Dell PowerConnect 6248 Quick Reference Guide

Dell™ PowerConnect™ 6200 Series

Configuration Guide

Model: PC6224, PC6248, PC6224P, PC6248P, and PC6224F

www.dell.com | support.dell.com

Notes, Cautions, and Warnings

NOTE: A NOTE indicates important information that helps you make better use of your computer.

CAUTION: A CAUTION indicates potential damage to hardware or loss of data if instructions are not followed.

WARNING: A WARNING indicates a potential for property damage, personal injury, or death.

____________________

Reproduction of these materials in any manner whatsoever without the written permission of Dell Inc. is strictly forbidden.

Trademarks used in this text: Dell, the DELL logo, and PowerConnect are trademarks of Dell Inc. sFlow is a registered trademark of InMon Corporation. Cisco is a registered trademark of Cisco Systems, Inc. and/or its affiliates in the United States and certain other countries.

Other trademarks and trade names may be used in this document to refer to either the entities claiming the marks and names or their products. Dell Inc. disclaims any proprietary interest in trademarks and trade names other than its own.

Model: PC6224, PC6248, PC6224P, PC6248P, and PC6224F

April 2010 Rev. A04

1 About this Document . . . . . . . . . . . . . . . . . . . . . . . . . . . 9

Organization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9

Additional Documentation . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10

2 System Configuration. . . . . . . . . . . . . . . . . . . . . . . . . . . 11

Traceroute . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12

CLI Example . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12

Configuration Scripting

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13

Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13

Considerations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13

CLI Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14

Outbound Telnet . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16

Overview CLI Examples

Simple Network Time Protocol (SNTP)

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17

. . . . . . . . . . . . . . . . . . . . . 17

Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17

CLI Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20

Syslog

Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20

CLI Examples

Port Description

CLI Example

Storm Control

CLI Example

Cable Diagnostics

Copper Port Cable Test Fiber Port Cable Test

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25

. . . . . . . . . . . . . . . . . . . . . . . . . . . 25

. . . . . . . . . . . . . . . . . . . . . . . . . . . . 27

3 Switching Configuration. . . . . . . . . . . . . . . . . . . . . . . . . 29

Virtual LANs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29

VLAN Configuration Example . . . . . . . . . . . . . . . . . . . . . . . . 30

CLI Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31

Web Interface

IP Subnet and MAC-Based VLANs . . . . . . . . . . . . . . . . . . . . . 34

CLI Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34

Private Edge VLANs

CLI Example . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 36

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35

Voice VLAN

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37

Using Voice VLAN. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37

Interaction with LLDP-MED. . . . . . . . . . . . . . . . . . . . . . . . . 38

IGMP Snooping. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40

CLI Examples

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40

IGMP Snooping Querier . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 43

CLI Examples

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 43

Link Aggregation/Port Channels. . . . . . . . . . . . . . . . . . . . . . . . . 45

CLI Example Web Interface Configuration: LAGs/Port-channels

Port Mirroring

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 46

. . . . . . . . . . . . 48

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49

Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49

CLI Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49

Port Security

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 50

Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 50

Operation CLI Examples

Link Layer Discovery Protocol

CLI Examples

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 50

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51

. . . . . . . . . . . . . . . . . . . . . . . . . . 52

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 52

Denial of Service Attack Protection

Overview CLI Examples

DHCP Snooping

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 54

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 55

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 56

. . . . . . . . . . . . . . . . . . . . . . . 54

CLI Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 59

sFlow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 67

Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 67

sFlow Agents . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 68

CLI Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 69

4 Routing Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . 73

VLAN Routing. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 74

CLI Examples Using the Web Interface to Configure VLAN Routing

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 74

. . . . . . . . . . . 76

Virtual Router Redundancy Protocol

. . . . . . . . . . . . . . . . . . . . . . 77

CLI Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 77

Using the Web Interface to Configure VRRP . . . . . . . . . . . . . . . . 79

Proxy Address Resolution Protocol (ARP)

