Dell PowerConnect 7024, PowerConnect 7024F, PowerConnect 7024P, PowerConnect 7048, PowerConnect 7048P Owner's Manual
...Page 1
Dell PowerConnect
7000 Series Switch
User’s Configuration
Guide
Regulatory Models: PC7024, PC7024P,
PC7024F, PC7048, PC7048P, PC7048R, and
PC7048R-RA
Page 2
Notes and Cautions
NOTE: A NOTE indicates important information that helps you make better use of
your computer.
CAUTION: A CAUTION indicates potential damage to hardware or loss of data if
instructions are not followed.
____________
Information in this publication is subject to change without notice.
© 2013 Dell Inc. All rights reserved.
Reproduction of these materials in any manner whatsoever without the written permission of Dell Inc.
is strictly forbidden.
Trademarks used in this text: Dell™, the DELL logo, EqualLogic™, PowerConnect™, and
OpenManage™ are trademarks of Dell Inc. Microsoft
and Windows Vista
United States and/or other countries. sFlow
is a registered trademark of Cisco Systems. Mozilla
Mozilla Foundation.
Other trademarks and trade names may be used in this publication to refer to either the entities claiming
the marks and names or their products. Dell Inc. disclaims any proprietary interest in trademarks and
trade names other than its own.
®
are either trademarks or registered trademarks of Microsoft Corporation in the
®
is a registered trademark of InMon Corporation. Cisco®
®
, Windows®, Windows Server®, MS-DOS®,
®
and Firefox® are registered trademarks of the
Regulatory Models: PC7024, PC7024P, PC7024F, PC7048, PC7048P, PC7048R, and PC7048R-RA
January 2013 Rev. A05
Page 3
Contents
1 Introduction . . . . . . . . . . . . . . . . . . . . . . . 49
About This Document . . . . . . . . . . . . . . . . . . 49
Audience . . . . . . . . . . . . . . . . . . . . . . . . . 49
Document Conventions . . . . . . . . . . . . . . . . . 50
Additional Documentation
. . . . . . . . . . . . . . . . 50
2 Switch Features . . . . . . . . . . . . . . . . . . . 51
System Management Features . . . . . . . . . . . . . 52
Multiple Management Options
System Time Management . . . . . . . . . . . . . 52
Log Messages
Integrated DHCP Server . . . . . . . . . . . . . . 54
Management of Basic Network Information. . . . 54
IPv6 Management Features . . . . . . . . . . . . 54
Dual Software Images . . . . . . . . . . . . . . . 54
File Management
Switch Database Management Templates. . . . . 55
Automatic Installation of Firmware and
Configuration
sFlow . . . . . . . . . . . . . . . . . . . . . . . . 56
SNMP Alarms and Trap Logs . . . . . . . . . . . . 56
CDP Interoperability through ISDP
Remote Monitoring (RMON) . . . . . . . . . . . . 56
Stacking Features . . . . . . . . . . . . . . . . . . . . 57
High Port Count
. . . . . . . . . . . . . . . . . . . 53
. . . . . . . . . . . . . . . . . . 55
. . . . . . . . . . . . . . . . . . . . 55
. . . . . . . . . . . . . . . . . . . 57
. . . . . . . . . . . 52
. . . . . . . . . 56
Contents 3
Page 4
Single IP Management . . . . . . . . . . . . . . . 57
Automatic Firmware Update for New Stack
Members
. . . . . . . . . . . . . . . . . . . . . . 57
Stacking Compatibility with the PowerConnect
. . . . . . . . . . . . . . . . . . . . . . . . 57
M6348
Master Failover with Transparent Transition . . . . 58
Nonstop Forwarding on the Stack . . . . . . . . . 58
Hot Add/Delete and Firmware Synchronization . . 58
Security Features . . . . . . . . . . . . . . . . . . . . 58
Configurable Access and Authentication
. . . . . . . . . . . . . . . . . . . . . . . 58
Profiles
Password-Protected Management Access
. . . . 59
Strong Password Enforcement . . . . . . . . . . . 59
TACACS+ Client . . . . . . . . . . . . . . . . . . . 59
RADIUS Support
. . . . . . . . . . . . . . . . . . 59
SSH/SSL. . . . . . . . . . . . . . . . . . . . . . . 60
Inbound Telnet Control . . . . . . . . . . . . . . . 60
Denial of Service
. . . . . . . . . . . . . . . . . . 60
Port Protection . . . . . . . . . . . . . . . . . . . 60
Captive Portal . . . . . . . . . . . . . . . . . . . . 61
Dot1x Authentication (IEEE 802.1X)
. . . . . . . . . 61
MAC-Based 802.1X Authentication . . . . . . . . . 61
Dot1x Monitor Mode . . . . . . . . . . . . . . . . 62
MAC-Based Port Security
. . . . . . . . . . . . . 62
Access Control Lists (ACL) . . . . . . . . . . . . . 62
Time-Based ACLs
IP Source Guard (IPSG)
. . . . . . . . . . . . . . . . . . 63
. . . . . . . . . . . . . . . 63
DHCP Snooping . . . . . . . . . . . . . . . . . . . 63
Dynamic ARP Inspection . . . . . . . . . . . . . . 63
Protected Ports (Private VLAN Edge)
. . . . . . . . 64
4 Contents
Green Technology Features
Energy Detect Mode
Energy Efficient Ethernet
. . . . . . . . . . . . . . . 65
. . . . . . . . . . . . . . . . 65
. . . . . . . . . . . . . . 65
Page 5
Power Utilization Reporting . . . . . . . . . . . . 65
Power over Ethernet (PoE) Plus Features
. . . . . . . . 66
Power Over Ethernet (PoE) Plus Configuration
PoE Plus Support
Switching Features
Flow Control Support (IEEE 802.3x)
Head of Line Blocking Prevention
. . . . . . . . . . . . . . . . . . 66
. . . . . . . . . . . . . . . . . . . 66
. . . . . . . . . 66
. . . . . . . . . 66
Jumbo Frames Support . . . . . . . . . . . . . . . 67
Auto-MDI/MDIX Support . . . . . . . . . . . . . . 67
VLAN-Aware MAC-based Switching
. . . . . . . . 67
Back Pressure Support . . . . . . . . . . . . . . . 67
Auto Negotiation . . . . . . . . . . . . . . . . . . 68
Broadcast Storm Control
. . . . . . . . . . . . . . 68
Port Mirroring. . . . . . . . . . . . . . . . . . . . 68
Static and Dynamic MAC Address Tables . . . . . 69
Link Layer Discovery Protocol (LLDP)
. . . . . . . 69
Link Layer Discovery Protocol (LLDP) for
Media Endpoint Devices
. . . . . . . . . . . . . . 69
Connectivity Fault Management
(IEEE 802.1ag)
. . . . . . . . . . . . . . . . . . . . 69
switchCisco Protocol Filtering . . . . . . . . . . . 70
DHCP Layer 2 Relay
. . . . . . . . . . . . . . . . . 70
. . 66
Virtual Local Area Network Supported Features
VLAN Support
Port-Based VLANs
. . . . . . . . . . . . . . . . . . . . 70
. . . . . . . . . . . . . . . . . 70
IP Subnet-based VLAN . . . . . . . . . . . . . . . 71
MAC-based VLAN . . . . . . . . . . . . . . . . . 71
IEEE 802.1v Protocol-Based VLANs
. . . . . . . . 71
GARP and GVRP Support . . . . . . . . . . . . . . 71
Voice VLAN . . . . . . . . . . . . . . . . . . . . . 71
Guest VLAN
. . . . . . . . . . . . . . . . . . . . . 72
Double VLANs . . . . . . . . . . . . . . . . . . . 72
Contents 5
. . . . 70
Page 6
Spanning Tree Protocol Features . . . . . . . . . . . . 73
Spanning Tree Protocol (STP)
. . . . . . . . . . . 73
Spanning Tree Port Settings . . . . . . . . . . . . 73
Rapid Spanning Tree . . . . . . . . . . . . . . . . 73
Multiple Spanning Tree
. . . . . . . . . . . . . . . 73
Bridge Protocol Data Unit (BPDU) Guard. . . . . . 74
BPDU Filtering . . . . . . . . . . . . . . . . . . . 74
Link Aggregation Features
Link Aggregation
Link Aggregate Control Protocol (LACP)
Routing Features
. . . . . . . . . . . . . . . . . . . . . 76
. . . . . . . . . . . . . . . . 74
. . . . . . . . . . . . . . . . . . 74
. . . . . . 74
Address Resolution Protocol (ARP) Table
Management . . . . . . . . . . . . . . . . . . . . 76
VLAN Routing . . . . . . . . . . . . . . . . . . . . 76
IP Configuration . . . . . . . . . . . . . . . . . . . 76
Open Shortest Path First (OSPF)
. . . . . . . . . . 76
BOOTP/DHCP Relay Agent . . . . . . . . . . . . . 77
IP Helper and UDP Relay . . . . . . . . . . . . . . 77
Routing Information Protocol . . . . . . . . . . . . 77
Router Discovery . . . . . . . . . . . . . . . . . . 77
Routing Table
. . . . . . . . . . . . . . . . . . . . 77
Virtual Router Redundancy Protocol (VRRP) . . . . 78
Tunnel and Loopback Interfaces . . . . . . . . . . 78
IPv6 Routing Features . . . . . . . . . . . . . . . . . . 78
IPv6 Configuration
. . . . . . . . . . . . . . . . . 78
IPv6 Routes . . . . . . . . . . . . . . . . . . . . . 79
. . . . . . . . . . . . . . . . . . . . . . . 79
OSPFv3
DHCPv6 . . . . . . . . . . . . . . . . . . . . . . . 79
6 Contents
Quality of Service (QoS) Features . . . . . . . . . . . . 80
Differentiated Services (DiffServ)
. . . . . . . . . 80
Class Of Service (CoS) . . . . . . . . . . . . . . . 80
Page 7
Auto Voice over IP (VoIP) . . . . . . . . . . . . . . 80
Internet Small Computer System Interface
(iSCSI) Optimization
. . . . . . . . . . . . . . . . . 81
Layer 2 Multicast Features . . . . . . . . . . . . . . . 81
MAC Multicast Support
. . . . . . . . . . . . . . . 81
IGMP Snooping . . . . . . . . . . . . . . . . . . . 81
IGMP Snooping Querier
. . . . . . . . . . . . . . 82
MLD Snooping . . . . . . . . . . . . . . . . . . . 82
Multicast VLAN Registration . . . . . . . . . . . . 82
Layer 3 Multicast Features . . . . . . . . . . . . . . . 83
Distance Vector Multicast Routing Protocol
. . . . 83
Internet Group Management Protocol . . . . . . . 83
IGMP Proxy
. . . . . . . . . . . . . . . . . . . . . 83
Protocol Independent Multicast—Dense
. . . . . . . . . . . . . . . . . . . . . . . . 83
Mode
Protocol Independent Multicast—Sparse
. . . . . . . . . . . . . . . . . . . . . . . . 84
Mode
Protocol Independent Multicast—Source
Specific Multicast
. . . . . . . . . . . . . . . . . 84
Protocol Independent Multicast IPv6 Support . . . 84
MLD/MLDv2 (RFC2710/RFC3810) . . . . . . . . . . 84
3 Hardware Overview. . . . . . . . . . . . . . . . . 85
PowerConnect 7000 Series Front Panel . . . . . . . . . 85
Switch Ports
Console Port . . . . . . . . . . . . . . . . . . . . 89
Out-of-Band Management Port
USB Port . . . . . . . . . . . . . . . . . . . . . . 89
Reset Button . . . . . . . . . . . . . . . . . . . . 90
Port and System LEDs . . . . . . . . . . . . . . . 90
Stack Master LED and Stack Number Display . . . 90
. . . . . . . . . . . . . . . . . . . . 88
. . . . . . . . . . 89
Contents 7
Page 8
PowerConnect 7000 Series Back Panel . . . . . . . . . 90
Expansion Slots for Plug-in Modules
. . . . . . . . 92
Power Supplies . . . . . . . . . . . . . . . . . . . 93
Ventilation System . . . . . . . . . . . . . . . . . 94
Locator LED
. . . . . . . . . . . . . . . . . . . . . 94
LED Definitions
Port LEDs
Module LEDs
System LEDs
. . . . . . . . . . . . . . . . . . . . . . 95
. . . . . . . . . . . . . . . . . . . . . . 95
. . . . . . . . . . . . . . . . . . . . 97
. . . . . . . . . . . . . . . . . . . . 99
Switch Addresses . . . . . . . . . . . . . . . . . . . 100
4 Using Dell OpenManage Switch
Administrator . . . . . . . . . . . . . . . . . . . . 103
About Dell OpenManage Switch Administrator. . . . 103
Starting the Application . . . . . . . . . . . . . . . . 104
Understanding the Interface
Defining Fields . . . . . . . . . . . . . . . . . . . . . 107
Understanding the Device View . . . . . . . . . . . . 108
Using the Device View Port Features
Using the Device View Switch Locator
. . . . . . . . . . . . . . . . . . . . . . 108
Feature
. . . . . . . . . . . . . . 105
. . . . . . . 108
5 Using the Command-Line Interface . . . . 109
8 Contents
Accessing the Switch Through the CLI . . . . . . . . 109
Console Connection
. . . . . . . . . . . . . . . . 109
Telnet Connection. . . . . . . . . . . . . . . . . 110
Page 9
Understanding Command Modes . . . . . . . . . . . . 111
Entering CLI Commands
Using the Question Mark to Get Help
Using Command Completion
. . . . . . . . . . . . . . . . . 113
. . . . . . . 113
. . . . . . . . . . . . 114
Entering Abbreviated Commands . . . . . . . . . 114
Negating Commands . . . . . . . . . . . . . . . . 114
Understanding Error Messages
. . . . . . . . . . 115
Recalling Commands from the History Buffer . . . 115
6 Default Settings. . . . . . . . . . . . . . . . . . . 117
7 Setting the IP Address and Other
Basic Network Information . . . . . . . . . . 121
IP Address and Network Information Overview . . . . 121
What Is the Basic Network Information?
Why Is Basic Network Information Needed? . . . 122
How Is Basic Network Information
Configured?
. . . . . . . . . . . . . . . . . . . . . 123
What Is Out-of-Band Management and
In-Band Management?
. . . . . . . . . . . . . . . 123
. . . . . 121
Default Network Information
. . . . . . . . . . . . . . 125
Configuring Basic Network Information (Web) . . . . . 126
Out-of-Band Interface
. . . . . . . . . . . . . . . 126
IP Interface Configuration (Default VLAN IP
Address)
. . . . . . . . . . . . . . . . . . . . . . 127
Route Entry Configuration (Switch Default
Gateway)
Domain Name Server
Default Domain Name
. . . . . . . . . . . . . . . . . . . . . . 128
. . . . . . . . . . . . . . . . 130
. . . . . . . . . . . . . . . 131
Host Name Mapping . . . . . . . . . . . . . . . . 132
Contents 9
Page 10
Dynamic Host Name Mapping . . . . . . . . . . 133
Configuring Basic Network Information (CLI)
Enabling the DHCP Client on the OOB Port
Enabling the DHCP Client on the Default VLAN
. . . . . 134
. . . . 134
. 134
Managing DHCP Leases . . . . . . . . . . . . . 135
Configuring Static Network Information on the
OOB Port
. . . . . . . . . . . . . . . . . . . . . 136
Configuring Static Network Information on the
Default VLAN
. . . . . . . . . . . . . . . . . . . 136
Configuring and Viewing Additional Network
Information
. . . . . . . . . . . . . . . . . . . . 137
Basic Network Information Configuration Example . 138
8 Managing a Switch Stack . . . . . . . . . . . 141
Stacking Overview . . . . . . . . . . . . . . . . . . . 141
PowerConnect 7000 Series and M6348
Stacking Compatibility
How is the Stack Master Selected? . . . . . . . 143
Adding a Switch to the Stack
Removing a Switch from the Stack . . . . . . . . 146
How is the Firmware Updated on the Stack? . . . 146
What is Stacking Standby?
What is Nonstop Forwarding? . . . . . . . . . . 147
Switch Stack MAC Addressing and Stack
Design Considerations
NSF Network Design Considerations. . . . . . . 150
Why is Stacking Needed? . . . . . . . . . . . . 151
. . . . . . . . . . . . . . 143
. . . . . . . . . . . 145
. . . . . . . . . . . . 147
. . . . . . . . . . . . . . 150
10 Contents
Default Stacking Values . . . . . . . . . . . . . . . . 151
Managing and Monitoring the Stack (Web) . . . . . . 152
Unit Configuration
. . . . . . . . . . . . . . . . . 152
Stack Summary . . . . . . . . . . . . . . . . . . 154
Page 11
Stack Firmware Synchronization . . . . . . . . . . 155
Supported Switches . . . . . . . . . . . . . . . . 156
Stack Port Summary . . . . . . . . . . . . . . . . 157
Stack Port Counters
. . . . . . . . . . . . . . . . 158
Stack Port Diagnostics . . . . . . . . . . . . . . . 158
NSF Summary. . . . . . . . . . . . . . . . . . . . 159
Checkpoint Statistics
. . . . . . . . . . . . . . . . 160
Managing the Stack (CLI)
. . . . . . . . . . . . . . . . 161
Configuring Stack Member, Stack Port, and
NSF Settings . . . . . . . . . . . . . . . . . . . . 161
Viewing and Clearing Stacking and NSF
Information
. . . . . . . . . . . . . . . . . . . . . 163
Stacking and NSF Usage Scenarios. . . . . . . . . . . 163
Basic Failover
. . . . . . . . . . . . . . . . . . . . 164
Preconfiguring a Stack Member . . . . . . . . . . 166
NSF in the Data Center
NSF and VoIP
. . . . . . . . . . . . . . . . . . . . 169
. . . . . . . . . . . . . . . 168
NSF and DHCP Snooping . . . . . . . . . . . . . . 170
NSF and the Storage Access Network . . . . . . . 171
NSF and Routed Access . . . . . . . . . . . . . . 173
9 Configuring Authentication,
Authorization, and Accounting . . . . . . . 175
AAA Overview . . . . . . . . . . . . . . . . . . . . . . 175
Methods
Access Lines . . . . . . . . . . . . . . . . . . . . 177
. . . . . . . . . . . . . . . . . . . . . . 176
Authentication . . . . . . . . . . . . . . . . . . . . . . 177
Authorization. . . . . . . . . . . . . . . . . . . . . . . 178
Exec Authorization Capabilities
. . . . . . . . . . 179
Contents 11
Page 12
Accounting . . . . . . . . . . . . . . . . . . . . . . . 180
Authentication Examples
Local Authentication Example
TACACS+ Authentication Example
. . . . . . . . . . . . . . . 181
. . . . . . . . . . 181
. . . . . . . . 182
RADIUS Authentication Example . . . . . . . . . 184
Authorization Examples . . . . . . . . . . . . . . . . 185
Local Authorization Example—Direct Login
to Privileged EXEC Mode
. . . . . . . . . . . . . 185
TACACS+ Authorization Example—Direct Login
to Privileged EXEC Mode
. . . . . . . . . . . . . 185
TACACS+ Authorization Example—
Administrative Profiles
. . . . . . . . . . . . . . 186
TACACS+ Authorization Example—Custom
Administrative Profile
. . . . . . . . . . . . . . . 187
TACACS+ Authorization Example—
Per-command Authorization
. . . . . . . . . . . 188
RADIUS Authorization Example—Direct Login
to Privileged EXEC Mode
. . . . . . . . . . . . . 189
RADIUS Authorization Example—
Administrative Profiles
. . . . . . . . . . . . . . 189
Using RADIUS Servers to Control Management
. . . . . . . . . . . . . . . . . . . . . . . . . 190
Access
How Does RADIUS Control Management
Access?
