Dell PowerConnect B-TI24X Quick Reference Guide

53-1002269-02 26 April 2011

PowerConnect B-Series TI24X

Configuration Guide

Reproduction of these materials in any manner whatsoever without the written permission of Dell Inc. is strictly forbidden.

Trademarks used in this text: Dell, the DELL logo, Dell OpenManage and PowerConnect are trademarks of Dell Inc.; Microsoft, Windows and Windows Server are either trademarks or registered trademarks of Microsoft Corporation in the United States and/ or other countries.

Other trademarks and trade names may be used in this document to refer to either the entities claiming the marks and names or their products. Dell Inc. disclaims any proprietary interest in trademarks and trade names other than its own.

Regulatory Model Code: TurboIron 24X

Document History

Title Publication number Summary of changes Date

PowerConnect B-Series TI24X Configuration Guide

53-1002269-01 New document March 2011

53-1002269-02 Removed deprecated

April 2011 commands, web management and DVMRP references.

About This Document

Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxxi

Audience . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxxi

Document conventions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxxi

Text formatting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxxi

Command syntax conventions . . . . . . . . . . . . . . . . . . . . . . . . .xxxii

Notes, cautions, and danger notices . . . . . . . . . . . . . . . . . . . .xxxii

Notice to the reader . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .xxxii

Related publications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .xxxii

Getting technical help or reporting errors . . . . . . . . . . . . . . . . . . . xxxiii

Contacting Dell. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxxiii

Chapter 1 Getting Familiar with Management Applications

Using the management port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1

How the management port works. . . . . . . . . . . . . . . . . . . . . . . . . 1

CLI Commands for use with the management port. . . . . . . . . . . 1

Logging on through the CLI. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3

On-line help . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3

Command completion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4

Scroll control. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4

Line editing commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4

Using and port number with CLI commands. . . . . . . . . . . . . . . . . . . . 5

CLI nomenclature on PowerConnectdevices . . . . . . . . . . . . . . . . 5

Searching and filtering output from CLI commands . . . . . . . . . . 5

Using special characters in regular expressions . . . . . . . . . . . . . 7

Creating an alias for a CLI command . . . . . . . . . . . . . . . . . . . . . . 9

Logging on through Brocade Network Advisor . . . . . . . . . . . . . . . . .10

Chapter 2 Configuring Basic Software Features

Configuring basic system parameters . . . . . . . . . . . . . . . . . . . . . . . .11

Entering system administration information . . . . . . . . . . . . . . .12

Configuring Simple Network Management Protocol (SNMP)

parameters. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .12

Disabling Syslog messages and traps for CLI access . . . . . . . . 16

Configuring an interface as the source for all Telnet packets . 17

Cancelling an outbound Telnet session . . . . . . . . . . . . . . . . . . .18

Specifying a Simple Network Time Protocol (SNTP) server. . . . 18

Setting the system clock . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .19

Limiting broadcast, multicast, and unknown unicast traffic. . . 21

PowerConnect B-Series TI24X Configuration Guide iii 53-1002269-02

Configuring basic port parameters . . . . . . . . . . . . . . . . . . . . . . . . . . 24

Assigning a port name . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25

Modifying port speed and duplex mode. . . . . . . . . . . . . . . . . . .25

Auto speed detect . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .26

Modifying port duplex mode . . . . . . . . . . . . . . . . . . . . . . . . . . . .26

Disabling or re-enabling a port . . . . . . . . . . . . . . . . . . . . . . . . . . 27

Disabling or re-enabling flow control . . . . . . . . . . . . . . . . . . . . .27

Auto-negotiation and advertisement of flow control . . . . . . . . .28

Configuring the Interpacket Gap (IPG) . . . . . . . . . . . . . . . . . . . . 29

Changing the Gbps fiber negotiation mode . . . . . . . . . . . . . . . .30

Modifying port priority (QoS) . . . . . . . . . . . . . . . . . . . . . . . . . . . .30

Configuring port flap dampening . . . . . . . . . . . . . . . . . . . . . . . .30

Port loop detection. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .33

Chapter 3 Operations, Administration, and Maintenance

Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .39

Determining the software versions installed and

running on a device. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39

Determining the flash image version running on the device . . 39 Determining the image versions installed in flash memory . . . 40

Flash image verification . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40

Image file types . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42

Upgrading software. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .42

Upgrading the boot code . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .42

Upgrading the flash code . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42

Boot code synchronization feature. . . . . . . . . . . . . . . . . . . . . . . 43

Using SNMP to upgrade software . . . . . . . . . . . . . . . . . . . . . . . . . . .43

Changing the block size for TFTP file transfers . . . . . . . . . . . . . . . . . 44

Rebooting. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .44

Displaying the boot preference . . . . . . . . . . . . . . . . . . . . . . . . . . . . .45

Loading and saving configuration files . . . . . . . . . . . . . . . . . . . . . . .45

Replacing the startup configuration with the

running configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 46

Replacing the running configuration with the

startup configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .46

Logging changes to the startup-config file. . . . . . . . . . . . . . . . .46

Copying a configuration file to or from a TFTP server . . . . . . . . 47

Dynamic configuration loading . . . . . . . . . . . . . . . . . . . . . . . . . . 47

Maximum file sizes for startup-config file and running-config . 50

Scheduling a system reload . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .50

Reloading at a specific time . . . . . . . . . . . . . . . . . . . . . . . . . . . .50

Reloading after a specific amount of time. . . . . . . . . . . . . . . . . 51

Displaying the amount of time remaining

before a scheduled reload . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51

Canceling a scheduled reload. . . . . . . . . . . . . . . . . . . . . . . . . . . 51

Diagnostic error codes and remedies for TFTP transfers. . . . . . . . . 51

iv PowerConnect B-Series TI24X Configuration Guide

53-1002269-02

Chapter 4 Monitoring Hardware Components

Hardware support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .53

Digital optical monitoring . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .53

Supported media . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .53

Media not supported . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .53

Supported media . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .54

Media not supported . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .54

Configuration limitations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .54

Enabling digital optical monitoring . . . . . . . . . . . . . . . . . . . . . . .54

Setting the alarm interval . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .55

Displaying information about installed media . . . . . . . . . . . . . .55

Viewing optical monitoring information . . . . . . . . . . . . . . . . . . .56

Syslog messages . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .58

Chapter 5 Configuring IPv6 Connectivity

IPv6 addressing overview. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .59

IPv6 address types. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .60

IPv6 stateless autoconfiguration . . . . . . . . . . . . . . . . . . . . . . . .62

IPv6 CLI command support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .62

Configuring an IPv6 host address on a Layer 2 switch. . . . . . . . . . .63

Configuring a global or site-local IPv6 address with a

manually configured interface ID . . . . . . . . . . . . . . . . . . . . . . . .64

Configuring a link-local IPv6 address as a

system-wide address for a switch. . . . . . . . . . . . . . . . . . . . . . . .64

Configuring the management port for an IPv6 automatic address

configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .65

Configuring basic IPv6 connectivity on a Layer 3 switch . . . . . . . . . 65

Configuring IPv6 on each router interface . . . . . . . . . . . . . . . . .65

IPv6 management (IPv6 host support) . . . . . . . . . . . . . . . . . . . . . . .68

Restricting SNMP access to an IPv6 node. . . . . . . . . . . . . . . . .68

Specifying an IPv6 SNMP trap receiver . . . . . . . . . . . . . . . . . . .68

SNMP V3 over IPv6 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .69

SNTP over IPv6. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .69

Secure Shell, SCP, and IPv6 . . . . . . . . . . . . . . . . . . . . . . . . . . . . 69

IPv6 Telnet . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .69

Configuring name-to-IPv6 address resolution using IPv6 DNS

resolver . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .70

Defining an IPv6 DNS entry. . . . . . . . . . . . . . . . . . . . . . . . . . . . .70

Using the IPv6 copy command . . . . . . . . . . . . . . . . . . . . . . . . . . 71

Using the IPv6 ncopy command . . . . . . . . . . . . . . . . . . . . . . . . .73

IPv6 ping. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 74

Configuring an IPv6 Syslog server . . . . . . . . . . . . . . . . . . . . . . . 76

Viewing IPv6 SNMP server addresses . . . . . . . . . . . . . . . . . . . . 76

Disabling router advertisement and solicitation messages . . . 77

IPv6 debug . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 77

Disabling IPv6 on a Layer 2 switch. . . . . . . . . . . . . . . . . . . . . . . 77

PowerConnect B-Series TI24X Configuration Guide v 53-1002269-02

Configuring IPv6 neighbor discovery . . . . . . . . . . . . . . . . . . . . . . . . .77

Configuration notes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .78

Neighbor solicitation and advertisement messages . . . . . . . . .78

Configuring static neighbor entries . . . . . . . . . . . . . . . . . . . . . . . . . .79

Clearing global IPv6 information . . . . . . . . . . . . . . . . . . . . . . . . . . . .79

Clearing the IPv6 cache. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .80

Clearing IPv6 neighbor information . . . . . . . . . . . . . . . . . . . . . .80

Clearing IPv6 traffic statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . 81

Displaying global IPv6 information. . . . . . . . . . . . . . . . . . . . . . . . . . .81

Displaying IPv6 cache information . . . . . . . . . . . . . . . . . . . . . . .81

Displaying IPv6 interface information. . . . . . . . . . . . . . . . . . . . .82

Displaying IPv6 neighbor information. . . . . . . . . . . . . . . . . . . . . 84

Displaying IPv6 TCP information . . . . . . . . . . . . . . . . . . . . . . . . . 85

Displaying IPv6 traffic statistics . . . . . . . . . . . . . . . . . . . . . . . . . 88

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .89

Chapter 6 Configuring Spanning Tree Protocol (STP) Related Features

STP overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .93

Configuring standard STP parameters. . . . . . . . . . . . . . . . . . . . . . . .93

STP parameters and defaults . . . . . . . . . . . . . . . . . . . . . . . . . . . 93

Enabling or disabling the Spanning Tree Protocol (STP) . . . . . .95

Changing STP bridge and port parameters . . . . . . . . . . . . . . . .96

STP protection enhancement . . . . . . . . . . . . . . . . . . . . . . . . . . .98

Displaying STP information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 99

Configuring STP related features . . . . . . . . . . . . . . . . . . . . . . . . . . .106

802.1W Rapid Spanning Tree (RSTP) . . . . . . . . . . . . . . . . . . . .107

802.1W Draft 3 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .144

Single Spanning Tree (SSTP) . . . . . . . . . . . . . . . . . . . . . . . . . . .148

PVST/PVST+ compatibility . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .150

Overview of PVST and PVST+ . . . . . . . . . . . . . . . . . . . . . . . . . .151

VLAN tags and dual mode. . . . . . . . . . . . . . . . . . . . . . . . . . . . .152

Configuring PVST+ support . . . . . . . . . . . . . . . . . . . . . . . . . . . .153

Displaying PVST+ support information. . . . . . . . . . . . . . . . . . .153

Configuration examples. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .154

PVRST compatibility . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .157

BPDU guard . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .157

Enabling BPDU protection by port. . . . . . . . . . . . . . . . . . . . . . .157

Re-enabling ports disabled by BPDU guard . . . . . . . . . . . . . . .158

Displaying the BPDU guard status . . . . . . . . . . . . . . . . . . . . . .158

Example console messages . . . . . . . . . . . . . . . . . . . . . . . . . . .159

Root guard . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .159

Enabling STP root guard . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .160

Displaying the STP root guard . . . . . . . . . . . . . . . . . . . . . . . . . .160

Displaying the root guard by VLAN . . . . . . . . . . . . . . . . . . . . . .160

vi PowerConnect B-Series TI24X Configuration Guide

53-1002269-02

802.1s Multiple Spanning Tree Protocol . . . . . . . . . . . . . . . . . . . . .161

Multiple spanning-tree regions . . . . . . . . . . . . . . . . . . . . . . . . . 161

Configuration notes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .163

Configuring MSTP mode and scope . . . . . . . . . . . . . . . . . . . . .163

Configuring additional MSTP parameters . . . . . . . . . . . . . . . .164

Chapter 7 Configuring Basic Layer 2 Features

Enabling or disabling the Spanning Tree Protocol (STP). . . . . . . . .175

Modifying STP bridge and port parameters . . . . . . . . . . . . . . .175

Changing the MAC age time and disabling MAC address learning 176

Disabling the automatic learning of MAC addresses . . . . . . . 176

Displaying the MAC address table . . . . . . . . . . . . . . . . . . . . . .177

Configuring static MAC entries. . . . . . . . . . . . . . . . . . . . . . . . . . . . .177

Multi-port static MAC address. . . . . . . . . . . . . . . . . . . . . . . . . .178

Configuring VLAN-based static MAC entries . . . . . . . . . . . . . . . . . .179

Clearing MAC address entries . . . . . . . . . . . . . . . . . . . . . . . . . . . . .179

Enabling port-based VLANs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .180

Assigning IEEE 802.1Q tagging to a port . . . . . . . . . . . . . . . . .180

Defining MAC address filters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .181

Configuration notes and limitations . . . . . . . . . . . . . . . . . . . . .181

Command syntax . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .181

Enabling logging of management traffic

permitted by MAC filters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .183

Displaying and modifying system parameter default settings . . . .184

Configuration considerations . . . . . . . . . . . . . . . . . . . . . . . . . .184

Displaying system parameter default values . . . . . . . . . . . . . .184

Modifying system parameter default values . . . . . . . . . . . . . .186

Egress buffer thresholds for QoS priorities . . . . . . . . . . . . . . . . . . .187

Cut-Through Switching Support on PowerConnect B-Series TI24X

Switches . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .188

Default settings for egress buffer thresholds . . . . . . . . . . . . .188

Disabling and re-enabling the default settings

for egress buffer thresholds . . . . . . . . . . . . . . . . . . . . . . . . . . .189

Setting the egress buffer threshold for all QoS

priorities on a port or group of ports . . . . . . . . . . . . . . . . . . . .189

Setting the egress buffer threshold for a specific

QoS priority on a port or group of ports . . . . . . . . . . . . . . . . . .190

Link Fault Signaling (LFS) for 10G . . . . . . . . . . . . . . . . . . . . . . . . . .190

Jumbo frame support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .191

PowerConnect B-Series TI24X Configuration Guide vii 53-1002269-02

Chapter 8 Configuring Metro Features

Topology groups. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .193

Master VLAN and member VLANs . . . . . . . . . . . . . . . . . . . . . .193

Control ports and free ports . . . . . . . . . . . . . . . . . . . . . . . . . . .194

Configuration considerations . . . . . . . . . . . . . . . . . . . . . . . . . .194

Configuring a topology group . . . . . . . . . . . . . . . . . . . . . . . . . .194

Displaying topology group information . . . . . . . . . . . . . . . . . . .195

Metro Ring Protocol (MRP) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .197

Configuration notes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .199

MRP rings without shared interfaces (MRP Phase 1) . . . . . . .199

MRP rings with shared interfaces (MRP Phase 2). . . . . . . . . .200

Ring initialization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .202

How ring breaks are detected and healed . . . . . . . . . . . . . . . .205

Alarm RHP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .208

Master VLANs and customer VLANs. . . . . . . . . . . . . . . . . . . . .209

Configuring MRP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .211

Using MRP diagnostics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .213

Displaying MRP information . . . . . . . . . . . . . . . . . . . . . . . . . . .214

MRP CLI example. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .216

Virtual Switch Redundancy Protocol (VSRP) . . . . . . . . . . . . . . . . . .218

Configuration notes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .220

Layer 2 and Layer 3 redundancy . . . . . . . . . . . . . . . . . . . . . . .220

Master election and failover . . . . . . . . . . . . . . . . . . . . . . . . . . .220

VSRP-Aware security features. . . . . . . . . . . . . . . . . . . . . . . . . .225

VSRP parameters. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .225

Configuring basic VSRP parameters. . . . . . . . . . . . . . . . . . . . .228

Configuring optional VSRP parameters . . . . . . . . . . . . . . . . . .229

Displaying VSRP information. . . . . . . . . . . . . . . . . . . . . . . . . . .238

VSRP fast start . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .241

VSRP and MRP signaling. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .242

Chapter 9 Configuring Uni-Directional Link Detection (UDLD) and Protected

Link Groups

UDLD overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .245

Configuration considerations . . . . . . . . . . . . . . . . . . . . . . . . . .246

Enabling UDLD . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .246

Changing the Keepalive interval . . . . . . . . . . . . . . . . . . . . . . . .246

Changing the Keepalive retries . . . . . . . . . . . . . . . . . . . . . . . . .247

UDLD for tagged ports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .247

Displaying UDLD information . . . . . . . . . . . . . . . . . . . . . . . . . . 247

Clearing UDLD statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .249

viii PowerConnect B-Series TI24X Configuration Guide

53-1002269-02

Chapter 10 Configuring Virtual LANs (VLANs)

VLAN overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .251

Types of VLANs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .251

Default VLAN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .255

802.1Q tagging . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .256

Spanning Tree Protocol (STP) . . . . . . . . . . . . . . . . . . . . . . . . . .258

Virtual routing interfaces. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .259

VLAN and virtual routing interface groups . . . . . . . . . . . . . . . .260

Dynamic, static, and excluded port membership . . . . . . . . . .261

Super aggregated VLANs. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .263

Trunk group ports and VLAN membership . . . . . . . . . . . . . . . .263

Routing between VLANs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .263

Virtual routing interfaces (Layer 3 Switches only) . . . . . . . . . .263

Routing between VLANs using virtual routing

interfaces (Layer 3 Switches only) . . . . . . . . . . . . . . . . . . . . . .264

Dynamic port assignment (Layer 2 Switches

and Layer 3 Switches) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .265

Assigning a different VLAN ID to the default VLAN . . . . . . . . .265

Assigning different VLAN IDs to reserved VLANs 4091 and 4092265

Assigning trunk group ports . . . . . . . . . . . . . . . . . . . . . . . . . . .266

Configuring port-based VLANs . . . . . . . . . . . . . . . . . . . . . . . . .267

Modifying a port-based VLAN . . . . . . . . . . . . . . . . . . . . . . . . . .270

Enable spanning tree on a VLAN . . . . . . . . . . . . . . . . . . . . . . .271

Configuring IP subnet, IPX network andprotocol-based VLANs . . .272

Configuration example. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .272

Configuring an IPv6 protocol VLAN . . . . . . . . . . . . . . . . . . . . . . . . . 274

Routing between VLANs using virtual routing

interfaces (Layer 3 Switches only) . . . . . . . . . . . . . . . . . . . . . . . . . .275

Configuring uplink ports within a port-based VLAN . . . . . . . . . . . .281

Configuration considerations . . . . . . . . . . . . . . . . . . . . . . . . . .281

Configuration syntax . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .281

Configuring the same IP subnet address on multiple

port-based VLANs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .282

Configuring VLAN groups and virtual routing interface groups . . .285

Configuring a VLAN group . . . . . . . . . . . . . . . . . . . . . . . . . . . . .285

Configuring a virtual routing interface group . . . . . . . . . . . . . .287

Displaying the VLAN group and virtual routing

interface group information . . . . . . . . . . . . . . . . . . . . . . . . . . .288

Allocating memory for more VLANs or virtual routing interfaces288

Configuring super aggregated VLANs . . . . . . . . . . . . . . . . . . . . . . .289

Configuration note . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .292

Configuring aggregated VLANs . . . . . . . . . . . . . . . . . . . . . . . . .292

Verifying the configuration. . . . . . . . . . . . . . . . . . . . . . . . . . . . .293

Complete CLI examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .293

Configuring 802.1Q-in-Q tagging . . . . . . . . . . . . . . . . . . . . . . . . . . .296

Configuration rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .297

Enabling 802.1Q-in-Q tagging. . . . . . . . . . . . . . . . . . . . . . . . . .297

Example configuration. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .298

PowerConnect B-Series TI24X Configuration Guide ix 53-1002269-02

Configuring private VLANs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .300

Configuration notes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .301

Configuration notes and limitations for PowerConnect

devices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .302

Command syntax . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .302

CLI example for Figure 71 . . . . . . . . . . . . . . . . . . . . . . . . . . . . .304

Enabling broadcast, unregistered multicast or unknown unicast traffic to the private VLAN on

PowerConnect device . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .304

Dual-mode VLAN ports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .305

Displaying VLAN information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .307

Displaying VLANs in alphanumeric order . . . . . . . . . . . . . . . . .307

Displaying system-wide VLAN information . . . . . . . . . . . . . . . .308

Displaying VLAN information for specific ports . . . . . . . . . . . .309

Chapter 11 Configuring Trunk Groups and Dynamic Link Aggregation

Trunk group overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .311

Trunk group connectivity to a server. . . . . . . . . . . . . . . . . . . . .312

Trunk group rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .312

Trunk group configuration examples . . . . . . . . . . . . . . . . . . . .313

Flexible trunk group membership. . . . . . . . . . . . . . . . . . . . . . .314

Trunk group load sharing. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 314

Configuring a trunk group. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 316

CLI syntax . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .316

Example 1: Configuring the trunk groups shown in Figure 75 317 Example 2: Configuring a trunk group that spans

two Gbps Ethernet modules in a chassis device. . . . . . . . . . . 317

Example 3: Configuring a multi-slot trunk group

with one port per module . . . . . . . . . . . . . . . . . . . . . . . . . . . . .318

Example 4: Configuring a trunk group of 10 Gbps

Ethernet ports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .318

Additional trunking options . . . . . . . . . . . . . . . . . . . . . . . . . . . .318

Displaying trunk group configuration information . . . . . . . . . . . . .323

Dynamic link aggregation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .324

Examples of valid LACP trunk groups . . . . . . . . . . . . . . . . . . . .325

Configuration notes and limitations . . . . . . . . . . . . . . . . . . . . .325

Adaptation to trunk disappearance . . . . . . . . . . . . . . . . . . . . .327

Flexible trunk eligibility . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .327

Enabling dynamic link aggregation. . . . . . . . . . . . . . . . . . . . . .328

How changing the VLAN membership of a port affects

trunk groups and dynamic keys . . . . . . . . . . . . . . . . . . . . . . . .330

Link aggregation parameters . . . . . . . . . . . . . . . . . . . . . . . . . .330

Displaying and determining the status of aggregate links . . . . . . .335

Events that affect the status of ports in an aggregate link. . .335

Displaying link aggregation and port status information . . . .336

Displaying LACP status information . . . . . . . . . . . . . . . . . . . . .338

Clearing the negotiated aggregate links table . . . . . . . . . . . . . . . .338

x PowerConnect B-Series TI24X Configuration Guide

53-1002269-02

Configuring single link LACP. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .338

Configuration notes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .339

CLI syntax . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .339

Chapter 12 Configuring GARP VLAN Registration Protocol

GVRP overview. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .341

Application examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .341

Dynamic core and fixed edge . . . . . . . . . . . . . . . . . . . . . . . . . .342

Dynamic core and dynamic edge . . . . . . . . . . . . . . . . . . . . . . .343

Fixed core and dynamic edge . . . . . . . . . . . . . . . . . . . . . . . . . .343

Fixed core and fixed edge . . . . . . . . . . . . . . . . . . . . . . . . . . . . .343

VLAN names . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .344

Configuration notes. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .344

Configuring GVRP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .345

Changing the GVRP base VLAN ID . . . . . . . . . . . . . . . . . . . . . .345

Increasing the maximum configurable value of the

Leaveall timer. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .346

Enabling GVRP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .346

Disabling VLAN advertising . . . . . . . . . . . . . . . . . . . . . . . . . . . .347

Disabling VLAN learning . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .347

Changing the GVRP timers . . . . . . . . . . . . . . . . . . . . . . . . . . . .347

Converting a VLAN created by GVRP into a statically-configured

VLAN. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .349

Displaying GVRP information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .349

Displaying GVRP configuration information . . . . . . . . . . . . . . .350

Displaying GVRP VLAN information. . . . . . . . . . . . . . . . . . . . . .352

Displaying GVRP statistics. . . . . . . . . . . . . . . . . . . . . . . . . . . . .354

Displaying CPU utilization statistics . . . . . . . . . . . . . . . . . . . . .355

Displaying GVRP diagnostic information . . . . . . . . . . . . . . . . .356

Clearing GVRP statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .357

CLI examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .357

Dynamic core and fixed edge . . . . . . . . . . . . . . . . . . . . . . . . . .357

Dynamic core and dynamic edge . . . . . . . . . . . . . . . . . . . . . . .359

Fixed core and dynamic edge . . . . . . . . . . . . . . . . . . . . . . . . . .359

Fixed core and fixed edge . . . . . . . . . . . . . . . . . . . . . . . . . . . . .359

Chapter 13 Configuring Rule-Based IP Access Control Lists

ACL overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .361

Types of IP ACLs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .361

ACL IDs and entries . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .361

Numbered and named ACLs . . . . . . . . . . . . . . . . . . . . . . . . . . .362

Default ACL action . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .362

How hardware-based ACLs work . . . . . . . . . . . . . . . . . . . . . . . . . . .363

How fragmented packets are processed . . . . . . . . . . . . . . . . .363

Hardware aging of Layer 4 CAM entries . . . . . . . . . . . . . . . . . .363

Configuration considerations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .363

PowerConnect B-Series TI24X Configuration Guide xi 53-1002269-02

Configuring standard numbered ACLs. . . . . . . . . . . . . . . . . . . . . . .364

