Page 1
Dell PowerConnect
8024, 8024F, 8132, 8132F, 8164,
and 8164F Switch
User’s Configuration
Guide
Regulatory Models: PC8024, PC8024F,
PC8132, PC8132F, PC8164, PC8164F
Page 2
Notes and Cautions
NOTE: A NOTE indicates important information that helps you make better use of
your computer.
CAUTION: A CAUTION indicates potential damage to hardware or loss of data if
instructions are not followed.
____________
Information in this publication is subject to change without notice.
© 2013 Dell Inc. All rights reserved.
Reproduction of these materials in any manner whatsoever without the written permission of Dell Inc.
is strictly forbidden.
Trademarks used in this text: Dell™, the DELL logo, EqualLogic™, PowerConnect™, and
OpenManage™ are trademarks of Dell Inc. Microsoft
and Windows Vista
United States and/or other countries. sFlow
is a registered trademark of Cisco Systems. Mozilla
Mozilla Foundation.
Other trademarks and trade names may be used in this publication to refer to either the entities claiming
the marks and names or their products. Dell Inc. disclaims any proprietary interest in trademarks and
trade names other than its own.
®
are either trademarks or registered trademarks of Microsoft Corporation in the
®
is a registered trademark of InMon Corporation. Cisco®
®
, Windows®, Windows Server®, MS-DOS®,
®
and Firefox® are registered trademarks of the
Regulatory Models: PC8024, PC8024F, PC8132, PC8132F, PC8164, PC8164F
January 2013 Rev. A04
Page 3
Contents
1 Introduction . . . . . . . . . . . . . . . . . . . . . . . 49
About This Document . . . . . . . . . . . . . . . . . . 49
Audience . . . . . . . . . . . . . . . . . . . . . . . . . 50
Document Conventions . . . . . . . . . . . . . . . . . 50
Additional Documentation
. . . . . . . . . . . . . . . . 51
2 Switch Features . . . . . . . . . . . . . . . . . . . 53
System Management Features . . . . . . . . . . . . . 54
Multiple Management Options
System Time Management . . . . . . . . . . . . . 54
Log Messages
Integrated DHCP Server . . . . . . . . . . . . . . 56
Management of Basic Network Information. . . . 56
IPv6 Management Features . . . . . . . . . . . . 56
Dual Software Images . . . . . . . . . . . . . . . 56
File Management
Switch Database Management Templates. . . . . 57
Automatic Installation of Firmware and
Configuration
sFlow . . . . . . . . . . . . . . . . . . . . . . . . 58
SNMP Alarms and Trap Logs . . . . . . . . . . . . 58
CDP Interoperability through ISDP
Remote Monitoring (RMON) . . . . . . . . . . . . 58
Stacking Features . . . . . . . . . . . . . . . . . . . . 59
High Port Count
. . . . . . . . . . . . . . . . . . . 55
. . . . . . . . . . . . . . . . . . 57
. . . . . . . . . . . . . . . . . . . . 57
. . . . . . . . . . . . . . . . . . . 59
. . . . . . . . . . . 54
. . . . . . . . . 58
Contents 3
Page 4
Single IP Management . . . . . . . . . . . . . . . 59
Automatic Firmware Update for New Stack
Members
Master Failover with Transparent Transition
Nonstop Forwarding on the Stack
. . . . . . . . . . . . . . . . . . . . . . 59
. . . . 60
. . . . . . . . . 60
Hot Add/Delete and Firmware
Synchronization
. . . . . . . . . . . . . . . . . . . 60
Security Features . . . . . . . . . . . . . . . . . . . . 60
Configurable Access and Authentication
. . . . . . . . . . . . . . . . . . . . . . . 60
Profiles
Password-Protected Management Access . . . . 61
Strong Password Enforcement
. . . . . . . . . . . 61
TACACS+ Client . . . . . . . . . . . . . . . . . . . 61
RADIUS Support . . . . . . . . . . . . . . . . . . 61
SSH/SSL
. . . . . . . . . . . . . . . . . . . . . . . 62
Inbound Telnet Control . . . . . . . . . . . . . . . 62
Denial of Service . . . . . . . . . . . . . . . . . . 62
Port Protection
. . . . . . . . . . . . . . . . . . . 62
Captive Portal . . . . . . . . . . . . . . . . . . . . 63
Dot1x Authentication (IEEE 802.1X) . . . . . . . . . 63
MAC-Based 802.1X Authentication
. . . . . . . . . 63
Dot1x Monitor Mode . . . . . . . . . . . . . . . . 64
MAC-Based Port Security . . . . . . . . . . . . . 64
Access Control Lists (ACL)
. . . . . . . . . . . . . 64
Time-Based ACLs . . . . . . . . . . . . . . . . . . 65
IP Source Guard (IPSG)
DHCP Snooping
. . . . . . . . . . . . . . . 65
. . . . . . . . . . . . . . . . . . . 65
Dynamic ARP Inspection . . . . . . . . . . . . . . 65
Protected Ports (Private VLAN Edge). . . . . . . . 66
4 Contents
Switching Features . . . . . . . . . . . . . . . . . . . 66
Flow Control Support (IEEE 802.3x)
. . . . . . . . . 66
Head of Line Blocking Prevention . . . . . . . . . 66
Alternate Store and Forward (ASF)
. . . . . . . . . 66
Page 5
Jumbo Frames Support . . . . . . . . . . . . . . . 67
Auto-MDI/MDIX Support . . . . . . . . . . . . . . 67
VLAN-Aware MAC-based Switching. . . . . . . . 67
Back Pressure Support
. . . . . . . . . . . . . . . 67
Auto Negotiation . . . . . . . . . . . . . . . . . . 68
Broadcast Storm Control . . . . . . . . . . . . . . 68
Port Mirroring
. . . . . . . . . . . . . . . . . . . . 68
Static and Dynamic MAC Address Tables . . . . . 69
Link Layer Discovery Protocol (LLDP) . . . . . . . 69
Link Layer Discovery Protocol (LLDP) for
Media Endpoint Devices
. . . . . . . . . . . . . . 69
Priority-based Flow Control (PFC) . . . . . . . . . 69
Data Center Bridging Exchange (DBCx)
Protocol
. . . . . . . . . . . . . . . . . . . . . . . 70
Enhanced Transmission Selection . . . . . . . . . 70
Fibre Channel over Ethernet (FCoE) Initialization
Protocol Snooping
. . . . . . . . . . . . . . . . . 70
Cisco Protocol Filtering . . . . . . . . . . . . . . . 71
DHCP Layer 2 Relay
. . . . . . . . . . . . . . . . . 71
Virtual Local Area Network Supported Features
VLAN Support
Port-Based VLANs
. . . . . . . . . . . . . . . . . . . . 71
. . . . . . . . . . . . . . . . . 71
. . . . 71
IP Subnet-based VLAN . . . . . . . . . . . . . . . 72
MAC-based VLAN . . . . . . . . . . . . . . . . . 72
IEEE 802.1v Protocol-Based VLANs
. . . . . . . . 72
GARP and GVRP Support . . . . . . . . . . . . . . 72
Voice VLAN . . . . . . . . . . . . . . . . . . . . . 72
Guest VLAN
. . . . . . . . . . . . . . . . . . . . . 73
Double VLANs . . . . . . . . . . . . . . . . . . . 73
Spanning Tree Protocol Features . . . . . . . . . . . . 74
Spanning Tree Protocol (STP)
. . . . . . . . . . . 74
Spanning Tree Port Settings . . . . . . . . . . . . 74
Rapid Spanning Tree . . . . . . . . . . . . . . . . 74
Contents 5
Page 6
Multiple Spanning Tree . . . . . . . . . . . . . . . 74
Bridge Protocol Data Unit (BPDU) Guard. . . . . . 75
BPDU Filtering . . . . . . . . . . . . . . . . . . . 75
Link Aggregation Features
Link Aggregation
Link Aggregate Control Protocol (LACP)
Routing Features
. . . . . . . . . . . . . . . . . . . . . 77
. . . . . . . . . . . . . . . . 75
. . . . . . . . . . . . . . . . . . 75
. . . . . . 75
Address Resolution Protocol (ARP) Table
Management . . . . . . . . . . . . . . . . . . . . 77
VLAN Routing . . . . . . . . . . . . . . . . . . . . 77
IP Configuration . . . . . . . . . . . . . . . . . . . 77
Open Shortest Path First (OSPF)
. . . . . . . . . . 77
BOOTP/DHCP Relay Agent . . . . . . . . . . . . . 78
IP Helper and UDP Relay . . . . . . . . . . . . . . 78
Routing Information Protocol . . . . . . . . . . . . 78
Router Discovery . . . . . . . . . . . . . . . . . . 78
Routing Table
. . . . . . . . . . . . . . . . . . . . 78
Virtual Router Redundancy Protocol (VRRP) . . . . 79
Tunnel and Loopback Interfaces . . . . . . . . . . 79
IPv6 Routing Features . . . . . . . . . . . . . . . . . . 79
IPv6 Configuration
. . . . . . . . . . . . . . . . . 79
IPv6 Routes . . . . . . . . . . . . . . . . . . . . . 80
. . . . . . . . . . . . . . . . . . . . . . . 80
OSPFv3
DHCPv6 . . . . . . . . . . . . . . . . . . . . . . . 80
6 Contents
Quality of Service (QoS) Features . . . . . . . . . . . . 81
Differentiated Services (DiffServ)
. . . . . . . . . 81
Class Of Service (CoS) . . . . . . . . . . . . . . . 81
Auto Voice over IP (VoIP) . . . . . . . . . . . . . . 81
Internet Small Computer System Interface
(iSCSI) Optimization
. . . . . . . . . . . . . . . . . 82
Page 7
Layer 2 Multicast Features . . . . . . . . . . . . . . . 82
MAC Multicast Support
. . . . . . . . . . . . . . . 82
IGMP Snooping . . . . . . . . . . . . . . . . . . . 82
IGMP Snooping Querier . . . . . . . . . . . . . . 83
MLD Snooping
. . . . . . . . . . . . . . . . . . . 83
Multicast VLAN Registration . . . . . . . . . . . . 83
Layer 3 Multicast Features . . . . . . . . . . . . . . . 84
Distance Vector Multicast Routing Protocol
. . . . 84
Internet Group Management Protocol . . . . . . . 84
IGMP Proxy . . . . . . . . . . . . . . . . . . . . . 84
Protocol Independent Multicast—Dense
. . . . . . . . . . . . . . . . . . . . . . . . 84
Mode
Protocol Independent Multicast—Sparse
Mode
. . . . . . . . . . . . . . . . . . . . . . . . 85
Protocol Independent Multicast—Source
Specific Multicast
Protocol Independent Multicast IPv6 Support
. . . . . . . . . . . . . . . . . 85
. . . 85
MLD/MLDv2 (RFC2710/RFC3810) . . . . . . . . . . 85
3 Hardware Overview. . . . . . . . . . . . . . . . . 87
PowerConnect 8000-series and 8100-series Front
. . . . . . . . . . . . . . . . . . . . . . . . . . . 87
Panel
PowerConnect 8024 Front Panel
PowerConnect 8024F Front Panel
PowerConnect 8132 Front Panel
. . . . . . . . . . 87
. . . . . . . . . 88
. . . . . . . . . . 89
PowerConnect 8132F Front Panel . . . . . . . . . 89
PowerConnect 8164 Front Panel . . . . . . . . . . 90
PowerConnect 8164F Front Panel
. . . . . . . . . 91
Hot-Pluggable Interface Modules . . . . . . . . . 92
USB Port (Power Connect 8100-series
switches only)
. . . . . . . . . . . . . . . . . . . 94
Port and System LEDs . . . . . . . . . . . . . . . 94
Contents 7
Page 8
PowerConnect 8000-series and 8100-series Back
. . . . . . . . . . . . . . . . . . . . . . . . . . . 94
Panel
Console Port
. . . . . . . . . . . . . . . . . . . . 96
Out-of-Band Management Port. . . . . . . . . . . 96
Power Supplies
. . . . . . . . . . . . . . . . . . . 96
Ventilation System . . . . . . . . . . . . . . . . . 96
LED Definitions. . . . . . . . . . . . . . . . . . . . . . 97
Port LEDs
. . . . . . . . . . . . . . . . . . . . . . 97
Module Bay LEDs . . . . . . . . . . . . . . . . . . 98
Out-of-Band Ethernet Management Port LEDs. . . 99
System LEDs
. . . . . . . . . . . . . . . . . . . . 99
Switch Addresses
. . . . . . . . . . . . . . . . . . . 100
4 Using Dell OpenManage Switch
Administrator . . . . . . . . . . . . . . . . . . . . 103
About Dell OpenManage Switch Administrator. . . . 103
Starting the Application . . . . . . . . . . . . . . . . 104
Understanding the Interface . . . . . . . . . . . . . . 105
Defining Fields
. . . . . . . . . . . . . . . . . . . . . 107
Understanding the Device View . . . . . . . . . . . . 108
Using the Device View Port Features
. . . . . . . 108
5 Using the Command-Line Interface . . . . 109
Accessing the Switch Through the CLI . . . . . . . . 109
Console Connection
Telnet Connection. . . . . . . . . . . . . . . . . 110
. . . . . . . . . . . . . . . . 109
8 Contents
Page 9
Understanding Command Modes . . . . . . . . . . . . 111
Entering CLI Commands
Using the Question Mark to Get Help
Using Command Completion
. . . . . . . . . . . . . . . . . 113
. . . . . . . 113
. . . . . . . . . . . . 114
Entering Abbreviated Commands . . . . . . . . . 114
Negating Commands . . . . . . . . . . . . . . . . 114
Understanding Error Messages
. . . . . . . . . . 115
Recalling Commands from the History Buffer . . . 115
6 Default Settings. . . . . . . . . . . . . . . . . . . 117
7 Setting the IP Address and Other
Basic Network Information . . . . . . . . . . 121
IP Address and Network Information Overview . . . . 121
What Is the Basic Network Information?
Why Is Basic Network Information Needed? . . . 122
How Is Basic Network Information
Configured?
. . . . . . . . . . . . . . . . . . . . . 123
What Is Out-of-Band Management and
In-Band Management?
. . . . . . . . . . . . . . . 123
. . . . . 121
Default Network Information
. . . . . . . . . . . . . . 125
Configuring Basic Network Information (Web) . . . . . 126
Out-of-Band Interface
. . . . . . . . . . . . . . . 126
IP Interface Configuration (Default VLAN IP
Address)
. . . . . . . . . . . . . . . . . . . . . . 127
Route Entry Configuration (Switch Default
Gateway)
Domain Name Server
Default Domain Name
. . . . . . . . . . . . . . . . . . . . . . 128
. . . . . . . . . . . . . . . . 130
. . . . . . . . . . . . . . . 131
Host Name Mapping . . . . . . . . . . . . . . . . 132
Contents 9
Page 10
Dynamic Host Name Mapping . . . . . . . . . . 133
Configuring Basic Network Information (CLI)
Enabling the DHCP Client on the OOB Port
. . . . . 134
. . . . 134
Enabling the DHCP Client on the Default
. . . . . . . . . . . . . . . . . . . . . . . 134
VLAN
Managing DHCP Leases . . . . . . . . . . . . . 135
Configuring Static Network Information on
the OOB Port
. . . . . . . . . . . . . . . . . . . 136
Configuring Static Network Information on
the Default VLAN
. . . . . . . . . . . . . . . . . 136
Configuring and Viewing Additional Network
Information
. . . . . . . . . . . . . . . . . . . . 137
Basic Network Information Configuration
Example
. . . . . . . . . . . . . . . . . . . . . . . . 138
8 Managing QSFP Ports . . . . . . . . . . . . . . 141
9 Managing a Switch Stack . . . . . . . . . . . 143
Stacking Overview . . . . . . . . . . . . . . . . . . . 143
Creating a PowerConnect 8000/8100 Series
Stack . . . . . . . . . . . . . . . . . . . . . . . 145
How is the Stack Master Selected? . . . . . . . 146
Adding a Switch to the Stack
Removing a Switch from the Stack
How is the Firmware Updated on the Stack? . . . 149
What is Stacking Standby? . . . . . . . . . . . . 149
What is Nonstop Forwarding?