. . . . . . . . . . . . . . . . . . . . . . 190
Which RADIUS Attributes Does the Switch
Support?
. . . . . . . . . . . . . . . . . . . . . . 192
How Are RADIUS Attributes Processed on
the Switch?
. . . . . . . . . . . . . . . . . . . . 194
12 Contents
Using TACACS+ Servers to Control Management
Access
. . . . . . . . . . . . . . . . . . . . . . . . . 195
Which TACACS+ Attributes Does the Switch
Support?
. . . . . . . . . . . . . . . . . . . . . . 196
Page 13
Default Configurations. . . . . . . . . . . . . . . . . . 197
Method Lists
. . . . . . . . . . . . . . . . . . . . 197
Access Lines (AAA) . . . . . . . . . . . . . . . . 197
Access Lines (Non-AAA). . . . . . . . . . . . . . 198
Administrative Profiles
. . . . . . . . . . . . . . . 198
10 Monitoring and Logging System
Information . . . . . . . . . . . . . . . . . . . . . . 201
System Monitoring Overview . . . . . . . . . . . . . . 201
What System Information Is Monitored?
Why Is System Information Needed? . . . . . . . 202
Where Are Log Messages Sent? . . . . . . . . . . 202
What Are the Severity Levels?
. . . . . . . . . . . 203
What Are the System Startup and Operation
Logs?
. . . . . . . . . . . . . . . . . . . . . . . . 203
What Is the Log Message Format? . . . . . . . . . 204
What Factors Should Be Considered When
Configuring Logging?
. . . . . . . . . . . . . . . . 205
. . . . . . 201
Default Log Settings
. . . . . . . . . . . . . . . . . . . 205
Monitoring System Information and Configuring
Logging (Web)
Device Information
System Health
System Resources
Unit Power Usage History
. . . . . . . . . . . . . . . . . . . . . . 207
. . . . . . . . . . . . . . . . . 207
. . . . . . . . . . . . . . . . . . . 209
. . . . . . . . . . . . . . . . . 210
. . . . . . . . . . . . . 211
Integrated Cable Test for Copper Cables . . . . . . 212
Optical Transceiver Diagnostics
Log Global Settings
. . . . . . . . . . . . . . . . . 215
. . . . . . . . . . 213
RAM Log . . . . . . . . . . . . . . . . . . . . . . 216
Log File . . . . . . . . . . . . . . . . . . . . . . . 217
Remote Log Server . . . . . . . . . . . . . . . . . 217
Email Alert Global Configuration . . . . . . . . . . 220
Contents 13
Page 14
Email Alert Mail Server Configuration . . . . . . 221
Email Alert Subject Configuration . . . . . . . . 223
Email Alert To Address Configuration. . . . . . . 224
Email Alert Statistics . . . . . . . . . . . . . . . 225
Monitoring System Information and Configuring
Logging (CLI)
. . . . . . . . . . . . . . . . . . . . . . 226
Viewing System Information and Enabling
the Locator LED
Running Cable Diagnostics
. . . . . . . . . . . . . . . . . . 226
. . . . . . . . . . . . 226
Configuring Local Logging . . . . . . . . . . . . 227
Configuring Remote Logging . . . . . . . . . . . 229
Configuring Mail Server Settings. . . . . . . . . 230
Configuring Email Alerts for Log Messages . . . 231
Logging Configuration Examples
Configuring Local and Remote Logging
Configuring Email Alerting
. . . . . . . . . . . 233
. . . . . 233
. . . . . . . . . . . . 234
11 Managing General System Settings . . . 239
System Settings Overview. . . . . . . . . . . . . . . 239
Why Does System Information Need to
Be Configured? . . . . . . . . . . . . . . . . . . 240
What Are SDM Templates? . . . . . . . . . . . . 241
Why is the System Time Needed?
How Does SNTP Work?
. . . . . . . . . . . . . . 242
What Configuration Is Required for Plug-In
Modules?
. . . . . . . . . . . . . . . . . . . . . 243
What Are the Key PoE Plus Features for the
PC7024P and PC7048P?
. . . . . . . . . . . . . . 243
Default General System Information . . . . . . . . . 245
Configuring General System Settings (Web)
System Information
. . . . . . . . . . . . . . . . 246
. . . . . . . . 242
. . . . . 246
14 Contents
Page 15
CLI Banner . . . . . . . . . . . . . . . . . . . . . 249
SDM Template Preference
. . . . . . . . . . . . . 250
Clock . . . . . . . . . . . . . . . . . . . . . . . . 251
SNTP Global Settings . . . . . . . . . . . . . . . . 252
SNTP Authentication
. . . . . . . . . . . . . . . . 253
SNTP Server . . . . . . . . . . . . . . . . . . . . 255
Summer Time Configuration . . . . . . . . . . . . 259
Time Zone Configuration . . . . . . . . . . . . . . 260
Card Configuration . . . . . . . . . . . . . . . . . 261
Slot Summary . . . . . . . . . . . . . . . . . . . . 262
Supported Cards . . . . . . . . . . . . . . . . . . 263
Power Over Ethernet Global Configuration
(7024P/7048P Only)
. . . . . . . . . . . . . . . . . 264
Power Over Ethernet Interface Configuration
(7024P/7048P Only)
. . . . . . . . . . . . . . . . . 265
Configuring System Settings (CLI)
Configuring System Information
Configuring the Banner
Managing the SDM Template
. . . . . . . . . . . . 267
. . . . . . . . . . 267
. . . . . . . . . . . . . . . 268
. . . . . . . . . . . 269
Configuring SNTP Authentication and an
SNTP Server
Setting the System Time and Date Manually
Configuring the Expansion Slots
Configuring PoE Settings (7024P/7048P Only)
General System Settings Configuration Examples
Configuring System and Banner Information
Configuring SNTP
Configuring the Time Manually
. . . . . . . . . . . . . . . . . . . . 269
. . . . 271
. . . . . . . . . . 272
. . . 273
. . . 276
. . . 276
. . . . . . . . . . . . . . . . . . 279
. . . . . . . . . . . 281
12 Configuring SNMP . . . . . . . . . . . . . . . . . 283
SNMP Overview . . . . . . . . . . . . . . . . . . . . . 283
What Is SNMP?
. . . . . . . . . . . . . . . . . . . 283
Contents 15
Page 16
What Are SNMP Traps? . . . . . . . . . . . . . 284
Why Is SNMP Needed?. . . . . . . . . . . . . . 285
Default SNMP Values . . . . . . . . . . . . . . . . . 285
Configuring SNMP (Web)
SNMP Global Parameters
SNMP View Settings
Access Control Group
. . . . . . . . . . . . . . . 287
. . . . . . . . . . . . 287
. . . . . . . . . . . . . . . 288
. . . . . . . . . . . . . . 290
SNMPv3 User Security Model (USM) . . . . . . 292
Communities . . . . . . . . . . . . . . . . . . . 295
Notification Filter
. . . . . . . . . . . . . . . . . 297
Notification Recipients . . . . . . . . . . . . . . 298
Trap Flags . . . . . . . . . . . . . . . . . . . . . 301
OSPFv2 Trap Flags
. . . . . . . . . . . . . . . . 302
OSPFv3 Trap Flags . . . . . . . . . . . . . . . . 303
Trap Log . . . . . . . . . . . . . . . . . . . . . . 304
Configuring SNMP (CLI) . . . . . . . . . . . . . . . . 305
Configuring the SNMPv3 Engine ID
. . . . . . . . 305
Configuring SNMP Views, Groups, and Users . . 306
Configuring Communities
. . . . . . . . . . . . . 309
Configuring SNMP Notifications (Traps and
Informs)
. . . . . . . . . . . . . . . . . . . . . . 311
SNMP Configuration Examples . . . . . . . . . . . . 314
Configuring SNMPv1 and SNMPv2
Configuring SNMPv3
. . . . . . . . . . . . . . . 315
. . . . . . . . 314
13 Managing Images and Files. . . . . . . . . . 319
16 Contents
Image and File Management Overview . . . . . . . . 319
What Files Can Be Managed?
. . . . . . . . . . 319
Why Is File Management Needed?. . . . . . . . 321
Page 17
What Methods Are Supported for File
Management?
. . . . . . . . . . . . . . . . . . . 323
What Factors Should Be Considered When
Managing Files?
. . . . . . . . . . . . . . . . . . 323
How Is the Running Configuration Saved?. . . . . 325
Managing Images and Files (Web) . . . . . . . . . . . 326
File System
. . . . . . . . . . . . . . . . . . . . . 326
Active Images . . . . . . . . . . . . . . . . . . . 327
USB Flash Drive. . . . . . . . . . . . . . . . . . . 328
File Download
. . . . . . . . . . . . . . . . . . . . 329
File Upload . . . . . . . . . . . . . . . . . . . . . 331
Copy Files . . . . . . . . . . . . . . . . . . . . . . 333
Managing Images and Files (CLI)
. . . . . . . . . . . . 334
Downloading and Activating a New Image
(TFTP) . . . . . . . . . . . . . . . . . . . . . . . . 334
Managing Files in Internal Flash . . . . . . . . . . 335
Managing Files on a USB Flash Device . . . . . . 336
Uploading a Configuration File (SCP)
Managing Configuration Scripts (SFTP)
. . . . . . . . 336
. . . . . . 337
File and Image Management Configuration
Examples
. . . . . . . . . . . . . . . . . . . . . . . . . 338
Upgrading the Firmware
. . . . . . . . . . . . . . 338
Managing Configuration Scripts . . . . . . . . . . 341
Managing Files by Using the USB Flash Drive
14 Automatically Updating the Image
and Configuration . . . . . . . . . . . . . . . . . 345
Auto Configuration Overview . . . . . . . . . . . . . . 345
What Is USB Auto Configuration?
What Files Does USB Auto Configuration
. . . . . . . . . . . . . . . . . . . . . . . . . 346
Use?
. . . . . . . . . 346
. . . 343
Contents 17
Page 18
How Does USB Auto Configuration Use the
Files on the USB Device?
. . . . . . . . . . . . . 348
What Is the Setup File Format? . . . . . . . . . . 349
What Is the DHCP Auto Configuration
Process?
. . . . . . . . . . . . . . . . . . . . . 350
Monitoring and Completing the DHCP
Auto Configuration Process
. . . . . . . . . . . 355
What Are the Dependencies for DHCP
Auto Configuration?
. . . . . . . . . . . . . . . . 356
Default Auto Configuration Values
. . . . . . . . . . 357
Managing Auto Configuration (Web) . . . . . . . . . 358
Auto-Install Configuration
. . . . . . . . . . . . 358
Managing Auto Configuration (CLI) . . . . . . . . . . 359
Managing Auto Configuration
Auto Configuration Example
. . . . . . . . . . 359
. . . . . . . . . . . . . . 360
Enabling USB Auto Configuration and Auto
Image Download . . . . . . . . . . . . . . . . . 360
Enabling DHCP Auto Configuration and Auto
Image Download
. . . . . . . . . . . . . . . . . 362
15 Monitoring Switch Traffic . . . . . . . . . . . 363
Traffic Monitoring Overview. . . . . . . . . . . . . . 363
What is sFlow Technology?
What is RMON?
. . . . . . . . . . . . . . . . . . 366
What is Port Mirroring?
Why is Traffic Monitoring Needed? . . . . . . . 368
Default Traffic Monitoring Values . . . . . . . . . . . 368
. . . . . . . . . . . . 363
. . . . . . . . . . . . . . 367
18 Contents
Monitoring Switch Traffic (Web)
sFlow Agent Summary
. . . . . . . . . . . . . . 369
. . . . . . . . . . . 369
Page 19
sFlow Receiver Configuration . . . . . . . . . . . 370
sFlow Sampler Configuration
. . . . . . . . . . . . 371
sFlow Poll Configuration . . . . . . . . . . . . . . 372
Interface Statistics . . . . . . . . . . . . . . . . . 373
Etherlike Statistics
. . . . . . . . . . . . . . . . . 374
GVRP Statistics . . . . . . . . . . . . . . . . . . . 375
EAP Statistics. . . . . . . . . . . . . . . . . . . . 376
Utilization Summary
. . . . . . . . . . . . . . . . 377
Counter Summary. . . . . . . . . . . . . . . . . . 378
Switchport Statistics . . . . . . . . . . . . . . . . 379
RMON Statistics
. . . . . . . . . . . . . . . . . . 380
RMON History Control Statistics . . . . . . . . . . 381
RMON History Table . . . . . . . . . . . . . . . . 383
RMON Event Control . . . . . . . . . . . . . . . . 384
RMON Event Log . . . . . . . . . . . . . . . . . . 386
RMON Alarms
. . . . . . . . . . . . . . . . . . . 387
Port Statistics. . . . . . . . . . . . . . . . . . . . 389
LAG Statistics. . . . . . . . . . . . . . . . . . . . 390
Port Mirroring
. . . . . . . . . . . . . . . . . . . . 391
Monitoring Switch Traffic (CLI) . . . . . . . . . . . . . 393
Configuring sFlow
. . . . . . . . . . . . . . . . . . 393
Configuring RMON . . . . . . . . . . . . . . . . . 395
Viewing Statistics
. . . . . . . . . . . . . . . . . . 397
Configuring Port Mirroring . . . . . . . . . . . . . 398
Traffic Monitoring Configuration Examples. . . . . . . 399
Configuring sFlow
. . . . . . . . . . . . . . . . . . 399
Configuring RMON . . . . . . . . . . . . . . . . . 401
16 Configuring iSCSI Optimization . . . . . . . 403
iSCSI Optimization Overview . . . . . . . . . . . . . . 403
What Does iSCSI Optimization Do?
. . . . . . . . . 404
Contents 19
Page 20
How Does the Switch Detect iSCSI Traffic
. . . . . . . . . . . . . . . . . . . . . . . 404
Flows?
How Is Quality of Service Applied to iSCSI
Traffic Flows?
. . . . . . . . . . . . . . . . . . . 404
How Does iSCSI Optimization Use ACLs? . . . . 405
What Information Does the Switch Track in
iSCSI Traffic Flows?
. . . . . . . . . . . . . . . . 405
How Does iSCSI Optimization Interact With
Dell EqualLogic Arrays?
. . . . . . . . . . . . . . 407
What Occurs When iSCSI Optimization Is
Enabled or Disabled?
. . . . . . . . . . . . . . . 407
How Does iSCSI Optimization Interact with
Dell Compellent Arrays?
. . . . . . . . . . . . . 408
Default iSCSI Optimization Values . . . . . . . . . . 409
Configuring iSCSI Optimization (Web)
iSCSI Global Configuration
iSCSI Targets Table
iSCSI Sessions Table
. . . . . . . . . . . . . . . . 411
. . . . . . . . . . . . . . . 412
. . . . . . . . . 410
. . . . . . . . . . . . 410
iSCSI Sessions Detailed . . . . . . . . . . . . . 413
Configuring iSCSI Optimization (CLI) . . . . . . . . . 414
iSCSI Optimization Configuration Examples
. . . . . 416
Configuring iSCSI Optimization Between
Servers and a Disk Array . . . . . . . . . . . . . 416
17 Configuring Captive Portal . . . . . . . . . . 419
Captive Portal Overview . . . . . . . . . . . . . . . . 419
What Does Captive Portal Do?
Is the Captive Portal Feature Dependent
on Any Other Feature?
What Factors Should Be Considered When
Designing and Configuring a Captive Portal?
How Does Captive Portal Work? . . . . . . . . . 422
. . . . . . . . . . 419
. . . . . . . . . . . . . . 420
. . . 421
20 Contents
Page 21
What Captive Portal Pages Can Be
Customized?
. . . . . . . . . . . . . . . . . . . . 423
Default Captive Portal Behavior and Settings . . . . . 424
Configuring the Captive Portal (Web)
Captive Portal Global Configuration
Captive Portal Configuration
Local User
User Group
Interface Association
. . . . . . . . . . . . . . . . . . . . . 432
. . . . . . . . . . . . . . . . . . . . . 436
. . . . . . . . . . . . . . . . 438
. . . . . . . . . . 426
. . . . . . . . 426
. . . . . . . . . . . . 427
Captive Portal Global Status . . . . . . . . . . . . 439
Captive Portal Activation and Activity Status . . . 440
Interface Activation Status. . . . . . . . . . . . . 441
Interface Capability Status . . . . . . . . . . . . . 442
Client Summary . . . . . . . . . . . . . . . . . . . 443
Client Detail . . . . . . . . . . . . . . . . . . . . . 444
Captive Portal Interface Client Status
. . . . . . . 445
Captive Portal Client Status . . . . . . . . . . . . 446
Configuring Captive Portal (CLI) . . . . . . . . . . . . . 447
Configuring Global Captive Portal Settings
. . . . . 447
Creating and Configuring a Captive Portal . . . . . 448
Configuring Captive Portal Groups and Users . . . 451
Managing Captive Portal Clients . . . . . . . . . . 452
Captive Portal Configuration Example . . . . . . . . . 453
Configuration Overview
Detailed Configuration Procedures
. . . . . . . . . . . . . . . 454
. . . . . . . . 455
18 Configuring Port Characteristics . . . . . 457
Port Overview . . . . . . . . . . . . . . . . . . . . . . 457
What Physical Port Characteristics Can
Be Configured?
