Dell PowerConnect 6248 Quick Reference Guide

0 (0)

Dell™ PowerConnect™ 6200 Series

Configuration Guide

Model: PC6224, PC6248, PC6224P, PC6248P, and PC6224F

w w w . d e l l . c o m | s u p p o r t . d e l l . c o m

Notes, Cautions, and Warnings

NOTE: A NOTE indicates important information that helps you make better use of your computer.

CAUTION: A CAUTION indicates potential damage to hardware or loss of data if instructions are not followed. WARNING: A WARNING indicates a potential for property damage, personal injury, or death.

____________________

Reproduction of these materials in any manner whatsoever without the written permission of Dell Inc. is strictly forbidden.

Trademarks used in this text: Dell, the DELL logo, and PowerConnect are trademarks of Dell Inc. sFlow is a registered trademark of InMon Corporation. Cisco is a registered trademark of Cisco Systems, Inc. and/or its affiliates in the United States and certain other countries.

Other trademarks and trade names may be used in this document to refer to either the entities claiming the marks and names or their products. Dell Inc. disclaims any proprietary interest in trademarks and trade names other than its own.

Model: PC6224, PC6248, PC6224P, PC6248P, and PC6224F

April 2010

Rev. A04

1 About this Document . . . . . . . . . . . . . . . . . . . . . . . . . . .	9
Organization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .	9
Additional Documentation . . . . . . . . . . . . . . . . . . . . . . . . . . . .	10
2 System Configuration. . . . . . . . . . . . . . . . . . . . . . . . . . .	11
Traceroute . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .	12
CLI Example . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .	12
Configuration Scripting . . . . . . . . . . . . . . . . . . . . . . . . . . . . .	13
Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .	13
Considerations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .	13
CLI Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .	14
Outbound Telnet . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .	16
Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .	16
CLI Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .	17
Simple Network Time Protocol (SNTP) . . . . . . . . . . . . . . . . . . . . .	17
Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .	17
CLI Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .	18
Syslog . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .	20
Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .	20
CLI Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .	20
Port Description . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .	22
CLI Example . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .	22
Storm Control. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .	23
CLI Example . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .	23
Cable Diagnostics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .	25
Copper Port Cable Test . . . . . . . . . . . . . . . . . . . . . . . . . . .	25
Fiber Port Cable Test . . . . . . . . . . . . . . . . . . . . . . . . . . . .	27

3 Switching Configuration . . . . . . . . . . . . . . . . . . . . . . . . .	29
Virtual LANs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .	29
VLAN Configuration Example . . . . . . . . . . . . . . . . . . . . . . . .	30
CLI Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .	31
Web Interface. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .	33
IP Subnet and MAC-Based VLANs . . . . . . . . . . . . . . . . . . . . .	34
CLI Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .	34
Private Edge VLANs. . . . . . . . . . . . . . . . . . . . . . . . . . . . .	35
CLI Example . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .	36
Voice VLAN. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .	37
Using Voice VLAN. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .	37
Interaction with LLDP-MED. . . . . . . . . . . . . . . . . . . . . . . . .	38
IGMP Snooping. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .	40
CLI Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .	40
IGMP Snooping Querier . . . . . . . . . . . . . . . . . . . . . . . . . . . . .	43
CLI Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .	43
Link Aggregation/Port Channels. . . . . . . . . . . . . . . . . . . . . . . . .	45
CLI Example . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .	46
Web Interface Configuration: LAGs/Port-channels . . . . . . . . . . . .	48
Port Mirroring . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .	49
Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .	49
CLI Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .	49
Port Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .	50
Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .	50
Operation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .	50
CLI Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .	51
Link Layer Discovery Protocol . . . . . . . . . . . . . . . . . . . . . . . . . .	52
CLI Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .	52
Denial of Service Attack Protection. . . . . . . . . . . . . . . . . . . . . . .	54
Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .	54
CLI Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .	55
DHCP Snooping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .	56
CLI Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .	59

sFlow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .	67
Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .	67
sFlow Agents . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .	68
CLI Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .	69

