How it Works
Dell
Loading...
S5000
Command Line Reference Guide
1341 pgs22.03 Mb0
Configuration manual
1050 pgs10.42 Mb0
Configuration Manual
12 pgs553.5 Kb0
Configuration Manual
17 pgs731.16 Kb0
Deployment/configuration Manual
79 pgs4.22 Mb0
Getting Started Guide
36 pgs2.34 Mb0
Installation Manual
50 pgs2.99 Mb0
Table of contents
Loading...

Dell S5000 Configuration manual

Download
FTOS Configuration Guide for
the S5000 Switch
FTOS 9.0(1.3)
Publication Date: August 2013
Notes, Cautions, and Warnings
NOTE: A NOTE indicates important information that helps you make better use of your computer.
CAUTION: A CAUTION indicates either potential damage to hardware or loss of data and tells you how to
avoid the problem.
Information in this publication is subject to change without notice. © 2013 Dell Networking. All rights reserved.
Reproduction of these materials in any manner whatsoever without the written permission of Dell Inc. is strictly forbidden. Trademarks used in this text: Dell™, the DELL logo, Dell Precision™, OptiPlex™, Latitude™, PowerEdge™, PowerVault™,
PowerConnect™, OpenManage™, EqualLogic™, KACE™, FlexAddress™ and V ostro™ are trademarks of Dell Inc. Intel Core™ and Celeron Opteron™, AMD Phenom™, and AMD Sempron™ are trademarks of Advanced Micro Devices, Inc. Microsoft
®
Server
, MS-DOS® and Windows V ista® are either trademarks or registered trademarks of Microsoft Corporation in the United States and/or other countries. Red Hat Enterprise Linux countries. Novell registered trademark of Oracle Corporation and/or its affiliates. Citrix or trademarks of Citrix Systems, Inc. in the United States and/or other countries. VMware
®
are registered trademarks of Intel Corporation in the U.S. and other countries. AMD® is a registered trademark and AMD
®
®
is a registered trademark and SUSE ™ is a trademark of Novell Inc. in the United States and other countries. Oracle® is a
and Enterprise Linux® are registered trademarks of Red Hat, Inc. in the United S tates and/or other
®
, Xen®, XenServer® and XenMotion® are either registered trademarks
®
, Virtual SMP®, vMotion®, vCenter®, and vSphere®
®
, Pentium®, Xeon®,
®
, Windows®, Windows
are registered trademarks or trademarks of VMWare, Inc. in the United States or other countrie s . Other trademarks and trade names may be used in this publication to refer to either the entities claimi ng the marks and names or their products.
Dell Inc. disclaims any proprietary interest in trademarks and trade names other than its own.
July 2013
1 About this Guide . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29
Objectives . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .29
Audience . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .29
Conventions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .29
Related Documents . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .30
2 Configuration Fundamentals . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31
Accessing the Command Line . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .31
CLI Modes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .32
Navigating CLI Modes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .34
Port Numbering Convention . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .36
The do Command . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .37
The no Command . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .37
Obtaining Help . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .38
Entering and Editing Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .39
Command History . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .40
Filtering show Command Outputs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .40
Multiple Users in Configuration mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .42
3 Getting S tarted. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 43
Accessing Ports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .44
Accessing the RJ-45/RS-232 Console Port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .44
Accessing the RJ-45 console port with a DB-9 adapter . . . . . . . . . . . . . . . . . . . . . .45
Accessing the USB-B Console Port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .45
Booting Process . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .47
Entering the Initial Configuration Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .49
Configuring the Enable Password . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .50
Configuring a Host Name . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .51
Navigating CLI Modes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .51
Default Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .51
Configuring Layer 2 (Data Link) Mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .51
Accessing the System Remotely . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .52
Configuring the Management Port IP Address . . . . . . . . . . . . . . . . . . . . . . . . . . . . .52
Configuring a Management Route . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .53
Configuring a Username and Password . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .53
Creating a Port-based VLAN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .53
Assigning Interfaces to a VLAN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .54
Assigning an IP Address to a VLAN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .55
Connecting the S5000 to the Network . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .55
Configuring File Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .55
Copying Files to and from the System . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .56
Important Points to Remember . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .56
| iii
www.dell.com | support.dell.com
Saving the Running-configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .57
Configuring the Overload bit for Startup Scenario . . . . . . . . . . . . . . . . . . . . . . . . . . .58
Viewing Files . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .58
Viewing Configuration Files . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .59
File System Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .60
Viewing command history . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .61
Upgrading and Downgrading FTOS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .62
4 Switch Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 63
Configuring Privilege Levels . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .64
Creating a Custom Privilege Level . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .64
Removing a command from EXEC mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .64
Moving a command from EXEC privilege mode to EXEC mode . . . . . . . . . . . . . . . .64
Allowing Access to CONFIGURATION mode commands . . . . . . . . . . . . . . . . . . . . .64
Allowing Access to INTERFACE, LINE, ROUTE-MAP, and ROUTER modes . . . . .65
Applying a Privilege Level to a Username . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .67
Applying a Privilege Level to a Terminal Line . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .67
Configuring Logging . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .67
Disabling Logging . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .67
Log Messages in the Internal Buffer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .68
Configuring Task List for System Log Management . . . . . . . . . . . . . . . . . . . . . . . . .68
Disabling System Logging. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .68
Sending System Messages to a Syslog Server. . . . . . . . . . . . . . . . . . . . . . . . . .68
Configuring a Unix System as a Syslog Server . . . . . . . . . . . . . . . . . . . . . . . . . . . .68
Changing System Logging Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .69
Displaying the Logging Buffer and the Logging Configuration . . . . . . . . . . . . . . . . .70
Configuring a UNIX logging facility level . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .71
Synchronizing log messages . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .72
Enabling timestamp on syslog messages . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .72
File Transfer Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .73
Configuring Task List for File Transfer Services . . . . . . . . . . . . . . . . . . . . . . . . . . . .73
Enabling FTP server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .73
Configuring FTP server parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .74
Configuring FTP client parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .74
Terminal Lines . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .75
Denying and Permitting Access to a Terminal Line. . . . . . . . . . . . . . . . . . . . . . .75
Configuring Login Authentication for Terminal Lines . . . . . . . . . . . . . . . . . . . . . . . . .76
Timing out of EXEC Privilege Mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .77
Telneting to Another Network Device . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .78
Locking CONFIGURATION mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .78
Viewing the Configuration Lock Status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .79
Recovering from a Forgotten Password . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .80
Recovering from a Forgotten Enable Password . . . . . . . . . . . . . . . . . . . . . . . . . . . .80
iv |
Recovering from a Failed Start . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .81
5 802.1ag . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 83
Ethernet CFM . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .84
Maintenance Domains . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .84
Maintenance Points . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .85
Maintenance End Points . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .86
Implementation Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .86
Configuring CFM . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .86
Related Configuration Tasks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .87
Enabling Ethernet CFM . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .87
Creating a Maintenance Domain . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .87
Creating a Maintenance Association . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .88
Creating Maintenance Points . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .88
Creating a Maintenance End Point . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .88
Creating a Maintenance Intermedia te Point . . . . . . . . . . . . . . . . . . . . . . . . . . . .89
MP Databases. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .89
Continuity Check Messages . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .90
Enabling CCM . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .92
Enabling Cross-checking. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .92
Loopback Message and Response . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .92
Linktrace Message and Response . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .92
Enabling Link Trace Cache . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .93
Enabling CFM SNMP Traps . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .94
Displaying Ethernet CFM Statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .95
6 802.1X. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 97
Protocol Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .97
Port-authentication Process . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .99
EAP over RADIUS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .100
RADIUS Attributes for 802.1 Support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .100
Configuring 802.1X . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .101
Related Configuration Tasks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .101
Important Points to Remember . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .101
Enabling 802.1X . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .101
Configuring Request Identity Re-transmissions . . . . . . . . . . . . . . . . . . . . . . . . . . .103
Configuring a Quiet Period after a Failed Authentication . . . . . . . . . . . . . . . . . . . .104
Forcibly Authorizing or Unauthorizing a Port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .105
Re-authenticating a Port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .106
Periodic Re-authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .106
Configuring Timeouts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .107
Dynamic VLAN Assignment with Port Authentication . . . . . . . . . . . . . . . . . . . . . . .108
Guest and Authentication-fail VLANs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .109
| v
www.dell.com | support.dell.com
Configuring a Guest VLAN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 110
Configuring an Authentication-fail VLAN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .110
7 Access Control Lists (ACLs) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 113
Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .113
IP Access Control Lists (ACLs) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 114
CAM Allocation and CAM Optimization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 115
User-Configurable CAM Allocation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .115
CAM optimization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .115
Test CAM Usage . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .116
Implementing ACLs on FTOS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .116
ACLs and VLANs. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .116
ACL Optimization. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .117
Determine the Order in Which ACLs are Used to Classify Traffic. . . . . . . . . . .117
IP Fragment Handling . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .118
IP Fragments ACL Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .118
Layer 4 ACL Rules Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .119
Configuring a Standard IP ACL . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .120
Configuring an Extended IP ACL . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .123
Configuring filters with a Sequence Number . . . . . . . . . . . . . . . . . . . . . . . . . . .123
Configuring Filters without a Sequence Number. . . . . . . . . . . . . . . . . . . . . . . .124
Established Flag . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .125
To obtain the functionality of est, use the following ACLs: . . . . . . . . . . . . . . . . . . .125
Configuring Layer 2 and Layer 3 ACLs on an Interface . . . . . . . . . . . . . . . . . . . . .125
Assigning an IP ACL to an Interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .126
Counting ACL Hits. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .127
Configuring Ingress ACLs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .127
Configuring Egress ACLs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .128
Egress Layer 3 ACL Lookup for Control-plane IP Traffic. . . . . . . . . . . . . . . . . .129
Configuring ACLs to Loopback . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .130
Applying an ACL on Loopback Interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .130
IP Prefix Lists . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .131
Implementation Information. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .132
Configuration Task List for Prefix Lists . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .132
Configuring a prefix list . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .132
Using a prefix list for route redistribution . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .135
ACL Resequencing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .136
Resequencing an ACL or Prefix List . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .137
Route Maps . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .138
Implementation Information. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .138
Important Points to Remember . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .138
Configuration Task List for Route Maps. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .139
Creating a route map. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .139
vi |
Configuring Route Map Filters. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .141
Configuring a route map for route redistribution . . . . . . . . . . . . . . . . . . . . . . . .143
Configuring a route map for route tagging. . . . . . . . . . . . . . . . . . . . . . . . . . . . .144
Continue clause. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .145
8 Bidirectional Forwarding Detection (BFD). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 147
Protocol Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .147
How BFD Works . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .148
Configuring Bidirectional Forwarding Detection . . . . . . . . . . . . . . . . . . . . . . . . . . .153
Configuring BFD for Physical Ports. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .154
Changing physical port session parameters . . . . . . . . . . . . . . . . . . . . . . . . . . .157
Configuring BFD for Static Routes. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .158
Configuring BFD for OSPF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .160
Configuring BFD for IS-IS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .163
Configuring BFD for BGP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .165
Configuring BFD for VRRP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .173
Configuring BFD for VLANs. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .176
Changing session parameters. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .177
Configuring BFD for Port-Channels. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .178
Changing port-channel session parameters . . . . . . . . . . . . . . . . . . . . . . . . . . .180
Configuring Protocol Liveness. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .180
Troubleshooting BFD. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .181
9 Border Gateway Protocol IPv4 (BGPv4) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 183
Protocol Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .184
Autonomous Systems (AS) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .184
Sessions and Peers. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .186
Route Reflectors . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .187
Confederations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .188
BGP Attributes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .189
Best Path Selection Criteria. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .189
Weight . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .192
Local Preference . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .192
Origin . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .193
AS Path . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .194
Next Hop . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .195
Multiprotocol BGP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .195
Implementing BGP with FTOS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .195
Additional Path (Add-Path) support. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .195
Advertising IGP cost as MED for redistributed routes . . . . . . . . . . . . . . . . . . . .195
Ignoring Router-ID for some best-path calculations . . . . . . . . . . . . . . . . . . . . .196
4-Byte AS Numbers. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .197
AS4 Number Representation. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .197
| vii
www.dell.com | support.dell.com
AS Number Migration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .200
BGP4 Management Information Base (MIB). . . . . . . . . . . . . . . . . . . . . . . . . . .202
Important Points to Remember . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .202
Configuration Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .203
BGP Configuration. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .204
Configuration Task List for BGP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .204
MBGP Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .246
BGP Regular Expression Optimization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .247
Debugging BGP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .247
Storing Last and Bad PDUs. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .248
Capturing PDUs. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .250
PDU Counters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .251
Sample Configurations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .251
10 Bare Metal Provisioning 2.0. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 263
Prerequisites . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .264
Restrictions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .264
Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .264
Jumpstart mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .265
DHCP Server. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .265
File Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .268
Domain Name Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .269
Switch boot and set-up behavior in Jumpstart Mode. . . . . . . . . . . . . . . . . . . . .269
11 Content Addressable Memory (CAM) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 273
Content Addressable Memory . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .273
CAM Allocation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .273
Re-allocating CAM for Ingress ACLs and QoS . . . . . . . . . . . . . . . . . . . . . . . . . . . .274
Re-allocating CAM for Egress ACLs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .275
Testing CAM Usage for QoS Policies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .275
Displaying CAM-ACL Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .276
Displaying CAM-ACL-Egress Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .277
CAM Optimization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .277
12 Control Plane Policing (CoPP) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 279
Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .279
Configuring Control Plane Policing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .280
Configuring CoPP for protocols . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .281
Sample Config for CoPP protocol configuration . . . . . . . . . . . . . . . . . . . . . . . .282
Configuring CoPP for CPU queues . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .283
Sample Config for CoPP CPU queue configuration . . . . . . . . . . . . . . . . . . . . .283
Show commands. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .284
viii |
13 Data Center Bridging (DCB) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 287
Ethernet Enhancements in Data Center Bridging . . . . . . . . . . . . . . . . . . . . . . . . . .287
Priority-Based Flow Control. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .288
Enhanced Transmission Selection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .289
Data Center Bridging Exchange Protocol . . . . . . . . . . . . . . . . . . . . . . . . . . . . .291
Data Center Bridging in a Traf fic Flow. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .291
Data Center Bridging: Default Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .292
Enabling Data Center Bridging . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .292
QoS dot1p Traffic Classification and Queue Assignment . . . . . . . . . . . . . . . . . . . .293
Configuring PFC and ETS in a DCB Map . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .294
PFC Configuration Notes. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .294
PFC Prerequisites and Restrictions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .295
ETS Configuration Notes. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .296
ETS Prerequisites and Restrictions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .297
Priority-Group Configuration Notes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .297
DCB Map: Configuration Procedure . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .297
Applying a DCB Map on a Port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .299
Configuring PFC without a DCB Map . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .299
Configuring Lossless Queues . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .300
ETS Operation with DCBx. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .301
Configuring Bandwidth Allocation for DCBx CIN. . . . . . . . . . . . . . . . . . . . . . . .302
Applying a DCB Map in a Switch Stack. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .302
Configuring DCBx Operation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .303
Supported DCBx Versions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .303
DCBx Operation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .303
DCBx Port Roles . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .304
DCB Configuration Exchange . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .305
Configuration Source Election. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .306
Propagation of DCB Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .306
Auto-Detection and Manual Configuration of the DCBx Version . . . . . . . . . . . .307
DCBx Example . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .308
DCBx Prerequisites and Restrictions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .309
DCBx Configuration Procedure . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .310
Verifying DCB Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .313
PFC and ETS Configuration Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .325
Using PFC and ETS to Manage Data Center Traffic. . . . . . . . . . . . . . . . . . . . .325
Using PFC and ETS to Manage Converged Ethernet Traffic in a Switch Stack 329
Hierarchical Scheduling in ETS Configuration. . . . . . . . . . . . . . . . . . . . . . . . . .329
Troubleshooting PFC, ETS, and DCBx Operation . . . . . . . . . . . . . . . . . . . . . . . . .330
DCBx Oper Status is Down . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .330
DCBx Error Messages. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .331
Debugging DCBx on an Interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .332
| ix
www.dell.com | support.dell.com
14 Dynamic Host Configuration Protocol (DHCP) . . . . . . . . . . . . . . . . . . . . . . . . . . 333
Protocol Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .333
DHCP Packet Format and Options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .334
Assigning an IP Address using DHCP. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .335
Implementation Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .336
Configuration Tasks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .336
Configuring the System to be a DHCP Server . . . . . . . . . . . . . . . . . . . . . . . . . . . .336
Configuration Tasks. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .337
Related Configuration Tasks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .337
Configuring the Server for Automatic Address Allocation . . . . . . . . . . . . . . . . .337
Specifying a Default Gateway . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .338
Enabling DHCP Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .339
Configuring a Method of Hostname Resolution. . . . . . . . . . . . . . . . . . . . . . . . .339
Creating Manual Binding Entries. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .340
Debugging DHCP server. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .341
DHCP Clear Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .341
Configuring the System to be a Relay Agent . . . . . . . . . . . . . . . . . . . . . . . . . . . . .341
Configuring the System for User Port Stacking . . . . . . . . . . . . . . . . . . . . . . . . . . . .342
Configuring Secure DHCP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .343
Option 82. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .343
DHCP Snooping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .344
Dropping DHCP packets on snooped VLANs only . . . . . . . . . . . . . . . . . . . . . .346
Dynamic ARP Inspection. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .347
Source Address Validation. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .349
15 Equal Cost Multi-Path (ECMP) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 353
ECMP for Flow-based Affinity . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .353
Deterministic ECMP Next Hop. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .353
Configuring Hash Algorithm Seed . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .354
Link Bundle Monitoring . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .354
Managing ECMP Group Paths . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .355
16 FCoE Transit. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 357
Fibre Channel over Ethernet . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .357
Ensuring Robustness in a Converged Ethernet Network . . . . . . . . . . . . . . . . . . . .357
FIP Snooping on Ethernet Bridges . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .359
Configuring FIP Snooping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .361
Enabling the FCoE Transit Feature. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .361
Enabling FIP Snooping on VLANs. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .362
Configuring the FC-MAP Value . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .363
Configuring a Port for a Bridge-to-FCF Link . . . . . . . . . . . . . . . . . . . . . . . . . . .363