. . . . . . . . . . . . . . . . . . . 457
Contents 21
Page 22
What is Link Dependency? . . . . . . . . . . . . 458
What Interface Types are Supported? . . . . . . 460
What is Interface Configuration Mode? . . . . . 460
What Are the Green Ethernet Features? . . . . . 462
Default Port Values. . . . . . . . . . . . . . . . . . . 463
Configuring Port Characteristics (Web)
Port Configuration
. . . . . . . . . . . . . . . . . 464
Link Dependency Configuration
. . . . . . . . 464
. . . . . . . . . 467
Link Dependency Summary . . . . . . . . . . . . 469
Port Green Ethernet Configuration . . . . . . . . 470
Port Green Ethernet Statistics
. . . . . . . . . . 471
Port Green Ethernet LPI History . . . . . . . . . 474
Configuring Port Characteristics (CLI). . . . . . . . . 475
Configuring Port Settings
. . . . . . . . . . . . . 475
Configuring Link Dependencies . . . . . . . . . 476
Configuring Green Features . . . . . . . . . . . 477
Port Configuration Examples . . . . . . . . . . . . . 479
Configuring Port Settings
. . . . . . . . . . . . . 479
Configuring a Link Dependency Groups . . . . . 480
19 Configuring Port and System
Security . . . . . . . . . . . . . . . . . . . . . . . . . 481
IEEE 802.1X . . . . . . . . . . . . . . . . . . . . . . . 482
What is IEEE 802.1X?
What are the 802.1X Port States?
What is MAC-Based 802.1X Authentication?. . . 484
What is the Role of 802.1X in VLAN
Assignment?
What is Monitor Mode?. . . . . . . . . . . . . . 487
. . . . . . . . . . . . . . . 482
. . . . . . . . . 483
. . . . . . . . . . . . . . . . . . . 485
22 Contents
Page 23
How Does the Authentication Server Assign
DiffServ Filters?
. . . . . . . . . . . . . . . . . . . 489
What is the Internal Authentication Server? . . . . 489
Default 802.1X Values
. . . . . . . . . . . . . . . . 490
Configuring IEEE 802.1X (Web) . . . . . . . . . . . 491
Configuring IEEE 802.1X (CLI) . . . . . . . . . . . . 498
Configuring Internal Authentication Server
. . . . . . . . . . . . . . . . . . . . . . . . 503
Users
IEEE 802.1X Configuration Examples . . . . . . . . 503
Port Security (Port-MAC Locking)
Default 802.1X Values
Configuring Port Security (CLI)
Denial of Service
. . . . . . . . . . . . . . . . . . . . 521
. . . . . . . . . . . . 517
. . . . . . . . . . . . . . . . 517
. . . . . . . . . . . 520
20 Configuring Access Control Lists . . . . . 523
ACL Overview . . . . . . . . . . . . . . . . . . . . . . 523
What Are MAC ACLs?
What Are IP ACLs? . . . . . . . . . . . . . . . . . 525
What Is the ACL Redirect Function?
What Is the ACL Mirror Function? . . . . . . . . . 525
What Is ACL Logging . . . . . . . . . . . . . . . . 526
What Are Time-Based ACLs?
What Are the ACL Limitations?. . . . . . . . . . . 527
How Are ACLs Configured?
Preventing False ACL Matches
Configuring ACLs (Web)
IP ACL Configuration
IP ACL Rule Configuration
MAC ACL Configuration . . . . . . . . . . . . . . 534
MAC ACL Rule Configuration. . . . . . . . . . . . 536
IPv6 ACL Configuration . . . . . . . . . . . . . . . 537
. . . . . . . . . . . . . . . 524
. . . . . . . . 525
. . . . . . . . . . . . 526
. . . . . . . . . . . . . 528
. . . . . . . . . . . 528
. . . . . . . . . . . . . . . . . 530
. . . . . . . . . . . . . . . . 530
. . . . . . . . . . . . . 532
Contents 23
Page 24
IPv6 ACL Rule Configuration . . . . . . . . . . . 538
ACL Binding Configuration . . . . . . . . . . . . 540
Time Range Entry Configuration . . . . . . . . . 541
Configuring ACLs (CLI)
Configuring an IPv4 ACL
Configuring a MAC ACL
. . . . . . . . . . . . . . . . . 543
. . . . . . . . . . . . . 543
. . . . . . . . . . . . . . 545
Configuring an IPv6 ACL . . . . . . . . . . . . . 547
Configuring a Time Range. . . . . . . . . . . . . 549
ACL Configuration Examples. . . . . . . . . . . . . . 551
Configuring an IP ACL
. . . . . . . . . . . . . . . 551
Configuring a MAC ACL . . . . . . . . . . . . . . 553
Configuring a Time-Based ACL
Configuring a Management Access List
. . . . . . . . . . 555
. . . . . 556
21 Configuring VLANs. . . . . . . . . . . . . . . . . 561
VLAN Overview . . . . . . . . . . . . . . . . . . . . 561
Switchport Modes
VLAN Tagging . . . . . . . . . . . . . . . . . . . 565
. . . . . . . . . . . . . . . . . . . . . . . 566
GVRP
Double-VLAN Tagging . . . . . . . . . . . . . . 566
Voice VLAN . . . . . . . . . . . . . . . . . . . . 568
Private VLANs
Additional VLAN Features . . . . . . . . . . . . 576
. . . . . . . . . . . . . . . . 564
. . . . . . . . . . . . . . . . . . . 570
24 Contents
Default VLAN Behavior . . . . . . . . . . . . . . . . 577
Configuring VLANs (Web)
VLAN Membership
VLAN Port Settings
VLAN LAG Settings
Bind MAC to VLAN
Bind IP Subnet to VLAN
. . . . . . . . . . . . . . . 579
. . . . . . . . . . . . . . . . 579
. . . . . . . . . . . . . . . . 584
. . . . . . . . . . . . . . . . 585
. . . . . . . . . . . . . . . . 587
. . . . . . . . . . . . . . 588
Page 25
GVRP Parameters. . . . . . . . . . . . . . . . . . 590
Protocol Group
Adding a Protocol Group
. . . . . . . . . . . . . . . . . . . 592
. . . . . . . . . . . . . . 593
Double VLAN Global Configuration. . . . . . . . . 595
Double VLAN Interface Configuration . . . . . . . 596
Voice VLAN
. . . . . . . . . . . . . . . . . . . . . 598
Configuring VLANs (CLI) . . . . . . . . . . . . . . . . . 599
Creating a VLAN
. . . . . . . . . . . . . . . . . . 599
Configuring a Port in Access Mode . . . . . . . . 599
Configuring a Port in Trunk Mode
. . . . . . . . . 600
Configuring a Port in General Mode . . . . . . . . 603
Configuring VLAN Settings for a LAG . . . . . . . 604
Configuring Double VLAN Tagging . . . . . . . . . 606
Configuring MAC-Based VLANs . . . . . . . . . . 607
Configuring IP-Based VLANs
. . . . . . . . . . . . 608
Configuring a Protocol-Based VLAN . . . . . . . . 608
Configuring GVRP. . . . . . . . . . . . . . . . . . 610
Configuring Voice VLANs
. . . . . . . . . . . . . . 612
VLAN Configuration Examples
. . . . . . . . . . . . . 613
Configuring VLANs Using Dell OpenManage
Administrator . . . . . . . . . . . . . . . . . . . . 616
Configure the VLANs and Ports on Switch 2
Configuring VLANs Using the CLI
. . . . . . . . . . 621
Configuring a Voice VLAN . . . . . . . . . . . . . 625
22 Configuring the Spanning Tree
Protocol . . . . . . . . . . . . . . . . . . . . . . . . 629
STP Overview . . . . . . . . . . . . . . . . . . . . . . 629
What Are Classic STP, Multiple STP, and
Rapid STP?
How Does STP Work?
How Does MSTP Operate in the Network? . . . . 631
. . . . . . . . . . . . . . . . . . . . . 629
. . . . . . . . . . . . . . . 630
Contents 25
. . . . 620
Page 26
MSTP with Multiple Forwarding Paths . . . . . . 635
What are the Optional STP Features?
. . . . . . 636
Default STP Values. . . . . . . . . . . . . . . . . . . 639
Configuring Spanning Tree (Web) . . . . . . . . . . . 640
STP Global Settings
. . . . . . . . . . . . . . . . 640
STP Port Settings . . . . . . . . . . . . . . . . . 641
STP LAG Settings . . . . . . . . . . . . . . . . . 643
Rapid Spanning Tree
MSTP Settings
MSTP Interface Settings
. . . . . . . . . . . . . . . 644
. . . . . . . . . . . . . . . . . . 646
. . . . . . . . . . . . . 648
Configuring Spanning Tree (CLI) . . . . . . . . . . . . 650
Configuring Global STP Bridge Settings
. . . . . 650
Configuring Optional STP Features . . . . . . . . 651
Configuring STP Interface Settings
. . . . . . . . 652
Configuring MSTP Switch Settings . . . . . . . . 653
Configuring MSTP Interface Settings . . . . . . 654
23 Discovering Network Devices . . . . . . . . 659
26 Contents
STP Configuration Examples
Configuring STP
Configuring MSTP
. . . . . . . . . . . . . . 655
. . . . . . . . . . . . . . . . . . 655
. . . . . . . . . . . . . . . . . 657
Device Discovery Overview . . . . . . . . . . . . . . 659
What Is ISDP?
What is LLDP?
. . . . . . . . . . . . . . . . . . . 659
. . . . . . . . . . . . . . . . . . . 659
What is LLDP-MED? . . . . . . . . . . . . . . . 660
Why are Device Discovery Protocols
Needed?
. . . . . . . . . . . . . . . . . . . . . . 660
Page 27
Default IDSP and LLDP Values . . . . . . . . . . . . . 661
Configuring ISDP and LLDP (Web)
ISDP Global Configuration
ISDP Cache Table
. . . . . . . . . . . . . . . . . . 664
. . . . . . . . . . . . 663
. . . . . . . . . . . . . 663
ISDP Interface Configuration. . . . . . . . . . . . 665
ISDP Statistics . . . . . . . . . . . . . . . . . . . 667
LLDP Configuration
. . . . . . . . . . . . . . . . . 668
LLDP Statistics . . . . . . . . . . . . . . . . . . . 670
LLDP Connections . . . . . . . . . . . . . . . . . 671
LLDP-MED Global Configuration
. . . . . . . . . . 673
LLDP-MED Interface Configuration . . . . . . . . 674
LLDP-MED Local Device Information . . . . . . . 676
LLDP-MED Remote Device Information
. . . . . . 677
Configuring ISDP and LLDP (CLI) . . . . . . . . . . . . 678
Configuring Global ISDP Settings
. . . . . . . . . 678
Enabling ISDP on a Port . . . . . . . . . . . . . . 679
Viewing and Clearing ISDP Information . . . . . . 679
Configuring Global LLDP Settings . . . . . . . . . 680
Configuring Port-based LLDP Settings . . . . . . . 680
Viewing and Clearing LLDP Information . . . . . . 681
Configuring LLDP-MED Settings
Viewing LLDP-MED Information
. . . . . . . . . . 682
. . . . . . . . . . 683
Device Discovery Configuration Examples . . . . . . . 683
Configuring ISDP
Configuring LLDP
. . . . . . . . . . . . . . . . . . 683
. . . . . . . . . . . . . . . . . . 684
24 Configuring Port-Based Traffic
Control . . . . . . . . . . . . . . . . . . . . . . . . . 687
Port-Based Traffic Control Overview . . . . . . . . . . 687
What is Flow Control?
What is Storm Control?
. . . . . . . . . . . . . . . 688
. . . . . . . . . . . . . . . 688
Contents 27
Page 28
What are Protected Ports? . . . . . . . . . . . . 689
What is Link Local Protocol Filtering? . . . . . . 689
Default Port-Based Traffic Control Values . . . . . . 690
Configuring Port-Based Traffic Control (Web)
Flow Control (Global Port Parameters)
Storm Control
Protected Port Configuration
. . . . . . . . . . . . . . . . . . . 692
. . . . . . . . . . . 694
. . . . 691
. . . . . . 691
LLPF Configuration . . . . . . . . . . . . . . . . 696
Configuring Port-Based Traffic Control (CLI) . . . . . 698
Configuring Flow Control and Storm Control
. . . 698
Configuring Protected Ports . . . . . . . . . . . 699
Configuring LLPF . . . . . . . . . . . . . . . . . 700
Port-Based Traffic Control Configuration
Example
. . . . . . . . . . . . . . . . . . . . . . . . 701
25 Configuring L2 Multicast Features . . . . 703
L2 Multicast Overview . . . . . . . . . . . . . . . . . 703
What Are the Multicast Bridging Features?
What Is L2 Multicast Traffic? . . . . . . . . . . . 704
What Is IGMP Snooping?
. . . . . . . . . . . . . 705
What Is MLD Snooping? . . . . . . . . . . . . . 707
What Is Multicast VLAN Registration?
When Are L3 Multicast Features Required?
What Are GARP and GMRP? . . . . . . . . . . . 709
. . . 703
. . . . . . 708
. . . 709
28 Contents
Snooping Switch Restrictions . . . . . . . . . . . . . 711
Partial IGMPv3 and MLDv2 Support
. . . . . . . 711
MAC Address-Based Multicast Group . . . . . . 711
IGMP/MLD Snooping in a Multicast Router . . . 711
Page 29
Topologies Where the Multicast Source Is
Not Directly Connected to the Querier
. . . . . . . 712
Using Static Multicast MAC Configuration. . . . . 712
IGMP Snooping and GMRP
. . . . . . . . . . . . . 712
Default L2 Multicast Values
. . . . . . . . . . . . . . . 713
Configuring L2 Multicast Features (Web) . . . . . . . . 715
Multicast Global Parameters
. . . . . . . . . . . . 715
Bridge Multicast Group . . . . . . . . . . . . . . . 716
MRouter Status. . . . . . . . . . . . . . . . . . . 719
General IGMP Snooping . . . . . . . . . . . . . . 720
Global Querier Configuration . . . . . . . . . . . . 723
VLAN Querier . . . . . . . . . . . . . . . . . . . . 724
VLAN Querier Status
. . . . . . . . . . . . . . . . 727
MFDB IGMP Snooping Table . . . . . . . . . . . . 728
MLD Snooping General. . . . . . . . . . . . . . . 729
MLD Snooping Global Querier Configuration
MLD Snooping VLAN Querier
. . . . . . . . . . . 732
. . . 731
MLD Snooping VLAN Querier Status. . . . . . . . 734
MFDB MLD Snooping Table . . . . . . . . . . . . 735
MVR Global Configuration
. . . . . . . . . . . . . 736
MVR Members . . . . . . . . . . . . . . . . . . . 737
MVR Interface Configuration . . . . . . . . . . . . 738
MVR Statistics . . . . . . . . . . . . . . . . . . . 741
GARP Timers . . . . . . . . . . . . . . . . . . . . 742
GMRP Parameters
MFDB GMRP Table
. . . . . . . . . . . . . . . . . 744
. . . . . . . . . . . . . . . . . 746
Configuring L2 Multicast Features (CLI)
Configuring Layer 2 Multicasting
Configuring IGMP Snooping on VLANs
. . . . . . . . . 747
. . . . . . . . . . 747
. . . . . . 748
Configuring IGMP Snooping Querier . . . . . . . . 749
Configuring MLD Snooping on VLANs . . . . . . . 750
Configuring MLD Snooping Querier
. . . . . . . . 751
Configuring MVR . . . . . . . . . . . . . . . . . . 752
Contents 29
Page 30
Configuring GARP Timers and GMRP. . . . . . . 754
Case Study on a Real-World Network Topology
Multicast Snooping Case Study
. . . . . . . . . 755
26 Configuring Connectivity Fault
Management . . . . . . . . . . . . . . . . . . . . . 761
Dot1ag Overview. . . . . . . . . . . . . . . . . . . . 761
How Does Dot1ag Work Across a Carrier
Network? . . . . . . . . . . . . . . . . . . . . . 762
What Entities Make Up a Maintenance
Domain?
What is the Administrator’s Role?
Default Dot1ag Values
Configuring Dot1ag (Web) . . . . . . . . . . . . . . . 767
Dot1ag Global Configuration
Dot1ag MD Configuration. . . . . . . . . . . . . 767
Dot1ag MA Configuration
Dot1ag MEP Configuration . . . . . . . . . . . . 769
Dot1ag MIP Configuration . . . . . . . . . . . . 770
Dot1ag RMEP Summary
Dot1ag L2 Ping . . . . . . . . . . . . . . . . . . 772
Dot1ag L2 Traceroute
Dot1ag L2 Traceroute Cache
Dot1ag Statistics . . . . . . . . . . . . . . . . . 774
. . . . . . . . . . . . . . . . . . . . . . 763
. . . . . . . . 765
. . . . . . . . . . . . . . . . . 766
. . . . . . . . . . . 767
. . . . . . . . . . . . . 768
. . . . . . . . . . . . . . 771
. . . . . . . . . . . . . . . 772
. . . . . . . . . . . 773
. . . 755
30 Contents
Configuring Dot1ag (CLI) . . . . . . . . . . . . . . . . 775
Configuring Dot1ag Global Settings and
Creating Domains
. . . . . . . . . . . . . . . . . 775
Configuring MEP Information . . . . . . . . . . . 776
Dot1ag Ping and Traceroute
. . . . . . . . . . . 777
Page 31
Dot1ag Configuration Example . . . . . . . . . . . . . 778
27 Snooping and Inspecting Traffic . . . . . . 781
Traffic Snooping and Inspection Overview . . . . . . . 781
What Is DHCP Snooping?
