Dell EMC Networking N-Series
N1100-ON, N1500, N2000,
N2100-ON, N3000, N3000-ON,
N3100-ON, and N4000
Switches
User’s Configuration
Guide
Version 6.5.2.x - N2000/N2100-ON/N3000/N3000-ON/
N3100-ON/N4000 Series Switches
Version 6.4.x.x - N1100-ON Series Switches
Regulatory Models: E04W, E05W, E06W,
E07W, E15W, E16W, E17W, E18W,
PowerConnect 8132, PowerConnect 8132F,
PowerConnect 8164, PowerConnect 8164F
Notes and Cautions
NOTE: A NOTE indicates important information that helps you make better use of
your computer.
CAUTION: A CAUTION indicates potential damage to hardware or loss of data if
instructions are not followed.
____________
Information in this publication is subject to change without notice.
Copyright © 2018 Dell EMC Inc. All rights reserved. This product is protected by U.S. and
international copyright and intellectual property laws. Dell EMC™ and the Dell EMC logo are
trademarks of Dell EMC Inc. in the United States and/or other jurisdictions. All other marks and names
mentioned herein may be trademarks of their respective companies.
Marketing Models: N1108T-ON, N1108P-ON, N1124T-ON, N1124P-ON, N1148T-ON, N1148P-ON, N1524, N1524P, N1548, N1548P, N2024,
N2024P, N2048, N2048P, N2128PX-ON, N3024, N3024F, N3024P, N3048, N3048P, N3024EP-ON, N3024ET-ON, N3024EF-ON, N3048ET-ON,
N3048EP-ON, N3132PX-ON, N4032, N4032F, N4064, N4064F
Regulatory Models: E04W, E05W, E06W, E07W, E15W, E16W, E17W, E18W, PowerConnect 8132, PowerConnect 8132F,
PowerConnect 8164, PowerConnect 8164F
June 2018 Rev. A06
Contents
1 Introduction . . . . . . . . . . . . . . . . . . . . . . . 57
About This Document . . . . . . . . . . . . . . . . . . 57
Audience
Document Conventions
Additional Documentation
. . . . . . . . . . . . . . . . . . . . . . . . . 58
. . . . . . . . . . . . . . . . . 58
. . . . . . . . . . . . . . . . 59
2 Switch Feature Overview . . . . . . . . . . . . 61
System Management Features . . . . . . . . . . . . . 62
Multiple Management Options
System Time Management
Log Messages
System Reset
. . . . . . . . . . . . . . . . . . . 63
. . . . . . . . . . . . . . . . . . . . 63
Integrated DHCP Server
Management of Basic Network Information
IPv6 Management Features
Dual Software Images
File Management
. . . . . . . . . . . . . . . . . . 65
Switch Database Management Templates
Automatic Installation of Firmware and
Configuration
sFlow
. . . . . . . . . . . . . . . . . . . . 65
. . . . . . . . . . . . . . . . . . . . . . . . 66
SNMP Alarms and Trap Logs
CDP Interoperability Through ISDP
Remote Monitoring (RMON)
N3000 Series Advanced and Advanced-Lite
Firmware Images
. . . . . . . . . . . . . . . . . . 67
. . . . . . . . . . . 62
. . . . . . . . . . . . . 62
. . . . . . . . . . . . . . 63
. . . . 64
. . . . . . . . . . . . 64
. . . . . . . . . . . . . . . 64
. . . . 65
. . . . . . . . . . . . 66
. . . . . . . . 67
. . . . . . . . . . . . 67
Contents 3
Stacking Features . . . . . . . . . . . . . . . . . . . . 70
Mixed and Single Series Stacking
Single IP Management
. . . . . . . . . . . . . . . 71
Master Failover with Transparent Transition
Nonstop Forwarding on the Stack
Hot Add/Delete and Firmware Synchronization
. . . . . . . . . 70
. . . . 71
. . . . . . . . . 72
. . 72
Security Features
. . . . . . . . . . . . . . . . . . . . 73
Configurable Access and Authentication
. . . . . . . . . . . . . . . . . . . . . . . 73
Profiles
Password-Protected Management Access
Strong Password Enforcement
TACACS+ Client
RADIUS Support
SSH/SSL
Inbound Telnet Control
Denial of Service
Port Protection
Captive Portal
. . . . . . . . . . . . . . . . . . . 73
. . . . . . . . . . . . . . . . . . 74
. . . . . . . . . . . . . . . . . . . . . . . 74
. . . . . . . . . . . . . . . 74
. . . . . . . . . . . . . . . . . . 74
. . . . . . . . . . . . . . . . . . . 75
. . . . . . . . . . . . . . . . . . . . 76
802.1X Authentication (IEEE 802.1X)
MAC-Based 802.1X Authentication
802.1X Monitor Mode
Port Security
Access Control Lists (ACLs)
Time-Based ACLs
IP Source Guard (IPSG)
DHCP Snooping
Dynamic ARP Inspection
. . . . . . . . . . . . . . . . 77
. . . . . . . . . . . . . . . . . . . . 77
. . . . . . . . . . . . 78
. . . . . . . . . . . . . . . . . . 78
. . . . . . . . . . . . . . . 78
. . . . . . . . . . . . . . . . . . . 79
. . . . . . . . . . . . . . 79
Protected Ports (Private VLAN Edge)
. . . . 73
. . . . . . . . . . . 73
. . . . . . . . 76
. . . . . . . . . 77
. . . . . . . . 79
4 Contents
Green Technology Features
Energy Detect Mode
Energy Efficient Ethernet
Power Utilization Reporting
. . . . . . . . . . . . . . . 80
. . . . . . . . . . . . . . . . 80
. . . . . . . . . . . . . . 80
. . . . . . . . . . . . . 81
Power over Ethernet (PoE) Plus Features . . . . . . . . 81
Key PoE Plus Features for the Dell EMC Networking
N1108P-ON, N1124P-ON, N1148P-ON, N2024P,
N2048P, N2128PX-ON, N3024P, N3048P,
N3024EP-ON, N3048EP-ON, and
N3132PX-ON Switches
Power Over Ethernet (PoE) Plus Configuration
PoE Plus Support
PoE 60W Support
Powered Device Detection
PoE Power Management Modes
Power Management in Guard Band
PoE Plus Default Settings
. . . . . . . . . . . . . . . 81
. . 82
. . . . . . . . . . . . . . . . . . 82
. . . . . . . . . . . . . . . . . . 83
. . . . . . . . . . . . . 83
. . . . . . . . . . 83
. . . . . . . . 85
. . . . . . . . . . . . . . 86
Switching Features
Flow Control Support (IEEE 802.3x)
Head of Line Blocking Prevention
Alternate Store and Forward (ASF)
Jumbo Frames Support
Auto-MDI/MDIX Support
. . . . . . . . . . . . . . . . . . . 88
. . . . . . . . . 88
. . . . . . . . . 88
. . . . . . . . . 88
. . . . . . . . . . . . . . . 88
. . . . . . . . . . . . . . 89
VLAN-Aware MAC-based Switching
Back Pressure Support
Auto-negotiation
Storm Control
Port Mirroring
. . . . . . . . . . . . . . . . . . . . 90
. . . . . . . . . . . . . . . . . . . . 90
. . . . . . . . . . . . . . . 89
. . . . . . . . . . . . . . . . . . 90
Static and Dynamic MAC Address Tables
Link Layer Discovery Protocol (LLDP)
Link Layer Discovery Protocol (LLDP) for Media
Endpoint Devices
. . . . . . . . . . . . . . . . . . 91
Connectivity Fault Management (IEEE 802.1ag)
Priority-based Flow Control (PFC)
. . . . . . . . . 92
Data Center Bridging Exchange (DBCx)
Protocol
Enhanced Transmission Selection
Cisco Protocol Filtering
. . . . . . . . . . . . . . . . . . . . . . . 93
. . . . . . . . . 93
. . . . . . . . . . . . . . . 93
. . . . . . . . 89
. . . . . 91
. . . . . . . 91
. . 92
Contents 5
DHCP Layer-2 Relay. . . . . . . . . . . . . . . . . 94
Virtual Local Area Network Supported Features
VLAN Support
Port-Based VLANs
IP Subnet-based VLAN
MAC-based VLAN
IEEE 802.1v Protocol-Based VLANs
Voice VLAN
GARP and GVRP Support
Guest VLAN
Unauthorized VLAN
Double VLANs
Spanning Tree Protocol Features
Spanning Tree Protocol (STP)
Spanning Tree Port Settings
Rapid Spanning Tree
Multiple Spanning Tree
Bridge Protocol Data Unit (BPDU) Guard
BPDU Filtering
RSTP-PV and STP-PV
Link Aggregation Features
Link Aggregation
Link Aggregate Control Protocol (LACP)
Multi-Switch LAG (MLAG)
. . . . . . . . . . . . . . . . . . . . 95
. . . . . . . . . . . . . . . . . 95
. . . . . . . . . . . . . . . 95
. . . . . . . . . . . . . . . . . . 95
. . . . . . . . . 95
. . . . . . . . . . . . . . . . . . . . . 96
. . . . . . . . . . . . . . 96
. . . . . . . . . . . . . . . . . . . . . 96
. . . . . . . . . . . . . . . . . 96
. . . . . . . . . . . . . . . . . . . . 96
. . . . . . . . . . . . 98
. . . . . . . . . . . 98
. . . . . . . . . . . . 98
. . . . . . . . . . . . . . . . 98
. . . . . . . . . . . . . . . 98
. . . . . . 99
. . . . . . . . . . . . . . . . . . . . 99
. . . . . . . . . . . . . . . . 99
. . . . . . . . . . . . . . . . 100
. . . . . . . . . . . . . . . . . . 100
. . . . . . 101
. . . . . . . . . . . . . 101
. . . . 95
6 Contents
Routing Features
. . . . . . . . . . . . . . . . . . . . . 102
Address Resolution Protocol (ARP) Table
Management
VLAN Routing
IP Configuration
. . . . . . . . . . . . . . . . . . . . 102
. . . . . . . . . . . . . . . . . . . . 102
. . . . . . . . . . . . . . . . . . . 102
Open Shortest Path First (OSPF)
Border Gateway Protocol (BGP)
. . . . . . . . . . 103
. . . . . . . . . . 103
Virtual Routing and Forwarding (VRF) . . . . . . . 103
BOOTP/DHCP Relay Agent
IP Helper and DHCP Relay
Routing Information Protocol
Router Discovery
Routing Table
. . . . . . . . . . . . . . . . . . 104
. . . . . . . . . . . . . . . . . . . . 104
Virtual Router Redundancy Protocol (VRRP)
Tunnel and Loopback Interfaces
. . . . . . . . . . . . . 104
. . . . . . . . . . . . . 104
. . . . . . . . . . . . 104
. . . . 105
. . . . . . . . . . 105
IPv6 Routing Features
IPv6 Configuration
IPv6 Routes
. . . . . . . . . . . . . . . . . . . . . . . 106
OSPFv3
DHCPv6
Quality of Service (QoS) Features
Differentiated Services (DiffServ)
Class Of Service (CoS)
Auto Voice over IP (VoIP)
. . . . . . . . . . . . . . . . . . 106
. . . . . . . . . . . . . . . . . 106
. . . . . . . . . . . . . . . . . . . . . 106
. . . . . . . . . . . . . . . . . . . . . . . 106
. . . . . . . . . . . . 107
. . . . . . . . . 107
. . . . . . . . . . . . . . . 107
. . . . . . . . . . . . . . 107
Internet Small Computer System Interface
(iSCSI) Optimization
Layer-2 Multicast Features
MAC Multicast Support
IGMP Snooping
IGMP Snooping Querier
MLD Snooping
Multicast VLAN Registration
Layer-3 Multicast Features
. . . . . . . . . . . . . . . . . 108
. . . . . . . . . . . . . . . 108
. . . . . . . . . . . . . . . 108
. . . . . . . . . . . . . . . . . . . 108
. . . . . . . . . . . . . . 109
. . . . . . . . . . . . . . . . . . . 109
. . . . . . . . . . . . 109
. . . . . . . . . . . . . . . 110
Distance Vector Multicast Routing Protocol
Internet Group Management Protocol
IGMP Proxy
. . . . . . . . . . . . . . . . . . . . . 110
Protocol Independent Multicast—Dense Mode
. . . . 110
. . . . . . . 110
. . 110
Contents 7
Protocol Independent Multicast—Sparse
Mode
. . . . . . . . . . . . . . . . . . . . . . . . 111
Protocol Independent Multicast—Source
Specific Multicast
Protocol Independent Multicast IPv6 Support
MLD/MLDv2 (RFC2710/RFC3810)
. . . . . . . . . . . . . . . . . . 111
. . . 111
. . . . . . . . . . 111
3 Hardware Overview . . . . . . . . . . . . . . . . 113
Dell EMC Networking N1100-ON Series Switch
Hardware
Dell EMC Networking N1500 Series Switch
Hardware
. . . . . . . . . . . . . . . . . . . . . . . . . 113
Front Panel
Power Supply
Ventilation System
Thermal Shutdown
LED Definitions
Power Consumption for PoE Switches
Wall Installation
Front Panel
Back Panel
LED Definitions
Power Consumption for PoE Switches
. . . . . . . . . . . . . . . . . . . . . 113
. . . . . . . . . . . . . . . . . . . . 116
. . . . . . . . . . . . . . . . . 116
. . . . . . . . . . . . . . . . . 116
. . . . . . . . . . . . . . . . . . . 116
. . . . . . . 120
. . . . . . . . . . . . . . . . . . . 121
. . . . . . . . . . . . . . . . . . . . . . . . . 123
. . . . . . . . . . . . . . . . . . . . . 123
. . . . . . . . . . . . . . . . . . . . . 126
. . . . . . . . . . . . . . . . . . . 128
. . . . . . . 130
8 Contents
Dell EMC Networking N2000 Series Switch
Hardware
. . . . . . . . . . . . . . . . . . . . . . . . . 132
Front Panel
Back Panel
LED Definitions
Power Consumption for PoE Switches
. . . . . . . . . . . . . . . . . . . . . 132
. . . . . . . . . . . . . . . . . . . . . 135
. . . . . . . . . . . . . . . . . . . 137
. . . . . . . 140
Dell EMC Networking N2100-ON Series Switch
Hardware
. . . . . . . . . . . . . . . . . . . . . . . . . 142
Front Panel . . . . . . . . . . . . . . . . . . . . . 142
Back Panel
LED Definitions
Power Consumption for PoE Switches
. . . . . . . . . . . . . . . . . . . . . 144
. . . . . . . . . . . . . . . . . . . 144
. . . . . . . 148
Dell EMC Networking N3000/N3000E-ON Series
Switch Hardware
Front Panel
Back Panel
LED Definitions
Power Consumption for PoE Switches
. . . . . . . . . . . . . . . . . . . . 151
. . . . . . . . . . . . . . . . . . . . . 151
. . . . . . . . . . . . . . . . . . . . . 157
. . . . . . . . . . . . . . . . . . . 159
. . . . . . . 164
Dell EMC Networking N3100-ON Series Switch
Hardware
. . . . . . . . . . . . . . . . . . . . . . . . . 166
Front Panel
Back Panel
LED Definitions
Power Consumption for PoE Switches
PoE Power Budget Limit
. . . . . . . . . . . . . . . . . . . . . 166
. . . . . . . . . . . . . . . . . . . . . 168
. . . . . . . . . . . . . . . . . . . 168
. . . . . . . 173
. . . . . . . . . . . . . . 175
Dell EMC Networking N4000 Series Switch
Hardware
. . . . . . . . . . . . . . . . . . . . . . . . . 176
Front Panel
Back Panel
LED Definitions
. . . . . . . . . . . . . . . . . . . . . 176
. . . . . . . . . . . . . . . . . . . . . 180
. . . . . . . . . . . . . . . . . . . 182
Switch MAC Addresses
. . . . . . . . . . . . . . . . . 186
4 Using Dell EMC OpenManage Switch
Administrator
About Dell EMC OpenManage Switch Administrator . 189
Starting the Application
Understanding the Interface
. . . . . . . . . . . . . . . . . . . . . 189
. . . . . . . . . . . . . . . . . 190
. . . . . . . . . . . . . . . 191
Contents 9
Using the Switch Administrator Buttons and Links . . . 193
Defining Fields
Understanding the Device View
Using the Device View Port Features
. . . . . . . . . . . . . . . . . . . . . . 194
. . . . . . . . . . . . . 194
. . . . . . . . 194
Using the Device View Switch Locator
Feature
. . . . . . . . . . . . . . . . . . . . . . . 195
5 Using the Command-Line Interface . . . . 197
Accessing the Switch Through the CLI . . . . . . . . . 197
Console Connection
Telnet Connection
Understanding Command Modes
Entering CLI Commands
Using the Question Mark to Get Help
Using Command Completion
Entering Abbreviated Commands
Negating Commands
Command Output Paging
Understanding Error Messages
Recalling Commands from the History Buffer
. . . . . . . . . . . . . . . . . 197
. . . . . . . . . . . . . . . . . . 198
. . . . . . . . . . . . 199
. . . . . . . . . . . . . . . . . 201
. . . . . . . . 201
. . . . . . . . . . . . 202
. . . . . . . . . . 202
. . . . . . . . . . . . . . . . 202
. . . . . . . . . . . . . . 202
. . . . . . . . . . 203
. . . 203
6 Default Settings . . . . . . . . . . . . . . . . . . . 205
7 Setting the IP Address and Other
Basic Network Information
10 Contents
. . . . . . . . . . 209
IP Address and Network Information Overview . . . . 209
What Is the Basic Network Information?
. . . . . . 209
Why Is Basic Network Information Needed? . . . 210
How Is Basic Network Information Configured?
. . 211
What Is Out-of-Band Management and In-Band
Management?
. . . . . . . . . . . . . . . . . . . 211
Default Network Information
Configuring Basic Network Information (Web)
Out-of-Band Interface
. . . . . . . . . . . . . . 214
. . . . . 215
. . . . . . . . . . . . . . . 215
IP Interface Configuration (Default VLAN IP
Address)
. . . . . . . . . . . . . . . . . . . . . . 216
Route Entry Configuration (Switch Default
Gateway)
Domain Name Server
Default Domain Name
Host Name Mapping
Dynamic Host Name Mapping
Configuring Basic Network Information (CLI)
Enabling the DHCP Client on the OOB Port
. . . . . . . . . . . . . . . . . . . . . . 218
. . . . . . . . . . . . . . . . 220
. . . . . . . . . . . . . . . 221
. . . . . . . . . . . . . . . . 222
. . . . . . . . . . . 223
. . . . . . 224
. . . . . 224
Enabling the DHCP Client on the Default VLAN
Managing DHCP Leases
. . . . . . . . . . . . . . 225
Configuring Static Network Information on the
OOB Port . . . . . . . . . . . . . . . . . . . . . . 226
Configuring Static Network Information on the
Default VLAN . . . . . . . . . . . . . . . . . . . . 227
Configuring and Viewing Additional Network
Information
. . . . . . . . . . . . . . . . . . . . . 228
. . 224
Basic Network Information Configuration Examples
Configuring Network Information Using the
OOB Port
. . . . . . . . . . . . . . . . . . . . . . 230
Configuring Network Information Using the
Serial Interface
. . . . . . . . . . . . . . . . . . . 232
Contents 11
. . 230
8 Managing QSFP Ports . . . . . . . . . . . . . . 235
9 Stacking . . . . . . . . . . . . . . . . . . . . . . . . . 237
Stacking Overview. . . . . . . . . . . . . . . . . . . . 237
Dell EMC Networking N1124-ON/N1148-ON,
N1500, N2000, N2100-ON, N3000, N3000E-ON,
N3100-ON, and N4000 Stacking Compatibility
How is the Stack Master Selected?
Adding a Switch to the Stack
Removing a Switch from the Stack
. . . . . . . . 243
. . . . . . . . . . . . 245
. . . . . . . . . 246
How is the Firmware Updated on the Stack?
What is Stacking Standby?
What is Nonstop Forwarding?