. . . . . . . . . . . . . . . . . . . . 80

Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 80

CLI Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 80

OSPF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 81

OSPF Concepts and Terms CLI Examples

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 83

Routing Information Protocol

. . . . . . . . . . . . . . . . . . . . . . . . . 81

. . . . . . . . . . . . . . . . . . . . . . . . . . 92

RIP Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 92

CLI Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 93

Using the Web Interface to Configure RIP . . . . . . . . . . . . . . . . . 94

Route Preferences . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 95

Assigning Administrative Preferences to Routing Protocols Using Equal Cost Multipath

Loopback Interfaces

IP Helper

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 100

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 99

. . . . . . . . . . . . . . . . . . . . . . . . . 97

. . . . . . . . 95

CLI Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 102

5 Device Security. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 105

802.1x Network Access Control . . . . . . . . . . . . . . . . . . . . . . . . 106

802.1x Network Access Control Examples . . . . . . . . . . . . . . . . 106

802.1X Authentication and VLANs

. . . . . . . . . . . . . . . . . . . . . . . 109

Authenticated and Unauthenticated VLANs . . . . . . . . . . . . . . . 109

Guest VLAN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 109

CLI Examples

Authentication Server Filter Assignment

Access Control Lists (ACLs)

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 110

. . . . . . . . . . . . . . . . . . . 111

. . . . . . . . . . . . . . . . . . . . . . . . . . 111

Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 111

MAC ACLs. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 113

IP ACLs

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 114

ACL Configuration Process . . . . . . . . . . . . . . . . . . . . . . . . 114

IP ACL CLI Example . . . . . . . . . . . . . . . . . . . . . . . . . . . . 115

Configuring a MAC ACL

RADIUS

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 117

. . . . . . . . . . . . . . . . . . . . . . . . . . 116

RADIUS Configuration Examples . . . . . . . . . . . . . . . . . . . . . 118

TAC ACS+

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 120

TACACS+ Configuration Example. . . . . . . . . . . . . . . . . . . . . 120

802.1x MAC Authentication Bypass (MAB)

. . . . . . . . . . . . . . . . . . 122

Operation in the Network . . . . . . . . . . . . . . . . . . . . . . . . . 122

CLI Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 123

Captive Portal

Overview

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 125

Functional Description . . . . . . . . . . . . . . . . . . . . . . . . . . 125

Captive Portal Configuration, Status and Statistics Captive Portal Status

. . . . . . . . . . . . . . . . . . . . . . . . . . . 128

. . . . . . . . . . . 126

Captive Portal Statistics . . . . . . . . . . . . . . . . . . . . . . . . . 129

CLI Examples

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 129

6IPv6 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 135

Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 135

Interface Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . 135

CLI Example

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 136

7 Quality of Service . . . . . . . . . . . . . . . . . . . . . . . . . . . . 139

Class of Service Queuing . . . . . . . . . . . . . . . . . . . . . . . . . . . 139

Ingress Port Configuration Egress Port Configuration—Traffic Shaping

Queue configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . 140

Queue Management Type . . . . . . . . . . . . . . . . . . . . . . . . 140

CLI Examples

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 140

. . . . . . . . . . . . . . . . . . . . . . . . 139

. . . . . . . . . . . . . . . 140

Differentiated Services

. . . . . . . . . . . . . . . . . . . . . . . . . . . . 143

CLI Example . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 144

DiffServ for VoIP Configuration Example . . . . . . . . . . . . . . . . . 146

8 Multicast . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 149

Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 149

When to Enable IP Multicast on the PowerConnect 6200 Series Switch 150

IGMP Configuration

CLI Example . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 150

IGMP Proxy

CLI Examples

DVMRP

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 152

CLI Example . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 153

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 154

PIM

PIM-SM . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 154

PIM-DM . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 155

Multicast Routing and IGMP Snooping

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 150

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 151

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 151

. . . . . . . . . . . . . . . . . . . . 157

9 Utility . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 161

Auto Config . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 162

Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 162

Functional Description . . . . . . . . . . . . . . . . . . . . . . . . . . 162

CLI Examples

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 167

Nonstop Forwarding on a Switch Stack

. . . . . . . . . . . . . . . . . . . . 168

Initiating a Failover . . . . . . . . . . . . . . . . . . . . . . . . . . . . 168

Checkpointing. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 168

Switch Stack MAC Addressing and Stack Design Considerations NSF Network Design Considerations

. . . . . . . . . . . . . . . . . . . 170

NSF Default Behavior. . . . . . . . . . . . . . . . . . . . . . . . . . . 170

Configuration Examples. . . . . . . . . . . . . . . . . . . . . . . . . . 171

. . . 170

About this Document

This configuration guide provides examples of how to use the Dell™PowerConnect™ 6200 Series switch in a typical network. It describes the advantages of specific functions the PowerConnect 6200 Series switch provides and includes information about configuring those functions using the command line interface (CLI).

