Reproduction of these materials in any manner whatsoever without the written
permission of Dell Inc. is strictly forbidden.
Trademarks used in this text: Dell™, the DELL logo, and PowerConn ect™ are
trademarks of Dell Inc.; Intel®, Pentium®, and Celeron® are registered
trademarks of Intel Corporation in the U.S. and other countries; Microsoft® and
Windows® are either trademarks or registered trademarks of Microsoft
Corporation in the United States and/or other countries.
Other trademarks and trade names may be used in this document to refer to either
the entities claiming the marks and names or their products. Dell Inc. disclaims
any proprietary interest in trademarks and trade names other than its own.
Regulatory Models PC5524, PC5524P, PC5548 and PC5548P
PowerConnect 5524/5548 and PowerConnect 5524P/5548P are stackable,
advanced multi-layer devices.
This guide contains the information needed for installing, configuring, and
maintaining the device through the web-based management system, called
the OpenManage Switch Administrator.
This guide describes how to configure each system through the web-based
management system and through CLI commands.
The
CLI Reference Guide,
provides additional information about the CLI commands.
which is available on the Documentation CD,
Dell PowerConnect 55xx Systems User Guide13
2
Features
This section describes the features of the PowerConnect 5524/P and 5548/P
switches.
For a complete list of all updated device features, see the latest software
version Release Notes.
This section contains the following topics:
•IP Version 6 (IPv6) Support
•Stack Support
•Power over Ethernet
•Green Ethernet
•Head of Line Blocking Prevention
•Flow Control Support (IEEE 802.3X)
•Back Pressure Support
•Virtual Cable Testing (VCT)
•Auto-Negotiation
•MDI/MDIX Support
•MAC Address Supported Features
•Layer 2 Features
•IGMP Snooping
•Port Mirroring
•Broadcast Storm Control
•VLAN Supported Features
•Spanning Tree Protocol Features
•Link Aggregation
•Quality of Service Features
•Quality of Service Features
•Device Management Features
Dell PowerConnect 55xx Systems User Guide14
•Security Features
•DHCP Server
•Protected Ports
•iSCSI Optimization
•Proprietary Protocol Filtering
IP Version 6 (IPv6) Support
The device functions as an IPv6-compliant host, as well as an IPv4 host (also
known as dual stack). This enables device operation in a pure IPv6 network as
well as in a combined IPv4/IPv6 network.
For more information, see "IP Addressing" on page 202.
Stack Support
The system supports up to eight units with two fixed HDMI stacking ports.
The HDMI ports are 1.3a specification, Category 2 High Speed cables, 340
MHz (10.2 Gbit/s).
it is recommended to use HDMI cable version 1.4
The stacking feature supports the following features:
•Fast-link failover
•Software auto-synch.
•Improved response time to events, such as master failover
•Auto-numbering algorithm when choosing unit number
For more information, see "Stacking Overview" on page 43
Power over Ethernet
Power over Ethernet (PoE) provides power to devices over existing LAN
cabling, without updating or modifying the network infrastructure. When
PoE is used, the network devices do not have to be placed next to a power
source. PoE can be used in the following applications:
•IP Phones
•Wireless Access Points
Dell PowerConnect 55xx Systems User Guide15
•IP Gateways
•PDAs
•Audio and video remote monitoring
For more information, see "Power over Ethernet" on page 157.
Green Ethernet
Green Ethernet, also known as Energy Efficient Ethernet (EEE), is an effort
to make networking equipment environmentally friendly, by reducing the
power usage of Ethernet connections.
The Short-Reach method, which reduces power over Ethernet cables shorter
than 40m, is supported by the device.
For more information, see "Green Ethernet Configuration" on page 384.
Head of Line Blocking Prevention
Head of Line (HOL) blocking results in traffic delays and frame loss caused
by traffic competing for the same egress port resources. To prevent HOL
blocking, the device queues packets, and packets at the head of the queue are
forwarded before packets at the end of the queue.
Flow Control Support (IEEE 802.3X)
Flow control enables lower-speed devices to communicate with higher-speed
devices, by requesting that the higher-speed device refrain from sending
packets. Transmissions are temporarily halted to prevent buffer overflows.
For more information, see "Flow Control" on page 380.
Back Pressure Support
On half-duplex links, the receiving port prevents buffer overflows by
occupying the link so that it is unavailable for additional traffic.
For more information, see "Protected Ports" on page 388.
16Dell PowerConnect 55xx Systems User Guide
Virtual Cable Testing (VCT)
VCT detects and reports copper link cabling faults, such as open cables and
cable shorts.
For more information, see "Diagnostics" on page 248.
Auto-Negotiation
Auto-negotiation enables the device to advertise modes of operation. The
auto-negotiation function enables an exchange of information between two
devices that share a point-to-point link segment, and automatically
configures both devices to take maximum advantage of their transmission
capabilities.
The PowerConnect 5500 series enhances auto-negotiation by providing port
advertisement. Port advertisement enables the system administrator to
configure the port speeds that are advertised.
For more information, see "Port Configuration" on page 397 or "LAG
Configuration" on page 403.
MDI/MDIX Support
Standard wiring for end stations is known as Media-Dependent Interface
(MDI), and standard wiring for hubs and switches is known as Media-Dependent Interface with Crossover (MDIX).
If auto-negotiation is enabled, the device automatically detects whether the
cable connected to an RJ-45 port is MDIX (crossed) or MDI (straight). This
enables both types to be used interchangeably.
If auto-negotiation is not enabled, only MDI (straight) cables can be used.
For more information, see "Port Configuration" on page 397 or "LAG
Configuration" on page 403.
MAC Address Supported Features
MAC Address Capacity Support
The device supports up to 16K MAC addresses and it reserves specific MAC
addresses for system use.
Dell PowerConnect 55xx Systems User Guide17
Static MAC Entries
MAC entries can be manually entered in the Bridging Table, as an alternative
to learning them from incoming frames. These user-defined entries are not
subject to aging, and are preserved across resets and reboots.
For more information, see "Static Addresses" on page 418.
Self-Learning MAC Addresses
The device enables controlled MAC address learning from incoming packets.
The MAC addresses are stored in the Bridging Table.
For more information, see "Dynamic Addresses" on page 421.
Automatic Aging for MAC Addresses
MAC addresses from which no traffic is received for a given period, are aged
out. This prevents the Bridging Table from overflowing.
For more information, see "Dynamic Addresses" on page 421.
VLAN-Aware MAC-Based Switching
The device always performs VLAN-aware bridging. Classic bridging
(IEEE802.1D), in which frames are forwarded based only on their destination
MAC address, is not performed. However, a similar functionality can be
configured for untagged frames. Frames addressed to a destination MAC
address that is not associated with any port are flooded to all ports of the
relevant VLAN.
MAC Multicast Support
Multicast service is a limited Broadcast service that enables one-to-many and
many-to-many connections for information distribution. In Layer 2 Multicast
service, a single frame is addressed to a specific Multicast address, from which
copies of the frame are transmitted to the relevant ports. When Multicast
groups are statically enabled, you can set the destination port of registered
groups, as well as define the behavior of unregistered Multicast frames.
For more information, see "Multicast" on page 508.
18Dell PowerConnect 55xx Systems User Guide
Layer 2 Features
IGMP Snooping
Internet Group Membership Protocol (IGMP) Snooping examines IGMP
frame contents, when they are forwarded by the device from work stations to
an upstream Multicast router. From the frame, the device identifies work
stations configured for Multicast sessions, and which Multicast routers are
sending Multicast frames. The IGMP Querier simulates the behavior of a
Multicast router. This enables snooping of the Layer 2 Multicast domain even
if there is no Multicast router.
For more information, see "IGMP Snooping" on page 519.
Port Mirroring
Port mirroring monitors network traffic by forwarding copies of incoming and
outgoing packets from a monitored port to a monitoring port. Users specify
which target port receives copies of all traffic passing through a specified
source port.
For more information, see "Port Mirroring" on page 411.
Broadcast Storm Control
Storm Control enables limiting the number of Multicast and Broadcast
frames accepted by and forwarded by the device.
When Layer 2 frames are forwarded, Broadcast and Multicast frames are
flooded to all ports on the relevant VLAN. This occupies bandwidth, and
loads all nodes connected on all ports.
For more information, see "Storm Control" on page 408.
Dell PowerConnect 55xx Systems User Guide19
VLAN Supported Features
VLAN Support
VLANs are collections of switching ports that comprise a single Broadcast
domain. Packets are classified as belonging to a VLAN, based on either the
VLAN tag or on a combination of the ingress port and packet contents.
Packets sharing common attributes can be grouped in the same VLAN.
For more information, see "VLANs" on page 459.
Port-Based Virtual LANs (VLANs)
Port-based VLANs classify incoming packets to VLANs, based on their ingress
port.
For more information, see "Defining VLAN Membership Using CLI
Commands" on page 466.
Full 802.1Q VLAN Tagging Compliance
IEEE 802.1Q defines an architecture for virtual, bridged LANs, the services
provided in VLANs, and the protocols and algorithms involved in the
provision of these services.
For more information, see "Virtual LAN Overview" on page 460.
GVRP Support
GARP VLAN Registration Protocol (GVRP) provides IEEE 802.1Qcompliant VLAN pruning and dynamic VLAN creation on 802.1Q trunk
ports. When GVRP is enabled, the device registers and propagates VLAN
membership on all ports that are part of the active underlying Spanning Tree
Protocol topology.
For more information, see "GVRP Parameters" on page 483.
Voice VLAN
Voice VLAN enables network administrators to enhance VoIP service by
configuring ports to carry IP voice traffic from IP phones on a specific VLAN.
VoIP traffic has a preconfigured OUI prefix in the source MAC address.
Network administrators can configure VLANs from which voice IP traffic is
20Dell PowerConnect 55xx Systems User Guide
forwarded. Non-VoIP traffic is dropped from the Voice VLAN in Auto-Voice
VLAN Secure mode. Voice VLAN also provides QoS to VoIP, ensuring that the
quality of voice does not deteriorate if the IP traffic is received unevenly.
For more information, see "Voice VLAN" on page 491.
Guest VLAN
Guest VLAN provides limited network access to unauthorized ports. If a port
is denied network access via port-based authorization, but the Guest VLAN is
enabled, the port receives limited network access through the Guest VLAN.
For more information, see "Dot1x Authentication" on page 127.
Private VLAN
The Private VLAN feature provides Layer 2 isolation between ports that share
the same Broadcast domain, or in other words, it creates a point-tomultipoint Broadcast domain. The ports can be located anywhere in the
Layer 2 network (compared to the Protected Ports feature, where the ports
must be in the same stack).
For more information, see "Private VLAN" on page 487.