Standard numbered ACL syntax . . . . . . . . . . . . . . . . . . . . . . . .364

Configuration example for standard numbered ACLs . . . . . . .366

Configuring standard named ACLs . . . . . . . . . . . . . . . . . . . . . . . . .366

Standard named ACL syntax. . . . . . . . . . . . . . . . . . . . . . . . . . .366

Configuration example for standard named ACLs. . . . . . . . . .368

Configuring extended numbered ACLs . . . . . . . . . . . . . . . . . . . . . .368

Extended numbered ACL syntax . . . . . . . . . . . . . . . . . . . . . . . .369

Configuration examples for extended numbered ACLs . . . . . .373

Configuring extended named ACLs . . . . . . . . . . . . . . . . . . . . . . . . . 374

Extended named ACL syntax. . . . . . . . . . . . . . . . . . . . . . . . . . .375

Configuration example for extended named ACLs. . . . . . . . . .379

Preserving user input for ACL TCP/UDP port numbers. . . . . . . . . .379

Managing ACL comment text . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .379

Adding a comment to an entry in a numbered ACL. . . . . . . . .380

Applying an ACL to a virtual interface in a protocol-

or subnet-based VLAN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .380

Enabling ACL logging. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .381

Enabling strict control of ACL filtering of fragmented packets. . . .383

Enabling ACL support for switched traffic in the router image . . .384

Enabling ACL filtering based on VLAN membership or VE port

membership . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .384

Applying an IPv4 ACL to specific VLAN members on

a port (Layer 2 devices only) . . . . . . . . . . . . . . . . . . . . . . . . . . .385

Applying an IPv4 ACL to a subset of ports on a virtual

interface (Layer 3 devices only) . . . . . . . . . . . . . . . . . . . . . . . .385

Filtering on IP precedence and ToS values . . . . . . . . . . . . . . . . . . .386

QoS options for IP ACLs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .387

Using an IP ACL to mark DSCP values (DSCP marking). . . . . .387

DSCP matching . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .389

ACL-based rate limiting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .389

Using ACLs to control multicast features. . . . . . . . . . . . . . . . . . . . .390

Enabling and viewing hardware usage statistics for an ACL . . . . .391

Displaying ACL information. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .391

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .392

Enabling and viewing hardware usage statistics for an ACL . . . . .392

Displaying ACL information. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .392

Troubleshooting ACLs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .392

Chapter 14 Configuring Port Mirroring and Monitoring

Mirroring support by platform . . . . . . . . . . . . . . . . . . . . . . . . . . . . .395

xii PowerConnect B-Series TI24X Configuration Guide

53-1002269-02

Configuring port mirroring and monitoring . . . . . . . . . . . . . . . . . . .395

Configuration notes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .395

Monitoring a port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .397

Monitoring an individual trunk port . . . . . . . . . . . . . . . . . . . . .397

ACL-based inbound mirroring . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .398

Creating an ACL-based inbound mirror clause for

PowerConnect B-Series TI24X devices . . . . . . . . . . . . . . . . . . .398

MAC filter-based mirroring . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .402

Configuring MAC filter-based mirroring on

PowerConnect B-Series TI24X devices . . . . . . . . . . . . . . . . . . .402

Chapter 15 Configuring Quality of Service

Classification . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .405

Processing of classified traffic . . . . . . . . . . . . . . . . . . . . . . . . .405

QoS queues . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .408

Assigning QoS priorities to traffic . . . . . . . . . . . . . . . . . . . . . . .408

Buffer allocation/threshold for QoS queues . . . . . . . . . . . . . .410

Marking . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .410

Configuring DSCP-based QoS. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .410

Application notes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .411

Using ACLs to honor DSCP-based QoS . . . . . . . . . . . . . . . . . . .411

Configuring the QoS mappings. . . . . . . . . . . . . . . . . . . . . . . . . . . . .411

Default DSCP –> Internal forwarding priority mappings . . . . .411

Changing the DSCP –> internal forwarding priority mappings412 Changing the internal forwarding priority –> hardware

forwarding queue mappings . . . . . . . . . . . . . . . . . . . . . . . . . . .413

Scheduling. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .414

QoS Queuing methods. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 414

Selecting the QoS queuing method . . . . . . . . . . . . . . . . . . . . .415

Configuring the QoS queues . . . . . . . . . . . . . . . . . . . . . . . . . . .415

Viewing QoS settings. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .418

Viewing DSCP-based QoS settings. . . . . . . . . . . . . . . . . . . . . . . . . .418

Chapter 16 Configuring Rate Limiting and Rate Shaping on the PowerConnect B-

Series TI24X

Rate limiting overview. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .421

Rate limiting in hardware . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .421

How Fixed Rate Limiting works . . . . . . . . . . . . . . . . . . . . . . . . .421

Configuration notes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .422

Configuring a port-based rate limiting policy . . . . . . . . . . . . . .422

Configuring an ACL-based rate limiting policy . . . . . . . . . . . . .423

Displaying the fixed rate limiting configuration . . . . . . . . . . . .423

PowerConnect B-Series TI24X Configuration Guide xiii 53-1002269-02

Rate shaping overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .424

Configuration notes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .424

Configuring outbound rate shaping for a port . . . . . . . . . . . . .424

Configuring outbound rate shaping for a specific priority. . . .425

Configuring outbound rate shaping for a trunk port . . . . . . . .425

Displaying rate shaping configurations . . . . . . . . . . . . . . . . . .425

Chapter 17 Configuring Traffic Policies

About traffic policies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .427

Configuration notes and feature limitations . . . . . . . . . . . . . . . . . .427

Maximum number of traffic policies supported on a device . . . . .428

Setting the maximum number of traffic policies supported

on a Layer 3 device . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .429

ACL-based rate limiting using traffic policies. . . . . . . . . . . . . . . . . .429

Support for fixed rate limiting and adaptive rate limiting . . . .430

Configuring ACL-based fixed rate limiting . . . . . . . . . . . . . . . . .430

Configuring ACL-based adaptive rate limiting . . . . . . . . . . . . .431

Specifying the action to be taken for packets that are

over the limit. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .433

ACL and rate limit counting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .434

Enabling ACL statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .434

Enabling ACL statistics with rate limiting traffic policies. . . . .435

Viewing ACL and rate limit counters . . . . . . . . . . . . . . . . . . . . .436

Clearing ACL and rate limit counters . . . . . . . . . . . . . . . . . . . .437

Viewing traffic policies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .437

Chapter 18 Configuring IP Multicast Traffic Reduction for PowerConnect B-

Series TI24X Switches

IGMP snooping overview. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .439

IGMP V1, V2, and V3 snooping support . . . . . . . . . . . . . . . . . .440

Queriers and non-queriers . . . . . . . . . . . . . . . . . . . . . . . . . . . .440

IGMP snooping enhancements. . . . . . . . . . . . . . . . . . . . . . . . .441

Configuration notes and feature limitations for

PowerConnect B-Series TI24X devices . . . . . . . . . . . . . . . . . . .441

PIM SM traffic snooping overview . . . . . . . . . . . . . . . . . . . . . . . . . .442

PIM SM snooping support . . . . . . . . . . . . . . . . . . . . . . . . . . . . .443

Application examples. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .443

Configuration notes and limitations . . . . . . . . . . . . . . . . . . . . .444

xiv PowerConnect B-Series TI24X Configuration Guide

53-1002269-02

Configuring IGMP snooping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .445

Enabling IGMP snooping globally on the device . . . . . . . . . . .447

Configuring the IGMP mode . . . . . . . . . . . . . . . . . . . . . . . . . . .447

Configuring the IGMP version . . . . . . . . . . . . . . . . . . . . . . . . . .448

Disabling IGMP snooping on a VLAN . . . . . . . . . . . . . . . . . . . .448

Disabling transmission and receipt of IGMP packets

on a port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .449

Modifying the age interval for group membership entries . . .449 Modifying the query interval (active IGMP snooping

mode only) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .449

Modifying the maximum response time. . . . . . . . . . . . . . . . . .450

Configuring report control . . . . . . . . . . . . . . . . . . . . . . . . . . . . .450

Modifying the wait time before stopping traffic when receiving a

leave message . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .450

Modifying the multicast cache age time . . . . . . . . . . . . . . . . .451

Enabling or disabling error and warning messages . . . . . . . .451

Configuring static router ports . . . . . . . . . . . . . . . . . . . . . . . . .451

Turning off static group proxy . . . . . . . . . . . . . . . . . . . . . . . . . .451

IGMP V3 membership tracking and fast leave . . . . . . . . . . . .452

Fast leave for IGMP V2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .452

Fast convergence . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .453

Configuring PIM SM snooping . . . . . . . . . . . . . . . . . . . . . . . . . . . . .453

Enabling or disabling PIM SM snooping. . . . . . . . . . . . . . . . . .453

Enabling PIM SM snooping on a VLAN . . . . . . . . . . . . . . . . . . .454

Disabling PIM SM snooping on a VLAN . . . . . . . . . . . . . . . . . .454

IGMP snooping show commands. . . . . . . . . . . . . . . . . . . . . . . . . . .454

Displaying the IGMP snooping configuration . . . . . . . . . . . . . .454

Displaying IGMP snooping errors . . . . . . . . . . . . . . . . . . . . . . .455

Displaying IGMP group information . . . . . . . . . . . . . . . . . . . . .456

Displaying IGMP snooping mcache information . . . . . . . . . . .457

Displaying software resource usage for VLANs . . . . . . . . . . . .458

Displaying the status of IGMP snooping traffic . . . . . . . . . . . .459

PIM SM snooping show commands. . . . . . . . . . . . . . . . . . . . . . . . .460

Displaying PIM SM snooping information. . . . . . . . . . . . . . . . .460

Displaying PIM SM snooping information on a Layer 2 switch460 Displaying PIM SM snooping information for a specific

group or source group pair . . . . . . . . . . . . . . . . . . . . . . . . . . . .461

Clear commands for IGMP snooping . . . . . . . . . . . . . . . . . . . . . . . .462

Clearing the IGMP mcache . . . . . . . . . . . . . . . . . . . . . . . . . . . .462

Clearing the mcache on a specific VLAN . . . . . . . . . . . . . . . . .462

Clearing traffic on a specific VLAN . . . . . . . . . . . . . . . . . . . . . .463

Clearing IGMP counters on VLANs . . . . . . . . . . . . . . . . . . . . . .463

Chapter 19 Configuring IP Multicast Protocols

Overview of IP multicasting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .465

IPv4 multicast group addresses . . . . . . . . . . . . . . . . . . . . . . . .465

Mapping of IPv4 Multicast group addresses to

Ethernet MAC addresses. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .466

Supported Layer 3 multicast routing protocols . . . . . . . . . . . .466

Multicast terms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .466

PowerConnect B-Series TI24X Configuration Guide xv 53-1002269-02

Changing global IP multicast parameters . . . . . . . . . . . . . . . . . . . .467

Changing dynamic memory allocation for IP multicast groups467

Changing IGMP V1 and V2 parameters . . . . . . . . . . . . . . . . . .468

PIM Dense . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .470

Initiating PIM multicasts on a network . . . . . . . . . . . . . . . . . . .470

Pruning a multicast tree . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .470

Grafts to a multicast Tree . . . . . . . . . . . . . . . . . . . . . . . . . . . . .472

PIM DM versions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .472

Configuring PIM DM. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .473

Failover time in a multi-path topology . . . . . . . . . . . . . . . . . . . 477

Modifying the TTL. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .477

PIM Sparse . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .478

PIM Sparse switch types . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .478

RP paths and SPT paths . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .479

Configuring PIM Sparse. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .479

Displaying PIM Sparse configuration information

and statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .489

Passive multicast route insertion. . . . . . . . . . . . . . . . . . . . . . . . . . .501

Multicast Source Discovery Protocol (MSDP) . . . . . . . . . . . . . . . . .501

Peer Reverse Path Forwarding (RPF) flooding . . . . . . . . . . . . .503

Source active caching . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .503

Configuring MSDP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .504

Designating an interface IP address as

the RP IP address . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .505

Filtering MSDP source-group pairs . . . . . . . . . . . . . . . . . . . . . .506

MSDP mesh groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .509

Displaying MSDP information . . . . . . . . . . . . . . . . . . . . . . . . . .515

Clearing MSDP information. . . . . . . . . . . . . . . . . . . . . . . . . . . .519

Using ACLs to control multicast features. . . . . . . . . . . . . . . . . . . . .520

Using ACLs to limit static RP groups. . . . . . . . . . . . . . . . . . . . .520

Using ACLs to limit PIM RP candidate advertisement . . . . . . .522

Configuring a static multicast route. . . . . . . . . . . . . . . . . . . . . . . . .523

Tracing a multicast route . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .525

Displaying the multicast configuration for another multicast router526

IGMP V3 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .527

Default IGMP version. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .528

Compatibility with IGMP V1 and V2 . . . . . . . . . . . . . . . . . . . . .528

Globally enabling the IGMP version . . . . . . . . . . . . . . . . . . . . .528

Enabling the IGMP version per interface setting. . . . . . . . . . .528

Enabling the IGMP version on a physical port within

a virtual routing interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . .529

Enabling membership tracking and fast leave . . . . . . . . . . . .529

Setting the query interval . . . . . . . . . . . . . . . . . . . . . . . . . . . . .530

Setting the group membership time. . . . . . . . . . . . . . . . . . . . .530

Setting the maximum response time . . . . . . . . . . . . . . . . . . . .530

IGMP V3 and source specific multicast protocols . . . . . . . . . .531

Displaying IGMP V3 information on Layer 3 Switches. . . . . . .531

Clearing IGMP statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .535

xvi PowerConnect B-Series TI24X Configuration Guide

53-1002269-02

IGMP Proxy. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .535

Configuration notes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .535

Configuring IGMP Proxy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .536

Displaying IGMP Proxy traffic . . . . . . . . . . . . . . . . . . . . . . . . . .536

Chapter 20 Configuring LLDP

Terms used in this chapter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .537

LLDP overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .538

Benefits of LLDP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .538

General operating principles . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .539

Operating modes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .539

LLDP packets . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .540

TLV support. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .540

MIB support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .543

Syslog messages. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .543

Configuring LLDP. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .544

Configuration notes and considerations . . . . . . . . . . . . . . . . .544

Enabling and disabling LLDP. . . . . . . . . . . . . . . . . . . . . . . . . . .545

Changing a port LLDP operating mode . . . . . . . . . . . . . . . . . .545

Specifying the maximum number of LLDP neighbors. . . . . . .546

Enabling LLDP SNMP notifications and syslog messages . . .547 Changing the minimum time between LLDP transmissions. .548 Changing the interval between regular LLDP transmissions .548

Changing the holdtime multiplier for transmit TTL . . . . . . . . .549

Changing the minimum time between port reinitializations. .549

LLDP TLVs advertised by the device . . . . . . . . . . . . . . . . . . . . .549

Displaying LLDP statistics and configuration settings. . . . . . .555

LLDP configuration summary . . . . . . . . . . . . . . . . . . . . . . . . . .555

LLDP statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .556

LLDP neighbors . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .557

LLDP neighbors detail . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .558

LLDP configuration details . . . . . . . . . . . . . . . . . . . . . . . . . . . .560

Resetting LLDP statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .561

Clearing cached LLDP neighbor information. . . . . . . . . . . . . . . . . .561

Chapter 21 Configuring IP

Basic configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .563

Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .563

IP interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .564

IP packet flow through a Layer 3 Switch. . . . . . . . . . . . . . . . . .564

IP route exchange protocols . . . . . . . . . . . . . . . . . . . . . . . . . . .569

IP multicast protocols . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .569

IP interface redundancy protocols . . . . . . . . . . . . . . . . . . . . . .570

Access Control Lists and IP access policies. . . . . . . . . . . . . . .570

PowerConnect B-Series TI24X Configuration Guide xvii 53-1002269-02

Basic IP parameters and defaults – Layer 3 Switches. . . . . . . . . .570

When parameter changes take effect . . . . . . . . . . . . . . . . . . . 571

IP global parameters – Layer 3 Switches. . . . . . . . . . . . . . . . . 571

IP interface parameters – Layer 3 Switches . . . . . . . . . . . . . .575

Basic IP parameters and defaults – Layer 2 Switches. . . . . . . . . . 576

IP global parameters – Layer 2 Switches. . . . . . . . . . . . . . . . .576

Interface IP parameters – Layer 2 Switches . . . . . . . . . . . . . .578

Configuring IP parameters – Layer 3 Switches . . . . . . . . . . . . . . . .578

Configuring IP addresses. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .579

Configuring packet parameters . . . . . . . . . . . . . . . . . . . . . . . .581

Changing the router ID. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .584

Specifying a single source interface for Telnet,

TACACS/TACACS+, or RADIUS Packets . . . . . . . . . . . . . . . . . . .585

Configuring ARP parameters. . . . . . . . . . . . . . . . . . . . . . . . . . .587

Configuring forwarding parameters . . . . . . . . . . . . . . . . . . . . .592

Disabling ICMP messages . . . . . . . . . . . . . . . . . . . . . . . . . . . . .594

Configuring static routes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .596

Configuring a default network route . . . . . . . . . . . . . . . . . . . . .604

Configuring IP load sharing . . . . . . . . . . . . . . . . . . . . . . . . . . . .605

Configuring IRDP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .608

Configuring RARP. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .610

Configuring UDP broadcast and IP helper parameters . . . . . .612

Configuring BootP/DHCP relay parameters . . . . . . . . . . . . . . .615

Configuring IP parameters – Layer 2 Switches . . . . . . . . . . . . . . . . 616

Configuring the management IP address and specifying

the default gateway . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .616

Configuring Domain Name Server (DNS) resolver. . . . . . . . . . 617

Changing the TTL threshold . . . . . . . . . . . . . . . . . . . . . . . . . . .619

Configuring DHCP Assist . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .619

Displaying IP configuration information and statistics . . . . . . . . . .623

Changing the network mask display to prefix format . . . . . . .623

Displaying IP information – Layer 3 Switches . . . . . . . . . . . . .623

Displaying IP information – Layer 2 Switches . . . . . . . . . . . . .637

Chapter 22 Configuring RIP

RIP overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .643

ICMP host unreachable message for undeliverable ARPs . . .643

RIP parameters and defaults . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .643

RIP global parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .644

RIP interface parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . .644

xviii PowerConnect B-Series TI24X Configuration Guide

53-1002269-02

Configuring RIP parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .645

Enabling RIP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .645

Configuring metric parameters . . . . . . . . . . . . . . . . . . . . . . . . .646

Changing the administrative distance. . . . . . . . . . . . . . . . . . .647

Configuring redistribution . . . . . . . . . . . . . . . . . . . . . . . . . . . . .647

Configuring route learning and advertising parameters . . . . .650

Changing the route loop prevention method . . . . . . . . . . . . . .651

Suppressing RIP route advertisement on a VRRP

or VRRPE backup interface . . . . . . . . . . . . . . . . . . . . . . . . . . . .652

Configuring RIP route filters . . . . . . . . . . . . . . . . . . . . . . . . . . .652

Displaying RIP filters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .653

Displaying CPU utilization statistics . . . . . . . . . . . . . . . . . . . . . . . . .654

Chapter 23 Configuring OSPF Version 2 (IPv4)

Overview of OSPF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .657

OSPF point-to-point Links . . . . . . . . . . . . . . . . . . . . . . . . . . . . .658

Designated routers in multi-access networks . . . . . . . . . . . . .659

Designated router election in multi-access networks . . . . . . .659

OSPF RFC 1583 and 2178 compliance . . . . . . . . . . . . . . . . . .660

Reduction of equivalent AS External LSAs . . . . . . . . . . . . . . . .661

Support for OSPF RFC 2328 Appendix E . . . . . . . . . . . . . . . . .663

Dynamic OSPF activation and configuration . . . . . . . . . . . . . .664

PowerConnect B-Series TI24X Configuration Guide xix 53-1002269-02

Configuring OSPF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .665

Configuration rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .665

OSPF parameters. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .665

Enable OSPF on the router . . . . . . . . . . . . . . . . . . . . . . . . . . . .666

Assign OSPF areas . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .667

Assigning an area range (optional). . . . . . . . . . . . . . . . . . . . . .671

Assigning interfaces to an area . . . . . . . . . . . . . . . . . . . . . . . .671

Modify interface defaults . . . . . . . . . . . . . . . . . . . . . . . . . . . . .671

Change the timer for OSPF authentication changes. . . . . . . . 674

Block flooding of outbound LSAs on specific OSPF interfaces675

Assign virtual links . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .675

Modify virtual link parameters . . . . . . . . . . . . . . . . . . . . . . . . .677

Changing the reference bandwidth for the cost on

OSPF interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .678

Define redistribution filters . . . . . . . . . . . . . . . . . . . . . . . . . . . .680

Prevent specific OSPF routes from being installed in the

IP route table . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .682

Modify default metric for redistribution . . . . . . . . . . . . . . . . . .685

Enable route redistribution . . . . . . . . . . . . . . . . . . . . . . . . . . . .686

Disable or re-enable load sharing. . . . . . . . . . . . . . . . . . . . . . .687

Configure external route summarization . . . . . . . . . . . . . . . . .688

Configure default route origination. . . . . . . . . . . . . . . . . . . . . .690

Modify SPF timers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .691

Modify redistribution metric type . . . . . . . . . . . . . . . . . . . . . . .691

Modify administrative distance. . . . . . . . . . . . . . . . . . . . . . . . .692

Configure OSPF group Link State Advertisement

(LSA) pacing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .693

Modify OSPF traps generated . . . . . . . . . . . . . . . . . . . . . . . . . .693

Modify OSPF standard compliance setting . . . . . . . . . . . . . . .694

Modify exit overflow interval . . . . . . . . . . . . . . . . . . . . . . . . . . .694

Specifying the types of OSPF Syslog messages to log . . . . . .695

Clearing OSPF information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .695

Clearing OSPF neighbor information . . . . . . . . . . . . . . . . . . . .695

Clearing OSPF topology information . . . . . . . . . . . . . . . . . . . . .696

Clearing redistributed routes from the OSPF routing table. . .696

Clearing information for OSPF areas . . . . . . . . . . . . . . . . . . . .696

Displaying OSPF information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .697

Displaying general OSPF configuration information . . . . . . . .697

Displaying CPU utilization statistics . . . . . . . . . . . . . . . . . . . . .698

Displaying OSPF area information . . . . . . . . . . . . . . . . . . . . . .700

Displaying OSPF neighbor information. . . . . . . . . . . . . . . . . . .700

Displaying OSPF interface information. . . . . . . . . . . . . . . . . . .702

Displaying OSPF route information . . . . . . . . . . . . . . . . . . . . . .704

Displaying OSPF external link state information . . . . . . . . . . .706

Displaying OSPF link state information . . . . . . . . . . . . . . . . . .707

Displaying the data in an LSA . . . . . . . . . . . . . . . . . . . . . . . . . .707

Displaying OSPF virtual neighbor information . . . . . . . . . . . . .708

Displaying OSPF virtual link information . . . . . . . . . . . . . . . . .708

Displaying OSPF ABR and ASBR information. . . . . . . . . . . . . .708

Displaying OSPF trap status . . . . . . . . . . . . . . . . . . . . . . . . . . .709

xx PowerConnect B-Series TI24X Configuration Guide

53-1002269-02

Chapter 24 Configuring VRRP and VRRPE

Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .711

Overview of VRRP. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .711

Overview of VRRPE. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .716

Configuration note . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .719

Comparison of VRRP and VRRPE. . . . . . . . . . . . . . . . . . . . . . . . . . . 719

VRRP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 719

VRRPE. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .719

Architectural differences . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 719

VRRP and VRRPE parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . .720

Configuring basic VRRP parameters . . . . . . . . . . . . . . . . . . . . . . . .722

Configuring the Owner. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .723

Configuring a Backup. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .723

Configuration rules for VRRP. . . . . . . . . . . . . . . . . . . . . . . . . . .723

Configuring basic VRRPE parameters . . . . . . . . . . . . . . . . . . . . . . .723

Configuration rules for VRRPE . . . . . . . . . . . . . . . . . . . . . . . . .724

Note regarding disabling VRRP or VRRPE . . . . . . . . . . . . . . . . . . . .724

Configuring additional VRRP and VRRPE parameters . . . . . . . . . .724

Forcing a Master router to abdicate to a standby router . . . . . . . .731

Displaying VRRP and VRRPE information . . . . . . . . . . . . . . . . . . . .732

Displaying summary information . . . . . . . . . . . . . . . . . . . . . . .732

Displaying detailed information . . . . . . . . . . . . . . . . . . . . . . . .734

Displaying statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .739

Clearing VRRP or VRRPE statistics . . . . . . . . . . . . . . . . . . . . . .740

Displaying CPU utilization statistics . . . . . . . . . . . . . . . . . . . . . 740

Configuration examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .742

VRRP example . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .742

VRRPE example . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .743

Chapter 25 Configuring BGP4

Overview of BGP4 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .745

Relationship between the BGP4 route table and the IP route table 74 6

How BGP4 selects a path for a route . . . . . . . . . . . . . . . . . . . . 747

BGP4 message types. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 748

Basic configuration and activation for BGP4 . . . . . . . . . . . . . . . . .750

Note regarding disabling BGP4. . . . . . . . . . . . . . . . . . . . . . . . .751