Organization

This document is organized as follows:

• "System Configuration" on page 11 describes how to configure basic system and port settings, use system interfaces and utilities, and create and use CLI scripts.

• "Switching Configuration" on page 29 provides configuration scenarios for layer 2 switching, including creating virtual local area networks (VLANs) and Internet Group Management Protocol (IGMP) snooping interfaces, and enabling port security.

• "Routing Configuration" on page 73 provides configuration scenarios for layer 3 features such as VLAN routing, Open Shortest Path First (OSPF), and Routing Information Protocol (RIP).

• "Device Security" on page 105 provides information on creating access control lists and configuring RADIUS and TACACS+ servers.

• "IPv6" on page 135 describes configuring and using IPv6-enabled interfaces in a mixed IPv6/IPv4 network.

• "Quality of Service" on page 139 provides configuration scenarios for class-of-service (CoS) queueing and differentiated services (DiffServ).

• "Multicast" on page 149 describes how to configure IGMP, IGMP proxy, Distance Vector Multicast Routing Protocol (DVMRP), and Protocol Independent Multicast (PIM) on the switch.

• "Utility" on page 161 describes the Auto Config and Nonstop Forwarding (NSF) features.

About this Document 9

Additional Documentation

The following documentation provides additional information about PowerConnect 6200 Series software:

•The

• Release notes for your Dell PowerConnect product detail the platform-specific functionality of the

CLI Command Reference

from the command-line interface (CLI) for managing, monitoring, and configuring the switch.

User’s Guide

described in this document can be fully configured using the Web interface. This guide also provides initial system setup and configuration instructions.

for your Dell PowerConnect switch describes the Web GUI. Many of the scenarios

Getting Started Guide

configure, and operate the system.

software packages, including issues and workarounds.

for your Dell PowerConnect switch describes the commands available

for your Dell PowerConnect switch provides basic information to install,

10 About this Document

System Configuration

This section provides configuration scenarios for the following features:

•"Traceroute" on page 12

• "Configuration Scripting" on page 13

• "Outbound Telnet" on page 16

• "Simple Network Time Protocol (SNTP)" on page 17

• "Syslog" on page 20

• "Port Description" on page 22

• "Storm Control" on page 23

• "Cable Diagnostics" on page 25

NOTE: For information on setting up the hardware and serial or TFTP connection, refer to the

for your system.

Guide

Getting Started

System Configuration 11

Traceroute

Use Traceroute to discover the routes that packets take when traveling on a hop-by-hop basis to their destination through the network.

• Maps network routes by sending packets with small Time-to-Live (TTL) values and watches the ICMP time-out announcements

• Command displays all L3 devices

• Can be used to detect issues on the network

• Tracks up to 30 hops

• Default UDP port uses 33434 unless modified in the traceroute command

CLI Example

The following shows an example of using the traceroute command to determine how many hops there are to the destination. The command output shows each IP address the packet passes through and how long it takes to get there. In this example, the packet takes 16 hops to reach its destination.

console#traceroute ?

ip Enter IP Address. ipv6 Use keyword 'ipv6' if entering IPv6 Address.

console#traceroute 72.14.253.99

Traceroute to 72.14.253.99 ,30 hops max 0 byte packets:

1 10.131.10.1 <10 ms <10 ms <10 ms 2 210.210.108.193 <10 ms 10 ms <10 ms 3 192.168.81.1 <10 ms 10 ms <10 ms 4 210.214.5.161 <10 ms 10 ms 10 ms 5 210.214.5.169 <10 ms <10 ms 10 ms 6 124.7.202.2 10 ms <10 ms <10 ms 7 210.18.7.166 40 ms 30 ms 30 ms 8 202.144.2.193 30 ms 30 ms 30 ms 9 202.144.113.151 30 ms 40 ms 30 ms 10 72.14.196.97 40 ms 30 ms 100 ms 11 216.239.43.216 40 ms 40 ms 30 ms 12 216.239.43.209 60 ms 40 ms 40 ms 13 216.239.43.222 40 ms 50 ms 50 ms 14 216.239.43.221 100 ms 110 ms 100 ms 15 209.85.250.88 130 ms 130 ms 120 ms 16 209.85.250.105 130 ms 120 ms 130 ms 17 209.85.250.91 160 ms 160 ms 160 ms 18 216.239.47.237 290 ms 240 ms 250 ms 19 216.239.46.211 240 ms 270 ms 250 ms