. . . . . . . . . . . . . 247
. . . . . . . . . . . 247
Switch Stack MAC Addressing and Stack
Design Considerations
. . . . . . . . . . . . . . . 250
NSF Network Design Considerations
Why is Stacking Needed?
. . . . . . . . . . . . . 251
. . . 243
. . . . 246
. . . . . . . . 251
12 Contents
Default Stacking Values
. . . . . . . . . . . . . . . . . 252
Managing and Monitoring the Stack (Web)
Unit Configuration
Stack Summary
Stack Firmware Synchronization
Supported Switches
Stack Port Summary
Stack Port Counters
Stack Port Diagnostics
NSF Summary
Checkpoint Statistics
Managing the Stack (CLI)
. . . . . . . . . . . . . . . . . . 253
. . . . . . . . . . . . . . . . . . . 254
. . . . . . . . . . 255
. . . . . . . . . . . . . . . . 256
. . . . . . . . . . . . . . . . 257
. . . . . . . . . . . . . . . . . 258
. . . . . . . . . . . . . . . 258
. . . . . . . . . . . . . . . . . . . . 259
. . . . . . . . . . . . . . . . 260
. . . . . . . . . . . . . . . . 261
Configuring Stack Member, Stack Port, SFS
. . . . . . . 253
and NSF Settings . . . . . . . . . . . . . . . . . . 261
Viewing and Clearing Stacking and NSF
Information
. . . . . . . . . . . . . . . . . . . . . 263
Connecting to the Management Console from
a Stack Member
. . . . . . . . . . . . . . . . . . 264
Stacking and NSF Usage Scenarios
Basic Failover
. . . . . . . . . . . . . . . . . . . . 264
Preconfiguring a Stack Member
NSF in the Data Center
NSF and VoIP
. . . . . . . . . . . . . . . . . . . . 269
NSF and DHCP Snooping
NSF and the Storage Access Network
NSF and Routed Access
. . . . . . . . . . . 264
. . . . . . . . . . 266
. . . . . . . . . . . . . . . 268
. . . . . . . . . . . . . . 270
. . . . . . . 271
. . . . . . . . . . . . . . 273
10 Authentication, Authorization, and
Accounting
AAA Introduction . . . . . . . . . . . . . . . . . . . . 275
Authentication
. . . . . . . . . . . . . . . . . . . . . . 275
Methods
Method Lists
Access Lines
Enabling SSH Access
Access Lines (AAA)
Access Lines (Non-AAA)
Authentication Types
Authentication Manager
Using RADIUS
. . . . . . . . . . . . . . . . . . . . . . 276
. . . . . . . . . . . . . . . . . . . . 277
. . . . . . . . . . . . . . . . . . . . 278
. . . . . . . . . . . . . . . . 279
. . . . . . . . . . . . . . . . 279
. . . . . . . . . . . . . . 280
. . . . . . . . . . . . . . . . . . . . . . 281
. . . . . . . . . . . . . . . . 281
. . . . . . . . . . . . . . 282
. . . . . . . . . . . . . . . . . . . . 288
Using TACACS+ Servers to Control Management
Access . . . . . . . . . . . . . . . . . . . . . . . 293
Dynamic ACL Overview
Authentication Examples
. . . . . . . . . . . . . . . 295
. . . . . . . . . . . . . . 302
Contents 13
Public Key SSH Authentication Example . . . . . . 310
Associating a User With an SSH Key
. . . . . . . . 318
Authorization
Exec Authorization Capabilities
Authorization Examples
. . . . . . . . . . . . . . . . . . . . . . . 320
. . . . . . . . . . . 320
. . . . . . . . . . . . . . . 322
RADIUS Change of Authorization
TACACS Authorization
Accounting
. . . . . . . . . . . . . . . . . . . . . . . . 332
RADIUS Accounting
IEEE 802.1X
. . . . . . . . . . . . . . . . . . . . . . . . 334
What is IEEE 802.1X?
. . . . . . . . . . . . . . . 328
. . . . . . . . . . . . . . . . 332
. . . . . . . . . . . . . . . . 334
What are the 802.1X Port Authentication
Modes?
. . . . . . . . . . . . . . . . . . . . . . . 335
What is MAC-Based 802.1X Authentication?
What is the Role of 802.1X in VLAN
Assignment?
What is Monitor Mode?
. . . . . . . . . . . . . . . . . . . . 339
. . . . . . . . . . . . . . . 341
How Does the Authentication Server Assign
DiffServ Policy or ACLs?
. . . . . . . . . . . . . . 343
What is the Internal Authentication Server?
Default 802.1X Values
Configuring IEEE 802.1X (Web)
. . . . . . . . . . . . . . . . 344
. . . . . . . . . . . 345
. . . . . . . . . . 324
. . . . 336
. . . . 344
14 Contents
Captive Portal
Captive Portal Overview
. . . . . . . . . . . . . . . . . . . . . . 370
. . . . . . . . . . . . . . 370
Default Captive Portal Behavior and Settings
Configuring Captive Portal (Web)
Configuring Captive Portal (CLI)
. . . . . . . . . . 396
Captive Portal Configuration Example
In Case Of Problems in Captive Portal
Deployment
. . . . . . . . . . . . . . . . . . . . . 406
. . . 378
. . . . . . . . . . 380
. . . . . . . 402
11 Monitoring and Logging System
Information
System Monitoring Overview . . . . . . . . . . . . . . 407
. . . . . . . . . . . . . . . . . . . . . . 407
What System Information Is Monitored?
Why Is System Information Needed?
Where Are Log Messages Sent?
What Are the Severity Levels?
. . . . . . . . . . 408
. . . . . . . . . . . 409
What Are the System Startup and Operation
Logs? . . . . . . . . . . . . . . . . . . . . . . . . 409
What Is the Log Message Format?
. . . . . . . . . 410
What Factors Should Be Considered When
Configuring Logging?
. . . . . . . . . . . . . . . . 412
. . . . . . 407
. . . . . . . 408
Default Log Settings
. . . . . . . . . . . . . . . . . . . 413
Monitoring System Information and Configuring
Logging (Web)
Device Information
System Health
System Resources
Unit Power Usage History
Integrated Cable Test for Copper Cables
Optical Transceiver Diagnostics
Log Global Settings
RAM Log
Log File
SYSLOG Server
Email Alert Global Configuration
Email Alert Mail Server Configuration
Email Alert Subject Configuration
Email Alert To Address Configuration
Email Alert Statistics
. . . . . . . . . . . . . . . . . . . . . . 414
. . . . . . . . . . . . . . . . . 414
. . . . . . . . . . . . . . . . . . . 416
. . . . . . . . . . . . . . . . . 417
. . . . . . . . . . . . . 418
. . . . . . 419
. . . . . . . . . . 420
. . . . . . . . . . . . . . . . . 421
. . . . . . . . . . . . . . . . . . . . . . 422
. . . . . . . . . . . . . . . . . . . . . . . 424
. . . . . . . . . . . . . . . . . . . 424
. . . . . . . . . . 427
. . . . . . . 427
. . . . . . . . . 429
. . . . . . . 430
. . . . . . . . . . . . . . . . 430
Contents 15
Monitoring System Information and Configuring
Logging (CLI)
. . . . . . . . . . . . . . . . . . . . . . . 432
Viewing System Information and Enabling the
Locator LED
Running Cable Diagnostics
Configuring Local Logging
Configuring Remote Logging
Configuring Mail Server Settings
. . . . . . . . . . . . . . . . . . . . . 432
. . . . . . . . . . . . . 432
. . . . . . . . . . . . . 434
. . . . . . . . . . . . 435
. . . . . . . . . . 436
Configuring Email Alerts for Log Messages
. . . . 437
Logging Configuration Examples
Configuring Local and Remote Logging
Configuring Email Alerting
. . . . . . . . . . . . 439
. . . . . . 439
. . . . . . . . . . . . . 442
12 Managing General System Settings . . . 445
System Settings Overview . . . . . . . . . . . . . . . . 445
Why Does System Information Need to Be
Configured?
What Are SDM Templates?
Why is the System Time Needed?
How Does SNTP Work?
What Configuration Is Required for Plug-In
Modules?
Default General System Information
Configuring General System Settings (Web)
System Information
CLI Banner
SDM Template Preference
Clock
SNTP Global Settings
SNTP Authentication
SNTP Server
. . . . . . . . . . . . . . . . . . . . . 447
. . . . . . . . . . . . . 447
. . . . . . . . . 450
. . . . . . . . . . . . . . . 450
. . . . . . . . . . . . . . . . . . . . . . 451
. . . . . . . . . . 451
. . . . . . 452
. . . . . . . . . . . . . . . . . 452
. . . . . . . . . . . . . . . . . . . . . 455
. . . . . . . . . . . . . 456
. . . . . . . . . . . . . . . . . . . . . . . . 457
. . . . . . . . . . . . . . . . 458
. . . . . . . . . . . . . . . . 459
. . . . . . . . . . . . . . . . . . . . 461
16 Contents
Summer Time Configuration . . . . . . . . . . . . 464
Time Zone Configuration
Card Configuration
Slot Summary
. . . . . . . . . . . . . . . . . . . . 467
Supported Cards
Power Over Ethernet Global Configuration
Power Over Ethernet Unit Configuration
Power Over Ethernet Interface Configuration
. . . . . . . . . . . . . . 465
. . . . . . . . . . . . . . . . . 466
. . . . . . . . . . . . . . . . . . 468
. . . . . 469
. . . . . . 470
. . . 471
Configuring System Settings (CLI)
Configuring System Information
Configuring the Banner
Managing the SDM Template
. . . . . . . . . . . . 473
. . . . . . . . . . 473
. . . . . . . . . . . . . . . 474
. . . . . . . . . . . 475
Configuring SNTP Authentication and an SNTP
Server. . . . . . . . . . . . . . . . . . . . . . . . 475
Setting the System Time and Date Manually
Configuring the Expansion Slots (Dell EMC
Networking N3000/N3100-ON/N4000 Series
. . . . . . . . . . . . . . . . . . . . . . . . . 478
Only)
Viewing Slot Information (Dell EMC Networking
N4000 Series Only)
. . . . . . . . . . . . . . . . . 479
Configuring PoE Settings (Dell EMC Networking
N1108P-ON/ N1124P-ON/ N1148P-ON,
N1524P/N1548P, N2024P/N2048P/N2128PX-ON,
N3024P/N3048P/N3048EP-ON/N3132PX-ON
. . . . . . . . . . . . . . . . . . . . . . . . . 479
Only)
General System Settings Configuration Examples
Configuring System and Banner Information
Configuring SNTP
Configuring the Time Manually
. . . . . . . . . . . . . . . . . . 484
. . . . . . . . . . . 486
. . . . 477
. . . 481
. . . 481
13 SNMP. . . . . . . . . . . . . . . . . . . . . . . . . . . 487
SNMP Overview . . . . . . . . . . . . . . . . . . . . . 487
Contents 17
What Is SNMP? . . . . . . . . . . . . . . . . . . . 487
What Are SNMP Traps?
Why Is SNMP Needed?
. . . . . . . . . . . . . . 488
. . . . . . . . . . . . . . . 489
Default SNMP Values
Configuring SNMP (Web)
SNMP Global Parameters
SNMP View Settings
Access Control Group
SNMPv3 User Security Model (USM)
Communities
Notification Filter
Notification Recipients
Trap Flags
OSPFv2 Trap Flags
OSPFv3 Trap Flags
Trap Log
Configuring SNMP (CLI)
Configuring the SNMPv3 Engine ID
. . . . . . . . . . . . . . . . . . 489
. . . . . . . . . . . . . . . . 491
. . . . . . . . . . . . . 491
. . . . . . . . . . . . . . . . 492
. . . . . . . . . . . . . . . 494
. . . . . . . 496
. . . . . . . . . . . . . . . . . . . . 499
. . . . . . . . . . . . . . . . . . 501
. . . . . . . . . . . . . . . 502
. . . . . . . . . . . . . . . . . . . . . . 504
. . . . . . . . . . . . . . . . . 505
. . . . . . . . . . . . . . . . . 506
. . . . . . . . . . . . . . . . . . . . . . . 507
. . . . . . . . . . . . . . . . . 509
. . . . . . . . . 509
Configuring SNMP Views, Groups, and Users
Configuring Communities
. . . . . . . . . . . . . . 513
Configuring SNMP Notifications (Traps and
Informs) . . . . . . . . . . . . . . . . . . . . . . . 515
SNMP Configuration Examples
Configuring SNMPv1 and SNMPv2
. . . . . . . . . . . . . 518
. . . . . . . . . 518
Configuring SNMP Management Station
. . . . . . . . . . . . . . . . . . . . . . . 519
Access
Configuring SNMPv3
. . . . . . . . . . . . . . . . 520
. . . 510
14 Images and File Management . . . . . . . . 525
18 Contents
Image and File Management Overview . . . . . . . . . 525
What Files Can Be Managed? . . . . . . . . . . . 525
Why Is File Management Needed?
. . . . . . . . . 527
What Methods Are Supported for File
Management?
. . . . . . . . . . . . . . . . . . . 530
What Factors Should Be Considered When
Managing Files?
How Is the Running Configuration Saved?
. . . . . . . . . . . . . . . . . . 531
. . . . . 534
Managing Images and Files (Web)
File System
Active Images
USB Flash Drive
File Download
File Upload
Copy Files
. . . . . . . . . . . . . . . . . . . . . 535
. . . . . . . . . . . . . . . . . . . . 536
. . . . . . . . . . . . . . . . . . . 537
. . . . . . . . . . . . . . . . . . . . 538
. . . . . . . . . . . . . . . . . . . . . 540
. . . . . . . . . . . . . . . . . . . . . . 542
Managing Images and Files (CLI)
. . . . . . . . . . . 535
. . . . . . . . . . . . 543
Downloading and Activating a New Image
. . . . . . . . . . . . . . . . . . . . . . . . 544
(TFTP)
Managing Files in Internal Flash
. . . . . . . . . . 545
Managing Files on a USB Flash Device
Uploading a Configuration File (SCP)
. . . . . . . . 547
Managing Configuration Scripts (SFTP)
File and Image Management Configuration
Examples
. . . . . . . . . . . . . . . . . . . . . . . . . 549
Upgrading the Firmware
Managing Configuration Scripts
. . . . . . . . . . . . . . 549
. . . . . . . . . . 552
Managing Files by Using the USB Flash Drive
. . . . . . 546
. . . . . . 548
. . . 554
15 DHCP and USB Auto-Configuration. . . . 557
Auto Configuration Overview . . . . . . . . . . . . . . 557
What Is USB Auto Configuration?
. . . . . . . . . 558
Contents 19
What Files Does USB Auto Configuration Use? . . 558
How Does USB Auto Configuration Use the
Files on the USB Device?
What Is the Setup File Format?
. . . . . . . . . . . . . . 559
. . . . . . . . . . . 561
What Is the DHCP Auto Configuration
Process?
. . . . . . . . . . . . . . . . . . . . . . 561
Monitoring and Completing the DHCP Auto
Configuration Process
. . . . . . . . . . . . . . . 567
What Are the Dependencies for DHCP Auto
Configuration?
. . . . . . . . . . . . . . . . . . . . 568
Default Auto Configuration Values
Managing Auto Configuration (Web)
Auto-Install Configuration
Managing Auto Configuration (CLI)
Managing Auto Configuration
Auto Configuration Example
. . . . . . . . . . . 570
. . . . . . . . . . 571
. . . . . . . . . . . . . 571
. . . . . . . . . . . 572
. . . . . . . . . . . 572
. . . . . . . . . . . . . . . 573
Enabling USB Auto Configuration and Auto
Image Download
. . . . . . . . . . . . . . . . . . 573
Enabling DHCP Auto Configuration and Auto
Image Download
Easy Firmware Upgrade via USB
. . . . . . . . . . . . . . . . . . 574
. . . . . . . . . . 576
16 Monitoring Switch Traffic . . . . . . . . . . . 577
Traffic Monitoring Overview. . . . . . . . . . . . . . . 577
What is sFlow Technology?
What is RMON?
. . . . . . . . . . . . . . . . . . . 580
What is Port Mirroring?
Port Mirroring Behaviors
. . . . . . . . . . . . . . . . . . . . . . . 585
RSPAN
. . . . . . . . . . . . . 577
. . . . . . . . . . . . . . . 581
. . . . . . . . . . . . . . 583
20 Contents
Remote Capture. . . . . . . . . . . . . . . . . . . 586
Why is Traffic Monitoring Needed?
. . . . . . . . 587
Default Traffic Monitoring Values
Monitoring Switch Traffic (Web)
sFlow Agent Summary
. . . . . . . . . . . . . . . 588
sFlow Receiver Configuration
sFlow Sampler Configuration
sFlow Poll Configuration
Interface Statistics
Etherlike Statistics
GVRP Statistics
EAP Statistics
. . . . . . . . . . . . . . . . . . . . 595
Utilization Summary
Counter Summary
Switchport Statistics
RMON Statistics
. . . . . . . . . . . . . . 591
. . . . . . . . . . . . . . . . . 592
. . . . . . . . . . . . . . . . . 593
. . . . . . . . . . . . . . . . . . . 594
. . . . . . . . . . . . . . . . 596
. . . . . . . . . . . . . . . . . . 597
. . . . . . . . . . . . . . . . 598
. . . . . . . . . . . . . . . . . . 599
RMON History Control Statistics
RMON History Table
RMON Event Control
RMON Event Log
RMON Alarms
Port Statistics
LAG Statistics
Port Mirroring
. . . . . . . . . . . . . . . . 602
. . . . . . . . . . . . . . . . 603
. . . . . . . . . . . . . . . . . . 605
. . . . . . . . . . . . . . . . . . . . 606
. . . . . . . . . . . . . . . . . . . . 608
. . . . . . . . . . . . . . . . . . . . 609
. . . . . . . . . . . . . . . . . . . . 610
. . . . . . . . . . . . 587
. . . . . . . . . . . . 588
. . . . . . . . . . . 589
. . . . . . . . . . . . 590
. . . . . . . . . . 599
Monitoring Switch Traffic (CLI)
Configuring sFlow
Configuring RMON
Viewing Statistics
. . . . . . . . . . . . . . . . . . 612
. . . . . . . . . . . . . . . . . 614
. . . . . . . . . . . . . . . . . . 616
Configuring Port Mirroring
Configuring RSPAN
. . . . . . . . . . . . . . . . . 618
Traffic Monitoring Examples
Showing Interface Traffic
. . . . . . . . . . . . . 612
. . . . . . . . . . . . . 617
. . . . . . . . . . . . . . 622
. . . . . . . . . . . . . 622
Contents 21
Configuring sFlow . . . . . . . . . . . . . . . . . . 623
Configuring RMON
Configuring Remote Capture
Configuring RSPAN
. . . . . . . . . . . . . . . . . 625
. . . . . . . . . . . . 626
. . . . . . . . . . . . . . . . . 631
17 iSCSI Optimization . . . . . . . . . . . . . . . . . 635
iSCSI Optimization Overview . . . . . . . . . . . . . . 635
What Does iSCSI Optimization Do?
What Occurs When iSCSI Optimization Is
Enabled or Disabled?
. . . . . . . . . . . . . . . . 636
How Does the Switch Detect iSCSI Traffic
. . . . . . . . . . . . . . . . . . . . . . . . 636
Flows?
How Is Quality of Service Applied to iSCSI Traffic
. . . . . . . . . . . . . . . . . . . . . . . . 636
Flows?
How Does iSCSI Optimization Use ACLs?
What Information Does the Switch Track in iSCSI
Traffic Flows?
. . . . . . . . . . . . . . . . . . . . 637
How Does iSCSI Optimization Interact With Dell
EqualLogic and Compellant Arrays? . . . . . . . . 639
How Does iSCSI Optimization Interact with Other
SAN Arrays? . . . . . . . . . . . . . . . . . . . . 639
How Does iSCSI Optimization Interact with
. . . . . . . . . . . . . . . . . . . . . . . . 640
DCBx?
iSCSI CoS and Priority Flow Control/Enhanced
Transmission Selection Interactions
. . . . . . . . . 635
. . . . . 637
. . . . . . . . 641
22 Contents
Default iSCSI Optimization Values
Configuring iSCSI Optimization (Web)
iSCSI Global Configuration
Configuring iSCSI Optimization (CLI)
. . . . . . . . . . . 642
. . . . . . . . . . 643
. . . . . . . . . . . . . 643
. . . . . . . . . . 644
iSCSI Optimization Configuration Examples
. . . . . . 645
Configuring iSCSI Optimization Between Servers
and a Disk Array
. . . . . . . . . . . . . . . . . . 645
18 Port Characteristics . . . . . . . . . . . . . . . 649
Port Overview . . . . . . . . . . . . . . . . . . . . . . 649
What Physical Port Characteristics Can Be
Configured?