FIP Snooping on an NPIV Proxy Gateway . . . . . . . . . . . . . . . . . . . . . . . . . . . .363
x |
FIP Snooping in an S5000 Stack. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .363
Impact on Other Software Features. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .364
FIP Snooping Prerequisites. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .364
FIP Snooping Restrictions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .365
FIP Snooping Configuration Procedure. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .366
Displaying FIP Snooping Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .367
FCoE Transit Configuration Example . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .372
17 Force10 Resilient Ring Protocol (FRRP). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 375
Protocol Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .375
Ring Status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .376
Multiple FRRP Rings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .377
Important FRRP Points . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .379
Important FRRP Concepts. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .379
Implementing FRRP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .380
Configuring FRRP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .381
Troubleshooting FRRP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .385
Configuration Checks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .385
Sample Configuration and Topology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .385
18 GARP VLAN Registration Protocol (GVRP) . . . . . . . . . . . . . . . . . . . . . . . . . . . . 387
Protocol Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .387
Important Points to Remember . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .387
Configuring GVRP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .388
Related Configuration Tasks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .389
Enabling GVRP Globally . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .389
Enabling GVRP on a Layer 2 Interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .390
Configuring GVRP Registration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .390
Configuring a GARP Timer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .391
19 High Availability. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 393
High Availability on S5000 Stacks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .393
Hitless Behavior . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .393
Graceful Restart . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .394
Software Resiliency . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .394
System Health Monitoring . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .394
Failure and Event Logging. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .394
Hot-lock Behavior . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .395
20 Internet Group Management Protocol (IGMP). . . . . . . . . . . . . . . . . . . . . . . . . . . 397
IGMP Implementation Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .397
IGMP Protocol Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .398
| xi
www.dell.com | support.dell.com
IGMP version 2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .398
IGMP version 3 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .399
Configuring IGMP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .402
Related Configuration Tasks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .402
Viewing IGMP Enabled Interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .402
Selecting an IGMP Version . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .403
Viewing IGMP Groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .403
Adjusting Timers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .404
Adjusting Query and Response Timers. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .404
Adjusting the IGMP Querier Timeout Value. . . . . . . . . . . . . . . . . . . . . . . . . . . .404
Configuring a Static IGMP Group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .405
Enabling IGMP Immediate-leave . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .405
IGMP Snooping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .405
IGMP Snooping Implementation Information. . . . . . . . . . . . . . . . . . . . . . . . . . .406
Configuring IGMP Snooping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .406
Enabling IGMP Immediate-leave. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .406
Disabling Multicast Flooding . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .407
Specifying a Port as Connected to a Multicast Router . . . . . . . . . . . . . . . . . . .407
Configuring the Switch as Querier. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .407
Fast Convergence after MSTP Topology Changes . . . . . . . . . . . . . . . . . . . . . . . . .408
Designating a Multicast Router Interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .408
21 Interfaces. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 409
Basic Interface Configuration: . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .409
Advanced Interface Configuration: . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .409
Interface Types . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .410
Viewing Basic Interface Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .410
Enabling a Physical Interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .413
Physical Interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .413
Configuration Task List for Physical Interfaces . . . . . . . . . . . . . . . . . . . . . . . . .414
Overview of Layer Modes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .414
Configuring Layer 2 (Data Link) Mode. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .414
Configuring Layer 3 (Network) Mode. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .415
Management Interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .417
Configuring a Management Interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .417
Important Things to Remember — virtual-ip . . . . . . . . . . . . . . . . . . . . . . . . . . .418
Displaying a Management Interface Configuration . . . . . . . . . . . . . . . . . . . . . .419
VLAN Interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .420
Loopback Interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .421
Port Channel Interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .421
Port channel definition and standards . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .421
Port channel benefits. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .422
Port channel implementation. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .422
xii |
1G/10G interfaces in port channels. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .422
Configuration task list for port channel interfaces . . . . . . . . . . . . . . . . . . . . . . .423
Creating a port channel . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .423
Adding a physical interface to a port channel . . . . . . . . . . . . . . . . . . . . . . . . . .424
Reassigning an interface to a new port channel . . . . . . . . . . . . . . . . . . . . . . . .426
Configuring the minimum oper up links in a port channel (LAG). . . . . . . . . . . .427
Adding or removing a port channel from a VLAN . . . . . . . . . . . . . . . . . . . . . . .428
Assigning an IP address to a port channel . . . . . . . . . . . . . . . . . . . . . . . . . . . .428
Deleting or disabling a port channel . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .429
Load balancing through port channels . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .429
S5000 load-balancing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .429
Hash algorithm . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .430
Bulk Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .431
Interface Range. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .431
Bulk Configuration Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .431
Interface Range Macros . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .433
Defining the Interface Range. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .433
Choosing an Interface-range Macro . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .434
Monitoring and Maintaining Interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .434
Splitting QSFP ports to SFP+ ports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .436
Important Points. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .436
Link Dampening . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .437
Important Points to Remember . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .437
Enabling Link Dampening . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .437
Link Bundle Monitoring . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .439
Using Ethernet Pause Frames for Flow Control . . . . . . . . . . . . . . . . . . . . . . . . . . .440
Configuring MTU Size on an Interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .441
Adjusting the keepalive timer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .442
Viewing Advanced Interface Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .442
Displaying Only Configured Interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .442
Configuring Interface Sampling Size . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .443
Dynamic Counters. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .445
Clearing interface counters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .446
Fibre Channel Interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .447
Configuring Fibre Channel Interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .447
Enabling Fibre Channel Capability . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .447
Configuring Fibre Channel Interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .447
Displaying Fibre Channel Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .448
Troubleshooting Fibre Channel Operation. . . . . . . . . . . . . . . . . . . . . . . . . . . . .452
22 IPv4 Routing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 455
IP Addresses . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .456
Implementation Information. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .456
| xiii
www.dell.com | support.dell.com
Configuration Task List for IP Addresses. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .456
Directed Broadcast . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .460
Resolution of Host Names . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .460
ARP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .463
Configuration Task List for ARP. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .463
ARP Learning via Gratuitous ARP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .465
ARP Learning via ARP Request . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .465
Configuring ARP Retries . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .466
ICMP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .466
Configuration Task List for ICMP. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .466
UDP Helper . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .467
Configuring UDP Helper . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .467
Important Points to Remember about UDP Helper . . . . . . . . . . . . . . . . . . . . . .467
Enabling UDP Helper . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .468
Configuring a Broadcast Address . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .468
Configurations Using UDP Helper . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .469
UDP Helper with Broadcast-all Addresses . . . . . . . . . . . . . . . . . . . . . . . . . . . .469
UDP Helper with Subnet Broadcast Addresses. . . . . . . . . . . . . . . . . . . . . . . . .470
UDP Helper with Configured Broadcast Addresses . . . . . . . . . . . . . . . . . . . . .470
UDP Helper with No Configured Broadcast Addresses. . . . . . . . . . . . . . . . . . .471
Troubleshooting UDP Helper . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .471
23 iSCSI Optimization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 473
iSCSI Optimization Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .473
Monitoring iSCSI Traffic Flows. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .475
Application of Quality of Service to iSCSI Traffic Flows. . . . . . . . . . . . . . . . . . .475
Information Monitored in iSCSI Traffic Flows. . . . . . . . . . . . . . . . . . . . . . . . . . .475
Detection and Auto-configuration for Dell EqualLogic Arrays . . . . . . . . . . . . . .476
Detection and Port Configuration for Dell Compellent Arrays . . . . . . . . . . . . . .476
Enabling and Disabling iSCSI Optimization. . . . . . . . . . . . . . . . . . . . . . . . . . . .477
Default iSCSI Optimization Values . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .478
iSCSI Optimization Prerequisites . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .478
Configuring iSCSI Optimization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .479
Displaying iSCSI Optimization Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .480
24 Intermediate System to Intermediate System . . . . . . . . . . . . . . . . . . . . . . . . . . . 483
Protocol Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .483
IS-IS Addressing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .484
Multi-Topology IS-IS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .484
Transition Mode. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .485
Interface support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .485
Adjacencies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .485
Graceful Restart . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .486
xiv |
Timers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .486
Implementation Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .487
Configuration Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .488
Configuration Task List for IS-IS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .488
Configuring the distance of a route . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .498
Changing the IS-type. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .498
IS-IS Metric Styles . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .505
Configuring Metric Values . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .506
Maximum Values in the Routing Table. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .506
Changing the IS-IS Metric Style in One Level Only. . . . . . . . . . . . . . . . . . . . . .506
Leaking from One Level to Another. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .508
Sample Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .509
25 IPv6 Routing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 513
Protocol Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .514
Extended Address Space . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .514
Stateless Autoconfiguration. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .514
IPv6 Headers. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .515
IPv6 Header Fields . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .515
Extension Header fields. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .517
Addressing. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .518
Implementing IPv6 with FTOS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .519
ICMPv6 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .520
Path MTU Discovery . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .520
IPv6 Neighbor Discovery. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .521
SSH over an IPv6 Transport . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .522
Configuration Task List for IPv6 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .523
Adjusting your CAM-Profile . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .523
Assigning an IPv6 Address to an Interface . . . . . . . . . . . . . . . . . . . . . . . . . . . .524
Assigning a Static IPv6 Route . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .525
Telneting with IPv6. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .525
SNMP over IPv6 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .526
Showing IPv6 Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .526
Showing an IPv6 Interface. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .527
Showing IPv6 Routes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .528
Showing the Running-Configuration for an Interface. . . . . . . . . . . . . . . . . . . . .530
Clearing IPv6 Routes. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .530
26 Link Aggregation Control Protocol (LACP) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 531
Introduction to Dynamic LAGs and LACP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .531
Important Points to Remember . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .531
LACP modes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .532
LACP Configuration Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .533
| xv
www.dell.com | support.dell.com
LACP Configuration Tasks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .533
Creating a LAG . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .533
Configuring the LAG interface as dynamic . . . . . . . . . . . . . . . . . . . . . . . . . . . .534
Setting the LACP long timeout . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .534
Monitoring and Debugging LACP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .535
Shared LAG State Tracking . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .535
Configuring Shared LAG State Tracking . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .536
Important Points about Shared LAG State Tracking . . . . . . . . . . . . . . . . . . . . .538
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .538
27 Layer 2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 539
Managing the MAC Address Table . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .539
Clearing the MAC Address Table . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .539
Setting the Aging Time for Dynamic Entries . . . . . . . . . . . . . . . . . . . . . . . . . . .540
Configuring a Static MAC Address . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .540
Displaying the MAC Address Table . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .540
MAC Learning Limit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .540
mac learning-limit dynamic . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .541
mac learning-limit mac-address-sticky. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .541
mac learning-limit station-move. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .542
Learning Limit Violation Actions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .542
Station Move Violation Actions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .542
Recovering from Learning Limit and Station Move Violations . . . . . . . . . . . . . .543
NIC Teaming . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .544
Configuring Redundant Pairs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .545
Important Points about Configuring Redundant Pairs . . . . . . . . . . . . . . . . . . . .547
xvi |
28 Link Layer Discovery Protocol (LLDP). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 549
802.1AB (LLDP) Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .549
Protocol Data Units . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .549
Optional TLVs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .551
Management TLVs. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .551
TIA-1057 (LLDP-MED) Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .553
TIA Organizationally Specific TLVs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .553
Configuring LLDP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .557
Related Configuration Tasks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .557
Important Points to Remember . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .558
LLDP Compatibility . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .558
CONFIGURATION versus INTERFACE Configurations . . . . . . . . . . . . . . . . . .558
Enabling LLDP. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .559
Disabling and Undoing LLDP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .559
Advertising TL Vs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .559
Viewing the LLDP Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .561
Viewing Information Advertised by Adjacent LLDP Agents . . . . . . . . . . . . . . . . . . .561
Configuring LLDPDU Intervals . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .563
Configuring Transmit and Receive Mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .564
Configuring a Time to Live . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .565
Debugging LLDP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .566
Relevant Management Objects . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .566
29 Multicast Source Discovery Protocol (MSDP). . . . . . . . . . . . . . . . . . . . . . . . . . . 573
Protocol Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .573
Anycast RP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .574
Implementation Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .575
Configuring Multicast Source Discovery Protocol . . . . . . . . . . . . . . . . . . . . . . . . . .575
Related Configuration Tasks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .575
Enabling MSDP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .581
Managing the Source-active Cache . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .581
Viewing the Source-active Cache . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .582
Limiting the Source-active Cache . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .582
Clearing the Source-active Cache. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .582
Enabling the Rejected Source-active Cache. . . . . . . . . . . . . . . . . . . . . . . . . . .582
Accepting Source-active Messages that fail the RFP Check . . . . . . . . . . . . . . . . .583
Limiting the Source-active Messages from a Peer . . . . . . . . . . . . . . . . . . . . . . . . .585
Preventing MSDP from Caching a Local Source . . . . . . . . . . . . . . . . . . . . . . . . . .586
Preventing MSDP from Caching a Remote Source . . . . . . . . . . . . . . . . . . . . . . . .586
Preventing MSDP from Advertising a Local Source . . . . . . . . . . . . . . . . . . . . . . . .587
Logging Changes in Peership States . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .589
Terminating a Peership . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .589
Clearing Peer Statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .590
Debugging MSDP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .590
MSDP with Anycast RP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .591
Reducing Source-active Message Flooding . . . . . . . . . . . . . . . . . . . . . . . . . . .592
Specifying the RP Address Used in SA Messages . . . . . . . . . . . . . . . . . . . . . .592
MSDP Sample Configurations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .595
30 Multiple Spanning Tree Protocol (MSTP) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 601
Protocol Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .601
Implementation Information. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .602
Configuring Multiple Spanning Tree Protocol . . . . . . . . . . . . . . . . . . . . . . . . . . . . .602
Related Configuration Tasks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .603
Enabling Multiple Spanning Tree Globally . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .603
Adding and Removing Interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .604
Creating Multiple Spanning Tree Instances . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .604
Influencing MSTP Root Selection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .605
Interoperating with Non-FTOS Bridges . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .606
| xvii
www.dell.com | support.dell.com
Modifying Global Parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .607
Modifying Interface Parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .608
Configuring an EdgePort . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .609
Flushing MAC Addresses after a Topology Change . . . . . . . . . . . . . . . . . . . . . . . .610
MSTP Sample Configurations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .610
Debugging and Verifying MSTP Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . .614
31 Multicast Features. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 617
Enabling IP Multicast . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .617
Multicasting with ECMP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .617
Implementation Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .618
First Packet Forwarding for Lossless Multicast . . . . . . . . . . . . . . . . . . . . . . . . . . . .619
IPv4 Multicast Policies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .619
Limiting the Number of Multicast Routes. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .620
Preventing a Host from Joining a Group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .620
Rate Limiting IGMP Join Requests . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .623
Preventing a PIM Router from Forming an Adjacency . . . . . . . . . . . . . . . . . . .623
Preventing a Source from Registering with the RP . . . . . . . . . . . . . . . . . . . . . .623
Preventing a PIM Router from Processing a Join . . . . . . . . . . . . . . . . . . . . . . .625
32 NPIV Proxy Gateway. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 627
Benefits of an NPIV Proxy Gateway . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .627
NPIV Proxy Gateway Operation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .627
NPIV Proxy Gateway: Protocol Services. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .629
NPIV Proxy Gateway Functionality . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .629
NPIV Proxy Gateway: Terms and Definitions . . . . . . . . . . . . . . . . . . . . . . . . . .630
DCB Maps . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .631
FCoE Maps . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .631
Configuring an NPIV Proxy Gateway . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .632
Enabling Fibre Channel Capability on the Switch . . . . . . . . . . . . . . . . . . . . . . .632
Creating a DCB map . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .632
Applying a DCB map on server-facing Ethernet ports. . . . . . . . . . . . . . . . . . . .634
Creating an FCoE VLAN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .634
Creating an FCoE map . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .635
Applying an FCoE map on server-facing Ethernet ports . . . . . . . . . . . . . . . . . .636
Applying an FCoE Map on fabric-facing FC ports . . . . . . . . . . . . . . . . . . . . . . .637
Sample Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .638
Displaying NPIV Proxy Gateway Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . .639
33 Object Tracking. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 647
Object Tracking Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .647
Tracking Layer 2 Interfaces. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .648
xviii |
Tracking Layer 3 Interfaces. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .649
Tracking IPv4 and IPv6 Routes. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .649
Setting Tracking Delays. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .650
VRRP Object Tracking. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .650
Object Tracking Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .651
Tracking a Layer 2 Interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .651
Tracking a Layer 3 Interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .652
Tracking an IPv4/IPv6 Route. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .653
Displaying Tracked Objects . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .657
34 Open Shortest Path First (OSPFv2) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 661
Protocol Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .661
Networks and Neighbors . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .663
Router Types. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .663
Designated and Backup Designated Routers . . . . . . . . . . . . . . . . . . . . . . . . . .665
Link-State Advertisements (LSAs). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .665
Virtual Links. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .667
Router Priority and Cost . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .667
Implementing OSPF with FTOS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .668
Fast Convergence (OSPFv2, IPv4 only) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .669
Multi-Process OSPF (OSPFv2, IPv4 only) . . . . . . . . . . . . . . . . . . . . . . . . . . . .669
RFC-2328 Compliant OSPF Flooding . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .669
OSPF ACK Packing. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .670
OSPF Adjacency with Cisco Routers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .670
Configuration Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .671
Configuration Task List for OSPFv2 (OSPF for IPv4) . . . . . . . . . . . . . . . . . . . .671
Sample Configurations for OSPFv2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .689
Basic OSPFv2 Router Topology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .689
35 PIM Sparse-Mode (PIM-SM) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 691