12 System Configuration

--More-- or (q)uit 20 64.233.174.99 250 ms 240 ms 250 ms

Hop Count = 20 Last TTL = 30 Test attempt = 90 Test Success = 90

Configuration Scripting

Configuration scripting allows you to generate a text-formatted script file that shows the current system configuration. You can generate multiple scripts and upload and apply them to more than one switch.

Overview

Configuration scripting:

• Provides scripts that can be uploaded from and downloaded to the system.

• Provides flexibility to create command configuration scripts.

• Can be applied to several switches.

• Can save up to ten scripts up to a maximum size of 2 MB of memory.

• Provides List, Delete, Apply, Upload, Download.

• Provides script format of one CLI command per line.

NOTE: The startup-config and backup-config scripts are not bound by the 2 MB memory limit.

Considerations

When you use configuration scripting, keep the following considerations in mind:

• The total number of scripts stored on the system is limited by NVRAM/FLASH size.

• The application of scripts is partial if the script fails. For example, if the script executes five of ten commands and the script fails, the script stops at five.

• Scripts cannot be modified or deleted while being applied.

• Validation of scripts checks for syntax errors only. It does not validate that the script will run.

System Configuration 13

CLI Examples

The following are examples of the commands used for configurations scripting.

Example #1: Viewing the Script Options

console#script ?

apply Applies configuration script to the switch. delete Deletes a configuration script file from the switch. list Lists all configuration script files present on the switch. show Displays the contents of configuration script. validate Validate the commands of configuration script.

Example #2: Viewing and Deleting Existing Scripts

console#script list

Configuration Script Name Size(Bytes)

-------------------------------- ----------abc.scr 360 running-config 360 startup-config 796 test.scr 360

4 configuration script(s) found. 2046 Kbytes free.

console#script delete test.scr

Are you sure you want to delete the configuration script(s)? (y/n)y

1 configuration script(s) deleted.

Example #3: Applying a Script to the Active Configuration

console#script apply abc.scr

Are you sure you want to apply the configuration script? (y/n)y

.....

....

Configuration script 'abc.scr' applied.

14 System Configuration

Example #4: Copying the Active Configuration into a Script

Use this command to capture the running configuration into a script.

console#show running-config running-config.scr

Config script created successfully.

Example #5: Uploading a Configuration Script to the TFTP Server

Use this command to upload a configuration script to the TFTP server.

console#copy script abc.scr tftp://10.27.64.141/abc.scr

Mode........................................... TFTP

Set TFTP Server IP............................. 10.27.64.141

TFTP Path...................................... ./

TFTP Filename.................................. abc.scr

Data Type...................................... Config Script

Source Filename................................ abc.scr

Management access will be blocked for the duration of the transfer Are you sure you want to start? (y/n) y

267 bytes transferred

File transfer operation completed successfully.

Example #6: Downloading a Configuration Script to the TFTP Server

Use this command to download a configuration script from the TFTP server to the switch.

console#copy tftp://10.27.64.141/abc.scr script abc.scr

Mode........................................... TFTP

Set TFTP Server IP............................. 10.27.64.141

TFTP Path...................................... ./

TFTP Filename.................................. abc.scr

Data Type...................................... Config Script

Destination Filename........................... abc.scr

Management access will be blocked for the duration of the transfer Are you sure you want to start? (y/n) y

193 bytes transferred

Validating configuration script... configure

System Configuration 15

exit configure logging web-session bridge aging-time 100 exit

Configuration script validated. File transfer operation completed successfully.