How Is the DHCP Snooping Bindings
Database Populated?
What Is IP Source Guard? . . . . . . . . . . . . . 785
What is Dynamic ARP Inspection? . . . . . . . . . 786
Why Is Traffic Snooping and Inspection
Necessary?
. . . . . . . . . . . . . . . . . . . . . 787
Default Traffic Snooping and Inspection Values . . . . 787
Configuring Traffic Snooping and Inspection
. . . . . . . . . . . . . . . . . . . . . . . . . . . 789
(Web)
DHCP Snooping Configuration
DHCP Snooping Interface Configuration . . . . . . 790
DHCP Snooping VLAN Configuration . . . . . . . . 792
DHCP Snooping Persistent Configuration . . . . . 794
DHCP Snooping Static Bindings
Configuration
. . . . . . . . . . . . . . . . . . . . 795
DHCP Snooping Dynamic Bindings Summary
DHCP Snooping Statistics . . . . . . . . . . . . . 798
IPSG Interface Configuration. . . . . . . . . . . . 799
IPSG Binding Configuration
IPSG Binding Summary
DAI Global Configuration . . . . . . . . . . . . . . 802
DAI Interface Configuration
DAI VLAN Configuration . . . . . . . . . . . . . . 805
DAI ACL Configuration . . . . . . . . . . . . . . . 806
DAI ACL Rule Configuration . . . . . . . . . . . . 807
DAI Statistics . . . . . . . . . . . . . . . . . . . . 809
. . . . . . . . . . . . . . 782
. . . . . . . . . . . . . . . . 783
. . . . . . . . . . . 789
. . . 797
. . . . . . . . . . . . 800
. . . . . . . . . . . . . . . 801
. . . . . . . . . . . . 803
Contents 31
Page 32
Configuring Traffic Snooping and Inspection
. . . . . . . . . . . . . . . . . . . . . . . . . . . 810
(CLI)
Configuring DHCP Snooping
. . . . . . . . . . . 810
Configuring IP Source Guard . . . . . . . . . . . 812
Configuring Dynamic ARP Inspection
. . . . . . 813
Traffic Snooping and Inspection Configuration
Examples
. . . . . . . . . . . . . . . . . . . . . . . . 815
Configuring DHCP Snooping
. . . . . . . . . . . 815
Configuring IPSG . . . . . . . . . . . . . . . . . 817
28 Configuring Link Aggregation . . . . . . . . 819
Link Aggregation Overview . . . . . . . . . . . . . . 819
Why Are Link Aggregation Groups
Necessary?
What Is the Difference Between Static and
Dynamic Link Aggregation?
What is LAG Hashing? . . . . . . . . . . . . . . 821
How Do LAGs Interact with Other Features?. . . 822
LAG Configuration Guidelines . . . . . . . . . . 823
. . . . . . . . . . . . . . . . . . . . 820
. . . . . . . . . . . . 820
32 Contents
Default Link Aggregation Values . . . . . . . . . . . 823
Configuring Link Aggregation (Web)
LAG Configuration
LACP Parameters
LAG Membership
. . . . . . . . . . . . . . . . . 824
. . . . . . . . . . . . . . . . . 825
. . . . . . . . . . . . . . . . . 827
LAG Hash Configuration
. . . . . . . . . 824
. . . . . . . . . . . . . 828
LAG Hash Summary. . . . . . . . . . . . . . . . 829
Configuring Link Aggregation (CLI) . . . . . . . . . . 830
Configuring LAG Characteristics
. . . . . . . . . 830
Configuring Link Aggregation Groups . . . . . . 831
Configuring LACP Parameters . . . . . . . . . . 833
Page 33
Link Aggregation Configuration Examples . . . . . . . 834
Configuring Dynamic LAGs
. . . . . . . . . . . . . 834
Configuring Static LAGs . . . . . . . . . . . . . . 835
29 Managing the MAC Address Table . . . . 837
MAC Address Table Overview. . . . . . . . . . . . . . 837
How Is the Address Table Populated?
What Information Is in the MAC Address
. . . . . . . . . . . . . . . . . . . . . . . . 838
Table?
How Is the MAC Address Table Maintained
Across a Stack?
. . . . . . . . . . . . . . . . . . 838
Default MAC Address Table Values . . . . . . . . . . . 838
. . . . . . . 837
Managing the MAC Address Table (Web)
Static Address Table
Dynamic Address Table
. . . . . . . . . . . . . . . . 839
. . . . . . . . . . . . . . 841
Managing the MAC Address Table (CLI)
Managing the MAC Address Table
. . . . . . . . 839
. . . . . . . . 842
. . . . . . . . . 842
30 Configuring Routing Interfaces . . . . . . . 843
Routing Interface Overview . . . . . . . . . . . . . . . 843
What Are VLAN Routing Interfaces?
What Are Loopback Interfaces?
What Are Tunnel Interfaces?
Why Are Routing Interfaces Needed? . . . . . . . 846
Default Routing Interface Values . . . . . . . . . . . . 848
Configuring Routing Interfaces (Web)
IP Interface Configuration
DHCP Lease Parameters
. . . . . . . . . . . . . 849
. . . . . . . . . . . . . . 850
. . . . . . . . 843
. . . . . . . . . . 844
. . . . . . . . . . . . 845
. . . . . . . . . . 849
Contents 33
Page 34
VLAN Routing Summary . . . . . . . . . . . . . 850
Tunnel Configuration . . . . . . . . . . . . . . . 851
Tunnels Summary . . . . . . . . . . . . . . . . . 852
Loopbacks Configuration
Loopbacks Summary
. . . . . . . . . . . . . 853
. . . . . . . . . . . . . . . 854
Configuring Routing Interfaces (CLI) . . . . . . . . . 855
Configuring VLAN Routing Interfaces (IPv4)
. . . 855
Configuring Loopback Interfaces. . . . . . . . . 857
Configuring Tunnels. . . . . . . . . . . . . . . . 858
31 Configuring DHCP Server Settings . . . . 859
DHCP Overview . . . . . . . . . . . . . . . . . . . . 859
How Does DHCP Work?
What are DHCP Options? . . . . . . . . . . . . . 860
What Additional DHCP Features Does the
Switch Support?
. . . . . . . . . . . . . . 859
. . . . . . . . . . . . . . . . . 861
34 Contents
Default DHCP Server Values
. . . . . . . . . . . . . . 861
Configuring the DHCP Server (Web). . . . . . . . . . 862
DHCP Server Network Properties
. . . . . . . . 862
Address Pool . . . . . . . . . . . . . . . . . . . 864
Address Pool Options
. . . . . . . . . . . . . . . 868
DHCP Bindings . . . . . . . . . . . . . . . . . . 870
DHCP Server Reset Configuration
DHCP Server Conflicts Information
. . . . . . . . 871
. . . . . . . . 872
DHCP Server Statistics . . . . . . . . . . . . . . 873
Configuring the DHCP Server (CLI) . . . . . . . . . . 874
Configuring Global DHCP Server Settings
. . . . 874
Configuring a Dynamic Address Pool. . . . . . . 875
Configuring a Static Address Pool . . . . . . . . 876
Monitoring DHCP Server Information
. . . . . . 877
Page 35
DHCP Server Configuration Examples . . . . . . . . . 878
Configuring a Dynamic Address Pool
. . . . . . . 878
Configuring a Static Address Pool . . . . . . . . . 880
32 Configuring IP Routing . . . . . . . . . . . . . 883
IP Routing Overview . . . . . . . . . . . . . . . . . . . 883
Default IP Routing Values
. . . . . . . . . . . . . . . . 885
Configuring IP Routing Features (Web) . . . . . . . . . 887
IP Configuration
. . . . . . . . . . . . . . . . . . . 887
IP Statistics . . . . . . . . . . . . . . . . . . . . . 888
ARP Create . . . . . . . . . . . . . . . . . . . . . 889
ARP Table Configuration . . . . . . . . . . . . . . 890
Router Discovery Configuration
. . . . . . . . . . 891
Router Discovery Status . . . . . . . . . . . . . . 892
Route Table . . . . . . . . . . . . . . . . . . . . . 893
Best Routes Table
. . . . . . . . . . . . . . . . . 894
Route Entry Configuration . . . . . . . . . . . . . 895
Configured Routes . . . . . . . . . . . . . . . . . 897
Route Preferences Configuration
. . . . . . . . . 898
Configuring IP Routing Features (CLI) . . . . . . . . . . 899
Configuring Global IP Routing Settings
. . . . . . . 899
Adding Static ARP Entries and Configuring
ARP Table Settings
Configuring Router Discovery (IRDP)
. . . . . . . . . . . . . . . . . 900
. . . . . . . . 901
Configuring Route Table Entries and Route
Preferences
. . . . . . . . . . . . . . . . . . . . . 902
IP Routing Configuration Example . . . . . . . . . . . 904
Configuring PowerConnect Switch A
. . . . . . . 905
Configuring PowerConnect Switch B . . . . . . . 906
Contents 35
Page 36
33 Configuring L2 and L3 Relay
Features . . . . . . . . . . . . . . . . . . . . . . . . 907
L2 and L3 Relay Overview . . . . . . . . . . . . . . . 907
What Is L3 DHCP Relay?
What Is L2 DHCP Relay? . . . . . . . . . . . . . 908
What Is the IP Helper Feature?. . . . . . . . . . 909
Default L2/L3 Relay Values. . . . . . . . . . . . . . . 913
Configuring L2 and L3 Relay Features (Web) . . . . . 914
DHCP Relay Global Configuration
DHCP Relay Interface Configuration . . . . . . . 915
DHCP Relay Interface Statistics . . . . . . . . . 917
DHCP Relay VLAN Configuration
DHCP Relay Agent Configuration . . . . . . . . . 919
IP Helper Global Configuration . . . . . . . . . . 920
IP Helper Interface Configuration . . . . . . . . 922
IP Helper Statistics . . . . . . . . . . . . . . . . 924
. . . . . . . . . . . . . 907
. . . . . . . . . 914
. . . . . . . . . 918
34 Configuring OSPF and OSPFv3. . . . . . . . 931
36 Contents
Configuring L2 and L3 Relay Features (CLI)
Configuring L2 DHCP Relay
. . . . . . . . . . . . 925
Configuring L3 Relay (IP Helper) Settings
Relay Agent Configuration Example
. . . . . . 925
. . . . 927
. . . . . . . . . . 929
OSPF Overview. . . . . . . . . . . . . . . . . . . . . 932
What Are OSPF Areas and Other OSPF
Topology Features?
What Are OSPF Routers and LSAs?
How Are Routes Selected?
How Are OSPF and OSPFv3 Different?
. . . . . . . . . . . . . . . . 932
. . . . . . . 933
. . . . . . . . . . . . 933
. . . . . . 933
Page 37
OSPF Feature Details . . . . . . . . . . . . . . . . . . 934
Max Metric
. . . . . . . . . . . . . . . . . . . . . 934
Static Area Range Cost . . . . . . . . . . . . . . . 936
LSA Pacing . . . . . . . . . . . . . . . . . . . . . 937
Flood Blocking
. . . . . . . . . . . . . . . . . . . 938
Default OSPF Values
. . . . . . . . . . . . . . . . . . . 940
Configuring OSPF Features (Web) . . . . . . . . . . . . 942
OSPF Configuration
. . . . . . . . . . . . . . . . . 942
OSPF Area Configuration . . . . . . . . . . . . . . 943
OSPF Stub Area Summary . . . . . . . . . . . . . 946
OSPF Area Range Configuration . . . . . . . . . . 947
OSPF Interface Statistics
. . . . . . . . . . . . . . 948
OSPF Interface Configuration . . . . . . . . . . . 949
OSPF Neighbor Table . . . . . . . . . . . . . . . . 950
OSPF Neighbor Configuration
. . . . . . . . . . . 951
OSPF Link State Database . . . . . . . . . . . . . 952
OSPF Virtual Link Configuration . . . . . . . . . . 952
OSPF Virtual Link Summary. . . . . . . . . . . . . 954
OSPF Route Redistribution Configuration . . . . . 955
OSPF Route Redistribution Summary
. . . . . . . . 956
NSF OSPF Configuration . . . . . . . . . . . . . . 957
Configuring OSPFv3 Features (Web) . . . . . . . . . . 958
OSPFv3 Configuration
. . . . . . . . . . . . . . . 958
OSPFv3 Area Configuration. . . . . . . . . . . . . 959
OSPFv3 Stub Area Summary
OSPFv3 Area Range Configuration
. . . . . . . . . . . . 962
. . . . . . . . . 963
OSPFv3 Interface Configuration . . . . . . . . . . 964
OSPFv3 Interface Statistics
. . . . . . . . . . . . 965
OSPFv3 Neighbors . . . . . . . . . . . . . . . . . 966
OSPFv3 Neighbor Table. . . . . . . . . . . . . . . 967
OSPFv3 Link State Database
. . . . . . . . . . . . 968
OSPFv3 Virtual Link Configuration . . . . . . . . . 969
OSPFv3 Virtual Link Summary . . . . . . . . . . . 971
Contents 37
Page 38
OSPFv3 Route Redistribution Configuration . . . 972
OSPFv3 Route Redistribution Summary
. . . . . 973
NSF OSPFv3 Configuration . . . . . . . . . . . . 974
Configuring OSPF Features (CLI). . . . . . . . . . . . 975
Configuring Global OSPF Settings
. . . . . . . . 975
Configuring OSPF Interface Settings . . . . . . . 978
Configuring Stub Areas and NSSAs . . . . . . . 980
Configuring Virtual Links . . . . . . . . . . . . . 982
Configuring OSPF Area Range Settings . . . . . 984
Configuring NSF Settings for OSPF
. . . . . . . 986
Configuring OSPFv3 Features (CLI) . . . . . . . . . . 987
Configuring Global OSPFv3 Settings
. . . . . . . 987
Configuring OSPFv3 Interface Settings . . . . . . 989
Configuring Stub Areas and NSSAs . . . . . . . 991
Configuring Virtual Links . . . . . . . . . . . . . 993
Configuring an OSPFv3 Area Range . . . . . . . 994
Configuring OSPFv3 Route Redistribution
Settings
. . . . . . . . . . . . . . . . . . . . . . 995
Configuring NSF Settings for OSPFv3 . . . . . . 996
38 Contents
OSPF Configuration Examples
. . . . . . . . . . . . . 997
Configuring an OSPF Border Router and
Setting Interface Costs . . . . . . . . . . . . . . 997
Configuring Stub and NSSA Areas for OSPF
and OSPFv3
. . . . . . . . . . . . . . . . . . . . 1000
Configuring a Virtual Link for OSPF and
. . . . . . . . . . . . . . . . . . . . . . 1004
OSPFv3
Interconnecting an IPv4 Backbone and
Local IPv6 Network
. . . . . . . . . . . . . . . . 1006
Configuring the Static Area Range Cost . . . . . 1009
Configuring Flood Blocking . . . . . . . . . . . . 1014
Page 39
35 Configuring RIP . . . . . . . . . . . . . . . . . . 1019
RIP Overview. . . . . . . . . . . . . . . . . . . . . . 1019
How Does RIP Determine Route
Information? . . . . . . . . . . . . . . . . . . . 1019
What Is Split Horizon? . . . . . . . . . . . . . . 1020
What RIP Versions Are Supported? . . . . . . . 1020
Default RIP Values . . . . . . . . . . . . . . . . . . . 1021
Configuring RIP Features (Web) . . . . . . . . . . . . 1022
RIP Configuration
RIP Interface Configuration . . . . . . . . . . . 1023
RIP Interface Summary. . . . . . . . . . . . . . 1024
RIP Route Redistribution Configuration
RIP Route Redistribution Summary. . . . . . . . 1026
Configuring RIP Features (CLI). . . . . . . . . . . . . 1027
Configuring Global RIP Settings
Configuring RIP Interface Settings . . . . . . . . 1028
Configuring Route Redistribution Settings . . . . 1029
RIP Configuration Example . . . . . . . . . . . . . . 1031
. . . . . . . . . . . . . . . . . 1022
. . . . . 1025
. . . . . . . . . 1027
36 Configuring VRRP . . . . . . . . . . . . . . . . 1033
VRRP Overview . . . . . . . . . . . . . . . . . . . . 1033
How Does VRRP Work?
What Is the VRRP Router Priority? . . . . . . . . 1034
What Is VRRP Preemption?. . . . . . . . . . . . 1034
What Is VRRP Accept Mode?
What Are VRRP Route and Interface
Tra ck in g?
. . . . . . . . . . . . . . . . . . . . . 1035
. . . . . . . . . . . . . . 1033
. . . . . . . . . . 1035
Contents 39
Page 40
Default VRRP Values . . . . . . . . . . . . . . . . . . 1037
Configuring VRRP Features (Web)
VRRP Configuration
. . . . . . . . . . . . . . . . 1038
VRRP Virtual Router Status
VRRP Virtual Router Statistics
. . . . . . . . . . . 1038
. . . . . . . . . . . . 1039
. . . . . . . . . . 1040
VRRP Router Configuration . . . . . . . . . . . . 1041
VRRP Route Tracking Configuration . . . . . . . 1042
VRRP Interface Tracking Configuration
. . . . . . 1044
Configuring VRRP Features (CLI). . . . . . . . . . . . 1046
Configuring VRRP Settings
. . . . . . . . . . . . 1046
VRRP Configuration Example . . . . . . . . . . . . . 1048
VRRP with Load Sharing
. . . . . . . . . . . . . 1048
VRRP with Route and Interface Tracking . . . . . 1052
37 Configuring IPv6 Routing . . . . . . . . . . . 1057
IPv6 Routing Overview . . . . . . . . . . . . . . . . . 1057
How Does IPv6 Compare with IPv4?