Switch Stack MAC Addressing and Stack
Design Considerations
NSF Network Design Considerations
Why is Stacking Needed? . . . . . . . . . . . . 154
. . . . . . . . . . . 148
. . . . . . . . 148
. . . . . . . . . . 150
. . . . . . . . . . . . . . 153
. . . . . . . 153
10 Contents
Page 11
Default Stacking Values . . . . . . . . . . . . . . . . . 154
Managing and Monitoring the Stack (Web)
Unit Configuration
Stack Summary
. . . . . . . . . . . . . . . . . 155
. . . . . . . . . . . . . . . . . . . 157
. . . . . . . 155
Stack Firmware Synchronization . . . . . . . . . . 158
Supported Switches . . . . . . . . . . . . . . . . 159
Stack Port Summary
. . . . . . . . . . . . . . . . 160
Stack Port Counters . . . . . . . . . . . . . . . . 161
Stack Port Diagnostics . . . . . . . . . . . . . . . 161
NSF Summary
. . . . . . . . . . . . . . . . . . . . 162
Checkpoint Statistics . . . . . . . . . . . . . . . . 163
Managing the Stack (CLI) . . . . . . . . . . . . . . . . 164
Configuring Stack Member, Stack Port, and
NSF Settings
. . . . . . . . . . . . . . . . . . . . 164
Viewing and Clearing Stacking and NSF
Information
Stacking and NSF Usage Scenarios
Basic Failover
Preconfiguring a Stack Member
. . . . . . . . . . . . . . . . . . . . . 166
. . . . . . . . . . . 166
. . . . . . . . . . . . . . . . . . . . 167
. . . . . . . . . . 169
NSF in the Data Center . . . . . . . . . . . . . . . 171
NSF and VoIP . . . . . . . . . . . . . . . . . . . . 172
NSF and DHCP Snooping
. . . . . . . . . . . . . . 173
NSF and the Storage Access Network . . . . . . . 174
NSF and Routed Access
. . . . . . . . . . . . . . 176
10 Configuring Authentication,
Authorization, and Accounting . . . . . . . 179
AAA Overview . . . . . . . . . . . . . . . . . . . . . . 179
Methods
Access Lines
. . . . . . . . . . . . . . . . . . . . . . 180
. . . . . . . . . . . . . . . . . . . . 181
Contents 11
Page 12
Authentication . . . . . . . . . . . . . . . . . . . . . 181
Authorization
Exec Authorization Capabilities
. . . . . . . . . . . . . . . . . . . . . . 182
. . . . . . . . . . 183
Accounting . . . . . . . . . . . . . . . . . . . . . . . 184
Authentication Examples . . . . . . . . . . . . . . . 185
Local Authentication Example
. . . . . . . . . . 185
TACACS+ Authentication Example . . . . . . . . 186
RADIUS Authentication Example . . . . . . . . . 188
Authorization Examples . . . . . . . . . . . . . . . . 189
Local Authorization Example—Direct Login
to Privileged EXEC Mode
. . . . . . . . . . . . . 189
TACACS+ Authorization Example—Direct
Login to Privileged EXEC Mode
. . . . . . . . . . 189
TACACS+ Authorization Example—
Administrative Profiles
. . . . . . . . . . . . . . 190
TACACS+ Authorization Example—Custom
Administrative Profile
. . . . . . . . . . . . . . . 191
TACACS+ Authorization Example—
Per-command Authorization
. . . . . . . . . . . 192
RADIUS Authorization Example—Direct Login
to Privileged EXEC Mode
. . . . . . . . . . . . . 193
RADIUS Authorization Example—
Administrative Profiles
. . . . . . . . . . . . . . 193
12 Contents
Using RADIUS Servers to Control Management
. . . . . . . . . . . . . . . . . . . . . . . . . 194
Access
How Does RADIUS Control Management
Access?
. . . . . . . . . . . . . . . . . . . . . . 194
Which RADIUS Attributes Does the Switch
Support?
. . . . . . . . . . . . . . . . . . . . . . 196
How Are RADIUS Attributes Processed on the
. . . . . . . . . . . . . . . . . . . . . . 198
Switch?
Page 13
Using TACACS+ Servers to Control Management
. . . . . . . . . . . . . . . . . . . . . . . . . . 199
Access
Which TACACS+ Attributes Does the Switch
Support?
. . . . . . . . . . . . . . . . . . . . . . 200
Default Configurations. . . . . . . . . . . . . . . . . . 201
Method Lists
. . . . . . . . . . . . . . . . . . . . 201
Access Lines (AAA) . . . . . . . . . . . . . . . . 201
Access Lines (Non-AAA)
. . . . . . . . . . . . . . 202
Administrative Profiles . . . . . . . . . . . . . . . 202
11 Monitoring and Logging System
Information . . . . . . . . . . . . . . . . . . . . . . 205
System Monitoring Overview . . . . . . . . . . . . . . 205
What System Information Is Monitored?
Why Is System Information Needed? . . . . . . . 206
Where Are Log Messages Sent?
What Are the Severity Levels? . . . . . . . . . . . 207
What Are the System Startup and Operation
. . . . . . . . . . . . . . . . . . . . . . . . 207
Logs?
What Is the Log Message Format? . . . . . . . . . 208
What Factors Should Be Considered When
Configuring Logging?
. . . . . . . . . . . . . . . . 209
. . . . . . 205
. . . . . . . . . . 206
Default Log Settings . . . . . . . . . . . . . . . . . . . 209
Monitoring System Information and Configuring
Logging (Web)
Device Information
. . . . . . . . . . . . . . . . . . . . . . 210
. . . . . . . . . . . . . . . . . 210
System Health . . . . . . . . . . . . . . . . . . . 211
System Resources . . . . . . . . . . . . . . . . . 212
Integrated Cable Test for Copper Cables
. . . . . . 213
Optical Transceiver Diagnostics . . . . . . . . . . 214
Log Global Settings . . . . . . . . . . . . . . . . . 216
Contents 13
Page 14
RAM Log . . . . . . . . . . . . . . . . . . . . . 217
Log File . . . . . . . . . . . . . . . . . . . . . . 218
Remote Log Server . . . . . . . . . . . . . . . . 218
Email Alert Global Configuration . . . . . . . . . 221
Email Alert Mail Server Configuration . . . . . . 222
Email Alert Subject Configuration
Email Alert To Address Configuration
Email Alert Statistics
. . . . . . . . . . . . . . . 226
. . . . . . . . 224
. . . . . . . 225
Monitoring System Information and Configuring
Logging (CLI)
Viewing System Information
. . . . . . . . . . . . . . . . . . . . . . 227
. . . . . . . . . . . 227
Running Cable Diagnostics . . . . . . . . . . . . 227
Configuring Local Logging . . . . . . . . . . . . 228
Configuring Remote Logging
Configuring Mail Server Settings
. . . . . . . . . . . 230
. . . . . . . . . 231
Configuring Email Alerts for Log Messages . . . 232
Logging Configuration Examples . . . . . . . . . . . 234
Configuring Local and Remote Logging
. . . . . 234
Configuring Email Alerting . . . . . . . . . . . . 235
12 Managing General System Settings . . . 239
14 Contents
System Settings Overview. . . . . . . . . . . . . . . 239
Why Does System Information Need to
Be Configured?
. . . . . . . . . . . . . . . . . . 240
What Are SDM Templates? . . . . . . . . . . . . 241
Why is the System Time Needed?
. . . . . . . . 242
How Does SNTP Work?. . . . . . . . . . . . . . 242
Default General System Information . . . . . . . . . 242
Configuring General System Settings (Web)
System Information
. . . . . . . . . . . . . . . . 243
. . . . . 243
Page 15
CLI Banner . . . . . . . . . . . . . . . . . . . . . 246
SDM Template Preference
. . . . . . . . . . . . . 247
Clock . . . . . . . . . . . . . . . . . . . . . . . . 248
SNTP Global Settings . . . . . . . . . . . . . . . . 249
SNTP Authentication
. . . . . . . . . . . . . . . . 250
SNTP Server . . . . . . . . . . . . . . . . . . . . 252
Summer Time Configuration . . . . . . . . . . . . 256
Time Zone Configuration . . . . . . . . . . . . . . 257
Slot Summary . . . . . . . . . . . . . . . . . . . . 258
Supported Cards . . . . . . . . . . . . . . . . . . 259
Configuring System Settings (CLI) . . . . . . . . . . . . 260
Configuring System Information
. . . . . . . . . . 260
Configuring the Banner. . . . . . . . . . . . . . . 261
Managing the SDM Template . . . . . . . . . . . 262
Configuring SNTP Authentication and an
SNTP Server
. . . . . . . . . . . . . . . . . . . . 262
Setting the System Time and Date Manually. . . . 264
Viewing Slot Information . . . . . . . . . . . . . . 265
General System Settings Configuration Examples
Configuring System and Banner Information
Configuring SNTP
Configuring the Time Manually
. . . . . . . . . . . . . . . . . . 269
. . . . . . . . . . . 271
. . . 266
. . . 266
13 Configuring SNMP . . . . . . . . . . . . . . . . . 273
SNMP Overview . . . . . . . . . . . . . . . . . . . . . 273
What Is SNMP?
What Are SNMP Traps? . . . . . . . . . . . . . . 274
Why Is SNMP Needed?
. . . . . . . . . . . . . . . . . . . 273
. . . . . . . . . . . . . . 275
Contents 15
Page 16
Default SNMP Values . . . . . . . . . . . . . . . . . 275
Configuring SNMP (Web)
SNMP Global Parameters
SNMP View Settings
Access Control Group
. . . . . . . . . . . . . . . 277
. . . . . . . . . . . . 277
. . . . . . . . . . . . . . . 278
. . . . . . . . . . . . . . 280
SNMPv3 User Security Model (USM) . . . . . . 282
Communities . . . . . . . . . . . . . . . . . . . 285
Notification Filter
. . . . . . . . . . . . . . . . . 287
Notification Recipients . . . . . . . . . . . . . . 288
Trap Flags . . . . . . . . . . . . . . . . . . . . . 291
OSPFv2 Trap Flags
. . . . . . . . . . . . . . . . 292
OSPFv3 Trap Flags . . . . . . . . . . . . . . . . 293
Trap Log . . . . . . . . . . . . . . . . . . . . . . 294
Configuring SNMP (CLI) . . . . . . . . . . . . . . . . 295
Configuring the SNMPv3 Engine ID
. . . . . . . . 295
Configuring SNMP Views, Groups, and
Users
. . . . . . . . . . . . . . . . . . . . . . . 296
Configuring Communities . . . . . . . . . . . . . 299
Configuring SNMP Notifications (Traps and
Informs)
SNMP Configuration Examples
Configuring SNMPv1 and SNMPv2
Configuring SNMPv3
. . . . . . . . . . . . . . . . . . . . . . 301
. . . . . . . . . . . . 304
. . . . . . . . 304
. . . . . . . . . . . . . . . 305
14 Managing Images and Files. . . . . . . . . . 309
16 Contents
Image and File Management Overview . . . . . . . . 309
What Files Can Be Managed?
Why Is File Management Needed?
. . . . . . . . . . 309
. . . . . . . . 311
What Methods Are Supported for File
Management?
. . . . . . . . . . . . . . . . . . . 313
Page 17
What Factors Should Be Considered When
Managing Files?
. . . . . . . . . . . . . . . . . . 313
How Is the Running Configuration Saved?. . . . . 315
Managing Images and Files (Web) . . . . . . . . . . . 316
File System
. . . . . . . . . . . . . . . . . . . . . 316
Active Images . . . . . . . . . . . . . . . . . . . 317
USB Flash Drive. . . . . . . . . . . . . . . . . . . 318
File Download. . . . . . . . . . . . . . . . . . . . 319
File Upload
. . . . . . . . . . . . . . . . . . . . . 321
Copy Files . . . . . . . . . . . . . . . . . . . . . . 323
Managing Images and Files (CLI) . . . . . . . . . . . . 324
Downloading and Activating a New Image
. . . . . . . . . . . . . . . . . . . . . . . . 324
(TFTP)
Managing Files in Internal Flash . . . . . . . . . . 326
Managing Files on a USB Flash Device
(PowerConnect 8100-series switches only)
. . . . 327
Uploading a Configuration File (SCP) . . . . . . . . 327
Managing Configuration Scripts (SFTP) . . . . . . 328
File and Image Management Configuration
Examples
. . . . . . . . . . . . . . . . . . . . . . . . . 329
Upgrading the Firmware
Managing Configuration Scripts
. . . . . . . . . . . . . . 329
. . . . . . . . . . 332
Managing Files by Using the USB Flash
Drive (PowerConnect 8100-series switches only)
. 334
15 Automatically Updating the Image
and Configuration . . . . . . . . . . . . . . . . . 337
Auto Configuration Overview . . . . . . . . . . . . . . 337
What Is USB Auto Configuration?
What Files Does USB Auto Configuration
. . . . . . . . . . . . . . . . . . . . . . . . . 338
Use?
. . . . . . . . . 338
Contents 17
Page 18
How Does USB Auto Configuration Use the
Files on the USB Device?
. . . . . . . . . . . . . 340
What Is the Setup File Format? . . . . . . . . . . 341
What Is the DHCP Auto Configuration
Process?
. . . . . . . . . . . . . . . . . . . . . 342
Monitoring and Completing the DHCP Auto
Configuration Process
. . . . . . . . . . . . . . 347
What Are the Dependencies for DHCP Auto
Configuration?
. . . . . . . . . . . . . . . . . . 348
Default Auto Configuration Values
. . . . . . . . . . 349
Managing Auto Configuration (Web) . . . . . . . . . 350
Auto-Install Configuration
. . . . . . . . . . . . 350
Managing Auto Configuration (CLI) . . . . . . . . . . 351
Managing Auto Configuration
Auto Configuration Example
. . . . . . . . . . 351
. . . . . . . . . . . . . . 352
Enabling DHCP Auto Configuration and Auto
Image Download . . . . . . . . . . . . . . . . . 352
16 Monitoring Switch Traffic . . . . . . . . . . . 355
Traffic Monitoring Overview. . . . . . . . . . . . . . 355
What is sFlow Technology?
What is RMON?
. . . . . . . . . . . . . . . . . . 358
What is Port Mirroring?. . . . . . . . . . . . . . 359
Why is Traffic Monitoring Needed? . . . . . . . 360
Default Traffic Monitoring Values . . . . . . . . . . . 360
Monitoring Switch Traffic (Web) . . . . . . . . . . . 361
sFlow Agent Summary
sFlow Receiver Configuration . . . . . . . . . . 362
sFlow Sampler Configuration . . . . . . . . . . . 363
. . . . . . . . . . . . 355
. . . . . . . . . . . . . . 361
18 Contents
Page 19
sFlow Poll Configuration . . . . . . . . . . . . . . 364
Interface Statistics
. . . . . . . . . . . . . . . . . 365
Etherlike Statistics . . . . . . . . . . . . . . . . . 366
GVRP Statistics . . . . . . . . . . . . . . . . . . . 367
EAP Statistics
. . . . . . . . . . . . . . . . . . . . 368
Utilization Summary . . . . . . . . . . . . . . . . 369
Counter Summary. . . . . . . . . . . . . . . . . . 370
Switchport Statistics
. . . . . . . . . . . . . . . . 371
RMON Statistics . . . . . . . . . . . . . . . . . . 372
RMON History Control Statistics . . . . . . . . . . 373
RMON History Table . . . . . . . . . . . . . . . . 375
RMON Event Control . . . . . . . . . . . . . . . . 376
RMON Event Log
. . . . . . . . . . . . . . . . . . 378
RMON Alarms . . . . . . . . . . . . . . . . . . . 379
Port Statistics. . . . . . . . . . . . . . . . . . . . 381
LAG Statistics
. . . . . . . . . . . . . . . . . . . . 382
Port Mirroring. . . . . . . . . . . . . . . . . . . . 383
Monitoring Switch Traffic (CLI) . . . . . . . . . . . . . 386
Configuring sFlow
. . . . . . . . . . . . . . . . . . 386
Configuring RMON . . . . . . . . . . . . . . . . . 388
Viewing Statistics. . . . . . . . . . . . . . . . . . 390
Configuring Port Mirroring
. . . . . . . . . . . . . 391
Traffic Monitoring Configuration Examples
Configuring sFlow
Configuring RMON
. . . . . . . . . . . . . . . . . . 392
. . . . . . . . . . . . . . . . . 394
. . . . . . . 392
17 Configuring iSCSI Optimization . . . . . . . 395
iSCSI Optimization Overview . . . . . . . . . . . . . . 395
What Does iSCSI Optimization Do?
How Does the Switch Detect iSCSI Traffic
. . . . . . . . . . . . . . . . . . . . . . . . 396
Flows?
. . . . . . . . . 396
Contents 19
Page 20
How Is Quality of Service Applied to iSCSI
Traffic Flows?
. . . . . . . . . . . . . . . . . . . 396
How Does iSCSI Optimization Use ACLs? . . . . 397
What Information Does the Switch Track in
iSCSI Traffic Flows?
. . . . . . . . . . . . . . . . 398
How Does iSCSI Optimization Interact With
Dell EqualLogic Arrays?
. . . . . . . . . . . . . . 399
What Occurs When iSCSI Optimization Is
Enabled or Disabled?
. . . . . . . . . . . . . . . 399
How Does iSCSI Optimization Interact with
. . . . . . . . . . . . . . . . . . . . . . . 400
DCBx?
How Does iSCSI Optimization Interact with
Dell Compellent Arrays?
. . . . . . . . . . . . . 400
iSCSI CoS and Priority Flow Control/Enhanced
Transmission Selection Interactions
. . . . . . . 401
18 Configuring Captive Portal . . . . . . . . . . 413
20 Contents
Default iSCSI Optimization Values
. . . . . . . . . . . 402
Configuring iSCSI Optimization (Web). . . . . . . . . 403
iSCSI Global Configuration
. . . . . . . . . . . . 403
iSCSI Targets Table . . . . . . . . . . . . . . . . 404
iSCSI Sessions Table . . . . . . . . . . . . . . . 405
iSCSI Sessions Detailed . . . . . . . . . . . . . 406
Configuring iSCSI Optimization (CLI)
. . . . . . . . . 407
iSCSI Optimization Configuration Examples . . . . . 409
Configuring iSCSI Optimization Between
Servers and a Disk Array
. . . . . . . . . . . . . 409
Captive Portal Overview . . . . . . . . . . . . . . . . 413
What Does Captive Portal Do?
. . . . . . . . . . 413
Is the Captive Portal Feature Dependent on
Any Other Feature?
. . . . . . . . . . . . . . . . 414
Page 21
What Factors Should Be Considered When
Designing and Configuring a Captive Portal?
. . . 415
How Does Captive Portal Work? . . . . . . . . . . 416
What Captive Portal Pages Can Be
Customized?