Auto-Negotiation
Maximum Transmission Unit
What is Link Dependency?
What Interface Types are Supported?
What is Interface Configuration Mode?
What Are the Green Ethernet Features?
Switchport Modes
. . . . . . . . . . . . . . . . . . . . . 649
. . . . . . . . . . . . . . . . . . 651
. . . . . . . . . . . . 651
. . . . . . . . . . . . . 652
. . . . . . . 654
. . . . . . 654
. . . . . . 656
. . . . . . . . . . . . . . . . . 657
Default Port Values
. . . . . . . . . . . . . . . . . . . 658
Configuring Port Characteristics (Web)
Port Configuration
Link Dependency Configuration
Link Dependency Summary
. . . . . . . . . . . . . . . . . 660
. . . . . . . . . . 663
. . . . . . . . . . . . 665
Port Green Ethernet Configuration
Port Green Ethernet Statistics
Port Green Ethernet LPI History
. . . . . . . . . . . 667
. . . . . . . . . . 669
Configuring Port Characteristics (CLI)
Configuring Port Settings
Configuring Link Dependencies
Configuring Green Features
Port Configuration Examples
Configuring Port Settings
. . . . . . . . . . . . . . 670
. . . . . . . . . . 672
. . . . . . . . . . . . 673
. . . . . . . . . . . . . . 674
. . . . . . . . . . . . . . 674
Configuring a Link Dependency Groups
Configuring a Port in Access Mode
. . . . . . . . . 660
. . . . . . . . . 666
. . . . . . . . . 670
. . . . . . 675
. . . . . . . . 675
Contents 23
Configuring a Port in Trunk Mode . . . . . . . . . 676
Configuring a Port in General Mode
. . . . . . . . 679
19 Port and System Security . . . . . . . . . . . 681
Port Security . . . . . . . . . . . . . . . . . . . . . . . 681
Denial of Service
. . . . . . . . . . . . . . . . . . . . . 688
20 Access Control Lists . . . . . . . . . . . . . . . 689
ACL Overview . . . . . . . . . . . . . . . . . . . . . . 689
ACL Counters
What Are MAC ACLs?
What Are IP ACLs?
ACL Actions
What Is the ACL Redirect Function?
What Is the ACL Mirror Function?
What Is ACL Logging
What Are Time-Based ACLs?
ACL Limitations
ACL Configuration Details
How Are ACLs Configured?
Editing Access Lists
Preventing False ACL Matches
Using IP and MAC Address Masks
Policy-Based Routing
Packet Classification
Route-Map Processing
Route-Map Actions
ACLs and Policy Interaction
Limitations
. . . . . . . . . . . . . . . . . . . . 691
. . . . . . . . . . . . . . . 691
. . . . . . . . . . . . . . . . . 692
. . . . . . . . . . . . . . . . . . . . . 692
. . . . . . . . 693
. . . . . . . . . 694
. . . . . . . . . . . . . . . . 694
. . . . . . . . . . . . 694
. . . . . . . . . . . . . . . . . . . 695
. . . . . . . . . . . . . . . . 701
. . . . . . . . . . . . . 701
. . . . . . . . . . . . . . . . . 701
. . . . . . . . . . . 701
. . . . . . . . . 703
. . . . . . . . . . . . . . . . . . 704
. . . . . . . . . . . . . . . . 704
. . . . . . . . . . . . . . . 705
. . . . . . . . . . . . . . . . . 706
. . . . . . . . . . . . 708
. . . . . . . . . . . . . . . . . . . . . . 709
24 Contents
Configuring ACLs (Web) . . . . . . . . . . . . . . . . . 712
IP ACL Configuration
IP ACL Rule Configuration
MAC ACL Configuration
MAC ACL Rule Configuration
IPv6 ACL Configuration
IPv6 ACL Rule Configuration
ACL Binding Configuration
Time Range Configuration
. . . . . . . . . . . . . . . . 712
. . . . . . . . . . . . . 715
. . . . . . . . . . . . . . 717
. . . . . . . . . . . . 719
. . . . . . . . . . . . . . . 720
. . . . . . . . . . . . 721
. . . . . . . . . . . . . 723
. . . . . . . . . . . . . 724
Configuring ACLs (CLI)
Configuring an IPv4 ACL
Configuring a MAC ACL
Configuring an IPv6 ACL
Configuring a Time Range
ACL Configuration Examples
Basic Rules
Internal System ACLs
Complete ACL Example
Advanced Examples
Policy-Based Routing Examples
. . . . . . . . . . . . . . . . . . 726
. . . . . . . . . . . . . . 726
. . . . . . . . . . . . . . . 732
. . . . . . . . . . . . . . 736
. . . . . . . . . . . . . 739
. . . . . . . . . . . . . . 741
. . . . . . . . . . . . . . . . . . . . . 741
. . . . . . . . . . . . . . . . 742
. . . . . . . . . . . . . . . 743
. . . . . . . . . . . . . . . . 747
. . . . . . . . . . 759
21 VLANs . . . . . . . . . . . . . . . . . . . . . . . . . . 763
VLAN Overview . . . . . . . . . . . . . . . . . . . . . 763
VLAN Tagging
GVRP
Double-VLAN Tagging
Voice VLAN
Private VLANs
Additional VLAN Features
. . . . . . . . . . . . . . . . . . . . 766
. . . . . . . . . . . . . . . . . . . . . . . . 767
. . . . . . . . . . . . . . . 768
. . . . . . . . . . . . . . . . . . . . . 769
. . . . . . . . . . . . . . . . . . . 775
. . . . . . . . . . . . . 780
Default VLAN Behavior
. . . . . . . . . . . . . . . . . 781
Contents 25
Configuring VLANs (Web) . . . . . . . . . . . . . . . . 783
VLAN Membership
VLAN Port Settings
VLAN LAG Settings
Bind MAC to VLAN
Bind IP Subnet to VLAN
GVRP Parameters
Protocol Group
Adding a Protocol Group
Double VLAN Global Configuration
Double VLAN Interface Configuration
Voice VLAN
. . . . . . . . . . . . . . . . . 783
. . . . . . . . . . . . . . . . . 788
. . . . . . . . . . . . . . . . . 789
. . . . . . . . . . . . . . . . . 791
. . . . . . . . . . . . . . . 791
. . . . . . . . . . . . . . . . . . 793
. . . . . . . . . . . . . . . . . . . 795
. . . . . . . . . . . . . . 796
. . . . . . . . . 798
. . . . . . . 799
. . . . . . . . . . . . . . . . . . . . . 801
Configuring VLANs (CLI)
Creating a VLAN
Configuring VLAN Settings for a LAG
Configuring Double VLAN Tagging
Configuring MAC-Based VLANs
Configuring IP-Based VLANs
Configuring a Protocol-Based VLAN
Configuring GVRP
Configuring Voice VLANs
. . . . . . . . . . . . . . . . . 802
. . . . . . . . . . . . . . . . . . 802
. . . . . . . . 803
. . . . . . . . . 804
. . . . . . . . . . 807
. . . . . . . . . . . . 809
. . . . . . . . 811
. . . . . . . . . . . . . . . . . . 814
. . . . . . . . . . . . . . 816
Configuring a Voice VLAN (Extended
Example) . . . . . . . . . . . . . . . . . . . . . . 818
Enterprise Voice VLAN Configuration With
. . . . . . . . . . . . . . . . . . . . . . . . . 819
QoS
MLAG with RPVST and Voice VLAN
. . . . . . . . 822
Assigning an 802.1p Priority to VLAN Traffic
Configuring a Private VLAN
Configuring Inter-Switch Private VLANs
VLAN Configuration Examples
. . . . . . . . . . . . . 830
. . . . . . 832
. . . . . . . . . . . . . . 833
Configuring VLANs Using the Dell EMC
OpenManage Switch Administrator
Configuring VLANs Using the CLI
. . . . . . . . 833
. . . . . . . . . . 841
. . . . 829
26 Contents
22 Spanning Tree Protocol. . . . . . . . . . . . . 845
STP Overview . . . . . . . . . . . . . . . . . . . . . . 845
What Are Classic STP, Multiple STP, and
Rapid STP?
How Does STP Work?
How Does MSTP Operate in the Network?
MSTP with Multiple Forwarding Paths
MSTP and VLAN IDs
What are the Optional STP Features?
. . . . . . . . . . . . . . . . . . . . . 845
. . . . . . . . . . . . . . . 846
. . . . 847
. . . . . . . 851
. . . . . . . . . . . . . . . . 852
. . . . . . . 852
RSTP-PV
. . . . . . . . . . . . . . . . . . . . . . . . . 854
DirectLink Rapid Convergence
IndirectLink Rapid Convergence Feature
. . . . . . . . . . . 856
. . . . . 858
Interoperability Between STP-PV and RSTP-PV
Modes. . . . . . . . . . . . . . . . . . . . . . . . 860
Interoperability With IEEE Spanning Tree
Protocols
Configuration Examples
Default STP Values
Configuring Spanning Tree (Web)
STP Global Settings
STP Port Settings
STP LAG Settings
Rapid Spanning Tree
MSTP Settings
MSTP Interface Settings
PVST/RPVST Global Configuration
PVST/RPVST VLAN Configuration
PVST/RPVST Interface Configuration
PVST/RPVST Statistics
. . . . . . . . . . . . . . . . . . . . . . 860
. . . . . . . . . . . . . . 865
. . . . . . . . . . . . . . . . . . . 866
. . . . . . . . . . . . 867
. . . . . . . . . . . . . . . . . 867
. . . . . . . . . . . . . . . . . . 869
. . . . . . . . . . . . . . . . . . 871
. . . . . . . . . . . . . . . . 872
. . . . . . . . . . . . . . . . . . . 874
. . . . . . . . . . . . . . 876
. . . . . . . . . 877
. . . . . . . . . 878
. . . . . . . 880
. . . . . . . . . . . . . . . 881
Configuring Spanning Tree (CLI)
Configuring Global STP Bridge Settings
. . . . . . . . . . . . 882
. . . . . . 882
Contents 27
Configuring Optional STP Features . . . . . . . . . 883
Configuring STP Interface Settings
Configuring MSTP Switch Settings
Configuring MSTP Interface Settings
. . . . . . . . . 884
. . . . . . . . . 885
. . . . . . . 886
STP Configuration Examples
STP Configuration Example
MSTP Configuration Example
. . . . . . . . . . . . . . . 887
. . . . . . . . . . . . . 887
. . . . . . . . . . . . 889
RSTP-PV Access Switch Configuration
Example . . . . . . . . . . . . . . . . . . . . . . . 892
23 Discovering Network Devices . . . . . . . . 897
Device Discovery Overview . . . . . . . . . . . . . . . 897
What Is ISDP?
What is LLDP?
What is LLDP-MED?
Why are Device Discovery Protocols
Needed?
Default IDSP and LLDP Values
Configuring ISDP and LLDP (Web)
ISDP Global Configuration
ISDP Neighbor Table
ISDP Interface Configuration
ISDP Statistics
LLDP Configuration
LLDP Statistics
LLDP Connections
LLDP-MED Global Configuration
LLDP-MED Interface Configuration
LLDP-MED Local Device Information
LLDP-MED Remote Device Information
. . . . . . . . . . . . . . . . . . . . 897
. . . . . . . . . . . . . . . . . . . . 897
. . . . . . . . . . . . . . . . 898
. . . . . . . . . . . . . . . . . . . . . . . 898
. . . . . . . . . . . . . . 899
. . . . . . . . . . . . 901
. . . . . . . . . . . . . 901
. . . . . . . . . . . . . . . . 902
. . . . . . . . . . . . 903
. . . . . . . . . . . . . . . . . . . 904
. . . . . . . . . . . . . . . . . 905
. . . . . . . . . . . . . . . . . . . 907
. . . . . . . . . . . . . . . . . . 908
. . . . . . . . . . 909
. . . . . . . . . 910
. . . . . . . . 911
. . . . . . 911
28 Contents
Configuring ISDP and LLDP (CLI) . . . . . . . . . . . . 912
Configuring Global ISDP Settings
Enabling ISDP on a Port
. . . . . . . . . . . . . . 913
Viewing and Clearing ISDP Information
Configuring Global LLDP Settings
Configuring Port-based LLDP Settings
Viewing and Clearing LLDP Information
Configuring LLDP-MED Settings
Viewing LLDP-MED Information
. . . . . . . . . 912
. . . . . . 913
. . . . . . . . . 914
. . . . . . . 914
. . . . . . 915
. . . . . . . . . . 917
. . . . . . . . . . 918
Device Discovery Configuration Examples
Configuring ISDP
Configuring LLDP
. . . . . . . . . . . . . . . . . . 918
. . . . . . . . . . . . . . . . . . 919
. . . . . . . 918
24 Port-Based Traffic Control . . . . . . . . . . 921
Port-Based Traffic Control Overview . . . . . . . . . . 921
What is Flow Control?
What is Storm Control?
What are Protected Ports?
What is Error Recovery?
What is Link Local Protocol Filtering?
What is Loop Protection?
Default Port-Based Traffic Control Values
Configuring Port-Based Traffic Control (Web)
Flow Control (Global Port Parameters)
Storm Control
. . . . . . . . . . . . . . . . . . . . 928
Protected Port Configuration
LLPF Configuration
. . . . . . . . . . . . . . . 922
. . . . . . . . . . . . . . . 922
. . . . . . . . . . . . . 923
. . . . . . . . . . . . . . 923
. . . . . . . 924
. . . . . . . . . . . . . . 925
. . . . . . . 926
. . . . . 927
. . . . . . . 927
. . . . . . . . . . . . 930
. . . . . . . . . . . . . . . . . 932
Configuring Port-Based Traffic Control (CLI)
Configuring Flow Control and Storm Control
Configuring Protected Ports
. . . . . . . . . . . . 934
. . . . . . 933
. . . . 933
Contents 29
Configuring LLPF . . . . . . . . . . . . . . . . . . 935
Port-Based Traffic Control Configuration Example
. . . 936
25 Layer-2 Multicast Features . . . . . . . . . . 939
L2 Multicast Overview . . . . . . . . . . . . . . . . . . 939
Multicast Flooding and Forwarding
What Are the Multicast Bridging Features?
What Is L2 Multicast Traffic?
What Is IGMP Snooping?
What Is MLD Snooping?
. . . . . . . . . . . . . . 941
. . . . . . . . . . . . . . 943
What Is Multicast VLAN Registration?
When Are Layer-3 Multicast Features
Required?
. . . . . . . . . . . . . . . . . . . . . . 946
What Are GARP and GMRP?
Snooping Switch Restrictions
. . . . . . . . . . . . . . 948
MAC Address-Based Multicast Group
Topologies Where the Multicast Source Is
Not Directly Connected to the Querier
Using Static Multicast MAC Configuration
IGMP Snooping and GMRP
. . . . . . . . . 939
. . . . 940
. . . . . . . . . . . . 941
. . . . . . . 945
. . . . . . . . . . . . 946
. . . . . . . 948
. . . . . . . 948
. . . . . 948
. . . . . . . . . . . . . 948
30 Contents
Default L2 Multicast Values
. . . . . . . . . . . . . . . 949
Configuring L2 Multicast Features (Web)
Multicast Global Parameters
Bridge Multicast Group
MFDB Summary
MRouter Status
. . . . . . . . . . . . . . . . . . . 955
. . . . . . . . . . . . . . . . . . . 956
General IGMP Snooping
Global Querier Configuration
VLAN Querier
. . . . . . . . . . . . . . . . . . . . 961
VLAN Querier Status
. . . . . . . . . . . . 951
. . . . . . . . . . . . . . . 952
. . . . . . . . . . . . . . 957
. . . . . . . . . . . . 960
. . . . . . . . . . . . . . . . 963
. . . . . . . . 951
MFDB IGMP Snooping Table . . . . . . . . . . . . 964
MLD Snooping General
MLD Snooping Global Querier Configuration
MLD Snooping VLAN Querier
MLD Snooping VLAN Querier Status
MFDB MLD Snooping Table
MVR Global Configuration
MVR Members
MVR Interface Configuration
MVR Statistics
GARP Timers
. . . . . . . . . . . . . . . . . . . . 977
GMRP Parameters
MFDB GMRP Table
. . . . . . . . . . . . . . . 965
. . . 967
. . . . . . . . . . . 968
. . . . . . . . 970
. . . . . . . . . . . . 971
. . . . . . . . . . . . . 972
. . . . . . . . . . . . . . . . . . . 973
. . . . . . . . . . . . 973
. . . . . . . . . . . . . . . . . . . 976
. . . . . . . . . . . . . . . . . 979
. . . . . . . . . . . . . . . . . 981
Configuring L2 Multicast Features (CLI)
Configuring Layer-2 Multicasting
Configuring IGMP Snooping on VLANs
Configuring IGMP Snooping Querier
Configuring MLD Snooping on VLANs
Configuring MLD Snooping Querier
Configuring MVR
. . . . . . . . . . . . . . . . . . 987
Configuring GARP Timers and GMRP
Case Study on a Real-World Network Topology
Multicast Snooping Case Study
. . . . . . . . . 982
. . . . . . . . . . 982
. . . . . . 983
. . . . . . . . 984
. . . . . . . 985
. . . . . . . . 986
. . . . . . . 989
. . . . 990
. . . . . . . . . . 990
26 Connectivity Fault Management . . . . . . 995
Dot1ag Overview. . . . . . . . . . . . . . . . . . . . . 995
How Does Dot1ag Work Across a Carrier
Network?
What Entities Make Up a Maintenance
Domain?
What is the Administrator’s Role?
. . . . . . . . . . . . . . . . . . . . . . 996
. . . . . . . . . . . . . . . . . . . . . . . 997
. . . . . . . . . 999
Contents 31
Default Dot1ag Values . . . . . . . . . . . . . . . . . 1000
Configuring Dot1ag (Web)
Dot1ag Global Configuration
Dot1ag MD Configuration
Dot1ag MA Configuration
Dot1ag MEP Configuration
Dot1ag MIP Configuration
Dot1ag RMEP Summary
Dot1ag L2 Ping
Dot1ag L2 Traceroute
Dot1ag L2 Traceroute Cache
Dot1ag Statistics
Configuring Dot1ag (CLI)
. . . . . . . . . . . . . . . 1001
. . . . . . . . . . . 1001
. . . . . . . . . . . . . 1001
. . . . . . . . . . . . . 1002
. . . . . . . . . . . . 1003
. . . . . . . . . . . . 1004
. . . . . . . . . . . . . . 1005
. . . . . . . . . . . . . . . . . . 1006
. . . . . . . . . . . . . . . 1006
. . . . . . . . . . . 1007
. . . . . . . . . . . . . . . . . 1007
. . . . . . . . . . . . . . . . 1009
Configuring Dot1ag Global Settings and
Creating Domains
Configuring MEP Information
Dot1ag Ping and Traceroute
Dot1ag Configuration Example
. . . . . . . . . . . . . . . . . 1009
. . . . . . . . . . . 1010
. . . . . . . . . . . 1011
. . . . . . . . . . . . 1012
27 Snooping and Inspecting Traffic . . . . . 1015
32 Contents
Traffic Snooping and Inspection Overview . . . . . . 1015
What Is DHCP Snooping?
. . . . . . . . . . . . . 1016
How Is the DHCP Snooping Bindings
Database Populated? . . . . . . . . . . . . . . . 1017
What Is IP Source Guard?
What is Dynamic ARP Inspection?
. . . . . . . . . . . . 1020
. . . . . . . . 1021
Why Is Traffic Snooping and Inspection
Necessary?