4 Routing Configuration . . . . . . . . . . . . . . . . . . . . . . . . . .	73
VLAN Routing. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .	74
CLI Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .	74
Using the Web Interface to Configure VLAN Routing . . . . . . . . . . .	76
Virtual Router Redundancy Protocol . . . . . . . . . . . . . . . . . . . . . .	77
CLI Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .	77
Using the Web Interface to Configure VRRP . . . . . . . . . . . . . . . .	79
Proxy Address Resolution Protocol (ARP). . . . . . . . . . . . . . . . . . . .	80
Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .	80
CLI Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .	80
OSPF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .	81
OSPF Concepts and Terms . . . . . . . . . . . . . . . . . . . . . . . . .	81
CLI Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .	83
Routing Information Protocol . . . . . . . . . . . . . . . . . . . . . . . . . .	92
RIP Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .	92
CLI Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .	93
Using the Web Interface to Configure RIP . . . . . . . . . . . . . . . . .	94
Route Preferences . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .	95
Assigning Administrative Preferences to Routing Protocols. . . . . . . .	95
Using Equal Cost Multipath . . . . . . . . . . . . . . . . . . . . . . . . .	97
Loopback Interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .	99
IP Helper . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .	100
CLI Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .	102

5 Device Security. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 105

802.1x Network Access Control . . . . . . . . . . . . . . . . . . . . . . . .	106
802.1x Network Access Control Examples . . . . . . . . . . . . . . . .	106
802.1X Authentication and VLANs . . . . . . . . . . . . . . . . . . . . . . .	109
Authenticated and Unauthenticated VLANs . . . . . . . . . . . . . . .	109
Guest VLAN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .	109
CLI Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .	110
Authentication Server Filter Assignment . . . . . . . . . . . . . . . . . . .	111
Access Control Lists (ACLs) . . . . . . . . . . . . . . . . . . . . . . . . . .	111
Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .	111
MAC ACLs. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .	113
IP ACLs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .	114
ACL Configuration Process . . . . . . . . . . . . . . . . . . . . . . . .	114
IP ACL CLI Example . . . . . . . . . . . . . . . . . . . . . . . . . . . .	115
Configuring a MAC ACL. . . . . . . . . . . . . . . . . . . . . . . . . .	116
RADIUS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .	117
RADIUS Configuration Examples . . . . . . . . . . . . . . . . . . . . .	118
TACACS+ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .	120
TACACS+ Configuration Example . . . . . . . . . . . . . . . . . . . . .	120
802.1x MAC Authentication Bypass (MAB) . . . . . . . . . . . . . . . . . .	122
Operation in the Network . . . . . . . . . . . . . . . . . . . . . . . . .	122
CLI Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .	123
Captive Portal . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .	125
Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .	125
Functional Description . . . . . . . . . . . . . . . . . . . . . . . . . .	125
Captive Portal Configuration, Status and Statistics . . . . . . . . . . .	126
Captive Portal Status . . . . . . . . . . . . . . . . . . . . . . . . . . .	128
Captive Portal Statistics . . . . . . . . . . . . . . . . . . . . . . . . .	129
CLI Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .	129

6 IPv6 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .	135
Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .	135
Interface Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . .	135
CLI Example . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .	136

7 Quality of Service . . . . . . . . . . . . . . . . . . . . . . . . . . . .	139
Class of Service Queuing . . . . . . . . . . . . . . . . . . . . . . . . . . .	139
Ingress Port Configuration . . . . . . . . . . . . . . . . . . . . . . . .	139
Egress Port Configuration—Traffic Shaping . . . . . . . . . . . . . . .	140
Queue configuration . . . . . . . . . . . . . . . . . . . . . . . . . . .	140
Queue Management Type . . . . . . . . . . . . . . . . . . . . . . . .	140
CLI Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .	140
Differentiated Services . . . . . . . . . . . . . . . . . . . . . . . . . . . .	143
CLI Example . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .	144
DiffServ for VoIP Configuration Example . . . . . . . . . . . . . . . . .	146

8 Multicast . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .	149
Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .	149
When to Enable IP Multicast on the PowerConnect 6200 Series Switch	150

IGMP Configuration . . . . . . . . . .

CLI Example . . . . . . . . . . . .

IGMP Proxy. . . . . . . . . . . . . . .

CLI Examples . . . . . . . . . . .

DVMRP . . . . . . . . . . . . . . . . .

CLI Example . . . . . . . . . . . .

PIM . . . . . . . . . . . . . . . . . . .

PIM-SM . . . . . . . . . . . . . .

PIM-DM . . . . . . . . . . . . . .