. . . . . . . . . . . . . . . . . . . . 417
Default Captive Portal Behavior and Settings . . . . . 418
Configuring the Captive Portal (Web)
Captive Portal Global Configuration
Captive Portal Configuration
Local User
User Group
Interface Association
. . . . . . . . . . . . . . . . . . . . . 426
. . . . . . . . . . . . . . . . . . . . . 430
. . . . . . . . . . . . . . . . 432
. . . . . . . . . . 420
. . . . . . . . 420
. . . . . . . . . . . . 421
Captive Portal Global Status . . . . . . . . . . . . 433
Captive Portal Activation and Activity Status . . . 434
Interface Activation Status. . . . . . . . . . . . . 435
Interface Capability Status . . . . . . . . . . . . . 436
Client Summary . . . . . . . . . . . . . . . . . . . 437
Client Detail . . . . . . . . . . . . . . . . . . . . . 438
Captive Portal Interface Client Status
. . . . . . . 439
Captive Portal Client Status . . . . . . . . . . . . 440
Configuring Captive Portal (CLI) . . . . . . . . . . . . . 441
Configuring Global Captive Portal Settings
. . . . . 441
Creating and Configuring a Captive Portal . . . . . 442
Configuring Captive Portal Groups and Users
Managing Captive Portal Clients
. . . . . . . . . . 446
. . . 445
Captive Portal Configuration Example . . . . . . . . . 447
Configuration Overview
Detailed Configuration Procedures
. . . . . . . . . . . . . . . 448
. . . . . . . . 449
Contents 21
Page 22
19 Configuring Port Characteristics. . . . . . 451
Port Overview . . . . . . . . . . . . . . . . . . . . . 451
What Physical Port Characteristics Can Be
Configured? . . . . . . . . . . . . . . . . . . . . 451
What is Link Dependency? . . . . . . . . . . . . 452
What Interface Types are Supported? . . . . . . 454
What is Interface Configuration Mode? . . . . . 454
Default Port Values. . . . . . . . . . . . . . . . . . . 456
Configuring Port Characteristics (Web)
Port Configuration
. . . . . . . . . . . . . . . . . 457
Link Dependency Configuration
. . . . . . . . 457
. . . . . . . . . 460
Link Dependency Summary . . . . . . . . . . . . 462
Configuring Port Characteristics (CLI). . . . . . . . . 463
Configuring Port Settings
. . . . . . . . . . . . . 463
Configuring Link Dependencies . . . . . . . . . 464
Port Configuration Examples . . . . . . . . . . . . . 466
Configuring Port Settings
. . . . . . . . . . . . . 466
Configuring a Link Dependency Groups . . . . . 467
20 Configuring Port and System
Security . . . . . . . . . . . . . . . . . . . . . . . . . 469
IEEE 802.1X . . . . . . . . . . . . . . . . . . . . . . . 470
What is IEEE 802.1X?
What are the 802.1X Port States?. . . . . . . . . 471
What is MAC-Based 802.1X Authentication?
What is the Role of 802.1X in VLAN
Assignment?
What is Monitor Mode?
. . . . . . . . . . . . . . . 470
. . . . . . . . . . . . . . . . . . . 473
. . . . . . . . . . . . . . 475
. . . 472
22 Contents
Page 23
How Does the Authentication Server Assign
DiffServ Filters?
. . . . . . . . . . . . . . . . . . . 477
What is the Internal Authentication Server?. . . . 477
Default 802.1X Values
. . . . . . . . . . . . . . . . 478
Configuring IEEE 802.1X (Web) . . . . . . . . . . . 479
Configuring IEEE 802.1X (CLI) . . . . . . . . . . . . 488
Configuring Internal Authentication Server
. . . . . . . . . . . . . . . . . . . . . . . . 493
Users
IEEE 802.1X Configuration Examples . . . . . . . . 493
Port Security (Port-MAC Locking)
Default 802.1X Values
Configuring Port Security (CLI)
Denial of Service
. . . . . . . . . . . . . . . . . . . . 511
. . . . . . . . . . . . 507
. . . . . . . . . . . . . . . . 507
. . . . . . . . . . . 510
21 Configuring Access Control Lists . . . . . 513
ACL Overview . . . . . . . . . . . . . . . . . . . . . . 513
What Are MAC ACLs?
What Are IP ACLs? . . . . . . . . . . . . . . . . . 515
What Is the ACL Redirect Function?
What Is the ACL Mirror Function? . . . . . . . . . 515
What Is ACL Logging . . . . . . . . . . . . . . . . 516
What Are Time-Based ACLs?
What Are the ACL Limitations?. . . . . . . . . . . 517
How Are ACLs Configured?
Preventing False ACL Matches
Configuring ACLs (Web)
IP ACL Configuration
IP ACL Rule Configuration
MAC ACL Configuration . . . . . . . . . . . . . . 524
MAC ACL Rule Configuration. . . . . . . . . . . . 526
IPv6 ACL Configuration . . . . . . . . . . . . . . . 527
. . . . . . . . . . . . . . . 514
. . . . . . . . 515
. . . . . . . . . . . . 516
. . . . . . . . . . . . . 518
. . . . . . . . . . . 518
. . . . . . . . . . . . . . . . . 520
. . . . . . . . . . . . . . . . 520
. . . . . . . . . . . . . 522
Contents 23
Page 24
IPv6 ACL Rule Configuration . . . . . . . . . . . 528
ACL Binding Configuration . . . . . . . . . . . . 530
Time Range Entry Configuration . . . . . . . . . 531
Configuring ACLs (CLI)
Configuring an IPv4 ACL
Configuring a MAC ACL
. . . . . . . . . . . . . . . . . 533
. . . . . . . . . . . . . 533
. . . . . . . . . . . . . . 535
Configuring an IPv6 ACL . . . . . . . . . . . . . 537
Configuring a Time Range. . . . . . . . . . . . . 539
ACL Configuration Examples. . . . . . . . . . . . . . 541
Configuring an IP ACL
. . . . . . . . . . . . . . . 541
Configuring a MAC ACL . . . . . . . . . . . . . . 543
Configuring a Time-Based ACL
Configuring a Management Access List
. . . . . . . . . . 545
. . . . . 546
22 Configuring VLANs. . . . . . . . . . . . . . . . . 551
VLAN Overview . . . . . . . . . . . . . . . . . . . . 551
Switchport Modes
VLAN Tagging . . . . . . . . . . . . . . . . . . . 555
. . . . . . . . . . . . . . . . . . . . . . . 556
GVRP
Double-VLAN Tagging . . . . . . . . . . . . . . 556
Voice VLAN . . . . . . . . . . . . . . . . . . . . 557
Private VLANs
Additional VLAN Features . . . . . . . . . . . . 565
. . . . . . . . . . . . . . . . 554
. . . . . . . . . . . . . . . . . . . 560
24 Contents
Default VLAN Behavior . . . . . . . . . . . . . . . . 566
Configuring VLANs (Web)
VLAN Membership
VLAN Port Settings
VLAN LAG Settings
Bind MAC to VLAN
Bind IP Subnet to VLAN
. . . . . . . . . . . . . . . 568
. . . . . . . . . . . . . . . . 568
. . . . . . . . . . . . . . . . 573
. . . . . . . . . . . . . . . . 574
. . . . . . . . . . . . . . . . 576
. . . . . . . . . . . . . . 577
Page 25
GVRP Parameters. . . . . . . . . . . . . . . . . . 579
Protocol Group
Adding a Protocol Group
. . . . . . . . . . . . . . . . . . . 581
. . . . . . . . . . . . . . 582
Double VLAN Global Configuration. . . . . . . . . 584
Double VLAN Interface Configuration . . . . . . . 585
Voice VLAN
. . . . . . . . . . . . . . . . . . . . . 587
Configuring VLANs (CLI) . . . . . . . . . . . . . . . . . 588
Creating a VLAN
. . . . . . . . . . . . . . . . . . 588
Configuring a Port in Access Mode . . . . . . . . 588
Configuring a Port in Trunk Mode
. . . . . . . . . 589
Configuring a Port in General Mode . . . . . . . . 592
Configuring VLAN Settings for a LAG . . . . . . . 593
Configuring Double VLAN Tagging . . . . . . . . . 595
Configuring MAC-Based VLANs . . . . . . . . . . 596
Configuring IP-Based VLANs
. . . . . . . . . . . . 597
Configuring a Protocol-Based VLAN . . . . . . . . 597
Configuring GVRP. . . . . . . . . . . . . . . . . . 599
Configuring Voice VLANs
. . . . . . . . . . . . . . 601
VLAN Configuration Examples
. . . . . . . . . . . . . 602
Configuring VLANs Using Dell OpenManage
Administrator . . . . . . . . . . . . . . . . . . . . 605
Configure the VLANs and Ports on Switch 2
Configuring VLANs Using the CLI
. . . . . . . . . . 610
Configuring a Voice VLAN . . . . . . . . . . . . . 614
23 Configuring the Spanning Tree
Protocol . . . . . . . . . . . . . . . . . . . . . . . . 619
STP Overview . . . . . . . . . . . . . . . . . . . . . . 619
What Are Classic STP, Multiple STP, and
Rapid STP?
How Does STP Work?
How Does MSTP Operate in the Network? . . . . 621
. . . . . . . . . . . . . . . . . . . . . 619
. . . . . . . . . . . . . . . 620
Contents 25
. . . . 609
Page 26
MSTP with Multiple Forwarding Paths . . . . . . 625
What are the Optional STP Features?
. . . . . . 626
Default STP Values. . . . . . . . . . . . . . . . . . . 629
Configuring Spanning Tree (Web) . . . . . . . . . . . 630
STP Global Settings
. . . . . . . . . . . . . . . . 630
STP Port Settings . . . . . . . . . . . . . . . . . 632
STP LAG Settings . . . . . . . . . . . . . . . . . 634
Rapid Spanning Tree
MSTP Settings
MSTP Interface Settings
. . . . . . . . . . . . . . . 635
. . . . . . . . . . . . . . . . . . 638
. . . . . . . . . . . . . 640
Configuring Spanning Tree (CLI). . . . . . . . . . . . 642
Configuring Global STP Bridge Settings
. . . . . 642
Configuring Optional STP Features . . . . . . . . 643
Configuring STP Interface Settings
. . . . . . . . 644
Configuring MSTP Switch Settings . . . . . . . . 645
Configuring MSTP Interface Settings . . . . . . 646
24 Discovering Network Devices . . . . . . . . 651
26 Contents
STP Configuration Examples
Configuring STP
Configuring MSTP
. . . . . . . . . . . . . . 647
. . . . . . . . . . . . . . . . . . 647
. . . . . . . . . . . . . . . . . 649
Device Discovery Overview . . . . . . . . . . . . . . 651
What Is ISDP?
What is LLDP?
. . . . . . . . . . . . . . . . . . . 651
. . . . . . . . . . . . . . . . . . . 651
What is LLDP-MED? . . . . . . . . . . . . . . . 652
Why are Device Discovery Protocols
Needed?
. . . . . . . . . . . . . . . . . . . . . . 652
Page 27
Default IDSP and LLDP Values . . . . . . . . . . . . . 653
Configuring ISDP and LLDP (Web)
ISDP Global Configuration
ISDP Cache Table
. . . . . . . . . . . . . . . . . . 656
. . . . . . . . . . . . 655
. . . . . . . . . . . . . 655
ISDP Interface Configuration. . . . . . . . . . . . 657
ISDP Statistics . . . . . . . . . . . . . . . . . . . 659
LLDP Configuration
. . . . . . . . . . . . . . . . . 660
LLDP Statistics . . . . . . . . . . . . . . . . . . . 662
LLDP Connections . . . . . . . . . . . . . . . . . 663
LLDP-MED Global Configuration
. . . . . . . . . . 665
LLDP-MED Interface Configuration . . . . . . . . 666
LLDP-MED Local Device Information . . . . . . . 668
LLDP-MED Remote Device Information
. . . . . . 669
Configuring ISDP and LLDP (CLI) . . . . . . . . . . . . 670
Configuring Global ISDP Settings
. . . . . . . . . 670
Enabling ISDP on a Port . . . . . . . . . . . . . . 671
Viewing and Clearing ISDP Information . . . . . . 671
Configuring Global LLDP Settings . . . . . . . . . 672
Configuring Port-based LLDP Settings . . . . . . . 672
Viewing and Clearing LLDP Information . . . . . . 673
Configuring LLDP-MED Settings
Viewing LLDP-MED Information
. . . . . . . . . . 674
. . . . . . . . . . 675
Device Discovery Configuration Examples . . . . . . . 675
Configuring ISDP
Configuring LLDP
. . . . . . . . . . . . . . . . . . 675
. . . . . . . . . . . . . . . . . . 676
25 Configuring Port-Based Traffic
Control . . . . . . . . . . . . . . . . . . . . . . . . . 679
Port-Based Traffic Control Overview . . . . . . . . . . 679
What is Flow Control?
What is Storm Control?
. . . . . . . . . . . . . . . 680
. . . . . . . . . . . . . . . 680
Contents 27
Page 28
What are Protected Ports? . . . . . . . . . . . . 681
What is Link Local Protocol Filtering? . . . . . . 681
Default Port-Based Traffic Control Values . . . . . . 682
Configuring Port-Based Traffic Control (Web)
Flow Control (Global Port Parameters)
Storm Control
Protected Port Configuration
. . . . . . . . . . . . . . . . . . . 684
. . . . . . . . . . . 686
. . . . 683
. . . . . . 683
LLPF Configuration . . . . . . . . . . . . . . . . 688
Configuring Port-Based Traffic Control (CLI) . . . . . 690
Configuring Flow Control and Storm Control
. . . 690
Configuring Protected Ports . . . . . . . . . . . 691
Configuring LLPF . . . . . . . . . . . . . . . . . 692
Port-Based Traffic Control Configuration
Example
. . . . . . . . . . . . . . . . . . . . . . . . 693
26 Configuring L2 Multicast Features . . . . 695
L2 Multicast Overview . . . . . . . . . . . . . . . . . 695
What Are the Multicast Bridging Features?
What Is L2 Multicast Traffic? . . . . . . . . . . . 696
What Is IGMP Snooping?
. . . . . . . . . . . . . 697
What Is MLD Snooping? . . . . . . . . . . . . . 699
What Is Multicast VLAN Registration?
When Are L3 Multicast Features Required?
What Are GARP and GMRP? . . . . . . . . . . . 702
. . . 695
. . . . . . 700
. . . 701
28 Contents
Snooping Switch Restrictions. . . . . . . . . . . . . 703
Partial IGMPv3 and MLDv2 Support
. . . . . . . 703
MAC Address-Based Multicast Group . . . . . . 703
IGMP/MLD Snooping in a Multicast Router . . . 703
Page 29
Topologies Where the Multicast Source Is
Not Directly Connected to the Querier
. . . . . . . 704
Using Static Multicast MAC Configuration. . . . . 704
IGMP Snooping and GMRP
. . . . . . . . . . . . . 704
Default L2 Multicast Values
. . . . . . . . . . . . . . . 705
Configuring L2 Multicast Features (Web) . . . . . . . . 707
Multicast Global Parameters
. . . . . . . . . . . . 707
Bridge Multicast Group . . . . . . . . . . . . . . . 708
MRouter Status. . . . . . . . . . . . . . . . . . . 711
General IGMP Snooping . . . . . . . . . . . . . . 712
Global Querier Configuration . . . . . . . . . . . . 715
VLAN Querier . . . . . . . . . . . . . . . . . . . . 716
VLAN Querier Status
. . . . . . . . . . . . . . . . 719
MFDB IGMP Snooping Table . . . . . . . . . . . . 720
MLD Snooping General. . . . . . . . . . . . . . . 721
MLD Snooping Global Querier Configuration
MLD Snooping VLAN Querier
. . . . . . . . . . . 724
. . . 723
MLD Snooping VLAN Querier Status . . . . . . . . 727
MFDB MLD Snooping Table . . . . . . . . . . . . 728
MVR Global Configuration
. . . . . . . . . . . . . 729
MVR Members . . . . . . . . . . . . . . . . . . . 730
MVR Interface Configuration . . . . . . . . . . . . 731
MVR Statistics . . . . . . . . . . . . . . . . . . . 734
GARP Timers . . . . . . . . . . . . . . . . . . . . 735
GMRP Parameters
MFDB GMRP Table
. . . . . . . . . . . . . . . . . 737
. . . . . . . . . . . . . . . . . 739
Configuring L2 Multicast Features (CLI)
Configuring Layer 2 Multicasting
Configuring IGMP Snooping on VLANs
. . . . . . . . . 740
. . . . . . . . . . 740
. . . . . . 741
Configuring IGMP Snooping Querier . . . . . . . . 742
Configuring MLD Snooping on VLANs . . . . . . . 743
Configuring MLD Snooping Querier
. . . . . . . . 744
Configuring MVR . . . . . . . . . . . . . . . . . . 745
Contents 29
Page 30
Configuring GARP Timers and GMRP. . . . . . . 747
Case Study on a Real-World Network Topology
Multicast Snooping Case Study
. . . . . . . . . 748
. . . 748
27 Snooping and Inspecting Traffic . . . . . . 753
Traffic Snooping and Inspection Overview . . . . . . 753
What Is DHCP Snooping?
How Is the DHCP Snooping Bindings
Database Populated?
What Is IP Source Guard? . . . . . . . . . . . . 757
What is Dynamic ARP Inspection?
Why Is Traffic Snooping and Inspection
Necessary?
. . . . . . . . . . . . . . . . . . . . 759
Default Traffic Snooping and Inspection Values . . . 759
Configuring Traffic Snooping and Inspection
(Web)
. . . . . . . . . . . . . . . . . . . . . . . . . . 761
DHCP Snooping Configuration
DHCP Snooping Interface Configuration . . . . . 762
DHCP Snooping VLAN Configuration . . . . . . . 764
DHCP Snooping Persistent Configuration
DHCP Snooping Static Bindings
Configuration
. . . . . . . . . . . . . . . . . . . 767
DHCP Snooping Dynamic Bindings
Summary
. . . . . . . . . . . . . . . . . . . . . 769
DHCP Snooping Statistics
IPSG Interface Configuration . . . . . . . . . . . 771
IPSG Binding Configuration
IPSG Binding Summary . . . . . . . . . . . . . . 773
DAI Global Configuration . . . . . . . . . . . . . 774
DAI Interface Configuration
DAI VLAN Configuration . . . . . . . . . . . . . 777
DAI ACL Configuration . . . . . . . . . . . . . . 778
. . . . . . . . . . . . . 754
. . . . . . . . . . . . . . . 755
. . . . . . . . 758
. . . . . . . . . . 761
. . . . 766
. . . . . . . . . . . . 770
. . . . . . . . . . . . 772
. . . . . . . . . . . 775
30 Contents
Page 31
DAI ACL Rule Configuration . . . . . . . . . . . . 779
DAI Statistics . . . . . . . . . . . . . . . . . . . . 781
Configuring Traffic Snooping and Inspection (CLI) . . . 782
Configuring DHCP Snooping
. . . . . . . . . . . . 782
Configuring IP Source Guard . . . . . . . . . . . . 784
Configuring Dynamic ARP Inspection . . . . . . . 785
Traffic Snooping and Inspection Configuration
Examples
. . . . . . . . . . . . . . . . . . . . . . . . . 787
Configuring DHCP Snooping
Configuring IPSG
. . . . . . . . . . . . . . . . . . 789
. . . . . . . . . . . . 787
28 Configuring Link Aggregation . . . . . . . . 791
Link Aggregation Overview . . . . . . . . . . . . . . . 791
Why Are Link Aggregation Groups
Necessary? . . . . . . . . . . . . . . . . . . . . . 792
What Is the Difference Between Static and
Dynamic Link Aggregation?
