . . . . . . . . . . . . . . . . . . . . 228
QoS Mapping
QoS Statistics
. . . . . . . . . . . . . . . . . . . . . . . 233
. . . . . . . . . . . . . . . . . . . . . . 242
15 Network Administration: Security . . . . . 245
Dot1x Authentications . . . . . . . . . . . . . . . . . . 245
Storm Control Configuration
Port Security
. . . . . . . . . . . . . . . . . . . . . . . 256
Dynamic ARP Inspection (DAI) . . . . . . . . . . . . . 258
ACL and ACE
. . . . . . . . . . . . . . . . . . . . . . . 261
. . . . . . . . . . . . . . . 255
16 Network Administration: SNMP Monitoring 277
SNMP Overview . . . . . . . . . . . . . . . . . . . . . 277
SNMP Global Parameters . . . . . . . . . . . . . . . . 279
View Settings
. . . . . . . . . . . . . . . . . . . . . . 281
Contents
7
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User
Guide\Dell_AstuteUG_PrintTOC.fm
Access Control . . . . . . . . . . . . . . . . . . . . 282
User Security Model
. . . . . . . . . . . . . . . . . . 283
Communities . . . . . . . . . . . . . . . . . . . . . . 284
Notification Filter
Notification Recipients
. . . . . . . . . . . . . . . . . . . 286
. . . . . . . . . . . . . . . . 287
17 Network Administration: Multicast . . . . 289
Overview . . . . . . . . . . . . . . . . . . . . . . . . 289
Global Parameters
Multicast Group
Multicast Forward All . . . . . . . . . . . . . . . . . 293
IGMP Snooping
MLD Snooping
Unregistered Multicast . . . . . . . . . . . . . . . . 298
Multicast TV VLAN
. . . . . . . . . . . . . . . . . . . 291
. . . . . . . . . . . . . . . . . . . . 292
. . . . . . . . . . . . . . . . . . . . . 294
. . . . . . . . . . . . . . . . . . . . . 297
. . . . . . . . . . . . . . . . . . . 299
8Contents
18 Network Administration: DHCP Snooping and
DHCP Relay . . . . . . . . . . . . . . . . . . . . . . 301
DHCP Snooping . . . . . . . . . . . . . . . . . . . . 301
DHCP Relay
. . . . . . . . . . . . . . . . . . . . . . . 306
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User
Guide\Dell_AstuteUG_PrintTOC.fm
19 Network Administration: DHCP Server 309
Overview . . . . . . . . . . . . . . . . . . . . . . . . . 309
DHCP Server Properties . . . . . . . . . . . . . . . . . 310
Network Pool
Static Hosts
Address Binding . . . . . . . . . . . . . . . . . . . . . 315
Excluded Addresses
. . . . . . . . . . . . . . . . . . . . . . 311
. . . . . . . . . . . . . . . . . . . . . . . 313
. . . . . . . . . . . . . . . . . . . 316
20 Network Administration: Power Management 317
Green Ethernet . . . . . . . . . . . . . . . . . . . . . . 317
Power Over Ethernet (PoE) . . . . . . . . . . . . . . . 320
21 Network Administration: sFlow . . . . . . . 323
22 Using the CLI . . . . . . . . . . . . . . . . . . . . . 327
Using the CLI . . . . . . . . . . . . . . . . . . . . . . . 327
CLI Command Conventions
. . . . . . . . . . . . . . . 330
Accessing the Device Through the CLI . . . . . . . . . 331
IPv6 Address Conventions
. . . . . . . . . . . . . . . . 331
23 CLI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 333
clear counters. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 333
Contents
9
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User
Guide\Dell_AstuteUG_PrintTOC.fm
clear logging. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 333
configure . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 334
copy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 334
crypto certificate generate . . . . . . . . . . . . . . . . . . . . . . . 338
crypto certificate import. . . . . . . . . . . . . . . . . . . . . . . . . 340
crypto certificate request . . . . . . . . . . . . . . . . . . . . . . . . 343
crypto key generate dsa . . . . . . . . . . . . . . . . . . . . . . . . . 345
crypto key generate rsa . . . . . . . . . . . . . . . . . . . . . . . . . 346
crypto key import. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 347
debug-mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 349
delete . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 350
dir. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 350
do . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 351
enable. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 353
end . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 353
exit (EXEC) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 354
exit (Configuration) . . . . . . . . . . . . . . . . . . . . . . . . . . . . 355
10Contents
help. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 355
interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 356
ip address . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 357
ip default-gateway . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 358
ip https certificate. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 359
ip routing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 360
ip ssh server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 361