Multicast Routing and IGMP Snooping

. . . . . . . . . . . . . . . . . . . .	150
. . . . . . . . . . . . . . . . . . . .	150
. . . . . . . . . . . . . . . . . . . .	151
. . . . . . . . . . . . . . . . . . . .	151
. . . . . . . . . . . . . . . . . . . .	152
. . . . . . . . . . . . . . . . . . . .	153
. . . . . . . . . . . . . . . . . . . .	154
. . . . . . . . . . . . . . . . . . . .	154
. . . . . . . . . . . . . . . . . . . .	155
. . . . . . . . . . . . . . . . . . . .	157

9 Utility . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 161

Auto Config . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .	162
Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .	162
Functional Description . . . . . . . . . . . . . . . . . . . . . . . . . .	162
CLI Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .	167

Nonstop Forwarding on a Switch Stack. . . . . . . . . . . . . . . . . . . .	168
Initiating a Failover . . . . . . . . . . . . . . . . . . . . . . . . . . . .	168
Checkpointing. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .	168
Switch Stack MAC Addressing and Stack Design Considerations . . .	170
NSF Network Design Considerations. . . . . . . . . . . . . . . . . . .	170
NSF Default Behavior . . . . . . . . . . . . . . . . . . . . . . . . . . .	170
Configuration Examples. . . . . . . . . . . . . . . . . . . . . . . . . .	171

About this Document

This configuration guide provides examples of how to use the Dell™PowerConnect™ 6200 Series switch in a typical network. It describes the advantages of specific functions the PowerConnect 6200 Series switch provides and includes information about configuring those functions using the command line interface (CLI).

Organization

This document is organized as follows:

•"System Configuration" on page 11 describes how to configure basic system and port settings, use system interfaces and utilities, and create and use CLI scripts.

•"Switching Configuration" on page 29 provides configuration scenarios for layer 2 switching, including creating virtual local area networks (VLANs) and Internet Group Management Protocol (IGMP) snooping interfaces, and enabling port security.

•"Routing Configuration" on page 73 provides configuration scenarios for layer 3 features such as VLAN routing, Open Shortest Path First (OSPF), and Routing Information Protocol (RIP).

•"Device Security" on page 105 provides information on creating access control lists and configuring RADIUS and TACACS+ servers.

•"IPv6" on page 135 describes configuring and using IPv6-enabled interfaces in a mixed IPv6/IPv4 network.

•"Quality of Service" on page 139 provides configuration scenarios for class-of-service (CoS) queueing and differentiated services (DiffServ).

•"Multicast" on page 149 describes how to configure IGMP, IGMP proxy, Distance Vector Multicast Routing Protocol (DVMRP), and Protocol Independent Multicast (PIM) on the switch.

•"Utility" on page 161 describes the Auto Config and Nonstop Forwarding (NSF) features.

About this Document		9

Additional Documentation

The following documentation provides additional information about PowerConnect 6200 Series software:

•The CLI Command Reference for your Dell PowerConnect switch describes the commands available from the command-line interface (CLI) for managing, monitoring, and configuring the switch.

•The User’s Guide for your Dell PowerConnect switch describes the Web GUI. Many of the scenarios described in this document can be fully configured using the Web interface. This guide also provides initial system setup and configuration instructions.

•The Getting Started Guide for your Dell PowerConnect switch provides basic information to install, configure, and operate the system.

•Release notes for your Dell PowerConnect product detail the platform-specific functionality of the software packages, including issues and workarounds.

10 About this Document

System Configuration

This section provides configuration scenarios for the following features:

•"Traceroute" on page 12

•"Configuration Scripting" on page 13

•"Outbound Telnet" on page 16

•"Simple Network Time Protocol (SNTP)" on page 17

•"Syslog" on page 20

•"Port Description" on page 22

•"Storm Control" on page 23

•"Cable Diagnostics" on page 25

NOTE: For information on setting up the hardware and serial or TFTP connection, refer to the Getting Started Guide for your system.

System Configuration		11

Traceroute

Use Traceroute to discover the routes that packets take when traveling on a hop-by-hop basis to their destination through the network.

•Maps network routes by sending packets with small Time-to-Live (TTL) values and watches the ICMP time-out announcements

•Command displays all L3 devices

•Can be used to detect issues on the network

•Tracks up to 30 hops

•Default UDP port uses 33434 unless modified in the traceroute command

CLI Example

The following shows an example of using the traceroute command to determine how many hops there are to the destination. The command output shows each IP address the packet passes through and how long it takes to get there. In this example, the packet takes 16 hops to reach its destination.

console#traceroute ?

ip	Enter IP Address.
ipv6	Use keyword 'ipv6' if entering IPv6 Address.

console#traceroute 72.14.253.99

Traceroute to 72.14.253.99 ,30 hops max 0 byte packets:

