Dell PowerConnect 5548p User Manual
Dell PowerConnect
5500 Series
System User Guide
Regulatory Models: PowerConnect 5524, 5524P, 5548, 5548P
Notes, Cautions, and Warnings
NOTE: A NOTE indicates important information that helps you
make better use of your system.
CAUTION: A CAUTION indicates potential damage to
hardware or loss of data if instructions are not followed.
WARNING: A WARNING indicates a potential for property
damage, personal injury, or death.
____________________
Information in this document is subject to change without notice.
© 2012 Dell Inc. All rights reserved.
Reproduction of these materials in any manner whatsoever without the written
permission of Dell Inc. is strictly forbidden.
Trademarks used in this text: Dell™, the DELL logo, and PowerConn ect™ are
trademarks of Dell Inc.; Intel®, Pentium®, and Celeron® are registered
trademarks of Intel Corporation in the U.S. and other countries; Microsoft® and
Windows® are either trademarks or registered trademarks of Microsoft
Corporation in the United States and/or other countries.
Other trademarks and trade names may be used in this document to refer to either
the entities claiming the marks and names or their products. Dell Inc. disclaims
any proprietary interest in trademarks and trade names other than its own.
Regulatory Models PC5524, PC5524P, PC5548 and PC5548P
May 2012 A05
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Maintenance
Projects\Dell Contax\Dell_ContaxUG_PrintTOC.fm
Table of Contents
1 Preface . . . . . . . . . . . . . . . . . . . . . . . . . . 13
2 Features. . . . . . . . . . . . . . . . . . . . . . . . . . 14
IP Version 6 (IPv6) Support . . . . . . . . . . . . . . . 15
Stack Support
Power over Ethernet
. . . . . . . . . . . . . . . . . . . . . . 15
. . . . . . . . . . . . . . . . . . . 15
Green Ethernet . . . . . . . . . . . . . . . . . . . . . . 16
Head of Line Blocking Prevention
Flow Control Support (IEEE 802.3X)
. . . . . . . . . . . . 16
. . . . . . . . . . . 16
Back Pressure Support . . . . . . . . . . . . . . . . . 16
Virtual Cable Testing (VCT)
Auto-Negotiation
. . . . . . . . . . . . . . . . . . . . 17
. . . . . . . . . . . . . . . 17
MDI/MDIX Support. . . . . . . . . . . . . . . . . . . . 17
MAC Address Supported Features
Layer 2 Features
. . . . . . . . . . . . . . . . . . . . . 19
. . . . . . . . . . . 17
IGMP Snooping . . . . . . . . . . . . . . . . . . . . . 19
Port Mirroring
Broadcast Storm Control
. . . . . . . . . . . . . . . . . . . . . . 19
. . . . . . . . . . . . . . . . 19
VLAN Supported Features . . . . . . . . . . . . . . . . 20
Contents
3
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Maintenance
Projects\Dell Contax\Dell_ContaxUG_PrintTOC.fm
Spanning Tree Protocol Features . . . . . . . . . . . . 21
Link Aggregation
. . . . . . . . . . . . . . . . . . . . . 23
Quality of Service Features . . . . . . . . . . . . . . . 23
Device Management Features
Security Features
. . . . . . . . . . . . . . . . . . . . 28
. . . . . . . . . . . . . . 24
Port Profile (CLI Macro) . . . . . . . . . . . . . . . . . 30
DHCP Server
Protected Ports
. . . . . . . . . . . . . . . . . . . . . . . 31
. . . . . . . . . . . . . . . . . . . . . . 31
iSCSI Optimization . . . . . . . . . . . . . . . . . . . . 31
Proprietary Protocol Filtering
. . . . . . . . . . . . . . 31
3 Hardware Description . . . . . . . . . . . . . . 33
Device Models . . . . . . . . . . . . . . . . . . . . . . 34
Device Structure . . . . . . . . . . . . . . . . . . . . . 34
LED Definitions
. . . . . . . . . . . . . . . . . . . . . . 38
4 Stacking Overview. . . . . . . . . . . . . . . . . 43
4 Contents
Power Supplies
. . . . . . . . . . . . . . . . . . . . . 42
Stack Overview . . . . . . . . . . . . . . . . . . . . . 44
Stack Members and Unit IDs
. . . . . . . . . . . . . . 47
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Maintenance
Projects\Dell Contax\Dell_ContaxUG_PrintTOC.fm
5 Configuring the Switch . . . . . . . . . . . . . . 54
Configuration Work Flow . . . . . . . . . . . . . . . . 55
Connecting the Switch to the Terminal . . . . . . . . . 56
Booting the Switch