Multicast TV VLAN
The Multicast TV VLAN feature provides the ability to supply multicast
transmissions to Layer 2-isolated subscribers, without replicating the
multicast transmissions for each subscriber VLAN. The subscribers are the
only receivers of the multicast transmissions.
For more information, see "Multicast TV VLAN" on page 527.
Spanning Tree Protocol Features
Spanning Tree Protocol (STP)
802.1d Spanning tree is a standard Layer 2 switch requirement that enables
bridges to automatically prevent and resolve Layer 2 forwarding loops.
Switches exchange configuration messages using specifically-formatted
frames, and selectively enable and disable forwarding on ports.
For more information, see "Spanning Tree" on page 428.
Dell PowerConnect 55xx Systems User Guide21
Fast Link
STP can take 30–60 seconds to converge. During this time, STP detects
possible loops, enabling time for status changes to propagate and for relevant
devices to respond. This period of 30-60 seconds is considered too long a
response time for many applications. The Fast Link option bypasses this
delay, and can be used in network topologies, where forwarding loops do not
occur.
For more information on enabling Fast Link for ports and LAGs, see "STP
or
Port Settings" on page 436
"Static Addresses" on page 418.
IEEE 802.1w Rapid Spanning Tree
Spanning Tree takes 30–60 seconds for each host to decide whether its ports
are actively forwarding traffic. Rapid Spanning Tree (RSTP) detects uses of
network topologies to enable faster convergence, without creating forwarding
loops.
For more information, see "Spanning Tree" on page 428.
IEEE 802.1s Multiple Spanning Tree
Multiple Spanning Tree (MSTP) operation maps VLANs into STP instances.
MSTP provides a different load balancing scenario. Packets assigned to various
VLANs are transmitted along different paths within MSTP Regions (MST
Regions). Regions are one or more MSTP bridges by which frames can be
transmitted. The standard lets administrators assign VLAN traffic to
unique paths.
For more information, see "Spanning Tree" on page 428.
STP BPDU Guard
BPDU Guard is used as a security mechanism, to protect the network from
invalid configurations.
BPDU Guard is usually used either when fast link ports (ports connected to
clients) are enabled or when the STP feature is disabled. When it is enabled
on a port, the port is shut down if a BPDU message is received and an
appropriate SNMP trap is generated.
For more information, see "Spanning Tree" on page 428.
22Dell PowerConnect 55xx Systems User Guide
Link Aggregation
Up to 32 Aggregated Links may be defined, each with up to eight member
ports, to form a single Link Aggregated Group (LAG). This enables:
•Fault tolerance protection from physical link disruption
•Higher bandwidth connections
•Improved bandwidth granularity
•High bandwidth server connectivity
A LAG is composed of ports with the same speed, set to full-duplex
operation.
For more information, see "LAG Configuration" on page 403.
Link Aggregation and LACP
LACP uses peer exchanges across links to determine, on an ongoing basis, the
aggregation capability of various links, and continuously provides the
maximum level of aggregation capability achievable between a given pair of
devices. LACP automatically determines, configures, binds, and monitors the
port binding within the system.
For more information, see "Link Aggregation" on page 500.
BootP and DHCP Clients
DHCP enables additional setup parameters to be received from a network
server upon system startup. DHCP service is an on-going process. DHCP is an
extension of BootP.
For more information, see "DHCP IPv4 Interface" on page 207.
Quality of Service Features
Class of Service 802.1p Support
The IEEE 802.1p signaling technique is an OSI Layer 2 standard for marking
and prioritizing network traffic at the data link/MAC sub-layer. 802.1p traffic
is classified and sent to the destination. No bandwidth reservations or limits
Dell PowerConnect 55xx Systems User Guide23
are established or enforced. 802.1p is a spin-off of the 802.1Q (VLANs)
standard. 802.1p establishes eight levels of priority, similar to the IP
Precedence IP Header bit-field.
Advanced QoS
Frames that match an ACL and were permitted entrance are implicitly
labeled with the name of the ACL that permitted their entrance. Advanced
mode QoS actions defined in network policies can then be applied to these
flows.
The switch can set DSCP values and map IPv6 DSCP to egress queues in the
same way it does for IPv4. The switch detects IPv6 frames by the IPv6 ethertype.
For more information about Advanced QoS, see "QoS Advanced Mode" on
page 668.
TCP Congestion Avoidance
The TCP Congestion Avoidance feature activates an algorithm that breaks up
or prevents TCP global synchronization on a congested node, where the
congestion is due to multiple sources sending packets with the same byte
count.
For more information, see "The following is an example of the CLI
commands:" on page 656.
Device Management Features
SNMP Alarms and Trap Logs
The system logs events with severity codes and timestamps. Events are sent as
SNMP traps to a Trap Recipient List.
For more information, see "SNMP" on page 307
24Dell PowerConnect 55xx Systems User Guide
.
SNMP Versions 1, 2, and 3
Simple Network Management Protocol (SNMP) over the UDP/IP protocol
controls access to the system. A list of community entries is defined, each
consisting of a community string and its access privileges. There are three
levels of SNMP security: read-only, read-write, and super. Only a super user
can access the Community table.
For more information, see "SNMP" on page 307.
Web-Based Management
Web-based management enables managing the system from any web browser.
The system contains an Embedded Web Server (EWS) that serves HTML
pages, through which the system can be monitored and configured. The
system internally converts web-based input into configuration commands,
MIB variable settings, and other management-related settings.
Management IP Address Conflict Notification
This feature validates the uniqueness of the switch's IP address, whether it is
assigned manually or through DHCP. If the IP address is not unique, the
switch performs actions according to the address type. If the IP address is
static, see more information about this in "IPv4 Interface Parameters" on
page 203. If the IP address is dynamic, see more information about this
in"DHCP IPv4 Interface" on page 207.
Flow Monitoring (sflow)
The switch supports statistics collection, using a sampling technology called
sFlow that is based on RFC 3176. The sFlow sampling technology is
embedded within the switch, and provides the ability to continuously
monitor traffic flows on some or all the interfaces simultaneously.
For more information, see "sFlow" on page 369.
Configuration File Download and Upload
The device configuration is stored in a configuration file. The configuration
file includes both system-wide and port-specific device configuration. The
system can display configuration files as a collection of CLI commands that
are stored and manipulated as text files.
Dell PowerConnect 55xx Systems User Guide25
Auto-Update of Configuration/Image File
This feature facilitates installation of new devices. When you enable the
various auto-update options, the device automatically downloads a new
image or configuration file when it receives its IP address from a TFTP server,
and automatically reboots, using the image or configuration file it received.
For more information, see "Auto-Update/Configuration Feature" on page 331.
TFTP Trivial File Transfer Protocol
The device supports boot image, software, and configuration
upload/download via TFTP.
USB File Transfer Protocol
The device supports boot image, software, and configuration
upload/download via USB.
Remote Monitoring
Remote Monitoring (RMON) is an extension to SNMP that provides
comprehensive network traffic monitoring capabilities. RMON is a standard
MIB that defines MAC-layer statistics and control objects, enabling real-time
information to be captured across the entire network.
For more information, see "Statistics/RMON" on page 596.
Command Line Interface
Command Line Interface (CLI) syntax and semantics conform as much as
possible to common, industry standards. CLI is composed of mandatory and
optional elements. The CLI interpreter provides command and keyword
completion to assist users and save typing.
Syslog
Syslog is a protocol that enables event notifications to be sent to a set of
remote servers, where they can be stored, examined, and acted upon. The
system sends notifications of significant events in real time, and keeps a
record of these events for after-the-fact usage.
For more information on Syslog, see "Logs" on page 188.
26Dell PowerConnect 55xx Systems User Guide
SNTP
The Simple Network Time Protocol (SNTP) assures accurate network
Ethernet Switch clock time synchronization up to the millisecond. Time
synchronization is performed by a network SNTP server. Time sources are
prioritized by strata. Strata define the distance from the reference clock. The
higher the stratum (where zero is the highest), the more accurate the clock.
For more information, see "Time Synchronization" on page 162.
Domain Name System
Domain Name System (DNS) converts user-defined domain names into IP
addresses. Each time a domain name is assigned, the DNS service translates
the name into a numeric IP address. For example, www.ipexample.com is
translated into 192.87.56.2. DNS servers maintain domain name databases
containing their corresponding IP addresses.
For more information, see "Domain Name System" on page 235.
802.1ab (LLDP-MED)
The Link Layer Discovery Protocol (LLDP) enables network managers to
troubleshoot, and enhances network management by discovering and
maintaining network topologies over multi-vendor environments. LLDP
discovers network neighbors by standardizing methods for network devices to
advertise themselves to other systems, and to store discovered information.
The multiple advertisement sets are sent in the packet Type Le n gt h Val u e
(TLV) field. LLDP devices must support chassis and port ID advertisement,
as well as system name, system ID, system description, and system capability
advertisements.
LLDP Media Endpoint Discovery
by enabling various IP systems to co-exist on a single network LLDP. It
provides detailed network topology information, emergency call service via IP
phone location information, and troubleshooting information.
For more information, see "LLDP" on page 531.
(LLDP-MED) increases network flexibility
Dell PowerConnect 55xx Systems User Guide27
Security Features
SSL
Secure Socket Layer (SSL) is an application-level protocol that enables secure
transactions of data through privacy, authentication, and data integrity. It
relies upon certificates and public and private keys.
Port-Based Authentication (Dot1x)
Port-based authentication enables authenticating system users on a per-port
basis via an external server. Only authenticated and approved system users
can transmit and receive data. Ports are authenticated via the Remote
Authentication Dial-In User Service (RADIUS) server using the Extensible
Authentication Protocol (EAP). Dynamic VLAN Assignment (DVA) enables
network administrators to automatically assign users to VLANs during the
RADIUS server authentication.
For more information, see "Dot1x Authentication" on page 127.
Locked Port Support
Locked Port increases network security by limiting access on a specific port to
users with specific MAC addresses. These addresses are either manually
defined or learned on that port. When a frame is seen on a locked port, and
the frame source MAC address is not tied to that port, the protection
mechanism is invoked.
For more information, see "Port Security" on page 93.
RADIUS Client
RADIUS is a client/server-based protocol. A RADIUS server maintains a user
database that contains per-user authentication information, such as user
name, password, and accounting information.
RADIUS Accounting
This feature enables recording device management sessions (Telnet, serial,
and WEB but not SNMP) and/or 802.1x authentication sessions.
28Dell PowerConnect 55xx Systems User Guide
Due to the complexity of 802.1x setup and configuration, many mistakes can
be made that might cause loss of connectivity or incorrect behavior. The
802.1x Monitor mode enables applying 802.1x functionality to the switch,
with all necessary RADIUS and/or domain servers active, without actually
taking any action that may cause unexpected behavior. In this way, the user
can test the 802.1x setup before actually applying it.