1	10.131.10.1	<10 ms		<10 ms		<10 ms
2	210.210.108.193	<10 ms		10	ms	<10 ms
3	192.168.81.1	<10 ms		10	ms	<10 ms
4	210.214.5.161	<10 ms		10	ms	10	ms
5	210.214.5.169	<10 ms		<10 ms		10	ms
6	124.7.202.2	10	ms	<10 ms		<10 ms
7	210.18.7.166	40	ms	30	ms	30	ms
8	202.144.2.193	30	ms	30	ms	30	ms
9	202.144.113.151	30	ms	40	ms	30	ms
10	72.14.196.97	40	ms	30	ms	100	ms
11	216.239.43.216	40	ms	40	ms	30	ms
12	216.239.43.209	60	ms	40	ms	40	ms
13	216.239.43.222	40	ms	50	ms	50	ms
14	216.239.43.221	100	ms	110	ms	100	ms
15	209.85.250.88	130	ms	130	ms	120	ms
16	209.85.250.105	130	ms	120	ms	130	ms
17	209.85.250.91	160	ms	160	ms	160	ms
18	216.239.47.237	290	ms	240	ms	250	ms
19	216.239.46.211	240	ms	270	ms	250	ms

12 System Configuration

--More-- or (q)uit
20 64.233.174.99	250 ms	240 ms	250 ms

Hop Count = 20 Last TTL = 30 Test attempt = 90 Test Success = 90

Configuration Scripting

Configuration scripting allows you to generate a text-formatted script file that shows the current system configuration. You can generate multiple scripts and upload and apply them to more than one switch.

Overview

Configuration scripting:

•Provides scripts that can be uploaded from and downloaded to the system.

•Provides flexibility to create command configuration scripts.

•Can be applied to several switches.

•Can save up to ten scripts up to a maximum size of 2 MB of memory.

•Provides List, Delete, Apply, Upload, Download.

•Provides script format of one CLI command per line.

NOTE: The startup-config and backup-config scripts are not bound by the 2 MB memory limit.

Considerations

When you use configuration scripting, keep the following considerations in mind:

•The total number of scripts stored on the system is limited by NVRAM/FLASH size.

•The application of scripts is partial if the script fails. For example, if the script executes five of ten commands and the script fails, the script stops at five.

•Scripts cannot be modified or deleted while being applied.

•Validation of scripts checks for syntax errors only. It does not validate that the script will run.

System Configuration		13

CLI Examples

The following are examples of the commands used for configurations scripting.

Example #1: Viewing the Script Options console#script ?


apply	Applies	configuration script to the						switch.
delete	Deletes	a configuration			script		file	from the	switch.
list	Lists all configuration				script		files present		on the switch.
show	Displays		the	contents of		configuration script.
validate	Validate		the	commands of		configuration script.

Example #2: Viewing and Deleting Existing Scripts console#script list

Configuration Script Name	Size(Bytes)
--------------------------------	-----------
abc.scr	360
running-config	360
startup-config	796
test.scr	360

4 configuration script(s) found.

2046 Kbytes free.

console#script delete test.scr

Are you sure you want to delete the configuration script(s)? (y/n)y

1 configuration script(s) deleted.

Example #3: Applying a Script to the Active Configuration console#script apply abc.scr

Are you sure you want to apply the configuration script? (y/n)y

.....

....

Configuration script 'abc.scr' applied.

14 System Configuration

Example #4: Copying the Active Configuration into a Script

Use this command to capture the running configuration into a script.

console#show running-config running-config.scr

Config script created successfully.

Example #5: Uploading a Configuration Script to the TFTP Server

Use this command to upload a configuration script to the TFTP server.

console#copy script abc.scr tftp://10.27.64.141/abc.scr

Mode...........................................	TFTP
Set TFTP Server IP.............................	10.27.64.141
TFTP Path......................................	./
TFTP Filename..................................	abc.scr
Data Type......................................	Config Script
Source Filename................................	abc.scr

Management access will be blocked for the duration of the transfer Are you sure you want to start? (y/n) y

267 bytes transferred

File transfer operation completed successfully.