Default Traffic Snooping and Inspection Values
. . . . . . . . . . . . . . . . . . . . 1022
. . . 1022
Configuring Traffic Snooping and Inspection
(Web)
. . . . . . . . . . . . . . . . . . . . . . . . . . 1024
DHCP Snooping Configuration
. . . . . . . . . . 1024
DHCP Snooping Interface Configuration
DHCP Snooping VLAN Configuration
. . . . . . . 1027
DHCP Snooping Persistent Configuration
DHCP Snooping Static Bindings
Configuration
. . . . . . . . . . . . . . . . . . . 1029
DHCP Snooping Dynamic Bindings Summary
DHCP Snooping Statistics
IPSG Interface Configuration
IPSG Binding Configuration
IPSG Binding Summary
DAI Global Configuration
DAI Interface Configuration
DAI VLAN Configuration
DAI ACL Configuration
DAI ACL Rule Configuration
DAI Statistics
. . . . . . . . . . . . . . . . . . . 1039
. . . . . . . . . . . . 1031
. . . . . . . . . . . 1032
. . . . . . . . . . . 1032
. . . . . . . . . . . . . . 1033
. . . . . . . . . . . . . 1034
. . . . . . . . . . . 1035
. . . . . . . . . . . . . 1037
. . . . . . . . . . . . . . 1038
. . . . . . . . . . . 1038
. . . . . 1025
. . . . 1028
. . 1030
Configuring Traffic Snooping and Inspection (CLI)
Configuring DHCP Snooping
Configuring IP Source Guard
. . . . . . . . . . . 1041
. . . . . . . . . . . 1043
Configuring Dynamic ARP Inspection
. . 1041
. . . . . . 1044
Traffic Snooping and Inspection Configuration
Examples
. . . . . . . . . . . . . . . . . . . . . . . . 1047
Configuring DHCP Snooping
Configuring IPSG
. . . . . . . . . . . . . . . . . 1049
. . . . . . . . . . . 1047
28 Link Aggregation . . . . . . . . . . . . . . . . . 1051
Link Aggregation. . . . . . . . . . . . . . . . . . . . 1051
Overview
Default Link Aggregation Values
. . . . . . . . . . . . . . . . . . . . . 1051
. . . . . . . . . 1055
Contents 33
Configuring Link Aggregation (Web) . . . . . . . . . 1056
Configuring Link Aggregation (CLI)
Link Aggregation Configuration Examples
Multi-Switch LAG (MLAG)
Overview
. . . . . . . . . . . . . . . . . . . . . 1069
Deployment Scenarios
Definitions
. . . . . . . . . . . . . . . . . . . . . 1072
Configuration Consistency
Operation in the Network
Layer-2 Configuration Steps
Switch Firmware Upgrade Procedure
Static Routing on MLAG Interfaces
Caveats and Limitations
Basic Configuration Example
A Complete MLAG Example
. . . . . . . . . . 1062
. . . . 1066
. . . . . . . . . . . . . . . 1069
. . . . . . . . . . . . . . 1070
. . . . . . . . . . . . 1073
. . . . . . . . . . . . . 1076
. . . . . . . . . . . 1080
. . . . . . 1083
. . . . . . . . 1084
. . . . . . . . . . . . . . 1091
. . . . . . . . . . . 1097
. . . . . . . . . . . . 1105
29 Data Center Bridging Features . . . . . . 1123
Data Center Bridging Technology Overview . . . . . 1123
Default DCB Values
Priority Flow Control
PFC Operation and Behavior
Configuring PFC Using the Web Interface
Configuring PFC Using the CLI
PFC Configuration Example
. . . . . . . . . . . . . . . . 1124
. . . . . . . . . . . . . . . . . . 1125
. . . . . . . . . . . 1125
. . . . 1126
. . . . . . . . . . 1128
. . . . . . . . . . . . 1130
34 Contents
DCB Capability Exchange
Interoperability with IEEE DCBx
DCBx and Port Roles
. . . . . . . . . . . . . . . 1132
. . . . . . . . . 1133
. . . . . . . . . . . . . . . 1133
Configuration Source Port Selection Process
Disabling DCBX
Configuring DCBx
. . . . . . . . . . . . . . . . . . 1136
. . . . . . . . . . . . . . . . . 1137
. . 1135
Enhanced Transmission Selection . . . . . . . . . . 1139
ETS Operation
Commands
ETS Configuration Example
ETS Theory of Operation
. . . . . . . . . . . . . . . . . . . 1139
. . . . . . . . . . . . . . . . . . . . 1142
. . . . . . . . . . . . 1143
. . . . . . . . . . . . . 1149
30 MAC Addressing and Forwarding . . . . 1155
MAC Address Table Overview . . . . . . . . . . . . 1155
How Is the Address Table Populated?
What Information Is in the MAC Address
. . . . . . . . . . . . . . . . . . . . . . . 1156
Table?
How Is the MAC Address Table Maintained
Across a Stack?
. . . . . . . . . . . . . . . . . 1156
. . . . . . 1155
Default MAC Address Table Values
Managing the MAC Address Table (Web)
Static Address Table
Global Address Table
. . . . . . . . . . . . . . . 1157
. . . . . . . . . . . . . . . 1159
Managing the MAC Address Table (CLI)
Managing the MAC Address Table
. . . . . . . . . . 1156
. . . . . . 1157
. . . . . . . 1160
. . . . . . . . 1160
31 DHCP Server Settings . . . . . . . . . . . . . 1163
DHCP Overview . . . . . . . . . . . . . . . . . . . . 1163
How Does DHCP Work?
What are DHCP Options?
What Additional DHCP Features Does the
Switch Support?
Default DHCP Server Values
Configuring the DHCP Server (Web)
. . . . . . . . . . . . . 1164
. . . . . . . . . . . . . 1165
. . . . . . . . . . . . . . . . . 1165
. . . . . . . . . . . . . . 1166
. . . . . . . . . . 1167
Contents 35
DHCP Server Network Properties . . . . . . . . 1167
Address Pool
Address Pool Options
DHCP Bindings
DHCP Server Reset Configuration
DHCP Server Conflicts Information
DHCP Server Statistics
. . . . . . . . . . . . . . . . . . . 1169
. . . . . . . . . . . . . . . 1173
. . . . . . . . . . . . . . . . . . 1175
. . . . . . . . 1175
. . . . . . . . 1176
. . . . . . . . . . . . . . 1177
Configuring the DHCP Server (CLI)
Configuring Global DHCP Server Settings
Configuring a Dynamic Address Pool
Configuring a Static Address Pool
Monitoring DHCP Server Information
DHCP Server Configuration Examples
Configuring a Dynamic Address Pool
Configuring a Static Address Pool
. . . . . . . . . . 1178
. . . . 1178
. . . . . . . 1179
. . . . . . . . 1180
. . . . . . 1181
. . . . . . . . . 1182
. . . . . . . 1182
. . . . . . . . 1184
32 IP Routing. . . . . . . . . . . . . . . . . . . . . . . 1187
IP Routing Overview . . . . . . . . . . . . . . . . . . 1187
Default IP Routing Values
IP Path MTU and Path MTU Discovery
ARP Table
. . . . . . . . . . . . . . . . . . . . . . . 1191
Configuring IP Routing Features (Web)
IP Configuration
IP Statistics
ARP Create
. . . . . . . . . . . . . . . . . . . . 1194
ARP Table Configuration
Router Discovery Configuration
Router Discovery Status
Route Table
. . . . . . . . . . . . . . . 1189
. . . . . . . . 1190
. . . . . . . . 1192
. . . . . . . . . . . . . . . . . . 1192
. . . . . . . . . . . . . . . . . . . . 1193
. . . . . . . . . . . . . 1195
. . . . . . . . . 1196
. . . . . . . . . . . . . 1197
. . . . . . . . . . . . . . . . . . . . 1198
36 Contents
Best Routes Table . . . . . . . . . . . . . . . . 1199
Route Entry Configuration
Configured Routes
Route Preferences Configuration
. . . . . . . . . . . . 1200
. . . . . . . . . . . . . . . . 1202
. . . . . . . . 1203
Configuring IP Routing Features (CLI)
Configuring Global IP Routing Settings
Configuring ARP Settings
Configuring Router Discovery (IRDP)
. . . . . . . . . 1204
. . . . . . 1204
. . . . . . . . . . . . . 1205
. . . . . . . 1206
Configuring Route Table Entries and Route
Preferences
IP Routing Configuration Example
. . . . . . . . . . . . . . . . . . . . 1207
. . . . . . . . . . 1209
Configuring Dell EMC Networking N-Series
Switch A
. . . . . . . . . . . . . . . . . . . . . 1210
Configuring Dell EMC Networking N-Series
Switch B
. . . . . . . . . . . . . . . . . . . . . 1211
33 Routing Interfaces. . . . . . . . . . . . . . . . 1213
Routing Interface Overview . . . . . . . . . . . . . . 1213
What Are VLAN Routing Interfaces?
What Are Loopback Interfaces?
What Are Tunnel Interfaces?
Why Are Routing Interfaces Needed?
Default Routing Interface Values
. . . . . . . 1213
. . . . . . . . . 1214
. . . . . . . . . . . 1215
. . . . . . 1216
. . . . . . . . . . . 1218
Configuring Routing Interfaces (Web)
IP Interface Configuration
DHCP Lease Parameters
VLAN Routing Summary
Tunnel Configuration
Tunnels Summary
Loopbacks Configuration
Loopbacks Summary
. . . . . . . . . . . . 1219
. . . . . . . . . . . . . 1220
. . . . . . . . . . . . . 1220
. . . . . . . . . . . . . . . 1221
. . . . . . . . . . . . . . . . . 1222
. . . . . . . . . . . . . 1223
. . . . . . . . . . . . . . . 1224
. . . . . . . . . 1219
Contents 37
Configuring Routing Interfaces (CLI) . . . . . . . . . 1225
Configuring VLAN Routing Interfaces (IPv4)
Configuring Loopback Interfaces
Configuring Tunnels
. . . . . . . . . . . . . . . . 1228
. . . . . . . . . 1227
. . . 1225
34 Layer-2 and Layer-3 Relay Features . . 1229
L2 and L3 Relay Overview . . . . . . . . . . . . . . . 1229
What Is L2 DHCP Relay?
What Is L3 DHCP Relay?
What Is the IP Helper Feature?
. . . . . . . . . . . . . 1229
. . . . . . . . . . . . . 1233
. . . . . . . . . . 1234
Default L2/L3 Relay Values
Configuring L2 and L3 Relay Features (Web)
L2 DHCP Relay Global Configuration
L2 DHCP Relay Interface Configuration
L2 DHCP Relay Interface Statistics
L2 DHCP Relay VLAN Configuration
DHCP Relay Agent Configuration
. . . . . . . . . . . . . . . 1238
. . . . . 1239
. . . . . . . 1239
. . . . . 1240
. . . . . . . . 1242
. . . . . . . 1243
. . . . . . . . . 1243
IP Helper (L3 DHCP Relay) Global
Configuration . . . . . . . . . . . . . . . . . . . 1245
IP Helper (L3 DHCP Relay) Interface
Configuration
IP Helper Statistics
Configuring L2 and L3 Relay Features (CLI)
Configuring L2 DHCP Relay
Configuring L3 Relay (IP Helper) Settings
Relay Agent Configuration Example
. . . . . . . . . . . . . . . . . . . 1247
. . . . . . . . . . . . . . . . 1249
. . . . . . 1250
. . . . . . . . . . . . 1250
. . . . 1252
. . . . . . . . . . 1254
35 OSPF and OSPFv3. . . . . . . . . . . . . . . . . 1257
38 Contents
OSPF Overview. . . . . . . . . . . . . . . . . . . . . 1258
What Are OSPF Areas and Other OSPF
Topology Features?
What Are OSPF Routers and LSAs?
How Are Routes Selected?
. . . . . . . . . . . . . . . . 1258
. . . . . . . 1259
. . . . . . . . . . . . 1259
How Are OSPF and OSPFv3 Different?
. . . . . . 1259
OSPF Feature Details
Stub Router
Static Area Range Cost
LSA Pacing
Flood Blocking
. . . . . . . . . . . . . . . . . . . . . . . . 1265
MTU
Default OSPF Values
. . . . . . . . . . . . . . . . . 1260
. . . . . . . . . . . . . . . . . . . . 1260
. . . . . . . . . . . . . . 1262
. . . . . . . . . . . . . . . . . . . . 1263
. . . . . . . . . . . . . . . . . . 1264
. . . . . . . . . . . . . . . . . . 1266
Configuring OSPF Features (Web)
OSPF Configuration
OSPF Area Configuration
OSPF Stub Area Summary
. . . . . . . . . . . . . . . . 1268
. . . . . . . . . . . . . 1269
. . . . . . . . . . . . 1272
OSPF Area Range Configuration
OSPF Interface Statistics
. . . . . . . . . . . . . 1274
OSPF Interface Configuration
OSPF Neighbor Table
. . . . . . . . . . . . . . . 1276
OSPF Neighbor Configuration
OSPF Link State Database
. . . . . . . . . . . . 1278
OSPF Virtual Link Configuration
OSPF Virtual Link Summary
. . . . . . . . . . . . 1280
OSPF Route Redistribution Configuration
OSPF Route Redistribution Summary
NSF OSPF Configuration
. . . . . . . . . . . . . 1283
. . . . . . . . . . . 1268
. . . . . . . . . 1273
. . . . . . . . . . 1275
. . . . . . . . . . 1277
. . . . . . . . . 1278
. . . . 1281
. . . . . . . 1282
Configuring OSPFv3 Features (Web)
OSPFv3 Configuration
OSPFv3 Area Configuration
. . . . . . . . . . . . . . 1284
. . . . . . . . . . . . 1284
OSPFv3 Stub Area Summary
OSPFv3 Area Range Configuration
. . . . . . . . . 1284
. . . . . . . . . . . 1288
. . . . . . . . 1289
Contents 39
OSPFv3 Interface Configuration . . . . . . . . . 1290
OSPFv3 Interface Statistics
OSPFv3 Neighbors
OSPFv3 Neighbor Table
OSPFv3 Link State Database
OSPFv3 Virtual Link Configuration
OSPFv3 Virtual Link Summary
OSPFv3 Route Redistribution Configuration
OSPFv3 Route Redistribution Summary
NSF OSPFv3 Configuration
. . . . . . . . . . . . 1291
. . . . . . . . . . . . . . . . 1292
. . . . . . . . . . . . . . 1293
. . . . . . . . . . . 1294
. . . . . . . . 1295
. . . . . . . . . . 1297
. . . 1298
. . . . . 1299
. . . . . . . . . . . . 1300
Configuring OSPF Features (CLI)
Configuring Global OSPF Settings
Configuring OSPF Interface Settings
Configuring Stub Areas and NSSAs
Configuring Virtual Links
Configuring OSPF Area Range Settings
Configuring NSF Settings for OSPF
Configuring OSPFv3 Features (CLI)
Configuring Global OSPFv3 Settings
Configuring OSPFv3 Interface Settings
Configuring Stub Areas and NSSAs
Configuring Virtual Links
Configuring an OSPFv3 Area Range
. . . . . . . . . . . . 1301
. . . . . . . . 1301
. . . . . . . 1304
. . . . . . . 1306
. . . . . . . . . . . . . 1308
. . . . . 1310
. . . . . . . . 1312
. . . . . . . . . . 1313
. . . . . . . 1313
. . . . . . 1315
. . . . . . . 1317
. . . . . . . . . . . . . 1319
. . . . . . . 1320
Configuring OSPFv3 Route Redistribution
Settings
Configuring NSF Settings for OSPFv3
OSPF Configuration Examples
. . . . . . . . . . . . . . . . . . . . . . 1321
. . . . . . . 1322
. . . . . . . . . . . . . 1323
Configuring an OSPF Border Router and Setting
Interface Costs
. . . . . . . . . . . . . . . . . . 1323
Configuring Stub and NSSA Areas for OSPF
and OSPFv3 . . . . . . . . . . . . . . . . . . . . 1326
Configuring a Virtual Link for OSPF and
OSPFv3 . . . . . . . . . . . . . . . . . . . . . . 1329
40 Contents
Interconnecting an IPv4 Backbone and
Local IPv6 Network
. . . . . . . . . . . . . . . . 1332
Configuring the Static Area Range Cost
Configuring Flood Blocking
. . . . . . . . . . . . 1340
. . . . . 1335
Configuring OSPF VRFs
. . . . . . . . . . . . . . . . 1345
36 VRF. . . . . . . . . . . . . . . . . . . . . . . . . . . . 1349
VRF Resource Sharing . . . . . . . . . . . . . . . . . 1350
VRF ARP Entries
VRF Route Entries
. . . . . . . . . . . . . . . . . 1350
. . . . . . . . . . . . . . . . . 1350
37 RIP . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1355
RIP Overview. . . . . . . . . . . . . . . . . . . . . . 1355
How Does RIP Determine Route Information?
What Is Split Horizon?
. . . . . . . . . . . . . . 1356
What RIP Versions Are Supported?
Default RIP Values
Configuring RIP Features (Web)
RIP Configuration
RIP Interface Configuration
RIP Interface Summary
. . . . . . . . . . . . . . . . . . . 1357
. . . . . . . . . . . . 1358
. . . . . . . . . . . . . . . . . 1358
. . . . . . . . . . . 1359
. . . . . . . . . . . . . . 1360
RIP Route Redistribution Configuration
RIP Route Redistribution Summary
. . . . . . . 1356
. . . . . . . . 1362
. . 1355
. . . . . 1361
Configuring RIP Features (CLI)
. . . . . . . . . . . . . 1363
Configuring Global RIP Settings
Configuring RIP Interface Settings
Configuring Route Redistribution Settings
RIP Configuration Example
. . . . . . . . . . . . . . 1367
. . . . . . . . . 1363
. . . . . . . . 1364
. . . . 1365
Contents 41
38 VRRP . . . . . . . . . . . . . . . . . . . . . . . . . . 1371
VRRP Overview. . . . . . . . . . . . . . . . . . . . . 1371
How Does VRRP Work?
What Is the VRRP Router Priority?
What Is VRRP Preemption?
What Is VRRP Accept Mode?
What Are VRRP Route and Interface
Tracking?