For more information, see "RADIUS" on page 284.
SSH
Secure Shell (SSH) is a protocol that provides a secure, remote connection to
a device. SSH version 2 is currently supported. The SSH server feature
enables an SSH client to establish a secure, encrypted connection with a
device. This connection provides functionality that is similar to an inbound
telnet connection. SSH uses RSA and DSA Public Key cryptography for
device connections and authentication.
For more information, see "Security Management and Password
Configuration" on page 71.
TACACS+
TACACS+ provides centralized security for validation of users accessing the
device. TACACS+ provides a centralized, user management system, while
still retaining consistency with RADIUS and other authentication processes.
For more information, see "TACACS+" on page 275.
Password Management
Password management provides increased network security and improved
password control. Passwords for SSH, Telnet, HTTP, HTTPS, and SNMP
access are assigned security features.
For more information, see "Password Management" on page 279.
The switch provides the ability to demand strong passwords, meaning that
they must contain both upper and lower-case letters, numbers, and
punctuation marks.
For more information, see "Password Management" on page 279.
Dell PowerConnect 55xx Systems User Guide29
Access Control Lists (ACL)
Access Control Lists
actions and rules for specific ingress ports. Packets entering an ingress port
with an active ACL, are either admitted or denied entry and the ingress port is
disabled. If they are denied entry, the user can disable the port.
(ACL) enable network managers to define classification
Dynamic ACL/Dynamic Policy Assignment (DACL/DPA)
The network administrator can specify the user's ACL in the RADIUS server.
After successful authentication, the user is assigned that ACL.
For more information, see "Network Security" on page 92.
DHCP Snooping
DHCP Snooping expands network security by providing firewall security
between untrusted interfaces and DHCP servers. By enabling DHCP
Snooping, network administrators can differentiate between trusted
interfaces connected to end-users or DHCP servers and untrusted interfaces
located beyond the network firewall.
For more information, see "DHCP Snooping" on page 564.
ARP Inspection
Dynamic ARP inspection is a security feature that validates ARP packets in a
network. It intercepts, logs, and discards ARP packets with invalid IP-to-MAC
address bindings. This capability protects the network from certain man-inthe-middle attacks.
Port Profile (CLI Macro)
Macros provide a convenient way to save and share a common configuration.
A macro is a set of CLI commands with a unique name. When a macro is
applied to a port, the CLI commands contained within it are executed and
added to the Running Configuration file.
For more information, see "Dynamic ARP Inspection" on page 551.
30Dell PowerConnect 55xx Systems User Guide
DHCP Server
Dynamic Host Configuration Protocol (DHCP) provides a means of passing
configuration information (including the IP address of a TFTP server and a
configuration file name) to hosts on a TCP/IP network. The switch can serve
as a DHCP server or client.
For more information on the device serving as a DHCP server, see "DHCP
Server" on page 290.
For more information on the device serving as a DHCP client, see "DHCP
IPv4 Interface" on page 207.
Protected Ports
The Protected Ports feature provides Layer 2 isolation between interfaces
(Ethernet ports and LAGs) that share the same Broadcast domain (VLAN)
with other interfaces.
For more information, see "Protected Ports" on page 388.
iSCSI Optimization
iSCSI optimization provides the iSCSI flows with specific priority over other
network traffic. In addition, the feature provides monitoring of iSCSI
sessions.
For more information, see "iSCSI Optimization" on page 584.
Proprietary Protocol Filtering
This feature enables user control over the filtering of packets with proprietary
protocols such as CDP, VTP, DTP, UDLD, PaGP, and SSTP. The user can
select any combination of the protocols to be filtered, for example: CDP and
VTP and UDLD.
For more information, see "Network Security" on page 92.
DHCP Relay and Option 82
A DHCP relay agent detects DHCP Broadcasts from DHCP clients and relays
them to DHCP servers that may reside on different subnets.
Dell PowerConnect 55xx Systems User Guide31
The relay agent information option (Option 82) in the DHCP protocol
enables a DHCP relay agent to send additional client information, upon
requesting an IP address.
Option 82 specifies the relaying switch's MAC address, the port identifier, and
the VLAN that forwarded the packet.
For more information, see "DHCP Relay" on page 577.
Identifying a Switch via LED
The switch provides the ability to turn on a LED (through the GUI interface)
on a specific unit or on all units in a stack for a specific length of time.
For more information, see Unit Identification (Location).
32Dell PowerConnect 55xx Systems User Guide
Hardware Description
This section describes PowerConnect 5500 hardware.
It contains the following topics:
•Device Models
•Device Structure
•LED Definitions
•Power Supplies
3
Dell PowerConnect 55xx Systems User Guide33
Device Models
The PowerConnect 5500 switches combine versatility with minimal
management requirements. This series includes the following device types:
•
PowerConnect 5524
•
PowerConnect 5524P (with PoE)
ports, along with Power-over-Ethernet (PoE) support
•
PowerConnect 5548
•
PowerConnect 5548P (with PoE)
ports, along with Power-over-Ethernet (PoE) support
Each of these devices provides, in addition to the above ports, two HDMI
ports, two SPF+ ports, an RS-232 console port, and a USB port, as shown in
Figure 5-1.
NOTE: 10/100/1000Mbps Baset-T ports are also known as Gigabit ports or G ports.
— Provides 24 10/100/1000Mbps Base-T ports
— Provides 24 10/100/1000Mbps Base-T
— Provides 48 10/100/1000Mbps Base-T ports
— Provides 24 10/100/1000Mbps Base-T
Device Structure
This section describes the structure of the devices.
It contains the following topics:
•Front Panel
•Buttons and LEDs
•Back Panel
•Ventilation System
•System LEDs
•Port LEDs
34Dell PowerConnect 55xx Systems User Guide
Front Panel
Console
SPF+ Ports
USB Port
HDMI Ports
Giga Ports (even numbered)
Port
Giga Ports (odd numbered)
Figure 5-1 shows the front panel of the PowerConnect 5548 device with its
various ports labelled. The PowerConnect 5524 device from the
PowerConnect 5548 device in that there are 24 G ports and not 48.
Figure 5-2 shows the buttons/LEDs on the right side in greater detail.
Figure 3-1. PowerConnect 5548 Ports
The following ports are found on the devices.
•24/48 G Ports
•
Two X G Po rts
These are 10 Gigabit ports, designated as 1000Base-X-SFP+. The SFP+
ports are fiber transceivers designated as 10000 Base-SX or LX. They
include TWSI (Two-Wire Serial Interface) and internal EPROM.
(also known as Small Form Factor Plugable (SFP)+ Ports)
•RS-232 Console Port
This port is used for a terminal connection for debugging and software
downloads. The default baud rate is 9,600 bps. The baud rate can be
configured from 2400 bps up to 115,200 bps.
•Two HDMI Ports
The HDMI ports are 1.3a specification, category 2 high-speed cables, 340
MHz (10.2 Gbit/s). They are used for stacking purposes.
Dell PowerConnect 55xx Systems User Guide35
NOTE: it is recommended to use HDMI cable version 1.4
Power Status
Fan
RPS
Reset
Stacking Unit ID
Master
Port LEDs
Console Port
•Single USB Port
This port is used for firmware upgrade from a USB device.
Buttons and LEDs
LEDs on Front Panel
Figure 5-2 shows the extreme, right-hand part of the front panel, which
contains buttons and LEDs, in addition to ports.
Figure 3-2. Button/LED Panel
These LEDs are described in Table 5-1 and Table 5-2.
Reset Button
The PowerConnect 5500 switches have a reset button, located on the front
panel that is used for manual reset (reboot) of the device.
The single reset circuit of the switch is activated by power-up or low-voltage
conditions.
36Dell PowerConnect 55xx Systems User Guide
The Reset button does not extend beyond the unit’s front, and it must be
RPS
A/C Power Supply
Locator
Locator
MPS
A/C Power Supply
FanFan
activated with a pin.
Back Panel
The back panel of the non-PoE models, shown in Figure 5-3, contains a
Redundant Power Supply (RPS) connector, Location LED, and power
connector.
The back panel of the PoE models, shown in Figure 5-4, contains a Modular
Power Supply (MPS) connector, Location LED, power connector, and two fan
outlets.
Figure 3-3. PowerConnect 5524/48 Back Panel
Figure 3-4. PowerConnect 5524/48/P Back Panel
The elements on the back panel are used as follows:
•
Locator LED
— This LED is lit when the Unit Identification feature is
selected. See "Unit Identification (Location)" on page 367 for more
information about this feature.
•
RPS/MPS
on page 42
— Connector for auxiliary power supply.
for more information.
Dell PowerConnect 55xx Systems User Guide37
See "Power Supplies
"
•
A/C Power Supply
" on page 42
— Fan outlets.
•
Supplies
Fans
— Connector for AC power supply.
for more information.
See "Ventilation System
" on page 38
See "Power
for more
information.
Ventilation System
The PowerConnect 5500/P switches have two built-in fans. Operation can be
verified by observing the LED that indicates if one or more fans are faulty
(see Table 5-1).
The fan outlets are shown in Figure 5-4.
LED Definitions
The front panel contains light emitting diodes (LEDs) that indicate the
status of links, power supplies, fans, and system diagnostics.
These are described below.
System LEDs
The system LEDs of the PowerConnect 5500 devices provide information
about the power supplies, fans, thermal conditions, and diagnostics.
Figure 5-2 shows the location of the system LEDS on the device.
Table 5-1 describes the meaning of the colors of the system LEDs.
Table 3-1. System LED Indicators
LEDColorDescription
Power Supply
(PWR)
StatusGreen StaticThe switch is operating normally.
Green StaticThe switch is turned on.
Green FlashingThe Locator function is enabled.
OffThe switch is turned off.
Green FlashingThe switch is booting.
Red StaticA critical system error has occurred.
Red FlashingA non-critical system error has occurred.
38Dell PowerConnect 55xx Systems User Guide
Table 3-1. System LED Indicators (Continued)
LEDColorDescription
Stacking No. Indicates the unit ID of the device in the
stack.
Modular/Redundan
cy Power Supply
(MPS/RPS)
Locator Green FlashingLocator function is enabled.
Master Green StaticThe device is a master unit.
Fan (FAN)Green StaticAll device fans are operating normally.
Green StaticThe MPS/RPS is currently operating.
Red StaticThe MPS/RPS failed.
OffThe MPS/RPS is not plugged in.
Green StaticLocator function is disabled.
OffThe device is not a master unit.
Red StaticOne or more of the device fans are not
operating.