Example #6: Downloading a Configuration Script to the TFTP Server

Use this command to download a configuration script from the TFTP server to the switch.

console#copy tftp://10.27.64.141/abc.scr script abc.scr

Mode...........................................	TFTP
Set TFTP Server IP.............................	10.27.64.141
TFTP Path......................................	./
TFTP Filename..................................	abc.scr
Data Type......................................	Config Script
Destination Filename...........................	abc.scr

Management access will be blocked for the duration of the transfer Are you sure you want to start? (y/n) y

193 bytes transferred

Validating configuration script...

configure

System Configuration		15

exit configure

logging web-session bridge aging-time 100 exit

Configuration script validated.

File transfer operation completed successfully.

Example #7: Validating a Script console#script validate abc.scr ip address dhcp

username "admin" password 16d7a4fca7442dda3ad93c9a726597e4 level 15 encrypted exit

Configuration script 'abc.scr' validated.

console#script apply abc.scr

Are you sure you want to apply the configuration script? (y/n)y

ip address dhcp

username "admin" password 16d7a4fca7442dda3ad93c9a726597e4 level 15 encrypted exit

Configuration script 'abc.scr' applied.

Outbound Telnet

Overview

Outbound telnet:

•Establishes an outbound telnet connection between a device and a remote host.

•When a telnet connection is initiated, each side of the connection is assumed to originate and terminate at a “Network Virtual Terminal” (NVT).

•Server and user hosts do not maintain information about the characteristics of each other’s terminals and terminal handling conventions.

•Must use a valid IP address.

16 System Configuration

CLI Examples

The following are examples of the commands used in the outbound telnet feature.

Example #1: Connecting to Another System by Using Telnet console#telnet 192.168.77.151

Trying 192.168.77.151...

console#

User:admin

Password:

(Dell PC62XX Routing) >enable Password:

console#show ip interface

Management Interface:

IP Address.....................................			10.27.65.89
Subnet Mask....................................			255.255.254.0
Default Gateway................................			10.27.64.1
Burned In MAC Address..........................			00FF.F2A3.6688
Network Configuration Protocol Current.........			DHCP
Management VLAN ID.............................			4086
Routing Interfaces:
			Netdir	Multi
Interface	IP Address	IP Mask	Bcast	CastFwd
----------	--------------- --------------- -------- --------

Simple Network Time Protocol (SNTP)

Overview

The SNTP implementation has the following features:

•Used for synchronizing network resources

•Adaptation of NTP

•Provides synchronized network timestamp

•Can be used in broadcast or unicast mode

•SNTP client implemented over UDP that listens on port 123

System Configuration		17

CLI Examples

The following are examples of the commands used in the SNTP feature.

Example #1: Viewing SNTP Options

(Dell PC62XX Routing)(Config) #sntp ?

console(config)#sntp ?

authenticate	Require authentication for received Network Time
	Protocol (NTP)	traffic from servers.
authentication-key	Define an authentication key for Simple Network Time
	Protocol (SNTP).
broadcast	Configure SNTP	client broadcast parameters.
client	Configure the SNTP client parameters.
server	Configure SNTP	server parameters.
trusted-key	Authenticate the identity of a system to which
	SNTP will synchronize.
unicast	Configure SNTP	client unicast parameters.

Example #2: Configuring the SNTP Server console(config)#sntp server ?

<ipaddress/domain-name> Enter SNTP server address or the domain name.

console(config)#sntp server 192.168.10.25 ?

key	Authentication	key to	use when sending packets to
	this peer.
poll	Enable/Disable	SNTP server		polling.
priority	Configure SNTP	server	priority.
<cr>	Press enter to	execute the		command.

console(config)#sntp server 192.168.10.25

18 System Configuration

Example #3: Viewing SNTP Information console#show sntp ?

configuration	Show the configuration of	the Simple Network Time
	Protocol (SNTP).
status	To show the status of the	Simple Network Time
	Protocol (SNTP).

console#show sntp configuration

Polling interval: 64 seconds

MD5 Authentication keys:

Authentication is not required for synchronization.

Trusted keys:

No trusted keys.

Unicast clients: Enable

Unicast servers:
Server	Key	Polling	Priority
---------	-----------	-----------	----------
192.168.0.1	Disabled	Enabled	1
console#show sntp status
Unicast servers:
Server	Status	Last response
---------	-----------	--------------------------
192.168.10.25	Unknown	00:00:00 Jan 1 1970

System Configuration		19

Syslog

Overview

Syslog:

•Allows you to store system messages and/or errors.

•Can store to local files on the switch or a remote server running a syslog daemon.

•Provides a method of collecting message logs from many systems.

Interpreting Log Files

Figure 2-1 describes the information that displays in log messages.