lldp transmit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 362
lldp receive . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 363
login . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 364
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User
Guide\Dell_AstuteUG_PrintTOC.fm
ping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 364
power inline legacy support disable . . . . . . . . . . . . . . . 368
power inline usage-threshold. . . . . . . . . . . . . . . . . . . . . 368
reload . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 369
show bootvar . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 371
show crypto certificate. . . . . . . . . . . . . . . . . . . . . . . . . . 372
show crypto key. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 373
show interfaces counters . . . . . . . . . . . . . . . . . . . . . . . . 374
show interfaces status . . . . . . . . . . . . . . . . . . . . . . . . . . 377
show ip dhcp tftp-server . . . . . . . . . . . . . . . . . . . . . . . . 378
show ip https . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 379
show ip interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 380
show power inline . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 381
show power inline consumption . . . . . . . . . . . . . . . . . . 384
show running-config . . . . . . . . . . . . . . . . . . . . . . . . . . . 385
show system. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 386
show tech-support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 387
show version . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 388
show vlan. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 388
spanning-tree . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 390
username . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 391
vlan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 392
write. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 394
24 Getting Help . . . . . . . . . . . . . . . . . . . . . . 395
Contacting Dell . . . . . . . . . . . . . . . . . . . . . 395
Locating Your System Service Tag . . . . . . . . . . . 395
Contents
11
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User
Guide\Dell_AstuteUG_PrintTOC.fm
Downloading Drivers, Firmware, and Software. . . . 396
Related Documentation
Documentation Feedback . . . . . . . . . . . . . . . 396
. . . . . . . . . . . . . . . . 396
Glossary . . . . . . . . . . . . . . . . . . . . . . . . . . . . 399
12Contents
1
Preface
This guide contains the information needed for configuring and maintaining
the Dell™ Networking™ X1000 and X4000 Series devices through the Dell
Networking Administrator.
For explanation of acronyms, refer to the
Glossary
.
DELL CONFIDENTIAL – PRELIMINARY 8/9/16 - FOR PROOF ONLY
Template Last Updated - 2010 Preface 13
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User
Guide\Dell_Astute_Prefix.fm
DELL CONFIDENTIAL – PRELIMINARY 8/9/16 - FOR PROOF ONLY
14 Preface
2
Features
This section describes the features of the Dell™ Networking™ X1000 and
X4000 Series devices.
For a complete list of all updated device features, see the Release Notes
included in the latest version of software released at
This section provides a brief description of the following features:
• IP Version 6 (IPv6) Support
• Head of Line Blocking Prevention
•Back Pressure Support
• Virtual Cable Testing (VCT)
• Auto-Negotiation
• MDI/MDIX Support
• MAC Address Capacity Support
• Layer 2 Features
• IGMP Snooping
• MLD Snooping
• Port and VLAN Mirroring
• Broadcast Storm Control
•VLAN Support
• Spanning Tree Protocol Features
• Link Aggregation
• Quality of Service Features
• Device Management Features
• Security Features
•DHCP Server
• Protected Ports
• Proprietary Protocol Filtering
dell.com/support
.
DELL CONFIDENTIAL – PRELIMINARY 8/9/16 - FOR PROOF ONLY
Template Last Updated - 2010 Features 15
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User
Guide\Dell_Astute_Features.fm
•UDLD
• Static Routing
•IPv6 Router
•sFlow
IP Version 6 (IPv6) Support
The device functions as an IPv6-compliant host, as well as an IPv4 host (also
known as dual stack). This enables device operation in a pure IPv6 network as
well as in a combined IPv4/IPv6 network.
For more information, see
IPv6 Addressing
.
Head of Line Blocking Prevention
Head of Line (HOL) blocking results in traffic delays and frame loss caused
by traffic competing for the same egress port resources. The switch prevents
HOL blocking by queueing packets, such that packets in the front of a queue
do not block the packets behind if they are to be sent to different ports.
Back Pressure Support
On half-duplex links, the receiving port prevents buffer overflows by
occupying the link so that it is unavailable for additional traffic.
For more information, see
Back Pressure
.
Virtual Cable Testing (VCT)
VCT detects and reports copper link cabling faults, such as open cables and
cable shorts.