Dell PowerConnect 55xx Systems User Guide39
Port LEDs
LNK
ACT/PoE
LNK
ACT/PoE
Gigabit Ports
Each Giga port has two LEDs associated with it. The speed/link (LNK) LED
is located on the left side of the port, while the activity/PoE LED is located on
the right side of the port. The activity/PoE LED is labelled ACT in non-PoE
devices, and is labelled PoE in PoE-enabled devices, as shown in Figure 5-5.
Figure 3-5. Giga Port LEDs
Table 5-2 describes the LED indications for the Gigabit ports:
Table 3-2. Giga Port s on non-PoE-enabled Devices LEDs
LEDColorDescription
LNKGreen Flashing Link is up and the port is either transmitting
or receiving at 1000 Mbs.
Yellow Flashing Link is up and the port is either transmitting
or receiving data at 100 Mbps.
Solid green
ACTGreen Flashing There is activity on the port.
Solid amber
OFFThe port is currently not operating.
OffThere is no activity on the port.
Link is up high speed.
Link is up at lower speeds.
40Dell PowerConnect 55xx Systems User Guide
Table 5-3 describes the LED indications for Gigabit ports on PoE-enabled
devices.
Table 3-3. Giga Port s on PoE-enabled Devices LEDs
LEDColorDescription
LNKFlashing greenLink is up and the port is either transmitting or
receiving at 1000 Mbs.
Flashing amberLink is up and the port is either transmitting or
receiving data at 100 Mbps.
Solid green
Solid amber
OffPort is currently not operating.
PoEFlashing greenThere is activity on the port and the PoE is off.
Flashing amberThere is activity on the port and the PoE is on.
Amber solid There is no activity on the port and the PoE power is
OffThere is no activity on the port and the PoE is off.
Link is up high speed.
Link is up at lower speeds.
on.
HDMI Port LEDs
The HDMI ports have a Speed/link (LNK) LED on their left side and an
activity (ACT) LED on their right side.
Table 5-4 describes the HDMP port LEDs:
Table 3-4. HDMI (Stacking) Port LEDs
LEDColorDescription
Speed/LinkSolid greenPort is linked to device.
OffPort is currently not operating.
ACT Flashing greenPort is either transmitting or receiving.
OffPort is not transmitting or receiving.
Dell PowerConnect 55xx Systems User Guide41
SFP LEDs
The SFP+ ports each have two LEDs, marked as LNK and ACT, associated
with them. Figure 5-5 describes these LEDs.
Table 3-5. SFP Port LEDs
LEDColorDescription
LNKSolid greenLink is at highest speed.
Solid amberLink is at lowest speed.
OffPort is currently not linked.
ACTFlashing greenPort is either transmitting or receiving.
Stack ID LED
The front panel of the device contains a Stack ID panel used to display the
Unit ID for the Stack Master and members, as shown in Figure 5-2.
Power Supplies
The device has an internal power supply unit (AC unit) and a connector to
connect PowerConnect 5500/P devices to a PowerConnect EPS-470 unit, or
to a PowerConnect MPS-600 unit.
The PowerConnect 5500/P devices have the following internal power
supplies:
•24 Port non-PoE devices —
•48 Port non-PoE devices —
•24/48 Port PoE devices —
Operation with both power supply units is regulated through load sharing.
Power supply LEDs indicate the status of the power supply.
The AC power supply unit operates from 90 to 264 VAC, 47 to 63 Hz. The AC
power supply unit uses a standard connector. A LED, shown in Figure 5-3,
indicates whether the AC unit is connected.
When the device is connected to a supplementary power source, the
probability of failure in the event of a power outage decreases.
54 Watt
100 Watt
600 Watt
.
.
.
42Dell PowerConnect 55xx Systems User Guide
4
Stacking Overview
This section describes how the Stacking feature of the PowerConnect 5500
series functions.
It contains the following topics:
•Stack Overview
•Stack Members and Unit IDs
Dell PowerConnect 55xx Systems User Guide43
Stack Overview
The PowerConnect 5500 Stacking feature provides multiple switch
management through a single switch, so that all units in the stack are treated
as if they were a single switch. All stack members are accessed through the
management IP address, through which the stack is managed.
Each switch is a member in a stack, although the stack may consist of only a
single switch.
Up to eight units can be stacked.
This section covers the following topics:
•Stack Operation Modes
•Stacking Units
•Stack Topology
Stack Operation Modes
All stacks must have a Master unit, and may have a Master Backup unit. All
other units are connected to the stack as members (slaves).
A unit in the stack can be in one of the following modes:
•
Stack Master
addition, it runs configures and manages all other units in the stack. All
protocols run in the context of the Master unit. It is responsible for
updating and synchronizing the
The Stack Master detects and reconfigures the ports with minimal
operational impact in the event of:
— Runs the fully operational software of a switch. In
Master Backup
.
Unit failure
Inter-unit stacking link failure
Unit insertion
Unit removal
When the Master unit boots, or when inserting or removing a stack
member, the Master unit initiates a stacking discovering process.
44Dell PowerConnect 55xx Systems User Guide
•
Slave Unit
applications running on the Master’s CPU to control and manage the
resources of the slave unit.
•
Master Backup
addition, continuously monitors the existence and operation of the stack
master. If the master unit fails, the master-backup unit assumes the Master
Backup role.
— Runs a slave version of the software that enables the
— Runs as a slave unit, as described above, and in
Stacking Units
PowerConnect 5500 series switches use two HDMI 10G ports for stacking.
To connect the units in the stack:
1
Insert one end of an HDMI cable into the left-hand HDMI port on the
unit at the top of the stack and the other end into the right-hand HDMI
port of the unit immediately below it (this is called crossover).
2
Repeat this process until all units are connected.
3
(Optional) Connect the left-hand HDMI port of the unit at the bottom of
the stack to the right-hand HDMI port of the unit at the top of the stack.
This step provides increased bandwidth and redundancy.
Dell PowerConnect 55xx Systems User Guide45
The results of this process are shown in Figure .
HDMI Ports
F
r
o
n
t
P
a
n
e
l
HDMI Ports
F
r
o
n
t
P
a
n
e
l
HDMI Ports
F
r
o
n
t
P
a
n
e
l
F
r
o
n
t
P
a
n
e
l
HDMI Ports
Figure 4-1. Stacking Ring Topology
46Dell PowerConnect 55xx Systems User Guide
Stack Topology
The PowerConnect 5500 series systems operates in a ring or chain topology.
Ring Topology
In a ring topology all units in the stack are connected to each other, forming a
circle. Each unit in the stack accepts data and sends it to the unit to which it
is attached. The packet continues through the stack until it reaches its
destination. The system discovers the optimal path on which to send traffic.
Figure shows units of a stack connected in a ring topology.
Stacking Failover Topology - Chain Topology
Difficulties occur when a unit in the ring becomes non-functional, or a link is
severed. In this case, the system automatically switches to a chain topology,
without any system downtime.
In chain topology, each unit in the stack is connected to neighboring unit
except for the last unit, which is not connected to any other unit.
In the chain topology, the stack continues to function as long as there is a
master- or backup-enabled unit in each segment of the stack.
When the ring topology is switched to chain topology, an SNMP message is
automatically generated, but no stack management action is required. The
unit that failed must be repaired to restore full stacking operation in the ring
topology.
After the stacking issues are resolved, the units can be reconnected without
interruption, and the ring topology is restored.
Stack Members and Unit IDs
This section describes how to configure the stack.
It contains the following topics:
•Adding a Unit to the Stack
•Assigning Unit IDs
•Selecting the Master and Master Backup Units
•Switching from the Master to the Master Backup
•Replacing Stacking Members
Dell PowerConnect 55xx Systems User Guide47
•Loading Software onto Stack Members
•Rebooting the Stack
•Managing Configuration Files on the Stack
Adding a Unit to the Stack
The recommended procedure to add a unit to a stack is as follows:
1
Place the powered-off unit in its physical place in the stack, and insert the
stacking link in the unit (but do not connect it to the rest of the stack).
2
Power up the unit, and set the correct Unit ID, as described below.
3
Reboot the unit and connect it to the rest of the stack through the stack
link.
Assigning Unit IDs
Each unit in the stack has a unique ID that defines the unit’s position and
function in the stack, as shown in Figure 5-2.
The unit that is assigned Unit ID 1 is the Master unit, by default. The unit
that is assigned Unit ID 2 is the Master Backup unit.
When you power-up the stack, each unit is assigned a unique Unit ID. This is
displayed on the front panel of the unit, as shown in Figure 5-2.
The Unit ID of each unit can be either automatically assigned or manually
assigned, as described in step 1 to step 4 below.
To assign IDs to the units in the stack, do the following for each unit in the
stack:
1
Connect the unit to the terminal.
48Dell PowerConnect 55xx Systems User Guide
2
Turn on the unit to begin auto boot and press
enter the
Start Up
menu.
Return
or
Esc
to abort and
Startup Menu
[1]Download Software
[2]Erase Flash File
[3]Password Recovery Procedure
[4]Set Terminal Baud-Rate
[5]Stack Menu
[6]Back
3
Select
Stack Menu
to open the
Stack Menu
.
[1]Show Unit Stack ID
[2]Set Unit Stack ID
[3]Back
4
Select
Set Unit Stack ID.
Enter either a Unit ID for manual assignment or
0 to indicate that the unit ID will be assigned automatically.
NOTE: The entire stack should be connected, as shown in Figure 6-1, before
powering up the units.
Selecting the Master and Master Backup Units
A unit is master-enabled if it assigned Unit ID 1 and Unit 2. All other units in
the stack (slaves) have unit IDs of 3-8.
The stack master assignment is performed during the configuration boot
process. One master-enabled stack member is elected as Master, and the
other master-enabled stack member is selected as
Master Backup
to the following decision process:
•A master is selected from the set of the two Master-enabled units. Priority
is given to the lowest unit ID, but also takes into account the amount of
time the unit is UP (Up Time) as follows:
Dell PowerConnect 55xx Systems User Guide49
, according
–When a master-enabled unit is inserted to a running stack, (or when
Master and Backup master both start at the same time), they
exchange each other’s UP TIME (the time since they powered up). If
the time difference is smaller than 10 minutes, the unit with the
lowest unit ID is elected; otherwise, the unit with the longest UP time
is elected.
–If a Master-enabled unit (with ID 1 or 2) is inserted into an
operational stack, it will be elected as a backup master.
–If a Master unit and/or a backup Master unit is removed from the
stack and the user wishes to configure one of the slave units
(numbered 3-8) to be a Master backup, the user must reset the unit’s
ID. This can be done as follows:
•If there is a Master-enabled unit in the stack: Do -
renumber
2 (through CLI or GUI). This makes the nth unit a
switch
master-enabled unit.
•If there is no Master-enabled unit in the stack: Press the reset
button on the unit to be master-enabled, and assign it a unit ID=
1 using the boot menu.