Implementation Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .691
Protocol Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .692
Requesting Multicast Traffic . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .692
Refusing Multicast Traffic . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .692
Sending Multicast Traffic . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .692
Important Points to Remember . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .693
Configuring PIM-SM . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .693
Related Configuration Tasks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .693
Enabling PIM-SM . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .694
Configuring S,G Expiry Timers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .695
Configuring a Static Rendezvous Point . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .696
Overriding Bootstrap Router Updates . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .697
Configuring a Designated Router . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .697
| xix
www.dell.com | support.dell.com
Creating Multicast Boundaries and Domains . . . . . . . . . . . . . . . . . . . . . . . . . . . . .698
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .698
36 Port Monitoring . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 699
Important Points to Remember . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .699
Port Monitoring on the S5000 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .700
Configuring Port Monitoring . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .702
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .703
37 Private VLANs (PVLAN) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 705
Private VLAN Concepts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .705
Private VLAN Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .707
Private VLAN Configuration Task List . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .708
Creating PVLAN ports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .708
Creating a Primary VLAN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .709
Creating a Community VLAN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .710
Creating an Isolated VLAN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .710
Private VLAN Configuration Example . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .711
Inspecting the Private VLAN Configuration. . . . . . . . . . . . . . . . . . . . . . . . . . . .712
38 Per-VLAN Spanning Tree Plus (PVST+). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 715
Protocol Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .715
Implementation Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .716
Configuring Per-VLAN Spanning Tree Plus . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .717
Related Configuration Tasks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .717
Enabling PVST+ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .717
Disabling PVST+ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .717
Influencing PVST+ Root Selection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .718
Modifying Global PVST+ Parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .719
Modifying Interface PVST+ Parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .720
Configuring an EdgePort . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .721
PVST+ in Multi-vendor Networks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .722
PVST+ Extended System ID . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .722
PVST+ Sample Configurations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .723
39 Quality of Service (QoS) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 727
Implementation Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .728
Port-based QoS Configurations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .728
Setting dot1p Priorities for Incoming Traffic. . . . . . . . . . . . . . . . . . . . . . . . . . . .729
Honoring dot1p Priorities on Ingress Traffic. . . . . . . . . . . . . . . . . . . . . . . . . . . .729
Priority-tagged Frames on the Default VLAN . . . . . . . . . . . . . . . . . . . . . . . . . .730
Configuring Port-based Rate Policing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .730
xx |
Configuring Port-based Rate Shaping. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .731
Policy-based QoS Configurations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .731
Classifying Traffic . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .732
Creating a QoS Policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .734
Creating Policy Maps. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .736
QoS Rate Adjustment . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .739
Strict-priority Queueing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .739
Weighted Random Early Detection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .740
Create WRED Profiles. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .741
Applying a WRED profile to traffic . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .741
Displaying Default and Configured WRED Profiles. . . . . . . . . . . . . . . . . . . . . .741
Displaying WRED Drop Statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .742
Pre-calculating Available QoS CAM Space . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .742
40 Routing Information Protocol (RIP) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 745
Protocol Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .745
RIPv1. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .745
RIPv2. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .746
Implementation Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .746
Configuration Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .746
Configuration Task List for RIP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .746
RIP Configuration Example . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .754
RIP Configuration Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .759
41 Remote Monitoring (RMON) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 761
Implementation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .761
Fault Recovery . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .762
Setting rmon alarm . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .763
Configuring an RMON event . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .764
Configuring RMON collection statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .765
Configuring RMON collection history. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .766
Enabling an RMON MIB collection history group. . . . . . . . . . . . . . . . . . . . . . . .766
42 Rapid Spanning Tree Protocol (RSTP) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 767
Protocol Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .767
Configuring Rapid Spanning Tree . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .767
Related Configuration Tasks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .767
Important Points to Remember . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .768
RSTP and VLT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .768
Configuring Interfaces for Layer 2 Mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .769
Enabling Rapid Spanning Tree Protocol Globally . . . . . . . . . . . . . . . . . . . . . . . . . .769
Adding and Removing Interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .773
| xxi
www.dell.com | support.dell.com
Modifying Global Parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .773
Modifying Interface Parameters. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .774
Configuring an EdgePort . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .775
Influencing RSTP Root Selection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .776
SNMP Traps for Root Elections and Topology Changes. . . . . . . . . . . . . . . . . .777
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .777
43 Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 779
AAA Accounting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .779
Configuration Task List for AAA Accounting . . . . . . . . . . . . . . . . . . . . . . . . . . .779
AAA Authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .782
Configuration Task List for AAA Authentication. . . . . . . . . . . . . . . . . . . . . . . . .782
AAA Authorization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .785
Privilege Levels Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .785
Configuration Task List for Privilege Levels. . . . . . . . . . . . . . . . . . . . . . . . . . . .786
RADIUS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .790
RADIUS Authentication and Authorization . . . . . . . . . . . . . . . . . . . . . . . . . . . .791
Configuration Task List for RADIUS. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .792
TACACS+ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .795
Configuration Task List for TACACS+ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .795
Command Authorization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .799
Protection from TCP Tiny and Overlapping Fragment Attacks . . . . . . . . . . . . . . . .799
SCP and SSH . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .799
Using SCP with SSH to copy a software image . . . . . . . . . . . . . . . . . . . . . . . .801
Secure Shell Authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .802
Troubleshooting SSH. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .805
Telnet . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .805
VTY Line and Access-Class Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .806
VTY Line Local Authentication and Authorization . . . . . . . . . . . . . . . . . . . . . . .806
VTY Line Remote Authentication and Authorization . . . . . . . . . . . . . . . . . . . . .807
VTY MAC-SA Filter Support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .807
xxii |
44 Service Provider Bridging . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 809
VLAN Stacking . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .809
Important Points to Remember . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .810
Configuring VLAN Stacking . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .810
Related Configuration Tasks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .810
Creating Access and Trunk Ports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .811
Enabling VLAN-Stacking for a VLAN. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 811
Configuring the Protocol Type Value for the Outer VLAN Tag. . . . . . . . . . . . . .812
FTOS Options for Trunk Ports. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .812
Debugging VLAN Stacking . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .813
VLAN Stacking in Multi-vendor Networks . . . . . . . . . . . . . . . . . . . . . . . . . . . . .814
VLAN Stacking Packet Drop Precedence . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .817
Enable Drop Eligibility . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .817
Honoring the Incoming DEI V alue . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .818
Marking Egress Packets with a DEI Value. . . . . . . . . . . . . . . . . . . . . . . . . . . . .818
Dynamic Mode CoS for VLAN Stacking . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .819
Layer 2 Protocol Tunneling . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .821
Implementation Information. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .823
Enabling Layer 2 Protocol Tunneling. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .823
Specifying a Destination MAC Address for BPDUs. . . . . . . . . . . . . . . . . . . . . .823
Rate-limiting BPDUs on the S5000 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .823
Debug Layer 2 Protocol Tunneling . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .824
Provider Backbone Bridging . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .824
45 sFlow. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 825
Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .825
Implementation Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .826
Important Points to Remember . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .826
Enabling and Disabling sFlow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .827
Enabling and Disabling on an Interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .827
sFlow Show Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .827
Show sFlow Globally . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .828
Show sFlow on an Interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .828
Show sFlow on a Stack Unit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .829
Specifying Collectors . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .829
Polling Intervals . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .829
Back-off Mechanism . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .830
sFlow on LAG ports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .830
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .830
46 Simple Network Management Protocol (SNMP). . . . . . . . . . . . . . . . . . . . . . . . . 831
Protocol Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .831
Implementation Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .831
Configuring Simple Network Management Protocol . . . . . . . . . . . . . . . . . . . . . . . .832
Related Configuration Tasks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .832
Important Points to Remember . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .832
Setting up SNMP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .832
Creating a Community. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .833
Setting Up User-based Security (SNMPv3). . . . . . . . . . . . . . . . . . . . . . . . . . . .833
Read Managed Object Values . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .835
Write Managed Object Values . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .836
Configuring Contact and Location Information using SNMP . . . . . . . . . . . . . . . . . .836
Subscribing to Managed Object Value Updates using SNMP . . . . . . . . . . . . . . . . .838
Copying Configuration Files Using SNMP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .841
| xxiii
Managing VLANs using SNMP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .847
Creating a VLAN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .847
Assigning a VLAN Alias. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .847
Displaying the Ports in a VLAN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .848
Adding Tagged and Untagged Ports to a VLAN . . . . . . . . . . . . . . . . . . . . . . . .850
Managing Overload on Startup . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .851
Enabling and Disabling a Port using SNMP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .852
Fetching Dynamic MAC Entries using SNMP . . . . . . . . . . . . . . . . . . . . . . . . . . . . .852
Monitoring Port-channels . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .854
Troubleshooting SNMP Operation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .855
www.dell.com | support.dell.com
47 Stacking. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 857
Stacking S5000 Switches . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .858
Stack Management Roles . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .858
Stack Master Election . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .859
Failover Roles . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .860
MAC Addressing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .860
Stacking LAG. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .861
High Availability on S5000 Stacks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .861
Stack Unit and Stack Group Numbering . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .862
Supported Stacking Topologies. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .864
Configuring an S5000 Switch Stack . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .864
Stacking and Cabling Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .865
Cabling Stacked Switches. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .865
Accessing the Stack CLI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .866
Assigning a Priority to Stacked Switches. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .866
Renumbering a Stack Unit. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .867
Configuring S5000 Stacking Ports and Bringing Up a Stack . . . . . . . . . . . . . . . . . .867
Provisioning a Stack Unit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .873
Converting 4x10GbE Ports to 40GbE for Stacking . . . . . . . . . . . . . . . . . . . . . . . . .873
Removing a Stack Group from Stacking Mode . . . . . . . . . . . . . . . . . . . . . . . . . . . .874
Removing a Switch from a Stack . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .874
Adding a Stack Unit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .874
Merging Two Stacks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .876
Splitting a Stack . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .876
Managing Redundant Stack Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .877
Reset a Unit on a Stack . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .877
Verifying a Stack Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .878
Using LEDs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .878
Using Show Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .878
Troubleshooting a Switch S tack . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .883
Troubleshooting Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .883
Failure Scenarios. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .885
xxiv |
Upgrading a Switch Stack . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .889
Upgrading a Single Stack Unit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .890
48 Storm Control . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 891
Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .891
Configuring Storm Control . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .891
Configuring storm control from INTERFACE mode. . . . . . . . . . . . . . . . . . . . . .891
Configuring storm control from CONFIGURATION mode . . . . . . . . . . . . . . . . .891
49 Spanning Tree Protocol (STP). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 893
Protocol Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .893
Configuring Spanning Tree . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .894
Related Configuration Tasks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .894
Important Points to Remember . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .894
Configuring Interfaces for Layer 2 Mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .895
Enabling Spanning Tree Protocol Globally . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .896
Adding an Interface to the Spanning Tree Group . . . . . . . . . . . . . . . . . . . . . . . . . .899
Removing an Interface from the Spanning Tree Group . . . . . . . . . . . . . . . . . . . . . .899
Modifying Global Parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .899
Modifying Interface STP Parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .900
Enabling PortFast . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .901
Preventing Network Disruptions with BPDU Guard . . . . . . . . . . . . . . . . . . . . . . . .901
BPDU Filtering . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .903
Global BPDU Filtering . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .903
Interface BPDU Filtering . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .904
STP Root Selection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .905
STP Root Guard . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .905
Root Guard Scenario. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .905
Root Guard Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .907
SNMP Traps for Root Elections and Topology Changes . . . . . . . . . . . . . . . . . . . . .908
Configuring Spanning Trees as Hitless . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .908
STP Loop Guard . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .909
Loop Guard Scenario . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .909
Loop Guard Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .911
Displaying STP Guard Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .912
50 System Time and Date . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 913
Network Time Protocol . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .913
Protocol Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .914
Implementation Information. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .915
Configuring Network Time Protocol . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .915
Related Configuration Tasks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .915
| xxv
www.dell.com | support.dell.com
Enabling NTP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .916
Setting the Hardware Clock with the Time Derived from NTP. . . . . . . . . . . . . .916
Configuring NTP broadcasts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .917
Disabling NTP on an interface. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .917
Configuring a source IP address for NTP packets. . . . . . . . . . . . . . . . . . . . . . .917
Configuring NTP authentication. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .918
FTOS Time and Date . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .921
Configuring time and date settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .921
Setting the time and date for the switch hardware clock
Setting the time and date for the switch software clock. . . . . . . . . . . . . . . . . . .922
Setting the timezone . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .923
Setting daylight saving time. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .923
Setting Daylight Saving Time Once. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .924
Setting Recurring Daylight Saving Time . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .925
51 Uplink Failure Detection (UFD) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 929
Feature Description . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .929
How Uplink Failure Detection Works . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .930
UFD and NIC Teaming . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .931
Important Points to Remember . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .931
Configuring Uplink Failure Detection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .932
Clearing a UFD-Disabled Interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .934
Displaying Uplink Failure Detection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .936
Sample Configuration: Uplink Failure Detection . . . . . . . . . . . . . . . . . . . . . . . . . . .938
52 Upgrade Procedures . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 941
Getting Help with Upgrades . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .941
Getting Help with Switch Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .941
53 Virtual LANs (VLAN) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 943
Default VLAN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .944
Port-Based VLANs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .945
VLANs and Port Tagging . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .945
Configuration Task List for VLANs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .946
Creating a port-based VLAN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .946
Assigning Interfaces to a VLAN. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .947
Assigning an IP address to a VLAN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .950
Enabling Null VLAN as the Default VLAN . . . . . . . . . . . . . . . . . . . . . . . . . . . . .950
Native VLANs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .951
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .951
xxvi |
54 Virtual Link Trunking (VLT) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 953
Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .953
VLT on Core Switches . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .955
Enhanced VLT. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .956
VLT Terminology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .956
Configuring Virtual Link Trunking . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .957
Important Points to Remember . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .957
Configuration Notes. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .958
RSTP and VLT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .962
VLT Bandwidth Monitoring . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .962
VLT and Stacking . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .963
VLT and IGMP Snooping. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .963
VLT Port Delayed Restoration. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .963
PIM-Sparse Mode Support on VLT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .964
RSTP Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .965
Preventing Forwarding Loops in a VLT Domain . . . . . . . . . . . . . . . . . . . . . . . .965
Sample RSTP Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .966
VLT Configuration Procedure . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .966
Verifying a VLT Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .980
Sample Configuration: Virtual Link Trunking . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .984
Troubleshooting VLT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .987
Reconfiguring Stacked Switches as VLT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .988
55 Virtual Router Redundancy Protocol (VRRP) . . . . . . . . . . . . . . . . . . . . . . . . . . . 991
VRRP Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .991
VRRP Benefits . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .992
VRRP Implementation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .993
VRRP Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .993
Configuration Task List for VRRP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .993
Sample Configurations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1004
VRRP for IPv4 Configuration. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1004
VRRP for IPv6 Configuration. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1006
VRRP in VRF Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1008
56 S5000 Debugging and Diagnostics. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1015
Offline diagnostics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1015
Important Points to Remember . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1016
Running Offline Diagnostics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1016
Trace logs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1021
Auto Save on Crash or Rollover . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1021
Hardware watchdog timer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1021
Show Hardware Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1021
| xxvii
www.dell.com | support.dell.com
Environmental monitoring . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1022
Recognizing an over-temperature condition . . . . . . . . . . . . . . . . . . . . . . . . . .1023
Troubleshooting an over-temperature condition . . . . . . . . . . . . . . . . . . . . . . .1024
Recognizing an under-voltage condition . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1024
Troubleshooting an under-voltage condition . . . . . . . . . . . . . . . . . . . . . . . . . .1025
Buffer tuning . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1026
Deciding to tune buffers. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1027
Buffer tuning commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1028
Sample buffer profile configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1031
Troubleshooting packet loss . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1031
Displaying Drop Counters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1032
Dataplane Statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1033
Displaying Stack Port Statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1035
Displaying Stack Member Counters. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1035
Application core dumps . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1036
Mini core dumps . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1036
57 Standards Compliance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1039
IEEE Compliance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1039
RFC and I-D Compliance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1040
General Internet Protocols. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1040
General IPv4 Protocols . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1041
General IPv6 Protocols . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1042
Border Gateway Protocol (BGP) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1043
Intermediate System to Intermediate System (IS-IS) . . . . . . . . . . . . . . . . . . .1044
Open Shortest Path First (OSPF) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1044
Routing Information Protocol (RIP) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1045
Multicast . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1045
Network Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1046
MIB Location . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1049
xxviii |