What is LAG Hashing?
How Do LAGs Interact with Other Features?. . . . 794
LAG Configuration Guidelines . . . . . . . . . . . 795
. . . . . . . . . . . . 792
. . . . . . . . . . . . . . . 793
Default Link Aggregation Values
. . . . . . . . . . . . 795
Configuring Link Aggregation (Web) . . . . . . . . . . 796
LAG Configuration
. . . . . . . . . . . . . . . . . 796
LACP Parameters. . . . . . . . . . . . . . . . . . 798
LAG Membership . . . . . . . . . . . . . . . . . . 800
LAG Hash Configuration . . . . . . . . . . . . . . 801
LAG Hash Summary . . . . . . . . . . . . . . . . 802
Configuring Link Aggregation (CLI) . . . . . . . . . . . 803
Configuring LAG Characteristics
. . . . . . . . . . 803
Configuring Link Aggregation Groups . . . . . . . 804
Contents 31
Page 32
Configuring LACP Parameters . . . . . . . . . . 806
Link Aggregation Configuration Examples
Configuring Dynamic LAGs
Configuring Static LAGs
. . . . . . . . . . . . 807
. . . . . . . . . . . . . . 808
. . . . . . 807
29 Configuring Data Center Bridging
Features . . . . . . . . . . . . . . . . . . . . . . . . 809
Data Center Bridging Technology Overview . . . . . 809
Default DCB Values
Priority Flow Control
PFC Operation and Behavior
Configuring PFC Using the Web Interface
Configuring PFC Using the CLI . . . . . . . . . . 814
PFC Configuration Example . . . . . . . . . . . . 816
DCB Capability Exchange . . . . . . . . . . . . . . . 818
Interoperability with IEEE DCBx
DCBx and Port Roles . . . . . . . . . . . . . . . 819
Configuration Source Port Selection
Process
. . . . . . . . . . . . . . . . . . . . . . 821
Disabling DCBX . . . . . . . . . . . . . . . . . . 823
Configuring DCBx
. . . . . . . . . . . . . . . . 810
. . . . . . . . . . . . . . . . . . 811
. . . . . . . . . . . 811
. . . . 812
. . . . . . . . . 819
. . . . . . . . . . . . . . . . . 823
32 Contents
FIP Snooping
Enabling and Disabling FIP Snooping
Configuring the FC Map Value
. . . . . . . . . . . . . . . . . . . . . . 826
. . . . . . . 826
. . . . . . . . . . 827
Configuring Ports for FIP Snooping . . . . . . . . 827
Configuring FIP Snooping (CLI) . . . . . . . . . . 828
FIP Snooping Configuration Example
Enhanced Transmission Selection
ETS Operation
. . . . . . . . . . . . . . . . . . . 832
. . . . . . . 829
. . . . . . . . . . . 831
Page 33
Commands . . . . . . . . . . . . . . . . . . . . . 835
ETS Configuration Example. . . . . . . . . . . . . 837
ETS Theory of Operation . . . . . . . . . . . . . . 843
30 Managing the MAC Address Table . . . . 849
MAC Address Table Overview. . . . . . . . . . . . . . 849
How Is the Address Table Populated?
What Information Is in the MAC Address
Table?
. . . . . . . . . . . . . . . . . . . . . . . . 850
How Is the MAC Address Table Maintained
Across a Stack?
. . . . . . . . . . . . . . . . . . 850
Default MAC Address Table Values . . . . . . . . . . . 850
Managing the MAC Address Table (Web). . . . . . . . 851
Static Address Table
. . . . . . . . . . . . . . . . 851
Dynamic Address Table . . . . . . . . . . . . . . 853
Managing the MAC Address Table (CLI) . . . . . . . . 854
Managing the MAC Address Table
. . . . . . . 849
. . . . . . . . . 854
31 Configuring Routing Interfaces . . . . . . . 855
Routing Interface Overview . . . . . . . . . . . . . . . 855
What Are VLAN Routing Interfaces?
What Are Loopback Interfaces?
What Are Tunnel Interfaces?. . . . . . . . . . . . 857
Why Are Routing Interfaces Needed? . . . . . . . 858
Default Routing Interface Values . . . . . . . . . . . . 860
Configuring Routing Interfaces (Web). . . . . . . . . . 861
IP Interface Configuration
. . . . . . . . . . . . . 861
DHCP Lease Parameters . . . . . . . . . . . . . . 862
. . . . . . . . 855
. . . . . . . . . . 856
Contents 33
Page 34
VLAN Routing Summary . . . . . . . . . . . . . 862
Tunnel Configuration . . . . . . . . . . . . . . . 863
Tunnels Summary . . . . . . . . . . . . . . . . . 864
Loopbacks Configuration
Loopbacks Summary
. . . . . . . . . . . . . 865
. . . . . . . . . . . . . . . 866
Configuring Routing Interfaces (CLI) . . . . . . . . . 867
Configuring VLAN Routing Interfaces (IPv4)
. . . 867
Configuring Loopback Interfaces. . . . . . . . . 869
Configuring Tunnels. . . . . . . . . . . . . . . . 870
32 Configuring DHCP Server Settings . . . . 871
DHCP Overview . . . . . . . . . . . . . . . . . . . . 871
How Does DHCP Work?
What are DHCP Options? . . . . . . . . . . . . . 872
What Additional DHCP Features Does the
Switch Support?
. . . . . . . . . . . . . . 871
. . . . . . . . . . . . . . . . . 873
34 Contents
Default DHCP Server Values
. . . . . . . . . . . . . . 873
Configuring the DHCP Server (Web). . . . . . . . . . 874
DHCP Server Network Properties
. . . . . . . . 874
Address Pool . . . . . . . . . . . . . . . . . . . 876
Address Pool Options
. . . . . . . . . . . . . . . 880
DHCP Bindings . . . . . . . . . . . . . . . . . . 882
DHCP Server Reset Configuration
DHCP Server Conflicts Information
. . . . . . . . 883
. . . . . . . . 884
DHCP Server Statistics . . . . . . . . . . . . . . 885
Configuring the DHCP Server (CLI) . . . . . . . . . . 886
Configuring Global DHCP Server Settings
. . . . 886
Configuring a Dynamic Address Pool. . . . . . . 887
Configuring a Static Address Pool . . . . . . . . 888
Monitoring DHCP Server Information
. . . . . . 889
Page 35
DHCP Server Configuration Examples . . . . . . . . . 890
Configuring a Dynamic Address Pool
. . . . . . . 890
Configuring a Static Address Pool . . . . . . . . . 892
33 Configuring IP Routing . . . . . . . . . . . . . 895
IP Routing Overview . . . . . . . . . . . . . . . . . . . 895
Default IP Routing Values
. . . . . . . . . . . . . . . . 897
Configuring IP Routing Features (Web) . . . . . . . . . 899
IP Configuration
. . . . . . . . . . . . . . . . . . . 899
IP Statistics . . . . . . . . . . . . . . . . . . . . . 900
ARP Create . . . . . . . . . . . . . . . . . . . . . 901
ARP Table Configuration . . . . . . . . . . . . . . 902
Router Discovery Configuration
. . . . . . . . . . 903
Router Discovery Status . . . . . . . . . . . . . . 904
Route Table . . . . . . . . . . . . . . . . . . . . . 905
Best Routes Table
. . . . . . . . . . . . . . . . . 906
Route Entry Configuration . . . . . . . . . . . . . 907
Configured Routes . . . . . . . . . . . . . . . . . 909
Route Preferences Configuration
. . . . . . . . . 910
Configuring IP Routing Features (CLI) . . . . . . . . . . 911
Configuring Global IP Routing Settings
. . . . . . . 911
Adding Static ARP Entries and Configuring
ARP Table Settings
Configuring Router Discovery (IRDP)
. . . . . . . . . . . . . . . . . 912
. . . . . . . . 913
Configuring Route Table Entries and Route
Preferences
. . . . . . . . . . . . . . . . . . . . . 914
IP Routing Configuration Example . . . . . . . . . . . 916
Configuring PowerConnect Switch A
. . . . . . . 917
Configuring PowerConnect Switch B . . . . . . . 918
Contents 35
Page 36
34 Configuring L2 and L3 Relay
Features . . . . . . . . . . . . . . . . . . . . . . . . 919
L2 and L3 Relay Overview . . . . . . . . . . . . . . . 919
What Is L3 DHCP Relay?
What Is L2 DHCP Relay? . . . . . . . . . . . . . 920
What Is the IP Helper Feature? . . . . . . . . . . 921
Default L2/L3 Relay Values. . . . . . . . . . . . . . . 925
Configuring L2 and L3 Relay Features (Web) . . . . . 926
DHCP Relay Global Configuration
DHCP Relay Interface Configuration . . . . . . . 927
DHCP Relay Interface Statistics . . . . . . . . . 929
DHCP Relay VLAN Configuration
DHCP Relay Agent Configuration . . . . . . . . . 931
IP Helper Global Configuration . . . . . . . . . . 932
IP Helper Interface Configuration . . . . . . . . 934
IP Helper Statistics . . . . . . . . . . . . . . . . 936
. . . . . . . . . . . . . 919
. . . . . . . . . 926
. . . . . . . . . 930
35 Configuring OSPF and OSPFv3. . . . . . . . 943
36 Contents
Configuring L2 and L3 Relay Features (CLI)
Configuring L2 DHCP Relay
. . . . . . . . . . . . 937
Configuring L3 Relay (IP Helper) Settings
Relay Agent Configuration Example
. . . . . . 937
. . . . 939
. . . . . . . . . . 941
OSPF Overview. . . . . . . . . . . . . . . . . . . . . 944
What Are OSPF Areas and Other OSPF
Topology Features?
What Are OSPF Routers and LSAs?
How Are Routes Selected?
How Are OSPF and OSPFv3 Different?
. . . . . . . . . . . . . . . . 944
. . . . . . . 945
. . . . . . . . . . . . 945
. . . . . . 945
Page 37
OSPF Feature Details . . . . . . . . . . . . . . . . . . 946
Max Metric
. . . . . . . . . . . . . . . . . . . . . 946
Static Area Range Cost . . . . . . . . . . . . . . . 948
LSA Pacing . . . . . . . . . . . . . . . . . . . . . 949
Flood Blocking
. . . . . . . . . . . . . . . . . . . 950
Default OSPF Values
. . . . . . . . . . . . . . . . . . . 952
Configuring OSPF Features (Web) . . . . . . . . . . . . 954
OSPF Configuration
. . . . . . . . . . . . . . . . . 954
OSPF Area Configuration . . . . . . . . . . . . . . 956
OSPF Stub Area Summary . . . . . . . . . . . . . 959
OSPF Area Range Configuration . . . . . . . . . . 960
OSPF Interface Statistics
. . . . . . . . . . . . . . 961
OSPF Interface Configuration . . . . . . . . . . . 962
OSPF Neighbor Table . . . . . . . . . . . . . . . . 963
OSPF Neighbor Configuration
. . . . . . . . . . . 964
OSPF Link State Database . . . . . . . . . . . . . 965
OSPF Virtual Link Configuration . . . . . . . . . . 965
OSPF Virtual Link Summary. . . . . . . . . . . . . 967
OSPF Route Redistribution Configuration . . . . . 968
OSPF Route Redistribution Summary
. . . . . . . . 969
NSF OSPF Configuration . . . . . . . . . . . . . . 970
Configuring OSPFv3 Features (Web) . . . . . . . . . . 971
OSPFv3 Configuration
. . . . . . . . . . . . . . . 971
OSPFv3 Area Configuration. . . . . . . . . . . . . 972
OSPFv3 Stub Area Summary
OSPFv3 Area Range Configuration
. . . . . . . . . . . . 975
. . . . . . . . . 976
OSPFv3 Interface Configuration . . . . . . . . . . 977
OSPFv3 Interface Statistics
. . . . . . . . . . . . 978
OSPFv3 Neighbors . . . . . . . . . . . . . . . . . 979
OSPFv3 Neighbor Table. . . . . . . . . . . . . . . 980
OSPFv3 Link State Database
. . . . . . . . . . . . 981
OSPFv3 Virtual Link Configuration . . . . . . . . . 982
OSPFv3 Virtual Link Summary . . . . . . . . . . . 984
Contents 37
Page 38
OSPFv3 Route Redistribution Configuration . . . 985
OSPFv3 Route Redistribution Summary
. . . . . 986
NSF OSPFv3 Configuration . . . . . . . . . . . . 987
Configuring OSPF Features (CLI). . . . . . . . . . . . 988
Configuring Global OSPF Settings
. . . . . . . . 988
Configuring OSPF Interface Settings . . . . . . . 991
Configuring Stub Areas and NSSAs . . . . . . . 993
Configuring Virtual Links . . . . . . . . . . . . . 995
Configuring OSPF Area Range Settings . . . . . 997
Configuring OSPFv3 Features (CLI)
Configuring Global OSPFv3 Settings
Configuring OSPFv3 Interface Settings
Configuring Stub Areas and NSSAs
Configuring Virtual Links
Configuring an OSPFv3 Area Range
. . . . . . . . . . 999
. . . . . . . 999
. . . . . . 1001
. . . . . . . 1003
. . . . . . . . . . . . . 1005
. . . . . . . 1006
Configuring OSPFv3 Route Redistribution
Settings
. . . . . . . . . . . . . . . . . . . . . . 1007
OSPF Configuration Examples . . . . . . . . . . . . . 1008
Configuring an OSPF Border Router and
Setting Interface Costs
. . . . . . . . . . . . . . 1008
Configuring Stub and NSSA Areas for OSPF
and OSPFv3
. . . . . . . . . . . . . . . . . . . . 1011
Configuring a Virtual Link for OSPF and
. . . . . . . . . . . . . . . . . . . . . . 1015
OSPFv3
Interconnecting an IPv4 Backbone and Local
IPv6 Network
Configuring the Static Area Range Cost
Configuring Flood Blocking
. . . . . . . . . . . . . . . . . . . 1017
. . . . . 1020
. . . . . . . . . . . . 1025
38 Contents
Page 39
36 Configuring RIP . . . . . . . . . . . . . . . . . . 1031
RIP Overview. . . . . . . . . . . . . . . . . . . . . . 1031
How Does RIP Determine Route
Information? . . . . . . . . . . . . . . . . . . . 1031
What Is Split Horizon? . . . . . . . . . . . . . . 1032
What RIP Versions Are Supported? . . . . . . . 1032
Default RIP Values . . . . . . . . . . . . . . . . . . . 1033
Configuring RIP Features (Web) . . . . . . . . . . . . 1034
RIP Configuration
RIP Interface Configuration . . . . . . . . . . . 1035
RIP Interface Summary. . . . . . . . . . . . . . 1036
RIP Route Redistribution Configuration
RIP Route Redistribution Summary. . . . . . . . 1038
Configuring RIP Features (CLI). . . . . . . . . . . . . 1039
Configuring Global RIP Settings
Configuring RIP Interface Settings . . . . . . . . 1040
Configuring Route Redistribution Settings . . . . 1041
RIP Configuration Example . . . . . . . . . . . . . . 1043
. . . . . . . . . . . . . . . . . 1034
. . . . . 1037
. . . . . . . . . 1039
37 Configuring VRRP . . . . . . . . . . . . . . . . 1045
VRRP Overview . . . . . . . . . . . . . . . . . . . . 1045
How Does VRRP Work?
What Is the VRRP Router Priority? . . . . . . . . 1046
What Is VRRP Preemption?. . . . . . . . . . . . 1046
What Is VRRP Accept Mode?
What Are VRRP Route and Interface
Tra ck in g?
. . . . . . . . . . . . . . . . . . . . . 1047
. . . . . . . . . . . . . . 1045
. . . . . . . . . . 1047
Contents 39
Page 40
Default VRRP Values . . . . . . . . . . . . . . . . . . 1049
Configuring VRRP Features (Web)
VRRP Configuration
. . . . . . . . . . . . . . . . 1050
VRRP Virtual Router Status
VRRP Virtual Router Statistics
. . . . . . . . . . . 1050
. . . . . . . . . . . . 1051
. . . . . . . . . . 1052
VRRP Router Configuration . . . . . . . . . . . . 1053
VRRP Route Tracking Configuration . . . . . . . 1054
VRRP Interface Tracking Configuration
. . . . . . 1056
Configuring VRRP Features (CLI). . . . . . . . . . . . 1058
Configuring VRRP Settings
. . . . . . . . . . . . 1058
VRRP Configuration Example . . . . . . . . . . . . . 1060
VRRP with Load Sharing
. . . . . . . . . . . . . 1060
VRRP with Route and Interface Tracking . . . . . 1064
38 Configuring IPv6 Routing . . . . . . . . . . . 1069
IPv6 Routing Overview . . . . . . . . . . . . . . . . . 1069
How Does IPv6 Compare with IPv4?