For more information, see
Diagnostics
.
Auto-Negotiation
Auto-negotiation enables the device to advertise modes of operation. The
auto-negotiation function enables an exchange of information between two
devices that share a point-to-point link segment, and automatically
configures both devices to take maximum advantage of their transmission
capabilities.
DELL CONFIDENTIAL – PRELIMINARY 8/9/16 - FOR PROOF ONLY
16 Features
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User
The devices enhance auto-negotiation by providing port advertisement. Port
advertisement enables the system administrator to configure the port speeds
that are advertised.
For more information, see
Guide\Dell_Astute_Features.fm
Network Administration: Port Settings
.
MDI/MDIX Support
Standard wiring for end stations is known as Media-Dependent Interface
(MDI), and standard wiring for hubs and switches is known as Media-
Dependent Interface with Crossover (MDIX).
If auto-negotiation is enabled, the device automatically detects whether the
cable connected to an RJ-45 port is MDIX (crossed) or MDI (straight). This
enables both types to be used interchangeably.
If auto-negotiation is disabled, only MDI (straight) cables can be used.
For more information, see
MDI/MDIX
.
MAC Address Capacity Support
MAC Address Capacity Support
All SKUs support up to 16K MAC addresses except for the X4012 that
supports 32K addresses. They reserve specific MAC addresses for system use.
For more information, see
Address Tables
.
Static MAC Entries
MAC entries can be manually entered in the Bridging Table, as an alternative
to learning them from incoming frames. These user-defined entries are not
subject to aging and are preserved across reset to reboots.
For more information, see
Address Tables
.
Self-Learning MAC Addresses
The device enables controlled MAC address learning from incoming packets.
The MAC addresses are stored in the Dynamic Address Table.
For more information, see
DELL CONFIDENTIAL – PRELIMINARY 8/9/16 - FOR PROOF ONLY
Address Tables
.
Features 17
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User
Guide\Dell_Astute_Features.fm
Automatic Aging for MAC Addresses
MAC addresses from which no traffic is received for a given period, are aged
out. This frees Bridging Table resources for learning new MAC addresses.
For more information, see
Address Tables
.
VLAN-Aware MAC-Based Switching
The device always performs VLAN-aware bridging. VLAN-aware bridges
perform VLAN-based MAC address learning and forwarding. Frames
addressed to a unknown destination MAC address are flooded to all ports of
the relevant VLAN.
This is a standard feature.
MAC Multicast Support
Multicast service is a service that enables one-to-many and many-to-many
communication for information distribution. In Layer 2 Multicast service, a
single frame is addressed to a specific Multicast address, from which copies of
the frame are transmitted to the relevant ports. When Multicast groups are
statically enabled, you can set the destination port of registered groups, as
well as define the behavior of unregistered Multicast frames.
For more information, see
Network Administration: Multicast
.
Layer 2 Features
IGMP Snooping
Internet Group Management Protocol (IGMP) Snooping examines IGMP
frame contents, when they are forwarded by the device from work stations to
an upstream Multicast router. From the frame data, the device identifies work
stations configured for Multicast sessions, and which Multicast routers are
sending Multicast frames. The IGMP Querier simulates the behavior of a
Multicast router. This enables snooping of the Layer 2 Multicast domain even
if there is no Multicast router.
For more information, see
DELL CONFIDENTIAL – PRELIMINARY 8/9/16 - FOR PROOF ONLY
18 Features
IGMP Snooping
.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User
Guide\Dell_Astute_Features.fm
MLD Snooping
Multicast Listener Discovery (MLD) Snooping performs the function of
IGMP Snooping for IPv6.
For more information, see
MLD Snooping
.
Port and VLAN Mirroring
Port and VLAN mirroring monitors network traffic by forwarding copies of
incoming and outgoing packets from a monitored port to a monitoring port.
Users specify which target port receives copies of all traffic passing through a
specified source port.
For more information, see
Port and VLAN Mirrorings
.
Broadcast Storm Control
Storm Control limits the number of Multicast and Broadcast frames accepted
and forwarded by the device.
When Layer 2 frames are forwarded, Broadcast and Multicast frames are
forwarded to multiple ports on the relevant VLAN and excess Broadcast and
Multicast could degrade network performance and disrupt services.
For more information, see
Storm Control Configuration
.