BGP4 parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .751

When parameter changes take effect . . . . . . . . . . . . . . . . . . .752

Memory considerations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .754

Memory configuration options obsoleted by dynamic memory754

PowerConnect B-Series TI24X Configuration Guide xxi 53-1002269-02

Basic configuration tasks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .755

Enabling BGP4 on the router . . . . . . . . . . . . . . . . . . . . . . . . . .755

Changing the router ID. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .755

Setting the local AS number . . . . . . . . . . . . . . . . . . . . . . . . . . .756

Adding a loopback interface . . . . . . . . . . . . . . . . . . . . . . . . . . .756

Adding BGP4 neighbors. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .756

Adding a BGP4 peer group . . . . . . . . . . . . . . . . . . . . . . . . . . . .763

Optional configuration tasks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .767

Changing the Keep Alive Time and Hold Time . . . . . . . . . . . . .767

Changing the BGP4 next-hop update timer . . . . . . . . . . . . . . .768

Enabling fast external fallover. . . . . . . . . . . . . . . . . . . . . . . . . .768

Changing the maximum number of paths for

BGP4 load sharing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .769

Customizing BGP4 load sharing . . . . . . . . . . . . . . . . . . . . . . . .770

Specifying a list of networks to advertise. . . . . . . . . . . . . . . . . 771

Changing the default local preference . . . . . . . . . . . . . . . . . . .772

Using the IP default route as a valid next hop for

a BGP4 route . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .773

Advertising the default route. . . . . . . . . . . . . . . . . . . . . . . . . . .773

Changing the default MED (Metric) used for

route redistribution . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .773

Enabling next-hop recursion . . . . . . . . . . . . . . . . . . . . . . . . . . .774

Changing administrative distances . . . . . . . . . . . . . . . . . . . . .777

Requiring the first AS to be the neighbor AS . . . . . . . . . . . . . .778

Disabling or re-enabling comparison of the AS-Path length . .778

Enabling or disabling comparison of the router IDs . . . . . . . .779

Configuring the Layer 3 Switch to always compare

Multi-Exit Discriminators (MEDs) . . . . . . . . . . . . . . . . . . . . . . .779

Treating missing MEDs as the worst MEDs . . . . . . . . . . . . . . .780

Configuring route reflection parameters . . . . . . . . . . . . . . . . .780

Aggregating routes advertised to BGP4 neighbors . . . . . . . . .784

Modifying redistribution parameters . . . . . . . . . . . . . . . . . . . . . . . .785

Redistributing connected routes. . . . . . . . . . . . . . . . . . . . . . . .785

Redistributing RIP routes. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .786

Redistributing OSPF external routes. . . . . . . . . . . . . . . . . . . . .786

Redistributing static routes. . . . . . . . . . . . . . . . . . . . . . . . . . . .787

Disabling or re-enabling re-advertisement of all learned

BGP4 routes to all BGP4 neighbors . . . . . . . . . . . . . . . . . . . . .787

Redistributing IBGP routes into RIP and OSPF. . . . . . . . . . . . .788

Filtering . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .788

Filtering specific IP addresses . . . . . . . . . . . . . . . . . . . . . . . . .788

Filtering AS-paths. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .790

Filtering communities . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .793

Defining IP prefix lists . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .795

Defining neighbor distribute lists . . . . . . . . . . . . . . . . . . . . . . .796

Defining route maps . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .797

Using a table map to set the rag value. . . . . . . . . . . . . . . . . . .805

Configuring cooperative BGP4 route filtering. . . . . . . . . . . . . .806

xxii PowerConnect B-Series TI24X Configuration Guide

53-1002269-02

Configuring route flap dampening . . . . . . . . . . . . . . . . . . . . . . . . . .809

Globally configuring route flap dampening . . . . . . . . . . . . . . .810

Using a route map to configure route flap dampening

for specific routes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .810

Using a route map to configure route flap dampening for

a specific neighbor. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .811

Removing route dampening from a route. . . . . . . . . . . . . . . . .812

Removing route dampening from a neighbor routes

suppressed due to aggregation . . . . . . . . . . . . . . . . . . . . . . . .812

Displaying and clearing route flap dampening statistics . . . .814

Generating traps for BGP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .815

Displaying BGP4 information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .816

Displaying summary BGP4 information . . . . . . . . . . . . . . . . . . 816

Displaying the active BGP4 configuration . . . . . . . . . . . . . . . .818

Displaying CPU utilization statistics . . . . . . . . . . . . . . . . . . . . .819

Displaying summary neighbor information . . . . . . . . . . . . . . .820

Displaying BGP4 neighbor information. . . . . . . . . . . . . . . . . . .822

Displaying peer group information . . . . . . . . . . . . . . . . . . . . . .833

Displaying summary route information . . . . . . . . . . . . . . . . . .834

Displaying the BGP4 route table. . . . . . . . . . . . . . . . . . . . . . . .835

Displaying BGP4 route-attribute entries. . . . . . . . . . . . . . . . . .841

Displaying the routes BGP4 has placed in the

IP route table . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .842

Displaying route flap dampening statistics . . . . . . . . . . . . . . .843

Displaying the active route map configuration . . . . . . . . . . . .844

Updating route information and resetting a neighbor session . . .845

Using soft reconfiguration . . . . . . . . . . . . . . . . . . . . . . . . . . . . .845

Dynamically requesting a route refresh from

a BGP4 neighbor . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .848

Closing or resetting a neighbor session . . . . . . . . . . . . . . . . . .851

Clearing and resetting BGP4 routes in the IP route table . . . .851

Clearing traffic counters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .852

Clearing route flap dampening statistics. . . . . . . . . . . . . . . . . . . . .852

Removing route flap dampening . . . . . . . . . . . . . . . . . . . . . . . . . . .852

Clearing diagnostic buffers. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .853

Chapter 26 Securing Access to Management Functions

Securing access methods . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .855

PowerConnect B-Series TI24X Configuration Guide xxiii 53-1002269-02

Restricting remote access to management functions . . . . . . . . . .857

Using ACLs to restrict remote access . . . . . . . . . . . . . . . . . . . .857

Defining the console idle time . . . . . . . . . . . . . . . . . . . . . . . . .859

Restricting remote access to the device to specific IP addresses860 Restricting access to the device based on IP or

MAC address . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .861

Specifying the maximum number of login attempts

for Telnet access . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .861

Restricting remote access to the device to specific

VLAN IDs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .862

Designated VLAN for Telnet management sessions to a Layer 2

Switch . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .863

Device management security . . . . . . . . . . . . . . . . . . . . . . . . . .863

Disabling specific access methods. . . . . . . . . . . . . . . . . . . . . .864

Setting passwords. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .865

Setting a Telnet password . . . . . . . . . . . . . . . . . . . . . . . . . . . . .866

Setting passwords for management privilege levels. . . . . . . .866

Recovering from a lost password . . . . . . . . . . . . . . . . . . . . . . .868

Displaying the SNMP community string . . . . . . . . . . . . . . . . . .869

Disabling password encryption . . . . . . . . . . . . . . . . . . . . . . . . .869

Specifying a minimum password length. . . . . . . . . . . . . . . . . .869

Setting up local user accounts. . . . . . . . . . . . . . . . . . . . . . . . . . . . .870

Enhancements to username and password . . . . . . . . . . . . . .870

Configuring a local user account . . . . . . . . . . . . . . . . . . . . . . . 874

Create password option. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .876

Changing a local user password . . . . . . . . . . . . . . . . . . . . . . . .876

Configuring TACACS/TACACS+ security . . . . . . . . . . . . . . . . . . . . . .877

How TACACS+ differs from TACACS. . . . . . . . . . . . . . . . . . . . . .877

TACACS/TACACS+ authentication, authorization,

and accounting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 877

TACACS authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .878

TACACS/TACACS+ configuration considerations . . . . . . . . . . .881

Enabling TACACS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .881

Identifying the TACACS/TACACS+ servers. . . . . . . . . . . . . . . . .882

Specifying different servers for individual AAA functions . . . .883

Setting optional TACACS/TACACS+ parameters . . . . . . . . . . . .883

Configuring authentication-method lists for TACACS/TACACS+884

Configuring TACACS+ authorization . . . . . . . . . . . . . . . . . . . . .886

Configuring TACACS+ accounting . . . . . . . . . . . . . . . . . . . . . . .889

Configuring an interface as the source for all

TACACS/TACACS+ packets. . . . . . . . . . . . . . . . . . . . . . . . . . . . .891

Displaying TACACS/TACACS+ statistics and

configuration information . . . . . . . . . . . . . . . . . . . . . . . . . . . . .891

xxiv PowerConnect B-Series TI24X Configuration Guide

53-1002269-02

Configuring RADIUS security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .892

RADIUS authentication, authorization, and accounting . . . . .893

RADIUS configuration considerations. . . . . . . . . . . . . . . . . . . .896

RADIUS configuration procedure . . . . . . . . . . . . . . . . . . . . . . .896

Configuring Dell-specific attributes on the RADIUS server . . .896

Enabling SNMP to configure RADIUS . . . . . . . . . . . . . . . . . . . .897

Identifying the RADIUS server to the device. . . . . . . . . . . . . . .898

Specifying different servers for individual AAA functions . . . .898

Configuring a RADIUS server per port . . . . . . . . . . . . . . . . . . .898

Mapping a RADIUS server to individual ports . . . . . . . . . . . . .899

Setting RADIUS parameters . . . . . . . . . . . . . . . . . . . . . . . . . . .900

Configuring authentication-method lists for RADIUS. . . . . . . .901

Configuring RADIUS authorization . . . . . . . . . . . . . . . . . . . . . .903

Configuring RADIUS accounting . . . . . . . . . . . . . . . . . . . . . . . .905

Configuring an interface as the source for all

RADIUS packets . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .906

Displaying RADIUS configuration information . . . . . . . . . . . . .906

Configuring authentication-method lists . . . . . . . . . . . . . . . . . . . . .907

Configuration considerations for authentication- method lists908

Examples of authentication-method lists. . . . . . . . . . . . . . . . .909

Chapter 27 Configuring SSH2 and SCP

SSH version 2 support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .911

Tested SSH2 clients. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .911

Supported features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .912

Unsupported features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .912

AES encryption for SSH2. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .912

Configuring SSH2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .913

Recreating SSH keys . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .914

Generating a host key pair . . . . . . . . . . . . . . . . . . . . . . . . . . . .914

Configuring DSA challenge-response authentication . . . . . . .915

Setting optional parameters. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .917

Setting the number of SSH authentication retries . . . . . . . . .918

Deactivating user authentication . . . . . . . . . . . . . . . . . . . . . . .918

Enabling empty password logins. . . . . . . . . . . . . . . . . . . . . . . .918

Setting the SSH port number . . . . . . . . . . . . . . . . . . . . . . . . . .919

Setting the SSH login timeout value. . . . . . . . . . . . . . . . . . . . .919

Designating an interface as the source for all SSH

packets (Layer 3 code only). . . . . . . . . . . . . . . . . . . . . . . . . . . .919

Configuring the maximum idle time for SSH sessions . . . . . .920

Filtering SSH access using ACLs . . . . . . . . . . . . . . . . . . . . . . . . . . .920

Terminating an active SSH connection . . . . . . . . . . . . . . . . . . . . . .920

Displaying SSH connection information . . . . . . . . . . . . . . . . . . . . .920

Using Secure copy with SSH2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . .922

Enabling and disabling SCP . . . . . . . . . . . . . . . . . . . . . . . . . . .922

Example file transfers using SCP . . . . . . . . . . . . . . . . . . . . . . .922

PowerConnect B-Series TI24X Configuration Guide xxv 53-1002269-02

Chapter 28 Configuring 802.1X Port Security

IETF RFC support. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .925

How 802.1X port security works . . . . . . . . . . . . . . . . . . . . . . . . . . .925

Device roles in an 802.1X configuration . . . . . . . . . . . . . . . . .925

Communication between the devices . . . . . . . . . . . . . . . . . . .926

Controlled and uncontrolled ports . . . . . . . . . . . . . . . . . . . . . .928

Message exchange during authentication. . . . . . . . . . . . . . . .929

Authenticating multiple hosts connected to the same port . .931

802.1X port security and sFlow . . . . . . . . . . . . . . . . . . . . . . . .933

Configuring 802.1X port security. . . . . . . . . . . . . . . . . . . . . . . . . . .933

Configuring an authentication method list for 802.1X . . . . . .934

Setting RADIUS parameters . . . . . . . . . . . . . . . . . . . . . . . . . . .934

Configuring dynamic VLAN assignment for 802.1X ports . . . .938

Dynamically applying IP ACLs and MAC filters to

802.1X ports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .941

Enabling 802.1X port security. . . . . . . . . . . . . . . . . . . . . . . . . .945

Setting the port control . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .945

Configuring periodic re-authentication . . . . . . . . . . . . . . . . . . .946

Re-authenticating a port manually . . . . . . . . . . . . . . . . . . . . . .947

Setting the quiet period. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .947

Specifying the wait interval and number of EAP-request/ identity frame retransmissions from the

PowerConnect device . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .947

Specifying the wait interval and number of EAP-request/

identity frame retransmissions from the RADIUS server . . . .948

Specifying a timeout for retransmission of messages to the

authentication server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .949

Initializing 802.1X on a port . . . . . . . . . . . . . . . . . . . . . . . . . . .949

Allowing access to multiple hosts. . . . . . . . . . . . . . . . . . . . . . .949

Configuring VLAN access for non-EAP-capable clients . . . . . .952

Displaying 802.1X information. . . . . . . . . . . . . . . . . . . . . . . . . . . . .953

Displaying 802.1X configuration information . . . . . . . . . . . . .953

Displaying 802.1X statistics . . . . . . . . . . . . . . . . . . . . . . . . . . .955

Clearing 802.1X statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . .956

Displaying dynamically assigned VLAN information . . . . . . . .957

Displaying information about dynamically applied

MAC filters and IP ACLs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .958

Displaying 802.1X multiple-host authentication

information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .959

Sample 802.1X configurations. . . . . . . . . . . . . . . . . . . . . . . . . . . . .963

Point-to-point configuration. . . . . . . . . . . . . . . . . . . . . . . . . . . .963

Hub configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .964

802.1X Authentication with dynamic VLAN assignment . . . . .965

Using multi-device port authentication and 802.1X security

on the same port. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .966

Configuring Dell-specific attributes on the RADIUS server . . .967

Example configurations. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .968

xxvi PowerConnect B-Series TI24X Configuration Guide

53-1002269-02

Chapter 29 Using the MAC Port Security Feature

Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .973

Local and global resources . . . . . . . . . . . . . . . . . . . . . . . . . . . .973

Configuration notes and feature limitations . . . . . . . . . . . . . . 974

Configuring the MAC port security feature . . . . . . . . . . . . . . . . . . . 974

Enabling the MAC port security feature . . . . . . . . . . . . . . . . . . 974

Setting the maximum number of secure MAC addresses

for an interface. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .975

Setting the port security age timer . . . . . . . . . . . . . . . . . . . . . .975

Specifying secure MAC addresses . . . . . . . . . . . . . . . . . . . . . .975

Autosaving secure MAC addresses to the

startup-config file. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 976

Specifying the action taken when a security

violation occurs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 976

Clearing port security statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . .978

Clearing restricted MAC addresses. . . . . . . . . . . . . . . . . . . . . .978

Clearing violation statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . .978

Displaying port security information . . . . . . . . . . . . . . . . . . . . . . . .978

Displaying port security settings . . . . . . . . . . . . . . . . . . . . . . . .978

Displaying the secure MAC addresses . . . . . . . . . . . . . . . . . . .979

Displaying port security statistics . . . . . . . . . . . . . . . . . . . . . . .979

Displaying restricted MAC addresses on a port . . . . . . . . . . . .980

Chapter 30 Configuring Multi-Device Port Authentication

How multi-device port authentication works. . . . . . . . . . . . . . . . . .981

RADIUS authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .981

Authentication-failure actions . . . . . . . . . . . . . . . . . . . . . . . . . .982

Supported RADIUS attributes . . . . . . . . . . . . . . . . . . . . . . . . . .982

Support for dynamic VLAN assignment . . . . . . . . . . . . . . . . . .983

Support for dynamic ACLs . . . . . . . . . . . . . . . . . . . . . . . . . . . . .983

Support for authenticating multiple MAC addresses

on an interface. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .983

Using multi-device port authentication and

802.1X security on the same port . . . . . . . . . . . . . . . . . . . . . . . . . .983

Configuring Dell-specific attributes on the RADIUS server . . .984

PowerConnect B-Series TI24X Configuration Guide xxvii 53-1002269-02

Configuring multi-device port authentication . . . . . . . . . . . . . . . . .985

Enabling multi-device port authentication . . . . . . . . . . . . . . . .985

Specifying the format of the MAC addresses sent

to the RADIUS server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .986

Specifying the authentication-failure action . . . . . . . . . . . . . .986

Generating traps for multi-device port authentication . . . . . .987

Defining MAC address filters. . . . . . . . . . . . . . . . . . . . . . . . . . .987

Configuring dynamic VLAN assignment . . . . . . . . . . . . . . . . . .988

Dynamically applying IP ACLs to authenticated MAC

addresses. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .990

Enabling denial of service attack protection . . . . . . . . . . . . . .992

Clearing authenticated MAC addresses. . . . . . . . . . . . . . . . . .993

Disabling aging for authenticated MAC addresses . . . . . . . . .993

Changing the hardware aging period for blocked

MAC addresses . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .994

Specifying the aging time for blocked MAC addresses . . . . . .995

Specifying the RADIUS timeout action . . . . . . . . . . . . . . . . . . .995

Multi-device port authentication password override . . . . . . . .996

Limiting the number of authenticated MAC addresses. . . . . .997

Displaying multi-device port authentication information . . . . . . . .997

Displaying authenticated MAC address information . . . . . . . .997

Displaying multi-device port authentication configuration

information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .998

Displaying multi-device port authentication information

for a specific MAC address or port . . . . . . . . . . . . . . . . . . . . . .998

Displaying the authenticated MAC addresses . . . . . . . . . . . . .999

Displaying the non-authenticated MAC addresses . . . . . . . . .999

Displaying multi-device port authentication

information for a port. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1000

Displaying multi-device port authentication settings

and authenticated MAC addresses . . . . . . . . . . . . . . . . . . . .1001

Chapter 31 Protecting Against Denial of Service Attacks

Protecting against Smurf attacks. . . . . . . . . . . . . . . . . . . . . . . . . 1005

Avoiding being an intermediary in a Smurf attack. . . . . . . . 1005

Avoiding being a victim in a Smurf attack . . . . . . . . . . . . . . 1006

Protection against ICMP attacks in PowerConnect devices 1006

Protecting against TCP SYN attacks. . . . . . . . . . . . . . . . . . . . . . . .1007

Protection against TCP-SYN attacks in PowerConnect

devices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1007

TCP security enhancement . . . . . . . . . . . . . . . . . . . . . . . . . . 1008

Displaying statistics about packets dropped

because of DoS attacks . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1009

Displaying statistics about packets dropped because of

DoS attacks in PowerConnect devices . . . . . . . . . . . . . . . . .1010

Chapter 32 Securing SNMP Access

SNMP overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1011

xxviii PowerConnect B-Series TI24X Configuration Guide

53-1002269-02

Establishing SNMP community strings . . . . . . . . . . . . . . . . . . . . .1011

Encryption of SNMP community strings . . . . . . . . . . . . . . . . .1012

Adding an SNMP community string . . . . . . . . . . . . . . . . . . . .1012

Displaying the SNMP community strings . . . . . . . . . . . . . . . .1013

Configuring your NMS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1014

Configuring SNMP version 3 . . . . . . . . . . . . . . . . . . . . . . . . . .1015

Defining the engine id . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1015

Defining an SNMP group . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1016

Defining an SNMP user account. . . . . . . . . . . . . . . . . . . . . . .1017

Defining SNMP views . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1018

SNMP version 3 traps . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1019

Defining an SNMP group and specifying which

view is notified of traps . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1019

Trap MIB changes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1021

Specifying an IPv6 host as an SNMP trap receiver . . . . . . . .1021

Displaying SNMP Information. . . . . . . . . . . . . . . . . . . . . . . . . . . . 1022

Displaying the Engine ID . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1022

Displaying SNMP groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1022

Displaying user information. . . . . . . . . . . . . . . . . . . . . . . . . . 1022

Interpreting varbinds in report packets . . . . . . . . . . . . . . . . 1023

SNMP v3 Configuration examples . . . . . . . . . . . . . . . . . . . . . . . . 1023

Simple SNMP v3 configuration . . . . . . . . . . . . . . . . . . . . . . . 1023

More detailed SNMP v3 configuration . . . . . . . . . . . . . . . . . .1024

Chapter 33 Enabling the Foundry Discovery Protocol and Reading Cisco

Discovery Protocol Packets

Using FDP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1025

Configuring FDP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1025

Displaying FDP information. . . . . . . . . . . . . . . . . . . . . . . . . . 1026

Clearing FDP and CDP information. . . . . . . . . . . . . . . . . . . . 1029

Reading CDP packets . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1030

Enabling interception of CDP packets globally . . . . . . . . . . 1030

Enabling interception of CDP packets on an interface . . . . 1030

Displaying CDP information. . . . . . . . . . . . . . . . . . . . . . . . . . 1030

Clearing CDP information . . . . . . . . . . . . . . . . . . . . . . . . . . . 1032

Chapter 34 Using Syslog

Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1035

Displaying Syslog messages. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1036

Enabling real-time display of Syslog messages. . . . . . . . . . 1036

Enabling real-time display for a Telnet or SSH session. . . . 1036

Show log on all terminals . . . . . . . . . . . . . . . . . . . . . . . . . . . .1037

PowerConnect B-Series TI24X Configuration Guide xxix 53-1002269-02

Configuring the Syslog service . . . . . . . . . . . . . . . . . . . . . . . . . . . .1037

Displaying the Syslog configuration . . . . . . . . . . . . . . . . . . . .1037

Disabling or re-enabling Syslog. . . . . . . . . . . . . . . . . . . . . . . .1041

Specifying a Syslog server. . . . . . . . . . . . . . . . . . . . . . . . . . . .1041

Specifying an additional Syslog server. . . . . . . . . . . . . . . . . .1041

Disabling logging of a message level . . . . . . . . . . . . . . . . . . 1042

Changing the number of entries the local buffer can hold. 1042

Changing the log facility . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1042

Displaying Interface names in Syslog messages. . . . . . . . . 1043

Displaying TCP or UDP port numbers in Syslog messages . 1044

Clearing the Syslog messages from the local buffer . . . . . . 1044

Syslog messages. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1044

Appendix A Network Monitoring

Basic management. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1069

Viewing system information . . . . . . . . . . . . . . . . . . . . . . . . . 1069

Viewing configuration information . . . . . . . . . . . . . . . . . . . . 1069

Viewing port statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1070

Viewing STP statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1072

Clearing statistics. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1072

Traffic counters for outbound traffic. . . . . . . . . . . . . . . . . . . .1073

RMON support. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1076

Maximum number of entries allowed in the

RMON control table . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1076

Statistics (RMON group 1). . . . . . . . . . . . . . . . . . . . . . . . . . . .1076

History (RMON group 2). . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1078

Alarm (RMON group 3). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1079

Event (RMON group 9). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1079

sFlow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1079

sFlow support for IPv6 packets. . . . . . . . . . . . . . . . . . . . . . . 1080

Configuration considerations . . . . . . . . . . . . . . . . . . . . . . . . .1081

Configuring and enabling sFlow . . . . . . . . . . . . . . . . . . . . . . 1082

Displaying sFlow information . . . . . . . . . . . . . . . . . . . . . . . . .1087

Configuring a utilization list for an uplink port . . . . . . . . . . . . . . 1090

Command syntax . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1090

Displaying utilization percentages for an uplink . . . . . . . . . .1091

Appendix B Software Specifications

IEEE compliance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1093

RFC support. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1093

Internet drafts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1098

xxx PowerConnect B-Series TI24X Configuration Guide

53-1002269-02

About This Document

Introduction

This guide describes the following product families from Dell:

• PowerConnect B-Series TI24X Layer 2 switch

This guide includes procedures for configuring the software. The software procedures show how to perform tasks using the CLI. This guide also describes how to monitor Dell products using statistics and summary screens.

This guide applies to the PowerConnect B-Series TI24X models.

Audience

This document is designed for system administrators with a working knowledge of Layer 2 and Layer 3 switching and routing.

Document conventions

This section describes text formatting conventions and important notice formats used in this document.

Text formatting

The narrative-text formatting conventions that are used are as follows:

bold text Identifies command names

italic text Provides emphasis

code text Identifies CLI output

Identifies the names of user-manipulated GUI elements

Identifies keywords

Identifies text to enter at the GUI or CLI

Identifies variables

Identifies document titles

PowerConnect B-Series TI24X Configuration Guide xxxi 53-1002269-02

For readability, command names in the narrative portions of this guide are presented in bold:

NOTE

CAUTION

DANGER

for example, show version.

Command syntax conventions

Command syntax in this manual follows these conventions:

command and parameters

[ ] Optional parameter.

variable Variables are printed in italics enclosed in angled brackets < >.