Configuring the Stack
. . . . . . . . . . . . . . . . . . . 57
. . . . . . . . . . . . . . . . . . 58
Configuration Using the Setup Wizard . . . . . . . . . 58
6 Advanced Switch Configuration . . . . . . . 63
Using the CLI . . . . . . . . . . . . . . . . . . . . . . . 64
Accessing the Device Through the CLI
. . . . . . . . . 67
Retrieving an IP Address . . . . . . . . . . . . . . . . 68
Security Management and Password Configuration
Configuring Login Banners
. . . . . . . . . . . . . . . 74
. . 71
Startup Menu Procedures . . . . . . . . . . . . . . . . 76
Software Download
. . . . . . . . . . . . . . . . . . . 79
7 Using Dell OpenManage Administrator. . 83
Starting the Application . . . . . . . . . . . . . . . . . 84
Understanding the Interface. . . . . . . . . . . . . . . 84
Using the Switch Administrator Buttons
Field Definitions
. . . . . . . . . . . . . . . . . . . . . 89
. . . . . . . . 87
Common GUI Features . . . . . . . . . . . . . . . . . . 89
Contents
5
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Maintenance
Projects\Dell Contax\Dell_ContaxUG_PrintTOC.fm
GUI Terms. . . . . . . . . . . . . . . . . . . . . . . . . 90
CLI Commands
. . . . . . . . . . . . . . . . . . . . . . 90
8 Network Security. . . . . . . . . . . . . . . . . . 92
Port Security . . . . . . . . . . . . . . . . . . . . . . . 93
. . . . . . . . . . . . . . . . . . . . . . . . . . . 98
ACLs
ACL Binding
. . . . . . . . . . . . . . . . . . . . . . 118
Proprietary Protocol Filtering . . . . . . . . . . . . . 120
Time Range
Dot1x Authentication
. . . . . . . . . . . . . . . . . . . . . . . 122
. . . . . . . . . . . . . . . . . . 127
9 Configuring System Information . . . . . . 150
General Switch Information . . . . . . . . . . . . . . 151
Time Synchronization
. . . . . . . . . . . . . . . . . . . . . . . . . . . 188
Logs
. . . . . . . . . . . . . . . . . 162
6 Contents
IP Addressing . . . . . . . . . . . . . . . . . . . . . 202
Diagnostics
Management Security
. . . . . . . . . . . . . . . . . . . . . . . 248
. . . . . . . . . . . . . . . . . 254
DHCP Server . . . . . . . . . . . . . . . . . . . . . . 290
. . . . . . . . . . . . . . . . . . . . . . . . . . 307
SNMP
File Management
. . . . . . . . . . . . . . . . . . . . 330
Stack Management . . . . . . . . . . . . . . . . . . 361
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Maintenance
Projects\Dell Contax\Dell_ContaxUG_PrintTOC.fm
sFlow . . . . . . . . . . . . . . . . . . . . . . . . . . 369
10 Ports . . . . . . . . . . . . . . . . . . . . . . . . . . . 378
Overview . . . . . . . . . . . . . . . . . . . . . . . . . 379
Jumbo Frames . . . . . . . . . . . . . . . . . . . . . . 382
Green Ethernet Configuration
Protected Ports
. . . . . . . . . . . . . . . . . . . . . 388
. . . . . . . . . . . . . . 384
Port Profile . . . . . . . . . . . . . . . . . . . . . . . . 391
Port Configuration
LAG Configuration
. . . . . . . . . . . . . . . . . . . . 397
. . . . . . . . . . . . . . . . . . . . 403
Storm Control . . . . . . . . . . . . . . . . . . . . . . 408
Port Mirroring
. . . . . . . . . . . . . . . . . . . . . . 411
11 Address Tables . . . . . . . . . . . . . . . . . . . 416
Overview . . . . . . . . . . . . . . . . . . . . . . . . . 417
Static Addresses. . . . . . . . . . . . . . . . . . . . . 418
Dynamic Addresses
. . . . . . . . . . . . . . . . . . . 421
12 GARP . . . . . . . . . . . . . . . . . . . . . . . . . . . 424
GARP Overview . . . . . . . . . . . . . . . . . . . . . 425
GARP Timers . . . . . . . . . . . . . . . . . . . . . . . 426
Contents
7
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Maintenance
Projects\Dell Contax\Dell_ContaxUG_PrintTOC.fm
13 Spanning Tree . . . . . . . . . . . . . . . . . . . . 428
Spanning Tree Protocol Overview . . . . . . . . . . . 429
Global Settings. . . . . . . . . . . . . . . . . . . . . 431
STP Port Settings
STP LAG Settings
. . . . . . . . . . . . . . . . . . . . 436
. . . . . . . . . . . . . . . . . . . . 441
Rapid Spanning Tree . . . . . . . . . . . . . . . . . . 444
Multiple Spanning Tree
. . . . . . . . . . . . . . . . 448