VLAN Supported Features
VLAN Support
VLANs are collections of switching ports that comprise a single Broadcast
domain. Packets are classified as belonging to a VLAN, based on either the
VLAN tag or on a combination of the ingress port and packet contents.
Packets sharing common attributes can be grouped in the same VLAN.
For more information, see
Network Administration: VLAN
Port-Based Virtual LANs (VLANs)
Port-based VLANs classify incoming packets to VLANs, based on their ingress
port.
For more information, see
DELL CONFIDENTIAL – PRELIMINARY 8/9/16 - FOR PROOF ONLY
VLAN Membership
.
.
Features 19
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User
Guide\Dell_Astute_Features.fm
Full 802.1Q VLAN Tagging Compliance
IEEE 802.1Q defines an architecture for virtual, bridged LANs, the services
provided in VLANs, and the protocols and algorithms involved in the
provision of these services.
For more information, see
VLAN Overview
.
GVRP Support
GARP VLAN Registration Protocol (GVRP) provides IEEE 802.1Q-
compliant VLAN pruning and dynamic VLAN creation on 802.1Q trunk
ports. When GVRP is enabled, the device registers and propagates VLAN
membership on all ports that are part of the active underlying Spanning Tree
Protocol topology.
For more information, see
GVRP Parameters
.
Voice VLAN
Voice VLAN enables network administrators to enhance VoIP service by
configuring ports to carry IP voice traffic from IP phones on a specific VLAN.
VoIP traffic has a preconfigured Organizationally Unique Identifiers (OUI)
prefix in the source MAC address. Network administrators can configure
VLANs from which voice IP traffic is forwarded. Non-VoIP traffic is dropped
from the Voice VLAN in Auto-Voice VLAN Secure mode. Voice VLAN also
provides QoS to VoIP, ensuring that the quality of voice does not deteriorate if
the IP traffic is received unevenly.
The default secure mode is supported.
For more information, see
Voice VLAN
.
Guest VLAN
Guest VLAN provides limited network access to unauthorized ports. If a port
is denied network access via port-based authorization, but the Guest VLAN is
enabled, the port receives limited network access through the Guest VLAN.
For more information, see
DELL CONFIDENTIAL – PRELIMINARY 8/9/16 - FOR PROOF ONLY
20 Features
Dot1x Authentications
.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User
Guide\Dell_Astute_Features.fm
Private VLAN
The Private VLAN feature provides Layer 2 isolation between ports that share
the same Broadcast domain, or in other words, it creates a point-tomultipoint Broadcast domain. The ports can be located anywhere in the
Layer 2 network.
For more information, see
Private VLAN
.
Multicast TV VLAN
The Multicast TV VLAN feature provides the ability to supply multicast
transmissions to Layer 2-isolated subscribers, without replicating the
multicast transmissions for each subscriber VLAN. The subscribers are the
only receivers of the multicast transmissions.
For more information, see
Multicast TV VLAN
.
Spanning Tree Protocol Features
Spanning Tree Protocol (STP)
802.1d Spanning Tree is a standard Layer 2 switch requirement that enables
bridges to automatically prevent and resolve Layer 2 forwarding loops.
Switches exchange configuration messages using specifically-formatted
frames, and selectively enable and disable forwarding on ports.
For more information, see
Rapid Spanning Tree
.
Fast Link
STP can take 30–60 seconds to converge. During this time, STP detects
possible loops, enabling time for status changes to propagate and for relevant
devices to respond. This period of 30-60 seconds is considered too long a
response time for many applications. The Fast Link option bypasses this
delay, and can be used in network topologies where forwarding loops do not
occur, for example, on edge ports connecting to endpoint devices.
For more information on enabling Fast Link for ports and LAGs, see
Spanning Tree
.
DELL CONFIDENTIAL – PRELIMINARY 8/9/16 - FOR PROOF ONLY
Features 21
Rapid
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User
Guide\Dell_Astute_Features.fm
IEEE 802.1w Rapid Spanning Tree
Spanning Tree takes 30–60 seconds for each host to decide whether its ports
are actively forwarding traffic. Rapid Spanning Tree (RSTP) detects uses of
network topologies to enable faster convergence, without creating forwarding
loops.
For more information, see
Rapid Spanning Tree
.
IEEE 802.1s Multiple Spanning Tree
Multiple Spanning Tree (MSTP) operation maps VLANs into MSTP
instances. MSTP provides a different load balancing scenario. Packets from a
VLAN are forwarded based on the MSTP instance to which the VLAN is
mapped. An MSTP region is a group of MSTP bridges under a common
administration. An MSTP region has one or more MSTP instances. A LAN
may consists of one or more connecting MSTP regions.