About this Guide

Objectives

This guide describes the protocols and features supported on Dell Networking switches and routers by the Dell Networking Operating System (FTOS) and provides configuration instructions and examples for implementing them. It supports the S5000 platform.
The S5000 switch is available with FTOS version 9.0(1.3) and supports stacking.
Though this guide contains information on protocols, it is not intended to be a complete reference. This guide is a reference for configuring protocols on Dell Networking systems. For complete information on protocols, refer to other documentation including IETF Requests for Comment (RFCs). The instructions in this guide cite relevant RFCs, and Chapter 57, Standards Compliance contains a complete list of the supported RFCs and Management Information Base files (MIBs).
1

Audience

This document is intended for system administrators who are responsible for configuring and maintaining networks and assumes you are knowledgeable in Layer 2 and Layer 3 networking technologies.

Conventions

This document uses the following conventions to describe command syntax:
Convention Description
keyword
parameter
{X} Keywords and parameters within braces must be entered in the CLI. [X] Keywords and parameters within brackets are optional. x | y Keywords and parameters separated by bar require you to choose one.
Keywords are in bold and should be entered in the CLI as listed. Parameters are in italics and require a number or word to be entered in the CLI.
About this Guide | 29

Related Documents

For more information about the S5000 switch, refer to the following documents:
Dell Networking S5000 Getting Started Guide FTOS Version 9.0(1.3)
Dell Networking S5000 Installation Guide FTOS Version 9.0(1.3)
FTOS Command Line Reference Guide for the S5000 Switch, FTOS 9.0(1.3)
www.dell.com | support.dell.com
30 | About this Guide

Configuration Fundamentals

The FTOS Command Line Interface (CLI) is a text-based interface through which you can configure interfaces and protocols. The CLI is structured in modes for security and management purposes. Different sets of commands are available in each mode, and you can limit user access to modes using privilege levels.
In FTOS, after a command is enabled, it is entered into the running configuration file. You can view the current configuration for the whole system or for a particular CLI mode. To save the current configuration copy the running configuration to another location. For more information, refer to Saving the
Running-configuration.
This chapter contains the following major sections:
Accessing the Command Line
CLI Modes
Navigating CLI Modes
Port Numbering Convention
The do Command
The no Command
Obtaining Help
Entering and Editing Commands
Command History
Filtering show Command Outputs
Multiple Users in Configuration mode
2

Accessing the Command Line

Access the command line through a serial console port or a Telnet session as shown in the example below. When the system successfully boots, you enter the command line in the EXEC mode.
Note: You must have a password configured on a virtual terminal line before you can Telnet into the system. Therefore, you must use a console connection when connecting to the system for the first time.
Configuration Fundamentals | 31
www.dell.com | support.dell.com
telnet 172.31.1.53 Trying 172.31.1.53... Connected to 172.31.1.53. Escape character is '^]'. Login: username Password: FTOS>
EXEC mode prompt
Figure 2-1. Logging into the System using Telnet

CLI Modes

Different sets of commands are available in each mode. A command found in one mode cannot be executed from another mode (with the exception of EXEC mode commands preceded by the command for more information, refer to The do Command and EXEC Privilege Mode commands). You can set user access rights to commands and command modes using privilege levels; for more information on privilege levels and security options, refer to Privilege Levels Overview.
The FTOS CLI is divided into three major mode levels:
EXEC mode is the default mode and has a privilege level of 1, which is the most restricted level. Only
a limited selection of commands is available, notably
show commands, which allow you to view
system information.
EXEC Privilege mode has commands to view configurations, clear counters, manage configuration
files, run diagnostics, and enable or disable debug operations. The privilege level is 15, which is unrestricted. You can configure a password for this mode; refer to Configuring the Enable Password.
CONFIGURATION mode enables you to configure security features, time settings, set logging and
simple network management protocol (SNMP) functions, and static address resolution protocol (ARP) and MAC addresses on the system.
do;
Beneath CONFIGURATION mode are sub-modes that apply to interfaces, protocols, and features. The example below shows this sub-mode command structure. When configuring the chassis for the first time, two sub-CONFIGURATION modes are important:
INTERFACE sub-mode is the mode in which you configure Layer 2 and Layer 3 protocols and IP
services specific to an interface. An interface can be physical (management interface, 10-Gigabit Ethernet, 40-Gigabit Ethernet, or 2/4/8-Gigabit Fibre Channel) or logical (Loopback, Null, po rt channel, or VLAN).
LINE sub-mode is the mode in which you to configure the console and virtual terminal lines.
Note: At any time, entering a question mark (?) will display the available command options. For example, when you are in CONFIGURATION mode, entering the question mark first will list all available commands, including the possible sub-modes.
32 | Configuration Fundamentals
EXEC EXEC Privilege CONFIGURATION
AS-PATH ACL INTERFACE
GIGABIT ETHERNET TEN GIGABIT ETHERNET FORTY GIGABIT ETHERNET FIBRE CHANNEL INTERFACE RANGE LOOPBACK MANAGEMENT ETHERNET NULL PORT-CHANNEL
VLAN IP IPv6 IP COMMUNITY-LIST IP ACCESS-LIST
STANDARD ACCESS-LIST
EXTENDED ACCESS-LIST LINE
CONSOLE
VIRTUAL TERMINAL MAC ACCESS-LIST MAC CONTROL-PLANE MONITOR SESSION MULTIPLE SPANNING TREE Per-VLAN SPANNING TREE RAPID SPANNING TREE GVRP LLDP FIBRE CHANNEL PREFIX-LIST REDIRECT ROUTE-MAP ROUTER BGP ROUTER ISIS ROUTER OSPF ROUTER RIP SPANNING TREE
TRACE-LIST
Configuration Fundamentals | 33

Navigating CLI Modes

The FTOS prompt changes to indicate the CLI mode. Table 2-1 lists the CLI mode, its prompt, and
information on how to access and exit this CLI mode. You must move linearly through the command
modes, with the exception of the
command moves you up one command mode level.
Note: Sub-CONFIGURATION modes all have the letters “conf” in the prompt with additional modifier s to identify the mode and slot/port information (see Table 2-1).
Table 2-1. FTOS Command Modes
www.dell.com | support.dell.com
CLI Command Mode Prompt
end command which takes you directly to EXEC Privilege mode; the exit
Access Command
EXEC
EXEC Privilege
CONFIGURATION
Note: Access all of the following modes from CONFIGURATION mode.
AS-PATH ACL
Gigabit Ethernet Interface
10 Gigabit Ethernet Interface
40 Gigabit Ethernet Interface
Fibre Channel Interface
Interface Range
Loopback Interface
FTOS>
Access the router through the console or Telnet.
FTOS# From EXEC mode, enter the command enable.
From any other mode, use the command
end.
FTOS(conf)# From EXEC privilege mode, enter the command
configure.
From every mode except EXEC and EXEC
FTOS(conf-as-path)#
Privilege, enter the command
ip as-path access-list
exit.
FTOS(conf-if-gi-0/0)#
FTOS(conf-if-te-0/1)#
FTOS(conf-if-fo-1/0)#
FTOS(conf-if-fi-1/0)# FTOS(conf-if-range)#
interface
FTOS(conf-if-lo-0)#
Management Ethernet Interface
Null Interface
Port-channel Interface
VLAN Interface
INTERFACE modes
34 | Configuration Fundamentals
FTOS(conf-if-ma-0/0)#
FTOS(conf-if-nu-0)# FTOS(conf-if-po-0)# FTOS(conf-if-vl-0)#
Table 2-1. FTOS Command Modes
CLI Command Mode Prompt
STANDARD ACCESS­LIST
EXTENDED ACCESS­LIST
FTOS(conf-std-nacl)#
FTOS(conf-ext-nacl)#
IP ACCESS-LIST
IP COMMUNITY-LIST
CONSOLE
VIRTUAL TERMINAL
LINE
STANDARD ACCESS­LIST
EXTENDED ACCESS­LIST
FTOS(conf-community-list)#
FTOS(conf-line-console)# FTOS(conf-line-vty)# FTOS(conf-std-macl)#
FTOS(conf-ext-macl)#
MAC ACCESS-LIST
Access Command
ip access-list standard
ip access-list extended
ip community-list
line
mac access-list standard
mac access-list extended
MULTIPLE SPANNING TREE
Per-VLAN SPANNING TREE Plus
PREFIX-LIST
RAPID SPANNING TREE
GVRP FTOS(conf-gvrp)
LLDP FTOS(conf-lldp)
FIBRE CHANNEL FTOS(conf-fcoe)
REDIRECT
ROUTE-MAP
ROUTER BGP
ROUTER ISIS
ROUTER OSPF
ROUTER RIP
FTOS(conf-mstp)#
FTOS(conf-pvst)#
FTOS(conf-nprefixl)# FTOS(conf-rstp)#
FTOS(conf-redirect-list)# FTOS(conf-route-map)# FTOS(conf-router_bgp)# FTOS(conf-router_isis)# FTOS(conf-router_ospf)# FTOS(conf-router_rip)#
protocol spanning-tree mstp
protocol spanning-tree pvst
ip prefix-list
protocol spanning-tree rstp
protocol gvrp
protocol lldp
protocol fc ip redirect-list
route-map router bgp router isis router ospf router rip
SPANNING TREE
FTOS(conf-span)#
protocol spanning-tree 0
Configuration Fundamentals | 35
Table 2-1. FTOS Command Modes
FTOS(conf)#protocol spanning-tree 0 FTOS(conf-stp)#
New command prompt
Expansion
Slot 0
Expansion
Expansion
Expansion Fixed 40GbE
Slot 1
Slot 2
Slot 3 Ports
www.dell.com | support.dell.com
CLI Command Mode Prompt
TRACE-LIST
FTOS(conf-trace-acl)#
The following example illustrates how to change the command mode from CONFIGURATION mode to
PROTOCOL SPANNING TREE.
Figure 2-2. Changing CLI Modes

Port Numbering Convention

The following port numbering convention is used for the S5000 switch:
Odd numbered ports are located at the top and even numbered ports are located at the bottom of the I/O
panel.
Figure 2-3. Port Numbering
Access Command
ip trace-list
Figure 2-3 shows the fixed four 40GbE data ports and the four slots for pluggable modules on the
S5000 I/O panel. The 40GbE ports can also be used in 4 × 10GbE mode.
The S5000 supports the following possible mod ules:
12-Port Ethernet module (1G/10G speeds)
12-Port Fibre Channel module (2G/4G/8G speeds)
36 | Configuration Fundamentals
You can install Ethernet and Fibre Channel modules in any slot (0 to 3) on the I/O panel.
FTOS(conf)#do show system brief
Stack MAC : 5c:f9:dd:ee:ff:c0 Reload-Type : normal-reload [Next boot : normal-reload]
-- Stack Info -­Unit UnitType Status ReqTyp CurTyp Version Ports
---------------------------------------------------------------------------­ 0 Management online S5000 S5000 9-0-1-0 64 1 Member not present 2 Member not present 3 Member not present 4 Member not present 5 Member not present 6 Member not present
“do” form of show command
On the S5000, the valid slot numbers are the supported stack-unit numbers (0 to 11). The valid port
numbers for each interface type are listed below.
1GbE: Ports 0-47
10GbE: Ports 0-63
40GbE: Ports 48, 52, 56, and 60
Fibre Channel: Ports 0-47
Management: Port 0

The do Command

Enter an EXEC mode command from any CONFIGURATION mode (CONFIGURATION, INTERFACE,
SPANNING TREE, etc.) without returning to EXEC mode by preceding the EXEC mode command with
the command
Note: The following commands cannot be modified by the do command: enable, disable, exit, and configure.
Figure 2-4. Using the do Command
do. The following example illustrates the do command.