14 VLANs . . . . . . . . . . . . . . . . . . . . . . . . . . 459
Virtual LAN Overview . . . . . . . . . . . . . . . . . 460
VLAN Membership . . . . . . . . . . . . . . . . . . . 465
Port Settings
LAGs Settings
Protocol Groups . . . . . . . . . . . . . . . . . . . . 477
Protocol Port
GVRP Parameters
Private VLAN . . . . . . . . . . . . . . . . . . . . . . 487
. . . . . . . . . . . . . . . . . . . . . . 468
. . . . . . . . . . . . . . . . . . . . . 474
. . . . . . . . . . . . . . . . . . . . . . 481
. . . . . . . . . . . . . . . . . . . 483
15 Link Aggregation . . . . . . . . . . . . . . . . . . 500
8 Contents
Voice VLAN
. . . . . . . . . . . . . . . . . . . . . . . 491
Link Aggregation Overview . . . . . . . . . . . . . . 501
LACP Parameters. . . . . . . . . . . . . . . . . . . . 503
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Maintenance
Projects\Dell Contax\Dell_ContaxUG_PrintTOC.fm
LAG Membership . . . . . . . . . . . . . . . . . . . . 506
16 Multicast . . . . . . . . . . . . . . . . . . . . . . . . 508
Multicast Support Overview. . . . . . . . . . . . . . . 509
Global Parameters . . . . . . . . . . . . . . . . . . . . 511
Bridge Multicast Groups
Bridge Multicast Forward All
. . . . . . . . . . . . . . . . 513
. . . . . . . . . . . . . . 517
IGMP Snooping . . . . . . . . . . . . . . . . . . . . . 519
Unregistered Multicast
Multicast TV VLAN
. . . . . . . . . . . . . . . . . 525
. . . . . . . . . . . . . . . . . . . . 527
17 LLDP . . . . . . . . . . . . . . . . . . . . . . . . . . . 531
LLDP Overview. . . . . . . . . . . . . . . . . . . . . . 532
LLDP Properties
LLDP Port Settings
MED Network Policy . . . . . . . . . . . . . . . . . . 540
LLDP MED Port Settings
Neighbors Information
. . . . . . . . . . . . . . . . . . . . . 533
. . . . . . . . . . . . . . . . . . . . 537
. . . . . . . . . . . . . . . . . 543
. . . . . . . . . . . . . . . . . . 548
18 Dynamic ARP Inspection . . . . . . . . . . . . 551
Dynamic ARP Inspection Overview . . . . . . . . . . . 552
Global Settings
. . . . . . . . . . . . . . . . . . . . . . 553
Contents
9
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Maintenance
Projects\Dell Contax\Dell_ContaxUG_PrintTOC.fm
Dynamic ARP Inspection List . . . . . . . . . . . . . 555
Dynamic ARP Inspection Entries
. . . . . . . . . . . 557
VLAN Settings . . . . . . . . . . . . . . . . . . . . . 559
Trusted Interfaces
. . . . . . . . . . . . . . . . . . . 561
19 DHCP Snooping . . . . . . . . . . . . . . . . . . . 563
DHCP Snooping . . . . . . . . . . . . . . . . . . . . 564
DHCP Relay. . . . . . . . . . . . . . . . . . . . . . . 577
20 iSCSI Optimization . . . . . . . . . . . . . . . . . 584
Optimizing iSCSI Overview . . . . . . . . . . . . . . 585
Global Parameters
iSCSI Targets . . . . . . . . . . . . . . . . . . . . . . 591
iSCSI Sessions
Configuring iSCSI Using CLI
. . . . . . . . . . . . . . . . . . . 588
. . . . . . . . . . . . . . . . . . . . . 593
. . . . . . . . . . . . . . 595
21 Statistics/RMON . . . . . . . . . . . . . . . . . . 596
10 Contents
Table Views . . . . . . . . . . . . . . . . . . . . . . 597
RMON Components
. . . . . . . . . . . . . . . . . . . . . . . . . . 633
Charts
. . . . . . . . . . . . . . . . . . 615
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Maintenance
Projects\Dell Contax\Dell_ContaxUG_PrintTOC.fm
22 Quality of Service . . . . . . . . . . . . . . . . . 640
QoS Features and Components . . . . . . . . . . . . . 641
General. . . . . . . . . . . . . . . . . . . . . . . . . . 643
QoS Basic Mode
QoS Advanced Mode
QoS Statistics . . . . . . . . . . . . . . . . . . . . . . 688
. . . . . . . . . . . . . . . . . . . . . 659
. . . . . . . . . . . . . . . . . . 668
Glossary . . . . . . . . . . . . . . . . . . . . . . . . . . . . 695
Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 710
Revision History . . . . . . . . . . . . . . . . . . . . . . 727
Contents
11
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Maintenance
Projects\Dell Contax\Dell_ContaxUG_PrintTOC.fm
12 Contents
1
Preface
PowerConnect 5524/5548 and PowerConnect 5524P/5548P are stackable,
advanced multi-layer devices.