For more information, see
MSTP Properties
.
STP BPDU Guard
Bridge Protocol Data Unit. (BPDU) Guard is used as a security mechanism,
to protect the network from invalid configurations.
BPDU Guard is usually used either when fast link ports (ports connected to
clients) are enabled or when the STP feature is disabled. When it is enabled
on a port, the port is shut down if a BPDU message is received and an
appropriate SNMP trap is generated.
For more information, see
Spanning Tree Overview
.
Link Aggregation
Up to 12 Link Aggregation Groups (LAGs) may be defined, each with up to
eight member ports. This enables:
• Fault tolerance protection from physical link disruption
• Higher bandwidth connections
• Improved bandwidth granularity
• High bandwidth server connectivity
A LAG is composed of ports with the same speed, set to full-duplex
operation.
DELL CONFIDENTIAL – PRELIMINARY 8/9/16 - FOR PROOF ONLY
22 Features
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User
Guide\Dell_Astute_Features.fm
For more information, see
VLAN LAG Membership
.
Link Aggregation and LACP
LACP uses peer exchanges across links to determine, on an ongoing basis, the
aggregation capability of various links, and continuously provides the
maximum level of aggregation capability achievable between a given pair of
devices. LACP automatically determines, configures, binds, and monitors the
port binding within the system.
For more information, see
VLAN LAG Membership
.
DHCP Clients
DHCP enables additional setup parameters to be received from a network
server upon system startup. DHCP service is an on-going process.
For more information, see
IP Addressing Overview
.
Quality of Service Features
Class of Service 802.1p Support
The IEEE 802.1p signaling technique is an OSI Layer 2 standard for marking
and prioritizing network traffic at the data link/MAC sub-layer. 802.1p traffic
is classified and sent to the destination. No bandwidth reservations or limits
are established or enforced. 802.1p is taken from the 802.1Q (VLANs)
standard. 802.1p establishes eight levels of priority, similar to the IP
Precedence IP Header bit-field.
For more information about QoS, see
.
Service
Network Administration: Quality of
TCP Congestion Avoidance
The TCP Congestion Avoidance feature activates an algorithm to prevent
TCP global synchronization during congestions. TCP global synchronization
can occur when packets are dropped all at once during congestion. As a result,
it can unexpectedly synchronize multiple TCP hosts to reduce their
transmission during congestion and restart the transmission when the
congestion eases.
For more information, see
DELL CONFIDENTIAL – PRELIMINARY 8/9/16 - FOR PROOF ONLY
TCP Congestion Avoidance
.
Features 23
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User
Guide\Dell_Astute_Features.fm
Device Management Features
SNMP Alarms and Trap Logs
The system logs events with severity codes and timestamps. Events are sent as
SNMP traps to a Trap Recipient List.
For more information, see
SNMP Versions 1, 2, and 3
Simple Network Management Protocol (SNMP) over the UDP/IP protocol
controls access to the system. A list of community entries is defined, each
consisting of a community string and its access privileges. There are three
levels of SNMP security: read-only, read-write, and super. Only a super user
can access the Community table.
For more information, see
Web-Based Management
Web-based management enables managing the system from any web browser.
The system contains an Embedded Web Server (EWS) that serves HTML
pages, through which the system can be monitored and configured. The
system internally converts web-based input into configuration commands,
MIB variable settings, and other management-related settings.
For more information, see
Network Administration: SNMP Monitoring
Network Administration: SNMP Monitoring
Using the GUI
.
.
.
Management IP Address Conflict Notification
This feature validates the uniqueness of the switch's IP address, whether it is
assigned manually or through DHCP. If the IP address is not unique, the
switch performs actions according to the address type. See
Overview
.
IP Addressing
Configuration File
The device configuration is stored in a configuration file that is stored on the
device. The configuration file includes both system-wide and port-specific
device configuration. The system can display configuration files as a
collection of CLI commands that are stored and manipulated as text files.
For more information, see
DELL CONFIDENTIAL – PRELIMINARY 8/9/16 - FOR PROOF ONLY
24 Features
Update Firmware / Configuration
.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User
Guide\Dell_Astute_Features.fm
Auto-Update of Configuration/Image File
This feature facilitates installation of new devices. When you enable the
various auto-update options, the device automatically downloads a new
image or configuration file. It receives configuration parameters with its IP
address from a DHCP server, after which the device automatically reboots,
using the image or configuration file it received.