The no Command

When you enter a command, the command line is added to the running configuration file. Disable a
command and remove it from the running-config by entering the original command preceded by the
command
ip-address command, as shown in the following example.
Note: Use the help or ? command as discussed in Obtaining Help command to help you co nstruct the “no” form of a command.
no. For example, to delete an ip address configured on an interface, use the no ip address
Configuration Fundamentals | 37
www.dell.com | support.dell.com
FTOS(conf)#interface tengigabitethernet 5/1 FTOS(conf-if-te-5/1)#ip address 192.168.10.1/24 FTOS(conf-if-te-5/1)#show config ! interface TenGigabitEthernet 5/1 ! ip address 192.168.10.1/24
shutdown FTOS(conf-if-te-5/1)#no ip address FTOS(conf-if-te-5/1)#show config ! interface TenGigabitEthernet 5/1 no ip address
shutdown FTOS(conf-if-te-5/1)#
IP address assigned
“no” form of IP address command
IP address removed
FTOS#? start Start Shell capture Capture Packet cd Change current directory clear Reset functions clock Manage the system clock configure Configuring from terminal copy Copy from one file to another
--More--
“?” at prompt for list of commands
FTOS(conf)#cl? class-map clock FTOS(conf)#cl
partial keyword plus “[space]?” for matching keywords
Figure 2-5. Undoing a command with the no Command
Layer 2 protocols are disabled by default. Enable them using the no disable command. For example, in
PROTOCOL SPANNING TREE mode, enter
no disable to enable Spanning Tree.

Obtaining Help

Obtain a list of keywords and a brief functional description of tho se keywords at any CLI mo de using the ?
or
help command:
•Enter
Figure 2-6. ? Command Example
38 | Configuration Fundamentals
Figure 2-7. Keyword? Command Example
? at the prompt or after a keyword to list the keywords available in the current mode.
? after a prompt lists all of the available keywords. The output of this command is the same for the help command.
? after a partial keyword lists all of the keywords that begin with the specified letters.
A keyword followed by [space]? lists all of the keywords that can follow the specified keyword.
FTOS(conf)#clock ? summer-time Configure summer (daylight savings) time timezone Configure time zone FTOS(conf)#clock
keyword plus “[space]?” for compatible keywords
Figure 2-8. Keyword ? Command Example

Entering and Editing Commands

When entering commands:
The CLI is not case sensitive.
You can enter partial CLI keywords.
You must enter the minimum number of letters to uniquely identify a command. For example, cannot be entered as a partial keyword because both the clock and class-map commands begin with the letters “cl.”
clo, however, can be entered as a partial keyword because only one command
begins with those three letters.
The TAB key auto-completes keywords in commands. You must enter the minimum number of letters to uniquely identify a command.
The UP and DOWN arrow keys display previously entered commands (refer to Command History).
The BACKSPACE and DELETE keys erase the previous letter.
Key combinations are available to move quickly across the command line, see Table 2-2.
cl
Table 2-2. Short-Cut Keys and their Actions
Key Combination Action
CNTL-A Moves the cursor to the beginning of the command line. CNTL-B Moves the cursor back one character. CNTL-D Deletes character at cursor. CNTL-E Moves the cursor to the end of the line. CNTL-F Moves the cursor forward one character. CNTL-I Completes a keyword. CNTL-K Deletes all characters from the cursor to the end of the command line. CNTL-L Re-enters the previous command. CNTL-N Return to more recent commands in the history buffer after recalling commands with CTRL-P or the
UP arrow key. CNTL-P Recalls commands, beginning with the last command CNTL-R Re-enters the previous command. CNTL-U Deletes the line. CNTL-W Deletes the previous word. CNTL-X Deletes the line. CNTL-Z Ends continuous scrolling of command outputs. Esc B Moves the cursor back one word.
Configuration Fundamentals | 39
Table 2-2. Short-Cut Keys and their Actions (continued)
FTOS(conf)#do show stack-unit all stack-ports all pfc details | grep 0 stack unit 0 stack-port all 0 Pause Tx pkts, 0 Pause Rx pkts 0 Pause Tx pkts, 0 Pause Rx pkts 0 Pause Tx pkts, 0 Pause Rx pkts 0 Pause Tx pkts, 0 Pause Rx pkts 0 Pause Tx pkts, 0 Pause Rx pkts 0 Pause Tx pkts, 0 Pause Rx pkts
Key Combination Action
www.dell.com | support.dell.com
Esc F Esc D
Moves the cursor forward one word.
Deletes all characters from the cursor to the end of the word.

Command History

FTOS maintains a history of previously-entered commands for each mode. For example:
When you are in EXEC mode, the UP and DOWN arrow keys display th e previously-entered EXEC mode commands.
When you are in CONFIGURATION mode, the UP or DOWN arrow keys recall the previously-entered CONFIGURATION mode commands.

Filtering show Command Outputs

Filter the output of a show command to display specific information by adding | [except | find | grep | no-more
] specified_text after the command. The va riable specified_text is the text for which you are filtering and
| save
it IS case sensitive unless the
grep command accepts an ignore-case sub-option that forces the search to case-insensitive. For
The example, the commands:
ignore-case sub-option is implemented.
show run | grep Ethernet returns a search result with instances containing a capitalized “Ethernet,” such
as interface TenGigabitEthernet 0/0.
show run | grep ethernet would not return that search result because it only searches for instances
• containing a non-capitalized “ethernet.”
Executing the command
show run | grep Ethernet ignore-case would return instances containing both
“Ethernet” and “ethernet.”
grep displays only the lines containing specified text. The following example shows this command
used in combination with the command do show stack-unit all stack-ports all pfc details | grep 0.
Figure 2-9. Filtering Command Outputs with the grep Command
40 | Configuration Fundamentals
Note: FTOS accepts a space or no space before and after the pipe. To filter on a phrase with spaces,
FTOS(conf)#do show stack-unit all stack-ports all pfc details | except 0
Admin mode is On Admin is enabled Local is enabled Link Delay 45556 pause quantum
stack unit 1 stack-port all Admin mode is On Admin is enabled
FTOS(conf)#do show stack-unit all stack-ports all pfc details | find 0 stack unit 0 stack-port all Admin mode is On Admin is enabled Local is enabled Link Delay 45556 pause quantum 0 Pause Tx pkts, 0 Pause Rx pkts
stack unit 1 stack-port all
underscores, or ranges, enclose the phrase with double quota tion marks.
except displays text that does not match the specified text. The following example shows this command used in combination with the command do show stack-unit all stack-ports all pfc details | except 0.
Figure 2-10. Filtering Command Outputs with the except Command
find displays the output of the show command beginning from the first occurrence of specified text. The following example shows this command us e d in combination with the command do show stack-unit all stack-ports all pfc details | find 0.
Figure 2-11 . Filtering Command Outputs with the find Command
display displays additional configuration information.
no-more displays the output all at once rather than one screen at a time. This is similar to the command terminal length except that the no-more option affects the output of the specified command only.
save copies the output to a file for future reference.
Note: You can filter a single command output multiple times. The save option should be the last option entered. For example:
FTOS# command |
other-regular-expression |
grep regular-expression | except regular-expression | grep
find regular-expression | save
Configuration Fundamentals | 41

Multiple Users in Configuration mode

FTOS notifies all users in the event that there are multiple users logged into CONFIGURATION mode. A warning message indicates the username, type of connection (console or vty), and in the case of a vty connection, the IP address of the terminal on which the connection was established. For example:
On the system that telnets into the switch, Message 1 appears:
Message 1 Multiple Users in Configuration mode Telnet Message
% Warning: The following users are currently configuring the system:
User "<username>" on line console0
www.dell.com | support.dell.com
On the system that is connected over the console, Message 2 appears:
Message 2 Multiple Users in Configuration mode Telnet Message
% Warning: User "<username>" on line vty0 "10.11.130.2" is in configuration mode
If either of these messages appears, Dell Networking recommends that you coordinate with the users listed in the message so that you do not unintentionally overwrite each other’s configuration changes.
42 | Configuration Fundamentals

Getting Started

This chapter contains the following major sections:
Accessing Ports
Accessing the RJ-45/RS-232 Console Port
Accessing the RJ-45 console port with a DB-9 adapter
Accessing the USB-B Console Port
Booting Process
Entering the Initial Configuration Information
Configuring the Enable Password
Configuring a Host Name
Navigating CLI Modes
Default Configuration
Configuring Layer 2 (Data Link) Mode
Accessing the System Remotely
Configuring the Management Port IP Address
Configuring a Management Route
Configuring a Username and Password
Creating a Port-based VLAN
Assigning Interfaces to a VLAN
Assigning an IP Address to a VLAN
Connecting the S5000 to the Network
Configuring File Management
Copying Files to and from the System
Saving the Running-configuration
Configuring the Overload bit for Startup Scenario
Viewing Files
Viewing Configuration Files
File System Management
Viewing command history
Upgrading and Downgrading FTOS
3
Getting Started | 43

Accessing Ports

The S5000 has two management ports available for system access—a console port and a Universal Serial Bus (USB)-B port. The USB-B port acts exactly the same as the console port. The terminal settings are the same for both access ports.

Accessing the RJ-45/RS-232 Console Port

Note: Before starting this procedure, be sure you have a terminal emula tion p rogra m alr eady installed on
your PC.
www.dell.com | support.dell.com
The RS-232/RJ-45 console port is labeled on the lower left-hand side of the S5000 system as you face the Utility side of the chassis.
Figure 3-1. RS-232/RJ-45 Console Port
To access the console port, follow the procedures below:.
Step Task
1 Install an RJ-45 copper cable into the console port. Use a rollover (crossover) cable to connect the S5000
console port to a terminal server. 2 Connect the other end of the cable to the DTE terminal server. 3 Terminal settings on the console port cannot be changed in the software and are set as follows:
9600 baud rate
No parity
8 data bits
1 stop bit
No flow control
44 | Getting Started

Accessing the RJ-45 console port with a DB-9 adapter

You can connect to the console using a RJ-45 to RJ-45 rollover cable and a RJ-45 to DB-9 female DTE adapter to a terminal server (for example, PC). Table 3-1 lists the pin assignments.
Table 3-1. Pin Assignments Between the Console and a DTE Terminal Server
S5000 Console Port RJ-45 to RJ-45 Rollover Cable
Signal RJ-45 pinout RJ-45 Pinout DB-9 Pin Signal
RTS 1 8 8 CTS
NC 2 7 6 DSR
TxD 3 6 2 RxD GND 4 5 5 GND GND 5 4 5 GND
RxD 6 3 3 TxD
NC 7 2 4 DTR
CTS 8 1 7 RTS
RJ-45 to DB-9 Adapter
Terminal Server Device

Accessing the USB-B Console Port

The terminal settings are the same for the USB-B port and the console port:
9600 baud rate
•No parity
8 data bits
1 stop bit
No flow control
When you connect the USB-B port, it becomes the primary connection and, when the system is connected, it sends all messages to the USB-B drive.
1. Power on the PC (Dell Force 10 recommends using the XP operating system).
2. Connect the USB-A end of cable into an available USB port on the PC.
3. Connect the USB-B end of cable into the USB-B console port on the S5000.
4. Power on the S5000.
5. Install the necessary USB device drivers (you will need an internet connection). For assistance, contact Dell Networking Technical Support.
6. Open your terminal software emulation program to access the S5000.
7. Set the terminal connection settings. Use the settings shown here:
Getting Started | 45
www.dell.com | support.dell.com
.
The Command Line Interface (CLI) prompt appears (FTOS>_) when you are connected to the S5000.
Note: Only one of the console port s can be active at a time; the USB console takes pr iority over the RJ-45 console by default. When a USB Host (PC) is plugged into the USB console port, the hardware automatically switches over to use the USB console. When the USB cable is removed or the PC deactivates the USB connection, the hardware automatically switches to the RJ-45 console interface.
46 | Getting Started

Booting Process

U-Boot 2012.04(Dell Networking) Built by build at tools-sjc-01 on Tue Jan 15 0:50:03 2013 S5000 Boot Selector Label 1.3.0.0m
CPU0: P2020, Version: 2.1, (0x80e20021) Core: E500, Version: 5.1, (0x80211051) . <lines skipped > . Board: S5000 FTOS CPU CPLD: S5000 CPLD Rev 41 Board Revision 1 . . <lines skipped> . . Boot Selector set to Bootflash Partition A image... Verifying Copyright Information..success for Image - 0 Boot Selector: Booting Bootflash Partition A image... Copying stage-2 loader from 0x800000 to 0x7f800000(size = 0x200000) F10 Boot Image selection DONE. ## Starting application at 0x7F800090 ...
U-Boot 2012.04(Dell Networking) Built by build at tools-sjc-01 on Thu Mar 14 16:45:06 2013 S5000 Boot Loader Label 1.3.1.1p
. . <lines skipped> . . Mgmt MAC Addr: 5C:F9:DD:EF:0A:42 SF: Detected W25Q128 with page size 4 KiB, total 16 MiB Hit any key to stop autoboot: 0 Loading POST from Bootflash Partition A ## Starting application at 0x78000000 ... . . . <lines skipped> . .
auto-booting...
After you set up the S5000 as described in the installation procedure in the S5000 Getting Started Guide, the switch boots up. Figure 3-2 shows an example of the completed boot process.
Figure 3-2. Completed Boot Process (1 of 3 screens)
Getting Started | 47
Figure 3-3. Completed Boot Process (2 of 3 screens)
Booting PRIMARY configuration...
boot device : tftp file name : FTOS-SH-9-0-1-0.bin Management Etherenet IP address : 10.11.210.35/16 Server IP address : 10.11.8.13 Default Gateway IP address : 10.11.210.63 Management Etherenet MAC address : 5C:F9:DD:EF:0A:42
Management ethernet Port Configuration: Auto Negotiate Using e1000#0 device TFTP from server 10.11.8.13; our IP address is 10.11.210.35 Filename 'FTOS-SH-9-0-1-0.bin'. Load address: 0x6400000 Loading: # Detected FTOS image. Downloading only kernel...(8268092 bytes) ################################################################ ################################################################# ################################################################# ################################################################# ################################################################# ################################################################# ################################################################# ################################################################# ############################################ done Bytes transferred = 8269244 (7e2dbc hex) Booting FTOS image . . <lines skipped> . . RELEASE IMAGE HEADER DATA :
-------------------------­Release Image Created 2013/4/15 - 18:11:28
SOFTWARE IMAGE HEADER DATA :
---------------------------­Software Image[1] Img file Name : CPRPLP-RPM-AP-9-0-1-0.bin Software Image[2] Img file Name : NBSDPCPRPLP-RPM-AP-9-0-1-0.bin . <lines skipped> . Starting Dell Networking application
www.dell.com | support.dell.com
48 | Getting Started
Figure 3-4. Completed Boot Process (3 of 3 screens)
00:00:38: %STKUNIT0-M:CP %RAM-6-ELECTION_ROLE: Stack unit 0 is transitioning to Management unit. 00:00:39: %STKUNIT0-M:CP %CHMGR-5-STACKUNITDETECTED: Stack unit 0 present 00:00:44: %S5000:0 %POLLMGR-2-USER_FLASH_STATE: USB flash disk missing in 'usbflash:'
00:03:01: %STKUNIT0-M:CP %CHMGR-5-MODULE_INSERTED: FC module has been inserted in stack-unit 0 optional slot 0 00:03:01: %STKUNIT0-M:CP %CHMGR-5-MODULE_INSERTED: SFP+ module has been inserted in stack-unit 0 optional slot 1 00:03:01: %STKUNIT0-M:CP %CHMGR-5-MODULE_INSERTED: SFP+ module has been inserted in stack-unit 0 optional slot 2 00:03:01: %STKUNIT0-M:CP %CHMGR-5-MODULE_INSERTED: SFP+ module has been inserted in stack-unit 0 optional slot 3 00:03:01: %STKUNIT0-M:CP %CHMGR-5-CHECKIN: Checkin from Stack unit 0 (type S5000, 64 ports) 00:03:02: %STKUNIT0-M:CP %CHMGR-2-FANTRAY_UP: Fan Tray 1 in unit 0 is up 00:03:02: %STKUNIT0-M:CP %CHMGR-2-FANTRAY_UP: Fan Tray 2 in unit 0 is up 00:03:03: %STKUNIT0-M:CP %CHMGR-0-PS_UP: Power supply 0 in unit 0 is up 00:03:04: %STKUNIT0-M:CP %CHMGR-0-PS_UP: Power supply 1 in unit 0 is up 00:03:04: %STKUNIT0-M:CP %CHMGR-5-STACKUNITUP: Stack unit 0 is up 00:03:05: %STKUNIT0-M:CP %CHMGR-5-SYSTEM_READY: System ready 00:03:05: %STKUNIT0-M:CP %RAM-5-STACK_STATE: Stack unit 0 is in Active State. 00:03:05: %STKUNIT0-M:CP %IFMGR-5-OSTATE_UP: Changed interface state to up: Ma 0/0 00:03:17: %STKUNIT0-M:CP %CHMGR-1-PSU_FAN_STATUS: Fan 0 in PSU 0 of Unit 0 is up 00:03:17: %STKUNIT0-M:CP %CHMGR-1-PSU_FAN_STATUS: Fan 0 in PSU 1 of Unit 0 is up
FTOS>00:03:24: %STKUNIT0-M:CP %SEC-5-LOGIN_SUCCESS: Login successful for user on line console
FTOS> FTOS> FTOS>enable FTOS# <prompt available and admin enable logged in >
========== end of boot up process ===========