... Repeat the previous element, for example “member[;member...]”

| Choose from one of the parameters.

Commands and parameters are printed in bold.

Notes, cautions, and danger notices

The following notices and statements are used in this manual. They are listed below in order of increasing severity of potential hazards.

A note provides a tip, guidance or advice, emphasizes important information, or provides a reference to related information.

A Caution statement alerts you to situations that can be potentially hazardous to you or cause damage to hardware, firmware, software, or data.

A Danger statement indicates conditions or situations that can be potentially lethal or extremely hazardous to you. Safety labels are also attached directly to products to warn of these conditions or situations.

Notice to the reader

This document may contain references to the trademarks of the following corporations. These trademarks are the properties of their respective companies and corporations.

Related publications

• PowerConnect B- Series TI24X Hardware Installation Guide

xxxii PowerConnect B-Series TI24X Configuration Guide

53-1002269-02

• PowerConnect B-MLXe MIB Reference

NOTE

For the latest edition of this document, which contains the most up-to-date information, refer to support.dell.com.

Getting technical help or reporting errors

Dell is committed to ensuring that your investment in our products remains cost-effective. If you need assistance or find errors in the manuals, contact Dell Technical Support. When contacting Dell Technical Support have the device configuration file and an output capture of show tech-support command available.

Contacting Dell

For customers in the United States, call 800-WWW.DELL (800.999.3355).

If you do not have an active Internet connection, you can find contact information on your purchase invoice, packing slip, bill, or Dell product catalog.

Dell provides several online and telephone-based support and service options. Availability varies by country and product, and some services may not be available in your area. To contact Dell for sales, technical support, or customer service issues:

1. Visit http://support.dell.com.

2. Click your country or region at the bottom of the page. For a full listing of countries and regions, click All.

3. In the Support menu, click All Support.

4. Choose the method of contacting Dell that is convenient for you.

PowerConnect B-Series TI24X Configuration Guide xxxiii 53-1002269-02

xxxiv PowerConnect B-Series TI24X Configuration Guide

53-1002269-02

Chapter

Getting Familiar with Management Applications

Using the management port

The management port is an out-of-band port that customers can use to manage their devices without interfering with the in-band ports. The management port is widely used to download images and configurations and for Telnet sessions.

The MAC address for the management port is derived from the base MAC address of the unit, plus the number of ports in the base module.

How the management port works

The following rules apply to management ports:

• Any packets that are specifically addressed to the management port MAC address or the

broadcast MAC address are forwarded accordingly. All other packets are filtered out.

• No packet received on a management port is sent to any in-band ports, and no packets

received on in-band ports are sent to a management port.

• A management port is not part of any VLAN

• Protocols are not supported on the management port.

• Creating a management VLAN disables the management port on the device.

• All features that can be configured from the global configuration mode can also be configured

from the interface level of the manamement port. Features that are configured through the management port take effect globally, not on the management port itself (on switches only).

For switches, any in-band port may be used for management purposes. A Router sends Layer 3 packets using the MAC address of the port as the source MAC address.

CLI Commands for use with the management port

The following CLI commands can be used with a management port.

To display the current configuration, use the show running-config interface management command.

Syntax: show running-config interface management num

PowerConnect(config-if-mgmt)#ip addr 10.44.9.64/24 PowerConnect(config)#show running-config interface management 1 interface management 1 ip address 10.44.9/64 255.255.255.0

To display the current configuration, use the show interfaces management command.

Syntax: show interfaces management num

PowerConnect B-Series TI24X Configuration Guide 1 53-1002269-02

Using the management port

PowerConnect(config)#show interfaces management 1 GigEthernetmgmt1 is up, line protocol is up Hardware is GigEthernet, address is 0000.9876.544a (bia 0000.9876.544a) Configured speed auto, actual 1Gbit, configured duplex fdx, actual fdx Configured mdi mode AUTO, actual none BPRU guard is disabled, ROOT protect is disabled Link Error Dampening is Disabled STP configured to OFF, priority is level0, mac-learning is enabled Flow Control is config disabled, oper enabled Mirror disabled, Monitor disabled Not member of any active trunks Not member of any configured trunks No port name IPG MII 0 bits-time, IPG GMII 0 bits-time IP MTU 1500 bytes 300 second input rate: 83728 bits/sec, 130 packets/sec, 0.01% utilization 300 second output rate: 24 bits/sec, 0 packets/sec, 0.00% utilization 39926 packets input, 3210077 bytes, 0 no buffer Received 4353 broadcasts, 32503 multicasts, 370 unicasts 0 input errors, 0 CRC, 0 frame, 0 ignored 0 runts, 0 giants 22 packets output, 1540 bytres, 0 underruns Transmitted 0 broadcasts, 6 multicasts, 16 unicasts 0 output errors, 0 collisions

To display the management interface information in brief form, enter the show interfaces brief management command.

Syntax: show interfaces brief management num

Port Link State Dupl Speed Trunk Tag Pvid Pri MAC Name mgmt1 Up None Full 100M None No 1 0 000d.5200.0118

To display management port statistics, enter the show statistics management command.

Syntax: show statistics management num

PowerConnect(config)# show statistics management 1 Port Link State Dupl Speed Trunk Tag Pvid Pri MAC Name mgmt1 Up None Full 100M None No 1 0 000d.5200.0118

Port mgmt1 Counters:

InOctets3210941OutOctets1540

InPkts39939OutPackets22 InBroadcastPkts4355OutbroadcastPkts0 InMultiastPkts35214OutMulticastPkts6 InUnicastPkts370OutUnicastPkts16 InBadPkts0 InFragments0 InDiscards0OutErrors0 CRC 0 Collisions0 InErrors0 LateCollisions0 InGiantPkts0 InShortPkts0 InJabber0 InFlowCtrlPkts0OutFlowCtrlPkts0 InBitsPerSec83728OutBitsPerSec24 InPktsPerSec130OutPktsPerSec0 InUtilization0.01%OutUtilization0.00%

2 PowerConnect B-Series TI24X Configuration Guide

53-1002269-02

To display the management interface statistics in brief form, enter the show statistics brief

NOTE

management command.

Syntax: show statistics brief management num

PowerConnect(config)#show statistics brief management 1 PortIn PacketsOut PacketsTrunkIn ErrorsOut Errors mgmt139946220 0

Total39945220 0

Logging on through the CLI

Once an IP address is assigned to a Dell device running Layer 2 software or to an interface on a Dell device running Layer 3 software, you can access the CLI either through the direct serial connection to the device or through a local or remote Telnet session.

You can initiate a local Telnet or SNMP connection by attaching a cable to a port and specifying the assigned management station IP address.

The commands in the CLI are organized into the following levels:

• User EXEC – Lets you display information and perform basic tasks such as pings and

traceroutes.

• Privileged EXEC – Lets you use the same commands as those at the User EXEC level plus

configuration commands that do not require saving the changes to the system-config file.

• CONFIG – Lets you make configuration changes to the device. To save the changes across

reboots, you need to save them to the system-config file. The CONFIG level contains sub-levels

for individual ports, for VLANs, for routing protocols, and other configuration areas.

Logging on through the CLI

By default, any user who can open a serial or Telnet connection to the Dell device can access all these CLI levels. To secure access, you can configure Enable passwords or local user accounts, or you can configure the device to use a RADIUS or TACACS/TACACS+ server for authentication. Refer to Chapter 26, “Securing Access to Management Functions”.

On-line help

To display a list of available commands or command options, enter “?” or press Tab. If you have not entered part of a command at the command prompt, all the commands supported at the current CLI level are listed. If you enter part of a command, then enter “?” or press Tab, the CLI lists the options you can enter at this point in the command string.

If you enter an invalid command followed by ?, a message appears indicating the command was unrecognized. An example is given below.

PowerConnect(config)#rooter ip Unrecognized command

PowerConnect B-Series TI24X Configuration Guide 3 53-1002269-02

Logging on through the CLI

Command completion

The CLI supports command completion, so you do not need to enter the entire name of a command or option. As long as you enter enough characters of the command or option name to avoid ambiguity with other commands or options, the CLI understands what you are typing.

Scroll control

By default, the CLI uses a page mode to paginate displays that are longer than the number of rows in your terminal emulation window. For example, if you display a list of all the commands at the global CONFIG level but your terminal emulation window does not have enough rows to display them all at once, the page mode stops the display and lists your choices for continuing the display. An example is given below.

aaa all-client appletalk arp boot some lines omitted for brevity...

ipx lock-address logging mac

--More--, next page: Space, next line: Return key, quit: Control-c

The software provides the following scrolling options:

• Press the Space bar to display the next page (one screen at a time).

• Press the Return or Enter key to display the next line (one line at a time).

• Press Ctrl+C or Ctrl+Q to cancel the display.

Line editing commands

The CLI supports the following line editing commands. To enter a line-editing command, use the CTRL+key combination for the command by pressing and holding the CTRL key, then pressing the letter associated with the command.

TABLE 1 CLI line editing commands

Ctrl+Key combination Description

Ctrl+A Moves to the first character on the command line.

Ctrl+B Moves the cursor back one character.

Ctrl+C Escapes and terminates command prompts and ongoing tasks (such as

lengthy displays), and displays a fresh command prompt.

Ctrl+D Deletes the character at the cursor.

Ctrl+E Moves to the end of the current command line.

Ctrl+F Moves the cursor forward one character.

Ctrl+K Deletes all characters from the cursor to the end of the command line.

4 PowerConnect B-Series TI24X Configuration Guide

53-1002269-02

Using and port number with CLI commands

TABLE 1 CLI line editing commands (Continued)

Ctrl+Key combination Description

Ctrl+L; Ctrl+R Repeats the current command line on a new line.

Ctrl+N Enters the next command line in the history buffer.

Ctrl+P Enters the previous command line in the history buffer.

Ctrl+U; Ctrl+X Deletes all characters from the cursor to the beginning of the command line.

Ctrl+W Deletes the last word you typed.

Ctrl+Z Moves from any CONFIG level of the CLI to the Privileged EXEC level; at the

Privileged EXEC level, moves to the User EXEC level.

Using and port number with CLI commands

Many CLI commands require users to enter port numbers as part of the command syntax, and many show command outputs display port numbers. The port numbers are entered and displayed in one of the following formats.

CLI nomenclature on PowerConnectdevices

ThePowerConnectdevices use port numbers only. When you enter CLI commands that require port numbers as part of the syntax, just specify the port number.

Here are some examples. The following commands change the CLI from the global CONFIG level to the configuration level for the first port on the device:

• PowerConnectcommands

PowerConnect(config)#interface e1

PowerConnect(config-if-e10000-1)#

Searching and filtering output from CLI commands

You can filter CLI output from show commands and at the --More-- prompt. You can search for individual characters, strings, or construct complex regular expressions to filter the output.

Searching and filtering output from Show commands

You can filter output from show commands to display lines containing a specified string, lines that do not contain a specified string, or output starting with a line containing a specified string. The search string is a regular expression consisting of a single character or string of characters. You can use special characters to construct complex regular expressions. Refer to “Using special

characters in regular expressions” on page 7 for information on special characters used with

regular expressions.

Using include to display lines containing a specified string The include modifier filters the output of the show interface command for port 11 so it displays only

lines containing the word “Internet”. This command can be used to display the IP address of the interface.

PowerConnect B-Series TI24X Configuration Guide 5 53-1002269-02

Using and port number with CLI commands

NOTE

PowerConnect#show interface e 11 | include Internet Internet address is 192.168.1.11/24, MTU 1518 bytes, encapsulation ethernet

Syntax: show-command | include regular-expression

The vertical bar ( | ) is part of the command.

The regular expression specified as the search string is case sensitive. In the example above, a search string of “Internet” would match the line containing the IP address, but a search string of “internet” would not.

Using exclude to display lines that do not contain a specified string The exclude modifier filters the output of the show who command so it displays only lines that do

not contain the word “closed”. This command can be used to display open connections to the device

PowerConnect#show who | exclude closed Console connections: established you are connecting to this session 2 seconds in idle Telnet connections (inbound): 1 established, client ip address 192.168.9.37 27 seconds in idle Telnet connection (outbound): SSH connections:

Syntax: show-command | exclude regular-expression

Using begin to display lines starting with a specified string The begin modifier filters the output of the show who command so it displays output starting with

the first line that contains the word “SSH”. This command can be used to display information about SSH connections to the device.

PowerConnect#show who | begin SSH SSH connections: 1 established, client ip address 192.168.9.210 7 seconds in idle 2 closed 3 closed 4 closed 5 closed

Syntax: show-command | begin regular-expression

Searching and filtering output at the --More-- prompt

The --More-- prompt displays when output extends beyond a single page. From this prompt, you can press the Space bar to display the next page, the Return or Enter key to display the next line, or Ctrl+C or Q to cancel the display. In addition, you can search and filter output from this prompt.

At the --More-- prompt, you can press the forward slash key ( / ) and then enter a search string. The device displays output starting from the first line that contains the search string, similar to the begin modifier for show commands. An example is given below.

6 PowerConnect B-Series TI24X Configuration Guide

53-1002269-02

Using and port number with CLI commands

--More--, next page: Space, next line: Return key, quit: Control-c /telnet

The results of the search are displayed.

searching... telnet Telnet by name or IP address temperature temperature sensor commands terminal display syslog traceroute TraceRoute to IP node undebug Disable debugging functions (see also 'debug') undelete Undelete flash card files whois WHOIS lookup write Write running configuration to flash or terminal

To display lines containing only a specified search string (similar to the include modifier for show commands) press the plus sign key ( + ) at the --More-- prompt and then enter the search string.

--More--, next page: Space, next line: Return key, quit: Control-c +telnet

The filtered results are displayed.

filtering... telnet Telnet by name or IP address

To display lines that do not contain a specified search string (similar to the exclude modifier for show commands) press the minus sign key ( - ) at the --More-- prompt and then enter the search string.

--More--, next page: Space, next line: Return key, quit: Control-c

-telnet

The filtered results are displayed.

filtering... temperature temperature sensor commands terminal display syslog traceroute TraceRoute to IP node undebug Disable debugging functions (see also 'debug') undelete Undelete flash card files whois WHOIS lookup write Write running configuration to flash or terminal

As with the modifiers for filtering output from show commands, the search string is a regular expression consisting of a single character or string of characters. You can use special characters to construct complex regular expressions. See the next section for information on special characters used with regular expressions.

Using special characters in regular expressions

You use a regular expression to specify a single character or multiple characters as a search string. In addition, you can include special characters that influence the way the software matches the output against the search string. These special characters are listed in the following table.

PowerConnect B-Series TI24X Configuration Guide 7 53-1002269-02

Using and port number with CLI commands

TABLE 2 Special characters for regular expressions

Character Operation

. The period matches on any single character, including a blank space.

For example, the following regular expression matches “aaz”, “abz”, “acz”, and so on, but not just “az”:

a.z

* The asterisk matches on zero or more sequential instances of a pattern.

For example, the following regular expression matches output that contains the string “abc”, followed by zero or more Xs:

abcX*

+ The plus sign matches on one or more sequential instances of a pattern.

For example, the following regular expression matches output that contains "de", followed by a sequence of “g”s, such as “deg”, “degg”, “deggg”, and so on:

deg+

? The question mark matches on zero occurrences or one occurrence of a pattern.

For example, the following regular expression matches output that contains "dg" or "deg": de?g

NOTE: Normally when you type a question mark, the CLI lists the commands or options at that CLI

^ A caret (when not used within brackets) matches on the beginning of an input string.

For example, the following regular expression matches output that begins with “deg”: ^deg

$ A dollar sign matches on the end of an input string.

For example, the following regular expression matches output that ends with “deg”: deg$

_ An underscore matches on one or more of the following:

• , (comma)

• { (left curly brace)

• } (right curly brace)

• ( (left parenthesis)

• ) (right parenthesis)

• The beginning of the input string

• The end of the input string

• A blank space

For example, the following regular expression matches on “100” but not on “1002”, “2100”, and so on.

_100_

[ ] Square brackets enclose a range of single-character patterns.

For example, the following regular expression matches output that contains “1”, “2”, “3”, “4”, or “5”:

[1-5] You can use the following expression symbols within the brackets. These symbols are allowed

only inside the brackets.

• ^ – The caret matches on any characters except the ones in the brackets. For example, the

level that begin with the character or string you entered. However, if you enter Ctrl+V and then type a question mark, the question mark is inserted into the command line, allowing you to use it as part of a regular expression.

following regular expression matches output that does not contain “1”, “2”, “3”, “4”, or “5”:

[^1-5]

• - The hyphen separates the beginning and ending of a range of characters. A match occurs if

any of the characters within the range is present. See the example above.

8 PowerConnect B-Series TI24X Configuration Guide

53-1002269-02

Using and port number with CLI commands

TABLE 2 Special characters for regular expressions (Continued)

Character Operation

| A vertical bar separates two alternative values or sets of values. The output can match one or the

other value. For example, the following regular expression matches output that contains either “abc” or “defg”: abc|defg

( ) Parentheses allow you to create complex expressions.

For example, the following complex expression matches on “abc”, “abcabc”, or “defg”, but not on “abcdefgdefg”: ((abc)+)|((defg)?)

If you want to filter for a special character instead of using the special character as described in the table above, enter “\” (backslash) in front of the character. For example, to filter on output containing an asterisk, enter the asterisk portion of the regular expression as “\*”.

PowerConnect#show ip route bgp | include \*

Creating an alias for a CLI command

You can crea te aliases for CLI commands. An alias serves as a shorthand version of a longer CLI command. For example, you can create an alias called shoro for the CLI command show ip route. Then when you enter shoro at the command prompt, the show ip route command is executed.

To create an alias called shoro for show ip route, enter the following command.

PowerConnect(config)#alias shoro = show ip route

Syntax: [no] alias alias-name = cli-command

The <alias-name> must be a single word, without spaces.

After the alias is configured, entering shoro at either the Privileged EXEC or CONFIG levels of the CLI executes the show ip route command.

To create an alias called wrsbc for copy running-config tftp 10.10.10.10 test.cfg, enter the following command.

PowerConnect(config)#alias wrsbc = copy running-config tftp 10.10.10.10 test.cfg

To re m ove the wrsbc alias from the configuration, enter one of the following commands.

PowerConnect(config)#no alias wrsbc

PowerConnect(config)#unalias wrsbc

Syntax: unalias alias-name

The specified alias-name must be the name of an alias already configured on the device.

To display the aliases currently configured on the device, enter the following command at either the Privileged EXEC or CONFIG levels of the CLI.

PowerConnect#alias wrsbc copy running-config tftp 10.10.10.10 test.cfg shoro show ip route

Syntax: alias

PowerConnect B-Series TI24X Configuration Guide 9 53-1002269-02

Logging on through Brocade Network Advisor

Configuration notes

The following configuration notes apply to this feature:

• You cannot include additional parameters with the alias at the command prompt. For example,

after you create the shoro alias, shoro bgp would not be a valid command.

• If configured on the device, authentication, authorization, and accounting is performed on the

actual command, not on the alias for the command.

• To save an alias definition to the startup-config file, use the write memory command.

Logging on through Brocade Network Advisor

Refer to the Brocade Network Advisor manuals for information about using Brocade Network Advisor.

10 PowerConnect B-Series TI24X Configuration Guide

53-1002269-02

Chapter

NOTE

Configuring Basic Software Features

Configuring basic system parameters

Dell devices are configured at the factory with default parameters that allow you to begin using the basic features of the system immediately. However, many of the advanced features such as VLANs or routing protocols for the device must first be enabled at the system (global) level before they can be configured. If you use the Command Line Interface (CLI) to configure system parameters, you can find these system level parameters at the Global CONFIG level of the CLI.

Before assigning or modifying any router parameters, you must assign the IP subnet (interface) addresses for each port.

For information about configuring IP addresses, DNS resolver, DHCP assist, and other IP-related parameters, refer to Chapter 21, “Configuring IP”.

For information about the Syslog buffer and messages, refer to Chapter 34, “Using Syslog”.

The procedures in this section describe how to configure the basic system parameters listed in

Tab le 3.

TABLE 3 Basic system parameters

Basic system parameter See page

System name, contact, and location page 12

SNMP trap receiver, trap source address, and other parameters page 12

Single source address for all Telnet packets page 17

Single source address for all TFTP packets page 18

Single source address for all Syslog packets page 18

Single source address for all SNTP packets page 18

System time using a Simple Network Time Protocol (SNTP) server or local system counter page 18

System clock page 19

Broadcast, multicast, or unknown-unicast limits, if required to support slower third-party devices

For information about the Syslog buffer and messages, refer to Chapter 34, “Using Syslog”.

page 21

PowerConnect B-Series TI24X Configuration Guide 11 53-1002269-02

Configuring basic system parameters

NOTE

Entering system administration information

You can configure a system name, contact, and location for a device and save the information locally in the configuration file for future reference. This information is not required for system operation but is suggested. When you configure a system name, the name replaces the default system name in the CLI command prompt.

The name, contact, and location each can be up to 32 alphanumeric characters.

Here is an example of how to configure a system name, system contact, and location.

PowerConnect(config)# hostname zappa zappa(config)#snmp-server contact Support Services zappa(config)#snmp-server location Centerville zappa(config)#end zappa# write memory

Syntax: hostname string

Syntax: snmp-server contact string

Syntax: snmp-server location string

The text strings can contain blanks. The SNMP text strings do not require quotation marks when they contain blanks but the host name does.

The chassis name command does not change the CLI prompt. Instead, the command assigns an administrative ID to the device.

Configuring Simple Network Management Protocol (SNMP) parameters

Use the procedures in this section to perform the following configuration tasks:

• Specify an SNMP trap receiver.

• Specify a source address and community string for all traps sent by the device.

• Change the holddown time for SNMP traps

• Disable individual SNMP traps. (All traps are enabled by default.)

• Disable traps for CLI access that is authenticated by a local user account, a RADIUS server, or

a TACACS/TACACS+ server.

To add and modify “get” (read-only) and “set” (read-write) community strings, refer to Chapter 26,

“Securing Access to Management Functions”.

Specifying an SNMP trap receiver

You can specify a trap receiver to ensure that all SNMP traps sent by the device go to the same SNMP trap receiver or set of receivers, typically one or more host devices on the network. When you specify the host, you also specify a community string. The device sends all the SNMP traps to the specified hosts and includes the specified community string. Administrators can therefore filter for traps from a device based on IP address or community string.

12 PowerConnect B-Series TI24X Configuration Guide

53-1002269-02

Configuring basic system parameters

When you add a trap receiver, the software automatically encrypts the community string you associate with the receiver when the string is displayed by the CLI. If you want the software to show the community string in the clear, you must explicitly specify this when you add a trap receiver. In either case, the software does not encrypt the string in the SNMP traps sent to the receiver.

To specify the host to which the device sends all SNMP traps, use one of the following methods.

To add a trap receiver and encrypt the display of the community string, enter commands such as the following.

To specify an SNMP trap receiver and change the UDP port that will be used to receive traps, enter a command such as the following.

PowerConnect(config)# snmp-server host 2.2.2.2 0 mypublic port 200 PowerConnect(config)# write memory

Syntax: snmp-server host ip-addr [0 | 1] string [port value]

The ip-addr parameter specifies the IP address of the trap receiver.

The 0 | 1 parameter specifies whether you want the software to encrypt the string (1) or show the string in the clear (0). The default is 0.

The string parameter specifies an SNMP community string configured on the device. The string can be a read-only string or a read-write string. The string is not used to authenticate access to the trap host but is instead a useful method for filtering traps on the host. For example, if you configure each of your devices that use the trap host to send a different community string, you can easily distinguish among the traps from different devices based on the community strings.

The command in the example above adds trap receiver 2.2.2.2 and configures the software to encrypt display of the community string. When you save the new community string to the startup-config file (using the write memory command), the software adds the following command to the file.

snmp-server host 2.2.2.2 1 <encrypted-string>

To add a trap receiver and configure the software to encrypt display of the community string in the CLI, enter commands such as the following.

device(config)# snmp-server host 2.2.2.2 0 device-12 device(config)# write memory

The port value parameter allows you to specify which UDP port will be used by the trap receiver. This parameter allows you to configure several trap receivers in a system. With this parameter, device and another network management application can coexist in the same system. devices can be configured to send copies of traps to more than one network management application.

Specifying a single trap source

You can specify a single trap source to ensure that all SNMP traps sent by the device use the same source IP address. When you configure the SNMP source address, you specify the Ethernet port, loopback interface, or virtual interface that is the source for the traps. The device then uses the lowest-numbered IP address configured on the port or interface as the source IP address in the SNMP traps sent by the device.

Identifying a single source IP address for SNMP traps provides the following benefits:

• If your trap receiver is configured to accept traps only from specific links or IP addresses, you

can use this feature to simplify configuration of the trap receiver by configuring the device to

always send the traps from the same link or source address.

PowerConnect B-Series TI24X Configuration Guide 13 53-1002269-02

Configuring basic system parameters

• If you specify a loopback interface as the single source for SNMP traps, SNMP trap receivers

can receive traps regardless of the states of individual links. Thus, if a link to the trap receiver

becomes unavailable but the receiver can be reached through another link, the receiver still

receives the trap, and the trap still has the source IP address of the loopback interface.