For more information, see
Auto-Update
.
TFTP (Trivial File Transfer Protocol)
The device supports boot image, software, and configuration
upload/download via TFTP.
For more information, see
File Update and Backup
.
USB File Transfer Protocol
The device supports boot image, software, and configuration
upload/download via USB.
For more information, see
Update Firmware / Configuration
.
Remote Monitoring
Remote Monitoring (RMON) is an extension to SNMP that provides
comprehensive network traffic monitoring capabilities. RMON is a standard
MIB that defines MAC-layer statistics and control objects, enabling real-time
information to be captured across the entire network.
For more information, see
Monitoring
.
sFlow
The sFlow feature enables collecting statistics using the sFlow sampling
technology, based on sFlow V5.
This feature is supported on the following switch models:
• X1052/P
• X4012
This feature is not supported on the following switch models:
• X1008/P
DELL CONFIDENTIAL – PRELIMINARY 8/9/16 - FOR PROOF ONLY
Features 25
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User
Guide\Dell_Astute_Features.fm
• X1018/P
• X1026/P
For more information, see
Network Administration: sFlow
.
Command Line Interface
Command Line Interface (CLI) is composed of mandatory and optional
elements. The CLI interpreter provides command and keyword completion to
assist users and save typing.
CLI is only available in Managed mode.
For more information, see
Using the CLI
.
SYSLOG
Syslog is a protocol that enables event notifications to be stored locally. You
can configure the switch to send them to a remote SYSLOG server. The
system sends notifications of significant events in real time, and keeps a
record of these events for after-the-fact usage.
For more information on SYSLOG, see
Logs and Alerts
.
SNTP
The Simple Network Time Protocol (SNTP) assures accurate Coordinated
Universal Time (UTC) synchronization up to the millisecond. The time is
synchronized from an SNTP server over a packet-switched network. Time
sources are prioritized by strata. Strata define the distance from the reference
clock. The higher the stratum (where zero is the highest), the more accurate
the clock.
For more information, see
Time Synchronization
.
Domain Name System
Domain Name System (DNS) converts user-defined domain names into IP
addresses. The switch resolves domain names to IP addresses from its local
DNS cache or from a DNS server. For example, www.ipexample.com is
translated into 192.87.56.2. DNS servers maintain domain name databases
containing their corresponding IP addresses.
For more information, see
DELL CONFIDENTIAL – PRELIMINARY 8/9/16 - FOR PROOF ONLY
26 Features
Domain Name System (DNS)
.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User
Guide\Dell_Astute_Features.fm
802.1ab (LLDP-MED)
The Link Layer Discovery Protocol (LLDP) enables network managers to
troubleshoot, and enhances network management by discovering and
maintaining network topologies over multi-vendor environments. LLDP
allows a device to identify itself and advertise its capabilities and device
information to its neighbors.
Identity, capabilities, and device information are sent as Type Length Values
(TLVs) in LLDP packets. LLDP devices must support chassis and port ID
advertisement, as well as system name, system ID, system description, and
system capability advertisements.
LLDP Media Endpoint Discovery (LLDP-MED) is an extension of LLDP. It
increases flexibility in supporting media applications/devices of different
policy and QoS in the same network. With LLDP-MED, media endpoints,
such as IP phones and video camera, can advertise information, such as their
identity, civic locations, Emergency Location Identifier Number (ELIN),
media (voice and video) applications, and network policies to their neighbors.
For more information, see
Protocol (LLDP)
.
Network Administration: Link Layer Discovery
Security Features
Dot1x and MAC based Authentication
Dot1x and MAC based authentication enables authenticating system users
on a per-port or per-device basis. Only users from authenticated ports and
devices are granted network access to transmit and receive data.
Authentication is enforced via the Remote Authentication Dial-In User
Service (RADIUS) server using the Extensible Authentication Protocol
(EAP). Dynamic VLAN Assignment (DVA) enables network administrators to
automatically assign users to VLANs during the RADIUS server
authentication.
For more information, see
DELL CONFIDENTIAL – PRELIMINARY 8/9/16 - FOR PROOF ONLY
Dot1x Authentications
.