•The user can
force
a master-enabled unit to be the master unit of the
stack, even if the master election process did not select it. This is done by
switching over to the backup unit.
NOTE: Two stacking member are considered the same age if they were
inserted within a ten minute interval, for example, if Unit 2 is inserted in the
first minute of a ten-minute cycle, and Unit 1 is inserted in fifth minute of the
same cycle, the units are considered to be the same age.
n
NOTE: If two stack members are discovered to have the same Unit ID, only
the older unit is included in the stack. The stack continues to function and a
message is sent notifying that a unit failed to join the stack.
The Stack Master and the
Warm Standby ensures that the
Master Backup
Master Backup
maintain a Warm Standby. The
takes over for the Stack
Master if a failover occurs, so that the stack continues to operate normally.
During the Warm Standby, the Master and the
Master Backup
are
synchronized with the static configuration. When the Stacking Master is
configured, it must synchronize the
Master Backup
. The dynamic
50Dell PowerConnect 55xx Systems User Guide
configuration is not saved, for example, dynamically-learned MAC addresses
are not saved, but dynamic information is learned quickly and automatically
by network traffic.
Switching from the Master to the Master Backup
The Master Backup replaces the Stack Master if one or more of the following
events occur:
•The Stack Master fails or is removed from the stack.
•Links from the Stack Master to the stacking members fails.
•User performs soft switchover via the Web interface or the CLI.
Switching between the Stack Master and the Master Backup results in limited
service loss. Dynamic tables are relearned if a failure occurs. The Running
Configuration file is synchronized between Stack Master and the Master
Backup, and continues running on the Master Backup.
Replacing Stacking Members
If a unit is removed from the stack, and replaced with a unit with the same
unit ID, the stack member is configured with the original unit configuration.
Otherwise, if the new unit has either more or fewer ports than the previous
unit, the results depend on the device type of the new and original units, as
defined in Table 6-1:
Table 4-1. Port Configurations when Replacing Units
New UnitOriginal UnitNew Port Configuration
5548P or 55485548P or 5548Port configurations remain the same.
5524 or 5524PThe first 24 Giga (GE) ports receive the
respective 5524/P 24 GE port
configurations. The 10 G port
configurations remain the same.
Dell PowerConnect 55xx Systems User Guide51
Table 4-1. Port Configurations when Replacing Units (Continued)
New UnitOriginal UnitNew Port Configuration
5524P or 55245548P or 5548The PowerConnect 5524/P 24 Gigabit
ports receives the first 24 Giga 5548/P port
configurations. The 10 Giga port
configurations remain the same. The
remaining ports receive the default port
configuration.
5524P or 5524Port configurations remain the same.
Loading Software onto Stack Members
Software can be downloaded to all units simultaneously, or to the master unit
alone. If software is only loaded to the master unit, when new software is
selected, and the Master is rebooted, the Master updates the software on the
remaining units.
In this way, all units in the stack run the same software version.
Rebooting the Stack
Whenever a reboot occurs, topology discovery is performed, and the Master
learns all units IDs in the stack.
Configuration files are changed only through explicit user configuration, and
are not automatically modified when units are added, removed or reassigned
unit IDs.
Each time the system reboots, the Startup Configuration file in the Master
unit is used to configure the stack.
Managing Configuration Files on the Stack
The Startup Configuration and Running Configuration file are stored on the
stack master.
Each port in the stack is referenced in the configuration files by its port type
and unit ID/0/port number, for example "gi1/0/24", which means Giga port 24
on unit 1 (the middle 0 is reserved for future use).
Configuration files are managed from the Stack Master, including:
•Saving to flash memory
52Dell PowerConnect 55xx Systems User Guide
•Uploading configuration files to an external TFTP server/HTTP client
•Downloading configuration files from an external TFTP server/HTTP
client
•Download/upload through the USB port
NOTE: Stack configuration for all configured ports is saved, even if the stack
is reset and/or the ports are no longer present.
Dell PowerConnect 55xx Systems User Guide53
5
Configuring the Switch
This section describes the configuration that must be performed after the
switch is installed and connected to power supplies. Additional advanced
functions are described in "Advanced Switch Configuration" on page 63.
NOTE: Before proceeding further, read the release notes for this product. You can
download the release notes from the Dell Support website at support.dell.com.
NOTE: We recommend that you obtain the most recent revision of the user
documentation from the Dell Support website at support.dell.com.
It contains the following topics:
•Configuration Work Flow
•Connecting the Switch to the Terminal
•Booting the Switch
•Configuring the Stack
•Configuration Using the Setup Wizard
Dell PowerConnect 55xx Systems User Guide54
Configuration Work Flow
To configure the switches:
1
For each switch in the stack:
a
Connect it to a terminal, as described in the "Connecting the Switch
to the Terminal" on page 56.
b
Boot the switch, as described in the "Booting the Switch" on page 57.
c
Assign a unit ID to the switch, as described in "Assigning Unit IDs" on
page 48.
2
Connect the units in the stack to each other, as described in "Configuring
the Stack" on page 58.
3
Connect the Master unit to the terminal, reboot the unit and the Setup
Wizard is run automatically, as described in "Configuration Using the
Setup Wizard" on page 58.
4
Respond to the Setup Wizard prompts.
5
Continue managing the switch, either through the console or Telnet, using
the CLI or the web GUI.
Dell PowerConnect 55xx Systems User Guide55
Connecting the Switch to the Terminal
Console Port
The switch is configured and monitored through a terminal desktop system
that runs terminal emulation software. The switch connects to the terminal
through the console port.
To connect the switch to a terminal:
1
Connect an RS-232 cable to a VT100-compatible terminal or the serial
connector of a desktop system running terminal emulation software.
2
Connect the RS-232 cable to the switch console port on the front panel of
the switch (see Figure 7-1) using an 8-pin RJ-45 male connector.
Figure 5-1. Front-Panel Console Port
3
Set the terminal emulation software as follows:
a
Select the appropriate serial port to connect to the switch.
b
Set the data rate to 9600 baud.
c
Set the data format to 8 data bits, 1 stop bit, and no parity.
d
Set Flow Control to
e
Select VT100 for Emulation mode within your communication
software.
f
Select Terminal keys for Function, Arrow, and Ctrl keys. Ensure that
the setting is for Terminal keys (
non
e.
not
Windows keys).
NOTE: You can connect a console to the console port on any unit in the stack, but
stack management is performed only from the stack master (Unit ID 1 or 2).
56Dell PowerConnect 55xx Systems User Guide
Booting the Switch
Power Status
Fan
RPS
After the local terminal is connected, turn on power. The switch then goes
through power-on self-test (POST). POST runs every time the switch is
started and checks hardware components, to determine if the switch is
operational before completely booting. If the system detects a critical
problem, the boot process stops. If POST passes successfully, a valid
executable image is loaded into RAM. POST messages are displayed on the
terminal and indicate test success or failure.
The boot process runs for approximately 40-45seconds.
When the boot process completes, the following LEDs are lit, as shown in
Figure 7-2:
•Power
•Status
•Fan (should be green)
•RPS (if it is being used)
Figure 5-2. Initial LEDs
Dell PowerConnect 55xx Systems User Guide57
Configuring the Stack
The switch is always considered to be a stack of switches even if the stack only
contains a single switch. If there is more than one switch in the stack, each
switch must be configured individually. See "Assigning Unit IDs" on page 48
for instructions on how to configure the stack.
Configuration Using the Setup Wizard
The Setup Wizard guides you through the initial switch configuration to get
the system up and running as quickly as possible. Note that you can skip the
Setup Wizard and configure the switch manually through the CLI.
The Setup Wizard configures the following fields:
•SNMP Community String and SNMP Management System IP address
(optional)
•Username and password
•Management switch IP address
•IP subnet mask
•Default gateway IP address
NOTE: The Setup Wizard assumes the following:
•The PowerConnect switch was never configured before and is in the same
state as when you received it.
•The PowerConnect switch booted successfully.
•The console connection is established and the console prompt is displayed on
the screen of a VT100 terminal switch.
Connect the Master unit to a terminal. You can identify the Master unit by
the illuminated Master LED on the front panel of the switch (see Figure 5-2).
To configure the system using the Setup Wizard:
1
Obtain the following information from the network administrator:
•SNMP Community String and SNMP Management System IP
address (optional)
•Username and password
58Dell PowerConnect 55xx Systems User Guide
•The IP address to be assigned to the VLAN 1 interface through which
the switch is to be managed (by default, every external and internal
port is a member of the VLAN 1)
•The IP subnet mask for the network
•The default gateway (next hop router) IP address for configuring the
default route
2
Boot the Master unit. The system automatically prompts you to use the
Setup Wizard.
The Setup Wizard displays the following information:
Welcome to Dell Easy Setup Wizard
The Setup Wizard guides you through the initial
switch configuration and gets you up and running
easily and quickly. You can skip the Setup Wizard
and enter CLI mode to manually configure the
switch. The system will prompt you with a default
answer; by pressing Enter, you accept the default
value.
You must respond to the next question to run the
Setup Wizard within 60 seconds, otherwise the
system will continue with normal operation using
the default system configuration.
Would you like to enter the Setup Wizard (you must
answer this question within 60 seconds)? (Y/N)
Enter [Y] to run the wizard. If you enter [N] or if you do not respond
3
within 60 seconds, the Setup Wizard automatically exits and the CLI
console prompt appears.
If you enter [Y] the wizard provides interactive guidance through the
initial switch configuration.
The following information is displayed:
You can exit the Setup Wizard at any time by
entering [ctrl+Z].
The system is not set up for SNMP management by
default.
Dell PowerConnect 55xx Systems User Guide59
To manage the switch using SNMP (required for Dell
Network Manager) you can:
•
Setup the initial SNMP version 2 account now.
•
Return later and set up the SNMP version account.
For more information on setting up a SNMP version
2 account, see the user documentation.
Would you like to set up the SNMP management
interface now? [Y/N]
4
Enter [N] to skip to Step7 or enter [Y] to continue the Setup Wizard. If
you enter [Y] the following information is displayed:
To set up the SNMP management account you must
specify the management system IP address and the
"community string" or password that the particular
management system uses to access the switch. The
wizard automatically assigns the highest access
level [Privilege Level 15] to this account.
You can use Dell Network Manager or other
management interfaces to change this setting later
and to add additional management system later. For
more information on adding management systems, see
the user documentation.
To add a management station:
Please enter the SNMP community string to be used:
Enter the SNMP community string. You can use the default name "public"
5
Please enter the IP address of the Management
System (A.B.C.D) or wildcard (0.0.0.0) to manage
from any Management Station:[0.0.0.0].
Enter the SNMP Management System IP.