This guide contains the information needed for installing, configuring, and
maintaining the device through the web-based management system, called
the OpenManage Switch Administrator.
This guide describes how to configure each system through the web-based
management system and through CLI commands.
The
CLI Reference Guide,
provides additional information about the CLI commands.
which is available on the Documentation CD,
Dell PowerConnect 55xx Systems User Guide 13
2
Features
This section describes the features of the PowerConnect 5524/P and 5548/P
switches.
For a complete list of all updated device features, see the latest software
version Release Notes.
This section contains the following topics:
• IP Version 6 (IPv6) Support
•Stack Support
• Power over Ethernet
• Green Ethernet
• Head of Line Blocking Prevention
• Flow Control Support (IEEE 802.3X)
•Back Pressure Support
• Virtual Cable Testing (VCT)
• Auto-Negotiation
• MDI/MDIX Support
• MAC Address Supported Features
• Layer 2 Features
• IGMP Snooping
• Port Mirroring
• Broadcast Storm Control
•VLAN Supported Features
• Spanning Tree Protocol Features
• Link Aggregation
• Quality of Service Features
• Quality of Service Features
• Device Management Features
Dell PowerConnect 55xx Systems User Guide 14
• Security Features
•DHCP Server
•Protected Ports
• iSCSI Optimization
• Proprietary Protocol Filtering
IP Version 6 (IPv6) Support
The device functions as an IPv6-compliant host, as well as an IPv4 host (also
known as dual stack). This enables device operation in a pure IPv6 network as
well as in a combined IPv4/IPv6 network.
For more information, see "IP Addressing" on page 202.
Stack Support
The system supports up to eight units with two fixed HDMI stacking ports.
The HDMI ports are 1.3a specification, Category 2 High Speed cables, 340
MHz (10.2 Gbit/s).
it is recommended to use HDMI cable version 1.4
The stacking feature supports the following features:
• Fast-link failover
• Software auto-synch.
• Improved response time to events, such as master failover
• Auto-numbering algorithm when choosing unit number
For more information, see "Stacking Overview" on page 43
Power over Ethernet
Power over Ethernet (PoE) provides power to devices over existing LAN
cabling, without updating or modifying the network infrastructure. When
PoE is used, the network devices do not have to be placed next to a power
source. PoE can be used in the following applications:
• IP Phones
• Wireless Access Points
Dell PowerConnect 55xx Systems User Guide 15
•IP Gateways
•PDAs
• Audio and video remote monitoring
For more information, see "Power over Ethernet" on page 157.
Green Ethernet
Green Ethernet, also known as Energy Efficient Ethernet (EEE), is an effort
to make networking equipment environmentally friendly, by reducing the
power usage of Ethernet connections.
The Short-Reach method, which reduces power over Ethernet cables shorter
than 40m, is supported by the device.
For more information, see "Green Ethernet Configuration" on page 384.
Head of Line Blocking Prevention
Head of Line (HOL) blocking results in traffic delays and frame loss caused
by traffic competing for the same egress port resources. To prevent HOL
blocking, the device queues packets, and packets at the head of the queue are
forwarded before packets at the end of the queue.
Flow Control Support (IEEE 802.3X)
Flow control enables lower-speed devices to communicate with higher-speed
devices, by requesting that the higher-speed device refrain from sending
packets. Transmissions are temporarily halted to prevent buffer overflows.
For more information, see "Flow Control" on page 380.
Back Pressure Support
On half-duplex links, the receiving port prevents buffer overflows by
occupying the link so that it is unavailable for additional traffic.
For more information, see "Protected Ports" on page 388.
16 Dell PowerConnect 55xx Systems User Guide
Virtual Cable Testing (VCT)
VCT detects and reports copper link cabling faults, such as open cables and
cable shorts.
For more information, see "Diagnostics" on page 248.
Auto-Negotiation
Auto-negotiation enables the device to advertise modes of operation. The
auto-negotiation function enables an exchange of information between two
devices that share a point-to-point link segment, and automatically
configures both devices to take maximum advantage of their transmission
capabilities.
The PowerConnect 5500 series enhances auto-negotiation by providing port
advertisement. Port advertisement enables the system administrator to
configure the port speeds that are advertised.
For more information, see "Port Configuration" on page 397 or "LAG
Configuration" on page 403.
MDI/MDIX Support
Standard wiring for end stations is known as Media-Dependent Interface
(MDI), and standard wiring for hubs and switches is known as Media-
Dependent Interface with Crossover (MDIX).