<130> JAN 01 00:00:06 0.0.0.0-1 UNKN [0x800023]: bootos.c(386) 4 %% Event (0xaaaaaaaa)

A B C D E F G H I

A.Priority

B.Timestamp

C.Stack ID

D.Component Name

E.Thread ID

F.File Name

G.Line Number

H Sequence Number

I.Message

Figure 2-1. Log Files Key

CLI Examples

The following are examples of the commands used in the Syslog feature.

Example #1: Viewing Logging Information console#show logging

Logging is enabled

Console Logging: level warning. Console Messages: 230 Dropped. Buffer Logging: level info. Buffer Messages: 230 Logged.

File Logging: level notActive. File Messages: 0 Dropped. CLI Command Logging : disabled

20 System Configuration

Web Session Logging : disabled

SNMP Set Command Logging : disabled 0 Messages were not logged.

Buffer Log:

<189> JAN 01 03:57:58 10.27.65.86-1 TRAPMGR[216282304]: traputil.c(908) 31 %% Instance 0 has elected a new STP root: 8000:00ff:f2a3:8888

<189> JAN 01 03:57:58 10.27.65.86-1 TRAPMGR[216282304]: traputil.c(908) 32 %% Instance 0 has elected a new STP root: 8000:0002:bc00:7e2c

<189> JAN 01 04:04:18 10.27.65.86-1 TRAPMGR[231781808]: traputil.c(908) 33 %% New Spanning Tree Root: 0, Unit: 1

<189> JAN 01 04:04:18 10.27.65.86-1 TRAPMGR[216282304]: traputil.c(908) 34 %% The unit 1 elected as the new STP root

Example #2: Viewing the Logging File

console#show logging file

Persistent	Logging	:	disabled
Persistent	Log Count	:	0

Example #5: Configuring Syslog Server

console(config)#logging ?

buffered	Buffered (In-Memory) Logging Configuration.
cli-command	CLI Command Logging Configuration.
console	Console Logging Configuration.
facility	Syslog Facility Configuration.
file	Configure logging file parameters.
on	Enable logging to all supporting destinations.
snmp	SNMP Set Command Logging Configuration.
web-session	Web Session Logging Configuration.
<ip-address\|hostname>	Configure syslog server IP address or Hostname up to
	63 characters in length

console(config)#logging 192.168.10.65

console(Config-logging)#?

description	Specify	syslog server description.
exit	To exit	from the mode.
level	Specify	logging level.
port	Specify	UDP port (default is 514).

console(Config-logging)#level ?

System Configuration		21

alert	Immediate action needed
critical	Critical conditions
debug	Debugging messages
emergency	System is unusable
error	Error conditions
info	Informational messages
notice	Normal but significant conditions
warning	Warning conditions

console(Config-logging)#level critical

Port Description

The Port Description feature lets you specify an alphanumeric interface identifier that can be used for SNMP network management.

CLI Example

Use the commands shown below for the Port Description feature.

Example #1: Enter a Description for a Port

This example specifies the name “Test” for port 1/g17:

console#configure console(config)#interface ethernet 1/g17 console(config-if-1/g17)#description Test console(config-if-1/g17)#exit console(config)#exit

Example #2: Show the Port Description

console#show interfaces description ethernet 1/g17

Port Description

---- ----------------------------------------------------------

1/g17 Test

22 System Configuration

Storm Control

A traffic storm occurs when incoming packets flood the LAN resulting in network performance degradation. The Storm Control feature protects against this condition.

The switch software provides broadcast, multicast, and unicast storm recovery for individual interfaces. Unicast Storm Control protects against traffic whose MAC addresses are not known by the system.

For broadcast, multicast, and unicast storm control, if the rate of traffic ingressing on an interface increases beyond the configured threshold for that type, the traffic is dropped.

To configure storm control, you will enable the feature for all interfaces or for individual interfaces, and you will set the threshold (storm control level) beyond which the broadcast, multicast, or unicast traffic will be dropped.

Configuring a storm-control level also enables that form of storm-control. Disabling a storm-control level (using the “no” version of the command) sets the storm-control level back to default value and disables that form of storm-control. Using the “no” version of the “storm-control” command (not stating a “level”) disables that form of storm-control but maintains the configured “level” (to be active next time that form of storm-control is enabled).

NOTE: The actual rate of ingress traffic required to activate storm-control is based on the size of incoming packets and the hard-coded average packet size of 512 bytes - used to calculate a packet-per-second (pps) rate - as the forwarding-plane requires pps versus an absolute rate Kbps. For example, if the configured limit is 10%, this is converted to ~25000 pps, and this pps limit is set in forwarding plane (hardware). You get the approximate desired output when 512bytes packets are used.