How Are IPv6 Interfaces Configured? . . . . . . 1058
Default IPv6 Routing Values . . . . . . . . . . . . . . 1059
. . . . . . . 1058
40 Contents
Configuring IPv6 Routing Features (Web)
Global Configuration
Interface Configuration
Interface Summary
. . . . . . . . . . . . . . . 1061
. . . . . . . . . . . . . . 1062
. . . . . . . . . . . . . . . . 1063
. . . . . . . 1061
IPv6 Statistics. . . . . . . . . . . . . . . . . . . 1064
IPv6 Neighbor Table. . . . . . . . . . . . . . . . 1065
DHCPv6 Client Parameters
. . . . . . . . . . . . 1066
IPv6 Route Entry Configuration . . . . . . . . . . 1067
IPv6 Route Table . . . . . . . . . . . . . . . . . 1068
IPv6 Route Preferences
. . . . . . . . . . . . . . 1069
Configured IPv6 Routes . . . . . . . . . . . . . . 1070
Page 41
Configuring IPv6 Routing Features (CLI). . . . . . . . 1071
Configuring Global IP Routing Settings
. . . . . . 1071
Configuring IPv6 Interface Settings . . . . . . . 1072
Configuring IPv6 Neighbor Discovery . . . . . . 1073
Configuring IPv6 Route Table Entries and
Route Preferences
IPv6 Show Commands
. . . . . . . . . . . . . . . . 1075
. . . . . . . . . . . . . . 1077
IPv6 Static Reject and Discard Routes
. . . . . . . . 1078
38 Configuring DHCPv6 Server and
Relay Settings . . . . . . . . . . . . . . . . . . . 1081
DHCPv6 Overview . . . . . . . . . . . . . . . . . . . 1081
What Is a DHCPv6 Pool?
What Is a Stateless Server?
What Is the DHCPv6 Relay Agent Information
. . . . . . . . . . . . . . . . . . . . . . 1082
Option?
What Is a Prefix Delegation?
Default DHCPv6 Server and Relay Values
Configuring the DHCPv6 Server and Relay (Web). . . 1084
DHCPv6 Global Configuration
DHCPv6 Pool Configuration. . . . . . . . . . . . 1085
Prefix Delegation Configuration . . . . . . . . . 1087
DHCPv6 Pool Summary. . . . . . . . . . . . . . 1088
DHCPv6 Interface Configuration
DHCPv6 Server Bindings Summary
DHCPv6 Statistics. . . . . . . . . . . . . . . . . 1092
. . . . . . . . . . . . . 1082
. . . . . . . . . . . 1082
. . . . . . . . . . . 1082
. . . . . . . 1083
. . . . . . . . . . 1084
. . . . . . . . . 1089
. . . . . . . 1091
Configuring the DHCPv6 Server and Relay (CLI)
. . . 1093
Configuring Global DHCP Server and Relay
Agent Settings . . . . . . . . . . . . . . . . . . 1093
Configuring a DHCPv6 Pool for Stateless
Server Support
. . . . . . . . . . . . . . . . . . 1093
Contents 41
Page 42
Configuring a DHCPv6 Pool for Specific
. . . . . . . . . . . . . . . . . . . . . . . 1094
Hosts
Configuring DHCPv6 Interface Information . . . . 1095
Monitoring DHCPv6 Information
. . . . . . . . . 1096
DHCPv6 Configuration Examples
Configuring a DHCPv6 Stateless Server
. . . . . . . . . . . 1097
. . . . . 1097
Configuring the DHCPv6 Server for Prefix
Delegation
. . . . . . . . . . . . . . . . . . . . . 1098
Configuring an Interface as a DHCPv6 Relay
Agent
. . . . . . . . . . . . . . . . . . . . . . . 1099
39 Configuring Differentiated Services . . 1101
DiffServ Overview . . . . . . . . . . . . . . . . . . . 1101
How Does DiffServ Functionality Vary Based
on the Role of the Switch? . . . . . . . . . . . . 1102
What Are the Elements of DiffServ
Configuration?
Default DiffServ Values
Configuring DiffServ (Web) . . . . . . . . . . . . . . 1104
DiffServ Configuration
Class Configuration . . . . . . . . . . . . . . . . 1105
Class Criteria . . . . . . . . . . . . . . . . . . . 1106
Policy Configuration
Policy Class Definition
Service Configuration . . . . . . . . . . . . . . . 1113
Service Detailed Statistics
Flow-Based Mirroring . . . . . . . . . . . . . . 1115
. . . . . . . . . . . . . . . . . . 1102
. . . . . . . . . . . . . . . . 1103
. . . . . . . . . . . . . . 1104
. . . . . . . . . . . . . . . 1108
. . . . . . . . . . . . . . 1110
. . . . . . . . . . . . 1114
42 Contents
Configuring DiffServ (CLI) . . . . . . . . . . . . . . . 1116
DiffServ Configuration (Global)
. . . . . . . . . . 1116
DiffServ Class Configuration for IPv4. . . . . . . 1116
DiffServ Class Configuration for IPv6. . . . . . . 1118
Page 43
DiffServ Policy Creation . . . . . . . . . . . . . 1119
DiffServ Policy Attributes Configuration . . . . . 1120
DiffServ Service Configuration . . . . . . . . . . 1122
DiffServ Configuration Examples . . . . . . . . . . . 1123
Providing Subnets Equal Access to External
Network
DiffServ for VoIP
. . . . . . . . . . . . . . . . . . . . . . 1123
. . . . . . . . . . . . . . . . . 1126
40 Configuring Class-of-Service . . . . . . . 1129
CoS Overview . . . . . . . . . . . . . . . . . . . . . 1129
What Are Trusted and Untrusted Port
Modes? . . . . . . . . . . . . . . . . . . . . . . 1130
How Is Traffic Shaping Used on Egress
. . . . . . . . . . . . . . . . . . . . . . 1130
Traffic?
How Are Traffic Queues Defined?
Which Queue Management Methods Are
Supported?
. . . . . . . . . . . . . . . . . . . . 1131
CoS Queue Usage . . . . . . . . . . . . . . . . 1132
Default CoS Values . . . . . . . . . . . . . . . . . . 1132
. . . . . . . . 1131
Configuring CoS (Web)
Mapping Table Configuration
Interface Configuration
Interface Queue Configuration
. . . . . . . . . . . . . . . . 1133
. . . . . . . . . . . 1133
. . . . . . . . . . . . . . 1136
. . . . . . . . . . 1137
Interface Queue Drop Precedence
Configuration
. . . . . . . . . . . . . . . . . . . 1138
Configuring CoS (CLI) . . . . . . . . . . . . . . . . . 1140
Mapping Table Configuration
. . . . . . . . . . . 1140
CoS Interface Configuration Commands . . . . . 1141
Interface Queue Configuration
. . . . . . . . . . 1141
Configuring Interface Queue Drop
Probability
. . . . . . . . . . . . . . . . . . . . 1143
Contents 43
Page 44
CoS Configuration Example . . . . . . . . . . . . . . 1144
41 Configuring Auto VoIP . . . . . . . . . . . . . 1147
Auto VoIP Overview . . . . . . . . . . . . . . . . . . 1147
How Does Auto-VoIP Use ACLs?
. . . . . . . . . 1148
Default Auto VoIP Values . . . . . . . . . . . . . . . 1148
Configuring Auto VoIP (Web) . . . . . . . . . . . . . 1149
Auto VoIP Global Configuration
. . . . . . . . . . 1149
Auto VoIP Interface Configuration . . . . . . . . 1149
Configuring Auto VoIP (CLI) . . . . . . . . . . . . . . 1152
42 Managing IPv4 and IPv6 Multicast . . . 1153
L3 Multicast Overview . . . . . . . . . . . . . . . . . 1153
What Is IP Multicast Traffic?
What Multicast Protocols Does the Switch
Support?
. . . . . . . . . . . . . . . . . . . . . . 1155
What Are the Multicast Protocol Roles? . . . . . 1155
When Is L3 Multicast Required on the
. . . . . . . . . . . . . . . . . . . . . . 1156
Switch?
What Is the Multicast Routing Table? . . . . . . 1156
What Is IGMP?
What Is MLD?
. . . . . . . . . . . . . . . . . . 1157
. . . . . . . . . . . . . . . . . . . 1158
What Is PIM? . . . . . . . . . . . . . . . . . . . 1159
What Is DVMRP? . . . . . . . . . . . . . . . . . 1169
. . . . . . . . . . . 1154
44 Contents
Default L3 Multicast Values
. . . . . . . . . . . . . . 1171
Configuring General IPv4 Multicast
Features (Web)
. . . . . . . . . . . . . . . . . . . . . 1173
Multicast Global Configuration
. . . . . . . . . . 1173
Page 45
Multicast Interface Configuration . . . . . . . . 1174
Multicast Route Table
. . . . . . . . . . . . . . 1175
Multicast Admin Boundary Configuration . . . . 1176
Multicast Admin Boundary Summary . . . . . . 1177
Multicast Static MRoute Configuration
. . . . . 1178
Multicast Static MRoute Summary. . . . . . . . 1179
Configuring IPv6 Multicast Features (Web) . . . . . . 1180
IPv6 Multicast Route Table
. . . . . . . . . . . . 1180
Configuring IGMP and IGMP Proxy (Web)
IGMP Global Configuration
. . . . . . . . . . . . 1181
IGMP Interface Configuration
IGMP Interface Summary
. . . . . . . . . . . . 1183
. . . . . . 1181
. . . . . . . . . . 1182
IGMP Cache Information . . . . . . . . . . . . . 1184
IGMP Interface Source List Information . . . . . 1185
IGMP Proxy Interface Configuration . . . . . . . 1186
IGMP Proxy Configuration Summary. . . . . . . 1187
IGMP Proxy Interface Membership Info
. . . . . 1188
Detailed IGMP Proxy Interface Membership
Information
. . . . . . . . . . . . . . . . . . . . 1189
Configuring MLD and MLD Proxy (Web) . . . . . . . 1190
MLD Global Configuration
. . . . . . . . . . . . 1190
MLD Routing Interface Configuration . . . . . . 1191
MLD Routing Interface Summary. . . . . . . . . 1192
MLD Routing Interface Cache Information. . . . 1193
MLD Routing Interface Source List
Information
MLD Traffic
. . . . . . . . . . . . . . . . . . . . 1194
. . . . . . . . . . . . . . . . . . . . 1195
MLD Proxy Configuration . . . . . . . . . . . . . 1196
MLD Proxy Configuration Summary
. . . . . . . 1197
MLD Proxy Interface Membership
Information
. . . . . . . . . . . . . . . . . . . . 1198
Detailed MLD Proxy Interface Membership
Information
. . . . . . . . . . . . . . . . . . . . 1199
Contents 45
Page 46
Configuring PIM for IPv4 and IPv6 (Web) . . . . . . . 1200
PIM Global Configuration
. . . . . . . . . . . . . 1200
PIM Global Status. . . . . . . . . . . . . . . . . 1201
PIM Interface Configuration . . . . . . . . . . . 1202
PIM Interface Summary
. . . . . . . . . . . . . 1203
Candidate RP Configuration . . . . . . . . . . . 1204
Static RP Configuration . . . . . . . . . . . . . . 1206
SSM Range Configuration
. . . . . . . . . . . . 1208
BSR Candidate Configuration. . . . . . . . . . . 1210
BSR Candidate Summary . . . . . . . . . . . . . 1211
Configuring DVMRP (Web)
DVMRP Global Configuration
DVMRP Interface Configuration
DVMRP Configuration Summary
. . . . . . . . . . . . . . . 1212
. . . . . . . . . . . 1212
. . . . . . . . . 1213
. . . . . . . . . 1214
DVMRP Next Hop Summary . . . . . . . . . . . 1215
DVMRP Prune Summary . . . . . . . . . . . . . 1217
DVMRP Route Summary . . . . . . . . . . . . . 1218
Configuring L3 Multicast Features (CLI) . . . . . . . . 1219
Configuring and Viewing IPv4 Multicast
Information
. . . . . . . . . . . . . . . . . . . . 1219
Configuring and Viewing IPv6 Multicast
Route Information
Configuring and Viewing IGMP
. . . . . . . . . . . . . . . . . 1221
. . . . . . . . . . 1222
Configuring and Viewing IGMP Proxy . . . . . . 1224
Configuring and Viewing MLD . . . . . . . . . . 1225
Configuring and Viewing MLD Proxy
. . . . . . . 1226
Configuring and Viewing PIM-DM for IPv4
Multicast Routing
. . . . . . . . . . . . . . . . . 1227
Configuring and Viewing PIM-DM for IPv6
Multicast Routing
. . . . . . . . . . . . . . . . . 1228
Configuring and Viewing PIM-SM for IPv4
Multicast Routing
. . . . . . . . . . . . . . . . . 1230
Configuring and Viewing PIM-SM for IPv6
Multicast Routing
. . . . . . . . . . . . . . . . . 1232
46 Contents
Page 47
Configuring and Viewing DVMRP
Information
. . . . . . . . . . . . . . . . . . . . 1236
L3 Multicast Configuration Examples . . . . . . . . . 1237
Configuring Multicast VLAN Routing With
IGMP and PIM-SM
. . . . . . . . . . . . . . . . 1237
Configuring DVMRP . . . . . . . . . . . . . . . 1241
43 System Process Definitions . . . . . . . . 1243
Contents 47
Page 48
48 Contents
Page 49
1
Introduction
The switches in the Dell PowerConnect 7000 Series are stackable Layer 2
and 3 switches that extend the Dell PowerConnect LAN switching product
range. These switches include the following features:
• 1U form factor, rack-mountable chassis design.
• Support for all data-communication requirements for a multi-layer switch,
including layer 2 switching, IPv4 routing, IPv6 routing, IP multicast,
quality of service, security, and system management features.
• High availability with hot swappable stack members.
The PowerConnect 7000 Series includes six switch models: PC7024,
PC7024P, PC7024F, PC7048, PC7048P, and PC7048R/PC7048R-RA. The
PC7048R/PC7048R-RA is a top-of-rack switch. The difference between the
PC7048R and PC7048R-RA is the airflow direction.
About This Document
This guide describes how to configure, monitor, and maintain a Dell
PowerConnect 7000 Series switch by using web-based Dell OpenManage
Switch Administrator utility or the command-line interface (CLI).
Audience
This guide is for network administrators in charge of managing one or more
PowerConnect 7000 Series switches. To obtain the greatest benefit from this
guide, you should have a basic understanding of Ethernet networks and local
area network (LAN) concepts.
Introduction 49
Page 50
Document Conventions
Table 1-1 describes the typographical conventions this document uses.
Table 1-1. Document Conventions
Convention Description
Bold Page names, field names, menu options, button names, and
CLI commands and keywords.
courier font
[ ] In a command line, square brackets indicate an optional
{ } In a command line, inclusive brackets indicate a selection of
Italic
In a command line, indicates a variable.
<Enter> Any individual key on the keyboard.
CTRL + Z A keyboard combination that involves pressing the Z key
Command-line text (CLI output) and file names
entry.
compulsory parameters separated by the | character. One
option must be selected. For example:
{stp|rstp|mstp} means that for the spanning-tree mode
command you must enter either stp, rstp, or mstp
while holding the CTRL key.
spanning-tree mode
Additional Documentation
The following documents for the PowerConnect 7000 Series switches are
available at support.dell.com/manuals:
•
Getting Started Guide—
provides information about the switch models in
the series, including front and back panel features. It also describes the
installation and initial configuration procedures.
•
CLI Reference Guide—
provides information about the command-line
interface (CLI) commands used to configure and manage the switch. The
document provides in-depth CLI descriptions, syntax, default values, and
usage guidelines.
50 Introduction
Page 51
Switch Features
This section describes the switch user-configurable software features.
NOTE: Before proceeding, read the release notes for this product. The release
notes are part of the firmware download.
The topics covered in this section include:
2
• System Management
Fea tu re s
•Stacking Features
• Security Features
• Green Technology Features
• Power over Ethernet (PoE)
Plus Features
• Switching Features
• Virtual Local Area Network
Supported Features
• Spanning Tree Protocol
Fea tu re s
• Link Aggregation Features
•Routing Features
• IPv6 Routing Features
• Quality of Service (QoS)
Fea tu re s
• Layer 2 Multicast Features
• Layer 3 Multicast Features
Switch Features 51
Page 52
System Management Features
Multiple Management Options
You can use any of the following methods to manage the switch:
• Use a web browser to access the Dell OpenManage Switch Administrator
interface. The switch contains an embedded Web server that serves
HTML pages.
• Use a telnet client, SSH client, or a direct console connection to access the
CLI. The CLI
common industry practice.
• Use a network management system (NMS) to manage and monitor the
system through SNMP. The switch supports
UDP/IP transport protocol.
Nearly all switch features support a preconfiguration capability, even when
the feature is not enabled or the required hardware is not present.
Preconfigured capabilities become active only when enabled (typically via an
admin mode control) or when the required hardware is present (or both). For
example, a port can be preconfigured with both trunk and access mode
information. The trunk mode information is applied only when the port is
placed into trunk mode and the access mode information is only applied
when the port is placed into access mode. Likewise, OSPF routing can be
configured in the switch without being enabled on any port. This capability is
present in all of the management options.
syntax and semantics conform as much as possible to
SNMP v1/v2c/v3 over the
System Time Management
You can configure the switch to obtain the system time and date through a
remote Simple Network Time Protocol (SNTP) server, or you can set the time
and date locally on the switch. You can also configure the time zone and
information about time shifts that might occur during summer months. If
you use SNTP to obtain the time, you can require communications between
the switch and the SNTP server to be encrypted.
For information about configuring system time settings, see "Managing
General System Settings" on page 239.
52 Switch Features
Page 53
Log Messages
The switch maintains in-memory log messages as well as persistent logs. You
can also configure remote logging so that the switch sends log messages to a
remote log server. You can also configure the switch to send log messages to a
configured SMTP server. This allows you to receive the log message in an email account of your choice. Switch auditing messages, CLI command
logging, Web logging, and SNMP logging can be enabled or disabled.
For information about configuring system logging, see "Monitoring and
Logging System Information" on page 201.
Switch Features 53
Page 54
Integrated DHCP Server
PowerConnect 7000 Series switches include an integrated DHCP server that
can deliver host-specific configuration information to hosts on the network.
The switch DHCP server allows you to configure IP address pools (scopes),
and when a host’s DHCP client requests an address, the switch DHCP server
automatically assigns the host an address from the pool.