If auto-negotiation is enabled, the device automatically detects whether the
cable connected to an RJ-45 port is MDIX (crossed) or MDI (straight). This
enables both types to be used interchangeably.
If auto-negotiation is not enabled, only MDI (straight) cables can be used.
For more information, see "Port Configuration" on page 397 or "LAG
Configuration" on page 403.
MAC Address Supported Features
MAC Address Capacity Support
The device supports up to 16K MAC addresses and it reserves specific MAC
addresses for system use.
Dell PowerConnect 55xx Systems User Guide 17
Static MAC Entries
MAC entries can be manually entered in the Bridging Table, as an alternative
to learning them from incoming frames. These user-defined entries are not
subject to aging, and are preserved across resets and reboots.
For more information, see "Static Addresses" on page 418.
Self-Learning MAC Addresses
The device enables controlled MAC address learning from incoming packets.
The MAC addresses are stored in the Bridging Table.
For more information, see "Dynamic Addresses" on page 421.
Automatic Aging for MAC Addresses
MAC addresses from which no traffic is received for a given period, are aged
out. This prevents the Bridging Table from overflowing.
For more information, see "Dynamic Addresses" on page 421.
VLAN-Aware MAC-Based Switching
The device always performs VLAN-aware bridging. Classic bridging
(IEEE802.1D), in which frames are forwarded based only on their destination
MAC address, is not performed. However, a similar functionality can be
configured for untagged frames. Frames addressed to a destination MAC
address that is not associated with any port are flooded to all ports of the
relevant VLAN.
MAC Multicast Support
Multicast service is a limited Broadcast service that enables one-to-many and
many-to-many connections for information distribution. In Layer 2 Multicast
service, a single frame is addressed to a specific Multicast address, from which
copies of the frame are transmitted to the relevant ports. When Multicast
groups are statically enabled, you can set the destination port of registered
groups, as well as define the behavior of unregistered Multicast frames.
For more information, see "Multicast" on page 508.
18 Dell PowerConnect 55xx Systems User Guide
Layer 2 Features
IGMP Snooping
Internet Group Membership Protocol (IGMP) Snooping examines IGMP
frame contents, when they are forwarded by the device from work stations to
an upstream Multicast router. From the frame, the device identifies work
stations configured for Multicast sessions, and which Multicast routers are
sending Multicast frames. The IGMP Querier simulates the behavior of a
Multicast router. This enables snooping of the Layer 2 Multicast domain even
if there is no Multicast router.
For more information, see "IGMP Snooping" on page 519.
Port Mirroring
Port mirroring monitors network traffic by forwarding copies of incoming and
outgoing packets from a monitored port to a monitoring port. Users specify
which target port receives copies of all traffic passing through a specified
source port.
For more information, see "Port Mirroring" on page 411.
Broadcast Storm Control
Storm Control enables limiting the number of Multicast and Broadcast
frames accepted by and forwarded by the device.
When Layer 2 frames are forwarded, Broadcast and Multicast frames are
flooded to all ports on the relevant VLAN. This occupies bandwidth, and
loads all nodes connected on all ports.
For more information, see "Storm Control" on page 408.
Dell PowerConnect 55xx Systems User Guide 19
VLAN Supported Features
VLAN Support
VLANs are collections of switching ports that comprise a single Broadcast
domain. Packets are classified as belonging to a VLAN, based on either the
VLAN tag or on a combination of the ingress port and packet contents.
Packets sharing common attributes can be grouped in the same VLAN.
For more information, see "VLANs" on page 459.
Port-Based Virtual LANs (VLANs)
Port-based VLANs classify incoming packets to VLANs, based on their ingress
port.
For more information, see "Defining VLAN Membership Using CLI
Commands" on page 466.
Full 802.1Q VLAN Tagging Compliance
IEEE 802.1Q defines an architecture for virtual, bridged LANs, the services
provided in VLANs, and the protocols and algorithms involved in the
provision of these services.
For more information, see "Virtual LAN Overview" on page 460.
GVRP Support
GARP VLAN Registration Protocol (GVRP) provides IEEE 802.1Qcompliant VLAN pruning and dynamic VLAN creation on 802.1Q trunk
ports. When GVRP is enabled, the device registers and propagates VLAN
membership on all ports that are part of the active underlying Spanning Tree
Protocol topology.
For more information, see "GVRP Parameters" on page 483.
Voice VLAN
Voice VLAN enables network administrators to enhance VoIP service by
configuring ports to carry IP voice traffic from IP phones on a specific VLAN.
VoIP traffic has a preconfigured OUI prefix in the source MAC address.
Network administrators can configure VLANs from which voice IP traffic is
20 Dell PowerConnect 55xx Systems User Guide
forwarded. Non-VoIP traffic is dropped from the Voice VLAN in Auto-Voice
VLAN Secure mode. Voice VLAN also provides QoS to VoIP, ensuring that the
quality of voice does not deteriorate if the IP traffic is received unevenly.