To specify a port, loopback interface, or virtual interface whose lowest-numbered IP address the device must use as the source for all SNMP traps sent by the device, use the following CLI method.

To configure the device to send all SNMP traps from the first configured IP address on port 4, enter the following commands.

PowerConnect(config)# snmp trap-source ethernet 4 PowerConnect(config)# write memory

Syntax: snmp-server trap-source loopback num | ethernet <portnum> | ve num

The num parameter is a loopback interface or virtual interface number.

To specify a loopback interface as the SNMP trap source for the device, enter commands such as the following.

PowerConnect(config)# int loopback 1 PowerConnect(config-lbif-1)# ip address 10.0.0.1/24 PowerConnect(config-lbif-1)# exit PowerConnect(config)# snmp-server trap-source loopback 1

The commands in this example configure loopback interface 1, assign IP address 10.00.1/24 to the loopback interface, then designate the interface as the SNMP trap source for this device. Regardless of the port the device uses to send traps to the receiver, the traps always arrive from the same source IP address.

Setting the SNMP trap holddown time

When a device starts up, the software waits for Layer 2 convergence (STP) and Layer 3 convergence (OSPF) before beginning to send SNMP traps to external SNMP servers. Until convergence occurs, the device might not be able to reach the servers, in which case the messages are lost.

By default, a device uses a one-minute holddown time to wait for the convergence to occur before starting to send SNMP traps. After the holddown time expires, the device sends the traps, including traps such as “cold start” or “warm start” that occur before the holddown time expires.

You can change the holddown time to a value from one second to ten minutes.

To change the holddown time for SNMP traps, enter a command such as the following at the global CONFIG level of the CLI.

PowerConnect(config)# snmp-server enable traps holddown-time 30

The command in this example changes the holddown time for SNMP traps to 30 seconds. The device waits 30 seconds to allow convergence in STP and OSPF before sending traps to the SNMP trap receiver.

Syntax: [no] snmp-server enable traps holddown-time secs

The secs parameter specifies the number of seconds and can be from 1 – 600 (ten minutes). The default is 60 seconds.

14 PowerConnect B-Series TI24X Configuration Guide

53-1002269-02

Configuring basic system parameters

NOTE

Disabling SNMP traps

PowerConnect devices come with SNMP trap generation enabled by default for all traps. You can selectively disable one or more of the following traps.

By default, all SNMP traps are enabled at system startup.

Layer 2 traps The following traps are generated on devices running Layer 2 software:

• SNMP authentication keys

• Power supply failure

• Fan failure

• Cold start

• Link up

• Link down

• Bridge new root

• Bridge topology change

• Locked address violation

Layer 3 traps The following traps are generated on devices running Layer 3 software:

• SNMP authentication key

• Power supply failure

• Fan failure

• Cold start

• Link up

• Link down

• Bridge new root

• Bridge topology change

• Locked address violation

• BGP4

• OSPF

• VRRP

• VRRPE

To stop link down occurrences from being reported, enter the following.

PowerConnect(config)# no snmp-server enable traps link-down

Syntax: [no] snmp-server enable traps trap-type

PowerConnect B-Series TI24X Configuration Guide 15 53-1002269-02

Configuring basic system parameters

NOTE

PowerConnect# show logging Syslog logging: enabled (0 messages dropped, 0 flushes, 0 overruns) Buffer logging: level ACDMEINW, 12 messages logged level code: A=alert C=critical D=debugging M=emergency E=error I=informational N=notification W=warning Static Log Buffer: Dec 15 19:04:14:A:Fan 1, fan on right connector, failed

Dynamic Log Buffer (50 entries): Oct 15 18:01:11:info:dg logout from USER EXEC mode Oct 15 17:59:22:info:dg logout from PRIVILEGE EXEC mode Oct 15 17:38:07:info:dg login to PRIVILEGE EXEC mode Oct 15 17:38:03:info:dg login to USER EXEC mode

Disabling Syslog messages and traps for CLI access

PowerConnect devices send Syslog messages and SNMP traps when a user logs into or out of the User EXEC or Privileged EXEC level of the CLI. The feature applies to users whose access is authenticated by an authentication-method list based on a local user account, RADIUS server, or TACACS/TACACS+ server.

The Privileged EXEC level is sometimes called the “Enable” level, because the command for accessing this level is enable.

The feature is enabled by default.

Examples of Syslog messages for CLI access When a user whose access is authenticated by a local user account, a RADIUS server, or a

TACACS/TACACS+ server logs into or out of the CLI User EXEC or Privileged EXEC mode, the software generates a Syslog message and trap containing the following information:

• The time stamp

• The user name

• Whether the user logged in or out

• The CLI level the user logged into or out of (User EXEC or Privileged EXEC level)

Messages for accessing the User EXEC level apply only to access through Telnet. The device does not authenticate initial access through serial connections but does authenticate serial access to the Privileged EXEC level. Messages for accessing the Privileged EXEC level apply to access through the serial connection or Telnet.

The following examples show login and logout messages for the User EXEC and Privileged EXEC levels of the CLI.

Syntax: show logging

The first message (the one on the bottom) indicates that user “dg” logged in to the CLI User EXEC level on October 15 at 5:38 PM and 3 seconds (Oct 15 17:38:03). The same user logged into the Privileged EXEC level four seconds later.

16 PowerConnect B-Series TI24X Configuration Guide

53-1002269-02

Configuring basic system parameters

The user remained in the Privileged EXEC mode until 5:59 PM and 22 seconds. (The user could have used the CONFIG modes as well. Once you access the Privileged EXEC level, no further authentication is required to access the CONFIG levels.) At 6:01 PM and 11 seconds, the user ended the CLI session.

Disabling the Syslog messages and traps Logging of CLI access is enabled by default. If you want to disable the logging, enter the following

commands.

PowerConnect(config)# no logging enable user-login PowerConnect(config)# write memory PowerConnect(config)# end PowerConnect#reload

Syntax: [no] logging enable user-login

Configuring an interface as the source for all Telnet packets

You can designate the lowest-numbered IP address configured on an interface as the source IP address for all Telnet packets from the device. Identifying a single source IP address for Telnet packets provides the following benefits:

• If your Telnet server is configured to accept packets only from specific links or IP addresses,

you can use this feature to simplify configuration of the Telnet server by configuring the device

to always send the Telnet packets from the same link or source address.

• If you specify a loopback interface as the single source for Telnet packets, Telnet servers can

receive the packets regardless of the states of individual links. Thus, if a link to the Telnet

server becomes unavailable but the client or server can be reached through another link, the

client or server still receives the packets, and the packets still have the source IP address of

the loopback interface.

The software contains separate CLI commands for specifying the source interface for Telnet, TACACS/TACACS+, and RADIUS packets. You can configure a source interface for one or more of these types of packets.

To specify an interface as the source for all Telnet packets from the device, use the following CLI method. The software uses the lowest-numbered IP address configured on the interface as the source IP address for Telnet packets originated by the device.

To specify the lowest-numbered IP address configured on a virtual interface as the device source for all Telnet packets, enter commands such as the following.

PowerConnect(config)# int loopback 2 PowerConnect(config-lbif-2)# ip address 10.0.0.2/24 PowerConnect(config-lbif-2)# exit PowerConnect(config)# ip telnet source-interface loopback 2

The commands in this example configure loopback interface 2, assign IP address 10.0.0.2/24 to the interface, then designate the interface as the source for all Telnet packets from the device.

Syntax: ip telnet source-interface ethernetportnum | loopback num | ve num

The following commands configure an IP interface on an Ethernet port and designate the address port as the source for all Telnet packets from the device.

PowerConnect B-Series TI24X Configuration Guide 17 53-1002269-02

Configuring basic system parameters

NOTE

PowerConnect# show sntp associations address ref clock st when poll delay disp ~207.95.6.102 0.0.0.0 16 202 4 0.0 5.45 ~207.95.6.101 0.0.0.0 16 202 0 0.0 0.0 * synced, ~ configured

PowerConnect(config)# interface ethernet 4 PowerConnect(config-if-e10000-4)# ip address 209.157.22.110/24 PowerConnect(config-if-e10000-4)# exit PowerConnect(config)# ip telnet source-interface ethernet 4

Cancelling an outbound Telnet session

If you want to cancel a Telnet session from the console to a remote Telnet server (for example, if the connection is frozen), you can terminate the Telnet session by doing the following.

1. At the console, press Ctrl+^ (Ctrl+Shift-6).

2. Press the X key to terminate the Telnet session.

Pressing Ctrl+^ twice in a row causes a single Ctrl+^ character to be sent to the Telnet server. After you press Ctrl+^, pressing any key other than X or Ctrl+^ returns you to the Telnet session.

Specifying a Simple Network Time Protocol (SNTP) server

You can configure the device to consult SNTP servers for the current time and date.

PowerConnect devices do not retain time and date information across power cycles. Unless you want to reconfigure the system time counter each time the system is reset, Dell recommends that you use the SNTP feature.

To identify an SNTP server with IP address 208.99.8.95 to act as the clock reference for a device, enter the following.

PowerConnect(config)# sntp server 208.99.8.95

Syntax: sntp server ip-addr | hostname [version]

The version parameter specifies the SNTP version the server is running and can be from 1 – 4. The default is 1. You can configure up to three SNTP servers by entering three separate sntp server commands.

By default, the device polls its SNTP server every 30 minutes (1800 seconds). To configure the device to poll for clock updates from a SNTP server every 15 minutes, enter the following.

PowerConnect(config)# sntp poll-interval 900

Syntax: [no] sntp poll-interval 1-65535

To display information about SNTP associations, enter the following command.

Syntax: show sntp associations

The following table describes the information displayed by the show sntp associations command.

18 PowerConnect B-Series TI24X Configuration Guide

53-1002269-02

Configuring basic system parameters

PowerConnect# show sntp status Clock is unsynchronized, stratum = 0, no reference clock precision is 2**0 reference time is 0 .0 clock offset is 0.0 msec, root delay is 0.0 msec root dispersion is 0.0 msec, peer dispersion is 0.0 msec

TABLE 4 Output from the show sntp associations command

This field... Displays...

(leading character) One or both of the following:

*Synchronized to this peer ~ Peer is statically configured

address IP address of the peer

ref clock IP address of the peer reference clock

st NTP stratum level of the peer

when Amount of time since the last NTP packet was received from the peer

poll Poll interval in seconds

delay Round trip delay in milliseconds

disp Dispersion in seconds

To display information about SNTP status, enter the following command.

Syntax: show sntp status

The following table describes the information displayed by the show sntp status command.

TABLE 5 Output from the show sntp status command

This field... Indicates...

unsynchronized System is not synchronized to an NTP peer.

synchronized System is synchronized to an NTP peer.

stratum NTP stratum level of this system

reference clock IP Address of the peer (if any) to which the unit is synchronized

precision Precision of this system's clock (in Hz)

reference time Reference time stamp

clock offset Offset of clock to synchronized peer

root delay Total delay along the path to the root clock

root dispersion Dispersion of the root path

peer dispersion Dispersion of the synchronized peer

Setting the system clock

In addition to SNTP support, switches and routers also allow you to set the system time counter. The time counter setting is not retained across power cycles and is not automatically synchronized with an SNTP server. The counter merely starts the system time and date clock with the time and date you specify.

PowerConnect B-Series TI24X Configuration Guide 19 53-1002269-02

Configuring basic system parameters

NOTE

You can synchronize the time counter with your SNTP server time by entering the sntp sync command from the Privileged EXEC level of the CLI.

Unless you identify an SNTP server for the system time and date, you will need to re-enter the time and date following each reboot.

For more details about SNTP, refer to “Specifying a Simple Network Time Protocol (SNTP) server” on page 18.

To set the system time and date to 10:15:05 on October 15, 2003, enter the following command.

PowerConnect# clock set 10:15:05 10-15-2003

Syntax: [no] clock set hh:mm:ss | mm-dd-yy | mm-dd-yyyy

By default, switches and routers do not change the system time for daylight saving time. To enable daylight saving time, enter the following command.

PowerConnect# clock summer-time

Syntax: clock summer-time

Although SNTP servers typically deliver the time and date in Greenwich Mean Time (GMT), you can configure the device to adjust the time for any one-hour offset from GMT or for one of the following U.S. time zones:

• US Pacific

• Alaska

• Aleutian

• Arizona

• Central

• East-Indiana

• Eastern

• Hawaii

• Michigan

• Mountain

• Pacific

• Samoa

To change the time zone to Australian East Coast time (which is normally 10 hours ahead of GMT), enter the following command.

PowerConnect(config)# clock timezone gmt+10

Syntax: clock timezone gmt | us time-zone

You can enter one of the following values for time-zone:

• US time zones (us): alaska, aleutian, arizona, central, east-indiana, eastern, hawaii, michigan,

mountain, pacific, samoa.

• GMT time zones (gmt): gmt+0:00 to gmt+12:00 in increments of 1, and gmt-0:00 to gmt-12:00

in decrements of 1 are supported.

20 PowerConnect B-Series TI24X Configuration Guide

53-1002269-02

Configuring basic system parameters

NOTE

New start and end dates for US daylight saving time

This feature applies to US time zones only.

Starting in 2007, the system will automatically change the system clock to Daylight Saving Time (DST), in compliance with the new federally mandated start of daylight saving time, which is extended one month beginning in 2007. The DST will start at 2:00am on the second Sunday in March and will end at 2:00am on the first Sunday in November.

The DST feature is automatic, but to trigger the device to the correct time, the device must be configured to the US time zone, not the GMT offset. To configure your device to use the US time zone, enter the following command.

PowerConnect(config)# clock timezone us pacific

Syntax: [no] clock timezone us timezone-type

Enter pacific, eastern, central, or mountain for timezone-type.

This command must be configured on every device that follows the US DST.

To verify the change, run a show clock command.

PowerConnect# show clock

Refer to October 19, 2006 - Daylight Saving Time 2007 Advisory, posted on service.Brocade.com for more information

Limiting broadcast, multicast, and unknown unicast traffic

PowerConnect devices can forward all flooded traffic at wire speed within a VLAN. However, some third-party networking devices cannot handle high rates of broadcast, multicast, or unknown-unicast traffic. If high rates of traffic are being received by the device on a given port of that VLAN, you can limit the number of broadcast, multicast, or unknown-unicast packets or bytes received each second on that port. This can help to control the number of such packets or bytes that are flooded on the VLAN to other devices.

Byte-based limiting for broadcast, multicast, and unknown unicast traffic provides the ability to rate limit traffic based on byte count instead of packet count. When the byte mode is enabled, packets will be received on a port as long as the number of bytes received per second is less than the corresponding limit. Once the limit is reached, further packets will be dropped.

PowerConnect devices do not support packet-based and byte-based limiting simultaneously on the same port. For example, if you configure packet-based limiting for broadcast traffic, you must also configure packet-based limiting for multicast and unknown unicast traffic. Likewise, if you configure byte-based limiting for broadcast traffic, you must also configure byte-based limiting for multicast and unknown unicast traffic.

Command syntax for packet-based limiting

To enable broadcast limiting on a group of ports by counting the number of packets received, enter commands such as the following.

PowerConnect(config)# interface ethernet 1 to 8 PowerConnect(config-mif-e10000-1-8)# broadcast limit 65536

PowerConnect B-Series TI24X Configuration Guide 21 53-1002269-02

Configuring basic system parameters

NOTE

These commands configure packet-based broadcast limiting on ports 1 – 8. On each port, the maximum number of broadcast packets per second cannot exceed 65,536 packets per second.

On PowerConnect devices, multicast limiting is independent of broadcast limiting. To enable multicast limiting on devices, enter commands such as the following.

PowerConnect(config)# interface ethernet 1 to 8 PowerConnect(config-mif-e10000-1-8)# multicast limit 65536

To enable unknown unicast limiting by counting the number of packets received, enter commands such as the following.

PowerConnect(config)# interface eth 1 PowerConnect(config-if-e10000-1)# unknown-unicast limit 65536 The combined number of inbound Unknown Unicast packets permitted for ports 1 to 12 is now set to 65536 PowerConnect((config-if-e10000-1)#

Syntax: [no] broadcast limit <num>

Syntax: [no] unknown-unicast limit <num>

Syntax: [no]

Syntax: [no] multicast limit <num>

The multicast limit <num> command applies to devices only.

The <num> variable specifies the maximum number of packets per second. Acceptable values differ depending on the device you are configuring:

• On PowerConnect devices, <num> can be any number between 1 and 8388607 (packets per

second). The actual value will be determined by the system. Once you enter the value, the CLI

will display a message indicating the actual value. The following shows an example

configuration.

PowerConnect(config)# interface ethernet 9

PowerConnectconfig-mif-e10000-9)# multicast limit 50

Multicast limit in pkts/sec set to 31

If you specify 0, limiting is disabled. Limiting is disabled by default.

Command syntax for byte-based limiting

PowerConnect devices limit traffic based on kilobits per second (kbps). To enable limiting, refer to the appropriate section, below.

PowerConnect devices To enable broadcast limiting on a group of ports by counting the number of kilobits received, enter

commands such as the following.

PowerConnect(config)# interface ethernet 9 to 10 PowerConnect(config-mif-e10000-9-10)# broadcast limit 131072 kbps Broadcast limit in kbits/sec set to 130000

These commands configure broadcast limiting on ports 9 and 10. On each port, the total number of kilobits received from broadcast packets cannot exceed 130,000 per second.

22 PowerConnect B-Series TI24X Configuration Guide

53-1002269-02

Configuring basic system parameters

PowerConnect# show run interface interface ethernet 4 broadcast limit 1245184 bytes multicast limit ! interface ethernet 5 broadcast limit 1245184 bytes multicast limit ! interface ethernet 12 unknown-unicast limit 524288 ! interface ethernet 13 unknown-unicast limit 65536 bytes ! interface ethernet 14 broadcast limit 65536 ! interface ethernet 23 broadcast limit 131072 multicast limit !

To enable multicast limiting, enter commands such as the following.

PowerConnect(config)# interface ethernet 8 PowerConnect(config-mif-e10000-1-8)# multicast limit 9000 kbps Multicast limit in kbits/sec set to 8064

To enable unknown unicast limiting, enter commands such as the following.

PowerConnect(config)# int e 13 PowerConnect(config-if-e10000-13)# unknown-unicast limit 65536 kbps Unknown unicast limit in kbits/sec set to 64000

Syntax: [no] broadcast limit num kbps

Syntax: [no] multicast limit num kbps

Syntax: [no] unknown-unicast limit num kbps

The num variable can be any number between 1 and 10000000. The actual value will be determined by the system. Once you enter the value, the CLI will display a message indicating the actual value, as shown in the configuration examples above. If you specify 0, limiting is disabled. Limiting is disabled by default.

Viewing broadcast, multicast, and unknown unicast limits

You can use the show run interface command to display the broadcast, multicast, and unknown-unicast limits configured on the device.

In addition to the show run interface command, to display the broadcast, multicast, and unknown-unicast limits configured on the device:

• show rate-limit unknown-unicast

• show rate-limit broadcast

Use the show run interface command to view the broadcast, multicast, and unknown-unicast limit configured on each port.

PowerConnect B-Series TI24X Configuration Guide 23 53-1002269-02

Syntax: show run interface

Configuring basic port parameters

PowerConnect# show rate-limit unknown-unicast Unknown Unicast Limit Settings: Port Region Combined Limit Packets/Bytes 1 - 12 524288 Packets 13 - 24 65536 Bytes

PowerConnect# show rate-limit broadcast Broadcast/Multicast Limit Settings: Port Limit Packets/Bytes Packet Type(s) 4 1245184 Bytes Broadcast + Multicast 5 1245184 Bytes Broadcast + Multicast 14 65536 Packets Broadcast only 23 131072 Packets Broadcast + Multicast

Use the show rate-limit unknown-unicast command to display the unknown unicast limit for each port region to which it applies.

Syntax: show rate-limit unknown-unicast

Use the show rate-limit broadcast command to display the broadcast limit or broadcast and multicast limit for each port to which it applies.

Syntax: show rate-limit broadcast

Configuring basic port parameters

The procedures in this section describe how to configure the port parameters shown in Tab le 6.

TABLE 6 Basic port parameters

Port parameter See page

Name page 25

Speed page 25

Duplex mode page 26

Port status (enable or disable) page 27

Flow control page 27

Auto-negotiation and advertisement of flow control page 28

Configuring PHY FIFO Rx and TX Depth page 29

Interpacket Gap (IPG) page 29

Gbps fiber negotiate mode page 30

QoS priority page 30

Port flap dampening page 30

All ports are pre-configured with default values that allow the device to be fully operational at initial startup without any additional configuration. However, in some cases, changes to the port parameters may be necessary to adjust to attached devices or other network requirements.

24 PowerConnect B-Series TI24X Configuration Guide

53-1002269-02

Configuring basic port parameters

NOTE

Assigning a port name

A port name can be assigned to help identify interfaces on the network. You can assign a port name to physical ports, virtual interfaces, and loopback interfaces.

To assign a name to a port.

PowerConnect(config)# interface e 2 PowerConnect(config-if-e10000-2)# port-name Marsha

Syntax: port-name text

The text parameter is an alphanumeric string. The name can be up to 64 characters long. The name can contain blanks. You do not need to use quotation marks around the string, even when it contains blanks.

Modifying port speed and duplex mode

This section describes how to modify port speed and duplex mode on PowerConnect devices.

Copper ports

The Gigabit Ethernet copper ports are designed to auto-sense and auto-negotiate the speed and duplex mode of the connected device. If the attached device does not support this operation, you can manually enter the port speed to operate at either 10, 100, or 1000 Mbps. The default and recommended setting is 10/100/1000 auto-sense.

On PowerConnect devices, you can modify the port speed of copper ports and the 24 fiber ports.

For optimal link operation, copper ports on devices that do not support 803.3u must be configured with like parameters, such as speed (10,100,1000), duplex (half, full), and Flow Control.

Fiber ports on the PowerConnect

The fiber ports on the PowerConnect devices support 1 GbE and 10 GbE connections, depending on the SFP optic installed in the port. SFP+ optics are used for 10 GbE filber connections, and SFP optics are used for 1 GbE fiber connections. The default setting is 10 GbE full-duplex mode with SFP+ optics. To use 1 GbE in a 10 GbE port, insert an SFP optic and change the speed-duplex to 1 GbE (speed-duplex 1000).

Configuration syntax

The following commands change the port speed of fiber interface 8 on a PowerConnect device from the default of 10 Gbps to 1 Gbps.

PowerConnect(config)# interface e 8 PowerConnect(config-if-e10000-8)# speed-duplex 1000

Syntax: speed-duplex value

where value can be one of the following:

• 10-full – 10 Mbps, full duplex

PowerConnect B-Series TI24X Configuration Guide 25 53-1002269-02

Configuring basic port parameters

NOTE

• 10-half – 10 Mbps, half duplex

• 100-full – 100 Mbps, full duplex

• 100-half – 100 Mbps, half duplex

• 1000 – 1 Gbps, full duplex (supported on PowerConnect B-Series TI24X 10-GbE ports only)

• 1000-full-master – 1 Gbps, full duplex master (not supported on the PowerConnect B-Series

TI24X)

• 1000-full-slave – 1 Gbps, full duplex slave (not supported on the PowerConnect B-Series TI24X)

• 10000 – 10 Gbps, full duplex (supported on PowerConnect B-Series TI24X 10-GbE ports only)

• auto – auto-negotiation

The default for copper ports is auto (auto-negotiation).

The default for fiber ports on the PowerConnect B-Series TI24X is 10000 (10 Gbps, full duplex).

Use the no form of the command to restore the default.

On PowerConnect B-Series TI24X devices, when 10/100/1000 copper ports (ports 25 – 28) auto-negotiate to either 1 Gbps or 100 Mbps, the green and amber LEDs will be lit solid (ON) when the link is up, and the amber LED will blink when traffic flows through the port. On PowerConnect B-Series TI24X devices, if the speed is set to Auto for a 1G port, the port auto-negotiates the flow control with the neighboring port.

Auto speed detect

On PowerConnect B-Series TI24X devices, if you insert a 1G SFP, the device detects the media change and automatically change the speed to support 1G for that port. This happens when the configured speed is 10G. The configured speed continues to be 10G, but the port comes up with operational speed of 1G. This removes the need for explicitly configuring speed-duplex 1000 for SFPs where the device is able to detect the media type.

All the po rts wi th 1G SFP s which n eed to form a trunk (static or dynamic), need to use either the Auto speed detect feature to come up in 1G mode or use the speed-duplex 1000 command. Configuring speed-duplex 1000 on only few of the ports to be part of the trunk will prevent trunk creation.

Modifying port duplex mode

You can manually configure a 10/100 Mbps port to accept either full-duplex (bi-directional) or half-duplex (uni-directional) traffic.

You can modify the port duplex mode of copper ports only. This feature does not apply to fiber ports.

Port duplex mode and port speed are modified by the same command.

Configuration syntax

To change the port speed of interface 8 from the default of 10/100/1000 auto-sense to 10 Mbps operating at full-duplex, enter the following.

26 PowerConnect B-Series TI24X Configuration Guide

53-1002269-02

Configuring basic port parameters

NOTE

PowerConnect(config)# interface e 8 PowerConnect(config-if-e10000-8)# speed-duplex 10-full

Syntax: speed-duplex value

The value can be one of the following:

• 10-full

• 10-half

• 100-full

• 100-half

• auto (default)

Disabling or re-enabling a port

A port can be made inactive (disable) or active (enable) by selecting the appropriate status option. The default value for a port is enabled.