For information about configuring the DHCP server settings, see
"Configuring DHCP Server Settings" on page 859.
Management of Basic Network Information
The DHCP client on the switch allows the switch to acquire information such
as the IP address and default gateway from a network DHCP server. You can
also disable the DHCP client and configure static network information.
Other configurable network information includes a Domain Name Server
(DNS), hostname to IP address mapping, and a default domain name.
If the switch detects an IP address conflict on the management interface, it
generates a trap and sends a log message.
For information about configuring basic network information, see "Setting
the IP Address and Other Basic Network Information" on page 121.
IPv6 Management Features
PowerConnect 7000 Series switches provide IPv6 support for many standard
management features including HTTP, HTTPS/SSL, Telnet, SSH, SNMP,
SNTP, TFTP, and traceroute.
Dual Software Images
PowerConnect 7000 Series switches can store up to two software images. The
dual image feature allows you to upgrade the switch without deleting the
older software image. You designate one image as the active image and the
other image as the backup image.
For information about managing the switch image, see "Managing Images
and Files" on page 319.
54 Switch Features
Page 55
File Management
You can upload and download files such as configuration files and system
images by using HTTP (web only), TFTP, Secure FTP (SFTP), or Secure
Copy (SCP). Configuration file uploads from the switch to a server are a good
way to back up the switch configuration. You can also download a
configuration file from a server to the switch to restore the switch to the
configuration in the downloaded file.
You can also copy files to and from a USB Flash drive that is plugged into the
USB port on the front panel of the switch.
For information about uploading, downloading, and copying files, see
"Managing Images and Files" on page 319.
Switch Database Management Templates
Switch Database Management (SDM) templates enable you to reallocate
system resources to support a different mix of features based on your network
requirements. PowerConnect 7000 Series switches support the following
three templates:
• Dual IPv4 and IPv6 (default)
•IPv4 Routing
•IPv4 Data Center
For information about setting the SDM template, see "Managing General
System Settings" on page 239.
Automatic Installation of Firmware and Configuration
The Auto Install feature allows the switch to upgrade or downgrade to a
newer software image and update the configuration file automatically during
device initialization with limited administrative configuration on the device.
If a USB device is connected to the switch and contains a firmware image
and/or configuration file, the Auto Install feature installs the image or
configuration file from USB device. Otherwise, the switch can obtain the
necessary information from a DHCP server on the network.
For information about Auto Install, see "Automatically Updating the Image
and Configuration" on page 345.
Switch Features 55
Page 56
sFlow
sFlow is the standard for monitoring high-speed switched and routed
networks. sFlow technology is built into network equipment and gives
complete visibility into network activity, enabling effective management and
control of network resources. The PowerConnect 7000 Series switches
support sFlow version 5.
For information about configuring managing sFlow settings, see "Monitoring
Switch Traffic" on page 363.
SNMP Alarms and Trap Logs
The system logs events with severity codes and timestamps. The events are
sent as SNMP traps to a trap recipient list.
For information about configuring SNMP traps and alarms, see "Configuring
SNMP" on page 283.
CDP Interoperability through ISDP
Industry Standard Discovery Protocol (ISDP) allows the PowerConnect
switch to interoperate with Cisco devices running the Cisco Discovery
Protocol (CDP). ISDP is a proprietary Layer 2 network protocol which interoperates with Cisco network equipment and is used to share information
between neighboring devices (routers, bridges, access servers, and switches).
For information about configuring ISDP settings, see "Discovering Network
Devices" on page 659.
Remote Monitoring (RMON)
RMON is a standard Management Information Base (MIB) that defines
current and historical MAC-layer statistics and control objects, allowing realtime information to be captured across the entire network.
For information about configuring managing RMON settings, see
"Monitoring Switch Traffic" on page 363.
56 Switch Features
Page 57
Stacking Features
For information about creating and maintaining a stack of switches, see
"Managing a Switch Stack" on page 141.
High Port Count
You can stack PowerConnect 7000 Series switches up to 12 switches high,
supporting up to 576 front-panel ports, if all units in the stack are 48-port
models. The stack can contain any combination of switch models in the
PowerConnect 7000 Series as long as all switches are running the same
firmware version.
Single IP Management
When multiple switches are connected together through the stack ports, they
operate as a single unit with a larger port count. The stack operates and is
managed as a single entity. One switch acts as the master, and the entire stack
is managed through the management interface (Web, CLI, or SNMP) of the
stack master.
Automatic Firmware Update for New Stack Members
By default, if a switch is added to a stack and the switch is running a different
backup version of firmware than the active version on the stack master, the
backup firmware on the new member is automatically updated to match the
stack master, the backup version of firmware on the new member is activated,
and the new member is rebooted.
Stacking Compatibility with the PowerConnect M6348
PowerConnect 7000 Series switches and PowerConnect M6348 switches can
be members of the same stack.
Switch Features 57
Page 58
Master Failover with Transparent Transition
The stacking feature supports a
stack master role if the stack master fails. As soon as a stack master failure is
detected, the standby unit initializes the control plane and enables all other
stack units with the current configuration. The standby unit maintains a
synchronized copy of the running configuration for the stack.
standby
or backup unit that assumes the
Nonstop Forwarding on the Stack
The Nonstop Forwarding (NSF) feature allows the forwarding plane of stack
units to continue to forward packets while the control and management
planes restart as a result of a power failure, hardware failure, or software fault
on the stack master and allows the standby switch to quickly takeover as the
master.
Hot Add/Delete and Firmware Synchronization
You can add and remove units to and from the stack without cycling the
power. When you add a unit, the Stack Firmware Synchronization feature
automatically synchronizes the firmware version with the version running on
the stack master. The synchronization operation may result in either an
upgrade or a downgrade of firmware on the mismatched stack member. In
addition, the running-config on the member is updated to match the master
switch. The startup-config on the standby and member switches is not
updated to match the master switch due to configuration changes on the
master switch. Saving the startup config on the master switch also saves it to
the startup config on all the other stack members.The hardware configuration
of every switch is updated to match the master switch (unit number, slot
configuration, stack member number, etc.).
Security Features
Configurable Access and Authentication Profiles
You can configure rules to limit access to the switch management interface
based on criteria such as access type and source IP address of the
management host. You can also require the user to be authenticated locally or
by an external server, such as a RADIUS server.
58 Switch Features
Page 59
For information about configuring access and authentication profiles, see
"Configuring Authentication, Authorization, and Accounting" on page 175.
Password-Protected Management Access
Access to the Web, CLI, and SNMP management interfaces is password
protected, and there are no default users on the system.
For information about configuring local user accounts, see "Configuring
Authentication, Authorization, and Accounting" on page 175.
Strong Password Enforcement
The Strong Password feature enforces a baseline password strength for all
locally administered users. Password strength is a measure of the effectiveness
of a password in resisting guessing and brute-force attacks. The strength of a
password is a function of length, complexity and randomness. Using strong
passwords lowers overall risk of a security breach.
For information about configuring password settings, see "Configuring
Authentication, Authorization, and Accounting" on page 175.
TACACS+ Client
The switch has a TACACS+ client. TACACS+ provides centralized security
for validation of users accessing the switch. TACACS+ provides a centralized
user management system while still retaining consistency with RADIUS and
other authentication processes.
For information about configuring TACACS+ client settings, see
"Configuring Authentication, Authorization, and Accounting" on page 175.
RADIUS Support
The switch has a Remote Authentication Dial In User Service (RADIUS)
client and can support up to 32 named authentication and accounting
RADIUS servers. The switch also supports RADIUS Attribute 4, which is the
configuration of a NAS-IP address. You can also configure the switch to
accept RADIUS-assigned VLANs.
For information about configuring RADIUS client settings, see "Configuring
Authentication, Authorization, and Accounting" on page 175.
Switch Features 59
Page 60
SSH/SSL
The switch supports Secure Shell (SSH) for secure, remote connections to
the CLI and Secure Sockets Layer (SSL) to increase security when accessing
the web-based management interface.
For information about configuring SSH and SSL settings, see "Configuring
Authentication, Authorization, and Accounting" on page 175.
Inbound Telnet Control
You can configure the switch to prevent new Telnet sessions from being
established with the switch. Additionally, the Telnet port number is
configurable.
For information about configuring inbound Telnet settings, see "Configuring
Authentication, Authorization, and Accounting" on page 175.
Denial of Service
The switch supports configurable Denial of Service (DoS) attack protection
for eight different types of attacks.
For information about configuring DoS settings, see "Configuring Port and
System Security" on page 481.
Port Protection
A port may be put into the disabled state for any of the following reasons:
• BPDU Storm Protection: By default, if Spanning Tree Protocol (STP)
bridge protocol data units (BPDUs) are received at a rate of 15pps or
greater for three consecutive seconds on a port, the port will be
diagnostically disabled. The threshold is not configurable.
• DHCP Snooping: If DHCP packets are received on a port at a rate that
exceeds 15 pps, the port will be diagnostically disabled. The threshold is
configurable up to 300 pps for up to 15s long using the
snooping limit
The default protection limit is 15 pps.
command. DHCP snooping is disabled by default.
ip dhcp
60 Switch Features
Page 61
• Dynamic ARP Inspection: By default, if Dynamic ARP Inspection packets
are received on a port at a rate that exceeds 15 pps for 1 second, the port
will be diagnostically disabled. The threshold is configurable up to 300 pps
and the burst is configurable up to 15s long using the
inspection limit
A port that is diagnostically disabled due to exceeding one of the above limits
may be returned to service using the no shut command.
command.
ip arp
Captive Portal
The Captive Portal feature blocks clients from accessing the network until
user verification has been established. When a user attempts to connect to
the network through the switch, the user is presented with a customized Web
page that might contain username and password fields or the acceptable use
policy. You can require users to be authenticated by a local or remote RADIUS
database before access is granted.
For information about configuring the Captive Portal features, see
"Configuring Captive Portal" on page 419.
Dot1x Authentication (IEEE 802.1X)
Dot1x authentication enables the authentication of system users through a
local internal server or an external server. Only authenticated and approved
system users can transmit and receive data. Supplicants are authenticated
using the Extensible Authentication Protocol (EAP). PEAP, EAP-TTL, EAPTTLS, and EAP-TLS are supported for remote authentication servers. Local
(IAS) authentication supports EAP-MD5 only.
For information about configuring IEEE 802.1X settings, see "Configuring
Port and System Security" on page 481.
MAC-Based 802.1X Authentication
MAC-based authentication allows multiple supplicants connected to the
same port to each authenticate individually. For example, a system attached
to the port might be required to authenticate in order to gain access to the
network, while a VoIP phone might not need to authenticate in order to send
voice traffic through the port.
For information about configuring MAC-based 802.1X authentication, see
"Configuring Port and System Security" on page 481.
Switch Features 61
Page 62
Dot1x Monitor Mode
Monitor mode can be enabled in conjunction with Dot1x authentication to
allow network access even when the user fails to authenticate. The switch logs
the results of the authentication process for diagnostic purposes. The main
purpose of this mode is to help troubleshoot the configuration of a Dot1x
authentication on the switch without affecting the network access to the
users of the switch.
For information about enabling the Dot1X Monitor mode, see "Configuring
Port and System Security" on page 481.
MAC-Based Port Security
The port security feature limits access on a port to users with specific MAC
addresses. These addresses are manually defined or learned on that port.
When a frame is seen on a locked port, and the frame source MAC address is
not tied to that port, the protection mechanism is invoked.
For information about configuring MAC-based port security, see "Configuring
Port and System Security" on page 481.
Access Control Lists (ACL)
Access Control Lists (ACLs) ensure that only authorized users have access to
specific resources while blocking off any unwarranted attempts to reach
network resources. ACLs are used to provide traffic flow control, restrict
contents of routing updates, decide which types of traffic are forwarded or
blocked, and above all provide security for the network. The switch supports
the following ACL types:
•IPv4 ACLs
•IPv6 ACLs
• MAC ACLs
For all ACL types, you can apply the ACL rule when the packet enters or exits
the physical port, LAG, or VLAN interface.
For information about configuring ACLs, see "Configuring Access Control
Lists" on page 523.
62 Switch Features
Page 63
Time-Based ACLs
With the Time-based ACL feature, you can define when an ACL is in effect
and the amount of time it is in effect.
For information about configuring time-based ACLs, see "Configuring Access
Control Lists" on page 523.
IP Source Guard (IPSG)
IP source guard (IPSG) is a security feature that filters IP packets based on
the source ID. The source ID may either be source IP address or a source IP
address source MAC address pair.
For information about configuring IPSG, see "Snooping and Inspecting
Traffic" on page 781.
DHCP Snooping
DHCP Snooping is a security feature that monitors DHCP messages between
a DHCP client and DHCP server. It filters harmful DHCP messages and
builds a bindings database of (MAC address, IP address, VLAN ID, port)
tuples that are specified as authorized. DHCP snooping can be enabled
globally and on specific VLANs. Ports within the VLAN can be configured to
be trusted or untrusted. DHCP servers must be reached through trusted ports.
For information about configuring DHCP Snooping, see "Snooping and
Inspecting Traffic" on page 781.
Dynamic ARP Inspection
Dynamic ARP Inspection (DAI) is a security feature that rejects invalid and
malicious ARP packets. The feature prevents a class of man-in-the-middle
attacks, where an unfriendly station intercepts traffic for other stations by
poisoning the ARP caches of its unsuspecting neighbors. The malicious
station sends ARP requests or responses mapping another station's IP address
to its own MAC address.
Dynamic ARP Inspection relies on DHCP Snooping.
For information about configuring DAI, see "Snooping and Inspecting Traffic"
on page 781.
Switch Features 63
Page 64
Protected Ports (Private VLAN Edge)
Private VLAN Edge (PVE) ports are a Layer 2 security feature that provides
port-based security between ports that are members of the same VLAN. It is
an extension of the common VLAN. Traffic from protected ports is sent only
to the uplink ports and cannot be sent to other ports within the VLAN.
For information about configuring IPSG, see "Configuring Port-Based Traffic
Control" on page 687.
64 Switch Features
Page 65
Green Technology Features
For information about configuring Green Technology features, see
"Configuring Port Characteristics" on page 457.
Energy Detect Mode
When the Energy Detect mode is enabled and the port link is down, the PHY
automatically goes down for short period of time and then wakes up to check
link pulses. This mode reduces power consumption on the port when no link
partner is present.
Energy Efficient Ethernet
The switch supports the IEEE 802.3az Energy Efficient Ethernet (EEE)
Lower Power Idle Mode, which enables both the send and receive sides of the
link to disable some functionality for power savings when the link is lightly
loaded.
Power Utilization Reporting
The switch displays the current power consumption of the power supply (or
power supplies). This information is available from the management
interface.
Switch Features 65
Page 66
Power over Ethernet (PoE) Plus Features
NOTE: The PowerConnect 7024P and 7048P switches support PoE Plus. The PoE
Plus features do not apply to the other models in the PowerConnect 7000 Series.
For information about configuring PoE Plus features, see "Managing General
System Settings" on page 239."
Power Over Ethernet (PoE) Plus Configuration
The PowerConnect 7024P and 7048P switches support PoE Plus
configuration for power threshold, power priority, SNMP traps, and PoE
legacy device support. PoE can be administratively enabled or disabled on a
per-port basis. Power can also be limited on a per-port basis.
PoE Plus Support
The PowerConnect 7024P and 7048P switches implement the PoE Plus
specification (IEEE 802.3AT). This allows power to be supplied to Class 4 PD
devices that require power greater than 15.4 Watts. Each port is capable of
delivering up to 30W of power. Real-time power supply status is also available
on the switch as part of the PoE Plus implementation.
Switching Features
Flow Control Support (IEEE 802.3x)
Flow control enables lower speed switches to communicate with higher speed
switches by requesting that the higher speed switch refrains from sending
packets. Transmissions are temporarily halted to prevent buffer overflows.
For information about configuring flow control, see "Configuring Port-Based
Traffic Control" on page 687.
Head of Line Blocking Prevention
Head of Line (HOL) blocking prevention prevents traffic delays and frame
loss caused by traffic competing for the same egress port resources. HOL
blocking queues packets, and the packets at the head of the queue are
forwarded before packets at the end of the queue.
66 Switch Features
Page 67
Jumbo Frames Support
Jumbo frames enable transporting data in fewer frames to ensure less
overhead, lower processing time, and fewer interrupts.
For information about configuring the port MTU, see "Configuring Port
Characteristics" on page 457.
Auto-MDI/MDIX Support
Your switch supports auto-detection between crossed and straight-through
cables. Media-Dependent Interface (MDI) is the standard wiring for end
stations, and the standard wiring for hubs and switches is known as MediaDependent Interface with Crossover (MDIX).
VLAN-Aware MAC-based Switching
Packets arriving from an unknown source address are sent to the CPU and
added to the Hardware Table. Future packets addressed to or from this
address are more efficiently forwarded.
Back Pressure Support
On half-duplex links, a receiver may prevent buffer overflows by jamming the
link so that it is unavailable for additional traffic. On full-duplex links, a
receiver may send a PAUSE frame indicating that the transmitter should
cease transmission of frames for a specified period.
When flow control is enabled, the PowerConnect 7000 Series switches will
observe received PAUSE frames or jamming signals, but will not issue them
when congested.
Switch Features 67
Page 68
Auto Negotiation
Auto negotiation allows the switch to advertise modes of operation. The auto
negotiation function provides the means to exchange information between
two switches that share a point-to-point link segment, and to automatically
configure both switches to take maximum advantage of their transmission
capabilities.
PowerConnect 7000 Series switches enhance auto negotiation by providing
configuration of port advertisement. Port advertisement allows the system
administrator to configure the port speeds that are advertised.
For information about configuring auto negotiation, see "Configuring Port
Characteristics" on page 457.
Broadcast Storm Control
When Layer 2 frames are forwarded, broadcast, unknown unicast, and
multicast frames are flooded to all ports on the relevant virtual local area
network (VLAN). The flooding occupies bandwidth, and loads all nodes
connected on all ports. Storm control limits the amount of broadcast,
unknown unicast, and multicast frames accepted and forwarded by the
switch.
For information about configuring Broadcast Storm Control settings, see
"Configuring Port-Based Traffic Control" on page 687.