Example #7: Validating a Script

console#script validate abc.scr ip address dhcp username "admin" password 16d7a4fca7442dda3ad93c9a726597e4 level 15 encrypted exit

Configuration script 'abc.scr' validated.

console#script apply abc.scr

Are you sure you want to apply the configuration script? (y/n)y

ip address dhcp username "admin" password 16d7a4fca7442dda3ad93c9a726597e4 level 15 encrypted exit

Configuration script 'abc.scr' applied.

Outbound Telnet

Overview

Outbound telnet:

• Establishes an outbound telnet connection between a device and a remote host.

• When a telnet connection is initiated, each side of the connection is assumed to originate and terminate at a “Network Virtual Terminal” (NVT).

• Server and user hosts do not maintain information about the characteristics of each other’s terminals and terminal handling conventions.

• Must use a valid IP address.

16 System Configuration

CLI Examples

The following are examples of the commands used in the outbound telnet feature.

Example #1: Connecting to Another System by Using Telnet

console#telnet 192.168.77.151 Trying 192.168.77.151... console# User:admin Password: (Dell PC62XX Routing) >enable Password:

console#show ip interface

Management Interface:

IP Address..................................... 10.27.65.89

Subnet Mask.................................... 255.255.254.0

Default Gateway................................ 10.27.64.1

Burned In MAC Address.......................... 00FF.F2A3.6688

Network Configuration Protocol Current......... DHCP

Management VLAN ID............................. 4086

Routing Interfaces: Netdir Multi Interface IP Address IP Mask Bcast CastFwd

---------- --------------- --------------- -------- --------

Simple Network Time Protocol (SNTP)

Overview

The SNTP implementation has the following features:

• Used for synchronizing network resources

•Adaptation of NTP

• Provides synchronized network timestamp

• Can be used in broadcast or unicast mode

• SNTP client implemented over UDP that listens on port 123

System Configuration 17

CLI Examples

The following are examples of the commands used in the SNTP feature.

Example #1: Viewing SNTP Options

(Dell PC62XX Routing)(Config) #sntp ?

console(config)#sntp ?

authenticate Require authentication for received Network Time

Protocol (NTP) traffic from servers.

authentication-key

broadcast Configure SNTP client broadcast parameters. client Configure the SNTP client parameters. server Configure SNTP server parameters. trusted-key Authenticate the identity of a system to which

unicast Configure SNTP client unicast parameters.

Example #2: Configuring the SNTP Server

console(config)#sntp server ?

<ipaddress/domain-name> Enter SNTP server address or the domain name.

console(config)#sntp server 192.168.10.25 ?

Define an authentication key for Simple Network Protocol (SNTP).

SNTP will synchronize.

Time

key Authentication key to use when sending packets to this peer. poll Enable/Disable SNTP server polling. priority Configure SNTP server priority. <cr> Press enter to execute the command.

console(config)#sntp server 192.168.10.25

18 System Configuration

Example #3: Viewing SNTP Information

console#show sntp ?

configuration Show the configuration of the Simple Network Time Protocol (SNTP). status To show the status of the Simple Network Time Protocol (SNTP).

console#show sntp configuration

Polling interval: 64 seconds MD5 Authentication keys: Authentication is not required for synchronization. Trusted keys: No trusted keys. Unicast clients: Enable

Unicast servers: Server Key Polling Priority

--------- ----------- ----------- ----------

192.168.0.1 Disabled Enabled 1

console#show sntp status

Unicast servers: Server Status Last response

--------- ----------- --------------------------

192.168.10.25 Unknown 00:00:00 Jan 1 1970

System Configuration 19

Syslog

Overview

Syslog:

• Allows you to store system messages and/or errors.

• Can store to local files on the switch or a remote server running a syslog daemon.

• Provides a method of collecting message logs from many systems.

Interpreting Log Files

Figure 2-1 describes the information that displays in log messages.

<130> JAN 01 00:00:06 0.0.0.0-1 UNKN [0x800023]: bootos.c(386) 4 %% Event (0xaaaaaa

A. Priority B. Timestamp C. Stack ID D. Component Name E. Thread ID F. File Name G. Line Number H Sequence Number I. Message

Figure 2-1. Log Files Key

DEF GH I

CLI Examples

The following are examples of the commands used in the Syslog feature.