. . . . . . . . . . . . . . . . . . . . . 1373
. . . . . . . . . . . . . . 1371
. . . . . . . . 1372
. . . . . . . . . . . . 1372
. . . . . . . . . . . 1373
Default VRRP Values
Configuring VRRP Features (Web)
VRRP Configuration
VRRP Virtual Router Status
VRRP Virtual Router Statistics
VRRP Router Configuration
VRRP Route Tracking Configuration
VRRP Interface Tracking Configuration
Configuring VRRP Features (CLI)
Configuring VRRP Settings
VRRP Configuration Example
VRRP with Load Sharing
Troubleshooting VRRP
VRRP with Route and Interface Tracking
Configuring VRRP in a VRF
. . . . . . . . . . . . . . . . . . 1375
. . . . . . . . . . . 1376
. . . . . . . . . . . . . . . . 1376
. . . . . . . . . . . . 1377
. . . . . . . . . . 1378
. . . . . . . . . . . . 1379
. . . . . . . 1380
. . . . . 1382
. . . . . . . . . . . . 1384
. . . . . . . . . . . . 1384
. . . . . . . . . . . . . 1386
. . . . . . . . . . . . . 1386
. . . . . . . . . . . . . . 1389
. . . . . 1390
. . . . . . . . . . . . 1393
39 BGP . . . . . . . . . . . . . . . . . . . . . . . . . . . 1397
Overview . . . . . . . . . . . . . . . . . . . . . . . . 1398
Autonomous Systems
. . . . . . . . . . . . . . . 1400
42 Contents
BGP Operations
. . . . . . . . . . . . . . . . . . . . 1400
Decision Process Overview . . . . . . . . . . . 1400
Path Attributes
BGP Finite State Machine (FSM)
Detecting Loss of Adjacency
Authentication
Outbound Update Groups
Removing Private AS Numbers
Templates
Resolving Interface Routes
Originating BGP Routes
Equal Cost Multipath (ECMP)
BGP Next-Hop Resolution
Address Aggregation
Routing Policy
Inbound Policy
Outbound Policy
Routing Policy Changes
BGP Timers
Communities
Routing Table Overflow
Route Reflection
VRF Support
BGP Neighbor Configuration
Extended Communities
VPNv4/VRF Route Distribution via MP-BGP
. . . . . . . . . . . . . . . . . . . . . . . . 1428
IPv6
. . . . . . . . . . . . . . . . . . 1402
. . . . . . . . . 1404
. . . . . . . . . . . 1406
. . . . . . . . . . . . . . . . . . 1407
. . . . . . . . . . . . . 1407
. . . . . . . . . . 1408
. . . . . . . . . . . . . . . . . . . . . 1408
. . . . . . . . . . . . 1410
. . . . . . . . . . . . . . 1410
. . . . . . . . . . . 1411
. . . . . . . . . . . . 1412
. . . . . . . . . . . . . . . 1414
. . . . . . . . . . . . . . . . . . . 1416
. . . . . . . . . . . . . . . . . . 1417
. . . . . . . . . . . . . . . . . 1417
. . . . . . . . . . . . . 1418
. . . . . . . . . . . . . . . . . . . . 1419
. . . . . . . . . . . . . . . . . . . 1420
. . . . . . . . . . . . . . 1420
. . . . . . . . . . . . . . . . . 1421
. . . . . . . . . . . . . . . . . . . . 1422
. . . . . . . . . . . 1422
. . . . . . . . . . . . . . 1422
. . . 1425
BGP Limitations
. . . . . . . . . . . . . . . . . . . . 1434
BGP Configuration Examples
Enabling BGP
BGP Example
Network Example
. . . . . . . . . . . . . . . . . . . 1436
. . . . . . . . . . . . . . . . . . . 1437
. . . . . . . . . . . . . . . . . 1438
BGP Redistribution of OSPF Example
. . . . . . . . . . . . . 1436
. . . . . . 1439
Contents 43
Configuring the Multi-Exit Discriminator in
BGP Advertised Routes
Configuring Communities in BGP
Configuring a Route Reflector
. . . . . . . . . . . . . . 1440
. . . . . . . . . 1441
. . . . . . . . . . 1442
Campus Network MP-BGP and OSPF
Configuration . . . . . . . . . . . . . . . . . . . 1444
Configuring MP-eBGP and Extended
Communities
. . . . . . . . . . . . . . . . . . . 1460
40 Bidirectional Forwarding Detection . . 1467
Overview . . . . . . . . . . . . . . . . . . . . . . . . 1467
BFD Operational Modes
Asynchronous Mode
Demand Mode
Echo Function
Limitations
BFD Example
. . . . . . . . . . . . . . . . . . . . . . . 1469
. . . . . . . . . . . . . . . . . . . . . . 1470
. . . . . . . . . . . . . . . . 1468
. . . . . . . . . . . . . . . 1468
. . . . . . . . . . . . . . . . . . 1468
. . . . . . . . . . . . . . . . . . . 1469
41 IPv6 Routing. . . . . . . . . . . . . . . . . . . . . 1473
IPv6 Routing Overview . . . . . . . . . . . . . . . . . 1473
How Does IPv6 Compare with IPv4?
How Are IPv6 Interfaces Configured?
Default IPv6 Routing Values
. . . . . . . . . . . . . . 1476
Configuring IPv6 Routing Features (Web)
Global Configuration
Interface Configuration
Interface Summary
IPv6 Statistics
. . . . . . . . . . . . . . . 1478
. . . . . . . . . . . . . . 1479
. . . . . . . . . . . . . . . . 1480
. . . . . . . . . . . . . . . . . . . 1481
. . . . . . . 1474
. . . . . . 1474
. . . . . . . 1478
44 Contents
IPv6 Neighbor Table . . . . . . . . . . . . . . . 1482
DHCPv6 Client Parameters
DHCPv6 Client Statistics
IPv6 Router Entry Configuration
IPv6 Route Table
. . . . . . . . . . . . . . . . . 1486
IPv6 Route Preferences
Configured IPv6 Routes
. . . . . . . . . . . . 1483
. . . . . . . . . . . . . 1484
. . . . . . . . . 1485
. . . . . . . . . . . . . 1487
. . . . . . . . . . . . . . 1488
Configuring IPv6 Routing Features (CLI)
Configuring Global IP Routing Settings
Configuring IPv6 Interface Settings
Configuring IPv6 Neighbor Discovery
. . . . . . . . 1489
. . . . . . 1489
. . . . . . . 1490
. . . . . . 1491
Configuring IPv6 Route Table Entries and
Route Preferences
IPv6 Show Commands
IPv6 Static Reject and Discard Routes
IPv6 Router Advertisement Guard
. . . . . . . . . . . . . . . . 1493
. . . . . . . . . . . . . . 1495
. . . . . . . . 1496
. . . . . . . . . . . 1497
42 DHCPv6 Server Settings . . . . . . . . . . . 1501
DHCPv6 Overview . . . . . . . . . . . . . . . . . . . 1501
What Is a DHCPv6 Pool?
What Is a Stateless Server?
What Is the DHCPv6 Relay Agent Information
. . . . . . . . . . . . . . . . . . . . . . 1502
Option?
What Is a Prefix Delegation?
Default DHCPv6 Server and Relay Values
. . . . . . . . . . . . . 1502
. . . . . . . . . . . 1502
. . . . . . . . . . . 1502
. . . . . . . 1503
Configuring the DHCPv6 Server and Relay (Web)
DHCPv6 Global Configuration
DHCPv6 Pool Configuration
Prefix Delegation Configuration
. . . . . . . . . . 1504
. . . . . . . . . . . . 1505
. . . . . . . . . 1507
. . . 1504
Contents 45
DHCPv6 Pool Summary . . . . . . . . . . . . . . 1508
DHCPv6 Interface Configuration
DHCPv6 Server Bindings Summary
DHCPv6 Statistics
. . . . . . . . . . . . . . . . . 1512
. . . . . . . . . 1509
. . . . . . . . 1511
Configuring the DHCPv6 Server and Relay (CLI)
. . . . 1513
Configuring Global DHCP Server and Relay
Agent Settings
. . . . . . . . . . . . . . . . . . 1513
Configuring a DHCPv6 Pool for Stateless
Server Support
Configuring a DHCPv6 Pool for Specific Hosts
Configuring DHCPv6 Interface Information
Monitoring DHCPv6 Information
DHCPv6 Configuration Examples
Configuring a DHCPv6 Stateless Server
. . . . . . . . . . . . . . . . . . 1513
. . 1514
. . . . 1515
. . . . . . . . . 1516
. . . . . . . . . . . 1517
. . . . . 1517
Configuring the DHCPv6 Server for Prefix
Delegation
. . . . . . . . . . . . . . . . . . . . . 1518
Configuring an Interface as a DHCPv6 Relay
. . . . . . . . . . . . . . . . . . . . . . . 1518
Agent
43 Differentiated Services . . . . . . . . . . . . 1521
DiffServ Overview . . . . . . . . . . . . . . . . . . . 1521
How Does DiffServ Functionality Vary Based
on the Role of the Switch?
What Are the Elements of DiffServ
Configuration?. . . . . . . . . . . . . . . . . . . 1522
Class-Map Processing
. . . . . . . . . . . . 1522
. . . . . . . . . . . . . . 1523
46 Contents
Default DiffServ Values
. . . . . . . . . . . . . . . . 1524
Configuring DiffServ (Web)
DiffServ Configuration
Class Configuration
. . . . . . . . . . . . . . 1526
. . . . . . . . . . . . . . 1526
. . . . . . . . . . . . . . . . 1527
Class Criteria . . . . . . . . . . . . . . . . . . . 1528
Policy Configuration
Policy Class Definition
Service Configuration
Service Detailed Statistics
Flow-Based Mirroring
. . . . . . . . . . . . . . . 1530
. . . . . . . . . . . . . . 1532
. . . . . . . . . . . . . . 1535
. . . . . . . . . . . . 1536
. . . . . . . . . . . . . . 1537
Configuring DiffServ (CLI)
DiffServ Configuration (Global)
DiffServ Class Configuration for IPv4
DiffServ Class Configuration for IPv6
DiffServ Protocol Matching
DiffServ Policy Creation
. . . . . . . . . . . . . . . 1538
. . . . . . . . . . 1538
. . . . . . . 1539
. . . . . . . 1540
. . . . . . . . . . . 1542
. . . . . . . . . . . . . 1543
Simple DiffServ Policy Attributes
Configuration
DiffServ Service Configuration
DiffServ Configuration Examples
. . . . . . . . . . . . . . . . . . . 1543
. . . . . . . . . . 1546
. . . . . . . . . . . 1547
Providing Subnets Equal Access to
External Network
Configuring DiffServ Policy Using ACLs
DiffServ for VoIP
WRED
. . . . . . . . . . . . . . . . . . . . . . . . . . 1554
WRED Processing
WRED Drop Probabilities
Exponential Weighting Constant
WRED Color-Aware Processing
Simple Meter Implementation
Single Rate Meter Implementation
Two-Rate Meter Implementation
. . . . . . . . . . . . . . . . . 1547
. . . . . 1549
. . . . . . . . . . . . . . . . . 1551
. . . . . . . . . . . . . . . . 1554
. . . . . . . . . . . . . 1554
. . . . . . . . . 1555
. . . . . . . . . 1555
. . . . . . . . . . 1556
. . . . . . . . 1556
. . . . . . . . . 1557
Contents 47
44 Class-of-Service . . . . . . . . . . . . . . . . . 1559
CoS Overview . . . . . . . . . . . . . . . . . . . . . 1559
What Are Trusted and Untrusted Port
. . . . . . . . . . . . . . . . . . . . . . 1560
Modes?
How Is Traffic Shaping Used on Egress
. . . . . . . . . . . . . . . . . . . . . . 1560
Traffic?
How Are Traffic Queues Defined?
Which Queue Management Methods Are
Supported? . . . . . . . . . . . . . . . . . . . . 1561
CoS Queue Usage
. . . . . . . . . . . . . . . . . 1563
. . . . . . . . 1561
Default CoS Values
Configuring CoS (Web)
Mapping Table Configuration
Interface Configuration
Interface Queue Configuration
. . . . . . . . . . . . . . . . . . . 1563
. . . . . . . . . . . . . . . . . 1565
. . . . . . . . . . . 1565
. . . . . . . . . . . . . . 1567
. . . . . . . . . . 1568
Interface Queue Drop Precedence
Configuration . . . . . . . . . . . . . . . . . . . 1569
Configuring CoS (CLI)
Mapping Table Configuration
CoS Interface Configuration Commands
Interface Queue Configuration
. . . . . . . . . . . . . . . . . 1571
. . . . . . . . . . . 1571
. . . . . 1572
. . . . . . . . . . 1572
Configuring Interface Queue Drop
Probability. . . . . . . . . . . . . . . . . . . . . 1574
CoS Configuration Example
Explicit Congestion Notification
Enabling ECN in Microsoft Windows
Example 1: SLA Configuration
Example 2: Long-Lived Congestion
. . . . . . . . . . . . . . 1575
. . . . . . . . . . . . 1578
. . . . . . . 1579
. . . . . . . . . . 1580
. . . . . . . . 1584
Example 3: Data Center TCP (DCTCP)
Configuration . . . . . . . . . . . . . . . . . . . 1584
48 Contents
45 Auto VoIP. . . . . . . . . . . . . . . . . . . . . . . 1587
Auto VoIP Overview . . . . . . . . . . . . . . . . . . 1587
How Does Auto VoIP Use ACLs?
. . . . . . . . . 1588
Default Auto VoIP Values
Configuring Auto VoIP (Web)
Auto VoIP Global Configuration
Auto VoIP Interface Configuration
Configuring Auto VoIP (CLI)
. . . . . . . . . . . . . . . 1588
. . . . . . . . . . . . . 1589
. . . . . . . . . 1589
. . . . . . . . 1589
. . . . . . . . . . . . . . 1591
46 IPv4 and IPv6 Multicast. . . . . . . . . . . . 1593
L3 Multicast Overview. . . . . . . . . . . . . . . . . 1593
What Is IP Multicast Traffic?
Multicast Addressing
What Multicast Protocols Does the Switch
Support?
. . . . . . . . . . . . . . . . . . . . . 1595
What Are the Multicast Protocol Roles?
When Is L3 Multicast Required on the
Switch?
. . . . . . . . . . . . . . . . . . . . . . 1596
What Is the Multicast Routing Table?
What Is IGMP?
What Is MLD?
What Is PIM?
What Is DVMRP?
. . . . . . . . . . . . . . . . . . 1598
. . . . . . . . . . . . . . . . . . . 1599
. . . . . . . . . . . . . . . . . . . 1599
. . . . . . . . . . . . . . . . . 1610
. . . . . . . . . . . 1594
. . . . . . . . . . . . . . . 1594
. . . . . 1596
. . . . . . 1597
Default L3 Multicast Values
. . . . . . . . . . . . . . 1613
Configuring General IPv4 Multicast Features
(Web)
. . . . . . . . . . . . . . . . . . . . . . . . . . 1615
Multicast Global Configuration
Multicast Interface Configuration
. . . . . . . . . . 1615
. . . . . . . . 1616
Contents 49
Multicast Route Table . . . . . . . . . . . . . . 1617
Multicast Admin Boundary Configuration
Multicast Admin Boundary Summary
Multicast Static MRoute Configuration
Multicast Static MRoute Summary
. . . . 1618
. . . . . . 1619
. . . . . . 1619
. . . . . . . . 1620
Configuring IPv6 Multicast Features (Web)
IPv6 Multicast Route Table
. . . . . . . . . . . . 1621
Configuring IGMP and IGMP Proxy (Web)
IGMP Global Configuration
IGMP Interface Configuration
IGMP Interface Summary
IGMP Cache Information
. . . . . . . . . . . . 1622
. . . . . . . . . . 1623
. . . . . . . . . . . . . 1624
. . . . . . . . . . . . . 1624
IGMP Interface Source List Information
IGMP Proxy Interface Configuration
IGMP Proxy Configuration Summary
IGMP Proxy Interface Membership Info
Detailed IGMP Proxy Interface Membership
Information
Configuring MLD and MLD Proxy (Web)
MLD Global Configuration
. . . . . . . . . . . . . . . . . . . . 1629
. . . . . . . . 1630
. . . . . . . . . . . . 1630
MLD Routing Interface Configuration
MLD Routing Interface Summary
. . . . . . . . . 1632
MLD Routing Interface Cache Information
MLD Routing Interface Source List
Information
MLD Traffic
MLD Proxy Configuration
. . . . . . . . . . . . . . . . . . . . 1633
. . . . . . . . . . . . . . . . . . . . 1634
. . . . . . . . . . . . . 1635
MLD Proxy Configuration Summary
MLD Proxy Interface Membership
Information
. . . . . . . . . . . . . . . . . . . . 1637
Detailed MLD Proxy Interface Membership
Information
. . . . . . . . . . . . . . . . . . . . 1638
. . . . . . 1621
. . . . . . 1622
. . . . . 1625
. . . . . . . 1626
. . . . . . . 1627
. . . . . 1628
. . . . . . 1631
. . . . 1632
. . . . . . . 1636
50 Contents
Configuring PIM for IPv4 and IPv6 (Web) . . . . . . . 1639
PIM Global Configuration
PIM Global Status
PIM Interface Configuration
PIM Interface Summary
Candidate RP Configuration
Static RP Configuration
SSM Range Configuration
BSR Candidate Configuration
BSR Candidate Summary
. . . . . . . . . . . . . 1639
. . . . . . . . . . . . . . . . 1641
. . . . . . . . . . . 1642
. . . . . . . . . . . . . 1643
. . . . . . . . . . . 1644
. . . . . . . . . . . . . . 1646
. . . . . . . . . . . . 1648
. . . . . . . . . . 1650
. . . . . . . . . . . . . 1651
Configuring DVMRP (Web)
DVMRP Global Configuration
DVMRP Interface Configuration
DVMRP Configuration Summary
DVMRP Next Hop Summary
DVMRP Prune Summary
DVMRP Route Summary
Configuring L3 Multicast Features (CLI)
. . . . . . . . . . . . . . 1652
. . . . . . . . . . . 1652
. . . . . . . . . 1653
. . . . . . . . . 1654
. . . . . . . . . . . 1655
. . . . . . . . . . . . . 1656
. . . . . . . . . . . . . 1656
. . . . . . . . 1657
Configuring and Viewing IPv4 Multicast
Information
. . . . . . . . . . . . . . . . . . . . 1657
Configuring and Viewing IPv6 Multicast Route
Information . . . . . . . . . . . . . . . . . . . . 1659
Configuring and Viewing IGMP
Configuring and Viewing IGMP Proxy
Configuring and Viewing MLD
Configuring and Viewing MLD Proxy
. . . . . . . . . . 1660
. . . . . . 1662
. . . . . . . . . . 1663
. . . . . . . 1664
Configuring and Viewing PIM-DM for IPv4
Multicast Routing
. . . . . . . . . . . . . . . . . 1665
Configuring and Viewing PIM-DM for IPv6
Multicast Routing
. . . . . . . . . . . . . . . . . 1666
Configuring and Viewing PIM-SM for IPv4
Multicast Routing . . . . . . . . . . . . . . . . . 1667
Configuring and Viewing PIM-SM for IPv6
Contents 51
Multicast Routing . . . . . . . . . . . . . . . . . 1669
Configuring and Viewing DVMRP Information
. . 1672
L3 Multicast Configuration Examples
. . . . . . . . . 1673
Configuring Multicast VLAN Routing With
IGMP and PIM-SM
Configuring DVMRP
. . . . . . . . . . . . . . . . 1673
. . . . . . . . . . . . . . . . 1677
47 Audio Video Bridging . . . . . . . . . . . . . . 1679
Overview . . . . . . . . . . . . . . . . . . . . . . . . 1679
MSRP
. . . . . . . . . . . . . . . . . . . . . . . . . . 1682
MVRP
. . . . . . . . . . . . . . . . . . . . . . . . . . 1683
MMRP
. . . . . . . . . . . . . . . . . . . . . . . . . 1684
IEEE 802.1AS
AVB Configuration Example
. . . . . . . . . . . . . . . . . . . . . . 1685
Best Master Selection
Time Synchronization
Link Delay Measurement
Caveats and Limitations
. . . . . . . . . . . . . . 1687
. . . . . . . . . . . . . . . 1688
. . . . . . . . . . . . . 1689
. . . . . . . . . . . . . . 1691
. . . . . . . . . . . . . . 1692
48 OpenFlow . . . . . . . . . . . . . . . . . . . . . . . 1695
52 Contents
Dell EMC Networking OpenFlow Hybrid
Overview
. . . . . . . . . . . . . . . . . . . . . . . . 1695
Enable Dell EMC Networking OpenFlow
. . . . . . . . . . . . . . . . . . . . . . . 1696
Hybrid
Interaction with OpenFlow Controllers
Deploy OpenFlow Controller Flows
Collect Port and Queue Status and Statistics
. . . . . . 1698
. . . . . . . . 1729
. . 1734
Usage Scenarios . . . . . . . . . . . . . . . . . 1734
Eligible Interfaces
. . . . . . . . . . . . . . . . 1734
OpenFlow Hybrid
Example Configuration
. . . . . . . . . . . . . . . . . . . 1735
. . . . . . . . . . . . . . . . 1735
Interaction with Other Switch Functions
OpenSSL
IP Stack
VLANs
LAGs
Ports
Network Interface ARP Table
Routing Interface ARP Table
QoS
. . . . . . . . . . . . . . . . . . . . . 1736
. . . . . . . . . . . . . . . . . . . . . . 1736
. . . . . . . . . . . . . . . . . . . . . . . 1736
. . . . . . . . . . . . . . . . . . . . . . . 1737
. . . . . . . . . . . . . . . . . . . . . . . 1737
. . . . . . . . . . 1737
. . . . . . . . . . . 1737
. . . . . . . . . . . . . . . . . . . . . . . . 1737
IP Routing, IP Multicast, and Layer-2
Multicast
LLDP and Voice VLAN
. . . . . . . . . . . . . . . . . . . . . 1738
. . . . . . . . . . . . . . 1738
Limitations, Restrictions, and Assumptions
List of OpenFlow—Dell EMC Networking
Component Interferences
OpenFlow Configuration Example
. . . . . . . . . . . . 1739
. . . . . . . . . . . 1740
. . . . . . . 1736
. . . . . . 1739
49 Dell EMC Networking Python Support. 1741
A Appendix . . . . . . . . . . . . . . . . . . . . . . . 1749
Feature Limits and Platform Constants . . . . . . . . 1749
System Process Definitions
SupportAssist
. . . . . . . . . . . . . . . . . . . . . 1769
. . . . . . . . . . . . . . 1762
Contents 53
Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1773
54 Contents
Contents 55
56 Contents
1
Introduction
The switches in the N-Series are stackable layer-2 and layer-3 switches. These
switches include the following features:
• 1U form factor, rack-mountable chassis design.