Port Mirroring
Port mirroring monitors and mirrors network traffic by forwarding copies of
incoming and outgoing packets from up to four source ports to a monitoring
port. The switch also supports flow-based mirroring, which allows you to copy
certain types of traffic to a single destination port. This provides flexibility—
instead of mirroring all ingress or egress traffic on a port the switch can mirror
a subset of that traffic. You can configure the switch to mirror flows based on
certain kinds of Layer 2, Layer 3, and Layer 4 information.
For information about configuring port mirroring, see "Monitoring Switch
Traffic" on page 363.
68 Switch Features
Page 69
Static and Dynamic MAC Address Tables
You can add static entries to the switch’s MAC address table and configure
the aging time for entries in the dynamic MAC address table. You can also
search for entries in the dynamic table based on several different criteria.
For information about viewing and managing the MAC address table, see
"Managing the MAC Address Table" on page 837.
Link Layer Discovery Protocol (LLDP)
The IEEE 802.1AB defined standard, Link Layer Discovery Protocol (LLDP),
allows the switch to advertise major capabilities and physical descriptions.
This information can help you identify system topology and detect bad
configurations on the LAN.
For information about configuring LLDP, settings see "Discovering Network
Devices" on page 659.
Link Layer Discovery Protocol (LLDP) for Media Endpoint Devices
The Link Layer Discovery Protocol for Media Endpoint Devices (LLDPMED) provides an extension to the LLDP standard for network configuration
and policy, device location, Power over Ethernet management, and inventory
management.
For information about configuring LLDP-MED, settings see "Discovering
Network Devices" on page 659.
Connectivity Fault Management (IEEE 802.1ag)
The Connectivity Fault Management (CFM) feature, also known as Dot1ag,
supports Service Level Operations, Administration, and Management
(OAM). CFM is the OAM Protocol provision for end-to-end service layer
instance in carrier networks. The CFM feature provides mechanisms to help
you perform connectivity checks, fault detection, fault verification and
isolation, and fault notification per service in a network domain.
For information about configuring IEEE 802.1ag settings, see "Configuring
Connectivity Fault Management" on page 761.
Switch Features 69
Page 70
switchCisco Protocol Filtering
The Cisco Protocol Filtering feature (also known as Link Local Protocol
Filtering) filters Cisco protocols that should not normally be relayed by a
bridge. The group addresses of these Cisco protocols do not fall within the
IEEE defined range of the 802.1D MAC Bridge Filtered MAC Group
Addresses (01-80-C2-00-00-00 to 01-80-C2-00-00-0F).
For information about configuring LLPF, settings see "Configuring PortBased Traffic Control" on page 687.
DHCP Layer 2 Relay
This feature permits Layer 3 Relay agent functionality in Layer 2 switched
networks. The switch supports L2 DHCP relay configuration on individual
ports, link aggregation groups (LAGs) and VLANs.
For information about configuring L2 DHCP Relay settings see "Configuring
L2 and L3 Relay Features" on page 907.
Virtual Local Area Network Supported Features
For information about configuring VLAN features see "Configuring VLANs"
on page 561.
VLAN Support
VLANs are collections of switching ports that comprise a single broadcast
domain. Packets are classified as belonging to a VLAN based on either the
VLAN tag or a combination of the ingress port and packet contents. Packets
sharing common attributes can be groups in the same VLAN. The
PowerConnect 7000 Series switches are in full compliance with IEEE 802.1Q
VLAN tagging.
Port-Based VLANs
Port-based VLANs classify incoming packets to VLANs based on their ingress
port. When a port uses 802.1X port authentication, packets can be assigned
to a VLAN based on the result of the 802.1X authentication a client uses
when it accesses the switch. This feature is useful for assigning traffic to
Guest VLANs or Voice VLANs.
70 Switch Features
Page 71
IP Subnet-based VLAN
This feature allows incoming untagged packets to be assigned to a VLAN and
traffic class based on the source IP address of the packet.
MAC-based VLAN
This feature allows incoming untagged packets to be assigned to a VLAN and
traffic class based on the source MAC address of the packet.
IEEE 802.1v Protocol-Based VLANs
VLAN classification rules are defined on data-link layer (Layer 2) protocol
identification. Protocol-based VLANs are used for isolating Layer 2 traffic for
differing Layer 3 protocols.
GARP and GVRP Support
The switch supports the configuration of Generic Attribute Registration
Protocol (GARP) timers GARP VLAN Registration Protocol (GVRP) relies on
the services provided by GARP to provide IEEE 802.1Q-compliant VLAN
pruning and dynamic VLAN creation on 802.1Q trunk ports. When GVRP is
enabled, the switch registers and propagates VLAN membership on all ports
that are part of the active spanning tree protocol topology.
For information about configuring GARP timers see "Configuring L2
Multicast Features" on page 703.
Voice VLAN
The Voice VLAN feature enables switch ports to carry voice traffic with
defined priority. The priority level enables the separation of voice and data
traffic coming onto the port. Voice VLAN is the preferred solution for
enterprises wishing to deploy voice services in their network.
Switch Features 71
Page 72
Guest VLAN
The Guest VLAN feature allows a switch to provide a distinguished service to
unauthenticated users. This feature provides a mechanism to allow visitors
and contractors to have network access to reach external network with no
ability to browse information on the internal LAN.
For information about configuring the Guest VLAN see "Configuring Port
and System Security" on page 481.
Double VLANs
The Double VLAN feature (IEEE 802.1QinQ) allows the use of a second tag
on network traffic. The additional tag helps differentiate between customers
in the Metropolitan Area Networks (MAN) while preserving individual
customer’s VLAN identification when they enter their own 802.1Q domain.
72 Switch Features
Page 73
Spanning Tree Protocol Features
For information about configuring Spanning Tree Protocol features, see
"Configuring the Spanning Tree Protocol" on page 629.
Spanning Tree Protocol (STP)
Spanning Tree Protocol (IEEE 802.1D) is a standard requirement of Layer 2
switches that allows bridges to automatically prevent and resolve L2
forwarding loops.
Spanning Tree Port Settings
The STP feature supports a variety of per-port settings including path cost,
priority settings, Port Fast mode, STP Root Guard, Loop Guard, TCN Guard,
and Auto Edge. These settings are also configurable per-LAG.
Rapid Spanning Tree
Rapid Spanning Tree Protocol (RSTP) detects and uses network topologies to
enable faster spanning tree convergence after a topology change, without
creating forwarding loops. The port settings supported by STP are also
supported by RSTP.
Multiple Spanning Tree
Multiple Spanning Tree (MSTP) operation maps VLANs to spanning tree
instances. Packets assigned to various VLANs are transmitted along different
paths within MSTP Regions (MST Regions). Regions are one or more
interconnected MSTP bridges with identical MSTP settings. The MSTP
standard lets administrators assign VLAN traffic to unique paths.
The switch supports IEEE 802.1Q-2005, which is a version of corrects
problems associated with the previous version, provides for faster transitionto-forwarding, and incorporates new features for a port (restricted role and
restricted TCN).
Switch Features 73
Page 74
Bridge Protocol Data Unit (BPDU) Guard
Spanning Tree BPDU Guard is used to disable the port in case a new device
tries to enter the already existing topology of STP. Thus devices, which were
originally not a part of STP, are not allowed to influence the STP topology.
BPDU Filtering
When spanning tree is disabled on a port, the BPDU Filtering feature allows
BPDU packets received on that port to be dropped. Additionally, the BPDU
Filtering feature prevents a port in Port Fast mode from sending and receiving
BPDUs. A port in Port Fast mode is automatically placed in the forwarding
state when the link is up to increase convergence time.
Link Aggregation Features
For information about configuring link aggregation (port-channel) features,
see "Configuring Link Aggregation" on page 819.
Link Aggregation
Up to eight ports can combine to form a single Link Aggregation Group
(LAG). This enables fault tolerance protection from physical link disruption,
higher bandwidth connections and improved bandwidth granularity.
Per IEEE 802.1AX, only links with the same operational characteristics, such
as speed and duplex setting, may be aggregated. PowerConnect switches
aggregate links only if they have the same operational speed and duplex
setting, as opposed to the configured speed and duplex setting. This allows
operators to aggregate links that use auto negotiation to set values for speed
and duplex. Dissimilar ports will not become active in the LAG if their
operational settings do not match those of the first member of the LAG.
PowerConnect switches also support setting the MTU on a LAG. When a link
becomes active in a LAG, its MTU is dynamically changed to the LAG MTU.
When the link leaves the LAG, its MTU reverts to the link setting.
Link Aggregate Control Protocol (LACP)
Link Aggregate Control Protocol (LACP) uses peer exchanges across links to
determine, on an ongoing basis, the aggregation capability of various links,
and continuously provides the maximum level of aggregation capability
74 Switch Features
Page 75
achievable between a given pair of systems. LACP automatically determines,
configures, binds, and monitors the binding of ports to aggregators within the
system.
Switch Features 75
Page 76
Routing Features
Address Resolution Protocol (ARP) Table Management
You can create static ARP entries and manage many settings for the dynamic
ARP table, such as age time for entries, retries, and cache size.
For information about managing the ARP table, see "Configuring IP Routing"
on page 883.
VLAN Routing
PowerConnect 7000 Series switches support VLAN routing. You can also
configure the software to allow traffic on a VLAN to be treated as if the VLAN
were a router port.
For information about configuring VLAN routing interfaces, see "Configuring
Routing Interfaces" on page 843.
IP Configuration
The switch IP configuration settings to allow you to configure network
information for VLAN routing interfaces such as IP address and subnet mask,
MTU size, and ICMP redirects. Global IP configuration settings for the
switch allow you to enable or disable the generation of several types of ICMP
messages and enable or disable the routing mode.
For information about managing global IP settings, see "Configuring IP
Routing" on page 883.
Open Shortest Path First (OSPF)
Open Shortest Path First (OSPF) is a dynamic routing protocol commonly
used within medium-to-large enterprise networks. OSPF is an interior
gateway protocol (IGP) that operates within a single autonomous system.
For information about configuring OSPF, see "Configuring OSPF and
OSPFv3" on page 931.
76 Switch Features
Page 77
BOOTP/DHCP Relay Agent
The switch BootP/DHCP Relay Agent feature relays BootP and DHCP
messages between DHCP clients and DHCP servers that are located in
different IP subnets.
For information about configuring the BootP/DHCP Relay agent, see
"Configuring L2 and L3 Relay Features" on page 907.
IP Helper and UDP Relay
The IP Helper and UDP Relay features provide the ability to relay various
protocols to servers on a different subnet.
For information about configuring the IP helper and UDP relay features, see
"Configuring L2 and L3 Relay Features" on page 907.
Routing Information Protocol
Routing Information Protocol (RIP), like OSPF, is an IGP used within an
autonomous Internet system. RIP is an IGP that is designed to work with
moderate-size networks.
For information about configuring RIP, see "Configuring RIP" on page 1019.
Router Discovery
For each interface, you can configure the Router Discovery Protocol (RDP) to
transmit router advertisements. These advertisements inform hosts on the
local network about the presence of the router.
For information about configuring router discovery, see "Configuring IP
Routing" on page 883.
Routing Table
The routing table displays information about the routes that have been
dynamically learned. You can configure static and default routes and route
preferences. A separate table shows the routes that have been manually
configured.
For information about viewing the routing table, see "Configuring IP
Routing" on page 883.
Switch Features 77
Page 78
Virtual Router Redundancy Protocol (VRRP)
VRRP provides hosts with redundant routers in the network topology without
any need for the hosts to reconfigure or know that there are multiple routers.
If the primary (master) router fails, a secondary router assumes control and
continues to use the virtual router IP (VRIP) address.
VRRP Route Interface Tracking extends the capability of VRRP to allow
tracking of specific route/interface IP states within the router that can alter
the priority level of a virtual router for a VRRP group.
For information about configuring VRRP settings, see "Configuring VRRP"
on page 1033.
Tunnel and Loopback Interfaces
PowerConnect 7000 Series switches support the creation, deletion, and
management of tunnel and loopback interfaces. Tunnel interfaces facilitate
the transition of IPv4 networks to IPv6 networks. A loopback interface is
always expected to be up, so you can configure a stable IP address that other
network devices use to contact or identify the switch.
For information about configuring tunnel and loopback interfaces, see
"Configuring Routing Interfaces" on page 843.
IPv6 Routing Features
IPv6 Configuration
The switch supports IPv6, the next generation of the Internet Protocol. You
can globally enable IPv6 on the switch and configure settings such as the IPv6
hop limit and ICMPv6 rate limit error interval. You can also control whether
IPv6 is enabled on a specific interface. The switch supports the configuration
of many per-interface IPv6 settings including the IPv6 prefix and prefix
length.
For information about configuring general IPv6 routing settings, see
"Configuring IPv6 Routing" on page 1057.
78 Switch Features
Page 79
IPv6 Routes
Because IPv4 and IPv6 can coexist on a network, the router on such a network
needs to forward both traffic types. Given this coexistence, each switch
maintains a separate routing table for IPv6 routes. The switch can forward
IPv4 and IPv6 traffic over the same set of interfaces.
For information about configuring IPv6 routes, see "Configuring IPv6
Routing" on page 1057.
OSPFv3
OSPFv3 provides a routing protocol for IPv6 networking. OSPFv3 is a new
routing component based on the OSPF version 2 component. In dual stack
IPv6, you can configure and use both OSPF and OSPFv3 components.
For information about configuring OSPFv3, see "Configuring OSPF and
OSPFv3" on page 931.
DHCPv6
DHCPv6 incorporates the notion of the “stateless” server, where DHCPv6 is
not used for IP address assignment to a client, rather it only provides other
networking information such as DNS, Network Time Protocol (NTP), and/or
Session Initiation Protocol (SIP) information.
For information about configuring DHCPv6 settings, see "Configuring
DHCPv6 Server and Relay Settings" on page 1081.
Switch Features 79
Page 80
Quality of Service (QoS) Features
NOTE: Some features that can affect QoS, such as ACLs and Voice VLAN, are
described in other sections within this chapter.
Differentiated Services (DiffServ)
The QoS Differentiated Services (DiffServ) feature allows traffic to be
classified into streams and given certain QoS treatment in accordance with
defined per-hop behaviors. PowerConnect 7000 Series switches support both
IPv4 and IPv6 packet classification.
For information about configuring DiffServ, see "Configuring Differentiated
Services" on page 1101.
Class Of Service (CoS)
The Class Of Service (CoS) queueing feature lets you directly configure
certain aspects of switch queuing. This provides the desired QoS behavior for
different types of network traffic when the complexities of DiffServ are not
required. CoS queue characteristics, such as minimum guaranteed
bandwidth and transmission rate shaping, are configurable at the queue (or
port) level.
For information about configuring CoS, see "Configuring Class-of-Service" on
page 1129.
Auto Voice over IP (VoIP)
This feature provides ease of use for the user in setting up VoIP for IP phones
on a switch. This is accomplished by enabling a VoIP profile that a user can
select on a per port basis.
For information about configuring Auto VoI P, se e " Con fi gu ri ng A u to Vo IP" on
page 1147.
80 Switch Features
Page 81
Internet Small Computer System Interface (iSCSI) Optimization
The iSCSI Optimization feature helps network administrators track iSCSI
traffic between iSCSI initiator and target systems. This is accomplished by
monitoring, or snooping traffic to detect packets used by iSCSI stations in
establishing iSCSI sessions and connections. Data from these exchanges may
optionally be used to create classification rules to assign the traffic between
the stations to a configured traffic class. This affects how the packets in the
flow are queued and scheduled for egress on the destination port.
For information about configuring iSCSI settings, see "Configuring iSCSI
Optimization" on page 403.
Layer 2 Multicast Features
For information about configuring L2 multicast features, see "Configuring L2
Multicast Features" on page 703.
MAC Multicast Support
Multicast service is a limited broadcast service that allows one-to-many and
many-to-many connections. In Layer 2 multicast services, a single frame
addressed to a specific multicast address is received, and copies of the frame
to be transmitted on each relevant port are created.
IGMP Snooping
Internet Group Management Protocol (IGMP) Snooping is a feature that
allows a switch to forward multicast traffic intelligently on the switch.
Multicast traffic is traffic that is destined to a host group. Host groups are
identified by the destination MAC address, i.e. the range 01:00:5e:00:00:00 to
01:00:5e:7f:ff:ff:ff for IPv4 multicast traffic or 33:33:xx:xx:xx:xx for IPv6
multicast traffic. Based on the IGMP query and report messages, the switch
forwards traffic only to the ports that request the multicast traffic. This
prevents the switch from broadcasting the traffic to all ports and possibly
affecting network performance.
Switch Features 81
Page 82
IGMP Snooping Querier
When Protocol Independent Multicast (PIM) and IGMP are enabled in a
network with IP multicast routing, the IP multicast router acts as the IGMP
querier. However, if it is desirable to keep the multicast network Layer 2
switched only, the IGMP Snooping Querier can perform the query functions
of a Layer 3 multicast router.
MLD Snooping
In IPv4, Layer 2 switches can use IGMP Snooping to limit the flooding of
multicast traffic by dynamically configuring Layer 2 interfaces so that
multicast traffic is forwarded to only those interfaces associated with IP
multicast address.
In IPv6, MLD snooping performs a similar function. With MLD snooping,
IPv6 multicast data is selectively forwarded to a list of ports intended to
receive the data (instead of being flooded to all of the ports in a VLAN). This
list is constructed by snooping IPv6 multicast control packets.
Multicast VLAN Registration
The Multicast VLAN Registration (MVR) protocol, like IGMP Snooping,
allows a Layer 2 switch to listen to IGMP frames and forward the multicast
traffic only to the receivers that request it. Unlike IGMP Snooping, MVR
allows the switch to listen across different VLANs. MVR uses a dedicated
VLAN, which is called the multicast VLAN, to forward multicast traffic over
the Layer 2 network to the various VLANs that have multicast receivers as
members.
82 Switch Features
Page 83
Layer 3 Multicast Features
For information about configuring L3 multicast features, see "Managing IPv4
and IPv6 Multicast" on page 1153.