Entering the Initial Configuration Information

To set up the switch, you need to assign an IP address and other configuration information necessary for the switch to communicate with the local routers and the Internet. The minimal configuration provided here does not cover most of the features; it simply allows you to perform other configuration tasks using a Telnet connection from your management network.
You will need this information from your network administrator:
Switch IP address
Subnet mask (IP netmask)
Default gateway (router)
Enable secret password
Enable password
•Telnet password
Getting Started | 49

Configuring the Enable Password

Access the EXEC Privilege mode using the enable command. The EXEC Privilege mode is unrestricted by default. Configure a password as a basic security measure. There are two types of
enable password stores the password in the running/startup configuration using a DES encryption
method.
enable secret is stored in the running/startup configuration in using a stronger, MD5 encryption method.
enable passwords:
www.dell.com | support.dell.com
Dell Networking recommends using the
enable secret password.
To configure an enable password:
Task Command Syntax Command Mode
Create a password to access EXEC Privilege mode.
enable [password | secret] [level level] [encryption-type] password
level
is the privilege level, is 15 by default, and is not required.
encryption-type specifies how you are inputting the password, is 0 by
default, and is not required.
0 is for inputting the password in clear text.
7 is for inputting a password that is already encrypted using a DES hash. Obtain the encrypted password from the configuration file of another S5000 switch.
5 is for inputting a password that is already encrypted using an MD5 hash. Obtain the encrypted password from the configuration file of another S5000 switch.
CONFIGURATION
50 | Getting Started

Configuring a Host Name

FTOS(conf)#hostname R1 R1(conf)#
Default Hostname
New Hostname
The host name appears in the prompt. The default host name is FTOS. The text string of a host name can consist of letters, digits, and hyphens.
To configure a host name:
Task Command Syntax Command Mode
Create a new host name.
The example below illustrates the
Figure 3-5. Configuring a Hostname
hostname command.
hostname name
CONFIGURATION

Navigating CLI Modes

The FTOS prompt changes to indicate the CLI mode. You must move linearly through the command modes, with the exception of the
exit command which moves you up one command mode level.
end command which takes you directly to EXEC Privilege mode and the

Default Configuration

A version of FTOS is pre-loaded onto the chassis, however the system is not configured when you power up for the first time (except for the default hostname, which is FTOS). You must configure the system using the CLI.

Configuring Layer 2 (Data Link) Mode

Use the switchport command in INTERFACE mode to enable Layer 2 data transmissions through an individual interface. You cannot configure switching or Layer 2 protocols such as Spanning Tree Protocol (STP) on an interface unless the interface has been set to Layer 2 mode.
To configure Layer 2 mode, follow these steps:
Step Task Command Syntax Command Mode
1 Enable the interface. no shutdown INTERFACE
Getting Started | 51
Step Task Command Syntax Command Mode
2
Place the interface in Layer 2 (switching) mode. switchport INTERFACE
To view the interfaces in Layer 2 mode, use the show interfaces switchport command in EXEC mode.

Accessing the System Remotely

You can configure the system to access it remotely by T elnet. The system has a dedicated management port and a management routing table that is separate from the IP routing table.
www.dell.com | support.dell.com
Configuring the system for Telnet is a three-step process:
1. Configure an IP address for the management port. Refer to Configuring the Management Port IP
Address.
2. Configure a management route with a default gateway. Refer to Configuring a Management Route.
3. Configure a username and password. Refer to Configuring a Username and Password.

Configuring the Management Port IP Address

Assign IP addresses to the management ports in order to access the system remotely.
Note: Assign different IP addresses to each stack-unit’s mana gement port.
To configure the management port IP address:
Step Task Command Syntax Command Mode
1 Enter INTERFACE mode for the
Management port.
interface ManagementEthernet slot/port
slot range: 0 to 11.
port range: 0.
CONFIGURATION
2
3
52 | Getting Started
Assign an IP address to the interface.
Enable the interface.
ip address ip-address/mask
ip-address: an address in dotted-decimal format
(A.B.C.D).
mask: a subnet mask in /prefix-length format (/
xx).
no shutdown
INTERFACE
INTERFACE

Configuring a Management Route

Define a path from the system to the network from which you are accessing the system remotely. Management routes are separate from IP routes and are only used to manage the system through the management port.
To configure a management route:
Step Task Command Syntax Command Mode
Configure a management route to
1
the network from which you are accessing the system.
management route ip-address/mask gateway
ip-address: the network address in
dotted-decimal format (A.B.C.D).
mask: a subnet mask in /prefix-length format (/
xx).
gateway: the next hop for network traffic
originating from the management port.
CONFIGURATION

Configuring a Username and Password

Configure a system username and password to access the system remotely.
To configure a username and password:
Step Task Command Syntax Command Mode
Configure a username and
1
password to access the system remotely.
username username password [encryption-type] password encryption-type specifies how you are inputting the
password, is 0 by default, and is not required.
0 is for inputting the password in clear text.
7 is for inputting a password that is already encrypted using a Type 7 hash. Obtaining the encrypted password from the configuration of another S5000 switch.
CONFIGURATION

Creating a Port-based VLAN

The Default VLAN (VLAN 1) is part of the system startup configuration and does not require configuration. To configure a port-based VLAN, you must create the VLAN and then add physical interfaces or port channel (LAG) interfaces to the VLAN.
Getting Started | 53
To create a port-based VLAN, follow this step:
Step Task Command Syntax Command Mode
www.dell.com | support.dell.com
Configure a port-based VLAN (if
1
the vlan-id is different from the Default VLAN ID) and enter INTERFACE VLAN mode. After you create a VLAN, you must assign interfaces in Layer 2 mode to the VLAN to activate the VLAN.
interface vlan vlan-id CONFIGURATION
To view the configured VLANs, use the show vlan command in EXEC Privilege mode.

Assigning Interfaces to a VLAN

You can only assign interfaces in Layer 2 mode to a VLAN using the tagged and untagged commands. To place an interface in Layer 2 mode, use the switchport command.
You can designate Layer 2 interfaces as tagged or untagged. When you pl ace an interface in Layer 2 mode using the switchport command, the interface is automatically designated untagged and placed in the Default VLAN.
To view which interfaces are tagged or untagged and to view which VLAN the interfaces belong, use the
show vlan command. To view just the interfaces that are in Layer 2 mode, use the show interfaces switchport command in EXEC Privilege mode or EXEC mode.
To tag frames leaving an interface in Layer 2 mode, you must assign that interface to a port-based VLAN to tag it with that VLAN ID.
To tag interfaces, follow these steps:
Step Task Command Syntax Command Mode
Access the INTERFACE VLAN
1
mode of the VLAN to which you want to assign the interface.
2 Enable an interface to include the
IEEE 802.1Q tag header.
interface vlan vlan-id CONFIGURATION
tagged interface INTERFACE
Use the untagged command to move untagged interfaces from the Default VLAN to another VLAN:
54 | Getting Started
To move untagged interfaces, follow these steps:
Step Task Command Syntax Command Mode
Access the INTERFACE VLAN
1
mode of the VLAN to which you want to assign the interface.
2 Configure an interface as
untagged. This command is available only in VLAN interfaces.
interface vlan vlan-id CONFIGURATION
untagged interface INTERFACE

Assigning an IP Address to a VLAN

VLANs are a Layer 2 feature. For two physical interfaces on different VLANs to communicate, you must assign an IP address to the VLANs to route traffic between the two interfaces. The shutdown command in INTERFACE mode does not affect Layer 2 traffic on the interface.
Note: You cannot assign an IP address to the Default VLAN, which, by default, is VLAN 1. To assign another VLAN ID to the Default VLAN, use the default
To assign an IP address to a VLAN, follow this step:
Step Task Command Syntax Command Mode
vlan-id vlan-id command.
Configure an IP address and
1
mask on the interface.
ip address ip-address mask [secondary] INTERFACE

Connecting the S5000 to the Network

After you have completed the hardware installation and software configuration for the S5000 system, you can connect to your company network by following your company’s cabling requirements.

Configuring File Management

You can store on and access files from various storage media. Rename, delete, and copy files on the system from the EXEC Privilege mode.
Note: Using flash memory cards in the system that have not been approved by Dell Networking can cause unexpected system behavior, including a reboot.
Getting Started | 55

Copying Files to and from the System

The command syntax for copying files is similar to UNIX. The copy command uses the format copy
source-file-url destination-file-url.
Note: For a detailed description of the copy command, refer to the FTOS Command Reference Guide.
To copy a local file to a remote system, combine the file-origin syntax for a local file location with the
file-destination syntax for a remote file location, see Table 3-2.
To copy a remote file to an S5000 switch, combine the the
file-destination syntax for a local file location, see Table 3-2.
www.dell.com | support.dell.com
Table 3-2. Forming a copy Command
file-origin syntax for a remote file location with
source-file-url
Local File Location
Internal flash:
flash
External flash:
usbflash
FTP server copy ftp://username:password@{hostip |
TFTP server
SCP server copy scp://{hostip | hostname}/filepath/
copy flash://filename flash://filename
usbflash://filename usbflash://filename
hostname}/filepath/filename
copy tftp://{hostip | hostname}/filepath/ filename
filename
Syntax destination-file-url Syntax

Important Points to Remember

You may not copy a file from one remote system to another.
You may not copy a file from one location to the same location.
When copying to a server, a hostname can only be used if a DNS server is configured.
After you insert a USB memory device into the USB port on an S5000 and enter the
format usbflash:// command to erase all existing files and reformat the file system on the device, allow
the process to run to completion before removing the device from the USB port. If you remove the USB memory device before the formatting is complete, FTOS may not recognize the file system on the device.
ftp://username:password@{hostip | hostname}/
filepath/filename
tftp://{hostip | hostname}/filepath/filename
scp://{hostip | hostname}/filepath/filename
Figure 3-6 shows an example of using the
56 | Getting Started
copy command to save a file to an FTP server.
Figure 3-6. Copying a file to a Remote System
FTOS#copy flash://FTOS-EF-8.2.1.0.bin ftp://myusername:mypassword@10.10.10.10//FTOS/FTOS-EF-8.2.1.0 !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! 27952672 bytes successfully copied
Local Location
Remote Location
core1#copy ftp://myusername:mypassword@10.10.10.10//FTOS/FTOS-EF-8.2.1.0.bin flash:// Destination file name [FTOS-EF-8.2.1.0.bin.bin]: !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! 26292881 bytes successfully copied
Remote Location
Local Location
Figure 3-7 shows an example of using the copy command to import a file to the S5000 switch from an FT P
server.
Figure 3-7. Copying a file from a Remote System

Saving the Running-configuration

The running-configuration contains the current system configuration. Dell Networking recommends copying your running-configuration to the startup-configuration. The system uses the startup-configuration during boot-up to configure the system. The startup-configuration is stored in the internal flash on the IOM by default, but you can save the startup-configuration to a USB flash device or on a remote server.
To save the running-configuration:
Note: The commands in this section follow the same format as those in C opying Files to and from the
System but use the filenames startup-configuration and running-configuration. These commands assume
that current directory is the internal flash, which is the system default.
Getting Started | 57
Task Command Syntax Command Mode
Save the running-configuration to:
www.dell.com | support.dell.com
the startup-configuration on the internal flash
the usb flash on the IOM copy running-config usbflash://filename an FTP server
a TFTP server copy running-config tftp://{hostip | hostname}/filepath/
an SCP server
Note: When copying to a server, you can only use a hostname if a DNS server is configured.
copy running-config startup-config
copy running-config ftp://
username:password@{hostip filename
filename
copy running-config scp://
username:password@{hostip filename
| hostname}/filepath/
| hostname}/filepath/
EXEC Privilege

Configuring the Overload bit for Startup Scenario

For information on setting the router overload bit for a specific period of time after a switch reload is implemented, see the FTOS Command Line Reference Guide, Chapter 18 - Intermediate System to Intermediate System (IS-IS).