• Support for all data-communication requirements for a multi-layer switch,
including layer-2 switching, IPv4 routing, IPv6 routing, IP multicast,
quality of service, security, and system management features.
• High availability with automatic failover and checkpointing of dynamic
state.
The Dell EMC Networking N-Series includes the following switch models:
N1108T-ON, N1108P-ON, N1124T-ON, N1124P-ON, N1148T-ON, N1148PON, N1524, N1524P, N1548, N1548P, N2024, N2024P, N2048, N2048P,
N2128PX-ON, N3024, N3024F, N3024P, N3048, N3048P, N3024EP-ON,
N3024ET-ON, N3024EF-ON, N3048ET-ON, N3048EP-ON, N3132PX-ON,
N4032, N4032F, N4064, N4064F
NOTE: Switch administrators are strongly advised to maintain Dell EMC
Networking N-Series switches on the latest version of the Dell EMC Networking
Operating System. Dell EMC Networking continually improves the features and
functions based on feedback from you, the customer. For critical infrastructure,
prestaging of a new release into a non-critical portion of the network is
recommended to verify network configuration and operation with any new
version of Dell EMC Networking N-Series switch firmware.
About This Document
This guide discusses and provides examples on how to configure, monitor,
and maintain Dell EMC Networking N-Series switches by using web-based
Dell EMC OpenManage Switch Administrator utility or the command-line
interface (CLI).
Examples given in this guide may not include complete CLI syntax as the
preference is to present CLI syntax relevant to the configuration task. Refer to
the Dell EMC Networking N1100-ON, N1500, N2000, N2100-ON, N3000,
Introduction 57
N3100-ON, and N4000 Series Switches CLI Reference Guide for definitive
syntax for any particular command. The parameter ranges listed in the
examples or text may vary from the allowed range on any particular switch
due to product limitations. Refer to the Feature Limits and Platform
Constants section located in the Appendix of this document for range limits
relevant to a particular switch model.
Audience
This guide is for network administrators in charge of managing one or more
Dell EMC Networking N-Series switches. To obtain the greatest benefit from
this guide, you should have a basic understanding of Ethernet networks and
local area network (LAN) concepts.
Document Conventions
Table 1-1 describes the typographical conventions this document uses.
Table 1-1. Document Conventions
Convention Description
Bold Page names, field names, menu options, button names, and
CLI commands and keywords.
courier font
[ ] In a command line, square brackets indicate an optional
{ } In a command line, inclusive brackets indicate a selection of
Italic In a command line, indicates a variable.
<Enter> Any individual key on the keyboard.
CTRL + Z A keyboard combination that involves pressing the Z key
Command-line text (CLI output) and file names
entry.
compulsory parameters separated by the | character. One
option must be selected. For example:
{stp|rstp|mstp} means that for the spanning-tree mode
command, stp, rstp, or mstp must be entered.
while holding the CTRL key.
spanning-tree mode
58 Introduction
Additional Documentation
The following documents for the Dell EMC Networking N-Series switches are
available at www.dell.com/support:
• Getting Started Guide—provides information about the switch models in
the series, including front and back panel features. It also describes the
installation and initial configuration procedures.
• CLI Reference Guide—provides information about the command-line
interface (CLI) commands used to configure and manage the switch. The
document provides in-depth CLI descriptions, syntax, default values, and
usage guidelines.
Introduction 59
60 Introduction
Switch Feature Overview
This section describes the switch user-configurable software features.
NOTE: Before proceeding, read the release notes for this product. The release
notes are part of the firmware download.
The topics covered in this section include:
2
• System Management
Features
• Stacking Features
• Security Features
• Green Technology Features
• Power over Ethernet (PoE)
Plus Features
• Switching Features
• Virtual Local Area Network
Supported Features
• Spanning Tree Protocol
Features
• Link Aggregation Features
• Routing Features
• IPv6 Routing Features
• Quality of Service (QoS)
Features
• Layer-2 Multicast Features
• Layer-3 Multicast Features
Switch Feature Overview 61
System Management Features
Multiple Management Options
Any of the following methods can be used to manage the switch:
• Use a web browser to access the
Administrator
that serves HTML pages.
support HTTP and HTTPS over IPv4 or IPv6.
• Use a Telnet client, SSH client, or a direct console connection to access
the CLI. The CLI
common industry practice. Dell EMC Networking N-Series switches
support Telnet and SSH access over IPv4 or IPv6.
• Use a network management system (NMS), like the Dell EMC
OpenManage Network Manager, to manage and monitor the system
through SNMP. The switch supports
transport protocol.
Nearly all switch features support a pre-configuration capability, even when
the feature is not enabled or the required hardware is not present. Preconfigured capabilities become active only when enabled (typically via an
admin mode control) or when the required hardware is present (or both). For
example, a port can be preconfigured with both trunk and access mode
information. The trunk mode information is applied only when the port is
placed into trunk mode and the access mode information is only applied
when the port is placed into access mode. Likewise, OSPF routing can be
configured in the switch without being enabled on any port. This capability is
present in all of the switch management options.
interface. The switch contains an embedded Web server
syntax and semantics conform as much as possible to
Dell EMC OpenManage Switch
Dell EMC Networking N-Series switches
SNMP v1/v2c/v3 over the UDP/IP
System Time Management
The switch can be configured to obtain the system time and date through a
remote Simple Network Time Protocol (SNTP) server, or the time and date
can be set locally on the switch. The time zone and information about time
shifts that might occur during summer months can also be configured. When
SNTP is used to obtain the time, communications between the switch and
the SNTP server can be encrypted.
The Dell EMC Networking SNTP client supports connection to SNTP
servers over IPv4 or IPv6.
62 Switch Feature Overview
For information about configuring system time settings, see "Managing
General System Settings" on page 445.
Log Messages
The switch maintains in-memory log messages as well as persistent logs.
Remote logging can be configured so that the switch sends log messages to a
remote syslog server. The switch can also be configured to email log messages
to a configured SMTP server. This allows the administrator to receive the log
message in a specified e-mail account. Switch auditing messages, CLI
command logging, Web logging, and SNMP logging can be enabled or
disabled.
Dell EMC Networking N-Series switches support logging to syslog servers
over IPv4 or IPv6.
For information about configuring system logging, see "Monitoring and
Logging System Information" on page 407.
System Reset
When the switch is reset, it logs the reason in the persistent log, which is
displayed in the log on startup. The possible reasons for a switch reset are:
• Switch was reset due to operator intervention.
• Switch was reset due to a software exception.
• Switch was reset due to a watchdog expiration.
• Switch was reset due to a Stack Manager conflict.
• Switch was reset due to software-initiated exit.
• Switch was reset due to power disruption or unexpected restart
(error[0x0]).
The last reason code is the default if none of the other conditions are
detected.
Integrated DHCP Server
NOTE: This feature is not supported on the Dell EMC Networking
N1100-ON/N1500 Series switches.
Switch Feature Overview 63
Dell EMC Networking N-Series switches include an integrated DHCP server
that can deliver host-specific configuration information to hosts on the
network. The switch DHCP server allows the configuration of IPv4 address
pools (scopes), and when a host’s DHCP client requests an address, the
switch DHCP server automatically assigns the host an address from the pool.
For information about configuring the DHCP server settings, see "DHCP
Server Settings" on page 1163.
Management of Basic Network Information
The DHCP client on the switch allows the switch to acquire information such
as the IPv4 or IPv6 address and default gateway from a network DHCP server.
The DHCP client can also be disabled and static network information can be
configured instead. Other configurable network information includes a
Domain Name Server (DNS), hostname to IP address mapping, and a default
domain name.
If the switch detects an IP address conflict on the management interface, it
generates a trap and sends a log message.
For information about configuring basic network information, see "Setting
the IP Address and Other Basic Network Information" on page 209.
IPv6 Management Features
Dell EMC Networking N-Series switches provide IPv6 support for many
standard management features including HTTP, HTTPS/SSL, Telnet, SSH,
syslog, SNTP, TFTP, and traceroute on both the in-band and out-of-band
management ports.
Dual Software Images
Dell EMC Networking N-Series switches can store up to two software images.
The dual image feature enables upgrading the switch without deleting the
older software image. One image is designated as the active image and the
other image as the backup image.
For information about managing the switch image, see "Images and File
Management" on page 525.
64 Switch Feature Overview
File Management
Files, such as configuration files and system images, can be uploaded and
downloaded using HTTP (web only), TFTP, Secure FTP (SFTP), or Secure
Copy (SCP). Configuration file uploads from the switch to a server are a good
way to back up the switch configuration. A configuration file can also be
downloaded from a server to the switch to restore the switch to the
configuration in the downloaded file.
Files can be copied to and from a USB Flash drive that is plugged into the
USB port on the front panel of the switch. Or, the switch can be automatically
upgraded by booting it with a newer firmware image on a USB drive plugged
into the switch. Dell EMC Networking N-Series switches support file copy
protocols to both IPv4 and IPv6 servers.
For information about uploading, downloading, and copying files, see "Images
and File Management" on page 525.
Switch Database Management Templates
Switch Database Management (SDM) templates enable reallocating system
resources to support a different mix of features based on network
requirements. Dell EMC Networking N-Series switches support the following
three templates:
• Dual IPv4 and IPv6 (default)
• IPv4 Routing
• IPv4 Data Center
For information about setting the SDM template, see "Managing General
System Settings" on page 445.
Automatic Installation of Firmware and Configuration
The Auto Install feature allows the switch to upgrade or downgrade to a
newer software image and update the configuration file automatically during
device initialization with limited administrative configuration on the device.
If a USB device is connected to the switch and contains a firmware image
and/or configuration file, the Auto Install feature installs the image or
configuration file from USB device. Otherwise, the switch can obtain the
necessary information from a DHCP server on the network.
Switch Feature Overview 65
NOTE: Automatic migration of the startup configuration to the next version of
firmware from the current and previous versions of firmware is supported; the
syntax is automatically updated when it is read into the running-config. Check
the release notes to determine if any parts of the configuration cannot be
migrated. Save the running-config to maintain the updated syntax. Migration of
configuration is not assured on a firmware downgrade. When upgrading or
downgrading firmware, check the configuration to ensure that it implements the
desired configuration. Meta-configuration data (stack-port and slot
configuration) is always reset to the defaults on a downgrade on each stack unit.
As an example, Ethernet ports configured as stacking ports default back to
Ethernet mode on a downgrade.
Migration of configuration information is never assured when errors are shown
while the system is booting. Although the errored lines are displayed, commands
that enter a sub-configuration mode followed by an exit command cause the CLI
to exit Global Configuration mode, and subsequent configuration commands are
ignored. Always hand-edit the startup-config if errors are shown on the screen
during bootup.
For information about Auto Install, see "DHCP and USB AutoConfiguration" on page 557.
sFlow
sFlow is the standard for monitoring high-speed switched and routed
networks. sFlow technology is built into network equipment and gives
complete visibility into network activity, enabling effective management and
control of network resources. The Dell EMC Networking N-Series switches
support sFlow version 5.
For information about configuring managing sFlow settings, see "Monitoring
Switch Traffic" on page 577.
SNMP Alarms and Trap Logs
The system logs events with severity codes and timestamps. The events are
sent as SNMP traps to a trap recipient list.
For information about configuring SNMP traps and alarms, see "SNMP" on
page 487.
66 Switch Feature Overview
CDP Interoperability Through ISDP
Industry Standard Discovery Protocol (ISDP) allows the Dell EMC
Networking N-Series switch to interoperate with Cisco devices running the
Cisco Discovery Protocol (CDP). ISDP is a proprietary layer-2 network
protocol which inter-operates with Cisco network equipment and is used to
share information between neighboring devices (routers, bridges, access
servers, and switches).
For information about configuring ISDP settings, see "Discovering Network
Devices" on page 897.
Remote Monitoring (RMON)
RMON is a standard Management Information Base (MIB) that defines
current and historical MAC-layer statistics and control objects, allowing realtime information to be captured across the entire network.
For information about configuring managing RMON settings, see
"Monitoring Switch Traffic" on page 577.
N3000 Series Advanced and Advanced-Lite Firmware Images
There are two N3000/N3100 mixed stacking switch firmware images available.
The N3xxx Advanced stacking image supports stacking up to 12 units and
supports stacking with the following models: N3132P-ON, N3024EP-ON,
N3024ET-ON, N3024EF-ON, N3048ET-ON, N3048EP-ON. The filename for
this image is N3000N3100Advv6.5.1.x.itb. The N3xxx Advanced-Lite
stacking image supports stacking up to eight units and supports stacking for
the following models: N3132P-ON, N3024EP-ON, N3024ET-ON, N3024EFON, N3048ET-ON, N3048EP-ON, N3048, N3048P, N3024, N3024P, and
N3024F and is named N3000N3100AdvLitev6.5.1.X.itb. The Advanced-Lite
firmware supports 1024 VLANs in the range 1-4093 and does not support
MMRP/MVRP.
Which image type is installed can be determined by examining the first few
lines of the running-config. The following example shows an Advanced
version firmware.
console#show running-config
!Current Configuration:
!Software Capability "Stack Limit = 12, VLAN Limit = 4093"
!Image File "N3000Advv6.5.1.2"
Switch Feature Overview 67
!System Description "Dell EMC Networking N3048EP-ON, 6.5.1.2, Linux
3.6.5-d3d24324"
!System Software Version 6.5.1.2
!This firmware supports a stack of up to twelve switches.
!MVRP/MMRP capabilities and up to 4093 VLANs may be configured.
When migrating between the two types of images, certain commands in the
startup-config may fail to execute because the relevant feature is not
available. The switch firmware will identify any failed commands. It is
necessary to edit the startup-config if errors are displayed and remove any
failed commands. Do not simply save the running-config when commands in
the startup-config fail, as the startup-config may contain modal commands
that enter into a sub-mode not supported by the firmware. The exit
command to exit the sub-mode may, in fact, exit Global Configuration mode,
causing all subsequent commands to fail, even though those commands may
be valid. When migrating from Adv firmware to AdvLite firmware, Dell
recommends clearing the configuration and saving it to avoid any issues
caused by exceeding the scaling limits of the AdvLite firmware.
In a mixed stack, all stack members contain the active, and optionally backup,
firmware images for both types of units. It is necessary to have both images
present on all units to allow any unit to perform the stack master function. A
mixed stack may only be updated by installing an .itb firmware image using
the copy command from any supported source, e.g. USB or TFTP. A mixed
stack may also be upgraded by configuring an .itb firmware image as part of
DHCP Auto-configuration that occurs as part of the switch boot process. The
USB Auto-configuration upgrade feature should not be used to upgrade a
mixed image stack. Do not attempt to update a mixed stack by installing an
.stk firmware because a version mismatch may occur later after a stack master
failover. In these cases, the recovery procedure is to reinstall the firmware
using an .itb image.
NOTE: Switches must be upgraded to firmware version 6.5.1 or later in order to
recognize and download an .itb image.
Do not download Adv mixed stack (itb) firmware to a stack containing legacy
N3000 Series switches. It is required that a mixed stack containing legacy
N3000 Series switches only be loaded with the AdvLite (itb) firmware. If
68 Switch Feature Overview
issues are encountered due to improper download of Adv firmware to a stack
containing legacy N3000 Series switches, recover the stack by downloading
AdvLite (itb) firmware.
To add a new member to an AdvLite or Adv mixed stack, load the new
member with an ITB image, power off the unit, cable the new member into
the stack and power it on. Then perform stack firmware synchronization
using the boot auto-copy-sw command from the mixed stack master. Do not
fail over to the new member prior to performing stack firmware
synchronization.
To upgrade an AdvLite mixed stack to Adv mono-culture stack using the .stk
firmware, power off the stack, re-cable the stack with the legacy N3000
switches removed from the stack (only N3000E-ON and N3132PX-ON
switches can operate with the Adv firmware) and power on the stack starting
with the desired stack master unit. Once the stack is fully powered, use the
clear config command to remove the configuration of the units that are no
longer participating in the stack. The no member/no slot commands in stack
configuration mode also clear the stack member configuration, however,
other configuration that references those members is not cleared and may
cause issues on a reboot of the stack.
After the member configuration has been removed for all N3000 Series
switches and the configuration has been saved, it is possible to download
N3000Advv6.5.1.X.stk firmware to the stack master. Once downloaded, the
master unit will distribute the images to other members of the stack. Use the
show bootvar [unit] command to display the stack unit firmware. After code
distribution is complete, reboot the stack.
This same technique may be used on the legacy N3000 switches that were
configured in an AdvLite stack to allow them to download mono-culture
N3000 (stk) firmware.
Switch Feature Overview 69
Stacking Features
For information about creating and maintaining a stack of switches, see
"Stacking" on page 237.
Mixed and Single Series Stacking
The Dell EMC Networking N2000, N2100-ON, N3000, N3000E-ON, and
N3100-ON Series switches include a stacking feature that allows multiple
switches of the same or different series to operate as a single unit.
Dell EMC Networking N1100-ON Series switches stack with other Dell EMC
N1100-ON Series switches and Dell EMC Networking N1500 Series switches
stack with other Dell EMC N1500 Series switches.
The Dell EMC Networking N1124T-ON/N1124P-ON/N1148P-ON/N1148TON switches stack up to four units using 10G Ethernet ports configured for
stacking. The Dell EMC Networking N1500 Series switches stack up to four
units using 10GB Ethernet links configured as stacking.
Dell EMC Networking N2000 Series switches stack with other Dell EMC
Networking N2000 Series switches and with Dell EMC Networking N2100ON Series switches stack in a stack of up to 12 units. Dell EMC Networking
N2000 and N2100-ON Series switches have two fixed mini-SAS stacking
connectors at the rear. Any unit may be the stack master. The mixed stacking
image name is N2000N2100Stdv6.5.1.X.itb.
Dell EMC Networking N2100-ON and N2000 switch series firmware is also
available without mixed stacking capabilities. These images are named as
follows:
N2100Stdv6.5.1.X.stk - N2100 only stack
N2000Stdv6.5.1.X.stk - N2000 only stack
Dell EMC Networking N3000 Series switches stack with other Dell EMC
Networking N3000/N3000E-ON Series switches and with Dell EMC
Networking N3100-ON Series switches stack in a stack of up to eight units.
The Dell EMC Networking N3000/N3000E-ON Series switches have two
fixed mini-SAS stacking connectors at the rear. The Dell EMC Networking
N3100-ON Series switch has a slot in the rear that accepts an optional
stacking module. Any unit may be the stack master. The image name is
N3000N3100AdvLitev6.5.X.Y.itb.
70 Switch Feature Overview
Dell EMC Networking N3100-ON Series switches may also stack with the
Dell EMC Networking N3000E-ON switches in a stack of up to 12 units. The
image name is N3000N3100Advv6.5.1.X.itb. Any unit may be the stack
master. N3024/N3024P/N3034F/N3048/N3048P units will be recognized if
stacked with this image. However, the front panel interfaces will remain
detached and inoperable.
Dell EMC Networking N3100-ON and N3000 switch series firmware is also
available without mixed stacking capabilities. These images are named as
follows:
N3100Advv6.5.1.X.stk - N3100 only stack
N3000Advv6.5.1.X.stk - N3000E-ON only stack
N3000AdvLitev6.5.1.X.stk - N3000 only stack (includes N3000E-ON
support)
Dell EMC Networking N4000 Series switches stack with other Dell EMC
Networking N4000 Series switches over front-panel ports configured for
stacking.