Example #1: Viewing Logging Information

console#show logging

aa)

Logging is enabled Console Logging: level warning. Console Messages: 230 Dropped. Buffer Logging: level info. Buffer Messages: 230 Logged. File Logging: level notActive. File Messages: 0 Dropped. CLI Command Logging : disabled

20 System Configuration

Web Session Logging : disabled SNMP Set Command Logging : disabled 0 Messages were not logged. Buffer Log: <189> JAN 01 03:57:58 10.27.65.86-1 TRAPMGR[216282304]: traputil.c(908) 31 %% Instance 0 has elected a new STP root: 8000:00ff:f2a3:8888 <189> JAN 01 03:57:58 10.27.65.86-1 TRAPMGR[216282304]: traputil.c(908) 32 %% Instance 0 has elected a new STP root: 8000:0002:bc00:7e2c <189> JAN 01 04:04:18 10.27.65.86-1 TRAPMGR[231781808]: traputil.c(908) 33 %% New Spanning Tree Root: 0, Unit: 1 <189> JAN 01 04:04:18 10.27.65.86-1 TRAPMGR[216282304]: traputil.c(908) 34 %% The unit 1 elected as the new STP root

Example #2: Viewing the Logging File

console#show logging file

Persistent Logging : disabled Persistent Log Count : 0

Example #5: Configuring Syslog Server

console(config)#logging ?

buffered Buffered (In-Memory) Logging Configuration. cli-command CLI Command Logging Configuration. console Console Logging Configuration. facility Syslog Facility Configuration. file Configure logging file parameters. on Enable logging to all supporting destinations. snmp SNMP Set Command Logging Configuration. web-session Web Session Logging Configuration. <ip-address|hostname> Configure syslog server IP address or Hostname up to 63 characters in length

console(config)#logging 192.168.10.65

console(Config-logging)#?

description Specify syslog server description. exit To exit from the mode. level Specify logging level. port Specify UDP port (default is 514).

console(Config-logging)#level ?

System Configuration 21

alert Immediate action needed critical Critical conditions debug Debugging messages emergency System is unusable error Error conditions info Informational messages notice Normal but significant conditions warning Warning conditions

console(Config-logging)#level critical

Port Description

The Port Description feature lets you specify an alphanumeric interface identifier that can be used for SNMP network management.

CLI Example

Use the commands shown below for the Port Description feature.

Example #1: Enter a Description for a Port

This example specifies the name “Test” for port 1/g17:

console#configure console(config)#interface ethernet 1/g17 console(config-if-1/g17)#description Test console(config-if-1/g17)#exit console(config)#exit

Example #2: Show the Port Description

console#show interfaces description ethernet 1/g17

Port Description

---- ---------------------------------------------------------1/g17 Test

22 System Configuration

Storm Control

A traffic storm occurs when incoming packets flood the LAN resulting in network performance degradation. The Storm Control feature protects against this condition.

The switch software provides broadcast, multicast, and unicast storm recovery for individual interfaces.

Unicast Storm Control protects against traffic whose MAC addresses are not known by the system.

For broadcast, multicast, and unicast storm control, if the rate of traffic ingressing on an interface increases beyond the configured threshold for that type, the traffic is dropped.

To configure storm control, you will enable the feature for all interfaces or for individual interfaces, and you will set the threshold (storm control level) beyond which the broadcast, multicast, or unicast traffic will be dropped.

Configuring a storm-control level also enables that form of storm-control. Disabling a storm-control level (using the “no” version of the command) sets the storm-control level back to default value and disables that form of storm-control. Using the “no” version of the “storm-control” command (not stating a “level”) disables that form of storm-control but maintains the configured “level” (to be active next time that form of storm-control is enabled).

NOTE: The actual rate of ingress traffic required to activate storm-control is based on the size of incoming packets

and the hard-coded average packet size of 512 bytes - used to calculate a packet-per-second (pps) rate - as the forwarding-plane requires pps versus an absolute rate Kbps. For example, if the configured limit is 10%, this is converted to ~25000 pps, and this pps limit is set in forwarding plane (hardware). You get the approximate desired output when 512bytes packets are used.

CLI Example

The following examples show how to configure the storm control feature an Ethernet interface. The interface number is 1/g17.