Features 27
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User
Guide\Dell_Astute_Features.fm
Locked Port Support
Locked Port increases network security by limiting access on a specific port to
users with specific MAC addresses. These addresses are either manually
defined or learned on that port. When a frame is received on a locked port,
and the frame source MAC address is not tied to that port, the protection
mechanism is invoked.
For more information, see
Port Security
.
RADIUS Client
RADIUS is a client/server-based protocol. A RADIUS server maintains a user
database that contains per-user authentication information, such as user
name, password, and accounting information.
For more information, see
RADIUS
.
RADIUS Accounting
This feature enables recording device management sessions (Telnet, serial,
and WEB but not SNMP) and/or 802.1x authentication sessions.
The 802.1x Monitor mode enables applying 802.1x functionality to the
switch, with all necessary RADIUS and/or domain servers active, without
actually taking any action that may cause unexpected behavior. In this way,
the user can test the 802.1x setup before actually applying it.
For more information, see
RADIUS
.
TACACS+
TACACS+ provides centralized security for validation of users accessing the
device. TACACS+ provides a centralized, user management system, while
still retaining consistency with RADIUS and other authentication processes.
For more information, see
TACACS+
.
Password Management
Password management provides increased network security and improved
password control. Passwords for SSH, Telnet, HTTP, HTTPS, and SNMP
access are assigned security features.
DELL CONFIDENTIAL – PRELIMINARY 8/9/16 - FOR PROOF ONLY
28 Features
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User
Guide\Dell_Astute_Features.fm
The switch provides the ability to demand strong passwords, meaning that
they must contain both upper and lower-case letters, numbers, and special
characters.
For more information, see
Global Password Management
.
Access Control Lists (ACL)
Access Control Lists
rules and actions for specific ingress ports. Packets entering an ingress port
with an active ACL are either admitted or denied entry according to the rules
they match (or not match). An administrator can also configure an ACL rule
to shutdown a port with matching packets.
For more information, see
(ACL) enable network managers to define classification
ACL and ACE
.
Dynamic ACL/Dynamic Policy Assignment (DACL/DPA)
The network administrator can specify the user's ACL in the RADIUS server.
After successful authentication, the user is assigned that ACL.
For more information, see
ACL and ACE
.
DHCP Snooping
DHCP Snooping expands network security by providing firewall security
between untrusted interfaces and DHCP servers. By enabling DHCP
Snooping, network administrators can differentiate between trusted
interfaces connected to end-users or DHCP servers and untrusted interfaces
located beyond the network firewall.
For more information, see
DHCP Snooping
.
DHCP Relay
The device can act as a DHCP Relay agent that listens for DHCP messages,
and relays them between DHCP servers and clients, which reside in different
VLANs or IP subnets.
For more information, see
DELL CONFIDENTIAL – PRELIMINARY 8/9/16 - FOR PROOF ONLY
DHCP Relay
.
Features 29
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User
Guide\Dell_Astute_Features.fm
ARP Inspection
Dynamic ARP inspection is a security feature that validates ARP packets in a
network. It intercepts, logs, and discards ARP packets with invalid IP-to-MAC
address bindings. This capability protects the network from certain man-inthe-middle attacks.
For more information, see
Dynamic ARP Inspection (DAI)
.
Port Profile
Port profiles provide a convenient way to save and share a common port
configuration. A port profile is a set of CLI commands with a unique name.
When a port profile is applied to a port, the CLI commands contained within
it are executed and added to the Running Configuration file.
For more information, see
Port Profile
.
DHCP Server
Dynamic Host Configuration Protocol (DHCP) provides a means of assigning
IP addresses and passing configuration information (including the IP address
of a TFTP server and a configuration file name) to hosts on a TCP/IP
network. The switch can serve as a DHCP server or client.
For more information on the device serving as a DHCP server, see
Administration: DHCP Server
.
Network
Protected Ports
The Protected Ports feature provides Layer 2 isolation between interfaces
(Ethernet ports and LAGs) that are in the same Broadcast domain (VLAN)
with other interfaces.
For more information, see
Protected Ports
.
Proprietary Protocol Filtering
This feature enables user control over the filtering of packets with proprietary
protocols such as CDP, VTP, DTP, UDLD, PaGP, and SSTP. The user can
select any combination of the protocols to be filtered, for example: CDP and
VTP.
For more information, see
DELL CONFIDENTIAL – PRELIMINARY 8/9/16 - FOR PROOF ONLY
30 Features
Protocol Group
.
Loading...