Single IP Management
When multiple switches are connected together through the stack ports, they
operate as a single unit with a larger port count. The stack operates and is
managed as a single entity. One switch acts as the master, and the entire stack
is managed through the management interface (Web, CLI, or SNMP) of the
stack master.
Master Failover with Transparent Transition
The stacking feature supports a standby or backup unit that assumes the
stack master role if the stack master fails. As soon as a stack master failure is
detected, the standby unit initializes the control plane and enables all other
stack units with the current configuration. The standby unit maintains a
synchronized copy of the running configuration for the stack.
Switch Feature Overview 71
Nonstop Forwarding on the Stack
The Nonstop Forwarding (NSF) feature allows the forwarding plane of stack
units to continue to forward packets while the control and management
planes restart as a result of a power failure, hardware failure, or software fault
on the stack master and allows the standby switch to quickly takeover as the
master.
Hot Add/Delete and Firmware Synchronization
Units can be added to and deleted from the stack without cycling the power
on the stack. Units to be added to the stack must be powered off prior to
cabling into the stack to avoid election of a new master unit and a possible
downgrade of the stack. When the newly added unit is powered on, the Stack
Firmware Synchronization feature, if enabled, automatically synchronizes the
firmware version with the version running on the stack master. The
synchronization operation may result in either an upgrade or a downgrade of
firmware on the mismatched stack member. Once the firmware is
synchronized on a member unit, the running-config on the member is
updated to match the master switch. The startup-config on the standby and
member switches is not updated to match the master switch due to
configuration changes on the master switch. Saving the startup config on the
master switch also saves it to the startup config on all the other stack
members. The hardware configuration of every switch is updated to match
the master switch (unit number, slot configuration, stack member number,
etc.).
NOTE: ALWAYS POWER OFF a unit to be added to a stack prior to cabling it into
the stack. Newly added units must be powered on one-at-a-time beginning with
the unit directly connected to an already powered on stack member.
72 Switch Feature Overview
Security Features
Configurable Access and Authentication Profiles
Rules can be configured to limit access to the switch management interface
based on criteria such as access type and source IP address of the
management host. The user can also be required to be authenticated locally
or by an external server, such as a RADIUS server.
For information about configuring access and authentication profiles, see
"Authentication, Authorization, and Accounting" on page 275.
Password-Protected Management Access
Access to the Web, CLI, and SNMP management interfaces is password
protected, and there are no default users on the system.
For information about configuring local user accounts, see "Authentication,
Authorization, and Accounting" on page 275.
Strong Password Enforcement
The Strong Password feature enforces a baseline password strength for all
locally administered users. Password strength is a measure of the effectiveness
of a password in resisting guessing and brute-force attacks. The strength of a
password is a function of length, complexity and randomness. Using strong
passwords lowers overall risk of a security breach.
For information about configuring password settings, see "Authentication,
Authorization, and Accounting" on page 275.
TACACS+ Client
The switch has a TACACS+ client. TACACS+ provides centralized security
for validation of users accessing the switch. TACACS+ provides a centralized
user management system while still retaining consistency with RADIUS and
other authentication processes.
For information about configuring TACACS+ client settings, see
"Authentication, Authorization, and Accounting" on page 275.
Switch Feature Overview 73
RADIUS Support
The switch has a Remote Authentication Dial In User Service (RADIUS)
client and can support up to 32 named authentication and accounting
RADIUS servers. The switch also supports configuration of multiple RADIUS
Attributes and accepts RADIUS COA termination requests. The switch can
also be configured to accept RADIUS-assigned VLANs, ACLs and DiffServ
Policies.
For information about configuring RADIUS client settings, see
"Authentication, Authorization, and Accounting" on page 275.
SSH/SSL
The switch supports Secure Shell (SSH) for secure, remote connections to
the CLI and Secure Sockets Layer (SSL) to increase security when accessing
the web-based management interface. The SSH server can be enabled using
the ip ssh server command or disabled using the no ip ssh server command.
For information about configuring SSH and SSL settings, see
"Authentication, Authorization, and Accounting" on page 275.
Inbound Telnet Control
By default, the switch allows access over Telnet. The administrator can enable
or disable the Telnet server using the ip telnet server command. Additionally,
the Telnet port number is configurable using the same command.
For information about configuring inbound Telnet settings, see
"Authentication, Authorization, and Accounting" on page 275.
Denial of Service
The switch supports configurable Denial of Service (DoS) attack protection
for eight different types of attacks.
For information about configuring DoS settings, see "Port and System
Security" on page 681.
74 Switch Feature Overview
Port Protection
A port may be put into the error-disabled state for any of the following
reasons:
• BPDU Storm: By default, if Spanning Tree Protocol (STP) bridge protocol
data units (BPDUs) are received at a rate of 15pps or greater for three
consecutive seconds on a port, the port will be error-disabled. The
threshold is not configurable.
• Broadcast, Multicast, Unicast Storm: If broadcast, unknown multicast, or
unknown unicast packets are received at a rate greater than the configured
limit and the configured action is to disable the port, the port will be errordisabled. Storm control is not enabled by default. See the storm-control
commands for further information. A trap is issued for ports disabled by
Storm Control.
• DHCP Rate Limit: If DHCP packets are received on a port at a rate that
exceeds 15 pps, the port will be error-disabled. The threshold is
configurable up to 300 pps for up to 15s long using the
limit
command. DHCP snooping is disabled by default. The default
protection limit is 15 pps. A trap is issued for interfaces disabled by DHCP
Snooping.
• DoS: Interfaces on which a denial of service attack is detected are errordisabled. Refer to the dos-control command for configuration options.
• ARP Inspection: By default, if Dynamic ARP Inspection packets are
received on a port at a rate that exceeds 15 pps for 1 second, the port will
be error-disabled. The threshold is configurable up to 300 pps and the
burst is configurable up to 15s long using the
command. A trap is issued for interfaces disabled by Dynamic ARP
Inspection.
• SFP Mismatch: Insertion of an unsupported SFP transceiver will errordisable the interface. This behavior can be suppressed using the service
unsupported-transceiver command.
• SFP+ transceivers: SFP+ transceivers are not compatible with SFP slots
(N3024F front-panel ports). To avoid damage to SFP+ transceivers
mistakenly inserted into SFP ports, the SFP port is error-disabled when an
SFP+ transceiver is detected.
• UDLD: Interfaces on which unidirectional packet flow is detected are
error-disabled.
ip arp inspection limit
ip dhcp snooping
Switch Feature Overview 75
• ICMP storms: Ports on which ICMP storms are detected are errordisabled. The rate limit and burst sizes are configurable separately for IPv4
and IPv6.
• PML: Interfaces on which the port security violation is configured to shut
down the interface are error-disabled when a violation occurs.
• Loop Protect: Loop protection diagnostically disables ports on which a
loop is detected. A log message may be issued when a port is disabled by
Loop Protection.
• BPDU Guard: An interface that receives a BPDU with BPDU guard
enabled is error-disabled. Use the spanning-tree bpdu-protection
command to enable BPDU guard.
A port that is error-disabled may be returned to service using the no
shutdown command. Alternatively, the operator may configure the auto
recovery service to return the error disabled ports to service after a
configurable period of time. Refer to the errdisable recovery command for
more information.
Captive Portal
The Captive Portal feature blocks clients from accessing the network until
user verification has been established. When a user attempts to connect to
the network through the switch, the user is presented with a customized Web
page that might contain username and password fields or the acceptable use
policy. Users can be required to be authenticated by a local or remote
RADIUS database before access is granted.
For information about configuring the Captive Portal features, see "Captive
Portal" on page 370.
802.1X Authentication (IEEE 802.1X)
802.1X authentication enables the authentication of network clients through
a local internal server or an external server. Only authenticated and approved
network clients can transmit and receive frames over the port. Clients are
authenticated using the Extensible Authentication Protocol (EAP). EAPMD5 authentication with no privacy protocol is supported for switchinitiated (server-side) authentication to remote authentication servers. Local
(IAS) authentication supports EAP-MD5 only. MAB supports EAP, PAP, and
CHAP. Encrypted communication with authentication servers is not
76 Switch Feature Overview
supported; however, the switch will transport encrypted packets, such as
PEAP or EAP-TLS packets, between the supplicant and authentication server
in support of mutual authentication and privacy.
For information about configuring IEEE 802.1X settings, see "IEEE 802.1X"
on page 334.
MAC-Based 802.1X Authentication
MAC-based authentication allows multiple supplicants connected to the
same port to each authenticate individually. The switch uses the device’s
MAC address to restrict access to the port to only the devices that have
authenticated. For example, a system attached to the port might be required
to authenticate in order to gain access to the network, while a VoIP phone
might not need to authenticate in order to send voice traffic through the port.
For information about configuring MAC-based 802.1X authentication, see
"IEEE 802.1X" on page 334.
802.1X Monitor Mode
Monitor mode can be enabled in conjunction with 802.1X authentication to
allow network access even when the user fails to authenticate. The switch logs
the results of the authentication process for diagnostic purposes. The main
purpose of this mode is to help troubleshoot the configuration of a 802.1X
authentication on the switch without affecting the network access to the
users of the switch.
For information about enabling the 802.1X Monitor mode, see "IEEE 802.1X"
on page 334.
Port Security
The port security feature limits access on a port to users with specific MAC
addresses. These addresses are manually defined or learned on that port.
When a frame is seen on a locked port, and the frame source MAC address is
not tied to that port, the protection mechanism is invoked.
For information about configuring port security, see "Port and System
Security" on page 681.
Switch Feature Overview 77
Access Control Lists (ACLs)
Access Control Lists (ACLs) can help to ensure network availability for
legitimate users while blocking attempts to access the network by
unauthorized users or to restrict legitimate users from accessing the network.
ACLs may be used to provide traffic flow control, restrict contents of routing
updates, decide which types of traffic are forwarded or blocked, and above all,
provide some level of security for the network. The switch supports the
following ACL types:
• IPv4 ACLs
• IPv6 ACLs
• MAC ACLs
For all ACL types, the ACL rule can be configured to filter traffic when a
packet enters or exits the Ethernet port, LAG, or VLAN interface. ACLs work
only on switched ports. They do not operate on the out-of-band port.
ACLs can be used to implement policy-based routing (PBR) to implement
packet routing according to specific organizational policies.
For information about configuring ACLs and PBR, see "Access Control Lists"
on page 689.
Time-Based ACLs
With the Time-based ACL feature, the administrator can define when an
ACL is in effect and the amount of time it is in effect.
For information about configuring time-based ACLs, see "Access Control
Lists" on page 689.
IP Source Guard (IPSG)
IP source guard (IPSG) is a security feature that filters IP packets based on
the source ID. The source ID may either be source IP address or a source IP
address source MAC address pair as found in the local DHCP snooping
database. IPSG depends on DHCP Snooping to associate IP address with
MAC addresses.
For information about configuring IPSG, see "Snooping and Inspecting
Traffic" on page 1015.
78 Switch Feature Overview
DHCP Snooping
DHCP Snooping is a security feature that monitors DHCP messages between
a DHCP client and DHCP server. It filters harmful DHCP messages and
builds a bindings database of (MAC address, IP address, VLAN ID, port)
tuples that are specified as authorized. DHCP snooping can be enabled
globally and on specific VLANs. Ports within the VLAN can be configured to
be trusted or untrusted. DHCP servers must be reached through trusted ports.
For information about configuring DHCP Snooping, see "Snooping and
Inspecting Traffic" on page 1015.
Dynamic ARP Inspection
Dynamic ARP Inspection (DAI) is a security feature that rejects invalid and
malicious ARP packets. The feature prevents a class of man-in-the-middle
attacks, where an unfriendly station intercepts traffic for other stations by
poisoning the ARP caches of its unsuspecting neighbors. The malicious
station sends ARP requests or responses mapping another station's IP address
to its own MAC address.
Dynamic ARP Inspection relies on DHCP Snooping.
For information about configuring DAI, see "Snooping and Inspecting Traffic"
on page 1015.
Protected Ports (Private VLAN Edge)
Private VLAN Edge (PVE) ports are a layer-2 security feature that provides
port-based security between ports that are members of the same VLAN. It is
an extension of the common VLAN. Traffic from protected ports is sent only
to the uplink ports and cannot be sent to other ports within the VLAN.
For information about configuring IPSG, see "Port-Based Traffic Control" on
page 921.
Switch Feature Overview 79
Green Technology Features
For information about configuring Green Technology features, see "Port
Characteristics" on page 649.
Energy Detect Mode
When the Energy Detect mode is enabled and the port link is down, the PHY
automatically goes down for short period of time and then wakes up
periodically to check link pulses. This mode reduces power consumption on
the port when no link partner is present. Energy Detect is proprietary and
operates independently from EEE.
Energy Efficient Ethernet
Dell EMC Networking switches support IEEE 802.3az Energy Efficient
Ethernet (EEE) Lower Power Idle Mode on front panel copper ports, which
enables both the send and receive sides of the link to disable some
functionality for power savings when the link is lightly loaded. EEE is
standardized by the IEEE and operates independently of Energy Detect. EEE
requires auto-negotiation to be enabled. Setting a port to a forced speed
disables EEE.
EEE and Energy Detect are supported on the Dell EMC Networking N2000,
N2100-ON, N3000, and N3100-ON Series 1G copper ports. EEE and energy
detect are supported on the Dell EMC Networking N4000 Series 10G copper
ports. EEE is supported on Gigabit Ethernet ports 1-8 on the N1108 Series
switches, on Gigabit Ethernet ports 5-20 on the N1124 Series switches, and
Gigabit Ethernet ports 9-24 and 29-44 on the N1148 Series switches. EEE is
supported on Gigabit Ethernet ports 1-17 on the N1524 and Gigabit Ethernet
ports 9-41 on the N1548. Energy detect is supported on all Gigabit Ethernet
ports on the N1100 and N1500 Series switches.
EEE and Energy Detect are enabled by default on the N-Series copper ports.
Energy Detect is enabled by default on the Dell EMC Networking N4000
Series switches 10G copper ports and cannot be disabled. Energy detect is
enabled by default on the other Dell EMC Networking N-Series switches.
Neither energy-detect nor EEE are supported on out-of-band, 2.5G or 5G
NBASE-T ports.
80 Switch Feature Overview
Power Utilization Reporting
The switch displays the current power consumption of the power supply (or
power supplies). This information is available from the management
interface.
Power over Ethernet (PoE) Plus Features
NOTE: The Dell EMC Networking N1108P-ON/N1124P-ON/N1148P-ON,
N1524P/N1548P, N2024P/N2048P/N2128PX-ON and N3024P/N3048P/N3024EPON/N3048EP-ON/N3132PX-ON switches support PoE Plus. The
N2128PX-ON/N3024P/N3048P/N3024EP-ON/N3048EP-ON/N3132PX-ON switches
support PoE 60W on selected ports. The PoE feature does not apply to the other
models in the Dell EMC Networking N1100-ON, N1500, N2000, N2100-ON,
N3000,N3000E-ON, N3100-ON, and N4000 Series.
For information about configuring PoE Plus features, see "Managing General
System Settings" on page 445.
Key PoE Plus Features for the Dell EMC Networking N1108P-ON, N1124P-ON, N1148P-ON, N2024P, N2048P, N2128PX-ON, N3024P, N3048P, N3024EP-ON, N3048EP-ON, and N3132PX-ON Switches
Table 2-1 describes some of the key PoE Plus features.
Table 2-1. PoE Plus Key Features
Feature Description
Global Usage
Threshold
Per-Port Power
Prioritization
Per-Port Power Limit Configurable power limit for each PoE-Plus port.
Provides the ability to specify a power limit as a percentage
of the maximum power available to PoE ports. Setting a
limit prevents the PoE switch from reaching an overload
condition.
Provides the ability to assign a priority to each PoE port.
When the power budget of the PoE switch has been
exhausted, the higher-priority ports are given preference
over the lower-priority ports. Lower priority ports are
automatically stopped from supplying power in order to
provide power to higher-priority ports.
Switch Feature Overview 81
Table 2-1. PoE Plus Key Features (Continued)
Feature Description
Power Management
Modes
Power Detection Mode Sets the mode to 802.3at or 802.3at+legacy detection.
Supports three power-management modes:
• Static—Reserves a configurable amount of power for a PoE
port.
• Dynamic—Power is not reserved for the port at any point
of time. Power is supplied based upon the detected
powered device (PD) signature.
• Class-based—Reserves a classed-based amount of power
for a PoE port. The final power delivered is determined via
LLDP-MED negotiation, which allows for refinement of
the power limit.
Power Over Ethernet (PoE) Plus Configuration
The Dell EMC Networking N1108P-ON/N1124P-ON/N1148P-ON,
N1524P/N1548P, N2024P/N2048P, N2128PX-ON, N3024P/N3048P/N3024EPON/N3048EP-ON, and N3132PX-ON switches support PoE Plus
configuration for power threshold, power priority, SNMP traps, and PoE
legacy device support. Power can be limited on a per-port basis.
PoE Plus Support
The Dell EMC Networking N1108P-ON/N1124P-ON/N1148P-ON,
N1524P/N1548P, N2024P/N2048P, N2128PX-ON, N3024P/N3048P/N3024EPON/N3048EP-ON, and N3132PX-ON switches implement the PoE Plus
specification (IEEE 802.1at), in addition to the IEEE 802.3AF specification.
This allows power to be supplied to Class 4 PD devices that require power
greater than 15.4 Watts. Each port is capable of delivering up to 34.2W of
power. Real-time power supply status is also available on the switch as part of
the PoE Plus implementation.
82 Switch Feature Overview
PoE 60W Support
The Dell EMC Networking N3024P/N3048P/N3024EP-ON/N3048EP-ON
switches implement 4-pair PoE 60W on the first 12 1G ports. The N3132PXON switches implement PoE 60W on the copper 1G and 5G ports. The
N2128PX-ON switches implement PoE 60W on the 2.5G ports. The N1108PON, N1124P-ON, 1148P-ON, N1524P, N1548P, N2024P, and N2048P switches
do not support PoE 60W.
PoE 60W allows power to be supplied to Class 5 powered devices that require
power up to 60 watts. PoE 60W power must be configured manually. Classbased and dynamic power allocation is not supported for PoE 60W.
Class D or better cabling is required for feeds in excess of 34.2 watts.
Normally, CAT 5E cabling does meet this requirement.
PoE-capable switches that are connected to another PSE supplying power will
stop supplying power on the affected ports. PSE capability should be disabled
when connecting
Dell EMC
PoE enabled ports to other PSE equipment.
Powered Device Detection
The switch is capable, based upon configuration, of detecting legacy, AF, or
AT devices in two-pair or four-pair modes. AT detection is initiated first,
followed by AF detection, and if configured, legacy detection. The switch
always supplies full power to the port during power up and prior to
performing detection.
PoE Power Management Modes
PoE-capable switches can be configured to manage powered devices (PD)
using a dynamic, static, or class-based management. The power management
mode is configured using the power inline management command.
Static Power Management
In this mode, the power reserved for the port is the configured limit regardless
of whether the port is powered or not. The device may draw up to the
configured limit. This mode is useful for devices that do not support
LLDP-MED.
Available Power = Power Limit of the Sources – Total Configured Power
Switch Feature Overview 83
The total configured power is calculated as the sum of the configured power
allocation for each port. Static mode reserves maximum power for the port,
for example, 32W for two-pair mode and 60W for four-pair mode, unless a
lower limit is configured by the administrator. Power is not reserved until a
PD is connected to the port. The powered device may draw up to the
configured limit. LLDP-MED packets requesting power are ignored in static
mode. Do not configure the powered device to use LLDP-MED to request
power in this mode.
Dynamic Power Management
In this mode, power is allocated based upon the detected PD class signature.
Available Power = Power Limit of the Sources – Total Allocated Power
The total allocated power is calculated as the sum of the power consumed by
each port. Dynamic mode does not reserve power for the port (the port power
limit is 0). Dynamic power management ignores LLDP-MED packets sent by
the powered device. Do not configure the powered device to send LLDPMED
packets in this mode. The powered device may draw up to the detected class
plus 5%.