CLI Example

The following examples show how to configure the storm control feature an Ethernet interface. The interface number is 1/g17.

System Configuration		23

Example #1: Set Broadcast Storm Control for an Interface console#configure

console(config)#interface ethernet 1/g17

console(config-if-1/g17)#storm-control broadcast ?

<cr>	Press enter to execute the command.
level	Configure storm-control thresholds.

console(config-if-1/g17)#storm-control broadcast level ?

<rate>	Enter the storm-control threshold as percent of port
	speed. Percent of port speed is converted to
	PacketsPerSecond based on 512 byte average packet
	size and applied to HW. Refer to documentation for
	further details.

console(config-if-1/g17)#storm-control broadcast level 7

Example #2: Set Multicast Storm Control for an Interface console(config-if-1/g17)#storm-control multicast level 8

Example #3: Set Unicast Storm Control for an Interface

console(config-if-1/g17)#storm-control unicast level 5

24 System Configuration

Cable Diagnostics

This section describes:

•"Copper Port Cable Test" on page 25

•"Fiber Port Cable Test" on page 27

NOTE: Cable Diagnostics is supported on SFP/XFP ports but not on the Stacking/CX-4/SFP+/10GbaseT ports.

Copper Port Cable Test

The cable test feature enables you to determine the cable connection status on a selected port. The switch uses Time Domain Reflectometry (TDR) technology to determine the quality and characteristics of a copper cable attached to a port.

NOTE: The cable test feature is supported only for copper cable. it is not supported for optical fiber cable.

NOTE: The copper-related commands do not apply to the stacking, 10G BaseT, or CX-4 ports associated with these plug-in modules.

In privileged exec mode, enter test copper-port tdr unit/port to run the cable test on the specified port. One of the following statuses are returned:

•Normal: The cable is working correctly.

•Open: The cable is disconnected or there is a faulty connector.

•Short: There is an electrical short in the cable.

•Cable Test Failed: The cable status could not be determined. The cable may in fact be working.

The command also returns a cable length estimate if this feature is supported by the PHY for the current link speed. The length is displayed as the estimated length. Note that if the link is down and a cable is attached to a 10/100 Ethernet adapter, then the cable status may display as Open or Short because some Ethernet adapters leave unused wire pairs unterminated or grounded. Unknown is displayed if the cable length could not be determined.

If the port has an active link while the cable test is run, the link can go down for the duration of the test. The test may take several seconds to run.

To view cable status information for multiple ports, enter show copper-ports tdr. If the cable test has not been run on a port, the results indicate that the test has not been performed.

System Configuration		25

Example #1: Cable Test for Copper Ports console#test copper-port tdr 1/g1

Cable Status...................................			Short
Cable Length...................................			5m
console#show copper-ports tdr
Port	Result	Length [meters]	Date
-------	------	---------------	---------------------
1/g1	Short	9	Jan 01 1970 18:03:23
1/g2	Test has	not been performed
1/g3	Test has	not been performed
1/g4	Test has	not been performed
1/g5	Test has	not been performed
--More--	or (q)uit

NOTE: You can also run a cable test using the Web Interface. In the navigation tree, click System > Diagnostics.

Example #2: Show Copper Cable Length

Use the show copper-ports cable-length command in Privileged EXEC mode to display the estimated copper cable length attached to a port. The following example displays the estimated copper cable length attached to all ports.

console#show copper-ports cable-length

Port Length [meters]

-------------------

1/g1	<50
1/g2	Copper not active
1/g3	110-140
1/g4	Fiber

26 System Configuration

Example #3: Show Last Time Domain Reflectometry Tests

Use the show copper-ports tdr command in Privileged EXEC mode to display the last Time Domain Reflectometry (TDR) tests on specified ports.

The following example displays the last TDR tests on all ports.

console#show copper-ports tdr
Port	Result	Length [meters]	Date
----	--------	---------------	---------------
1/g1	OK
1/g2	Short	50	13:32:00 23	July 2004
1/g3	Test has not been preformed
1/g4	Open	128	13:32:08 23	July 2004
1/g5	Fiber	-	-

Fiber Port Cable Test

Example #1: Show Optical Transceiver Diagnostics

Use the show fiber-ports optical-transceiver command in Privileged EXEC mode to display the optical transceiver diagnostics.