Distance Vector Multicast Routing Protocol
Distance Vector Multicast Routing Protocol (DVMRP) exchanges probe
packets with all DVMRP-enabled routers, establishing two way neighboring
relationships and building a neighbor table. It exchanges report packets and
creates a unicast topology table, which is used to build the multicast routing
table. This multicast route table is then used to route the multicast packets.
Internet Group Management Protocol
The Internet Group Management Protocol (IGMP) is used by IPv4 systems
(hosts and routers) to report their IP multicast group memberships to any
neighboring multicast routers. PowerConnect 7000 Series switches perform
the “multicast router part” of the IGMP protocol, which means it collects the
membership information needed by the active multicast router.
IGMP Proxy
The IGMP Proxy feature allows the switch to act as a proxy for hosts by
sending IGMP host messages on behalf of the hosts that the switch
discovered through standard IGMP router interfaces.
Protocol Independent Multicast—Dense Mode
Protocol Independent Multicast (PIM) is a standard multicast routing
protocol that provides scalable inter-domain multicast routing across the
Internet, independent of the mechanisms provided by any particular unicast
routing protocol. The Protocol Independent Multicast-Dense Mode (PIMDM) protocol uses an existing Unicast routing table and a Join/Prune/Graft
mechanism to build a tree. PIM-DM creates source-based shortest-path
distribution trees, making use of reverse path forwarding (RPF).
Switch Features 83
Page 84
Protocol Independent Multicast—Sparse Mode
Protocol Independent Multicast-Sparse Mode (PIM-SM) is used to efficiently
route multicast traffic to multicast groups that may span wide area networks,
and where bandwidth is a constraint. PIM-SM uses shared trees by default
and implements source-based trees for efficiency. This data threshold rate is
used to toggle between trees.
Protocol Independent Multicast—Source Specific Multicast
Protocol Independent Multicast—Source Specific Multicast (PIM-SSM) is a
subset of PIM-SM and is used for one-to-many multicast routing
applications, such as audio or video broadcasts. PIM-SSM does not use shared
trees.
Protocol Independent Multicast IPv6 Support
PIM-DM and PIM-SM support IPv6 routes.
MLD/MLDv2 (RFC2710/RFC3810)
MLD is used by IPv6 systems (listeners and routers) to report their IP
multicast addresses memberships to any neighboring multicast routers. The
implementation of MLD v2 is backward compatible with MLD v1.
MLD protocol enables the IPv6 router to discover the presence of multicast
listeners, the nodes that want to receive the multicast data packets, on its
directly attached interfaces. The protocol specifically discovers which
multicast addresses are of interest to its neighboring nodes and provides this
information to the multicast routing protocol that make the decision on the
flow of the multicast data packets.
84 Switch Features
Page 85
3
Hardware Overview
This section provides an overview of the switch hardware. The topics covered
in this section include:
• PowerConnect 7000 Series Front Panel
• PowerConnect 7000 Series Back Panel
• LED Definitions
•Switch Addresses
PowerConnect 7000 Series Front Panel
The PowerConnect 7000 Series front panel includes the following features:
•Switch Ports
•Console Port
• Out-of-Band Management Port
•USB Port
•
Reset Button
•Port and System LEDs
•
Stack Master LED and Stack Number Display
Hardware Overview 85
Page 86
The following images show the front panels of the switch models in the
Combo Ports10/100/1000Base-T Auto-sensing
Full Duplex RJ-45 Ports
Combo Ports10/100/1000Base-T RJ-45 PoE Plus Ports
Providing up to 30W per Port
SFP Ports Combo Ports
PowerConnect 7000 Series.
Figure 3-1. PowerConnect 7024 Front Panel with 24 10/100/1000Base-T Ports
Figure 3-2. PowerConnect 7024P Front Panel with 24 10/100/1000Base-T PoE Plus Ports
Figure 3-3. PowerConnect 7024F Front Panel with 24 SFP Ports
86 Hardware Overview
Page 87
Figure 3-4. PowerConnect 7048 Front Panel with 48 10/100/1000Base-T Ports
Combo Ports10/100/1000Base-T Auto-sensing
Full Duplex RJ-45 Ports
Combo Ports10/100/1000Base-T RJ-45 PoE Plus Ports
Providing up to 30W per Port
Combo Ports
10/100/1000Base-T Auto-sensing
Full Duplex RJ-45 Ports
Figure 3-5. PowerConnect 7048P Front Panel with 48 10/100/1000Base-T PoE Plus Ports
Figure 3-6. PowerConnect 7048R Front Panel with 48 10/100/1000Base-T Ports
Hardware Overview 87
Page 88
Figure 3-7 shows a detailed image of the front panel system ports and LEDs.
Reset Button
USB Port
Console Port
Out-of-Band
Management Port
System LEDs
For more information about LED color and activity meaning, see "LED
Definitions" on page 95.
Figure 3-7. Front Panel System Ports and LEDs
Switch Ports
The PowerConnect 7024 and PowerConnect 7024P front panels provide 24
Gigabit Ethernet (10/100/1000Base-T) RJ-45 ports with four SFP combo ports
that have an auto-sensing mode for speed, flow control, and duplex mode.
SFP transceivers are sold separately. The PowerConnect 7024P switch ports
are IEEE 802.3at-2009-compliant (PoE Plus) and can provided up to 30W of
power per port.
The PowerConnect 7024F front panel provides 20 Gigabit Ethernet
(10/100/1000BASE-FX) SFP ports plus 4 combo ports for copper or SFP
media support.
The PowerConnect 7048, PowerConnect 7048P, and PowerConnect 7048R
front panel provides 48 Gigabit Ethernet (10/100/1000Base-T) RJ-45 ports
with four SFP combo ports. The PowerConnect 7048P switch ports are IEEE
802.3at-2009-compliant (PoE Plus) and can provided up to 30W of power per
port.
88 Hardware Overview
Page 89
The front-panel switch ports have the following characteristics:
• The switch automatically detects the difference between crossed and
straight-through cables on RJ-45 ports.
• SFP ports support both SX and LX modules.
• RJ-45 ports support half- and full-duplex mode 10/100/1000 Mbps.
Console Port
The console port is for management through a serial interface. This port
provides a direct connection to the switch and allows you to access the CLI
from a console terminal connected to the port through the provided serial
cable (RJ-45 to female DB-9 connectors).
The console port supports asynchronous data of eight data bits, one stop bit, no
parity bit, and no flow control. The default baud rate is 9600 bps.
Out-of-Band Management Port
The Out-of-Band (OOB) management port is a 10/100/1000BASE-T
Ethernet port dedicated to remote switch management. Traffic on this port is
segregated from operational network traffic on the switch ports and cannot be
switched or routed to the operational network.
USB Port
The Type-A, female USB port supports a USB 2.0-compliant flash memory
drive. The PowerConnect switch can read or write to a flash drive formatted
as FAT-32. You can use a USB flash drive to copy switch configuration files
and images between the USB flash drive and the switch. You can also use the
USB flash drive to move and copy configuration files and images from one
switch to other switches in the network.
The USB port does not support any other type of USB device.
Hardware Overview 89
Page 90
Reset Button
The reset button is accessed through the pinhole and allows you to perform a
hard reset on the switch. To use the reset button, insert an unbent paper clip
or similar tool into the pinhole. When the switch completes the boot process
after the reset, it resumes operation with the most recently saved
configuration. Any changes made to the running configuration that were not
saved to the startup configuration prior to the reset are lost.
Port and System LEDs
The front panel contains light emitting diodes (LEDs) that indicate the
status of port links, power supplies, fans, stacking, and the overall system.
Additionally, the PowerConnect 7024P and PowerConnect 7048P switches
contain LEDs that provide information about Power over Ethernet Plus
(PoE+) status and activity on the ports.
For information about the status that the LEDs indicate, see "LED
Definitions" on page 95.
Stack Master LED and Stack Number Display
When a switch within a stack is the stack master, the stack master LED,
which is labeled M, is solid green. If the M LED is off, the stack member is
not the stack master. The Stack No. panel displays the unit number for the
stack member. If a switch is not part of a stack, the M LED is illuminated and
the stack unit number is 1.
PowerConnect 7000 Series Back Panel
The PowerConnect 7000 Series back panel has the following features:
• Expansion Slots for Plug-in Modules
• Power Supplies
• Ventilation System
• Locator LED
90 Hardware Overview
Page 91
The following images show the back panel of the PowerConnect 7000 Series
Dual 10G Slots for SFP+, 10GBase-T,
or Stacking/10GbE Modules
AC Power
Receptacle
Redundant DC Power
Supply Receptacle
Fan Vents
AC Power
Receptacle
External DC Power
Supply Receptacle
Fan Vents
Dual 10G Slots for SFP+, 10GBase-T,
or Stacking/10 GbE Modules
AC Power
Receptacle
Fan Trays
AC Power
Receptacle
Dual 10G Slots for SFP+, 10GBase-T,
or Stacking/10GbE Modules
switches.
Figure 3-8. PC7024, PC7024F, and PC7048 Back Panel
Figure 3-9. PC7024P and PC7048P Back Panel
Figure 3-10. PC7048R Back Panel
Hardware Overview 91
Page 92
Expansion Slots for Plug-in Modules
Two expansion slots are located on the back of the switch and can support the
following modules:
•10GBase-T module
•SFP+ module
•Stacking/10 GbE module
Each plug-in module has two ports. The Stacking/10GbE modules can be
configured to operate as either 16-Gigabit stacking ports or 10-Gigabit
Ethernet switch ports. The plug-in modules include hot-swap support, so you
do not need to reboot the switch after you install a new module.
The following figures show the modules available for the PowerConnect 7000
Series switches.
Figure 3-11. 10GBase-T Module
Figure 3-12. SFP+ Module
Figure 3-13. Stacking/10 GbE Module
92 Hardware Overview
Page 93
Power Supplies
PC7024 and PC7024F
PowerConnect 7024 and PowerConnect 7024F switches have an internal
180-watt power supply. The additional external power supply (PowerConnect
RPS720) provides 180 watts of power and gives full redundancy for the
switch.
PC7024P
PowerConnect 7024P switches have an internal 1000-watt power supply. The
additional external power supply (PowerConnect MPS1000) provides 1000
Watts and gives full redundancy for the switch.
PC7048
PowerConnect 7048 switches have an internal 180-watt power supply. The
additional external power supply (PowerConnect RPS720) provides 180 watts
and gives full redundancy for the switch.
PC7048P
PowerConnect 7048P switches have an internal 1000-watt power supply
which can support up to 24 ports of PoE. The additional external power
supply (PowerConnect MPS1000) allows all 48 ports of PoE, or 24 ports of
PoE and full redundancy for the switch.
PC7048R and PC7048R-RA
PowerConnect 7048R and PowerConnect 7048R-RA switches are designed as
top-of-rack switches and include two internal, replaceable, AC power supplies
for redundant or load-sharing operation. Each power supply can provide 300
watts and includes hot-swap support. This means you do not need to powerdown the switch to remove or replace one power supply while the other power
supply is operating normally. However, it is necessary to remove power from
the power supply that is being removed or replaced.
CAUTION: Remove the power cable from the modules prior to removing the
module itself. Power must not be connected prior to insertion in the chassis.
Hardware Overview 93
Page 94
Ventilation System
Three fans cool the PowerConnect 7024, PowerConnect 7024F, and
PowerConnect 7048. The PowerConnect 7024P and PowerConnect 7048P
each have two fans, with a third fan in the internal power supply. The
PowerConnect 7048R has two hot-swappable fan trays with one fan each.
Locator LED
The back panel includes an LED to help identify the switch within a rack or
room full of switches. From your remote management system, you can set the
LED to blink to help you or a local technician identify the physical location of
the switch. For information about how to enable the switch locator feature,
see "Using the Device View Switch Locator Feature" on page 108.
94 Hardware Overview
Page 95
LED Definitions
This section describes the LEDs on the front panel of the switch and on the
optional modules that plug into the back panel.
Port LEDs
Each port on a PowerConnect 7000 Series switch includes two LEDs. One
LED is on the left side of the port, and the second LED is on the right side of
the port. This section describes the LEDs on the switch ports, Out-of-Band
(OOB) management port, and console port.
100/1000/10000Base-T Port LEDs (PC7024, PC7024F, PC7048, PC7048R)
Table 3-1 contains the 100/1000/10000Base-T port LED definitions for the
PowerConnect 7024, PowerConnect 7048, and PowerConnect 7048R, as well
as the PowerConnect 7024F Combo ports.
Table 3-1. 100/1000/10000Base-T Port LED Definitions (Non-PoE Plus Models)
LED Color/Activity Definition
Left Green The port is operating at 1000 Mbps.
Yellow The port is operating at 10/100 Mbps.
Solid A link is present.
Off No link is present.
Right Green blinking The port is active.
Off The port has no activity.
100/1000/10000Base-T Port LEDs (PC7024P and PC7048P)
The 100/1000/10000Base-T ports on the PowerConnect 7024P and
PowerConnect 7048P include Power over Ethernet Plus support, and each
port is capable of delivering up to 30W of power to the connected PoEpowered device.
Table 3-2 contains the 100/1000/10000Base-T port LED definitions for the
PowerConnect 7024P and PowerConnect 7048P.
Hardware Overview 95
Page 96
Table 3-2. 100/1000/10000Base-T Port LED Definitions (PC7024P and PC7048P)
LED Color/Activity Definition
Left Green The port is operating at 1000 Mbps.
Yellow The port is operating at 10/100 Mbps.
Solid A link is present.
Off No link is present.
Right Green blinking The port is active, and PoE Plus power is off.
Yellow blinking The port is active, and PoE Plus power is on.
Yellow solid The port has no activity, and PoE Plus power is on.
Off The port has no activity, and PoE Plus power is off.
SFP Port LEDs
Table 3-3 contains SFP port LED definitions for the PowerConnect 7000
Series switches.
Table 3-3. SFP+ Port LED Definitions
LED Color/Activity Definition
Left Green The port is operating at 1000 Mbps.
Yellow The port is operating at 10/100 Mbps.
Solid A link is present.
Off No link is present.
Right Green blinking The port is active.
Off The port has no activity.
96 Hardware Overview
Page 97
Module LEDs
The 10GBase-T module has two LEDs per port, the SFP+ module has one
LED per port, and the Stacking/10 GbE module does not have any LEDs.
10 Gigabit Ethernet Port LEDs
Table 3-4 contains LED definitions for 10 GbE ports on the plug-in module
available for PowerConnect 7000 Series switches.
Table 3-4. 10 GbE Port LEDs Definitions
LED Color/Activity Definition
LNK (Left) Green solid The port is linked at 10G.
Yellow solid The port is linked at another speed.
Off The port is not linked.
ACT (Right) Green blinking The port is sending and/or receiving network
traffic.
Off The port has no activity.
SFP+ Port LEDs
Table 3-5 contains LED definitions for SFP+ port on the plug-in module
available for PowerConnect 7000 Series switches.
Table 3-5. SFP+ Port LEDs Definitions
LED Color/Activity Definition
LNK/ACT Green solid The port is linked.
Green blinking The port is sending and/or receiving network
traffic.
Off The port is not linked.
Hardware Overview 97
Page 98
Console Port LEDs
The console port is labeled with the |O|O| symbol and is for management
through a serial interface. This port provides a direct connection to the switch
and allows you to access the CLI from a console terminal connected to the
port through the provided serial cable (RJ-45 to female DB-9 connectors).
Table 3-6 contains the console port LED definitions for the PowerConnect
7000 Series switches.
Table 3-6. Console Port LED Definitions
LED Color/Activity Definition
Left Solid Green A link is present.
Off No link is present.
Out-of-Band Management Port LEDs
The OOB port is a 100/1000/10000Base-T port that is dedicated to remote
switch management. The OOB port is labeled with the symbol and is to
the right of the console port. Traffic on this port is segregated from
operational network traffic on the switch ports and cannot be switched or
routed to the operational network.
Table 3-7 contains the OOB port LED definitions for the PowerConnect 7000
Series switches.
Table 3-7. OOB Management Port LED Definitions
LED Color/Activity Definition
Left Green The port is operating at 1000 Mbps.
Yellow The port is operating at 10/100 Mbps.
Solid A link is present.
Off No link is present.
Right Green blinking The port is active.
Off The port has no activity.
98 Hardware Overview
Page 99
System LEDs
MMPSFan
Stat
u
s
P
WR
MPWR2Fan
S
t
atus
PWR
1
MEPSFan
Status
P
WR
PC7024
PC7024F
PC7048
PC7024P
PC7048P
PC7048R
The system LEDs for the PowerConnect 7000 Series switches are located on
the right side of the front panel. The system LEDs indicate whether the
switch is the stack master and provide information about the status of system
diagnostics, switch temperature and power.
The system LEDs on the front panel of the switch depend on the switch
model. Figure 3-14 shows the LEDs available on each model in the
PowerConnect 7000 Series.
Figure 3-14. System LEDs
Table 3-8 contains the System LED definitions.
Table 3-8. System LED Definitions
LED Color Definition
Status Green solid Switch is operating normally.
Green blinking Booting, and the diagnostics test is in progress.
FAN Green solid Fans are operating normally.
Red solid Critical system error detected.
Red blinking Non-critical system error detected.
Red solid One or more fans have failed.
Hardware Overview 99
Page 100
Table 3-8. System LED Definitions (Continued)
LED Color Definition
a
PWR
RPS Green solid Redundant power supply is operating normally.
EPS Green solid External power supply is operating normally.
M Green solid Master switch for the stack. A standalone switch is
a. The PowerConnect 7048R has two power supplies. The PWR1 LED indicates the status of the
first power supply, and the PWR2 LEDs indicates the status of the second power supply.
Green solid Power Supply is operating normally.
Green blinking Switch locator function activated.
Off Power is off or has failed.
Red solid A redundant power supply is detected, but it is not
operating correctly.
Off No redundant power supply is detected.
Red solid An external power supply is detected, but it is not
operating correctly.
Off No external power supply is detected.
always the master.
Off Non-master stack unit.
Switch Addresses
The switch allocates MAC addresses from the Vital Product Data information
stored locally in flash. MAC addresses are used as follows:
Table 3-9. MAC Address Use
Base switch address
Base + 1 Out-of-band port
Base + 2 Layer 2
Base + 3 Layer 3
100 Hardware Overview
Loading...