To disable port 8 of a device, enter the following.

PowerConnect(config)# interface e 8 PowerConnect(config-if-e10000-8)# disable

Syntax: disable

You also can disable or re-enable a virtual interface. To do so, enter commands such as the following.

PowerConnect(config)# interface ve v1 PowerConnect(config-vif-1)# disable

Syntax: disable

To re-enable a virtual interface, enter the enable command at the Interface configuration level. For example, to re-enable virtual interface v1, enter the following command.

PowerConnect(config-vif-1)#enable

Syntax: enable

Disabling or re-enabling flow control

You can configure full-duplex ports on a system to operate with or without flow control (802.3x). Flow control is enabled by default.

To disable flow control on full-duplex ports on a system, enter the following.

PowerConnect(config)# no flow-control

To turn the feature back on.

PowerConnect(config)# flow-control

Syntax: [no] flow-control

For optimal link operation, link ports on devices that do not support 803.3u must be configured with like parameters, such as speed (10,100,1000), duplex (half, full), and Flow Control.

PowerConnect B-Series TI24X Configuration Guide 27 53-1002269-02

Configuring basic port parameters

NOTE

Auto-negotiation and advertisement of flow control

Auto-negotiation of flow control can be enabled and advertised for 10/100/1000M ports. To enable and advertise flow control capability, enter the following commands.

PowerConnect(config)# interface ethernet 21 PowerConnect(config-if-e10000-21)# flow-control

To also enable auto-negotiation of flow control, enter the following commands.

PowerConnect(config)# interface ethernet 21 PowerConnect(config-if-e10000-21)# flow-control neg-on

Syntax: #[no] flow-control [neg-on]

• flow-control [default] - Enable flow control, advertise flow control and disable negotiation of

flow control

• flow-control neg-on - Advertise flow control and enable negotiation of flow control

• no flow-control - Disable flow control, disable advertising flow control and also disable

negotiation of flow control

Commands may be entered in IF (single port) or MIF (multiple ports at once) mode.

PowerConnect(config)# interface ethernet 21 PowerConnect(config-if-e10000-21)# flow-control

This command enables flow-control on port 21.

PowerConnect(config)# interface e 11 to 15 PowerConnect(config-mif-11-15)# flow-control

This command enables flow-control on ports 11 to 15.

Asynchronous flow control

The PowerConnect B-Series TI24X devices supports asynchronous flow control. By default, PAUSE frames are honored when you stops or starts sending traffic to a switch when another switch sends a PAUSE frame.

Flow control suports honor-only mode and generate-only mode. Honor-only is the default mode. To change the default mode to generate-only mode use the flow-control generate-only command.

To set the mode to support both honor and generate modes use the flow-control both command. To set the mode to default, use the flow-control honor-only command.

Displaying flow-control status

The show interface port command displays configuration, operation, and negotiation status where applicable.

For 10 Gbps ports, the display shows Flow Control is enabled, or Flow Control is disabled, depending on the configuration.

Auto-negotiation of flow control is not supported on 10 Gbps ports and copper/fiber combination ports.

28 PowerConnect B-Series TI24X Configuration Guide

53-1002269-02

Configuring basic port parameters

NOTE

When any of the commands are applied to a port that is up, the port will be disabled and re-enabled.

When flow-control is enabled, the hardware can only advertise Pause. It does not advertise Asym.

Configuring the Interpacket Gap (IPG)

IPG is the time delay, in bit time, between frames transmitted by the device. You configure IPG at the interface level. The command you use depends on the interface type on which IPG is being configured.

The default interpacket gap is 96 bits-time, which is 9.6 microseconds for 10 Mbps Ethernet, 960 nanoseconds for 100 Mbps Ethernet, 96 nanoseconds for 1 Gbps Ethernet, and 9.6 nanoseconds for 10 Gbps Ethernet.

Configuration notes

• When you enter a value for IPG, the device applies the closest valid IPG value for the port mode

to the interface. For example, if you specify 120 for a 1 Gbps Ethernet port in 1 Gbps mode, the

device assigns 112 as the closest valid IPG value to program into hardware.

Configuring IPG on a Gbps Ethernet port

On a Gbps Ethernet port, you can configure IPG for 10/100 mode and for Gbps Ethernet mode.

10/100M mode To configure IPG on a Gbps Ethernet port for 10/100M mode, enter the following command.

PowerConnect(config)# interface ethernet 1 PowerConnect(config-if-e10000-1)# ipg-mii 120 IPG 120(120) has been successfully configured for ports 1 to 12

Syntax: [no] ipg-mii <bit time>

Enter 12-124 for <bit time>. The default is 96 bit time.

1G mode To configure IPG on a Gbps Ethernet port for 1-Gbps Ethernet mode, enter commands such as the

following.

PowerConnect(config)# interface ethernet 1 PowerConnect(config-if-e10000-1)# ipg-gmii 120 IPG 120(112) has been successfully configured for ports 1 to 12

Syntax: [no] ipg-gmii bit time

Enter 48 - 112 for bit time. The default is 96 bit time.

Configuring IPG on a 10 Gbps Ethernet interface

To configure IPG on a 10 Gbps Ethernet interface, enter commands such as the following.

PowerConnect B-Series TI24X Configuration Guide 29 53-1002269-02

Configuring basic port parameters

NOTE

PowerConnect(config)# interface ethernet 1 PowerConnect(config-if-e10000-1)# ipg-xgmii 120 IPG 120(128) has been successfully configured for port 1

Syntax: [no] ipg-xgmii bit time

Enter 96-192 for bit time. The default is 96 bit time.

Changing the Gbps fiber negotiation mode

The globally configured Gbps negotiation mode is the default mode for all Gbps fiber ports. You can override the globally configured default and set individual ports to the following:

• Negotiate-full-auto – The port first tries to perform a handshake with the other port to

exchange capability information. If the other port does not respond to the handshake attempt,

the port uses the manually configured configuration information (or the defaults if an

administrator has not set the information). This is the default.

• Auto-Gbps – The port tries to perform a handshake with the other port to exchange capability

information.

• Negotiation-off – The port does not try to perform a handshake. Instead, the port uses

configuration information manually configured by an administrator.

To change the mode for individual ports, enter commands such as the following.

PowerConnect(config)# int ethernet 1 to 4 PowerConnect(config-mif-1-4)# gig-default auto-gig

This command overrides the global setting and sets the negotiation mode to auto-Gbps for ports 1 – 4.

Syntax: gig-default neg-full-auto | auto-gig | neg-off

When Gbps negotiation mode is turned off (CLI command gig-default neg-off), the device may inadvertently take down both ends of a link. This is a hardware limitation for which there is currently no workaround.

Modifying port priority (QoS)

You can give preference to the inbound traffic on specific ports by changing the Quality of Service (QoS) level on those ports. For information and procedures, refer to Chapter 15, “Configuring

Quality of Service”.

Configuring port flap dampening

Port Flap Dampening increases the resilience and availability of the network by limiting the number of port state transitions on an interface.

If the port link state toggles from up to down for a specified number of times within a specified period, the interface is physically disabled for the specified wait period. Once the wait period expires, the port link state is re-enabled. However, if the wait period is set to zero (0) seconds, the port link state will remain disabled until it is manually re-enabled.

30 PowerConnect B-Series TI24X Configuration Guide

53-1002269-02

Configuring basic port parameters

Configuration notes

• When a flap dampening port becomes a member of a trunk group, that port, as well as all

other member ports of that trunk group, will inherit the primary por t configuration. This means

that the member ports will inherit the primary port flap dampening configuration, regardless of

any previous configuration.

• The device counts the number of times a port link state toggles from "up to down", and not

from "down to up".

• The sampling time or window (the time during which the specified toggle threshold can occur

before the wait period is activated) is triggered when the first "up to down" transition occurs.

• "Up to down" transitions include UDLD-based toggles, as well as the physical link state.

Configuring port flap dampening on an interface

This feature is configured at the interface level.

PowerConnect(config)# interface ethernet 1 PowerConnect(config-if-e10000-1)# link-error-disable 10 3 10

Syntax: [no] link-error-disable toggle-threshold sampling-time-in-sec wait-time-in-sec

The toggle-threshold is the number of times a port link state goes from up to down and down to up before the wait period is activated. The default is 0. Enter a valid value range from 1-50.

The sampling-time-in-sec is the amount of time during which the specified toggle threshold can occur before the wait period is activated. The default is 0 seconds. Enter 0 – 65535 seconds.

The wait-time-in-sec is the amount of time the port remains disabled (down) before it becomes enabled. Entering 0 – 65535 seconds; 0 indicates that the port will stay down until an administrative override occurs.

Configuring port flap dampening on a trunk

You can configure the port flap dampening feature on the primary port of a trunk using the link-error-disable command. Once configured on the primary port, the feature is enabled on all ports that are members of the trunk. You cannot configure port flap dampening on port members of the trunk.

Enter commands such as the following on the primary port of a trunk.

PowerConnect(config)# interface ethernet 1 PowerConnect(config-if-e10000-1)# link-error-disable 10 3 10

Re-enabling a port disabled by port flap dampening

A port disabled by port flap dampening is automatically re-enabled once the wait period expires; however, if the wait period is set to zero (0) seconds, you must re-enable the port by entering the following command on the disabled port.

PowerConnect(config)# interface ethernet 1 PowerConnect(config-if-e10000-1)# no link-error-disable 10 3 10

PowerConnect B-Series TI24X Configuration Guide 31 53-1002269-02

Configuring basic port parameters

PowerConnect# show link-error-disable Port 1 is forced down by link-error-disable.

PowerConnect# show link-error-disable all Port -----------------Config--------------- ------Oper--- # Threshold Sampling-Time Shutoff-Time State Counter

----- --------- ------------- ------------ ----- ------ 11 3 120 600 Idle N/A 12 3 120 500 Down 424

Displaying ports configured with port flap dampening

Ports that have been disabled due to the port flap dampening feature are identified in the output of the show link-error-disable command. The following shows an example output.

Use the show link-error-disable all command to display the ports with the port flap dampening feature enabled.

For PowerConnect B-Series TI24X devices, the output of the command shows the following.

Tab le 7 defines the port flap dampening statistics displayed by the show link-error-disable all

command.

TABLE 7 Output of show link-error-disable

This column... Displays...

Port # The por t number.

Threshold The number of times the port link state will go from up to down and

down to up before the wait period is activated.

Sampling-Time The number of seconds during which the specified toggle threshold can

occur before the wait period is activated.

Shutoff-Time The number of seconds the port will remain disabled (down) before it

becomes enabled. A zero (0) indicates that the port will stay down until an administrative override occurs.

State The port state can be one of the following:

• Idle – The link is normal and no link state toggles have been

detected or sampled.

• Down – The port is disabled because the number of sampled errors

exceeded the configured threshold.

• Err – The port sampled one or more errors.

Counter

• If the port state is Idle, this field displays N/A.

• If the port state is Down, this field shows the remaining value of the

shutoff timer.

• If the port state is Err, this field shows the number of errors

sampled.

Syntax: show link-error-disable [all]

Also, in PowerConnect B-Series TI24X devices, the show interface command indicates if the port flap dampening feature is enabled on the port.

32 PowerConnect B-Series TI24X Configuration Guide

53-1002269-02

Configuring basic port parameters

PowerConnect# show interface ethernet 15 GigabitEthernet15 is up, line protocol is up Link Error Dampening is Enabled Hardware is GigabitEthernet, address is 00e0.5200.010e (bia 00e0.5200.010e) Configured speed auto, actual 1Gbit, configured duplex fdx, actual fdx Configured mdi mode AUTO, actual MDIX

PowerConnect# show interface ethernet 17 GigabitEthernet17 is ERR-DISABLED, line protocol is down Link Error Dampening is Enabled Hardware is GigabitEthernet, address is 00e0.5200.010e (bia 00e0.5200.010e) Configured speed auto, actual unknown, configured duplex fdx, actual unknown

PowerConnect# show interface brief e17

Port Link State Dupl Speed Trunk Tag Priori MAC Name 17 ERR-DIS None None None 15 Yes level0 00e0.5200.010e

The line “Link Error Dampening” displays “Enabled” if port flap dampening is enabled on the port or “Disabled” if the feature is disabled on the port. The feature is enabled on the ports in the two examples above. Also, the characters “ERR-DISABLED” is displayed for the “GbpsEthernet” line if the port is disabled because of link errors.

Syntax: show interface ethernet <port-number>

In addition to the show commands above, the output of the show interface brief command for PowerConnect B-Series TI24X devices, indicates if a port is down due to link errors.

The ERR-DIS entry under the “Link” column indicates the port is down due to link errors.

Port loop detection

This feature allows the device to disable a port that is on the receiving end of a loop by sending test packets. You can configure the time period during which test packets are sent.

Strict mode and loose mode

There are two types of loop detection; Strict Mode and Loose Mode. In Strict Mode, a port is disabled only if a packet is looped back to that same port. Strict Mode overcomes specific hardware issues where packets are echoed back to the input port. In Strict Mode, loop detection must be configured on the physical port.

In Loose Mode, loop detection is configured on the VLAN of the receiving port. Loose Mode disables the receiving port if packets originate from any port or VLAN on the same device. The VLAN of the receiving port must be configured for loop detection in order to disable the port.

Recovering disabled ports

Once a loop is detected on a port, it is placed in Err-Disable state. The port will remain disabled until one of the following occurs:

• You manually disable and enable the port at the Interface Level of the CLI.

• You enter the command clear loop-detection. This command clears loop detection statistics

and enables all Err-Disabled ports.

PowerConnect B-Series TI24X Configuration Guide 33 53-1002269-02

Configuring basic port parameters

NOTE

• The device automatically re-enables the port. To set your device to automatically re-enable

Err-Disabled ports, refer to “Configuring the device to automatically re-enable ports” on

page 35.

Configuration notes

• Loopback detection packets are sent and received on both tagged and untagged ports.

Therefore, this feature cannot be used to detect a loop across separate devices.

• On PowerConnect devices, the port loop detection feature works only on untagged ports.

The following information applies to Loose Mode loop detection:

• With Loose Mode, two ports of a loop are disabled.

• Different VLANs may disable different ports. A disabled port affects every VLAN using it.

• Loose Mode floods test packets to the entire VLAN. This can impact system performance if too

many VLANs are configured for Loose Mode loop detection.

Dell recommends that you limit the use of Loose Mode. If you have a large number of VLANS, configuring loop detection on all of them can significantly affect system performance because of the flooding of test packets to all configured VLANs. An alternative to configuring loop detection in a VLAN-group of many VLANs is to configure a separate VLAN with the same tagged port and configuration, and enable loop detection on this VLAN only.

When loop detection is used with L2 loop prevention protocols, such as spanning tree (STP), the L2 protocol takes higher priority. Loop detection cannot send or receive probe packets if ports are blocked by L2 protocols, so it does not detect L2 loops when STP is running because loops within a VLAN have been prevented by STP. Loop detection running in Loose Mode can detect and break L3 loops because STP cannot prevent loops across different VLANs. In these instances, the ports are not blocked and loop detection is able to send out probe packets in one VLAN and receive packets in another VLAN. In this way, loop detection running in Loose Mode disables both ingress and egress ports.

Enabling loop detection

Use the loop-detection command to enable loop detection on a physical port (Strict Mode) or a VLAN (Loose Mode). Loop detection is disabled by default. The following example shows a Strict Mode configuration.

PowerConnect(config)# interface ethernet 1 PowerConnect(config-if-e10000-1)# loop-detection

The following example shows a Loose Mode configuration.

PowerConnect(config)# vlan20 PowerConnect(config-vlan-20)# loop-detection

By default, the port will send test packets every one second, or the number of seconds specified by the loop-detection-interval command. Refer to “Configuring a global loop detection interval” on page 35.

Syntax: [no] loop-detection

Use the [no] form of the command to disable loop detection.

34 PowerConnect B-Series TI24X Configuration Guide

53-1002269-02

Configuring basic port parameters

Configuring a global loop detection interval

The loop detection interval specifies how often a test packet is sent on a port. When loop detection is enabled, the loop detection time unit is 0.1 second, with a default of 10 (one second). The range is from 1 (one tenth of a second) to 100 (10 seconds). You can use the show loop-detection status command to view the loop detection interval.

To configure the global loop detection interval, enter a command similar to the following.

PowerConnect(config)# loop-detection-interval 50

This command sets the loop-detection interval to 5 seconds (50 x 0.1).

To revert to the default global loop detection interval of 10, enter one of the following.

PowerConnect(config)# loop-detection-interval 10

OR PowerConnect(config)# no loop-detection-interval 50

Syntax: [no] loop-detection-interval number

where number is a value from 1 to 100. The system multiplies your entry by 0.1 to calculate the interval at which test packets will be sent.

Configuring the device to automatically re-enable ports

To configure the device to automatically re-enable ports that were disabled because of a loop detection, enter the following command.

PowerConnect(config)# errdisable recovery cause loop-detection

The above command will cause the device to automatically re-enable ports that were disabled because of a loop detection. By default, the device will wait 300 seconds before re-enabling the ports. You can optionally change this interval to a value from 10 to 65535 seconds. Refer to

“Specifying the recovery time interval” on page 35.

Syntax: [no] errdisable recovery cause loop-detection

Use the [no] form of the command to disable this feature.

Specifying the recovery time interval

The recovery time interval specifies the number of seconds the device will wait before automatically re-enabling ports that were disabled because of a loop detection. (Refer to

“Configuring the device to automatically re-enable ports” on page 35.) By default, the device will

wait 300 seconds. To change the recovery time interval, enter a command such as the following.

PowerConnect(config)# errdisable recovery interval 120

This command configures the device to wait 120 seconds (2 minutes) before re-enabling the ports.

To revert to the default recovery time interval of 300 seconds (5 minutes), enter one of the following commands.

PowerConnect(config)# errdisable recovery interval 300

PowerConnect(config)# no errdisable recovery interval 120

PowerConnect B-Series TI24X Configuration Guide 35 53-1002269-02

Configuring basic port parameters

Syntax: [no] errdisable recovery interval seconds

where seconds is a number from 10 to 65535.

Clearing loop-detection

To clear loop detection statistics and re-enable all ports that are in Err-Disable state because of a loop detection, enter the following command.

PowerConnect# clear loop-detection

Displaying loop-detection information

Use the show loop-detection status command to display loop detection status, as shown.

PowerConnect# show loop-detection status loop detection packets interval: 10 (unit 0.1 sec) Number of err-disabled ports: 3 You can re-enable err-disable ports one by one by "disable" then "enable" under interface config, re-enable all by "clear loop-detect", or configure "errdisable recovery cause loop-detection" for automatic recovery index port/vlan status #errdis sent-pkts recv-pkts 1 13 untag, LEARNING 0 0 0 2 15 untag, BLOCKING 0 0 0 3 17 untag, DISABLED 0 0 0 4 18 ERR-DISABLE by itself 1 6 1 5 19 ERR-DISABLE by vlan 12 0 0 0 6 vlan12 2 ERR-DISABLE ports 2 24 2

If a port is errdisabled in Strict mode, it shows “ERR-DISABLE by itself”. If it is errdisabled due to its associated vlan, it shows “ERR-DISABLE by vlan ?”

The following command displays the current disabled ports, including the cause and the time.

PowerConnect# show loop-detection disable Number of err-disabled ports: 3 You can re-enable err-disable ports one by one by "disable" then "enable" under interface config, re-enable all by "clear loop-detect", or configure "errdisable recovery cause loop-detection" for automatic recovery index port caused-by disabled-time 1 18 itself 00:13:30 2 19 vlan 12 00:13:30 3 20 vlan 12 00:13:30

This example shows the disabled ports, the cause, and the time the port was disabled. If loop-detection is configured on a physical port, the disable cause will show “itself”. For VLANs configured for loop-detection, the cause will be a VLAN.

The following command shows the hardware and software resources being used by the loop-detection feature.

Vlans configured loop-detection use 1 HW MAC Vlans not configured but use HW MAC: 1 10

alloc in-use avail get-fail limit get-mem size init configuration pool 16 6 10 0 3712 6 15 16 linklist pool 16 10 6 0 3712 10 16 16

36 PowerConnect B-Series TI24X Configuration Guide

53-1002269-02

Configuring basic port parameters

Syslog message

The following message is logged when a port is disabled due to loop detection. This message also appears on the console.

loop-detect: port ?\?\? vlan ?, into errdisable state

The Errdisable function logs a message whenever it re-enables a port.

PowerConnect B-Series TI24X Configuration Guide 37 53-1002269-02

Configuring basic port parameters

38 PowerConnect B-Series TI24X Configuration Guide

53-1002269-02

Chapter

NOTE

Operations, Administration, and Maintenance

Overview

For easy software image management, all devices support the download and upload of software images between the flash modules on the devices and a Trivial File Transfer Protocol (TFTP) server on the network.

PowerConnect devices have two flash memory modules:

• Primary flash – The default local storage device for image files and configuration files.

• Secondary flash – A second flash storage device. You can use the secondary flash to store

redundant images for additional reload reliability or to preserve one software image while

testing another one.

Only one flash device is active at a time. By default, the primary image will become active upon reload.

You can update the software contained on a flash module using TFTP to copy the update image from a TFTP server onto the flash module. In addition, you can copy software images and configuration files from a flash module to a TFTP server.

PowerConnect devices are TFTP clients but not TFTP servers. You must perform the TFTP transaction from the device. You cannot “put” a file onto the device using the interface of your TFTP server.

If you are attempting to transfer a file using TFTP but have received an error message, refer to

“Diagnostic error codes and remedies for TFTP transfers” on page 51.

Determining the software versions installed and running on a device

Use the following methods to display the software versions running on the device and the versions installed in flash memory.

Determining the flash image version running on the device

To determine the flash image version running on a device, enter the show version command at any level of the CLI. Some examples are shown below.

PowerConnect B-Series TI24X Configuration Guide 39 53-1002269-02

Determining the software versions installed and running on a device

PowerConnect#show version SW: Version 4.2.00b Copyright (c) 1996-2010 Brocade Communications Systems, Inc. Compiled on Dec 02 2010 at 08:07:06 labeled as TIR04200b (6092645 bytes) from Secondary TIR04200b Compressed Boot-Monitor Image size = 373767, Version:04.1.00T205 (grz04100) HW: Stackable TurboIron-X24 ========================================================================== Serial #: BFF2342E00X P-ASIC 0: type B820, rev 01 subrev 00 ========================================================================== 833 MHz Power PC processor 8541 (version 32/0020) 66 MHz bus 512 KB boot flash memory 31744 KB code flash memory 512 MB DRAM The system uptime is 5 minutes 34 seconds The system : started=warm start reloaded=by "reload"

Compact devices

To determine the flash image version running on a Compact device, enter the show version command at any level of the CLI. The following shows an example output.

The version information is shown in bold type in this example:

• “4.2.00b” indicates the flash code version number.

• “labeled as TIR04200b” indicates the flash code image label. The label indicates the

imagetype and version and is especially useful if you change the image file name.

• “Secondary TIR04200b” indicates the flash code image file name that was loaded.

Determining the image versions installed in flash memory

Enter the show flash command to display the boot and flash images installed on the device.

• The “Compressed Pri Code size” line lists the flash code version installed in the primary flash

area.

• The “Compressed Sec Code size” line lists the flash code version installed in the secondary

flash area.

• The “Boot Monitor Image size” line lists the boot code version installed in flash memory. The

device does not have separate primary and secondary flash areas for the boot image. The

flash memory module contains only one boot image.

Flash image verification

The Flash Image Verification feature allows you to verify boot images based on hash codes, and to

40 PowerConnect B-Series TI24X Configuration Guide

generate hash codes where needed. This feature lets you select from three data integrity verification algorithms:

• MD5 - Message Digest algorithm (RFC 1321)

• SHA1 - US Secure Hash Algorithm (RFC 3174)

• CRC - Cyclic Redundancy Checksum algorithm

53-1002269-02

Determining the software versions installed and running on a device

CLI commands

Use the following command syntax to verify the flash image:

Syntax: verify md5 | sha1 | crc32 ASCII string | primary | secondary [hash code]

• md5 – Generates a 16-byte hash code

• sha1 – Generates a 20-byte hash code

• crc32 – Generates a 4 byte checksum

• ascii string – A valid image filename

• primary – The primary boot image (primary.img)

• secondary – The secondary boot image (secondary.img)

• hash code – The hash code to verify

The following examples show how the verify command can be used in a variety of circumstances.

To generate an MD5 hash value for the secondary image, enter the following command.

PowerConnect# verify md5 secondary

PowerConnect#.........................Done

Size = 2044830, MD5 01c410d6d153189a4a5d36c955653862

To generate a SHA-1 hash value for the secondary image, enter the following command.

PowerConnect# verify sha secondary

PowerConnect#.........................Done

Size = 2044830, SHA1 49d12d26552072337f7f5fcaef4cf4b742a9f525

To generate a CRC32 hash value for the secondary image, enter the following command.

PowerConnect# verify crc32 secondary

PowerConnect#.........................Done

Size = 2044830, CRC32 b31fcbc0

To verify the hash value of a secondary image with a known value, enter the following commands.