Viewing Files

File information and content can only be viewed on local file systems. To view a list of files on the internal or external Flash:
Step Task Command Syntax Command Mode
1 View a list of files on:
the usbflash
The output of the command
dir also shows the read/write privileges, size (in bytes), and date of
modification for each file (Figure 3-8).
dir flash: dir usbflash:
EXEC Privilegethe internal flash
58 | Getting Started
Figure 3-8. Viewing a List of Files in the Internal Flash
FTOS#dir Directory of flash:
1 drwx 4096 Jan 01 1980 00:00:00 +00:00 . 2 drwx 2048 May 10 2011 14:45:15 +00:00 .. 3 drwx 4096 Feb 17 2011 00:28:00 +00:00 TRACE_LOG_DIR 4 drwx 4096 Feb 17 2011 00:28:02 +00:00 CORE_DUMP_DIR 5 d--- 4096 Feb 17 2011 00:28:02 +00:00 ADMIN_DIR 6 -rwx 1272 Apr 29 2011 16:15:14 +00:00 startup-config 7 -rwx 10093 Feb 17 2011 20:48:02 +00:00 abhi-jan26.cfg 8 -rwx 217155 Feb 22 2011 23:14:34 +00:00 show-tech-cfg.txt 9 -rwx 5162 Mar 02 2011 04:02:58 +00:00 runn-feb6 10 -rwx 10507 Mar 03 2011 01:17:16 +00:00 abhi-feb7.cfg 11 -rwx 4 May 06 2011 22:05:06 +00:00 dhcpBindConflict 12 -rwx 6900 Feb 17 2011 04:43:12 +00:00 startup-config.bak 13 -rwx 1244038 Feb 13 2011 04:27:16 +00:00 f10cp_sysd_110213042625.acore.gz
flash: 2143281152 bytes total (2123755520 bytes free)
--More--
To view the contents of a file, follow this step:
Step Task Command Syntax Command Mode
1View the:
contents of a file in the internal flash contents of a file in the usb flash running-configuration startup-configuration
show file flash://filename show file usbflash://filename show running-config show startup-config

Viewing Configuration Files

Configuration files have three commented lines at the beginning of the file, as shown in Figure 3-8, to help you track the last time any user made a change to the file, which user made the changes, and when the file was last saved to the startup-configuration.
In the running-configuration file, if there is a difference between the timestamp on the “Last configuration change,” and “Startup-config last updated,” then you have made changes that have not been saved and will not be preserved upon a system reboot.
EXEC Privilege
Getting Started | 59
www.dell.com | support.dell.com
FTOS#show running-config Current Configuration ... ! Version 9-0(1-0) ! Last configuration change at Mon Jun 10 21:20:04 2030 by admin ! boot system stack-unit 0 primary system: B: boot system stack-unit 0 secondary tftp://10.200.200.241/kp-diablo boot system stack-unit 0 default tftp://10.11.200.241/kp-diablo ! redundancy auto-synchronize full ! service timestamps log datetime ! hostname FTOS ! enable password 7 b125455cf679b208e79b910e85789edf ! username admin password 7 1d28e9f33f99cf5c ! stack-unit 0 provision S5000 ! interface fibrechannel 0/0 shutdown ! interface fibrechannel 0/1 shutdown ! ...
-- More --
Figure 3-9. Tracking Changes with Configuration Comments

File System Management

The S5000 switch can use the internal Flash, USB Flash, or remote devices to store files. The system stores files on the internal Flash by default, but you can configure it to store files elsewhere.
To view file system information:
Task Command Syntax Command Mode
View information about each file system.
60 | Getting Started
The output of the memory, file structure, media type, and read/write privileges for each storage device in use.
show file-systems command (Figure 3-10) shows the total capacity, amount of free
show file-systems
EXEC Privilege
Figure 3-10. show file-systems Command Example
FTOS#show file-systems
Size(b) Free(b) Feature Type Flags Prefixes 2143281152 2000785408 FAT32 USERFLASH rw flash: 15848660992 831594496 FAT32 USBFLASH rw usbflash:
- - - network rw ftp:
- - - network rw tftp:
- - - network rw scp:
FTOS#cd usbflash: FTOS#copy running-config test ! 3998 bytes successfully copied
FTOS#dir Directory of usbflash:
1 drwx 4096 Jan 01 1980 00:00:00 +00:00 . 2 drwx 2048 May 02 2012 07:05:06 +00:00 .. 3 -rwx 1272 Apr 29 2011 16:15:14 +00:00 startup-config 4 -rwx 3998 May 11 2011 23:36:12 +00:00 test
No File System Specified
File Saved to USB Flash
You can change the default file system so that file management commands apply to a particular device or memory.
To change the default storage location:
Task Command Syntax Command Mode
Change the default directory.
You can change the default storage location to the USB Flash (Figure 3-11). File management commands then apply to the USB Flash rather than the internal Flash.
Figure 3-11. Alternative Storage Location

Viewing command history

The command-history trace feature captures all commands entered by all users of the system with a time stamp and writes these messages to a dedicated trace log buffer. The system generates a trace message for each executed command. No password information is saved to the file.
cd directory
EXEC Privilege
To view the command-history trace, use the
show command-history command (Figure 3-12).
Getting Started | 61
Figure 3-12. show command-history Command Example
FTOS#show command-history [5/18 21:58:32]: CMD-(TEL0):[enable]by admin from vty0 (10.11.68.5) [5/18 21:58:48]: CMD-(TEL0):[configure]by admin from vty0 (10.11.68.5)
- Repeated 1 time. [5/18 21:58:57]: CMD-(TEL0):[interface port-channel 1]by admin from vty0 (10.11.68.5) [5/18 21:59:9]: CMD-(TEL0):[show config]by admin from vty0 (10.11.68.5) [5/18 22:4:32]: CMD-(TEL0):[exit]by admin from vty0 (10.11.68.5) [5/18 22:4:41]: CMD-(TEL0):[show interfaces port-channel brief]by admin from vty0 (10.11.68.5)

Upgrading and Downgrading FTOS

www.dell.com | support.dell.com
Note: To upgrade or downgrade FT OS, refer to th e Release Notes for th e version yo u want to load on the system.
62 | Getting Started

Switch Management

This chapter explains the different protocols or services used to manage the S5000 switch, including:
Configuring Privilege Levels
Creating a Custom Privilege Level
Removing a command from EXEC mode
Moving a command from EXEC privilege mode to EXEC mode
Allowing Access to CONFIGURATION mode commands
Allowing Access to INTERFACE, LINE, ROUTE-MAP, and ROUTER modes
Applying a Privilege Level to a Username
Applying a Privilege Level to a Terminal Line
Configuring Logging
Disabling Logging
Log Messages in the Internal Buffer
Configuring Task List for System Log Management
Configuring a Unix System as a Syslog Server
Changing System Logging Settings
Displaying the Logging Buffer and the Logging Configuration
Configuring a UNIX logging facility level
Synchronizing log messages
Enabling timestamp on syslog messages
File Transfer Services
Configuring Task List for File Transfer Services
Terminal Lines
Configuring Login Authentication for Terminal Lines
Timing out of EXEC Privilege Mode
Telneting to Another Network Device
Locking CONFIGURATION mode
Viewing the Configuration Lock Status
Recovering from a Forgotten Password
Recovering from a Forgotten Enable Password
Recovering from a Failed Start
4
Switch Management | 63

Configuring Privilege Levels

Privilege levels restrict access to commands based on user or terminal line. There are 16 privilege levels, of which two are pre-defined. The default privilege level is 1.
www.dell.com | support.dell.com
Level 1
enable, disable, and exit.
Level 15—Access to the system begins at EXEC Privilege mode, and all commands are available.
Access to the system begins at EXEC mode, and EXEC mode commands are limited to

Creating a Custom Privilege Level

Custom privilege levels start with the default EXEC mode command set. You can then customize privilege levels 2-14 by:
removing commands from the EXEC mode commands
moving commands from EXEC Privilege mode to EXEC mode
allowing access to CONFIGURATION mode commands
allowing access to INTERFACE, LINE, ROUTE-MAP, and ROUTER mode commands
A user can access all commands at his privilege level and below.

Removing a command from EXEC mode

Remove a command from the list of available commands in EXEC mode for a specific privilege level using the command than the level given to a user or terminal line, followed by the first keyword of each command to be restricted.
privilege exec from CONFIGURATION mode. In the command, specify a level greater

Moving a command from EXEC privilege mode to EXEC mode

Move a command from EXEC Privilege to EXEC mode for a privilege level using the command privilege
from CONFIGURATION mode. In the command, specify the privilege level of the user or terminal
exec
line, and specify all keywords in the command to which you want to allow access.

Allowing Access to CONFIGURATION mode commands

Allow access to CONFIGURATION mode using the command privilege exec level level configure from CONFIGURATION mode. A user that enters CONFIGURATION mode remains at his privilege level, and has access to only two commands, mode command to which you want to allow access using the command command, specify the privilege level of the user or terminal line, and specify all keywords in the command to which you want to allow access.
64 | Switch Management
end and exit. You must individually specify each CONFIGURATION
privilege configure level level. In the

Allowing Access to INTERFACE, LINE, ROUTE-MAP, and ROUTER modes

1. Similar to allowing access to CONFIGURATION mode, to allow access to INTERFACE, LINE, ROUTE-MAP, and ROUTER modes, you must first allow access to the command that enters you into the mode. For example, allow a user to enter INTERFACE mode using the command
level level interface tengigabitethernet command.
2. Then, individually identify the INTERFACE, LINE, ROUTE-MAP or ROUTER commands to which you want to allow access using the command
privilege {interface | line | route-map | router} level level. In
the command, specify the privilege level of the user or terminal line, and specify all keywords in the command to which you want to allow access.
The following table lists the configuration tasks you can use to customize a privilege level:
Task Command Syntax Command Mode
privilege configure
Remove a command from the list of available commands in EXEC mode.
Move a command from EXEC Privilege to EXEC mode.
Allow access to CONFIGURATION mode.
Allow access to INTERFACE, LINE, ROUTE-MAP, and/or ROUTER mode. Specify all keywords in the command.
Allow access to a CONFIGURAT ION, INTERFACE, LINE, ROUTE-MAP, and/or ROUTER mode command.
The configuration in Figure 4-1 creates privilege level 3. This level:
removes the
moves the command
resequence command from EXEC mode by requiring a minimum of privilege level 4
capture bgp-pdu max-buffer-size from EXEC Privilege to EXEC mode by requiring
a minimum privilege level 3, which is the configured level for VTY 0
allows access to CONFIGURATION mode with the
allows access to INTERFACE and LINE modes are allowed with no command
privilege exec level level
{
command ||...|| command}
privilege exec level level
{
command ||...|| command}
privilege exec level level
privilege configure level level
{
interface | line | route-map |
router} {command-keyword ||...||
command-keyword}
privilege {configure | interface | line
|
route-map | router} level level
{
command ||...|| command}
banner command
CONFIGURATION
CONFIGURATION
CONFIGURATION
CONFIGURATION
CONFIGURATION
Switch Management | 65
Figure 4-1. Create a Custom Privilege Level Apply a Privilege Level to a Username
FTOS(conf)#do show run privilege ! FTOS(conf)#privilege exec level 3 capture FTOS(conf)#privilege exec level 3 configure FTOS(conf)#privilege exec level 4 resequence FTOS(conf)#privilege exec level 3 clear arp-cache FTOS(conf)#privilege exec level 3 clear arp-cache max-buffer-size FTOS(conf)#privilege configure level 3 line FTOS(conf)#privilege configure level 3 interface FTOS(conf)#do telnet 10.11.80.201 [telnet output omitted] FTOS#show priv Current privilege level is 3. FTOS#? capture Capture packet configure Configuring from terminal disable Turn off privileged commands enable Turn on privileged commands exit Exit from the EXEC ip Global IP subcommands monitor Monitoring feature mtrace Trace reverse multicast path from destination to source ping Send echo messages quit Exit from the EXEC show Show running system information [output omitted] FTOS#config [output omitted] FTOS(conf)#do show priv Current privilege level is 3. FTOS(conf)#? end Exit from configuration mode exit Exit from configuration mode interface Select an interface to configure FTOS(conf)#interface ? fortyGigE FortyGigabit Ethernet interface FibreChannel FibreChannel interface gigabitethernet Gigabit Ethernet interface loopback Loopback interface managementethernet Management Ethernet interface null Null interface port-channel Port-channel interface range Configure interface range tengigabitethernet TenGigabit Ethernet interface vlan VLAN interface FTOS(conf)#interface tengigabitethernet 1/1 FTOS(conf-if-te-1/1)#? end Exit from configuration mode exit Exit from interface configuration mode FTOS(conf-if-te-1/1)#exit FTOS(conf)#line ? console Primary terminal line vty Virtual terminal FTOS(conf)#line vty 0 FTOS(conf-line-vty)#? exit Exit from line configuration mode FTOS(conf-line-vty)#
www.dell.com | support.dell.com
66 | Switch Management

Applying a Privilege Level to a Username

To set a privilege level for a user:
Task Command Syntax Command Mode
Configure a privilege level for a user.
username username privilege level
CONFIGURATION

Applying a Privilege Level to a Terminal Line

To set a privilege level for a terminal line:
Task Command Syntax Command Mode
Configure a privilege level for a terminal line.
Note: When you assign a privilege level between 2 and 15, access to the system begins at EXEC mode, but the prompt is hostname#, rather than hostname>.
privilege level level
LINE

Configuring Logging

FTOS tracks changes in the system using event and error messages. By default, FTOS logs these messages on:
the internal buffer
console and terminal lines, and
any configured syslog servers

Disabling Logging

To disable logging:
Task Command Syntax Command Mode
Disable all logging except on the console.
Disable logging to the logging buffer.
Disable logging to terminal lines.
Disable console logging.
no logging on
no logging buffer
no logging monitor
no logging console
CONFIGURATION
CONFIGURATION
CONFIGURATION
CONFIGURATION
Switch Management | 67

Log Messages in the Internal Buffer

All error messages, except those beginning with %BOOTUP (Message), are logged in the internal buffer.

Configuring Task List for System Log Management

The following list includes the configuration tasks for system log management:
Disabling System Logging
Sending System Messages to a Syslog Server
www.dell.com | support.dell.com

Disabling System Logging

By default, logging is enabled and log messages are sent to the logging buffer, all terminal lines, console, and syslog servers.
Enable and disable system logging using the following commands:
Task Command Syntax Command Mode
Disable all logging except on the console.
Disable logging to the logging buffer.
Disable logging to terminal lines.
Disable console logging.
no logging on
no logging buffer
no logging monitor
no logging console
CONFIGURATION
CONFIGURATION
CONFIGURATION
CONFIGURATION

Sending System Messages to a Syslog Server

Send system messages to a syslog server by specifying the server with the following command:
Task Command Syntax Command Mode
Specify the server to which you want to send system messages. You can configure up to eight syslog servers.

Configuring a Unix System as a Syslog Server

Configure a UNIX system as a syslog server by adding the following lines to /etc/syslog.conf on the Unix system and assigning write permissions to the file.
on a 4.1 BSD UNIX system, add the line:
on a 5.7 SunOS UNIX system, add the line: local7.debugging /var/adm/ftos.log
In the lines above, local7 is the logging facility level and debugging is the severity level.
68 | Switch Management
logging {ip-address | hostname} CONFIGURATION
local7.debugging /var/log/ftos.log

Changing System Logging Settings

You can change the default settings of the system logging by changing the severity level and the storage location. The default is to log all messages up to debug level, that is, all system messages. By changing the severity level in the logging commands, you control the number of system messages logged.
To change one of the settings for logging system messages, use any or all of the following commands in the CONFIGURATION mode:
Task Command Syntax Command Mode
Specify the minimum severity level for logging to the logging buffer.
Specify the minimum severity level for logging to the console.
Specify the minimum severity level for logging to terminal lines.
Specifying the minimum severity level for logging to a syslog server.
Specify the minimum severity level for logging to the syslog history table.
Task Command Syntax Command Mode
Specify the size of the logging buffer. Note: When you decrease the buffer size, FTOS deletes all messages stored in the buffer. Increasing the buffer size does not affect messages in the buffer.
Specify the number of messages that FTOS saves to its logging history table.
logging buffered size CONFIGURATION
logging history size size
To view the logging buffer and configuration, enter the
logging buffered level CONFIGURATION logging console level
logging monitor level
logging trap level
logging history level
show logging command in EXEC privilege mode
CONFIGURATION
CONFIGURATION
CONFIGURATION
CONFIGURATION
CONFIGURATION
(Figure 4-2).
To view the logging configuration, enter the
(Figure 4-3).
show running-config logging command in EXEC privilege mode
Switch Management | 69
www.dell.com | support.dell.com
FTOS#show logging Syslog logging: enabled Console logging: level debugging Monitor logging: level debugging Buffer logging: level debugging, 50 Messages Logged, Size (40960 bytes) Trap logging: level informational Logging to 172.16.1.162 Logging to 10.10.10.4 Logging to 10.1.2.4 Logging to 172.31.1.4 Logging to 133.33.33.4 Apr 30 11:14:33: %STKUNIT1-M:CP %SYS-5-CONFIG_I: Configured from vty0 ( 10.11.51.14 )by admin Apr 30 10:13:08: %STKUNIT1-M:CP %SYS-5-CONFIG_I: Configured from vty0 ( 10.11.51.14 )by admin Apr 30 10:06:41: %STKUNIT1-M:CP %SEC-3-AUTHENTICATION_ENABLE_SUCCESS: Enable password authentication success on vty0 ( 10.11.51.14 ) Apr 30 10:06:36: %STKUNIT1-M:CP %SEC-5-LOGIN_SUCCESS: Login successful for user admin on vty0
10.11.51.14) Apr 26 12:02:48: %S5000:1 %IFAGT-5-STACK_PORT_LINK_DOWN: Changed stack port state to down: 1/56 Apr 26 11:52:45: %S5000:1 %IFAGT-5-STACK_PORT_LINK_UP: Changed stack port state to up: 1/56 Apr 26 11:51:13: %S5000:1 %IFAGT-5-STACK_PORT_LINK_DOWN: Changed stack port state to down: 1/56 Apr 26 11:51:01: %S5000:1 %IFAGT-5-STACK_PORT_LINK_DOWN: Changed stack port state to down: 1/48 Apr 26 11:48:57: %S5000:1 %IFAGT-5-STACK_PORT_LINK_UP: Changed stack port state to up: 1/56 Apr 26 11:48:47: %S5000:1 %IFAGT-5-STACK_PORT_LINK_UP: Changed stack port state to up: 1/48 Apr 26 11:43:52: %S5000:1 %IFAGT-5-STACK_PORT_LINK_DOWN: Changed stack port state to down: 1/48 Apr 26 11:43:43: %S5000:1 %IFAGT-5-STACK_PORT_LINK_DOWN: Changed stack port state to down: 1/56 Apr 26 11:33:08: %S5000:1 %IFAGT-5-STACK_PORT_LINK_UP: Changed stack port state to up: 1/48 Apr 26 11:33:08: %S5000:1 %IFAGT-5-STACK_PORT_LINK_UP: Changed stack port state to up: 1/56 Apr 25 11:07:15: %S5000:1 %IFAGT-5-REMOVED_OPTICS_PLUS: Optics SFP+ removed in slot 1 port 2 Apr 25 11:07:14: %S5000:1 %IFAGT-5-REMOVED_OPTICS_PLUS: Optics SFP+ removed in slot 1 port 3 !------------------- output truncated ------------------!