How Are IPv6 Interfaces Configured? . . . . . . 1070
Default IPv6 Routing Values . . . . . . . . . . . . . . 1071
. . . . . . . 1070
40 Contents
Configuring IPv6 Routing Features (Web)
Global Configuration
Interface Configuration
Interface Summary
. . . . . . . . . . . . . . . 1073
. . . . . . . . . . . . . . 1074
. . . . . . . . . . . . . . . . 1075
. . . . . . . 1073
IPv6 Statistics. . . . . . . . . . . . . . . . . . . 1076
IPv6 Neighbor Table. . . . . . . . . . . . . . . . 1077
DHCPv6 Client Parameters
. . . . . . . . . . . . 1078
IPv6 Route Entry Configuration . . . . . . . . . . 1079
IPv6 Route Table . . . . . . . . . . . . . . . . . 1080
IPv6 Route Preferences
. . . . . . . . . . . . . . 1081
Configured IPv6 Routes . . . . . . . . . . . . . . 1082
Page 41
Configuring IPv6 Routing Features (CLI). . . . . . . . 1083
Configuring Global IP Routing Settings
. . . . . . 1083
Configuring IPv6 Interface Settings . . . . . . . 1084
Configuring IPv6 Neighbor Discovery . . . . . . 1085
Configuring IPv6 Route Table Entries and
Route Preferences
IPv6 Show Commands
. . . . . . . . . . . . . . . . 1087
. . . . . . . . . . . . . . 1089
IPv6 Static Reject and Discard Routes
. . . . . . . . 1090
39 Configuring DHCPv6 Server and
Relay Settings . . . . . . . . . . . . . . . . . . . 1093
DHCPv6 Overview . . . . . . . . . . . . . . . . . . . 1093
What Is a DHCPv6 Pool?
What Is a Stateless Server?
What Is the DHCPv6 Relay Agent
Information Option?
What Is a Prefix Delegation?
Default DHCPv6 Server and Relay Values
Configuring the DHCPv6 Server and Relay (Web). . . 1096
DHCPv6 Global Configuration
DHCPv6 Pool Configuration. . . . . . . . . . . . 1097
Prefix Delegation Configuration . . . . . . . . . 1099
DHCPv6 Pool Summary. . . . . . . . . . . . . . 1100
DHCPv6 Interface Configuration
DHCPv6 Server Bindings Summary
DHCPv6 Statistics. . . . . . . . . . . . . . . . . 1104
. . . . . . . . . . . . . 1094
. . . . . . . . . . . 1094
. . . . . . . . . . . . . . . . 1094
. . . . . . . . . . . 1094
. . . . . . . 1095
. . . . . . . . . . 1096
. . . . . . . . . 1101
. . . . . . . 1103
Configuring the DHCPv6 Server and Relay (CLI)
. . . 1105
Configuring Global DHCP Server and Relay
Agent Settings . . . . . . . . . . . . . . . . . . 1105
Configuring a DHCPv6 Pool for Stateless
Server Support
. . . . . . . . . . . . . . . . . . 1105
Contents 41
Page 42
Configuring a DHCPv6 Pool for Specific
. . . . . . . . . . . . . . . . . . . . . . . 1106
Hosts
Configuring DHCPv6 Interface Information . . . . 1107
Monitoring DHCPv6 Information
. . . . . . . . . 1108
DHCPv6 Configuration Examples
Configuring a DHCPv6 Stateless Server
. . . . . . . . . . . 1109
. . . . . 1109
Configuring the DHCPv6 Server for Prefix
Delegation
. . . . . . . . . . . . . . . . . . . . . 1110
Configuring an Interface as a DHCPv6 Relay
Agent
. . . . . . . . . . . . . . . . . . . . . . . 1111
40 Configuring Differentiated
Services . . . . . . . . . . . . . . . . . . . . . . . 1113
DiffServ Overview . . . . . . . . . . . . . . . . . . . 1113
How Does DiffServ Functionality Vary Based
on the Role of the Switch?
What Are the Elements of DiffServ
Configuration?
. . . . . . . . . . . . . . . . . . 1114
Default DiffServ Values . . . . . . . . . . . . . . . . 1115
Configuring DiffServ (Web)
DiffServ Configuration
Class Configuration
Class Criteria
. . . . . . . . . . . . . . . . . . . 1118
Policy Configuration
Policy Class Definition
Service Configuration . . . . . . . . . . . . . . . 1125
Service Detailed Statistics . . . . . . . . . . . . 1127
Flow-Based Mirroring
. . . . . . . . . . . . 1114
. . . . . . . . . . . . . . 1116
. . . . . . . . . . . . . . 1116
. . . . . . . . . . . . . . . . 1117
. . . . . . . . . . . . . . . 1120
. . . . . . . . . . . . . . 1122
. . . . . . . . . . . . . . 1128
42 Contents
Configuring DiffServ (CLI) . . . . . . . . . . . . . . . 1129
DiffServ Configuration (Global)
. . . . . . . . . . 1129
DiffServ Class Configuration for IPv4 . . . . . . . 1129
Page 43
DiffServ Class Configuration for IPv6. . . . . . . 1131
DiffServ Policy Creation . . . . . . . . . . . . . 1132
DiffServ Policy Attributes Configuration . . . . . 1133
DiffServ Service Configuration
. . . . . . . . . . 1135
DiffServ Configuration Examples
. . . . . . . . . . . 1136
Providing Subnets Equal Access to External
Network. . . . . . . . . . . . . . . . . . . . . . 1136
DiffServ for VoIP . . . . . . . . . . . . . . . . . 1139
41 Configuring Class-of-Service . . . . . . . 1143
CoS Overview . . . . . . . . . . . . . . . . . . . . . 1143
What Are Trusted and Untrusted Port
Modes?
How Is Traffic Shaping Used on Egress
Traffic?
How Are Traffic Queues Defined? . . . . . . . . 1145
Which Queue Management Methods Are
Supported?
CoS Queue Usage . . . . . . . . . . . . . . . . 1146
Default CoS Values . . . . . . . . . . . . . . . . . . 1146
Configuring CoS (Web) . . . . . . . . . . . . . . . . 1147
Mapping Table Configuration
Interface Configuration . . . . . . . . . . . . . . 1150
Interface Queue Configuration . . . . . . . . . . 1151
Interface Queue Drop Precedence
Configuration
. . . . . . . . . . . . . . . . . . . . . . 1144
. . . . . . . . . . . . . . . . . . . . . . 1144
. . . . . . . . . . . . . . . . . . . . 1145
. . . . . . . . . . . 1147
. . . . . . . . . . . . . . . . . . . 1152
Configuring CoS (CLI)
Mapping Table Configuration
CoS Interface Configuration Commands
. . . . . . . . . . . . . . . . . 1154
. . . . . . . . . . . 1154
. . . . . 1155
Interface Queue Configuration . . . . . . . . . . 1155
Contents 43
Page 44
Configuring Interface Queue Drop
Probability
. . . . . . . . . . . . . . . . . . . . . 1156
CoS Configuration Example . . . . . . . . . . . . . . 1157
42 Configuring Auto VoIP . . . . . . . . . . . . . 1161
Auto VoIP Overview . . . . . . . . . . . . . . . . . . 1161
How Does Auto-VoIP Use ACLs?
. . . . . . . . . 1162
Default Auto VoIP Values . . . . . . . . . . . . . . . 1162
Configuring Auto VoIP (Web) . . . . . . . . . . . . . 1163
Auto VoIP Global Configuration
. . . . . . . . . . 1163
Auto VoIP Interface Configuration . . . . . . . . 1163
Configuring Auto VoIP (CLI) . . . . . . . . . . . . . . 1166
43 Managing IPv4 and IPv6 Multicast . . . 1167
L3 Multicast Overview . . . . . . . . . . . . . . . . . 1167
What Is IP Multicast Traffic?
What Multicast Protocols Does the Switch
Support?
. . . . . . . . . . . . . . . . . . . . . . 1169
What Are the Multicast Protocol Roles? . . . . . 1169
When Is L3 Multicast Required on the
. . . . . . . . . . . . . . . . . . . . . . 1170
Switch?
What Is the Multicast Routing Table?
What Is IGMP? . . . . . . . . . . . . . . . . . . 1171
What Is MLD?
. . . . . . . . . . . . . . . . . . . 1172
What Is PIM? . . . . . . . . . . . . . . . . . . . 1173
What Is DVMRP? . . . . . . . . . . . . . . . . . 1183
. . . . . . . . . . . 1168
. . . . . . 1170
44 Contents
Page 45
Default L3 Multicast Values . . . . . . . . . . . . . . 1185
Configuring General IPv4 Multicast
Features (Web)
Multicast Global Configuration
. . . . . . . . . . . . . . . . . . . . . 1187
. . . . . . . . . . 1187
Multicast Interface Configuration . . . . . . . . 1188
Multicast Route Table . . . . . . . . . . . . . . 1189
Multicast Admin Boundary Configuration
. . . . 1190
Multicast Admin Boundary Summary . . . . . . 1191
Multicast Static MRoute Configuration . . . . . 1192
Multicast Static MRoute Summary
. . . . . . . . 1193
Configuring IPv6 Multicast Features (Web) . . . . . . 1194
IPv6 Multicast Route Table
. . . . . . . . . . . . 1194
Configuring IGMP and IGMP Proxy (Web) . . . . . . 1195
IGMP Global Configuration
. . . . . . . . . . . . 1195
IGMP Interface Configuration . . . . . . . . . . 1196
IGMP Interface Summary . . . . . . . . . . . . 1197
IGMP Cache Information
IGMP Interface Source List Information
IGMP Proxy Interface Configuration
. . . . . . . . . . . . . 1198
. . . . . 1199
. . . . . . . 1200
IGMP Proxy Configuration Summary. . . . . . . 1201
IGMP Proxy Interface Membership Info . . . . . 1202
Detailed IGMP Proxy Interface Membership
Information
. . . . . . . . . . . . . . . . . . . . 1203
Configuring MLD and MLD Proxy (Web)
MLD Global Configuration
. . . . . . . . . . . . 1204
MLD Routing Interface Configuration
MLD Routing Interface Summary
. . . . . . . 1204
. . . . . . 1205
. . . . . . . . . 1206
MLD Routing Interface Cache Information. . . . 1207
MLD Routing Interface Source List
Information
MLD Traffic
. . . . . . . . . . . . . . . . . . . . 1208
. . . . . . . . . . . . . . . . . . . . 1209
MLD Proxy Configuration . . . . . . . . . . . . . 1210
Contents 45
Page 46
MLD Proxy Configuration Summary . . . . . . . 1211
MLD Proxy Interface Membership
Information
. . . . . . . . . . . . . . . . . . . . 1212
Detailed MLD Proxy Interface Membership
Information
. . . . . . . . . . . . . . . . . . . . 1213
Configuring PIM for IPv4 and IPv6 (Web)
PIM Global Configuration
PIM Global Status
. . . . . . . . . . . . . 1214
. . . . . . . . . . . . . . . . . 1215
PIM Interface Configuration
. . . . . . . 1214
. . . . . . . . . . . 1216
PIM Interface Summary . . . . . . . . . . . . . 1217
Candidate RP Configuration . . . . . . . . . . . 1218
Static RP Configuration
. . . . . . . . . . . . . . 1220
SSM Range Configuration . . . . . . . . . . . . 1222
BSR Candidate Configuration. . . . . . . . . . . 1224
BSR Candidate Summary
. . . . . . . . . . . . . 1225
Configuring DVMRP (Web). . . . . . . . . . . . . . . 1226
DVMRP Global Configuration
. . . . . . . . . . . 1226
DVMRP Interface Configuration . . . . . . . . . 1227
DVMRP Configuration Summary . . . . . . . . . 1228
DVMRP Next Hop Summary . . . . . . . . . . . 1229
DVMRP Prune Summary . . . . . . . . . . . . . 1231
DVMRP Route Summary . . . . . . . . . . . . . 1232
Configuring L3 Multicast Features (CLI)
. . . . . . . . 1233
Configuring and Viewing IPv4 Multicast
Information . . . . . . . . . . . . . . . . . . . . 1233
Configuring and Viewing IPv6 Multicast
Route Information
. . . . . . . . . . . . . . . . . 1235
Configuring and Viewing IGMP . . . . . . . . . . 1236
Configuring and Viewing IGMP Proxy . . . . . . 1238
Configuring and Viewing MLD
. . . . . . . . . . 1239
Configuring and Viewing MLD Proxy . . . . . . . 1240
Configuring and Viewing PIM-DM for IPv4
Multicast Routing
. . . . . . . . . . . . . . . . . 1241
46 Contents
Page 47
Configuring and Viewing PIM-DM for IPv6
Multicast Routing
. . . . . . . . . . . . . . . . . 1242
Configuring and Viewing PIM-SM for IPv4
Multicast Routing
. . . . . . . . . . . . . . . . . 1244
Configuring and Viewing PIM-SM for IPv6
Multicast Routing
. . . . . . . . . . . . . . . . . 1246
Configuring and Viewing DVMRP
Information
. . . . . . . . . . . . . . . . . . . . 1250
L3 Multicast Configuration Examples . . . . . . . . . 1251
Configuring Multicast VLAN Routing With
IGMP and PIM-SM
Configuring DVMRP
. . . . . . . . . . . . . . . . 1251
. . . . . . . . . . . . . . . 1255
A Feature Limitations and Platform
Constants . . . . . . . . . . . . . . . . . . . . . . . . . 1257
44 System Process Definitions . . . . . . . . 1267
Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1275
Contents 47
Page 48
48 Contents
Page 49
1
Introduction
The Dell PowerConnect 8000/8100-series switches are stackable Layer 2 and
Layer 3 switches that extend the Dell PowerConnect LAN switching product
range.
NOTE:
Throughout this document, the PowerConnect 8024 and 8024F switches
are referred to as the PowerConnect 8000-series switches, and the
PowerConnect 8132, 8132F, 8164, 8164F switches are referred to as the
PowerConnect 8100-series switches.
These switches include the following features:
• 1U form factor, rack-mountable chassis design.
• Support for all data-communication requirements for a multi-layer switch,
including layer 2 switching, IPv4 routing, IPv6 routing, IP multicast,
quality of service, security, and system management features.
• High availability with hot swappable stack members.
Each PowerConnect 8000/8100-series switch has 24 or 48 ports of 10-Gb
Ethernet in 10GBase-T or SFP+ with redundant power supplies to provide
high performance and high availability. PowerConnect 8000/8100-series
switches can be stacked with other PowerConnect switches of the same model
number using the 10G SFP+ or QSFP fiber ports.
About This Document
This guide describes how to configure, monitor, and maintain a Dell
PowerConnect 8000-series and 8100-series switch by using web-based Dell
OpenManage Switch Administrator utility or the command-line interface
(CLI).
Introduction 49
Page 50
Audience
This guide is for network administrators in charge of managing one or more
PowerConnect 8000/8100-series switches. To obtain the greatest benefit from
this guide, you should have a basic understanding of Ethernet networks and
local area network (LAN) concepts.
Document Conventions
Table 1-1 describes the typographical conventions this document uses.
Table 1-1. Document Conventions
Convention Description
Bold Page names, field names, menu options, button names, and
CLI commands and keywords.
courier font
[ ] In a command line, square brackets indicate an optional
{ } In a command line, inclusive brackets indicate a selection of
Italic
In a command line, indicates a variable.
<Enter> Any individual key on the keyboard.
CTRL + Z A keyboard combination that involves pressing the Z key
Command-line text (CLI output) and file names
entry.
compulsory parameters separated by the | character. One
option must be selected. For example:
{stp|rstp|mstp} means that for the spanning-tree mode
command you must enter either stp, rstp, or mstp
while holding the CTRL key.
spanning-tree mode
50 Introduction
Page 51
Additional Documentation
The following documents for the PowerConnect 8000/8100-series switches
are available at support.dell.com/manuals:
•
Getting Started Guide—
the series, including front and back panel features. It also describes the
installation and initial configuration procedures.
CLI Reference Guide—
•
interface (CLI) commands used to configure and manage the switch. The
document provides in-depth CLI descriptions, syntax, default values, and
usage guidelines.
provides information about the switch models in
provides information about the command-line
Introduction 51
Page 52
52 Introduction
Page 53
Switch Features
This section describes the switch user-configurable software features.
NOTE: Before proceeding, read the release notes for this product. The release
notes are part of the firmware download.
The topics covered in this section include:
2
• System Management
Fea tu re s
•Stacking Features
• Security Features
• Switching Features
• Virtual Local Area Network
Supported Features
• Spanning Tree Protocol
Fea tu re s
• Link Aggregation Features
•Routing Features
• IPv6 Routing Features
• Quality of Service (QoS)
Fea tu re s
• Layer 2 Multicast Features
• Layer 3 Multicast Features
Switch Features 53
Page 54
System Management Features
Multiple Management Options
You can use any of the following methods to manage the switch:
• Use a web browser to access the Dell OpenManage Switch Administrator
interface. The switch contains an embedded Web server that serves
HTML pages.
• Use a telnet client, SSH client, or a direct console connection to access the
CLI. The CLI
common industry practice.
• Use a network management system (NMS) to manage and monitor the
system through SNMP. The switch supports
UDP/IP transport protocol.
Nearly all switch features support a preconfiguration capability, even when
the feature is not enabled or the required hardware is not present.
Preconfigured capabilities become active only when enabled (typically via an
admin mode control) or when the required hardware is present (or both). For
example, a port can be preconfigured with both trunk and access mode
information. The trunk mode information is applied only when the port is
placed into trunk mode and the access mode information is only applied
when the port is placed into access mode. Likewise, OSPF routing can be
configured in the switch without being enabled on any port. This capability is
present in all of the management options.
syntax and semantics conform as much as possible to
SNMP v1/v2c/v3 over the
System Time Management
You can configure the switch to obtain the system time and date through a
remote Simple Network Time Protocol (SNTP) server, or you can set the time
and date locally on the switch. You can also configure the time zone and
information about time shifts that might occur during summer months. If
you use SNTP to obtain the time, you can require communications between
the switch and the SNTP server to be encrypted.
For information about configuring system time settings, see "Managing
General System Settings" on page 239.
54 Switch Features
Page 55
Log Messages
The switch maintains in-memory log messages as well as persistent logs. You
can also configure remote logging so that the switch sends log messages to a
remote log server. You can also configure the switch to send log messages to a
configured SMTP server. This allows you to receive the log message in an email account of your choice. Switch auditing messages, CLI command
logging, Web logging, and SNMP logging can be enabled or disabled.