System Configuration 23

Example #1: Set Broadcast Storm Control for an Interface

console#configure

console(config)#interface ethernet 1/g17

console(config-if-1/g17)#storm-control broadcast ?

<cr> Press enter to execute the command. level Configure storm-control thresholds.

console(config-if-1/g17)#storm-control broadcast level ?

<rate> Enter the storm-control threshold as percent of port

speed. Percent of port speed is converted to PacketsPerSecond based on 512 byte average packet size and applied to HW. Refer to documentation for further details.

console(config-if-1/g17)#storm-control broadcast level 7

Example #2: Set Multicast Storm Control for an Interface

console(config-if-1/g17)#storm-control multicast level 8

Example #3: Set Unicast Storm Control for an Interface

console(config-if-1/g17)#storm-control unicast level 5

24 System Configuration

Cable Diagnostics

This section describes:

• "Copper Port Cable Test" on page 25

• "Fiber Port Cable Test" on page 27

NOTE: Cable Diagnostics is supported on SFP/XFP ports but not on the Stacking/CX-4/SFP+/10GbaseT ports.

Copper Port Cable Test

The cable test feature enables you to determine the cable connection status on a selected port. The switch uses Time Domain Reflectometry (TDR) technology to determine the quality and characteristics of a copper cable attached to a port.

NOTE: The cable test feature is supported only for copper cable. it is not supported for optical fiber cable.

NOTE: The copper-related commands do not apply to the stacking, 10G BaseT, or CX-4 ports associated with these

plug-in modules.

In privileged exec mode, enter test copper-port tdr unit/port to run the cable test on the specified port. One of the following statuses are returned:

•

Normal

•

Open

•

Short

Cable Test Failed

•

The command also returns a cable length estimate if this feature is supported by the PHY for the current link speed. The length is displayed as the estimated length. Note that if the link is down and a cable is attached to a 10/100 Ethernet adapter, then the cable status may display as Open or Short because some Ethernet adapters leave unused wire pairs unterminated or grounded. Unknown is displayed if the cable length could not be determined.

If the port has an active link while the cable test is run, the link can go down for the duration of the test. The test may take several seconds to run.

To view cable status information for multiple ports, enter show copper-ports tdr. If the cable test has not been run on a port, the results indicate that the test has not been performed.

: The cable is working correctly.

: The cable is disconnected or there is a faulty connector.

: There is an electrical short in the cable.

: The cable status could not be determined. The cable may in fact be working.

System Configuration 25

Example #1: Cable Test for Copper Ports

console#test copper-port tdr 1/g1

Cable Status................................... Short

Cable Length................................... 5m

console#show copper-ports tdr

Port Result Length [meters] Date

------- ------ --------------- --------------------1/g1 Short 9 Jan 01 1970 18:03:23 1/g2 Test has not been performed 1/g3 Test has not been performed 1/g4 Test has not been performed 1/g5 Test has not been performed

--More-- or (q)uit

NOTE: You can also run a cable test using the Web Interface. In the navigation tree, click System > Diagnostics.

Example #2: Show Copper Cable Length

Use the show copper-ports cable-length command in Privileged EXEC mode to display the estimated copper cable length attached to a port. The following example displays the estimated copper cable length attached to all ports.

console#show copper-ports cable-length

Port Length [meters]

---- ---------------

1/g1 <50

1/g2 Copper not active

1/g3 110-140

1/g4 Fiber

26 System Configuration

Example #3: Show Last Time Domain Reflectometry Tests

Use the show copper-ports tdr command in Privileged EXEC mode to display the last Time Domain Reflectometry (TDR) tests on specified ports.

The following example displays the last TDR tests on all ports.

console#show copper-ports tdr

Port Result Length [meters] Date

---- -------- --------------- ---------------

1/g1 OK

1/g2 Short 50 13:32:00 23 July 2004

1/g3 Test has not been preformed

1/g4 Open 128 13:32:08 23 July 2004

1/g5 Fiber - -

Fiber Port Cable Test

Example #1: Show Optical Transceiver Diagnostics

Use the show fiber-ports optical-transceiver command in Privileged EXEC mode to display the optical transceiver diagnostics.

NOTE: The show fiber ports command is only applicable to the SFP combo ports and XFP ports (not the ports on

the SFP+ plug-in module).