6
7
Set up user account privilege level, as follows:
The following information is displayed:
Now we need to set up your initial privilege
(Level 15) user account. This account is used to
login to the CLI and Web interface. You may set up
60Dell PowerConnect 55xx Systems User Guide
other accounts and change privilege levels later.
For more information on setting up user accounts
and changing privilege levels, see the user
documentation.
To set up a user account:
Enter the user name:
Please enter the user password:
Please reenter the user password:
8
Enter the following:
•User name, for example "admin"
•Password and password confirmation.
9
Press
Enter
.
The following information is displayed:
Next, an IP address is setup. The IP address is
defined on the default VLAN (VLAN 1). This is the
IP address you use to access the Telnet, Web
interface, or SNMP interface for the switch.
To set up an IP address:
Please enter the IP address of the device
(A.B.C.D):
Please enter the IP subnet mask (A.B.C.D or nn):
10
Enter the management IP address and IP subnet mask, for example
192.168.2.100 as the IP address and 255.255.255.0 as the IP subnet mask.
11
Press
Enter
.
The following information is displayed:
Finally, set up the default gateway.
Please enter the IP address of the gateway from
which this network is reachable
(e.g. 192.168.2.1).Default gateway
(A.B.C.D):[0.0.0.0]
Dell PowerConnect 55xx Systems User Guide61
12
Enter the default gateway.
13
Press
Enter
. The following is displayed (example):
This is the configuration information that has
been collected:
User Account setup = admin
Password = **********
Management IP address = 192.168.2.100
255.255.255.0
Default Gateway = 192.168.2.1
The following information is displayed:
If the information is correct, please select (Y)
to save the configuration and copy to the start-up
configuration file. If the information is
incorrect, select (N) to discard configuration and
restart the wizard: [Y/N]
Enter [N] to restart the wizard or enter [Y] to complete the Setup Wizard.
14
If you enter [Y] the following is displayed:
Configuring SNMP management interface.
Configuring user account.......
Configuring IP and subnet......
Thank you for using Dell Easy Setup Wizard. You
will now enter CLI mode.
The CLI prompt is displayed. You have finished the initial configuration.
After the initial configuration is complete, you can manage the switch from
the connected console port using the CLI or remotely through the
management interface, using Telnet or the Web GUI. See the
PowerConnect 5500 Series User Guide
62Dell PowerConnect 55xx Systems User Guide
found on the Documentation CD.
Dell
Advanced Switch Configuration
This section describes how to perform various configuration operations
through the CLI.
It includes the following topics:
•Using the CLI
•Accessing the Device Through the CLI
•Retrieving an IP Address
•Security Management and Password Configuration
•Configuring Login Banners
•Startup Menu Procedures
•Software Download
6
Dell PowerConnect 55xx Systems User Guide63
Using the CLI
This section provides some general information for using the CLI.
For a complete description of CLI commands, refer to the Dell
PowerConnect 55xx Systems
Command Mode Overview
The CLI is divided into command modes, each with a specific command set.
Entering a question mark at the terminal prompt displays a list of commands
available for that particular command mode.
In each mode, a specific command is used to navigate from one mode to
another.
These modes are described below.
User EXEC Mode
During CLI session initialization, the CLI is in User EXEC mode. Only a
limited subset of commands is available in User EXEC mode. This level is
reserved for tasks that do not change the terminal configuration and is used
to access configuration sub-systems.
After logging into the device, User EXEC command mode is enabled. The
user-level prompt consists of the host name followed by the angle bracket
(>). For example:
NOTE: The default host name is console unless it has been modified during
initial configuration.
The User EXEC commands enable connecting to remote devices, changing
terminal settings on a temporary basis, performing basic tests, and listing
system information.
To list the User EXEC commands, enter a question mark at the command
prompt.
To enter the next level, Privileged EXEC mode, a password is required (if
configured).
console>
CLI Reference Guide
.
Privileged EXEC Mode
Privileged EXEC mode provides access to the device global configuration.
64Dell PowerConnect 55xx Systems User Guide
Privileged access can be protected, to prevent unauthorized access and to
secure operating parameters. Passwords are displayed on the screen, and are
case-sensitive.
NOTE: The enable command is only necessary if you login with privilege level less
than 15.
To access and list the Privileged EXEC mode commands:
1
At the prompt type
2
When a password prompt displays, enter the password and press
<Enter>
.
enable and press
<Enter>
.
The Privileged EXEC mode prompt displays as the device host name
followed by #. For example:
console#
To list the Privileged EXEC commands, type a question mark at the
command prompt.
To return from Privileged EXEC mode to User EXEC mode, type
and press
<Enter>
.
disable
The following example illustrates accessing privileged EXEC mode and then
returning to the User EXEC mode:
console> enable
Enter Password: ******
console#
console# disable
console>
Use the exit command to return to a previous mode.
To configure the device, enter the next level, Global Configuration mode.
Global Configuration Mode
The
Global Configuration mode manages device configuration on a global
level. Global Configuration commands apply to system features, rather than a
specific protocol or interface.
Dell PowerConnect 55xx Systems User Guide65
To access Global Configuration mode, at the Privileged EXEC Mode prompt,
type configure and press <Enter>. The Global Configuration mode displays
as the device host name followed by (config) and the pound sign #.
console# configure
console(configure)#
To list the Global Configuration commands, enter a question mark at the
command prompt.
The following example illustrates how to access Global Configuration mode
and return back to the Privileged EXEC mode:
The Interface Configuration mode configures the device at the physical
interface level (port, VLAN, or LAG). Interface commands that require
subcommands have another level, called the Subinterface Configuration
mode. A password is not required to access this level.
The following example, places the CLI in Interface Configuration mode on
port 1/0/1. The sntp command is then applied to that port.
To run a command in a mode, which does not contain it, use do before the
command, as in the following example:
console# configure
console(config)# interface gi1/0/1
console(config-if)# sntp client enable
console(config-if)# do show sntp configuration
66Dell PowerConnect 55xx Systems User Guide
Accessing the Device Through the CLI
You can manage the device using CLI commands, over a direct connection to
the terminal console, or via a Telnet connection.
Direct Connection
Connect the device to the console and enter the CLI commands upon
receiving a prompt.
Telnet Connection
Telnet is a terminal emulation TCP/IP protocol. RS-232 terminals can be
virtually connected to the local device through a TCP/IP protocol network.
Telnet is an alternative to a local login terminal, where a remote login is
required.
The device supports up to four simultaneous Telnet sessions. All CLI
commands can be used over a Telnet session.
If access is via a Telnet connection, ensure that the device has an IP address
and that software has been downloaded to the device.
To start a Telnet session:
1
Select
Start > Run
The
Run
window opens.
2
Ty p e
cmd.
The
cmd
window opens.
.
3
In the
cmd
window, type
The Telnet session begins.
Telnet <IP address> <Enter>
Dell PowerConnect 55xx Systems User Guide67
.
Retrieving an IP Address
Receiving an IP Address from a DHCP Server
When using the DHCP protocol to retrieve an IP address, the device acts as a
DHCP client. When the device is reset, the DHCP command is saved in the
configuration file, but the IP address is not.
To retrieve an IP address from a DHCP server, perform the following steps:
1
Select and connect any port to a DHCP server or to a subnet that has a
DHCP server on it.
2
Type the following commands to use the selected port for receiving the IP
address.
a
Assigning dynamic IP Addresses on a port:
console# configure
console(config)# interface gi1/0/1
console(config-if)# ip address dhcp
b
Assigning a dynamic IP Addresses on a VLAN:
console# configure
console(config)# interface vlan 1
console(config-if)# ip addressdhcp
The interface receives the IP address automatically.
When configuring/receiving IP addresses through DHCP and BOOTP (an
older version of DHCP), the configuration received from these servers
includes the IP address and may include the subnet mask and default
gateway.
NOTE: It is not necessary to delete the device configuration to retrieve an IP
address from the DHCP server.
NOTE: When copying configuration files, avoid using a configuration file that
contains an instruction to enable DHCP on an interface that connects to the same
DHCP server, or to one with an identical configuration. In this instance, the device
retrieves the new configuration file and boots from it. The device then enables
DHCP, as instructed in the new configuration file, and the DHCP instructs it to reload
the same file.
NOTE: If you configure a DHCP IP address, this address is dynamically retrieved,
and the ip address dhcp command is saved in the configuration file. In the event of
master failure, the backup will again attempt to retrieve a DHCP address. This could
result in one of the following:
•The same IP address may be assigned.
•A different IP address may be assigned, which could result in loss of
connectivity to the management station.
•The DHCP server may be down, which would result in IP address retrieval
failure, and possible loss of connectivity to the management station.
Receiving an IP Address From a BOOTP Server
The standard BOOTP protocol is supported and enables the device to
automatically download its IP host configuration from any standard BOOTP
server in the network. In this case, the device acts as a BOOTP client.
Dell PowerConnect 55xx Systems User Guide69
To retrieve an IP address from a BOOTP server:
1
Select and connect any port to a BOOTP server or subnet containing such
a server.
2
At the system prompt, enter the
delete startup configuration
command to
delete the Startup Configuration from flash.
The device reboots with no configuration and in 60 seconds starts sending
BOOTP requests. The device receives the IP address automatically.
NOTE: When the device reboot begins, any input at the ASCII terminal or keyboard
automatically cancels the BOOTP process before completion and the device does
not receive an IP address from the BOOTP server.
The following example illustrates the process:
console> enable
console# delete startup-config
Startup file was deleted
console# reload
You haven’t saved your changes. Are you sure you want to
continue (Y/N) [N]?
This command will reset the whole system and disconnect
your current session. Do you want to continue (Y/N) [N]?
************************************************
/* the device reboots */
To display the IP address, enter the show ip interface command.
The device is now configured with an IP address.
70Dell PowerConnect 55xx Systems User Guide
Security Management and Password
Configuration
System security is handled through the Authentication, Authorization, and
Accounting (AAA) mechanism that manages user access rights, privileges,
and management methods. AAA uses both local and remote user databases.
Data encryption is handled through the SSH mechanism.
Passwords can be configured for the following services:
•Terminal
•Telnet
•SSH
•HTTP
•HTTPS
NOTE: When creating a user name, the default priority is 1, which provides access
but not configuration rights. A priority of 15 must be set to enable access and
configuration rights to the device. Although user names can be assigned privilege
level 15 without a password, it is recommended to always assign a password. If
there is no specified password, privileged users can access the Web interface with
any password.
NOTE: Passwords can be secured by using password management commands to
force aging out of passwords, or expiration of passwords. For more information, see
"Management Security" on page 254.
Initial Configuration and Password Recovery
The system is delivered without a default password, and all passwords must be
defined by the user. If a user-defined password is lost, a password recovery
procedure can be invoked from the Startup menu. This procedure is
applicable for the local terminal only and enables a single access to the device
from the local terminal with no password entered.