For information about configuring system logging, see "Monitoring and
Logging System Information" on page 205.
Switch Features 55
Page 56
Integrated DHCP Server
PowerConnect 8000/8100-series switches include an integrated DHCP server
that can deliver host-specific configuration information to hosts on the
network. The switch DHCP server allows you to configure IP address pools
(scopes), and when a host’s DHCP client requests an address, the switch
DHCP server automatically assigns the host an address from the pool.
For information about configuring the DHCP server settings, see
"Configuring DHCP Server Settings" on page 871.
Management of Basic Network Information
The DHCP client on the switch allows the switch to acquire information such
as the IP address and default gateway from a network DHCP server. You can
also disable the DHCP client and configure static network information.
Other configurable network information includes a Domain Name Server
(DNS), hostname to IP address mapping, and a default domain name.
If the switch detects an IP address conflict on the management interface, it
generates a trap and sends a log message.
For information about configuring basic network information, see "Setting
the IP Address and Other Basic Network Information" on page 121.
IPv6 Management Features
PowerConnect 8000/8100-series switches provide IPv6 support for many
standard management features including HTTP, HTTPS/SSL, Telnet, SSH,
SNMP, SNTP, TFTP, and traceroute.
Dual Software Images
PowerConnect 8000/8100-series switches can store up to two software images.
The dual image feature allows you to upgrade the switch without deleting the
older software image. You designate one image as the active image and the
other image as the backup image.
For information about managing the switch image, see "Managing Images
and Files" on page 309.
56 Switch Features
Page 57
File Management
You can upload and download files such as configuration files and system
images by using HTTP (web only), TFTP, Secure FTP (SFTP), or Secure
Copy (SCP). Configuration file uploads from the switch to a server are a good
way to back up the switch configuration. You can also download a
configuration file from a server to the switch to restore the switch to the
configuration in the downloaded file.
For information about uploading, downloading, and copying files, see
"Managing Images and Files" on page 309.
Switch Database Management Templates
Switch Database Management (SDM) templates enable you to reallocate
system resources to support a different mix of features based on your network
requirements. PowerConnect 8000/8100-series switches support the following
three templates:
• Dual IPv4 and IPv6 (default)
•IPv4 Routing
•IPv4 Data Center
For information about setting the SDM template, see "Managing General
System Settings" on page 239.
Automatic Installation of Firmware and Configuration
The Auto Install feature allows the switch to upgrade or downgrade to a
newer software image and update the configuration file automatically during
device initialization with limited administrative configuration on the device.
The switch can obtain the necessary information from a DHCP server on the
network.
For information about Auto Install, see "Automatically Updating the Image
and Configuration" on page 337.
Switch Features 57
Page 58
sFlow
sFlow is the standard for monitoring high-speed switched and routed
networks. sFlow technology is built into network equipment and gives
complete visibility into network activity, enabling effective management and
control of network resources. The PowerConnect 8000/8100-series switches
support sFlow version 5.
For information about configuring managing sFlow settings, see "Monitoring
Switch Traffic" on page 355.
SNMP Alarms and Trap Logs
The system logs events with severity codes and timestamps. The events are
sent as SNMP traps to a trap recipient list.
For information about configuring SNMP traps and alarms, see "Configuring
SNMP" on page 273.
CDP Interoperability through ISDP
Industry Standard Discovery Protocol (ISDP) allows the PowerConnect
switch to interoperate with Cisco devices running the Cisco Discovery
Protocol (CDP). ISDP is a proprietary Layer 2 network protocol which interoperates with Cisco network equipment and is used to share information
between neighboring devices (routers, bridges, access servers, and switches).
For information about configuring ISDP settings, see "Discovering Network
Devices" on page 651.
Remote Monitoring (RMON)
RMON is a standard Management Information Base (MIB) that defines
current and historical MAC-layer statistics and control objects, allowing realtime information to be captured across the entire network.
For information about configuring managing RMON settings, see
"Monitoring Switch Traffic" on page 355.
58 Switch Features
Page 59
Stacking Features
For information about creating and maintaining a stack of switches, see
"Managing a Switch Stack" on page 143.
High Port Count
You can stack PowerConnect 8000-series and 8100-series switches up to six
switches high, supporting up to 132 front-panel ports on the PC8024 series
and up to 336 front panel ports on a stack of six PC8164 series, when two
ports on each unit are configured as stacking ports. The stack can contain any
combination of Power Connect 8024 and PowerConnect 8024F switches as
long as all switches are running the same firmware version.
Single IP Management
When multiple switches are connected together through the stack ports, they
operate as a single unit with a larger port count. The stack operates and is
managed as a single entity. One switch acts as the master, and the entire stack
is managed through the management interface (Web, CLI, or SNMP) of the
stack master.
Automatic Firmware Update for New Stack Members
By default, if a switch is added to a stack and the switch is running a different
backup version of firmware than the active version on the stack master, the
backup firmware on the new member is automatically updated to match the
stack master, the backup version of firmware on the new member is activated,
and the new member is rebooted.
Switch Features 59
Page 60
Master Failover with Transparent Transition
The stacking feature supports a
stack master role if the stack master fails. As soon as a stack master failure is
detected, the standby unit initializes the control plane and enables all other
stack units with the current configuration. The standby unit maintains a
synchronized copy of the running configuration for the stack.
standby
or backup unit that assumes the
Nonstop Forwarding on the Stack
The Nonstop Forwarding (NSF) feature allows the forwarding plane of stack
units to continue to forward packets while the control and management
planes restart as a result of a power failure, hardware failure, or software fault
on the stack master and allows the standby switch to quickly takeover as the
master.
Hot Add/Delete and Firmware Synchronization
You can add and remove units to and from the stack without cycling the
power. When you add a unit, the Stack Firmware Synchronization feature
automatically synchronizes the firmware version with the version running on
the stack master. The synchronization operation may result in either an
upgrade or a downgrade of firmware on the mismatched stack member. In
addition, the running-config on the member is updated to match the master
switch. The startup-config on the standby and member switches is not
updated to match the master switch due to configuration changes on the
master switch. Saving the startup config on the master switch also saves it to
the startup config on all the other stack members.The hardware configuration
of every switch is updated to match the master switch (unit number, slot
configuration, stack member number, etc.).
Security Features
Configurable Access and Authentication Profiles
You can configure rules to limit access to the switch management interface
based on criteria such as access type and source IP address of the
management host. You can also require the user to be authenticated locally or
by an external server, such as a RADIUS server.
60 Switch Features
Page 61
For information about configuring access and authentication profiles, see
"Configuring Authentication, Authorization, and Accounting" on page 179.
Password-Protected Management Access
Access to the Web, CLI, and SNMP management interfaces is password
protected, and there are no default users on the system.
For information about configuring local user accounts, see "Configuring
Authentication, Authorization, and Accounting" on page 179.
Strong Password Enforcement
The Strong Password feature enforces a baseline password strength for all
locally administered users. Password strength is a measure of the effectiveness
of a password in resisting guessing and brute-force attacks. The strength of a
password is a function of length, complexity and randomness. Using strong
passwords lowers overall risk of a security breach.
For information about configuring password settings, see "Configuring
Authentication, Authorization, and Accounting" on page 179.
TACACS+ Client
The switch has a TACACS+ client. TACACS+ provides centralized security
for validation of users accessing the switch. TACACS+ provides a centralized
user management system while still retaining consistency with RADIUS and
other authentication processes.
For information about configuring TACACS+ client settings, see
"Configuring Authentication, Authorization, and Accounting" on page 179.
RADIUS Support
The switch has a Remote Authentication Dial In User Service (RADIUS)
client and can support up to 32 named authentication and accounting
RADIUS servers. The switch also supports RADIUS Attribute 4, which is the
configuration of a NAS-IP address. You can also configure the switch to
accept RADIUS-assigned VLANs.
For information about configuring RADIUS client settings, see "Configuring
Authentication, Authorization, and Accounting" on page 179.
Switch Features 61
Page 62
SSH/SSL
The switch supports Secure Shell (SSH) for secure, remote connections to
the CLI and Secure Sockets Layer (SSL) to increase security when accessing
the web-based management interface.
For information about configuring SSH and SSL settings, see "Configuring
Authentication, Authorization, and Accounting" on page 179.
Inbound Telnet Control
You can configure the switch to prevent new Telnet sessions from being
established with the switch. Additionally, the Telnet port number is
configurable.
For information about configuring inbound Telnet settings, see "Configuring
Authentication, Authorization, and Accounting" on page 179.
Denial of Service
The switch supports configurable Denial of Service (DoS) attack protection
for eight different types of attacks.
For information about configuring DoS settings, see "Configuring Port and
System Security" on page 469.
Port Protection
A port may be put into the disabled state for any of the following reasons:
• BPDU Storm Protection: By default, if Spanning Tree Protocol (STP)
bridge protocol data units (BPDUs) are received at a rate of 15pps or
greater for three consecutive seconds on a port, the port will be
diagnostically disabled. The threshold is not configurable.
• DHCP Snooping: If DHCP packets are received on a port at a rate that
exceeds 15 pps, the port will be diagnostically disabled. The threshold is
configurable up to 300 pps for up to 15s long using the
snooping limit
The default protection limit is 15 pps.
command. DHCP snooping is disabled by default.
ip dhcp
62 Switch Features
Page 63
• Dynamic ARP Inspection: By default, if Dynamic ARP Inspection packets
are received on a port at a rate that exceeds 15 pps for 1 second, the port
will be diagnostically disabled. The threshold is configurable up to 300 pps
and the burst is configurable up to 15s long using the
inspection limit
A port that is diagnostically disabled due to exceeding one of the above limits
may be returned to service using the no shut command.
command.
ip arp
Captive Portal
The Captive Portal feature blocks clients from accessing the network until
user verification has been established. When a user attempts to connect to
the network through the switch, the user is presented with a customized Web
page that might contain username and password fields or the acceptable use
policy. You can require users to be authenticated by a local or remote RADIUS
database before access is granted.
For information about configuring the Captive Portal features, see
"Configuring Captive Portal" on page 413.
Dot1x Authentication (IEEE 802.1X)
Dot1x authentication enables the authentication of system users through a
local internal server or an external server. Only authenticated and approved
system users can transmit and receive data. Supplicants are authenticated
using the Extensible Authentication Protocol (EAP). PEAP, EAP-TTL, EAPTTLS, and EAP-TLS are supported for remote authentication servers. Local
(IAS) authentication supports EAP-MD5 only.
For information about configuring IEEE 802.1X settings, see "Configuring
Port and System Security" on page 469.
MAC-Based 802.1X Authentication
MAC-based authentication allows multiple supplicants connected to the
same port to each authenticate individually. For example, a system attached
to the port might be required to authenticate in order to gain access to the
network, while a VoIP phone might not need to authenticate in order to send
voice traffic through the port.
For information about configuring MAC-based 802.1X authentication, see
"Configuring Port and System Security" on page 469.
Switch Features 63
Page 64
Dot1x Monitor Mode
Monitor mode can be enabled in conjunction with Dot1x authentication to
allow network access even when the user fails to authenticate. The switch logs
the results of the authentication process for diagnostic purposes. The main
purpose of this mode is to help troubleshoot the configuration of a Dot1x
authentication on the switch without affecting the network access to the
users of the switch.
For information about enabling the Dot1X Monitor mode, see "Configuring
Port and System Security" on page 469.
MAC-Based Port Security
The port security feature limits access on a port to users with specific MAC
addresses. These addresses are manually defined or learned on that port.
When a frame is seen on a locked port, and the frame source MAC address is
not tied to that port, the protection mechanism is invoked.
For information about configuring MAC-based port security, see "Configuring
Port and System Security" on page 469.
Access Control Lists (ACL)
Access Control Lists (ACLs) ensure that only authorized users have access to
specific resources while blocking off any unwarranted attempts to reach
network resources. ACLs are used to provide traffic flow control, restrict
contents of routing updates, decide which types of traffic are forwarded or
blocked, and above all provide security for the network. The switch supports
the following ACL types:
•IPv4 ACLs
•IPv6 ACLs
• MAC ACLs
For all ACL types, you can apply the ACL rule when the packet enters or exits
the physical port, LAG, or VLAN interface.
For information about configuring ACLs, see "Configuring Access Control
Lists" on page 513.
64 Switch Features
Page 65
Time-Based ACLs
With the Time-based ACL feature, you can define when an ACL is in effect
and the amount of time it is in effect.
For information about configuring time-based ACLs, see "Configuring Access
Control Lists" on page 513.
IP Source Guard (IPSG)
IP source guard (IPSG) is a security feature that filters IP packets based on
the source ID. The source ID may either be source IP address or a source IP
address source MAC address pair.
For information about configuring IPSG, see "Snooping and Inspecting
Traffic" on page 753.
DHCP Snooping
DHCP Snooping is a security feature that monitors DHCP messages between
a DHCP client and DHCP server. It filters harmful DHCP messages and
builds a bindings database of (MAC address, IP address, VLAN ID, port)
tuples that are specified as authorized. DHCP snooping can be enabled
globally and on specific VLANs. Ports within the VLAN can be configured to
be trusted or untrusted. DHCP servers must be reached through trusted ports.
For information about configuring DHCP Snooping, see "Snooping and
Inspecting Traffic" on page 753.
Dynamic ARP Inspection
Dynamic ARP Inspection (DAI) is a security feature that rejects invalid and
malicious ARP packets. The feature prevents a class of man-in-the-middle
attacks, where an unfriendly station intercepts traffic for other stations by
poisoning the ARP caches of its unsuspecting neighbors. The malicious
station sends ARP requests or responses mapping another station's IP address
to its own MAC address.
Dynamic ARP Inspection relies on DHCP Snooping.
For information about configuring DAI, see "Snooping and Inspecting Traffic"
on page 753.
Switch Features 65
Page 66
Protected Ports (Private VLAN Edge)
Private VLAN Edge (PVE) ports are a Layer 2 security feature that provides
port-based security between ports that are members of the same VLAN. It is
an extension of the common VLAN. Traffic from protected ports is sent only
to the uplink ports and cannot be sent to other ports within the VLAN.
For information about configuring IPSG, see "Configuring Port-Based Traffic
Control" on page 679.
Switching Features
Flow Control Support (IEEE 802.3x)
Flow control enables lower speed switches to communicate with higher speed
switches by requesting that the higher speed switch refrains from sending
packets. Transmissions are temporarily halted to prevent buffer overflows.
For information about configuring flow control, see "Configuring Port-Based
Traffic Control" on page 679.
Head of Line Blocking Prevention
Head of Line (HOL) blocking prevention prevents traffic delays and frame
loss caused by traffic competing for the same egress port resources. HOL
blocking queues packets, and the packets at the head of the queue are
forwarded before packets at the end of the queue.
Alternate Store and Forward (ASF)
The Alternate Store and Forward (ASF) feature reduces latency for large
packets. When ASF is enabled, the memory management unit (MMU) can
forward a packet to the egress port before it has been entirely received on the
Cell Buffer Pool (CBP) memory.
AFS, which is also known as cut-through mode, is configurable through the
command-line interface. For information about how to configure the AFS
feature, see the
66 Switch Features
CLI Reference Guide
available at support.dell.com/manuals.
Page 67
Jumbo Frames Support
Jumbo frames enable transporting data in fewer frames to ensure less
overhead, lower processing time, and fewer interrupts.
For information about configuring the port MTU, see "Configuring Port
Characteristics" on page 451.
Auto-MDI/MDIX Support
Your switch supports auto-detection between crossed and straight-through
cables. Media-Dependent Interface (MDI) is the standard wiring for end
stations, and the standard wiring for hubs and switches is known as MediaDependent Interface with Crossover (MDIX).
VLAN-Aware MAC-based Switching
Packets arriving from an unknown source address are sent to the CPU and
added to the Hardware Table. Future packets addressed to or from this
address are more efficiently forwarded.
Back Pressure Support
On half-duplex links, a receiver may prevent buffer overflows by jamming the
link so that it is unavailable for additional traffic. On full-duplex links, a
receiver may send a PAUSE frame indicating that the transmitter should
cease transmission of frames for a specified period.
When flow control is enabled, the PowerConnect 8000/8100-series switches
will observe received PAUSE frames or jamming signals, but will not issue
them when congested.
Switch Features 67
Page 68
Auto Negotiation
Auto negotiation allows the switch to advertise modes of operation. The auto
negotiation function provides the means to exchange information between
two switches that share a point-to-point link segment, and to automatically
configure both switches to take maximum advantage of their transmission
capabilities.
PowerConnect 8000/8100-series switches enhance auto negotiation by
providing configuration of port advertisement. Port advertisement allows the
system administrator to configure the port speeds that are advertised.
For information about configuring auto negotiation, see "Configuring Port
Characteristics" on page 451.
Broadcast Storm Control
When Layer 2 frames are forwarded, broadcast, unknown unicast, and
multicast frames are flooded to all ports on the relevant virtual local area
network (VLAN). The flooding occupies bandwidth, and loads all nodes
connected on all ports. Storm control limits the amount of broadcast,
unknown unicast, and multicast frames accepted and forwarded by the
switch.
For information about configuring Broadcast Storm Control settings, see
"Configuring Port-Based Traffic Control" on page 679.
Port Mirroring
Port mirroring monitors and mirrors network traffic by forwarding copies of
incoming and outgoing packets from up to four source ports to a monitoring
port. The switch also supports flow-based mirroring, which allows you to copy
certain types of traffic to a single destination port. This provides flexibility—
instead of mirroring all ingress or egress traffic on a port the switch can mirror
a subset of that traffic. You can configure the switch to mirror flows based on
certain kinds of Layer 2, Layer 3, and Layer 4 information.
For information about configuring port mirroring, see "Monitoring Switch
Traffic" on page 355.
68 Switch Features
Page 69
Static and Dynamic MAC Address Tables
You can add static entries to the switch’s MAC address table and configure
the aging time for entries in the dynamic MAC address table. You can also
search for entries in the dynamic table based on several different criteria.
For information about viewing and managing the MAC address table, see
"Managing the MAC Address Table" on page 849.