PowerConnect# verify md5 secondary 01c410d6d153189a4a5d36c955653861

PowerConnect#.........................Done

Size = 2044830, MD5 01c410d6d153189a4a5d36c955653862 Verification FAILED.

In the previous example, the codes did not match, and verification failed. If verification succeeds, the output will look like this.

PowerConnect# verify md5 secondary 01c410d6d153189a4a5d36c955653861

PowerConnect#.........................Done

Size = 2044830, MD5 01c410d6d153189a4a5d36c955653861 Verification SUCEEDED.

The following examples show this process for SHA-1 and CRC32 algorithms.

PowerConnect# verify sha secondary 49d12d26552072337f7f5fcaef4cf4b742a9f525

PowerConnect#.........................Done

Size = 2044830, sha 49d12d26552072337f7f5fcaef4cf4b742a9f525 Verification SUCCEEDED.

and

PowerConnect# verify crc32 secondary b31fcbc0

PowerConnect#.........................Done

Size = 2044830, CRC32 b31fcbc0 Verification SUCCEEDED.

PowerConnect B-Series TI24X Configuration Guide 41 53-1002269-02

Image file types

NOTE

Image file types

This section lists the boot and flash image file types supported on the PowerConnect B-Series TI24X of switches and how to install them. For information about a specific version of code, refer to the release notes.

TABLE 8 Software image files

Product Boot image

PowerConnect B-Series TI24X GRZxxxxx.bin TISxxxxx.bin (Layer 2)

Upgrading software

Use the following procedures to upgrade the software.

Upgrading the boot code

Follow the steps given below to upgrade the boot code.

Flash image

1. Place the new boot code on a TFTP server to which the device has access.

2. Enter the following command at the Privileged EXEC level of the CLI to copy the boot code from

the TFTP server into flash memory:

• copy tftp flash ip-addr image-file-name bootrom

Use the copy tftp flash command to copy the boot code to the device only during a

maintenance window. Attempting to do so during normal networking operations can cause

disruption to the network.

3. Verify that the code has been successfully copied by entering the following command at any

level of the CLI:

• show flash

The output will display the compressed boot ROM code size and the boot code version.

4. Upgrade the flash code as instructed in the following section.

Upgrading the flash code

Follow the steps given below to upgrade the flash code.

1. Place the new flash code on a TFTP server to which the device has access.

2. Enter the following command at the Privileged EXEC level of the CLI to copy the flash code from

the TFTP server into the flash memory.

copy tftp flash ip-addr image-file-name primary | secondary

3. Verify that the flash code has been successfully copied by entering the following command at

any level of the CLI.

show flash

42 PowerConnect B-Series TI24X Configuration Guide

53-1002269-02

Using SNMP to upgrade software

NOTE

4. If the flash code version is correct, go to step 5. Otherwise, go to step 1.

5. Reload the software by entering one of the following commands:

• reload (this command boots from the default boot source, which is the primary flash area

by default)

• hitless-reload primary | secondary

• boot system flash primary | secondary

The boot system flash process occurs after a boot system flash primary/secondary command is entered and gives an administrator the opportunity to make last minute changes or corrections before performing a reload. The example below shows the confirmation step. PowerConnect# boot system flash primary Are you sure? (enter ‘Y’ or ‘N’): y

Boot code synchronization feature

When the new boot image is copied into the active module, it is automatically synchronized with the redundant management module.

There is currently no option for manual synchronization of the boot image.

To activate the boot synchronization process, enter the following command.

PowerConnect# copy tftp flash 192.168.255.102 GRZ04100.bin bootrom

The system responds with the following message.

PowerConnect# Load to buffer (8192 bytes per dot)

..................Write to boot flash......................

TFTP to Flash Done. PowerConnect# Synchronizing with standby module... Boot image synchronization done.

Using SNMP to upgrade software

You can use a third-party SNMP management application to upgrade software on a device.

Dell recommends that you make a backup copy of the startup-config file before you upgrade the software. If you need to run an older release, you will need to use the backup copy of the startup-config file.

1. Configure a read-write community string on the device, if one is not already configured. To

configure a read-write community string, enter the following command from the global CONFIG

level of the CLI.

snmp-server community string ro | rw

where string is the community string and can be up to 32 characters long.

2. On the device, enter the following command from the global CONFIG level of the CLI.

no snmp-server pw-check

PowerConnect B-Series TI24X Configuration Guide 43 53-1002269-02

Changing the block size for TFTP file transfers

NOTE

This command disables password checking for SNMP set requests. If a third-party SNMP

management application does not add a password to the password field when it sends SNMP

set requests to a device, by default the device rejects the request.

Changing the block size for TFTP file transfers

When you use TFTP to copy a file to or from a device, the device transfers the data in blocks of 8192 bytes by default. You can change the block size to one of the following if needed:

• 4096

• 2048

• 1024

• 512

• 256

• 128

• 64

• 32

• 16

To change the block size for TFTP file transfers, enter a command such as the following at the global CONFIG level of the CLI.

PowerConnect(config)# flash 2047 set flash copy block size to 2048

Rebooting

Syntax: [no] flash num

The software rounds up the num value you enter to the next valid power of two, and displays the resulting value. In this example, the software rounds the value up to 2048.

If the value you enter is one of the valid powers of two for this parameter, the software still rounds the value up to the next valid power of two. Thus, if you enter 2048, the software rounds the value up to 4096.

You can use boot commands to immediately initiate software boots from a software image stored in primary or secondary flash on a device or from a BootP or TFTP server. You can test new versions of code on a device or choose the preferred boot source from the console boot prompt without requiring a system reset.

It is very important that you verify a successful TFTP transfer of the boot code before you reset the system. If the boot code is not transferred successfully but you try to reset the system, the system will not have the boot code with which to successfully boot.

44 PowerConnect B-Series TI24X Configuration Guide

53-1002269-02

By default, the device first attempts to boot from the image stored in its primary flash, then its

NOTE

secondary flash, and then from a TFTP server. You can modify this booting sequence at the global CONFIG level of the CLI using the boot system… command.

To initiate an immediate boot from the CLI, enter one of the boot system… commands.

If you are booting the device from a TFTP server through a fiber connection, use the following command: boot system tftp ip-address filename fiber-port.

Displaying the boot preference

Use the show boot-preference command to display the boot sequence in the startup config and running config files. The boot sequence displayed is also identified as either user-configured or the default.

The following example shows the default boot sequence preference.

PowerConnect# show boot-preference Boot system preference (Configured):

Use Default Boot system preference(Default):

Boot system flash primary

Boot system flash secondary

Displaying the boot preference

The following example shows a user-configured boot sequence preference.

PowerConnect# show boot-preference Boot system preference(Configured):

Boot system flash secondary

Boot system tftp 10.1.1.1 TIX04200b1.bin

Boot system flash primary Boot system preference (Default)

Boot system flash primary

Boot system flash secondary

Syntax: show boot-preference

The results of the show run command for the configured example above appear as follows.

PowerConnect# show run Current Configuration: !

boot sys fl sec boot sys df 10.1.1.1 TIX04200b1.bin boot sys fl pri

ip address 10.1.1.4 255.255.255.0 snmp-client 10.1.1.1 ! end

Loading and saving configuration files

For easy configuration management, all devices support both the download and upload of configuration files between the devices and a TFTP server on the network.

PowerConnect B-Series TI24X Configuration Guide 45 53-1002269-02

Loading and saving configuration files

You can upload either the startup configuration file or the running configuration file to the TFTP server for backup and use in booting the system:

• Startup configuration file – This file contains the configuration information that is currently

saved in flash. To display this file, enter the show configuration command at any CLI prompt.

• Running configuration file – This file contains the configuration active in the system RAM but

not yet saved to flash. These changes could represent a short-term requirement or general

configuration change. To display this file, enter the show running-config or write terminal

command at any CLI prompt.

Each device can have one startup configuration file and one running configuration file. The startup configuration file is shared by both flash modules. The running configuration file resides in DRAM.

When you load the startup-config file, the CLI parses the file three times.

1. During the first pass, the parser searches for system-max commands. A system-max

command changes the size of statically configured memory.

2. During the second pass, the parser implements the system-max commands if present and also

implements trunk configuration commands (trunk command) if present.

3. During the third pass, the parser implements the remaining commands.

Replacing the startup configuration with the running configuration

After you make configuration changes to the active system, you can save those changes by writing them to flash memory. When you write configuration changes to flash memory, you replace the startup configuration with the running configuration.

To replace the startup configuration with the running configuration, enter the following command at any Enable or CONFIG command prompt.

PowerConnect# write memory

Replacing the running configuration with the startup configuration

If you want to back out of the changes you have made to the running configuration and return to the startup configuration, enter the following command at the Privileged EXEC level of the CLI.

PowerConnect# reload

Logging changes to the startup-config file

You can configure a device to generate a Syslog message when the startup-config file is changed. The trap is enabled by default.

The following Syslog message is generated when the startup-config file is changed.

startup-config was changed

If the startup-config file was modified by a valid user, the following Syslog message is generated.

startup-config was changed by <username>

46 PowerConnect B-Series TI24X Configuration Guide

53-1002269-02

Loading and saving configuration files

NOTE

To disable or re-enable Syslog messages when the startup-config file is changed, use the following command.

Syntax: [no] logging enable config-changed

Copying a configuration file to or from a TFTP server

To copy the startup-config or running-config file to or from a TFTP server, use one of the following methods.

You can name the configuration file when you copy it to a TFTP server. However, when you copy a configuration file from the server to a device, the file is always copied as “startup-config” or “running-config”, depending on which type of file you saved to the server.

To initiate transfers of configuration files to or from a TFTP server using the CLI, enter one of the following commands:

• copy startup-config tftp tftp-ip-addr filename – Use this command to upload a copy of the

startup configuration file from the device to a TFTP server.

• copy running-config tftp tftp-ip-addr filename – Use this command to upload a copy of the

running configuration file from the device to a TFTP server.

• copy tftp startup-config tftp-ip-addr filename – Use this command to download a copy of the

startup configuration file from a TFTP server to a device.

Dynamic configuration loading

You can load dynamic configuration commands (commands that do not require a reload to take effect) from a file on a TFTP server into the running-config on the device device. You can make configuration changes off-line, then load the changes directly into the device running-config, without reloading the software.

Usage considerations

• Use this feature only to load configuration information that does not require a software reload

to take effect. For example, you cannot use this feature to change statically configured

memory (system-max command) or to enter trunk group configuration information into the

running-config.

• Do not use this feature if you have deleted a trunk group but have not yet placed the changes

into effect by saving the configuration and then reloading. When you delete a trunk group, the

command to configure the trunk group is removed from the device running-config, but the

trunk group remains active. To finish deleting a trunk group, save the configuration (to the

startup-config file), then reload the software. After you reload the software, then you can load

the configuration from the file.

• Do not load port configuration information for secondary ports in a trunk group. Since all ports

in a trunk group use the port configuration settings of the primary port in the group, the

software cannot implement the changes to the secondary port.

PowerConnect B-Series TI24X Configuration Guide 47 53-1002269-02

Loading and saving configuration files

NOTE

Preparing the configuration file

A configuration file that you create must follow the same syntax rules as the startup-config file the device creates.

• The configuration file is a script containing CLI configuration commands. The CLI reacts to

each command entered from the file in the same way the CLI reacts to the command if you

enter it. For example, if the command results in an error message or a change to the CLI

configuration level, the software responds by displaying the message or changing the CLI level.

• The software retains the running-config that is currently on the device, and changes the

running-config only by adding new commands from the configuration file. If the running config

already contains a command that is also in the configuration file you are loading, the CLI

rejects the new command as a duplicate and displays an error message. For example, if the

running-config already contains a a command that configures ACL 1, the software rejects ACL

1 in the configuration file, and displays a message that ACL 1 is already configured.

• The file can contain global CONFIG commands or configuration commands for interfaces,

routing protocols, and so on. You cannot enter User EXEC or Privileged EXEC commands.

• The default CLI configuration level in a configuration file is the global CONFIG level. Thus, the

first command in the file must be a global CONFIG command or “ ! ”. The ! (exclamation point)

character means “return to the global CONFIG level”.

You can enter text following “ ! “ as a comment. However, the “ !” is not a comment marker. It

returns the CLI to the global configuration level.

If you copy-and-paste a configuration into a management session, the CLI ignores the “ ! “

instead of changing the CLI to the global CONFIG level. As a result, you might get different

results if you copy-and-paste a configuration instead of loading the configuration using TFTP.

• Make sure you enter each command at the correct CLI level. Since some commands have

identical forms at both the global CONFIG level and individual configuration levels, if the CLI

response to the configuration file results in the CLI entering a configuration level you did not

intend, then you can get unexpected results.

For example, if a trunk group is active on the device, and the configuration file contains a

command to disable STP on one of the secondary ports in the trunk group, the CLI rejects the

commands to enter the interface configuration level for the port and moves on to the next

command in the file you are loading. If the next command is a spanning-tree command whose

syntax is valid at the global CONFIG level as well as the interface configuration level, then the

software applies the command globally. Here is an example.

The configuration file contains these commands.

interface ethernet 2

no spanning-tree

The CLI responds like this.

PowerConnect(config)# interface ethernet 2

Error - cannot configure secondary ports of a trunk

PowerConnect(config)# no spanning-tree

PowerConnect(config)#

48 PowerConnect B-Series TI24X Configuration Guide

53-1002269-02

Loading and saving configuration files

NOTE

• If the file contains commands that must be entered in a specific order, the commands must

appear in the file in the required order. For example, if you want to use the file to replace an IP

address on an interface, you must first remove the old address using “no” in front of the ip

address command, then add the new address. Otherwise, the CLI displays an error message

and does not implement the command. Here is an example.

The configuration file contains these commands.

interface ethernet 11

ip address 10.10.10.69/24

The running-config already has a command to add an address to port 11, so the CLI responds

like this.

PowerConnect(config)# interface ethernet 11

PowerConnect(config-if-e10000-11)# ip add 10.10.10.69/24

Error: can only assign one primary ip address per subnet

PowerConnect(config-if-e10000-11)#

To successfully replace the address, enter commands into the file as follows.

interface ethernet 11

no ip address 20.20.20.69/24

ip address 10.10.10.69/24

This time, the CLI accepts the command, and no error message is displayed.

PowerConnect(config)# interface ethernet 11

PowerConnect(config-if-e10000-11)# no ip add 20.20.20.69/24

PowerConnect(config-if-e10000-11)# ip add 10.10.10.69/24

PowerConnect(config-if-e10000-11)

• Always use the end command at the end of the file. The end command must appear on the

last line of the file, by itself.

Loading the configuration information into the running-config

To load the file from a TFTP server, use either of the following commands:

• copy tftp running-config ip-addr filename

• ncopy tftp ip-addr filename running-config

If you are loading a configuration file that uses a truncated form of the CLI command access-list, the software will not go into batch mode.

For example, the following command line will initiate batch mode.

access-list 131 permit host pc1 host pc2

The following command line will not initiate batch mode.

acc 131 permit host pc1 host pc2

PowerConnect B-Series TI24X Configuration Guide 49 53-1002269-02

Scheduling a system reload

NOTE

Maximum file sizes for startup-config file and running-config

Each device has a maximum allowable size for the running-config and the startup-config file. If you use TFTP to load additional information into a device running-config or startup-config file, it is possible to exceed the maximum allowable size. If this occurs, you will not be able to save the configuration changes.

The maximum size for the running-config and the startup-config file is 64K each.

To determine the size of a running-config or star tup-config file, copy it to a TFTP server, then use the directory services on the server to list the size of the copied file. To copy the running-config or startup-config file to a TFTP server, use one of the following commands:

• Commands to copy the running-config to a TFTP server:

• copy running-config tftp ip-addr filename

• ncopy running-config tftp ip-addr from-name

• Commands to copy the startup-config file to a TFTP server:

• copy startup-config tftp ip-addr filename

• ncopy startup-config tftp ip-addr from-name

Scheduling a system reload

In addition to reloading the system manually, you can configure the device to reload itself at a specific time or after a specific amount of time has passed.

The scheduled reload feature requires the system clock. You can use a Simple Network Time Protocol (SNTP) server to set the clock or you can set the device clock manually. Refer to “Specifying

a Simple Network Time Protocol (SNTP) server” on page 18 or “Setting the system clock” on

page 19.

Reloading at a specific time

To schedule a system reload for a specific time, use the reload at command. For example, to schedule a system reload from the primary flash module for 6:00:00 AM, April 1, 2003, enter the following command at the global CONFIG level of the CLI.

PowerConnect# reload at 06:00:00 04-01-03

Syntax: reload at hh:mm:ss mm-dd-yy [primary | secondary]

• hh:mm:ss is hours, minutes, and seconds.

• mm-dd-yy is month, day, and year.

• primary | secondary specifies whether the reload is to occur from the primary code flash

module or the secondary code flash module. The default is primary.

50 PowerConnect B-Series TI24X Configuration Guide

53-1002269-02

Diagnostic error codes and remedies for TFTP transfers

Reloading after a specific amount of time

To schedule a system reload to occur after a specific amount of time has passed on the system clock, use reload after command. For example, to schedule a system reload from the secondary flash one day and 12 hours later, enter the following command at the global CONFIG level of the CLI.

PowerConnect# reload after 01:12:00 secondary

Syntax: reload after dd:hh:mm [primary | secondary]

• dd:hh:mm is the number of days, hours, and minutes.

• primary | secondary specifies whether the reload is to occur from the primary code flash

module or the secondary code flash module.

Displaying the amount of time remaining before a scheduled reload

To display how much time is remaining before a scheduled system reload, enter the following command from any level of the CLI.

PowerConnect# show reload

Canceling a scheduled reload

To cancel a scheduled system reload using the CLI, enter the following command at the global CONFIG level of the CLI.

PowerConnect# reload cancel

Diagnostic error codes and remedies for TFTP transfers

If an error occurs with a TFTP transfer to or from a device one of the following error codes is displayed on the console.

Table 0.1:

Error code

1 Flash read preparation failed. A flash error occurred during the download.

2Flash read failed.

3 Flash write preparation failed.

4 Flash write failed.

5 TFTP session timeout. TFTP failed because of a time out.

Message Explanation and action

Retry the download. If it fails again, contact customer support.

Check IP connectivity and make sure the TFTP server is running.

PowerConnect B-Series TI24X Configuration Guide 51 53-1002269-02

Diagnostic error codes and remedies for TFTP transfers

Error

Message Explanation and action

code

6 TFTP out of buffer space. The file is larger than the amount of room on the device or TFTP server.

7 TFTP busy, only one TFTP

session can be active.

8 File type check failed. You accidentally attempted to copy the incorrect image code into the

16 TFTP remote - general error. The TFTP configuration has an error. The specific error message

17 TFTP remote - no such file.

18 TFTP remote - access violation.

19 TFTP remote - disk full.

20 TFTP remote - illegal operation.

21 TFTP remote - unknown

transfer ID.

22 TFTP remote - file already

exists.

23 TFTP remote - no such user.

Table 0.1:

If you are copying an image file to flash, first copy the other image to your TFTP server, then delete it from flash. (Use the erase flash... CLI command at the Privileged EXEC level to erase the image in the flash.)

If you are copying a configuration file to flash, edit the file to remove unneeded information, then try again.

Another TFTP transfer is active on another CLI session or Brocade Network Advisor session. Wait, then retry the transfer.

system. Retry the transfer using the correct image.

describes the error. Correct the error, then retry the transfer.

52 PowerConnect B-Series TI24X Configuration Guide

53-1002269-02

Chapter

Monitoring Hardware Components

Hardware support

The procedures in this chapter describe how to configure the software to monitor hardware components. You can configure the software to monitor temperature and signal power levels for optical transceivers

Tab le 9 lists which devices support the features discussed in this chapter.

TABLE 9 Hardware components monitoring support for devices

Feature PowerConnect B-Series TI24X

Digital optical monitoring Yes

Digital optical monitoring

You can configure your device to monitor optical transceivers in the system, either globally or by specified ports. When this feature is enabled, the system will monitor the temperature and signal power levels for the optical transceivers in the specified ports. Console messages and syslog messages are sent when optical operating conditions fall below or rise above the XFP or SFP manufacturer recommended thresholds.

Supported media

Digital optical monitoring is supported with the following Dell-qualified media types:

• 1000Base-LHA

• 1000Base-LHB

• 1000Base-LX

• 1000Base-SX

• 10GBase-LR

• 10GBase-SR

Media not supported

Digital optical monitoring is not supported for the following optics:

• 1000Base-SX 2

• 1000Base-BX-D

• 1000Base-BX-U

• E1MG-100BXU

PowerConnect B-Series TI24X Configuration Guide 53 53-1002269-02

Digital optical monitoring

• E1MG-100BXD

• E1MG-BXU

• E1MG-BXD

Supported media

Digital optical monitoring is supported with the following Dell-qualified media types:

• 1000Base-BX-D

• 1000Base-BX-U

• 1000Base-LHA

• 1000Base-LHB

• 1000Base-LX

• 1000Base-SX

• 1000Base-SX 2

Media not supported

Digital optical monitoring is not supported for the following optics:

• E1MG-100BXU

• E1MG-100BXD

• E1MG-BXU

• E1MG-BXD

Configuration limitations

A device can monitor a maximum of 24 SFPs and 12 XFPs.

Enabling digital optical monitoring

To enable optical monitoring on all Dell-qualified optics installed in the device, use the following command.

PowerConnect(config)# optical-monitor

To enable optical monitoring on a specific port, use the following command.

PowerConnect(config)# interface ethernet 1 PowerConnect(config-if-e10000-1)# optical-monitor

To enable optical monitoring on a range of ports, use the following command.

PowerConnect(config)# interface ethernet 1 to 12 PowerConnect(config-mif-e10000-1-12)# optical-monitor

Syntax: [no] optical-monitor

Use the no form of the command to disable digital optical monitoring.

54 PowerConnect B-Series TI24X Configuration Guide

53-1002269-02

Digital optical monitoring

NOTE

Setting the alarm interval

You can optionally change the interval between which alarms and warning messages are sent. The default interval is three minutes. To change the interval, use the following command.

PowerConnect(config)# interface ethernet 1 to 2 PowerConnect(config-mif-e10000-1-2)# optical-monitor 10

Syntax: [no] optical-monitor [ alarm-interval ]

For alarm-interval, enter a value between 1 and 65535. Enter 0 to disable alarms and warning messages.

The commands no optical-monitor and optical-monitor 0 perform the same function. That is, they both disable digital optical monitoring.

Displaying information about installed media

Use the show media, show media slot, and show media ethernet commands to obtain information about the media devices installed per device, per slot, and per port. The results displayed from these commands provide the Type, Vendor, Part number, Version and Serial number of the SFP or XFP optical device installed in the port. 1G M-C indicates 1b Gbps copper media. If no SFP or XFP device is installed in a port, the “Type” field will display “EMPTY”.

Use the show media command to obtain information about the media devices installed in a device.

PowerConnect# show media Port 1: Type : 1G M-SX2(SFP) Vendor: Brocade Communications, Inc. Version: 0000 Part# : TRPAG1XRPBSS-FY Serial#: 0635000468 Port 2: Type : EMPTY Port 3: Type : EMPTY Port 4: Type : 100M M-FX-SR(SFP) Vendor: Brocade Communications, Inc. Version: A Part# : FTLF1217P2BTL-F1 Serial#: UCQ003A Port 5: Type : 1G M-C Port 6: Type : 1G M-C Port 7: Type : 1G M-C Port 8: Type : 1G M-C Port 9: Type : 1G M-C Port 10: Type : 1G M-C Port 11: Type : 1G M-C Port 12: Type : 1G M-C Port 13: Type : 1G M-C Port 14: Type : 1G M-C Port 15: Type : 1G M-C Port 16: Type : 1G M-C Port 17: Type : 1G M-C Port 18: Type : 1G M-C Port 19: Type : 1G M-C Port 20: Type : 1G M-C Port 21: Type : 1G M-C Port 22: Type : 1G M-C Port 23: Type : 1G M-C Port 24: Type : 1G M-C

PowerConnect B-Series TI24X Configuration Guide 55 53-1002269-02

Digital optical monitoring

Port 25: Type : 10G XG-SR(XFP) Vendor: Brocade Communications Inc. Version: 02 Part# : JXPR01SW05306 Serial#: F617604000A3 Port 26: Type : EMPTY

Use the show media slot command to obtain information about the media device installed in a slot.

PowerConnect# show media slot 1 Port 1: Type : 1G M-SX(SFP) Vendor: Brocade Communications, Inc. Version: Part# : PL-XPL-VC-S13-19 Serial#: 425HC109 Port 2: Type : 1G M-SX(SFP) Vendor: Brocade Communications, Inc. Version: Part# : PL-XPL-VC-S13-19 Serial#: 411HC0AH Port 3: Type : EMPTY Port 4: Type : 1G M-SX(SFP) Vendor: FINISAR CORP. Version: X1 Part# : FTRJ-8519-3 Serial#: H11654K Port 5: Type : EMPTY Port 6: Type : EMPTY Port 7: Type : 100M M-FX-IR(SFP) Vendor: Brocade Communications, Inc. Version: A Part# : FTLF1323P1BTR-FD Serial#: UCT000T Port 8: Type : EMPTY Port 9: Type : 100M M-FX-LR(SFP) Vendor: Brocade Communications, Inc. Version: A Part# : FTLF1323P1BTL-FD Serial#: UD3085J Port 10: Type : EMPTY Port 11: Type : 100M M-FX-SR(SFP) Vendor: Brocade Communications, Inc. Version: A Part# : FTLF1217P2BTL-F1 Serial#: UCQ003J Port 12: Type : EMPTY Port 13: Type : 100M M-FX-IR(SFP) Vendor: Brocade Communications, Inc. Version: A Part# : FTLF1323P1BTR-F1 Serial#: PCA2XC5

Use the show media ethernet command to obtain information about the media device installed in a port.