For more information, see "Voice VLAN" on page 491.
Guest VLAN
Guest VLAN provides limited network access to unauthorized ports. If a port
is denied network access via port-based authorization, but the Guest VLAN is
enabled, the port receives limited network access through the Guest VLAN.
For more information, see "Dot1x Authentication" on page 127.
Private VLAN
The Private VLAN feature provides Layer 2 isolation between ports that share
the same Broadcast domain, or in other words, it creates a point-tomultipoint Broadcast domain. The ports can be located anywhere in the
Layer 2 network (compared to the Protected Ports feature, where the ports
must be in the same stack).
For more information, see "Private VLAN" on page 487.
Multicast TV VLAN
The Multicast TV VLAN feature provides the ability to supply multicast
transmissions to Layer 2-isolated subscribers, without replicating the
multicast transmissions for each subscriber VLAN. The subscribers are the
only receivers of the multicast transmissions.
For more information, see "Multicast TV VLAN" on page 527.
Spanning Tree Protocol Features
Spanning Tree Protocol (STP)
802.1d Spanning tree is a standard Layer 2 switch requirement that enables
bridges to automatically prevent and resolve Layer 2 forwarding loops.
Switches exchange configuration messages using specifically-formatted
frames, and selectively enable and disable forwarding on ports.
For more information, see "Spanning Tree" on page 428.
Dell PowerConnect 55xx Systems User Guide 21
Fast Link
STP can take 30–60 seconds to converge. During this time, STP detects
possible loops, enabling time for status changes to propagate and for relevant
devices to respond. This period of 30-60 seconds is considered too long a
response time for many applications. The Fast Link option bypasses this
delay, and can be used in network topologies, where forwarding loops do not
occur.
For more information on enabling Fast Link for ports and LAGs, see "STP
or
Port Settings" on page 436
"Static Addresses" on page 418.
IEEE 802.1w Rapid Spanning Tree
Spanning Tree takes 30–60 seconds for each host to decide whether its ports
are actively forwarding traffic. Rapid Spanning Tree (RSTP) detects uses of
network topologies to enable faster convergence, without creating forwarding
loops.
For more information, see "Spanning Tree" on page 428.
IEEE 802.1s Multiple Spanning Tree
Multiple Spanning Tree (MSTP) operation maps VLANs into STP instances.
MSTP provides a different load balancing scenario. Packets assigned to various
VLANs are transmitted along different paths within MSTP Regions (MST
Regions). Regions are one or more MSTP bridges by which frames can be
transmitted. The standard lets administrators assign VLAN traffic to
unique paths.
For more information, see "Spanning Tree" on page 428.
STP BPDU Guard
BPDU Guard is used as a security mechanism, to protect the network from
invalid configurations.
BPDU Guard is usually used either when fast link ports (ports connected to
clients) are enabled or when the STP feature is disabled. When it is enabled
on a port, the port is shut down if a BPDU message is received and an
appropriate SNMP trap is generated.
For more information, see "Spanning Tree" on page 428.
22 Dell PowerConnect 55xx Systems User Guide
Link Aggregation
Up to 32 Aggregated Links may be defined, each with up to eight member
ports, to form a single Link Aggregated Group (LAG). This enables:
• Fault tolerance protection from physical link disruption
• Higher bandwidth connections
• Improved bandwidth granularity
• High bandwidth server connectivity
A LAG is composed of ports with the same speed, set to full-duplex
operation.
For more information, see "LAG Configuration" on page 403.
Link Aggregation and LACP
LACP uses peer exchanges across links to determine, on an ongoing basis, the
aggregation capability of various links, and continuously provides the
maximum level of aggregation capability achievable between a given pair of
devices. LACP automatically determines, configures, binds, and monitors the
port binding within the system.
For more information, see "Link Aggregation" on page 500.
BootP and DHCP Clients
DHCP enables additional setup parameters to be received from a network
server upon system startup. DHCP service is an on-going process. DHCP is an
extension of BootP.
For more information, see "DHCP IPv4 Interface" on page 207.
Quality of Service Features
Class of Service 802.1p Support
The IEEE 802.1p signaling technique is an OSI Layer 2 standard for marking
and prioritizing network traffic at the data link/MAC sub-layer. 802.1p traffic
is classified and sent to the destination. No bandwidth reservations or limits
Dell PowerConnect 55xx Systems User Guide 23
are established or enforced. 802.1p is a spin-off of the 802.1Q (VLANs)
standard. 802.1p establishes eight levels of priority, similar to the IP
Precedence IP Header bit-field.
Advanced QoS
Frames that match an ACL and were permitted entrance are implicitly
labeled with the name of the ACL that permitted their entrance. Advanced
mode QoS actions defined in network policies can then be applied to these
flows.