The full mode of password recovery mechanism can be enabled/disabled
through the CLI (service password-recovery command).
This affects password recovery in the following way:
•
Enabled:
access to the device without a password is enabled and all configuration
and user files are retained.
When the password-recovery mechanism is invoked, one-time
Dell PowerConnect 55xx Systems User Guide71
•
Disabled:
When the password-recovery mechanism is invoked, one-time
access to the device without a password is stilled enabled, however all
configuration files (startup and backups) are removed and the following
log message is generated to the terminal after boot process completed: “All
configuration and user files were removed”
Configuring an Initial Terminal Password
To configure an initial terminal password, enter the following commands:
NOTE: HTTP and HTTPS services require privilege level 15 access and connect
directly to the configuration level access.
Dell PowerConnect 55xx Systems User Guide73
Configuring Login Banners
Banners can be defined for each line, such as console and telnet) or for all
lines. They are disabled by default.
The following types of banners can be defined:
•
Message-of-the-Day Banner (motd)
to the device, before login. The following defines a message-of-the-day for
the console:
console# configure
console(config)# line console
console(config-line)# motd-banner
console(config-line)# exit
console (config)# banner motd *
Welcome*
console# do show banner motd
Welcome
Would you like to enable this banner to all lines?
(Y/N)[Y] Y
console(config)#
— Displayed when the user connects
74Dell PowerConnect 55xx Systems User Guide
•
Login Banner — Displayed after the Message-of-the-Day Banner, and
before the user has logged in. The following defines a login banner for the
console:
console# configure
console(config)# line console
console(config-line)# login-banner
console(config-line)# exit
console (config)# banner login *
Please log in*
console# do show banner login
Would you like to enable this banner to all lines?
(Y/N)[Y] Y
Please log in
Exec Banner — Displayed after successful login (in all privileged levels
•
and in all authentication methods). The following defines an exec banner
for the console:
console# configure
console(config)# line console
console(config-line)# exec-banner
console(config-line)# exit
console (config)# banner exec *
Successfully logged in*
Would you like to enable this banner to all lines?
(Y/N)[Y] Y
console# do show banner exec
Successfully logged in
Dell PowerConnect 55xx Systems User Guide75
Startup Menu Procedures
The Startup menu enables performing various tasks, such as software
download, flash handling and password recovery.
You can enter the Startup menu when booting the device. User input must be
entered immediately after the POST test.
To enter the Startup menu:
•Turn the power on. After the auto-boot messages appear, the following
menu is displayed:
Startup Menu
[1]Download Software
[2]Erase Flash File
[3]Password Recovery Procedure
[4]Set Terminal Baud-Rate
[5]Stack menu
[6]Back
The following sections describe the available Startup menu options.
NOTE: When selecting an option from the Startup menu, take time-out into
account. If no selection is made within 10 seconds (default), the device times out.
This default value can be changed through the CLI.
Download Software - Option[1]
The software download procedure is used to replace corrupted files or
upgrade system software, when the device does not have IP connectivity or
when both software images of the device are corrupted and therefore you
cannot use the web-based management system.
NOTE: it is highly recommended that, before loading via xmodem, the baud rate of
the device and terminal be set to 115200.
76Dell PowerConnect 55xx Systems User Guide
To download software through the Startup menu:
1
From the Startup menu,
Downloading code using XMODEM
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
2
When using the HyperTerminal, click
Menu Bar and select
3
In the
Filename
4
Ensure that the Xmodem protocol is selected in the
5
Press
Send
NOTE: After software download, the device reboots automatically.
field, enter the file path for the file to be downloaded.
. The software is downloaded.
press [1]
Send File
. The following prompt is displayed:
Tr an sf e r
on the HyperTerminal
.
Protocol
field.
Erase FLASH File - Option[2]
In some cases, the device Startup Configuration file must be erased. If the
configuration is erased, all parameters configured via CLI, web-management
or SNMP must be reconfigured.
To erase the device configuration in the Startup Configuration file:
1
From the Startup menu,
displayed:
Warning! About to erase a Flash file.
Are you sure (Y/N)?
2
Press Y. The following message is displayed.
Write Flash file name (Up to 8 characters, Enter for
none.):
3
Enter
config
("config" is the standard name for the Startup configuration
file although you can use any name).
The following is displayed:
select [2]
. The following message is
File config (if present) will be erased after system
initialization
======== Press Enter To Continue ========
Dell PowerConnect 55xx Systems User Guide77
The configuration is erased when the system is reset.
Password Recovery - Option[3]
If a password is lost, the Password Recovery procedure can be called from the
Startup menu. The procedure enables entry to the device a single time
without entering a password.
To recover a lost password when entering the local terminal only:
1
From the
2
Continue the regular startup by logging in without a password.
3
Enter a new password or press 'ESC' to exit.
NOTE: To ensure device security, reconfigure passwords for applicable
management methods.
Startup
menu, select
[3]
.
Set Terminal Baud-Rate - Option[4]
To set the terminal baud-rate:
1
Ty p e
[4]
and press
2 Enter the new baud rate. The following is displayed:
Set new device baud-rate: 38,400
Note that after this step, your terminal will no longer respond. Adjust your
terminal speed to the configured one.
<Enter>
.
Stack Menu - Option[5]
To configure the stack, type [5]and press <Enter>.
For more information, see "Assigning Unit IDs" on page 48.
78Dell PowerConnect 55xx Systems User Guide
Software Download
This section contains instructions for downloading device software (system
and boot images) through a TFTP server or USB port. The TFTP server must
be configured before downloading the software.
Software Auto Synch in Stack
When several units are stacked, they must all run the same software version.
When a new slave device is inserted into the stack, it is first checked for
compatibility (meaning that the master can run firmware upgrade/downgrade
to the slave unit), and if found compatible, its boot and image software
versions are automatically updated with the Master’s. If the slave is found not
compatible, it is shutdown.
A SYSLOG message is sent when a master synchronizes a slave's software.
System Image Download
When the device boots, it decompresses the system image from the flash
memory area and runs it. When a new image is downloaded, it is saved in the
other area allocated for the other system image copy.
On the next boot, the device decompresses and runs the image from the
currently active system image.
A system image can be downloaded through a USB port or a TFTP server.
To download the system image from a TFTP server, ensure that an IP address
is configured on one of the device ports and pings can be sent to the TFTP
server. In addition, ensure that the file to be downloaded is saved on the
TFTP server.
To download a system image through the USB port or TFTP server:
1
Enter the
currently running on the device. The following is an example of the
information that appears:
When the new image is downloaded, it is saved in the area allocated for
the other copy of system image (image-2, as shown in the example). The
following is an example of the information that appears:
console# copytftp://176.215.31.3/file1.ros image
Accessing file ‘file1’ on 176.215.31.3Ö
Loading file1 from 176.215.31.3:
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
Copy took 00:01:11 [hh:mm:ss]
Exclamation symbols indicate that a copying process is in progress. Each
symbol (!) corresponds to 512 bytes transferred successfully. A period
indicates that the copying process is timed out. Many periods in a row
indicate that the copying process failed.
80Dell PowerConnect 55xx Systems User Guide
5
Select the image for the next boot by entering the
After this command, enter the
copy indicated as a parameter in the
show bootvar
boot system
boot system
command.
command to verify that the
command is selected for
the next boot.
The following is an example of the information that appears:
console# boot system image-2
console# show bootvar
Images currently available on the Flash
Image-1 active
Image-2 not active (selected for next boot)
If the image for the next boot is not selected by entering the boot system
command, the system boots from the currently active image.
6
Enter the reload command. The following message is displayed:
console# reload
This command will reset the whole system and
disconnect your current session. Do you want to
continue (y/n) [n]?
7
Enter Y. The device reboots.
Boot Image Download
Loading a new boot image from the TFTP server or USB port, updates the
boot image. The boot image is loaded when the device is powered on. A user
has no control over the boot image copies.
To download a boot image through the TFTP server:
Dell PowerConnect 55xx Systems User Guide81
1
Enter the
show version
command to verify which software version is
currently running on the device. The following is an example of the
information that appears:
console# show version
Unit SW version Boot version HW version
tftp://50.1.1.7/contax-10014.ros destination URL flash://image
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
01-Sep-2010 11:57:38 %INIT-I-Startup: Cold Startup
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
01-Sep-2010 11:59:05 %COPY-N-: The copy operation was completed
successfully!
Copy: 5954757 bytes copied in 00:01:30 [hh:mm:ss]
3
Enter the reload command. The following message is displayed:
console# reload
This command will reset the whole system and
disconnect your current session. Do you want to
continue (Y/N) [N]?
4
Enter Y. The device reboots.
82Dell PowerConnect 55xx Systems User Guide
Using Dell OpenManage
Administrator
This section provides an introduction to the Dell OpenManage Switch
Administrator user interface.
It contains the following topics:
•Starting the Application
•Understanding the Interface
•Using the Switch Administrator Buttons
•Field Definitions
•Common GUI Features
•CLI Commands
7
Dell PowerConnect 55xx Systems User Guide83
Starting the Application
NOTE: Before starting the application the IP address must be defined. For more
information, see "Accessing the Device Through the CLI" on page 67.
1
Open a web browser.
2
Enter the device’s IP address in the address bar and press
3
When the
NOTE: Passwords are both case sensitive and alpha-numeric.
4
Click OK.
The
Log In
window displays, enter a user name and password.
Dell OpenManage Switch Administrator
home page displays.
<Enter>
Understanding the Interface
The home page contains the following views:
•
Tree view
provides an expandable view of the features and their components. The
branches in the tree view can be expanded to view all the components
under a specific feature, or retracted to hide the feature's components. By
dragging the vertical bar to the right, the tree area can be expanded to
display the full name of a component.
Device View
•
view provides information about device ports, current configuration and
status, table information, and feature components. For further
information, see "Device Representation" on page 85
Components List
•
contains a list of the feature components. When a feature is expanded, the
GUI page for that feature is displayed.
•
Information Buttons
access to information about the device and access to Dell Support. For
more information, see "Information Buttons" on page 87.
— Located on the left side of the home page, the tree view
— Located in on the top center of the home page, the device
— Located in the bottom center of the home page,
— Located at the top of the home page, provide
.
84Dell PowerConnect 55xx Systems User Guide
Device Representation
Stacking Unit ID
Giga Ports (odd numbered)
Giga Ports (even numbered)
The home page contains a graphical representation of the units in the stack’s
front panels. Figure 9-1 displays the 5548 model, but the display for the other
models are similar.
Figure 7-1. PowerConnect Device Port Indicators
The graphic display on the home page displays the Unit ID and port
indicators that specify whether a specific port is currently active. Table 9-1
describes the port colors that are displayed and their meaning:
Table 7-1. Port Colors
Component Description
AmberThe port is currently connected at 100 Mbps.