PowerConnect# show media e 17 Port 17: Type : 1G M-SX(SFP) Vendor: Brocade Communications, Inc. Version: Part# : PL-XPL-VC-S13-19 Serial#: 425HC109

Syntax: show media ethernet<port-num>

Viewing optical monitoring information

To view temperature and power information for all qualified XFPs and SFPs in a particular slot, use the show optic command. The following shows an example output.

PowerConnect> show optic 4 Port Temperature Tx Power Rx Power Tx Bias Current +----+-----------+----------+------------+-------------------+ 1 30.8242 C -001.8822 dBm -002.5908 dBm 41.790 mA Normal Normal Normal Normal 2 31.7070 C -001.4116 dBm -006.4092 dBm 41.976 mA Normal Normal Normal Normal 3 30.1835 C -000.5794 dBm 0.000 mA

56 PowerConnect B-Series TI24X Configuration Guide

53-1002269-02

Digital optical monitoring

NOTE

Normal Low-Alarm Normal Low-Alarm 4 0.0000 C 0.000 mA Normal Normal Normal Normal

Syntax: show optic slot number

This function takes advantage of information stored and supplied by the manufacturer of the XFP or SFP transceiver. This information is an optional feature of the Multi-Source Agreement standard defining the optical interface. Not all component suppliers have implemented this feature set. In such cases where the XFP or SFP transceiver does not supply the information, a “Not Available” message will be displayed for the specific port on which the module is installed.

The following table describes the information displayed by the show optic command.

TABLE 10 Output from the show optic command

This field... Displays...

Port The Dell port number.

Tem pera ture

• The operating temperature, in degrees Celsius, of the optical

transceiver.

• The alarm status, as described in Table 11.

Tx Power

• The transmit power signal, in decibels (dB), of the measured power

referenced to one milliwatt (mW).

• The alarm status, as described in Table 11.

Rx Power

• The receive power signal, in decibels (dB), of the measured power

referenced to one milliwatt (mW).

• The alarm status, as described in Table 11

Tx Bias Current

• The transmit bias power signal, in milliamperes (mA).

• The alarm status, as described in Table 11.

For Temperature, Tx Power, Rx Power, and Tx Bias Current in the show optic command output, values are displayed along with one of the following alarm status values: Low-Alarm, Low-Warn, Normal, High-Warn or High-Alarm. The thresholds that determine these status values are set by the manufacturer of the optical transceivers. Table 11 describes each of these status values.

TABLE 11 Alarm status value description

Status value Description

Low-Alarm Monitored level has dropped below the "low-alarm" threshold set by the manufacturer of the

optical transceiver.

Low-Warn Monitored level has dropped below the "low-warn" threshold set by the manufacturer of the

optical transceiver.

Normal Monitored level is within the "normal" range set by the manufacturer of the optical transceiver.

High-Warn Monitored level has climbed above the "high-warn" threshold set by the manufacturer of the

optical transceiver.

High-Alarm Monitored level has climbed above the "high-alarm" threshold set by the manufacturer of the

optical transceiver.

PowerConnect B-Series TI24X Configuration Guide 57 53-1002269-02

Digital optical monitoring

PowerConnect> show optic threshold 2 Port 2 sfp monitor thresholds: Temperature High alarm 5a00 90.0000 C Temperature Low alarm d300 -45.0000 C Temperature High warning 5500 85.0000 C Temperature Low warning d800 -40.0000 C Supply Voltage High alarm 9088 Supply Voltage Low alarm 7148 Supply Voltage High warning 8ca0 Supply Voltage Low warning 7530 TX Bias High alarm 7530 60.000 mA TX Bias Low alarm 01f4 1.000 mA TX Bias High warning 61a8 50.000 mA TX Bias Low warning 05dc 3.000 mA TX Power High alarm 1f07 -001.0001 dBm TX Power Low alarm 02c4 -011.4996 dBm TX Power High warning 18a6 -001.9997 dBm TX Power Low warning 037b -010.5012 dBm RX Power High alarm 2710 000.0000 dBm RX Power Low alarm 0028 -023.9794 dBm RX Power High warning 1f07 -001.0001 dBm RX Power Low warning 0032 -023.0102 dBm

Viewing optical transceiver thresholds

The thresholds that determine the alarm status values for an optical transceiver are set by the manufacturer of the XFP or SFP. To view the thresholds for a qualified optical transceiver in a particular port, use the show optic threshold command as shown below.

Syntax: show optic threshold port-num

For Temperature, Supply Voltage, TX Bias, TX Power, and RX Power, values are displayed for each of the following four alarm and warning settings: High alarm, Low alarm, High warning, and Low warning. The hexadecimal values are the manufacturer internal calibrations, as defined in the SFF-8472 standard. The other values indicate at what level (above the high setting or below the low setting) the system should send a warning message or an alarm. Note that these values are set by the manufacturer of the optical transceiver, and cannot be configured.

Syslog messages

The system generates Syslog messages for optical transceivers in the following circumstances:

58 PowerConnect B-Series TI24X Configuration Guide

• The temperature, supply voltage, TX Bias, TX power, or TX power value goes above or below the

high or low warning or alarm threshold set by the manufacturer.

• The optical transceiver does not support digital optical monitoring.

• The optical transceiver is not qualified, and therefore not supported by Dell.

For details about the above Syslog messages, refer to Chapter 34, “Using Syslog”.

53-1002269-02

Chapter

NOTE

Network Prefix

Interface ID

128 Bits

HHHH

HHHH HHHH HHHH HHHH HHHH HHHH HHHH

Configuring IPv6 Connectivity

IPv6 addressing overview

This chapter does not describe IPv6 routing protocols, which are covered in separate chapters throughout this guide.

IPv6 was designed to replace IPv4, the Internet protocol that is most commonly used currently throughout the world. IPv6 increases the number of network address bits from 32 (IPv4) to 128 bits, which provides more than enough unique IP addresses to support all of the network devices on the planet into the future. IPv6 is expected to quickly become the network standard.

An IPv6 address is composed of 8 fields of 16-bit hexadecimal values separated by colons (:).

Figure 1 shows the IPv6 address format.

FIGURE 1 IPv6 address format

HHHH = Hex Value 0000 – FFFF

As shown in Figure 1, HHHH is a 16-bit hexadecimal value, while H is a 4-bit hexadecimal value. The following is an example of an IPv6 address.

2001:0000:0000:0200:002D:D0FF:FE48:4672

Note that this IPv6 address includes hexadecimal fields of zeros. To make the address less cumbersome, you can do the following:

• Omit the leading zeros; for example, 2001:0:0:200:2D:D0FF:FE48:4672.

• Compress the successive groups of zeros at the beginning, middle, or end of an IPv6 address

to two colons (::) once per address; for example, 2001::200:2D:D0FF:FE48:4672.

When specifying an IPv6 address in a command syntax, keep the following in mind:

• You can use the two colons (::) only once in the address to represent the longest successive

hexadecimal fields of zeros

• The hexadecimal letters in IPv6 addresses are not case-sensitive

As shown in Figure 1, the IPv6 network prefix is composed of the left-most bits of the address. As with an IPv4 address, you can specify the IPv6 prefix using the prefix / prefix-length format, where the following applies.

The prefix parameter is specified as 16-bit hexadecimal values separated by a colon.

PowerConnect B-Series TI24X Configuration Guide 59 53-1002269-02

IPv6 addressing overview

The prefix-length parameter is specified as a decimal value that indicates the left-most bits of the IPv6 address.

The following is an example of an IPv6 prefix.

2001:FF08:49EA:D088::/64

IPv6 address types

As with IPv4 addresses, you can assign multiple IPv6 addresses to a switch interface. Ta ble 1 2 presents the three major types of IPv6 addresses that you can assign to a switch interface.

A major difference between IPv4 and IPv6 addresses is that IPv6 addresses support scope, which describes the topology in which the address may be used as a unique identifier for an interface or set of interfaces.

Unicast and multicast addresses support scoping as follows:

• Unicast addresses support two types of scope: global scope and local scope. In turn, local

scope supports site-local addresses and link-local addresses. Table 12 describes global,

site-local, and link-local addresses and the topologies in which they are used.

• Multicast addresses support a scope field, which Table 12 describes.

60 PowerConnect B-Series TI24X Configuration Guide

53-1002269-02

TABLE 12 IPv6 address types

Address

Description Address structure

type

IPv6 addressing overview

Unicast An address for a single

interface. A packet sent to a unicast address is delivered to the interface identified by the address.

Multicast An address for a set of

interfaces belonging to different nodes. Sending a packet to a multicast address results in the delivery of the packet to all interfaces in the set.

Anycast An address for a set of

interfaces belonging to different nodes. Sending a packet to an anycast address results in the delivery of the packet to the closest interface identified by the address.

Depends on the type of the unicast address:

• Aggregatable global address—An address equivalent to a global

or public IPv4 address. The address structure is as follows: a fixed prefix of 2000::/3 (001), a 45-bit global routing prefix, a 16-bit subnet ID, and a 64-bit interface ID.

• Site-local address—An address used within a site or intranet.

(This address is similar to a private IPv4 address.) A site consists of multiple network links. The address structure is as follows: a fixed prefix of FEC0::/10 (1111 1110 11), a 16-bit subnet ID, and a 64-bit interface ID.

• Link-local address—An address used between directly

connected nodes on a single network link. The address structure is as follows: a fixed prefix of FE80::/10 (1111 1110

10) and a 64-bit interface ID.

• IPv4-compatible address—An address used in IPv6 transition

mechanisms that tunnel IPv6 packets dynamically over IPv4 infrastructures. The address embeds an IPv4 address in the low-order 32 bits and the high-order 96 bits are zeros. The address structure is as follows: 0:0:0:0:0:0:A.B.C.D.

• Loopback address—An address (0:0:0:0:0:0:0:1 or ::1) that a

switch can use to send an IPv6 packet to itself. You cannot assign a loopback address to a physical interface.

• Unspecified address—An address (0:0:0:0:0:0:0:0 or ::) that a

node can use until you configure an IPv6 address for it.

A multicast address has a fixed prefix of FF00::/8 (1111 1111). The next 4 bits define the address as a permanent or temporary address. The next 4 bits define the scope of the address (node, link, site, organization, global).

An anycast address looks similar to a unicast address, because it is allocated from the unicast address space. If you assign a unicast address to multiple interfaces, it is an anycast address. An interface assigned an anycast address must be configured to recognize the address as an anycast address.

An anycast address can be assigned to a switch only. An anycast address must not be used as the source address of an

IPv6 packet.

A switch automatically configures a link-local unicast address for an interface by using the prefix of FE80::/10 (1111 1110 10) and a 64-bit interface ID. The 128-bit IPv6 address is then subjected to duplicate address detection to ensure that the address is unique on the link. If desired, you can override this automatically configured address by explicitly configuring an address.

PowerConnect B-Series TI24X Configuration Guide 61 53-1002269-02

IPv6 CLI command support

NOTE

IPv6 stateless autoconfiguration

PowerConnect devices use the IPv6 stateless autoconfiguration feature to enable a host on a local link to automatically configure its interfaces with new and globally unique IPv6 addresses associated with its location. The automatic configuration of a host interface is performed without the use of a server, such as a Dynamic Host Configuration Protocol (DHCP) server, or manual configuration.

The automatic configuration of a host interface works in the following way: a switch on a local link periodically sends switch advertisement messages containing network-type information, such as the 64-bit prefix of the local link and the default route, to all nodes on the link. When a host on the link receives the message, it takes the local link prefix from the message and appends a 64-bit interface ID, thereby automatically configuring its interface. (The 64-bit interface ID is derived from the MAC address of the host NIC.) The 128-bit IPv6 address is then subjected to duplicate address detection to ensure that the address is unique on the link.

The duplicate address detection feature verifies that a unicast IPv6 address is unique before it is assigned to a host interface by the stateless auto configuration feature. Duplicate address detection uses neighbor solicitation messages to verify that a unicast IPv6 address is unique.

For the stateless auto configuration feature to work properly, the advertised prefix length in switch advertisement messages must always be 64 bits.

The IPv6 stateless autoconfiguration feature can also automatically reconfigure a host interfaces if you change the ISP for the host network. (The host interfaces must be renumbered with the IPv6 prefix of the new ISP.)

The renumbering occurs in the following way: a switch on a local link periodically sends advertisements updated with the prefix of the new ISP to all nodes on the link. (The advertisements still contain the prefix of the old ISP.) A host can use the addresses created from the new prefix and the existing addresses created from the old prefix on the link. During this transition, the old prefix is removed from the switch advertisements. At this point, only addresses that contain the new prefix are used on the link.

IPv6 CLI command support

Tab le 13 lists the IPv6 CLI commands supported.

TABLE 13 IPv6 CLI command support

IPv6 command Description Switch code Router code

clear ipv6 cache Deletes all entries in the dynamic host cache. X

clear ipv6 neighbor Deletes all dynamic entries in the IPv6 neighbor

clear ipv6 traffic Resets all IPv6 packet counters. X X

copy tftp Downloads a copy of a Dell software image from a

debug ipv6 Displays IPv6 debug information. X X

ipv6 address Configures an IPv6 address on an interface

table.

TFTP server into the system flash using IPv6.

(router) or globally (switch)

62 PowerConnect B-Series TI24X Configuration Guide

53-1002269-02

Configuring an IPv6 host address on a Layer 2 switch

TABLE 13 IPv6 CLI command support (Continued)

IPv6 command Description Switch code Router code

ipv6 debug Enables IPv6 debugging. X X

ipv6 dns domain-name Configures an IPv6 domain name. X X

ipv6 dns server-address Configures an IPv6 DNS server address. X X

ipv6 enable Enables IPv6 on an interface. X X

ipv6 neighbor Maps a static IPv6 address to a MAC address in

the IPv6 neighbor table.

log host ipv6 Configures the IPv6 Syslog server. X X

ping ipv6 Performs an ICMP for IPv6 echo test. X X

show ipv6 Displays some global IPv6 parameters, such IPv6

DNS server address.

show ipv6 cache Displays the IPv6 host cache. X

show ipv6 interface Displays IPv6 information for an interface. X

show ipv6 neighbor Displays the IPv6 neighbor table. X X

show ipv6 tcp Displays information about IPv6 TCP sessions. X X

show ipv6 traffic Displays IPv6 packet counters. X X

snmp-client ipv6 Restricts SNMP access to a certain IPv6 node. X X

snmp-server host ipv6 Specifies the recipient of SNMP notifications. X X

sntp server ipv6 Enables the PowerConnect device to send SNTP

packets over IPv6.

telnet Enables a Telnet connection from the

PowerConnect device to a remote IPv6 host using the console.

Configuring an IPv6 host address on a Layer 2 switch

In a Layer 3 (router) configuration, each port can be configured separately with an IPv6 address. This is accomplished using the interface configuration process that is described in “Configuring

IPv6 on each router interface” on page 65.

In a Layer 2 (switch) configuration, individual ports cannot be configured with an IP address (IPv4 or IPv6). In this situation, the switch has one IP address for the management port and one IP address for the system. This has previously been supported for IPv4 but not for IPv6.

There is support for configuring an IPv6 address on the management port as described in

“Configuring the management port for an IPv6 automatic address configuration” on page 65, and

for configuring a system-wide IPv6 address on a Layer 2 switch. Configuration of the system-wide IPv6 address is exactly like configuration of an IPv6 address in router mode, except that the IPv6 configuration is at the Global Config level instead of at the Interface Config level.

The process for defining the system-wide interface for IPv6 is described in the following sections:

• “Configuring a global or site-local IPv6 address with a manually configured interface ID” on

page 64

• “Configuring a link-local IPv6 address as a system-wide address for a switch” on page 64

PowerConnect B-Series TI24X Configuration Guide 63 53-1002269-02

Configuring an IPv6 host address on a Layer 2 switch

NOTE

When configuring an Ipv6 host address on a Layer 2 switch that has multiple VLANs, make sure the configuration includes a designated management VLAN that identifies the VLAN to which the global IP address belongs. Refer to “Designated VLAN for Telnet management sessions to a Layer 2

Switch” on page 863.

Configuring a global or site-local IPv6 address with a manually configured interface ID

To configure a global or site-local IPv6 address with a manually-configured interface ID, such as a system-wide address for a switch, enter a command similar to the following at the Global Config level.

PowerConnect(config)# ipv6 address 2001:200:12D:1300:240:D0FF:FE48:4000:1/64

Syntax: ipv6 address ipv6-prefix / prefix-length

You must specify the ipv6-prefix parameter in hexadecimal using 16-bit values between colons as documented in RFC 2373.

You must specify the prefix-length parameter in decimal value. A slash mark (/) must follow the ipv6-prefix parameter and precede the prefix-length parameter.

Configuring a link-local IPv6 address as a system-wide address for a switch

To enable IPv6 and automatically configure a global interface enter commands such as the following.

PowerConnect(config)# ipv6 enable

This command enables IPv6 on the switch and specifies that the interface is assigned an automatically computed link-local address.

Syntax: [no] ipv6 enable

To override a link-local address that is automatically computed for the global interface with a manually configured address, enter a command such as the following.

PowerConnect(config)# ipv6 address FE80::240:D0FF:FE48:4672 link-local

This command explicitly configures the link-local address FE80::240:D0FF:FE48:4672 for the global interface.

Syntax: ipv6 address ipv6-address link-local

You must specify the ipv6-address parameter in hexadecimal using 16-bit values between colons as documented in RFC 2373.

The link-local keyword indicates that the router interface should use the manually configured link-local address instead of the automatically computed link-local address.

64 PowerConnect B-Series TI24X Configuration Guide

53-1002269-02

Configuring the management port for an IPv6 automatic address configuration

You can have the management port configured to automatically obtain an IPv6 address. This process is the same for any other port and is described in detail in the “Configuring a global IPv6

address with an automatically computed EUI-64 interface ID” on page 66

Configuring basic IPv6 connectivity on a Layer 3 switch

To configure basic IPv6 connectivity on a Layer 3 Switch, you must do the following:

• Configure an IPv6 address or explicitly enable IPv6 on each router interface.

All other configuration tasks in this chapter are optional..

Configuring IPv6 on each router interface

To forward IPv6 traffic on a router interface, the interface must have an IPv6 address, or IPv6 must be explicitly enabled. By default, an IPv6 address is not configured on a router interface.

If you choose to configure a global or site-local IPv6 address for an interface, IPv6 is also enabled on the interface. Further, when you configure a global or site-local IPv6 address, you must decide on one of the following in the low-order 64 bits:

• A manually configured interface ID.

• An automatically computed EUI-64 interface ID.

If you prefer to assign a link-local IPv6 address to the interface, you must explicitly enable IPv6 on the interface, which causes a link-local address to be automatically computed for the interface. If preferred, you can override the automatically configured link-local address with an address that you manually configure.

This section provides the following information:

• Configuring a global or site-local address with a manually configured or automatically

computed interface ID for an interface.

• Automatically or manually configuring a link-local address for an interface.

• Configuring IPv6 anycast addresses

Configuring a global or site-local IPv6 address on an interface

Configuring a global or site-local IPv6 address on an interface does the following:

• Automatically configures an interface ID (a link-local address), if specified.

• Enables IPv6 on that interface.

Additionally, the configured interface automatically joins the following required multicast groups for that link:

• Solicited-node multicast group FF02:0:0:0:0:1:FF00::/104 for each unicast address assigned

to the interface.

• Solicited-node for subnet anycast address for each unicast assigned address

PowerConnect B-Series TI24X Configuration Guide 65 53-1002269-02

Configuring basic IPv6 connectivity on a Layer 3 switch

• Solicited-node for anycast address FF02:0:0:0:0:1:FF00::0000

• All-nodes link-local multicast group FF02::1

• All-routers link-local multicast group FF02::2

The neighbor discovery feature sends messages to these multicast groups. For more information, refer to “Configuring IPv6 neighbor discovery” on page 77.

Configuring a global or site-local IPv6 address with a manually configured interface ID To configure a global or site-local IPv6 address, including a manually configured interface ID, for an

interface, enter commands such as the following.

PowerConnect(config)# interface ethernet 1 PowerConnect(config-if-e10000-1)# ipv6 address 2001:200:12D:1300:240:D0FF: FE48:4672:/64

These commands configure the global prefix 2001:200:12d:1300::/64 and the interface ID ::240:D0FF:FE48:4672, and enable IPv6 on Ethernet interface 1.

Syntax: ipv6 address ipv6-prefix / prefix-length

You must specify the ipv6-prefix parameter in hexadecimal using 16-bit values between colons as documented in RFC 2373.

You must specify the prefix-length parameter as a decimal value. A slash mark (/) must follow the ipv6-prefix parameter and precede the prefix-length parameter.

To configure a /122 address on a VE enter commands similar to the following.

PowerConnect(config-vlan-11)# int ve11 PowerConnect(config-vif-11)# ipv6 add 2020::1/122 PowerConnect(config-vif-11)# sh ipv6 int Routing Protocols : R - RIP O - OSPF Interface Status Routing Global Unicast Address VE 11 up/up 2020::1/122 PowerConnect(config-vif-11)# sh ipv6 route IPv6 Routing Table - 1 entries: Type Codes: C - Connected, S - Static, R - RIP, O - OSPF, B - BGP OSPF Sub Type Codes: O - Intra, Oi - Inter, O1 - Type1 external, O2 - Type2 external Type IPv6 Prefix Next Hop Router Interface Dis/Metric C 2020::/122 :: ve 11 0/0

Configuring a global IPv6 address with an automatically computed EUI-64 interface ID To configure a global IPv6 address with an automatically computed EUI-64 interface ID in the

low-order 64-bits, enter commands such as the following.

PowerConnect(config)# interface ethernet 1 PowerConnect(config-if-e10000-1)# ipv6 address 2001:200:12D:1300::/64 eui-64

These commands configure the global prefix 2001:200:12d:1300::/64 and an interface ID, and enable IPv6 on Ethernet interface 1.

Syntax: ipv6 address ipv6-prefix / prefix-length eui-64

You must specify the ipv6-prefix parameter in hexadecimal using 16-bit values between colons as documented in RFC 2373.

You must specify the prefix-length parameter as a decimal value. A slash mark (/) must follow the ipv6-prefix parameter and precede the prefix-length parameter.

66 PowerConnect B-Series TI24X Configuration Guide

53-1002269-02

Dell PowerConnect B-TI24X Quick Reference Guide

Specifications and Main Features

Frequently Asked Questions

User Manual

Contents

About This Document

Introduction

Audience

Document conventions

Text formatting

Command syntax conventions

Notes, cautions, and danger notices

Notice to the reader

Related publications

Getting technical help or reporting errors

Contacting Dell

Getting Familiar with Management Applications

Using the management port

How the management port works

CLI Commands for use with the management port

Logging on through the CLI

On-line help

Command completion

Scroll control

Line editing commands

Using and port number with CLI commands

CLI nomenclature on PowerConnectdevices

Searching and filtering output from CLI commands

Using special characters in regular expressions

Creating an alias for a CLI command

Logging on through Brocade Network Advisor

Configuring Basic Software Features

Configuring basic system parameters

Entering system administration information

Configuring Simple Network Management Protocol (SNMP) parameters

Disabling Syslog messages and traps for CLI access

Configuring an interface as the source for all Telnet packets

Cancelling an outbound Telnet session

Specifying a Simple Network Time Protocol (SNTP) server

Setting the system clock

Limiting broadcast, multicast, and unknown unicast traffic

Configuring basic port parameters

Assigning a port name

Modifying port speed and duplex mode

Auto speed detect

Modifying port duplex mode

Disabling or re-enabling a port

Disabling or re-enabling flow control

Auto-negotiation and advertisement of flow control

Configuring the Interpacket Gap (IPG)

Changing the Gbps fiber negotiation mode

Modifying port priority (QoS)

Configuring port flap dampening

Port loop detection

Operations, Administration, and Maintenance

Overview

Determining the software versions installed and running on a device

Determining the flash image version running on the device

Determining the image versions installed in flash memory

Flash image verification

Image file types

Upgrading software

Upgrading the boot code

Upgrading the flash code

Using SNMP to upgrade software

Boot code synchronization feature

Changing the block size for TFTP file transfers

Rebooting

Displaying the boot preference

Loading and saving configuration files

Replacing the startup configuration with the running configuration

Replacing the running configuration with the startup configuration

Logging changes to the startup-config file

Copying a configuration file to or from a TFTP server

Dynamic configuration loading

Scheduling a system reload

Maximum file sizes for startup-config file and running-config

Reloading at a specific time

Diagnostic error codes and remedies for TFTP transfers

Reloading after a specific amount of time