The switch can set DSCP values and map IPv6 DSCP to egress queues in the
same way it does for IPv4. The switch detects IPv6 frames by the IPv6 ethertype.
For more information about Advanced QoS, see "QoS Advanced Mode" on
page 668.
TCP Congestion Avoidance
The TCP Congestion Avoidance feature activates an algorithm that breaks up
or prevents TCP global synchronization on a congested node, where the
congestion is due to multiple sources sending packets with the same byte
count.
For more information, see "The following is an example of the CLI
commands:" on page 656.
Device Management Features
SNMP Alarms and Trap Logs
The system logs events with severity codes and timestamps. Events are sent as
SNMP traps to a Trap Recipient List.
For more information, see "SNMP" on page 307
24 Dell PowerConnect 55xx Systems User Guide
.
SNMP Versions 1, 2, and 3
Simple Network Management Protocol (SNMP) over the UDP/IP protocol
controls access to the system. A list of community entries is defined, each
consisting of a community string and its access privileges. There are three
levels of SNMP security: read-only, read-write, and super. Only a super user
can access the Community table.
For more information, see "SNMP" on page 307.
Web-Based Management
Web-based management enables managing the system from any web browser.
The system contains an Embedded Web Server (EWS) that serves HTML
pages, through which the system can be monitored and configured. The
system internally converts web-based input into configuration commands,
MIB variable settings, and other management-related settings.
Management IP Address Conflict Notification
This feature validates the uniqueness of the switch's IP address, whether it is
assigned manually or through DHCP. If the IP address is not unique, the
switch performs actions according to the address type. If the IP address is
static, see more information about this in "IPv4 Interface Parameters" on
page 203. If the IP address is dynamic, see more information about this
in"DHCP IPv4 Interface" on page 207.
Flow Monitoring (sflow)
The switch supports statistics collection, using a sampling technology called
sFlow that is based on RFC 3176. The sFlow sampling technology is
embedded within the switch, and provides the ability to continuously
monitor traffic flows on some or all the interfaces simultaneously.
For more information, see "sFlow" on page 369.
Configuration File Download and Upload
The device configuration is stored in a configuration file. The configuration
file includes both system-wide and port-specific device configuration. The
system can display configuration files as a collection of CLI commands that
are stored and manipulated as text files.
Dell PowerConnect 55xx Systems User Guide 25
Auto-Update of Configuration/Image File
This feature facilitates installation of new devices. When you enable the
various auto-update options, the device automatically downloads a new
image or configuration file when it receives its IP address from a TFTP server,
and automatically reboots, using the image or configuration file it received.
For more information, see "Auto-Update/Configuration Feature" on page 331.
TFTP Trivial File Transfer Protocol
The device supports boot image, software, and configuration
upload/download via TFTP.
USB File Transfer Protocol
The device supports boot image, software, and configuration
upload/download via USB.
Remote Monitoring
Remote Monitoring (RMON) is an extension to SNMP that provides
comprehensive network traffic monitoring capabilities. RMON is a standard
MIB that defines MAC-layer statistics and control objects, enabling real-time
information to be captured across the entire network.
For more information, see "Statistics/RMON" on page 596.
Command Line Interface
Command Line Interface (CLI) syntax and semantics conform as much as
possible to common, industry standards. CLI is composed of mandatory and
optional elements. The CLI interpreter provides command and keyword
completion to assist users and save typing.
Syslog
Syslog is a protocol that enables event notifications to be sent to a set of
remote servers, where they can be stored, examined, and acted upon. The
system sends notifications of significant events in real time, and keeps a
record of these events for after-the-fact usage.
For more information on Syslog, see "Logs" on page 188.
26 Dell PowerConnect 55xx Systems User Guide
SNTP
The Simple Network Time Protocol (SNTP) assures accurate network
Ethernet Switch clock time synchronization up to the millisecond. Time
synchronization is performed by a network SNTP server. Time sources are
prioritized by strata. Strata define the distance from the reference clock. The
higher the stratum (where zero is the highest), the more accurate the clock.
For more information, see "Time Synchronization" on page 162.
Domain Name System
Domain Name System (DNS) converts user-defined domain names into IP
addresses. Each time a domain name is assigned, the DNS service translates
the name into a numeric IP address. For example, www.ipexample.com is
translated into 192.87.56.2. DNS servers maintain domain name databases
containing their corresponding IP addresses.
For more information, see "Domain Name System" on page 235.
802.1ab (LLDP-MED)
The Link Layer Discovery Protocol (LLDP) enables network managers to
troubleshoot, and enhances network management by discovering and
maintaining network topologies over multi-vendor environments. LLDP
discovers network neighbors by standardizing methods for network devices to
advertise themselves to other systems, and to store discovered information.