The following example displays the optical transceiver diagnostics.

console#show fiber-ports optical-transceiver

Port Temp Voltage Current Output Input TX LOS

Power Power Fault

----------- ------ ------- ------- ------ ----- ----- --- 1/g3 w OK E OK OK OK OK 1/g4 OK OK OK OK OK E OK 1/g1 Copper

Temp - Internally measured transceiver temperature Voltage - Internally measured supply voltage Current - Measured TX bias current Output Power - Measured TX output power in milliWatts Input Power - Measured RX received power in milliWatts TX Fault - Transmitter fault LOS - Loss of signal

System Configuration 27

28 System Configuration

Switching Configuration

This section provides configuration scenarios for the following features:

• "Virtual LANs" on page 29

• "Voice VLAN" on page 37

• "IGMP Snooping" on page 40

• "IGMP Snooping Querier" on page 43

• "Link Aggregation/Port Channels" on page 45

• "Port Mirroring" on page 49

• "Port Security" on page 50

• "Link Layer Discovery Protocol" on page 52

• "Denial of Service Attack Protection" on page 54

• "DHCP Snooping" on page 56

• "sFlow" on page 67

Virtual LANs

Adding Virtual LAN (VLAN) support to a Layer 2 switch offers some of the benefits of both bridging and routing. Like a bridge, a VLAN switch forwards traffic based on the Layer 2 header, which is fast. Like a router, it partitions the network into logical segments, which provides better administration, security and management of multicast traffic.

A VLAN is a set of end stations and the switch ports that connect them. You can have many reasons for the logical division, for example, department or project membership. The only physical requirement is that the end station, and the port to which it is connected, both belong to the same VLAN.

Each VLAN in a network has an associated VLAN ID, which appears in the IEEE 802.1Q tag in the Layer 2 header of packets transmitted on a VLAN. An end station may omit the tag, or the VLAN portion of the tag, in which case the first switch port to receive the packet may either reject it or insert a tag using its default VLAN ID. A given port may handle traffic for more than one VLAN, but it can only support one default VLAN ID.

Two features let you define packet filters that the switch uses as the matching criteria to determine if a particular packet belongs to a particular VLAN.

Switching Configuration 29

• The IP-subnet Based VLAN feature lets you map IP addresses to VLANs by specifying a source IP address, network mask, and the desired VLAN ID.

• The MAC-based VLAN feature let packets originating from end stations become part of a VLAN according to source MAC address. To configure the feature, you specify a source MAC address and a VLAN ID.

The Private Edge VLAN feature lets you set protection between ports located on the switch. This means that a protected port cannot forward traffic to another protected port on the same switch.

The feature does not provide protection between ports located on different switches.

For information about authenticated, unauthenticated, and guest VLANs, see "802.1X Authentication and VLANs" on page 109.

VLAN Configuration Example

The diagram in this section shows a switch with four ports configured to handle the traffic for two VLANs. Port 1/g18 handles traffic for both VLANs, while port 1/g17 is a member of VLAN 2 only, and ports 1/g19 and 1/g20 are members of VLAN 3 only. The script following the diagram shows the commands you would use to configure the switch as shown in the diagram.

Layer 3 Switch

Port 1/g20

Port 1/g17

Port 1/0/1

VLAN 2

Port 1/g18

Port 1/0/2

VLANs 2 & 3

Port 1/g19

Port 1/0/3

VLAN 3

Port 1/0/4

VLAN 3

VLAN 2

Figure 3-1. VLAN Example Network Diagram

30 Switching Configuration

VLAN 3

+ 146 hidden pages

Dell PowerConnect 6248 Quick Reference Guide

Configuration Guide

Contents

About this Document

Organization

Additional Documentation

System Configuration

Traceroute

CLI Example

Configuration Scripting

Overview

Considerations

CLI Examples

Outbound Telnet

Overview

CLI Examples

Simple Network Time Protocol (SNTP)

Overview

CLI Examples

Syslog

Overview

CLI Examples

Port Description

CLI Example

Storm Control

CLI Example

Cable Diagnostics

Copper Port Cable Test

Fiber Port Cable Test

Switching Configuration

Virtual LANs

VLAN Configuration Example