Link Layer Discovery Protocol (LLDP)
The IEEE 802.1AB defined standard, Link Layer Discovery Protocol (LLDP),
allows the switch to advertise major capabilities and physical descriptions.
This information can help you identify system topology and detect bad
configurations on the LAN.
For information about configuring LLDP, settings see "Discovering Network
Devices" on page 651.
Link Layer Discovery Protocol (LLDP) for Media Endpoint Devices
The Link Layer Discovery Protocol for Media Endpoint Devices (LLDPMED) provides an extension to the LLDP standard for network configuration
and policy, device location, Power over Ethernet management, and inventory
management.
For information about configuring LLDP-MED, settings see "Discovering
Network Devices" on page 651.
Priority-based Flow Control (PFC)
The Priority-based Flow Control feature allows the switch to pause or inhibit
transmission of individual priorities within a single physical link. By
configuring PFC to pause a congested priority (priorities) independently,
protocols that are highly loss sensitive can share the same link with traffic that
has different loss tolerances. Priorities are differentiated by the priority field
of the 802.1Q VLAN header. The PowerConnect 8000-series and 8100-series
switches support lossless transport of frames on up to two priority classes.
NOTE: An interface that is configured for PFC is automatically disabled for 802.3x
flow control.
Switch Features 69
Page 70
For information about configuring the PFC feature, see "Configuring Data
Center Bridging Features" on page 809.
Data Center Bridging Exchange (DBCx) Protocol
The Data Center Bridging Exchange Protocol (DCBx) is used by DCB
devices to exchange configuration information with directly connected peers.
The protocol is also used to detect misconfiguration of the peer DCB devices
and, optionally, for configuration of peer DCB devices. For information about
configuring DCBx settings, see "Configuring Data Center Bridging Features"
on page 809. DCBx is a link-local protocol and operates only on individual
links. When configuring FIP snooping on a port channel, ensure that all of
the physical links in the port channel utilize the same auto configuration
setting.
Enhanced Transmission Selection
Enhanced Transmission Selection (ETS) allows the switch to allocate
bandwidth to traffic classes and share unused bandwidth with lower-priority
traffic classes while coexisting with strict-priority traffic classes. ETS is
supported on the PowerConnect 8100-series switches and can be configured
manually or automatically using the auto configuration feature. For more
information about ETS, see "Enhanced Transmission Selection" on page 831.
Fibre Channel over Ethernet (FCoE) Initialization Protocol Snooping
The FCoE Initialization Protocol (FIP) is used to perform the functions of
FC_BB_E device discovery, initialization, and maintenance as defined in the
ANSI T11 FC-BB-5 specification. The PC8024/PC8024F switch supports FIP
snooping, which is a frame inspection method used by FIP Snooping Bridges
to monitor FIP frames and apply policies based upon the L2 header
information in those frames. For information about configuring the FIP
Snooping feature, see "Configuring Data Center Bridging Features" on
page 809.
70 Switch Features
Page 71
Cisco Protocol Filtering
The Cisco Protocol Filtering feature (also known as Link Local Protocol
Filtering) filters Cisco protocols that should not normally be relayed by a
bridge. The group addresses of these Cisco protocols do not fall within the
IEEE defined range of the 802.1D MAC Bridge Filtered MAC Group
Addresses (01-80-C2-00-00-00 to 01-80-C2-00-00-0F).
For information about configuring LLPF, settings see "Configuring PortBased Traffic Control" on page 679.
DHCP Layer 2 Relay
This feature permits Layer 3 Relay agent functionality in Layer 2 switched
networks. The switch supports L2 DHCP relay configuration on individual
ports, link aggregation groups (LAGs) and VLANs.
For information about configuring L2 DHCP Relay settings see "Configuring
L2 and L3 Relay Features" on page 919.
Virtual Local Area Network Supported Features
For information about configuring VLAN features see "Configuring VLANs"
on page 551.
VLAN Support
VLANs are collections of switching ports that comprise a single broadcast
domain. Packets are classified as belonging to a VLAN based on either the
VLAN tag or a combination of the ingress port and packet contents. Packets
sharing common attributes can be groups in the same VLAN. The
PowerConnect 8000/8100-series switches are in full compliance with IEEE
802.1Q VLAN tagging.
Port-Based VLANs
Port-based VLANs classify incoming packets to VLANs based on their ingress
port. When a port uses 802.1X port authentication, packets can be assigned
to a VLAN based on the result of the 802.1X authentication a client uses
when it accesses the switch. This feature is useful for assigning traffic to
Guest VLANs or Voice VLANs.
Switch Features 71
Page 72
IP Subnet-based VLAN
This feature allows incoming untagged packets to be assigned to a VLAN and
traffic class based on the source IP address of the packet.
MAC-based VLAN
This feature allows incoming untagged packets to be assigned to a VLAN and
traffic class based on the source MAC address of the packet.
IEEE 802.1v Protocol-Based VLANs
VLAN classification rules are defined on data-link layer (Layer 2) protocol
identification. Protocol-based VLANs are used for isolating Layer 2 traffic for
differing Layer 3 protocols.
GARP and GVRP Support
The switch supports the configuration of Generic Attribute Registration
Protocol (GARP) timers GARP VLAN Registration Protocol (GVRP) relies on
the services provided by GARP to provide IEEE 802.1Q-compliant VLAN
pruning and dynamic VLAN creation on 802.1Q trunk ports. When GVRP is
enabled, the switch registers and propagates VLAN membership on all ports
that are part of the active spanning tree protocol topology.
For information about configuring GARP timers see "Configuring L2
Multicast Features" on page 695.
Voice VLAN
The Voice VLAN feature enables switch ports to carry voice traffic with
defined priority. The priority level enables the separation of voice and data
traffic coming onto the port. Voice VLAN is the preferred solution for
enterprises wishing to deploy voice services in their network.
72 Switch Features
Page 73
Guest VLAN
The Guest VLAN feature allows a switch to provide a distinguished service to
unauthenticated users. This feature provides a mechanism to allow visitors
and contractors to have network access to reach external network with no
ability to browse information on the internal LAN.
For information about configuring the Guest VLAN see "Configuring Port
and System Security" on page 469.
Double VLANs
The Double VLAN feature (IEEE 802.1QinQ) allows the use of a second tag
on network traffic. The additional tag helps differentiate between customers
in the Metropolitan Area Networks (MAN) while preserving individual
customer’s VLAN identification when they enter their own 802.1Q domain.
Switch Features 73
Page 74
Spanning Tree Protocol Features
For information about configuring Spanning Tree Protocol features, see
"Configuring the Spanning Tree Protocol" on page 619.
Spanning Tree Protocol (STP)
Spanning Tree Protocol (IEEE 802.1D) is a standard requirement of Layer 2
switches that allows bridges to automatically prevent and resolve L2
forwarding loops.
Spanning Tree Port Settings
The STP feature supports a variety of per-port settings including path cost,
priority settings, Port Fast mode, STP Root Guard, Loop Guard, TCN Guard,
and Auto Edge. These settings are also configurable per-LAG.
Rapid Spanning Tree
Rapid Spanning Tree Protocol (RSTP) detects and uses network topologies to
enable faster spanning tree convergence after a topology change, without
creating forwarding loops. The port settings supported by STP are also
supported by RSTP.
Multiple Spanning Tree
Multiple Spanning Tree (MSTP) operation maps VLANs to spanning tree
instances. Packets assigned to various VLANs are transmitted along different
paths within MSTP Regions (MST Regions). Regions are one or more
interconnected MSTP bridges with identical MSTP settings. The MSTP
standard lets administrators assign VLAN traffic to unique paths.
The switch supports IEEE 802.1Q-2005, which is a version of corrects
problems associated with the previous version, provides for faster transitionto-forwarding, and incorporates new features for a port (restricted role and
restricted TCN).
74 Switch Features
Page 75
Bridge Protocol Data Unit (BPDU) Guard
Spanning Tree BPDU Guard is used to disable the port in case a new device
tries to enter the already existing topology of STP. Thus devices, which were
originally not a part of STP, are not allowed to influence the STP topology.
BPDU Filtering
When spanning tree is disabled on a port, the BPDU Filtering feature allows
BPDU packets received on that port to be dropped. Additionally, the BPDU
Filtering feature prevents a port in Port Fast mode from sending and receiving
BPDUs. A port in Port Fast mode is automatically placed in the forwarding
state when the link is up to increase convergence time.
Link Aggregation Features
For information about configuring link aggregation (port-channel) features,
see "Configuring Link Aggregation" on page 791.
Link Aggregation
Up to eight ports can combine to form a single Link Aggregation Group
(LAG). This enables fault tolerance protection from physical link disruption,
higher bandwidth connections and improved bandwidth granularity.
Per IEEE 802.1AX, only links with the same operational characteristics, such
as speed and duplex setting, may be aggregated. PowerConnect switches
aggregate links only if they have the same operational speed and duplex
setting, as opposed to the configured speed and duplex setting. This allows
operators to aggregate links that use auto negotiation to set values for speed
and duplex. Dissimilar ports will not become active in the LAG if their
operational settings do not match those of the first member of the LAG.
PowerConnect switches also support setting the MTU on a LAG. When a link
becomes active in a LAG, its MTU is dynamically changed to the LAG MTU.
When the link leaves the LAG, its MTU reverts to the link setting.
Link Aggregate Control Protocol (LACP)
Link Aggregate Control Protocol (LACP) uses peer exchanges across links to
determine, on an ongoing basis, the aggregation capability of various links,
and continuously provides the maximum level of aggregation capability
Switch Features 75
Page 76
achievable between a given pair of systems. LACP automatically determines,
configures, binds, and monitors the binding of ports to aggregators within the
system.
76 Switch Features
Page 77
Routing Features
Address Resolution Protocol (ARP) Table Management
You can create static ARP entries and manage many settings for the dynamic
ARP table, such as age time for entries, retries, and cache size.
For information about managing the ARP table, see "Configuring IP Routing"
on page 895.
VLAN Routing
PowerConnect 8000/8100-series switches support VLAN routing. You can also
configure the software to allow traffic on a VLAN to be treated as if the VLAN
were a router port.
For information about configuring VLAN routing interfaces, see "Configuring
Routing Interfaces" on page 855.
IP Configuration
The switch IP configuration settings to allow you to configure network
information for VLAN routing interfaces such as IP address and subnet mask,
MTU size, and ICMP redirects. Global IP configuration settings for the
switch allow you to enable or disable the generation of several types of ICMP
messages and enable or disable the routing mode.
For information about managing global IP settings, see "Configuring IP
Routing" on page 895.
Open Shortest Path First (OSPF)
Open Shortest Path First (OSPF) is a dynamic routing protocol commonly
used within medium-to-large enterprise networks. OSPF is an interior
gateway protocol (IGP) that operates within a single autonomous system.
For information about configuring OSPF, see "Configuring OSPF and
OSPFv3" on page 943.
Switch Features 77
Page 78
BOOTP/DHCP Relay Agent
The switch BootP/DHCP Relay Agent feature relays BootP and DHCP
messages between DHCP clients and DHCP servers that are located in
different IP subnets.
For information about configuring the BootP/DHCP Relay agent, see
"Configuring L2 and L3 Relay Features" on page 919.
IP Helper and UDP Relay
The IP Helper and UDP Relay features provide the ability to relay various
protocols to servers on a different subnet.
For information about configuring the IP helper and UDP relay features, see
"Configuring L2 and L3 Relay Features" on page 919.
Routing Information Protocol
Routing Information Protocol (RIP), like OSPF, is an IGP used within an
autonomous Internet system. RIP is an IGP that is designed to work with
moderate-size networks.
For information about configuring RIP, see "Configuring RIP" on page 1031.
Router Discovery
For each interface, you can configure the Router Discovery Protocol (RDP) to
transmit router advertisements. These advertisements inform hosts on the
local network about the presence of the router.
For information about configuring router discovery, see "Configuring IP
Routing" on page 895.
Routing Table
The routing table displays information about the routes that have been
dynamically learned. You can configure static and default routes and route
preferences. A separate table shows the routes that have been manually
configured.
For information about viewing the routing table, see "Configuring IP
Routing" on page 895.
78 Switch Features
Page 79
Virtual Router Redundancy Protocol (VRRP)
VRRP provides hosts with redundant routers in the network topology without
any need for the hosts to reconfigure or know that there are multiple routers.
If the primary (master) router fails, a secondary router assumes control and
continues to use the virtual router IP (VRIP) address.
VRRP Route Interface Tracking extends the capability of VRRP to allow
tracking of specific route/interface IP states within the router that can alter
the priority level of a virtual router for a VRRP group.
For information about configuring VRRP settings, see "Configuring VRRP"
on page 1045.
Tunnel and Loopback Interfaces
PowerConnect 8000/8100-series switches support the creation, deletion, and
management of tunnel and loopback interfaces. Tunnel interfaces facilitate
the transition of IPv4 networks to IPv6 networks. A loopback interface is
always expected to be up, so you can configure a stable IP address that other
network devices use to contact or identify the switch.
For information about configuring tunnel and loopback interfaces, see
"Configuring Routing Interfaces" on page 855.
IPv6 Routing Features
IPv6 Configuration
The switch supports IPv6, the next generation of the Internet Protocol. You
can globally enable IPv6 on the switch and configure settings such as the IPv6
hop limit and ICMPv6 rate limit error interval. You can also control whether
IPv6 is enabled on a specific interface. The switch supports the configuration
of many per-interface IPv6 settings including the IPv6 prefix and prefix
length.
For information about configuring general IPv6 routing settings, see
"Configuring IPv6 Routing" on page 1069.
Switch Features 79
Page 80
IPv6 Routes
Because IPv4 and IPv6 can coexist on a network, the router on such a network
needs to forward both traffic types. Given this coexistence, each switch
maintains a separate routing table for IPv6 routes. The switch can forward
IPv4 and IPv6 traffic over the same set of interfaces.
For information about configuring IPv6 routes, see "Configuring IPv6
Routing" on page 1069.
OSPFv3
OSPFv3 provides a routing protocol for IPv6 networking. OSPFv3 is a new
routing component based on the OSPF version 2 component. In dual stack
IPv6, you can configure and use both OSPF and OSPFv3 components.
For information about configuring OSPFv3, see "Configuring OSPF and
OSPFv3" on page 943.
DHCPv6
DHCPv6 incorporates the notion of the “stateless” server, where DHCPv6 is
not used for IP address assignment to a client, rather it only provides other
networking information such as DNS, Network Time Protocol (NTP), and/or
Session Initiation Protocol (SIP) information.
For information about configuring DHCPv6 settings, see "Configuring
DHCPv6 Server and Relay Settings" on page 1093.
80 Switch Features
Page 81
Quality of Service (QoS) Features
NOTE: Some features that can affect QoS, such as ACLs and Voice VLAN, are
described in other sections within this chapter.
Differentiated Services (DiffServ)
The QoS Differentiated Services (DiffServ) feature allows traffic to be
classified into streams and given certain QoS treatment in accordance with
defined per-hop behaviors. PowerConnect 8000/8100-series switches support
both IPv4 and IPv6 packet classification.
For information about configuring DiffServ, see "Configuring Differentiated
Services" on page 1113.
Class Of Service (CoS)
The Class Of Service (CoS) queueing feature lets you directly configure
certain aspects of switch queuing. This provides the desired QoS behavior for
different types of network traffic when the complexities of DiffServ are not
required. CoS queue characteristics, such as minimum guaranteed
bandwidth and transmission rate shaping, are configurable at the queue (or
port) level.
For information about configuring CoS, see "Configuring Class-of-Service" on
page 1143.
Auto Voice over IP (VoIP)
This feature provides ease of use for the user in setting up VoIP for IP phones
on a switch. This is accomplished by enabling a VoIP profile that a user can
select on a per port basis.
For information about configuring Auto VoIP, see "Configuring Auto VoIP" on
page 1161.
Switch Features 81
Page 82
Internet Small Computer System Interface (iSCSI) Optimization
The iSCSI Optimization feature helps network administrators track iSCSI
traffic between iSCSI initiator and target systems. This is accomplished by
monitoring, or snooping traffic to detect packets used by iSCSI stations in
establishing iSCSI sessions and connections. Data from these exchanges may
optionally be used to create classification rules to assign the traffic between
the stations to a configured traffic class. This affects how the packets in the
flow are queued and scheduled for egress on the destination port.
For information about configuring iSCSI settings, see "Configuring iSCSI
Optimization" on page 395.
Layer 2 Multicast Features
For information about configuring L2 multicast features, see "Configuring L2
Multicast Features" on page 695.
MAC Multicast Support
Multicast service is a limited broadcast service that allows one-to-many and
many-to-many connections. In Layer 2 multicast services, a single frame
addressed to a specific multicast address is received, and copies of the frame
to be transmitted on each relevant port are created.
IGMP Snooping
Internet Group Management Protocol (IGMP) Snooping is a feature that
allows a switch to forward multicast traffic intelligently on the switch.
Multicast traffic is traffic that is destined to a host group. Host groups are
identified by the destination MAC address, i.e. the range 01:00:5e:00:00:00 to
01:00:5e:7f:ff:ff:ff for IPv4 multicast traffic or 33:33:xx:xx:xx:xx for IPv6
multicast traffic. Based on the IGMP query and report messages, the switch
forwards traffic only to the ports that request the multicast traffic. This
prevents the switch from broadcasting the traffic to all ports and possibly
affecting network performance.
82 Switch Features
Page 83
IGMP Snooping Querier
When Protocol Independent Multicast (PIM) and IGMP are enabled in a
network with IP multicast routing, the IP multicast router acts as the IGMP
querier. However, if it is desirable to keep the multicast network Layer 2
switched only, the IGMP Snooping Querier can perform the query functions
of a Layer 3 multicast router.
MLD Snooping
In IPv4, Layer 2 switches can use IGMP Snooping to limit the flooding of
multicast traffic by dynamically configuring Layer 2 interfaces so that
multicast traffic is forwarded to only those interfaces associated with IP
multicast address.