NOTE: The show fiber ports command is only applicable to the SFP combo ports and XFP ports (not the ports on the SFP+ plug-in module).

The following example displays the optical transceiver diagnostics.

console#show fiber-ports optical-transceiver

Port	Temp	Voltage	Current	Output	Input	TX	LOS
				Power	Power	Fault
-----------	------	-------	-------	------	-----	-----	---
1/g3	w	OK	E	OK	OK	OK	OK
1/g4	OK	OK	OK	OK	OK	E	OK
1/g1	Copper

Temp - Internally measured transceiver temperature Voltage - Internally measured supply voltage Current - Measured TX bias current

Output Power - Measured TX output power in milliWatts Input Power - Measured RX received power in milliWatts TX Fault - Transmitter fault

LOS - Loss of signal

System Configuration		27

28 System Configuration

Switching Configuration

This section provides configuration scenarios for the following features:

•"Virtual LANs" on page 29

•"Voice VLAN" on page 37

•"IGMP Snooping" on page 40

•"IGMP Snooping Querier" on page 43

•"Link Aggregation/Port Channels" on page 45

•"Port Mirroring" on page 49

•"Port Security" on page 50

•"Link Layer Discovery Protocol" on page 52

•"Denial of Service Attack Protection" on page 54

•"DHCP Snooping" on page 56

•"sFlow" on page 67

Virtual LANs

Adding Virtual LAN (VLAN) support to a Layer 2 switch offers some of the benefits of both bridging and routing. Like a bridge, a VLAN switch forwards traffic based on the Layer 2 header, which is fast. Like a router, it partitions the network into logical segments, which provides better administration, security and management of multicast traffic.

A VLAN is a set of end stations and the switch ports that connect them. You can have many reasons for the logical division, for example, department or project membership. The only physical requirement is that the end station, and the port to which it is connected, both belong to the same VLAN.

Each VLAN in a network has an associated VLAN ID, which appears in the IEEE 802.1Q tag in the Layer 2 header of packets transmitted on a VLAN. An end station may omit the tag, or the VLAN portion of the tag, in which case the first switch port to receive the packet may either reject it or insert a tag using its default VLAN ID. A given port may handle traffic for more than one VLAN, but it can only support one default VLAN ID.

Two features let you define packet filters that the switch uses as the matching criteria to determine if a particular packet belongs to a particular VLAN.

Switching Configuration		29

Dell PowerConnect 6248 Quick Reference Guide

•The IP-subnet Based VLAN feature lets you map IP addresses to VLANs by specifying a source IP address, network mask, and the desired VLAN ID.

•The MAC-based VLAN feature let packets originating from end stations become part of a VLAN according to source MAC address. To configure the feature, you specify a source MAC address and a VLAN ID.

The Private Edge VLAN feature lets you set protection between ports located on the switch. This means that a protected port cannot forward traffic to another protected port on the same switch.

The feature does not provide protection between ports located on different switches.

For information about authenticated, unauthenticated, and guest VLANs, see "802.1X Authentication and VLANs" on page 109.

VLAN Configuration Example

The diagram in this section shows a switch with four ports configured to handle the traffic for two VLANs. Port 1/g18 handles traffic for both VLANs, while port 1/g17 is a member of VLAN 2 only, and ports 1/g19 and 1/g20 are members of VLAN 3 only. The script following the diagram shows the commands you would use to configure the switch as shown in the diagram.

Layer 3 Switch

Port 1/g17

Port 1/g20

Port 1/0/4

Port 1/0/1

VLAN33

VLAN 2

Port 1/g180/2

Port 1/g19

Port 1/0/3

VLANs2 &3

VLAN3 3

VLAN 2

VLAN 3

Figure 3-1. VLAN Example Network Diagram

30 Switching Configuration

+ 146 hidden pages

Dell PowerConnect 6248 Quick Reference Guide

Configuration Guide

Contents

About this Document

Organization

Additional Documentation

System Configuration

Traceroute

CLI Example

Configuration Scripting

Overview

Considerations

CLI Examples

Outbound Telnet

Overview

CLI Examples

Simple Network Time Protocol (SNTP)

Overview

CLI Examples

Syslog

Overview

CLI Examples

Port Description

CLI Example

Storm Control

CLI Example

Cable Diagnostics

Copper Port Cable Test

Fiber Port Cable Test

Switching Configuration

Virtual LANs

VLAN Configuration Example