GreenThe port is currently connected at 1000 Mbps
GreyThe port is currently disconnected
NOTE: For more information about LEDs, see "LED Definitions" on page 38.
To configure a port double-click on its icon.
Only ports that are physically present are displayed in the PowerConnect
OpenManage Switch Administrator home page, and can be configured
through the web management system. Non-present ports can be configured
through the CLI or SNMP interfaces.
Port Representation
Ports are referred to in the notation: [gi/te]x/0/z, where:
Dell PowerConnect 55xx Systems User Guide85
•gi—Giga port
•te —Ten Giga port
•x — Unit ID
•z — Port number
86Dell PowerConnect 55xx Systems User Guide
Using the Switch Administrator Buttons
This section describes the buttons found on the OpenManage Switch
Administrator interface.
Information Buttons
Table 9-2 describes the information buttons that provide access to online
support and online help, as well as information about the OpenManage
Switch Administrator interfaces. These are displayed at the top of each page.
Table 7-2. Information Buttons
Button Description
SupportOpens the Dell Support page at support.dell.com
AboutContains the version and build number and Dell copyright
information.
LogoutOpens the Log Out window.
Device Management Icons
Table 9-3 describes the device management buttons.
Table 7-3. Device Management Icons
ButtonIconDescription
Apply&SaveSaves changes to the Running and Startup Configuration
files.
HelpOpen online help. The online help pages are
context-sensitive. For example, if the IP Addressing page is
open, the help topic for that page is displayed when Help is
clicked.
PrintPrints the Network Management System page and/or table
information.
Dell PowerConnect 55xx Systems User Guide87
Table 7-3. Device Management Icons (Continued)
RefreshRefreshes device information from the Running
Configuration file.
88Dell PowerConnect 55xx Systems User Guide
Field Definitions
Fields that are user-defined can contain between 1–159 characters, unless
otherwise noted on the OpenManage Switch Administrator web page. All
letters or characters can be used, except the following: "\ / : * ? < >"
Common GUI Features
Table 9-4 describes the common functions that can be performed on many
GUI pages.
Table 7-4. Common GUI Elements
ButtonDescription
ApplySave changes entered in GUI page to the Running
Configuration file.
BackGo to previous page.
CancelCancel changes entered in GUI page.
Clear All CountersDelete counters.
Clear CountersDelete selected counters.
Clear LogDelete entries from log.
Clear StatisticsDelete statistics.
Copy parameters
from
Copy parameters
from port
DetailsShows further details relevant to the current page.
NextGo to next page.
QueryRun a query after query criteria have been entered.
RemoveRemove checked elements in the page. If Select All is
Reset All CountersDelete all counters.
Restore Defaults Restores parameters entered in page to default values.
Copy the parameters from a selected row to the selected
target rows.
Copy the parameters from a selected port to the selected
target ports.
selected, all elements are removed.
Dell PowerConnect 55xx Systems User Guide89
Table 7-4. Common GUI Elements (Continued)
ButtonDescription
Te ln e tOpens a Telnet window. This only works in the Explorer 6 and
Firefox browsers.
GUI Terms
Each GUI page in the tree view is described in the following sections. A brief
introduction is provided along with steps specifying how to enter information
in the page. The following terms are used:
•
Enter
— Indicates that information may be entered in the field. It does
not imply that the field is mandatory.
•
Select
—Indicates that information may be selected from a drop-down list
or from radio buttons.
•
Displays
—Indicates that the field is display only.
CLI Commands
There are certain command entry conventions that apply to all commands.
The following table describes these conventions.
Table 7-5. Common GUI Elements
ButtonDescription
[ ]In a command line, square brackets indicate an optional
entry..
{ }In a command line, curly brackets indicate a selection of
compulsory parameters separated by the | character. One
option must be selected. For example: flowcontrol
{auto|on|off} means that for the flowcontrol command
either auto, on, or off must be selected.
Italic Font
Bold Italic Font
<button-name>Any individual key on the keyboard. For example click
Indicates a parameter value.
Indicates a parameter key word.
<Enter>.
90Dell PowerConnect 55xx Systems User Guide
ButtonDescription
Ctrl+F4Any combination of keys clicked simultaneously, for example:
Ctrl and F4.
Screen DisplayIndicates system messages and prompts appearing on the
console.
all
When a parameter is required to define a range of ports or
parameters and all is an option, the default for the command
is all when no parameters are defined. For example, the
command interface range port-channel has the option of
either entering a range of channels, or selecting all. When the
command is entered without a parameter, it automatically
defaults to all.
Dell PowerConnect 55xx Systems User Guide91
8
Network Security
This section describes the various mechanisms for providing security on the
switch.
It contains the following topics:
•Port Security
•ACLs
•ACL Binding
•Proprietary Protocol Filtering
•Absolute Time Range
•Time Range Recurrence
•Dot1x Authentication
92Dell PowerConnect 55xx Systems User Guide
Port Security
Network security can be enhanced by limiting access on a port to users with
specific MAC addresses. The MAC addresses can be dynamically learned, or
they can be statically configured.
Port security has the following modes:
•
Classic Lock
packets that are received on specific ports. Access to the locked port is
limited to users with specific MAC addresses. These addresses are either
manually defined on the port, or learned on that port before it was locked.
Limited Dynamic Lock
•
and the packet’s source MAC address is not tied to that port (either it was
learned on a different port, or it is unknown to the system), a protection
mechanism, which provides various options is invoked. Unauthorized
packets arriving to a locked port are either:
–Forwarded
–Discarded with no trap
–Discarded with a trap
–The port is shutdown
Locked port security enables storing a list of MAC addresses in the
configuration file. The MAC addresses are restored when the device is reset.
Disabled ports can be activated from the Port Configuration page.
— Locked port security monitors both received and learned
— When a packet is received on a locked port,
Dell PowerConnect 55xx Systems User Guide93
To configure port security:
1
Click
Switching
Security: Summary
Figure 8-1. Port Security: Summary
>
Network Security > Port Security
page.
to display the
Security parameters are displayed for all ports or LAGs, depending on the
selected interface type.
Port
2
To modify the security parameters for a port, select it, and click
3
Enter the following fields:
–
Interface
–
Current Port Status
–
Set Port
–
Learning Mode
is enabled only if
— Select the interface to be configured.
— Displays the current port status.
— Select to either lock or unlock the port.
— Set the locked port type. The
Locked
is selected in the
Set Port
options are:
•
Classic Lock
— Locks the port using the classic lock mechanism.
The port is immediately locked, regardless of the number of
addresses that have already been learned.
94Dell PowerConnect 55xx Systems User Guide
Edit
Learning Mode
field. The possible
.
field
•
Limited Dynamic Lock
— Locks the port by deleting the
dynamic MAC addresses associated with the port. The port learns
up to the maximum addresses allowed on the port. Both
relearning and aging MAC addresses are enabled.
Max Entries (0-128)
–
addresses that can be learned on the port. The
enabled only if
Limited Dynamic Lock
–
Action on Violation
— Enter the maximum number of MAC
Max Entries
Locked
is selected in the
Set Port
mode is selected in
field, and the
Learning Mode
— Select the action to be applied to packets
field is
field.
arriving on a locked port. The possible options are:
•
•
Discard
Forward
— Discard the packets from any unlearned source.
— Forward the packets from an unknown source,
without learning the MAC address.
•
Shutdown
— Discard the packet from any unlearned source, and
shut down the port. Ports remain shutdown until they are
reactivated, or the device is reset.
–
Tr ap
— Enable/disable traps being sent when a packet is received on a
locked port.
–
Trap Frequency (1-1000000)
— Enter the amount of time (in
seconds) between traps.
Configuring Port Security Using CLI Commands
The following table summarizes the CLI commands for configuring port
security.
This section describes Access Control Lists (ACLs), which enable defining
classification actions and rules for specific ingress or egress ports.
It contains the following topics:
•ACL Overview
•MAC-Based ACLs
•MAC-Based ACEs
•IPv4-Based ACLs
•IPv4-Based ACEs
•IPv6-Based ACLs
•IPv6-Based ACEs
ACL Overview
Access Control Lists (ACLs) enable network managers to define classification
actions and rules for specific ingress or egress ports. Packets entering an
ingress or egress port, with an active ACL, are either admitted or denied entry.
If entry is denied, the ingress or egress port may be disabled, for example, a
network administrator defines an ACL rule that states that port number 20
can receive TCP packets, however, if a UDP packet is received, the packet is
dropped.
ACLs are composed of Access Control Entries (ACEs) that are rules that
determine traffic classifications. Each ACE is a single rule, and up to 256
rules may be defined on each ACL, and up to 3000 rules globally.
Rules are not only used for user configuration purposes, they are also used for
features like DHCP Snooping, Protocol Group VLAN and iSCSI, so that not
all 3000 rules are available for ACEs. It is expected that there will be at least
2000 rules available. If there are fewer rules available, this may be due to
DHCP Snooping or iSCSI optimization. Reduce the number of entries in
DHCP Snooping or reduce the max number of TCP connections in the iSCSI
configuration in order to free rules for ACEs.
The following types of ACLs can be defined:
•
MAC-based ACL
•
IPv4-based ACL
— Examines Layer 2 fields only
—Examines the Layer 3 layer of IPv4 frames
98Dell PowerConnect 55xx Systems User Guide
•
IPv6-based ACL
—Examines the Layer 3 layer of IPv6 frames
MAC-Based ACLs
To define a MAC-based ACL:
1
Click
Switching
MAC Based ACL: Summary
Figure 8-2. MAC Based ACL: Summary
>
Network Security > MAC Based ACL
to display the
page.
The currently-defined MAC-based ACLs are displayed.
2
To add a new ACL, click
Add ACL
Dell PowerConnect 55xx Systems User Guide99
, and enter the name of the new ACL.
Configuring MAC-Based ACLs Using CLI Commands
The following table summarizes the CLI commands for configuring
MAC-based ACLs.
Table 8-2. MAC Based ACL CLI Commands
CLI CommandDescription
mac access-list extended aclname
no mac access-list extended aclname
show interfaces access-listsDisplays access lists applied on
Defines an ACL and places the device
in MAC-extended ACL configuration
mode.
Use the no form of this command to
remove the ACL.
interfaces.
The following is an example of some of the CLI commands:
console# show access-lists
Extended IP access list ACL1
permit 234 172.30.40.1 0.0.0.0 any
permit 234 172.30.8.8 0.0.0.0 any
100Dell PowerConnect 55xx Systems User Guide
Loading...
+ hidden pages
You need points to download manuals.
1 point = 1 manual.
You can buy points or you can get point for every manual you upload.