In IPv6, MLD snooping performs a similar function. With MLD snooping,
IPv6 multicast data is selectively forwarded to a list of ports intended to
receive the data (instead of being flooded to all of the ports in a VLAN). This
list is constructed by snooping IPv6 multicast control packets.
Multicast VLAN Registration
The Multicast VLAN Registration (MVR) protocol, like IGMP Snooping,
allows a Layer 2 switch to listen to IGMP frames and forward the multicast
traffic only to the receivers that request it. Unlike IGMP Snooping, MVR
allows the switch to listen across different VLANs. MVR uses a dedicated
VLAN, which is called the multicast VLAN, to forward multicast traffic over
the Layer 2 network to the various VLANs that have multicast receivers as
members.
Switch Features 83
Page 84
Layer 3 Multicast Features
For information about configuring L3 multicast features, see "Managing IPv4
and IPv6 Multicast" on page 1167.
Distance Vector Multicast Routing Protocol
Distance Vector Multicast Routing Protocol (DVMRP) exchanges probe
packets with all DVMRP-enabled routers, establishing two way neighboring
relationships and building a neighbor table. It exchanges report packets and
creates a unicast topology table, which is used to build the multicast routing
table. This multicast route table is then used to route the multicast packets.
Internet Group Management Protocol
The Internet Group Management Protocol (IGMP) is used by IPv4 systems
(hosts and routers) to report their IP multicast group memberships to any
neighboring multicast routers. PowerConnect 8000/8100-series switches
perform the “multicast router part” of the IGMP protocol, which means it
collects the membership information needed by the active multicast router.
IGMP Proxy
The IGMP Proxy feature allows the switch to act as a proxy for hosts by
sending IGMP host messages on behalf of the hosts that the switch
discovered through standard IGMP router interfaces.
Protocol Independent Multicast—Dense Mode
Protocol Independent Multicast (PIM) is a standard multicast routing
protocol that provides scalable inter-domain multicast routing across the
Internet, independent of the mechanisms provided by any particular unicast
routing protocol. The Protocol Independent Multicast-Dense Mode (PIMDM) protocol uses an existing Unicast routing table and a Join/Prune/Graft
mechanism to build a tree. PIM-DM creates source-based shortest-path
distribution trees, making use of reverse path forwarding (RPF).
84 Switch Features
Page 85
Protocol Independent Multicast—Sparse Mode
Protocol Independent Multicast-Sparse Mode (PIM-SM) is used to efficiently
route multicast traffic to multicast groups that may span wide area networks,
and where bandwidth is a constraint. PIM-SM uses shared trees by default
and implements source-based trees for efficiency. This data threshold rate is
used to toggle between trees.
Protocol Independent Multicast—Source Specific Multicast
Protocol Independent Multicast—Source Specific Multicast (PIM-SSM) is a
subset of PIM-SM and is used for one-to-many multicast routing
applications, such as audio or video broadcasts. PIM-SSM does not use shared
trees.
Protocol Independent Multicast IPv6 Support
PIM-DM and PIM-SM support IPv6 routes.
MLD/MLDv2 (RFC2710/RFC3810)
MLD is used by IPv6 systems (listeners and routers) to report their IP
multicast addresses memberships to any neighboring multicast routers. The
implementation of MLD v2 is backward compatible with MLD v1.
MLD protocol enables the IPv6 router to discover the presence of multicast
listeners, the nodes that want to receive the multicast data packets, on its
directly attached interfaces. The protocol specifically discovers which
multicast addresses are of interest to its neighboring nodes and provides this
information to the multicast routing protocol that make the decision on the
flow of the multicast data packets.
Switch Features 85
Page 86
86 Switch Features
Page 87
3
Combo Ports100M/1G/10GBase-T Auto-sensing
Full Duplex RJ-45 Ports
Hardware Overview
This section provides an overview of the switch hardware. The topics covered
in this section include:
• PowerConnect 8000-series and 8100-series Front Panel
• PowerConnect 8000-series and 8100-series Back Panel
• LED Definitions
•Switch Addresses
PowerConnect 8000-series and 8100-series Front Panel
The following sections describe the ports on the front panel of each switch.
PowerConnect 8024 Front Panel
The PowerConnect 8024 front panel provides 24 100M/1G/10GBase-T ports,
four of which are combined with SFP/SFP+ ports.
Figure 3-1. PowerConnect 8024 Front Panel
Hardware Overview 87
Page 88
• The switch automatically detects crossed and straight-through cables on
SFP/SFP+ Ports Combo Ports
RJ-45 ports.
• RJ-45 ports support full-duplex mode 100/1000/10000 Mbps.
• PowerConnect 8024 switches can be stacked using the 10G SFP+ fiber
ports. The 10G ports default to Ethernet mode and must be configured to
be used as stacking ports.
PowerConnect 8024F Front Panel
The PowerConnect 8024F front panel provides 24 SFP/SFP+ ports, four of
which are combined with 100M/1G/10GBase-T ports.
Figure 3-2. PowerConnect 8024F Front Panel
• The switch automatically detects crossed and straight-through cables on
RJ-45 ports.
• SFP ports support both SX and LX modules.
• RJ-45 ports support full-duplex mode 100/1000/10000 Mbps.
• PowerConnect 8024F switches can be stacked with other PowerConnect
8024F switches using the 10G SFP+ fiber ports.
NOTE: A combo port may have both the RJ-45 and SFP+ ports cabled to a remote
device and, if so, the SFP+ port will be the active port while the RJ-45 port will be
disabled. The SFP+ ports comply with IEC60950-1, IEC60825-1, and IEC60825-2
and are contained within a fire enclosure.
88 Hardware Overview
Page 89
PowerConnect 8132 Front Panel
10GbE Copper Ports Module bay
USB port
The PowerConnect 8132 front panel provides the following ports:
• 24 x 10GbE copper ports
• A USB port. See "USB Port (Power Connect 8100-series switches only)" on
page 94.
• A module bay that supports the following modules:
– 2 x 40 Gig QSFP (each QSFP may be configured as 4 x 10 Gig ports)
–4 x SFP+ module
– 4 x 10GBaseT module
See "Hot-Pluggable Interface Modules" on page 92 for more information.
Figure 3-3. PowerConnect 8132 Front Panel
PowerConnect 8132 switches can be stacked with other PowerConnect 81xx
switches using 10G or 40G SFP+ or QSFP modules in the module bay.
PowerConnect 8132F Front Panel
The PowerConnect 8132F front panel provides the following ports:
• 24 x 10GbE fiber ports
• A USB port. See "USB Port (Power Connect 8100-series switches only)" on
page 94.
• A module bay that supports the following modules:
– 2 x 40 Gig QSFP (each QSFP may be configured as 4 x 10 Gig ports)
Hardware Overview 89
Page 90
–4 x SFP+ module
10GbE Fiber Ports Module bay
USB port
– 4 x 10GBaseT module.
See "Hot-Pluggable Interface Modules" on page 92 for details about these
modules.
Figure 3-4. PowerConnect 8132F Front Panel
PowerConnect 8132F switches can be stacked with other PowerConnect 81xx
switches using 10G or 40G SFP+ or QSFP modules in the module bay.
PowerConnect 8164 Front Panel
The PowerConnect 8164 front panel provides the following ports:
• 48 x 10GbE copper ports
• A USB port. See "USB Port (Power Connect 8100-series switches only)" on
page 94.
• Two fixed QSFP ports, each supporting 4 x 10G or 1 x 40G connections
• One module bay that supports the following modules:
– 2 x 40 Gig QSFP (each QSFP may be configured as 4 x 10 Gig ports)
–4 x SFP+ module
– 4 x 10GBaseT module
See "Hot-Pluggable Interface Modules" on page 92 for more information.
90 Hardware Overview
Page 91
Figure 3-5. PowerConnect 8164 Front Panel
10GbE Copper Ports
USB port
Fixed QSFP
ports
Module bay
PowerConnect 8164 switches can be stacked with other PowerConnect 81xx
switches using the 10G or 40G SFP+ or QSFP modules in the module bay or
fixed QSFP ports.
PowerConnect 8164F Front Panel
The PowerConnect 8164F front panel provides the following ports:
• 48 x 10GbE fiber ports
• A USB port. See "USB Port (Power Connect 8100-series switches only)" on
page 94.
• Two fixed QSFP ports, each supporting 4 x 10G or 1 x 40G connections
• One module bay that supports the following modules:
– 2 x 40 Gig QSFP (each QSFP may be configured as 4 x 10 Gig ports)
–4 x SFP+ module
– 4 x 10GBaseT module
See "Hot-Pluggable Interface Modules" on page 92 for more information.
Hardware Overview 91
Page 92
Figure 3-6. PowerConnect 8164F Front Panel
10GbE Fiber Ports Fixed QSFP
ports
Module bay
USB port
PowerConnect 8164F switches can be stacked with other PowerConnect 81xx
switches using the 10G or 40G SFP+ or QSFP modules in the module bay or
fixed QSFP ports.
Hot-Pluggable Interface Modules
The PowerConnect 8132, 8132F, 8164, and 8164F switches support the
following hot-pluggable interface modules:
• PC8100-QSFP - 2 x 40G QSFP port module - defaults to 2x40G
• PC8100-SFP+ - 4 x SFP+ port module - defaults to 4x10G mode
• PC8100-10GBT - 4 x 10GBase-T ports module - defaults to 4x10G mode
• Blank module - defaults to 10G mode
NOTE: The PowerConnect 8024 and 8024F switches do not support
hot-swappable plug-in modules.
A reboot is necessary when a hot-pluggable module is replaced with a module
of different type. Specifically, changing from a 40G module to a 10G module
or from a 10G module to a 40G module requires a reboot. Plug-in modules
with any port configured as a stacking port are not hot-swappable. Remove
the stack-port configuration from a slot before plugging in a module.
You must execute a no slot or clear config command prior to
inserting the new module. Note that changing the role of a port from stacking
to Ethernet or vice-versa also requires a switch reboot.
92 Hardware Overview
Page 93
If a no slot command is not issued prior to inserting a module, a message
such as the following will appear:
Card Mismatch: Unit:1 Slot:1 Inserted-Card: Dell 2
Port QSFP Expansion Card Config-Card: Dell 4 Port
10GBase-T Expansion Card
The following sections provides details on each module.
Quad-Port SFP (QSFP) Uplink Module
The QSFP module supports features four ports that support 10G SFP+
transceivers. The QSFP module supports the following features:
• Four 10G ports with quad-breakout/QBO cable or one 40G port
supporting CR4, SR4, and LR4 transceivers
• Front-panel port status LEDs
The QSFP interfaces can be used for stacking. Stacking is supported at
distances of up to 100M.
Quad-Port SFP+ Uplink Module
The PC8100-SFP+ module features four SFP+ ports, each providing the
following features:
• SFP+ SR, LR, and LRM optical interfaces
• SFP+ copper twinax interface
• Front-panel port status LEDs
The SFP+ connections can be used for stacking. Stacking is supported at
distances of up to 100M.
10GBase-T Copper Uplink Module
The 10GBase-T copper module features four copper ports that can support
10GbE/1GbE/100MbE switching and provides following features:
• Complies with IEEE802.3z, IEEE 802.3, IEEE802.3u, IEEE802.3ab,
IEEE802.3az, IEEE802.3an
• Four 10GBase-T/1GBase-T/100MBase-T copper ports.
• Front panel port status LEDs
Hardware Overview 93
Page 94
USB Port (Power Connect 8100-series switches only)
The Type-A, female USB port supports a USB 2.0-compliant flash memory
drive. The PowerConnect switch can read or write to a flash drive formatted
as FAT-32. You can use a USB flash drive to copy switch configuration files
and images between the USB flash drive and the switch. You can also use the
USB flash drive to move and copy configuration files and images from one
switch to other switches in the network.
The USB port does not support any other type of USB device.
Port and System LEDs
The front panel contains light emitting diodes (LEDs) to indicate port status.
For information about the status that the LEDs indicate, see "LED
Definitions" on page 97.
PowerConnect 8000-series and 8100-series Back Panel
•Console Port
• Out-of-Band Management Port
• Power Supplies
• Ventilation System
94 Hardware Overview
Page 95
The following image show the back panel of the PowerConnect 8000-series
AC powerAC power OOB Ethernet port
RJ-45 serial console port
Fans (3)
AC powerAC power OOB Ethernet port
RJ-45 serial console port
Fans
switches.
Figure 3-7. PowerConnect PC8000-Series Back Panel
The following image show the back panel of the PowerConnect 8100-series
switches.
Figure 3-8. PowerConnect PC8100-Series Back Panel
Hardware Overview 95
Page 96
Console Port
The console port is for management through a serial interface. This port
provides a direct connection to the switch and allows you to access the CLI
from a console terminal connected to the port through the provided serial
cable (RJ-45 to female DB-9 connectors).
The console port supports asynchronous data of eight data bits, one stop bit, no
parity bit, and no flow control. The default baud rate is 9600 bps.
Out-of-Band Management Port
The Out-of-Band (OOB) management port is a 10/100/1000BASE-T
Ethernet port dedicated to remote switch management. Traffic on this port is
segregated from operational network traffic on the switch ports and cannot be
switched or routed to the operational network.
Power Supplies
Each PowerConnect 8000-series and 8100-series switch has two power
supplies for redundant or loadsharing operation. Each power supply can
support 300W.
CAUTION: Remove the power cable from the modules prior to removing the
module itself. Power must not be connected prior to insertion in the chassis.
Ventilation System
The PC8000-series switches have three removable FANs and the 8100-series
have two fans (see "PowerConnect PC8100-Series Back Panel" on page 95).
Each switch also has four thermal sensors and a fan speed controller, which
can be used to control FAN speeds. You can verify operation by observing the
LEDs.
96 Hardware Overview
Page 97
LED Definitions
Link Activity
This section describes the LEDs on the front and back panels of the switch.
Port LEDs
Each port on a PowerConnect 8000/8100-series switch includes two LEDs.
One LED is on the left side of the port, and the second LED is on the right
side of the port. This section describes the LEDs on the switch ports.
100/1000/10000Base-T Port LEDs
Each 100/1000/10000Base-T port has two LEDs. Figure 3-9 illustrates the
100/1000/10000Base-T port LEDs.
Figure 3-9. 100/1000/10000Base-T Port LEDs
Table 3-1 shows the 100/1000/10000Base-T port LED definitions.
Table 3-1. 100/1000/10000Base-T Port Definitions
LED Color Definition
Link LED Off There is no link.
Solid green The port is operating at 10 Gbps.
Solid amber The port is operating at 100/1000 Mbps.
Activity LED Off There is no current transmit/receive activity.
Blinking green The port is actively transmitting/receiving.
Hardware Overview 97
Page 98
Module Bay LEDs
The following tables describe the purpose of each of the module bay LEDs
when SFP+, 10GBase-T, QSFP, and stacking modules are used.
Table 3-2. SFP+ Module LED Definitions
LED Color Definition
Link LED Off There is no link.
Solid green The port is operating at 10 Gbps.
Solid amber The port is operating at 100/1000 Mbps.
Activity LED Off There is no current transmit/receive activity.
Blinking green The port is actively transmitting/receiving.
Table 3-3. 10GBase-T Module LED Definitions
LED Color Definition
Link LED Off There is no link.
Solid green The port is operating at 10 Gbps.
Solid amber The port is operating at 100/1000 Mbps.
Activity LED Off There is no current transmit/receive activity.
Blinking green The port is actively transmitting/receiving.
Table 3-4. QSFP Module LED Definitions
LED Color Definition
Link LED Off There is no link.
Solid green The port is operating at 40 Gbps.
Solid amber The port is operating at other speeds.
Activity LED Off There is no current transmit/receive activity.
Blinking green The port is actively transmitting/receiving.
98 Hardware Overview
Page 99
Out-of-Band Ethernet Management Port LEDs
Table 3-5 shows the LED definitions for the OOB Ethernet management
port.
Table 3-5. OOB Ethernet Management Port LED Definitions
LED Color Definition
Link LED Off There is no link.
Solid green The port is operating at 1000 Mbps.
Solid amber The port is operating at 10/100 Mbps.
Activity LED Off There is no current transmit/receive activity.
Blinking green The port is actively transmitting/receiving.
System LEDs
The system LEDs, located on the back panel, provide information about the
power supplies, thermal conditions, and diagnostics.
Table 3-6 shows the System LED definitions for the PC8000-series switches.
Table 3-6. System LED Definitions—PowerConnect 8000-Series Switches
LED Color Definition
Diag Flashing Green A diagnostics test is in progress.
Green The diagnostics test was successfully completed.
Red The diagnostics test failed.
Power Green Power Supply is operating correctly.
Red Power Supply has failed.
Fan Green Fans are operating correctly.
Red One or more fans have failed.
Temp Amber System temperature has exceeded threshold limit.
Stack Solid green The switch is in stacking master mode.
Solid amber The switch is in stacking slave mode.
Off The switch is in stand-alone mode.
Hardware Overview 99
Page 100
Table 3-7 shows the System LED definitions for the 8100-series switches.
Table 3-7. System LED Definitions—PowerConnect 8100-Series Switches
LED Color Definition
System Blinking blue The switch is booting
Solid red A critical system error has occurred.
Blinking red A noncritical system error occurred (fan or power
supply failure).
Temp Off The switch is operating at normal temperature.
Solid amber The thermal sensor’s system temperature threshold of
75°C has been exceeded.
Diag Off The switch is operating normally
Blinking green A diagnostic test is running.
Fan Solid green The fan is powered and is operating at the expected
RPM.
Solid red A fan failure has occurred.
Stack Solid blue The switch is in stacking master mode.
Solid amber The switch is in stacking slave mode.
Off The switch is in stand-alone mode.
Locator Blinking green The locator function is enabled.
Solid green The locator function is disabled.
Switch Addresses
The switch allocates MAC addresses from the Vital Product Data information
stored locally in flash. MAC addresses are used as follows:
Table 3-8. MAC Address Use
Base switch address
Base + 1 Out-of-band port
Base + 2 Layer 2
Base + 3 Layer 3
100 Hardware Overview
Loading...