Class-Based Power Management
Class-based power management allocates power based on the class selected by
the detected powered device signature and LLDP-MED. The detection
method must be configured as dot3at+legacy for AF signature devices to be
detected.
Available Power = Power Limit of the Sources – Total Class Configured Power
The total class configured power is calculated as the sum of the class-based
power allocation for each port. Note that class-based power management
mode allocates the class limit for the port. The powered device may draw up
to the class maximum based upon the detected powered device signature.
The powered device need not draw all of the requested power. The
Consumed Power display from the show power inline command shows the
actual reported power draw and does not take into account the class reserved
power. Configure the powered device to send LLDP-MED packets in this
mode. It may take up to 60 seconds to fully power up a device in class-based
management mode because LLDP-MED packets need to be exchanged in
order to configure the desired power.
84 Switch Feature Overview
Power is supplied to the device in class mode per the following table:
Class Usage AF Device (Watts) AT Device (Watts)
0 Default 16.4 33
1 Optional 5 33
2 Optional 8 33
3 Optional 16.4 33
4 Optional 16.4 33
In four-pair mode, twice the power listed in the table above is delivered. For
information about the available system power, see the Hardware Overview
chapter.
Power Management in Guard Band
The Dell EMC Networking N1100P-ON, N1500P, N2000P, N2100-ON,
N3000P, and N3100-ON Series switches support a dynamic guard band, which
means that the guard band used varies depending upon the following factors:
• Power management mode
• Class of the device being powered up.
Prior to a device being powered up, the switch calculates the following:
threshold power – guard band – (current power consumption + computed
power draw of the new device)
If this value is less than zero (which means powering up the new PD device
will put the total power draw into the guard band or above the switch power
capacity), then the switch does not power up the new device. A device being
powered up in class or dynamic mode is always supplied with the maximum
power (32 or 64 watts) at startup. Once the device class or power draw is
determined, power to the device may be reduced.
The power management mode is configured using the power inline
management command. The guard band is calculated by the switch as shown
below. The user- defined threshold power limit can be found with the show
power inline detailed command, and is configured with the power inline
usage-threshold command. Threshold Power is reduced by the guard band
when powering up a port.
Switch Feature Overview 85
If the remaining available power (threshold power - guard band - current
power consumption) is less than the computed power draw of the new device,
the device is not powered up. By default, the guard band is 32 watts.
Regardless of the power management mode, if the device being powered up is
a Class 1, 2, or 3 AF device, then the guard band is configured according to
the device class.
Dynamic or Static Power Management Mode Guard Band
In these modes, the guard band for the port being powered up is 32 watts.
Class-Based Power Management Mode Guard Band
In this mode, the dynamic guard band for the port being powered up is:
• For Class 0 AF device: 16.4 watts
• For Class 1 AF device: 5 watts
• For Class 2 AF device: 8 watts
• For Class 3 AF device: 16.4 watts
• For Class 4 AF device: 16.4 watts
• If the PD is an AT device, the guard band is 32 watts regardless of the
detected class.
PoE Plus Default Settings
The following table shows the default PoE Plus settings for the Dell EMC
Networking N1108P-ON/N1124P-ON/ N1148P-ON, N1524P/N1548P,
N2024P/N2048P, N2128PX-ON, N3024P/N3048P, and N3132PX-ON switches.
Table 2-2. PoE Plus Key Features (Dell EMC Networking N1108P-ON/N1124P-ON/
N1148P-ON, N1524P/N1548P, N2024P/N2048P, N2128PX-ON, N3024P/N3048P/N3048EPON, and N3132PX-ON Only)
Feature Description
Global Usage Threshold 90%
Per-Port Admin Status Auto
Per-Port Power Prioritization Enabled (globally, per-port priority is Low
Per-Port Power Limit None
86 Switch Feature Overview
Table 2-2. PoE Plus Key Features (Dell EMC Networking N1108P-ON/N1124P-ON/
N1148P-ON, N1524P/N1548P, N2024P/N2048P, N2128PX-ON, N3024P/N3048P/N3048EPON, and N3132PX-ON Only)
Feature Description
Power Management Mode Dynamic
Power Detection Mode 802.3at plus legacy
Power Pairs alternative-a
Switch Feature Overview 87
Switching Features
Flow Control Support (IEEE 802.3x)
Flow control enables lower speed switches to communicate with higher speed
switches by requesting that the higher speed switch refrain from sending
packets for a limited period of time. Transmissions are temporarily halted to
prevent buffer overflows.
For information about configuring flow control, see "Port-Based Traffic
Control" on page 921.
Head of Line Blocking Prevention
Head of Line (HOL) blocking prevention prevents traffic delays and frame
loss caused by traffic competing for the same egress port resources. HOL
blocking queues packets, and the packets at the head of the queue are
forwarded before packets at the end of the queue.
Alternate Store and Forward (ASF)
NOTE: This feature is available on the Dell EMC Networking N4000 Series
switches only.
The Alternate Store and Forward (ASF) feature reduces latency for large
packets. When ASF is enabled, the memory management unit (MMU) can
forward a packet to the egress port before it has been entirely received on the
Cell Buffer Pool (CBP) memory.
AFS, which is also known as cut-through mode, is configurable through the
command-line interface. For information about how to configure the AFS
feature, see the CLI Reference Guide available at www.dell.com/support.
Jumbo Frames Support
Jumbo frames enable transporting data in fewer frames to ensure less
overhead, lower processing time, and fewer interrupts.
For information about configuring the switch MTU, see "Port Characteristics"
on page 649.
88 Switch Feature Overview
Auto-MDI/MDIX Support
The switch supports auto-detection between crossed and straight-through
cables. Media-Dependent Interface (MDI) is the standard wiring for end
stations, and the standard wiring for hubs and switches is known as MediaDependent Interface with Crossover (MDIX). Auto-negotiation must be
enabled for the switch to detect the wiring configuration. NBASE-T ports
(2.5G and 5G) do not support auto-detection. Use the correct crossover or
straight-through cable on 2.5/5G NBASE-T interfaces.
VLAN-Aware MAC-based Switching
Packets arriving from an unknown source address are sent to the CPU and
added to the Hardware Table. Future packets addressed to or from this
address are more efficiently forwarded.
Back Pressure Support
On half-duplex links, a receiver may prevent buffer overflows by jamming the
link so that it is unavailable for additional traffic. On full-duplex links, a
receiver may send a PAUSE frame indicating that the transmitter should
cease transmission of frames for a specified period.
NOTE: Dell EMC Networking N2000/N2100-ON/N3000/N3100-ON/N4000 Series
switches do not support half-duplex operation.
When flow control is enabled, the Dell EMC Networking N-Series switches
will observe received PAUSE frames or jamming signals, but will not issue
them when congested.
Switch Feature Overview 89
Auto-negotiation
Auto-negotiation allows the switch to advertise modes of operation. The
auto-negotiation function provides the means to exchange information
between two switches that share a point-to-point link segment and to
automatically configure both switches to take maximum advantage of their
transmission capabilities.
Dell EMC Networking N-Series switches enhance auto-negotiation by
providing configuration of port advertisement. Port advertisement allows the
system administrator to configure the port speeds that are advertised.
For information about configuring auto-negotiation, see "Port
Characteristics" on page 649.
Storm Control
When layer-2 frames are processed, broadcast, unknown unicast, and
multicast frames are flooded to all ports on the relevant virtual local area
network (VLAN). The flooding occupies bandwidth and loads all nodes
connected on all ports. Storm control limits the amount of broadcast,
unknown unicast, and multicast frames accepted and forwarded by the
switch.
For information about configuring Broadcast Storm Control settings, see
"Port-Based Traffic Control" on page 921.
Port Mirroring
Port mirroring mirrors network traffic by forwarding copies of incoming and
outgoing packets from multiple source ports to a monitoring port. Source
ports may be VLANs, Ethernet interfaces, port-channels, or the CPU port.
The switch also supports flow-based mirroring, which allows copying certain
types of traffic to a single destination port using an ACL. This provides
flexibility—instead of mirroring all ingress or egress traffic on a port the
switch can mirror a subset of that traffic. The switch can be configured to
mirror flows based on certain kinds of layer-2, layer-3, and layer-4 information.
Destination (probe) ports must be connected to a passive monitoring device.
Traffic sent from the probe into the switch probe port is dropped. Mirrored
traffic sent to the probe device will contain control plane traffic such as
spanning-tree, LLDP, DHCP, etc.
90 Switch Feature Overview
Dell EMC Networking N-Series switches support RSPAN destinations where
traffic can be tunneled across the operational network. Mirrored traffic is
flooded in the RSPAN VLAN from the source(s) to the destination(s) across
any intermediate switches. This allows the administrator flexibility in
connecting destination (probe) ports to the RSPAN. RSPAN does not support
configuration of the CPU port as a source.
For information about configuring port mirroring, see "Monitoring Switch
Traffic" on page 577.
Static and Dynamic MAC Address Tables
Static entries can be added to the switch’s MAC address table and the aging
time can be configured for entries in the dynamic MAC address table. Entries
can also be searched in the dynamic table based on several different criteria.
For information about viewing and managing the MAC address table, see
"MAC Addressing and Forwarding" on page 1155.
Link Layer Discovery Protocol (LLDP)
The IEEE 802.1AB defined standard, Link Layer Discovery Protocol (LLDP),
allows the switch to advertise major capabilities and physical descriptions.
This information can be used to help identify system topology and detect bad
configurations on the LAN.
For information about configuring LLDP, settings see "Discovering Network
Devices" on page 897.
Link Layer Discovery Protocol (LLDP) for Media Endpoint Devices
The Link Layer Discovery Protocol for Media Endpoint Devices (LLDPMED) provides an extension to the LLDP standard for network configuration
and policy, device location, and Power over Ethernet.
For information about configuring LLDP-MED, settings see "Discovering
Network Devices" on page 897.
Switch Feature Overview 91
Connectivity Fault Management (IEEE 802.1ag)
NOTE: This feature is available on the Dell EMC Networking N4000 Series
switches only.
The Connectivity Fault Management (CFM) feature, also known as Dot1ag,
supports Service Level Operations, Administration, and Management
(OAM). CFM is the OAM Protocol provision for end-to-end service layer
instance in carrier networks. The CFM feature provides mechanisms to help
perform connectivity checks, fault detection, fault verification and isolation,
and fault notification per service in a network domain.
For information about configuring IEEE 802.1ag settings, see "Connectivity
Fault Management" on page 995.
Priority-based Flow Control (PFC)
NOTE: This feature is available on the Dell EMC Networking N4000 Series
switches only.
The Priority-based Flow Control feature allows the switch to pause or inhibit
transmission of individual priorities within a single Ethernet link. By
configuring PFC to pause a congested priority (priorities) independently,
protocols that are highly loss sensitive can share the same link with traffic that
has different loss tolerances. Priorities are differentiated by the priority field
of the 802.1Q VLAN header. The Dell EMC Networking N4000 Series
switches support lossless transport of frames on up to two priority classes.
NOTE: An interface that is configured for PFC is automatically disabled for 802.3x
flow control.
For information about configuring the PFC feature, see "Data Center
Bridging Features" on page 1123.
92 Switch Feature Overview
Data Center Bridging Exchange (DBCx) Protocol
NOTE: This feature is available on the Dell EMC Networking N4000 Series
switches only.
The Data Center Bridging Exchange Protocol (DCBx) is used by DCB
devices to exchange configuration information with directly connected peers.
The protocol is also used to detect misconfiguration of the peer DCB devices
and, optionally, for configuration of peer DCB devices. For information about
configuring DCBx settings, see "Data Center Bridging Features" on
page 1123. DCBx is a link-local protocol and operates only on individual links.
Enhanced Transmission Selection
NOTE: This feature is available on the Dell EMC Networking N4000 Series
switches only.
Enhanced Transmission Selection (ETS) allows the switch to allocate
bandwidth to traffic classes and share unused bandwidth with lower-priority
traffic classes while coexisting with strict-priority traffic classes. ETS is
supported on the Dell EMC Networking N4000 Series switches and can be
configured manually or automatically using the auto configuration feature.
For more information about ETS, see "Enhanced Transmission Selection" on
page 1139.
Cisco Protocol Filtering
The Cisco Protocol Filtering feature (also known as Link Local Protocol
Filtering) filters Cisco protocols that should not normally be relayed by a
bridge. The group addresses of these Cisco protocols do not fall within the
IEEE defined range of the 802.1D MAC Bridge Filtered MAC Group
Addresses (01-80-C2-00-00-00 to 01-80-C2-00-00-0F).
For information about configuring LLPF, settings see "Port-Based Traffic
Control" on page 921.
Switch Feature Overview 93
DHCP Layer-2 Relay
This feature permits layer-3 relay agent functionality in layer-2 switched
networks. The switch supports layer-2 DHCP relay configuration on
individual ports, link aggregation groups (LAGs) and VLANs.
For information about configuring layer-2 DHCP relay settings see "Layer-2
and Layer-3 Relay Features" on page 1229.
94 Switch Feature Overview
Virtual Local Area Network Supported Features
For information about configuring VLAN features see "VLANs" on page 763.
VLAN Support
VLANs are collections of switching ports that comprise a single broadcast
domain. Packets are classified as belonging to a VLAN based on either the
VLAN tag or a combination of the ingress port and packet contents. Packets
sharing common attributes can be groups in the same VLAN. The Dell EMC
Networking N-Series switches are in full compliance with IEEE 802.1Q
VLAN tagging.
Port-Based VLANs
Port-based VLANs classify incoming packets to VLANs based on their ingress
port. When a port uses 802.1X port authentication, packets can be assigned
to a VLAN based on the result of the 802.1X authentication a client uses
when it accesses the switch. This feature is useful for assigning traffic to
Guest VLANs or Voice VLANs.
IP Subnet-based VLAN
This feature allows incoming untagged packets to be assigned to a VLAN and
traffic class based on the source IP address of the packet.
MAC-based VLAN
This feature allows incoming untagged packets to be assigned to a VLAN and
traffic class based on the source MAC address of the packet.
IEEE 802.1v Protocol-Based VLANs
VLAN classification rules are defined on data-link layer (layer-2) protocol
identification. Protocol-based VLANs are used for isolating layer-2 traffic.
Switch Feature Overview 95
Voice VLAN
The Voice VLAN feature enables switch ports to carry voice traffic with a
configured QoS and to optionally authenticate phones on the network. This
allows preferential treatment of voice traffic over data traffic transiting the
switch. Voice VLAN is the preferred solution for enterprises wishing to deploy
VoIP services in their network.
GARP and GVRP Support
The switch supports the Generic Attribute Registration Protocol (GARP).
GARP VLAN Registration Protocol (GVRP) relies on the services provided by
GARP to provide IEEE 802.1Q-compliant VLAN pruning and dynamic
VLAN creation on 802.1Q trunk ports. When GVRP is enabled, the switch
registers and propagates VLAN membership on all ports that are part of the
active spanning tree protocol topology.
For information about configuring GARP timers see "Layer-2 Multicast
Features" on page 939.
Guest VLAN
The Guest VLAN feature allows the administrator to provide service to
unauthenticated users, i.e., users that are unable to support 802.1X
authentication.
For information about configuring the Guest VLAN see "Guest VLAN" on
page 341.
Unauthorized VLAN
The Unauthorized VLAN feature allows the administrator to configure a
VLAN for 802.1X-aware hosts that attempt authentication and fail.
Double VLANs
NOTE: DVLAN is not available on the N3000 running the AGREGATION ROUTER
image.
96 Switch Feature Overview
The Double VLAN feature (IEEE 802.1QinQ) allows the use of a second tag
on network traffic. The additional tag helps differentiate between customers
in the Metropolitan Area Networks (MAN) while preserving individual
customer’s VLAN identification when they enter their own 802.1Q domain.
Switch Feature Overview 97
Spanning Tree Protocol Features
For information about configuring Spanning Tree Protocol features, see
"Spanning Tree Protocol" on page 845.
Spanning Tree Protocol (STP)
Spanning Tree Protocol (IEEE 802.1D) is a standard requirement of layer-2
switches that allows bridges to automatically prevent and resolve layer-2
forwarding loops.
Spanning Tree Port Settings
The STP feature supports a variety of per-port settings including path cost,
priority settings, Port Fast mode, STP Root Guard, Loop Guard, TCN Guard,
and Auto Edge. These settings are also configurable per-LAG.
Rapid Spanning Tree
Rapid Spanning Tree Protocol (RSTP) detects and uses network topologies to
enable faster spanning tree convergence after a topology change, without
creating forwarding loops. The port settings supported by STP are also
supported by RSTP.
Multiple Spanning Tree
Multiple Spanning Tree (MSTP) operation maps VLANs to spanning tree
instances. Packets assigned to various VLANs are transmitted along different
paths within MSTP Regions (MST Regions). Regions are one or more
interconnected MSTP bridges with identical MSTP settings. The MSTP
standard lets administrators assign VLAN traffic to unique paths.
The switch supports IEEE 802.1Q-2005, which corrects problems associated
with the previous version, provides for faster transition-to-forwarding, and
incorporates new features for a port (restricted role and restricted TCN).
98 Switch Feature Overview
Bridge Protocol Data Unit (BPDU) Guard
Spanning Tree BPDU Guard is used to disable the port in case a new device
tries to enter the already existing topology of STP. Thus devices, which were
originally not a part of STP, are not allowed to influence the STP topology.
BPDU Filtering
When spanning tree is disabled on a port, the BPDU Filtering feature allows
BPDU packets received on that port to be dropped. Additionally, the BPDU
Filtering feature prevents a port in Port Fast mode from sending and receiving
BPDUs. A port in Port Fast mode is automatically placed in the forwarding
state when the link is up to increase convergence time.
RSTP-PV and STP-PV
Dell EMC Networking N-Series switches support both Rapid Spanning Tree
Per VLAN (RSTP-PV) and Spanning Tree Per VLAN (STP-PV). RSTP-PV is
the IEEE 802.1w (RSTP) standard implemented per VLAN. A single instance
of rapid spanning tree (RSTP) runs on each configured VLAN. Each RSTP
instance on a VLAN has a root switch. STP-PV is the IEEE 802.1s (STP)
standard implemented per VLAN.
Switch Feature Overview 99
Link Aggregation Features
For information about configuring link aggregation (port-channel) features,
see "Link Aggregation" on page 1051.
Link Aggregation
Up to eight ports can combine to form a single Link Aggregation Group
(LAG). This enables fault tolerance protection from physical link disruption,
higher bandwidth connections and improved bandwidth granularity. LAGs
are formed from similarly configured physical links; i.e., the speed, duplex,
auto-negotiation, PFC configuration, DCBX configuration, etc., must be
compatible on all member links.
Per IEEE 802.1AX, only links with the identical operational characteristics,
such as speed and duplex setting, may be aggregated. Dell EMC Networking
N-Series switches aggregate links only if they have the same operational speed
and duplex setting, as opposed to the configured speed and duplex setting.
This allows operators to aggregate links that use auto-negotiation to set values
for speed and duplex or to aggregate ports with SFP+ technology operating at
a lower speed, e.g., 1G. Dissimilar ports will not become active in the LAG if
their operational settings do not match those of the first member of the LAG.
In practice, some ports in a LAG may auto-negotiate a different operational
speed than other ports depending on the far-end settings and any link
impairments. Per the above, these ports will not become active members of
the LAG. On a reboot or on flapping the LAG links, a lower-speed port may
be the first port selected to be aggregated into the LAG. In this case, the
higher-speed ports are not aggregated. Use the lacp port-priority command to
select one or more primary links to lead the formation of the aggregation
group.
While it is a requirement of a port-channel that the link members operate at
the same duplex and speed settings, administrators should be aware that
copper ports have larger latencies than fiber ports. If fiber and copper ports
are aggregated together, packets sent over the fiber ports would arrive
significantly sooner at the destination than packets sent over the copper
ports. This can cause significant issues in the receiving host (e.g., a TCP
receiver) as it would be required to buffer a potentially large number of out-
100 Switch Feature Overview
Loading...