The multiple advertisement sets are sent in the packet Type Le n gt h Val u e
(TLV) field. LLDP devices must support chassis and port ID advertisement,
as well as system name, system ID, system description, and system capability
advertisements.
LLDP Media Endpoint Discovery
by enabling various IP systems to co-exist on a single network LLDP. It
provides detailed network topology information, emergency call service via IP
phone location information, and troubleshooting information.
For more information, see "LLDP" on page 531.
(LLDP-MED) increases network flexibility
Dell PowerConnect 55xx Systems User Guide 27
Security Features
SSL
Secure Socket Layer (SSL) is an application-level protocol that enables secure
transactions of data through privacy, authentication, and data integrity. It
relies upon certificates and public and private keys.
Port-Based Authentication (Dot1x)
Port-based authentication enables authenticating system users on a per-port
basis via an external server. Only authenticated and approved system users
can transmit and receive data. Ports are authenticated via the Remote
Authentication Dial-In User Service (RADIUS) server using the Extensible
Authentication Protocol (EAP). Dynamic VLAN Assignment (DVA) enables
network administrators to automatically assign users to VLANs during the
RADIUS server authentication.
For more information, see "Dot1x Authentication" on page 127.
Locked Port Support
Locked Port increases network security by limiting access on a specific port to
users with specific MAC addresses. These addresses are either manually
defined or learned on that port. When a frame is seen on a locked port, and
the frame source MAC address is not tied to that port, the protection
mechanism is invoked.
For more information, see "Port Security" on page 93.
RADIUS Client
RADIUS is a client/server-based protocol. A RADIUS server maintains a user
database that contains per-user authentication information, such as user
name, password, and accounting information.
RADIUS Accounting
This feature enables recording device management sessions (Telnet, serial,
and WEB but not SNMP) and/or 802.1x authentication sessions.
28 Dell PowerConnect 55xx Systems User Guide
Due to the complexity of 802.1x setup and configuration, many mistakes can
be made that might cause loss of connectivity or incorrect behavior. The
802.1x Monitor mode enables applying 802.1x functionality to the switch,
with all necessary RADIUS and/or domain servers active, without actually
taking any action that may cause unexpected behavior. In this way, the user
can test the 802.1x setup before actually applying it.
For more information, see "RADIUS" on page 284.
SSH
Secure Shell (SSH) is a protocol that provides a secure, remote connection to
a device. SSH version 2 is currently supported. The SSH server feature
enables an SSH client to establish a secure, encrypted connection with a
device. This connection provides functionality that is similar to an inbound
telnet connection. SSH uses RSA and DSA Public Key cryptography for
device connections and authentication.
For more information, see "Security Management and Password
Configuration" on page 71.
TACACS+
TACACS+ provides centralized security for validation of users accessing the
device. TACACS+ provides a centralized, user management system, while
still retaining consistency with RADIUS and other authentication processes.
For more information, see "TACACS+" on page 275.
Password Management
Password management provides increased network security and improved
password control. Passwords for SSH, Telnet, HTTP, HTTPS, and SNMP
access are assigned security features.
For more information, see "Password Management" on page 279.
The switch provides the ability to demand strong passwords, meaning that
they must contain both upper and lower-case letters, numbers, and
punctuation marks.
For more information, see "Password Management" on page 279.
Dell PowerConnect 55xx Systems User Guide 29
Access Control Lists (ACL)
Access Control Lists
actions and rules for specific ingress ports. Packets entering an ingress port
with an active ACL, are either admitted or denied entry and the ingress port is
disabled. If they are denied entry, the user can disable the port.
(ACL) enable network managers to define classification
Dynamic ACL/Dynamic Policy Assignment (DACL/DPA)
The network administrator can specify the user's ACL in the RADIUS server.
After successful authentication, the user is assigned that ACL.
For more information, see "Network Security" on page 92.
DHCP Snooping
DHCP Snooping expands network security by providing firewall security
between untrusted interfaces and DHCP servers. By enabling DHCP
Snooping, network administrators can differentiate between trusted
interfaces connected to end-users or DHCP servers and untrusted interfaces
located beyond the network firewall.
For more information, see "DHCP Snooping" on page 564.
ARP Inspection
Dynamic ARP inspection is a security feature that validates ARP packets in a
network. It intercepts, logs, and discards ARP packets with invalid IP-to-MAC
address bindings. This capability protects the network from certain man-inthe-middle attacks.
Port Profile (CLI Macro)
Macros provide a convenient way to save and share a common configuration.
A macro is a set of CLI commands with a unique name. When a macro is
applied to a port, the CLI commands contained within it are executed and
added to the Running Configuration file.
For more information, see "Dynamic ARP Inspection" on page 551.
30 Dell PowerConnect 55xx Systems User Guide