Displaying the Logging Buffer and the Logging Configuration

Display the current contents of the logging buffer and the logging settings for the system, use the show
logging
Figure 4-2. show logging Command Example
command in the EXEC privilege mode as shown in the example below.
70 | Switch Management
To view any changes made, use the show running-config logging command (Figure 4-3) in the EXEC privilege mode.

Configuring a UNIX logging facility level

FTOS#show running-config logging ! logging buffered 524288 debugging service timestamps log datetime msec service timestamps debug datetime msec ! logging trap debugging logging facility user logging source-interface Loopback 0 logging 10.10.10.4 FTOS#
You can save system log messages with a UNIX system logging facility.
To configure a UNIX logging facility level, use the following command in the CONFIGURATION mode:
Command Syntax Command Mode Purpose
logging facility [facility-type] CONFIGURATION Specify one of the following parameters.
auth (for authorization messages)
cron (for system scheduler messages)
daemon (for system daemons)
kern (for kernel messages)
local0 (for local use)
local1 (for local use)
local2 (for local use)
local3 (for local use)
local4 (for local use)
local5 (for local use)
local6 (for local use)
local7 (for local use). This is the default.
lpr (for line printer system messages)
mail (for mail system messages)
news (for USENET news messages)
sys9 (system use)
sys10 (system use)
sys11 (system use)
sys12 (system use)
sys13 (system use)
sys14 (system use)
syslog (for syslog messages)
user (for user programs)
uucp (UNIX to UNIX copy protocol) The default is local7.
To view non-default settings, use the
Figure 4-3. show running-config logging Command Example
show running-config logging command (Figure 4-3) in EXEC mode.
Switch Management | 71
www.dell.com | support.dell.com

Synchronizing log messages

You can configure FTOS to filter and consolidate the system messages for a specific line by synchronizing the message output. Only the messages with a severity at or below the set level appear. This feature works on the terminal and console connections available on the system.
To synchronize log messages, use these commands in the following sequence starting in the CONFIGURATION mode:
Step Command Syntax Command Mode Purpose
1
line {console 0 | vty number [end-number]
|
aux 0}
CONFIGURATION Enter the LINE mode. Configure the
following parameters for the virtual terminal lines:
number range: zero (0) to 9.
end-number range: 1 to 8.
You can configure multiple virtual terminals at one time by entering a and an
end-number.
number
2
logging synchronous [level severity-level | all] [limit]
LINE Configure a level and set the maximum
To view the logging synchronous configuration, use the

Enabling timestamp on syslog messages

By default, syslog messages do not include a time/date stamp stating when the error or message was created.
T o configure FT OS to provide a ti mestamp with the syslog message, use the following command syntax in the CONFIGURATION mode:
Command Syntax Command Mode Purpose
service timestamps [log | debug
] [datetime [localtime]
msec] [show-timezone] |
[
uptime]
CONFIGURATION Add timestamp to syslog messages. Specify the following
optional parameters:
datetime: Y ou can add the keyword localtime to include the localtime, msec, and show-timezone. If you do not add
the keyword
uptime. To view time since last boot.
If neither parameter is specified, FTOS configures
number of messages to be printed. Configure the following optional parameters:
level severity-level range: 0 to 7.
Default is 2. Use the include all messages.
limit range: 20 to 300. Default is 20.
show config command in the LINE mode.
localtime, the time is UTC.
all keyword to
uptime.
To view the configuration, use the To disable time stamping on syslog messages, enter
72 | Switch Management
show running-config logging command in the EXEC privilege mode.
no service timestamps [log | debug].

File Transfer Services

FTOS#show running-config ftp ! ftp-server enable ftp-server username nairobi password 0 zanzibar FTOS#
With FTOS, you can configure the system to transfer files over the network using File Transfer Protocol (FTP). One FTP application is copying the system image files over an interface on to the system; however, FTP is not supported on VLAN interfaces.
For more information on FTP, refer to RFC 959, File Transfer Pr oto col.
Note: To transmit large files, Dell Networking recommends configuring the switch as an FTP server.

Configuring Task List for File Transfer Services

The following list includes the configuration tasks for file transfer services:
Enabling FTP server (mandatory)
Configuring FTP server parameters (optional)
Configuring FTP client parameters (optional)

Enabling FTP server

To enable the system as an FTP server, use the following command in the CONFIGURATIO N mode:
Command Syntax Comm and Mo de Purpose
ftp-server enable
To view the FTP configuration, enter the
CONFIGURATION Enable FTP on the system.
show running-config ftp command in EXEC privilege mode
(Figure 4-4).
Figure 4-4. show running-config ftp Command Example
Switch Management | 73

Configuring FTP server parameters

After the FTP server is enabled on the system, you can configure different parameters.
To configure FTP server parameters, use any or all of the following commands in the CONFIGURATION mode:
Command Syntax Command Mode Purpose
ftp-server topdir dir CONFIGURATION Specify the directory for users using FTP to reach the
system. The default is the internal flash directory.
www.dell.com | support.dell.com
ftp-server username username password [encryption-type]
password
Note: You cannot use the change directory (cd) command until ftp-server topdir has been configured.
To view the FTP configuration, use the
CONFIGURATION Specify a user name for all FTP users and configure either
a plain text or encrypted password. Configure the following optional and required parameters:
username: Enter a text string
encryption-type: Enter 0 for plain text or 7 for
encrypted text.
password: Enter a text string.
show running-config ftp command in EXEC privilege mode.

Configuring FTP client parameters

To configure FTP client parameters, use the following commands in the CONFIGURATION mode:
Command Syntax Command Mode Purpose
ip ftp source-interface interface CONFIGURATION Enter the following keywords and slot/port or number
information:
For a Gigabit Ethernet interface, enter the keyword
GigabitEthernet followed by the slot/port information.
For a loopback interface, enter the keyword followed by a number between 0 and 16383.
For a port channel interface, enter the keyword
port-channel followed by a number from 1 to 255.
For a 10-Gigabit Ethernet interface, enter the keyword
TenGigabitEthernet followed by the slot/port
information.
For a VLAN interface, enter the keyword by a number from 1 to 4094.
For a 40-Gigabit Ethernet interface, enter the keyword
fortyGigE followed by the slot/port information.
loopback
vlan followed
ip ftp password password ip ftp username name CONFIGURATIO N Enter username to use on FTP client.
74 | Switch Management
CONFIGURATION Configure a password.
To view FTP configuration, use the show running-config ftp command in the EXEC privilege mode as
FTOS(conf-std-nacl)#show config ! ip access-list standard myvtyacl seq 5 permit host 10.11.0.1 FTOS(conf-std-nacl)#line vty 0 FTOS(conf-line-vty)#show config line vty 0 access-class myvtyacl
shown in the example for Enabling FTP server.

Terminal Lines

You can access the system remotely and restrict access to the system by creating user profiles. The terminal lines on the system provide different means of accessing the system. The virtual terminal lines (VTY) connect you through Telnet to the system. The auxiliary line (aux) connects secondary devices such as modems.

Denying and Permitting Access to a Terminal Line

Dell Networking recommends applying only standard ACLs to deny and permit access to VTY lines.
Layer 3 ACL deny all traffic that is not explicitly permitted, but in the case of VTY lines, an ACL with no rules does not deny any traffic.
You cannot use VTY line.
To apply an IP ACL to a line:
show ip accounting access-list to display the contents of an ACL that is applied only to a
Task Command Syntax Command Mode
Apply an ACL to a VTY line.
To view the configuration, enter the
Figure 4-5. Applying an Access List to a VTY Line
FTOS Behavior: Prior to FTOS ve rsion 7.4.2.0, in order to d eny access on a VTY line, you must app ly
an ACL and AAA authentication to the line. Then users are denied access only after they enter a username and password. Beginning in FTOS version 7.4.2.0, only an ACL is required, and users are denied access before they are prompted for a username and password.
ip access-class access-list LINE
show config command in LINE mode (Figure 4-5).
Switch Management | 75
www.dell.com | support.dell.com

Configuring Login Authentication for Terminal Lines

You can use any combination of up to 6 authentication methods to authenticate a user on a terminal line. A combination of authentication methods is called a method list. If the user fails the first authentication method, FTOS prompts the next method until all methods are exhausted, at which point the connection is terminated. The available authentication methods are:
enable—Prompt for the enable password. line—Prompt for the e password you assigned to the terminal line. You must configure a password for
• the terminal line to which you assign a method list that contains the Configure a password using the command password from LINE mode.
local—Prompt for the the system username and password.
none—Do not authenticate the user.
radius—Prompt for a username and password and use a RADIUS server to authenticate. tacacs+—Prompt for a username and password and use a TACACS+ server to authenticate.
To configure authentication for a terminal line, follow these steps:
Step Task Command Syntax Command Mode
line authentication method.
1 Create an authentication met hod list.
You may use a mnemonic name or use the keyword authentication method for terminal lines is list is empty.
2 Apply the me thod list from Step 1 to
a terminal line.
3 If you used the line authentication
method in the method list you applied to the terminal line, configure a password for the terminal line.
local, and the default method
default. The default
aaa authentication login {method-list-name | default} [method-1] [method-2] [method-3]
[
method-4] [method-5] [method-6]
login authentication {method-list-name | default}
password
VTY lines 0-2 use a single authentication method,
CONFIGURATION
CONFIGURATION
LINE
line (Figure 4-6).
76 | Switch Management
Figure 4-6. Configuring Login Authentication on a Terminal Line
FTOS(conf)#aaa authentication login myvtymethodlist line FTOS(conf)#line vty 0 2 FTOS(conf-line-vty)#login authentication myvtymethodlist FTOS(conf-line-vty)#password myvtypassword FTOS(conf-line-vty)#show config line vty 0 password myvtypassword login authentication myvtymethodlist line vty 1 password myvtypassword login authentication myvtymethodlist line vty 2 password myvtypassword login authentication myvtymethodlist FTOS(conf-line-vty)#
FTOS(conf)#line con 0 FTOS(conf-line-console)#exec-timeout 0 FTOS(conf-line-console)#show config line console 0 exec-timeout 0 0 FTOS(conf-line-console)#

Timing out of EXEC Privilege Mode

EXEC timeout is a basic security feature that returns FTOS to the EXEC mode after a period of inactivity on terminal lines.
To change the timeout period or disable EXEC timeout.
Task Command Syntax Command Mode
Set the number of minutes and seconds. Default: 10 minutes on console, 30 minutes on VTY.
exec-timeout minutes [seconds]
LINE Disable EXEC timeout by setting the timeout period to 0. Return to the default timeout values.
To view the configuration, enter the
show config command from LINE mode (Figure 4-7).
no exec-timeout
LINE
Figure 4-7. Configuring EXEC Timeout
Switch Management | 77

Telneting to Another Network Device

FTOS# telnet 10.11.80.203 Trying 10.11.80.203... Connected to 10.11.80.203. Exit character is '^]'. Login: Login: admin Password: FTOS>exit FTOS#telnet 2200:2200:2200:2200:2200::2201 Trying 2200:2200:2200:2200:2200::2201... Connected to 2200:2200:2200:2200:2200::2201. Exit character is '^]'. FreeBSD/i386 (freebsd2.dell.com) (ttyp1) login: admin FTOS#
To telnet to another device:
Task Command Syntax Command Mode
www.dell.com | support.dell.com
T elnet to the stack-unit.You do not need to configure the management port on the stack-unit to be able to telnet to it.
Telnet to a device with an IPv4 or IPv6 address. If you do not enter an IP address, FTOS enters a Telnet dialog that prompts you for one.
Enter an IPv4 address in dotted decimal format (A.B.C.D).
Enter an IPv6 address in the format
0000:0000:0000:0000:0000:0000:0000:0000. Elision of zeros is supported.
Figure 4-8. Telnet to Another Network Device
telnet-peer-stack-unit
telnet [ip-address]
EXEC Privilege
EXEC Privilege

Locking CONFIGURATION mode

FTOS allows multiple users to make configurations at the same time. You can lock CONFIGURATION mode so that only one user can be in CONFIGURATION mode at any time (Message 2).
A two types of locks can be set: auto and manual.
Set an auto-lock using the command When you set an auto-lock, every time a user is in CONFIGURATION mode all other users are denied access. This means that you can exit to EXEC Privilege mode, and re-enter CONFIGURATION mode without having to set the lock again.
78 | Switch Management
Set a manual lock using the command you configure a manual lock, which is the default, you must enter this command time you want to enter CONFIGURATION mode and deny access to others.
configuration mode exclusive auto from CONFIGURATION mode.
configure terminal lock from CONFIGURATION mode. When
Figure 4-9. Locking CONFIGURATION mode
FTOS(conf)#configuration mode exclusive auto FTOS(conf)#exit Feb 5 11:55:41: %STKUNIT0-M:CP %SYS-5-CONFIG_I: Configured from console
FTOS#config ! Locks configuration mode exclusively. FTOS(conf)#
If another user attempts to enter CONFIGURATION mode while a lock is in place, Message 1 appears on their terminal.
Message 1 CONFIGURATION mode Locked Error
% Error: User "" on line console0 is in exclusive configuration mode
If any user is already in CONFIGURATION mode when while a lock is in place, Message 2 appears on their terminal.
Message 2 Cannot Lock CONFIGURATION mode Error
% Error: Can't lock configuration mode exclusively since the following users are
currently configuring the system:
User "admin" on line vty1 ( 10.1.1.1 )
Note: The CONFIGURATION mode lock corresponds to a VTY session, not a user. Therefore, if you configure a lock and then exit CONFIGURATION mode, and another user enters CONFIGURATION mode, when you attempt to re-enter CONFIGURATION mode, you are denied access even though you are the one that configured the lock.
Note: If your session times out and you return to EXEC mode, the CONFIGURATION mode lock is unconfigured.

Viewing the Configuration Lock Status

If you attempt to enter CONFIGURAT ION mode when another user has locked it, you may view which user has control of CONFIGURATION mode using the command Privilege mode.
You can then send any user a message using the you can clear any line using the command
send command from EXEC Privilege mode. Alternatively
clear from EXEC Privilege mode. If you clear a console session,
the user is returned to EXEC mode.
show configuration lock from EXEC
Switch Management | 79

Recovering from a Forgotten Password

If you configure authentication for the console and you exit out of EXEC mode or your console session times out, you are prompted for a password to re-enter.
If you forget your password, follow these steps:
Step Task Command Syntax Command Mode
1 Log onto the system via console. 2 Power-cycle the chassis by switching off all of the power modules and then switching them back on.
www.dell.com | support.dell.com
3 Press any key to abort the boot
process and enter Boot User mode. The BOOT USER prompt is displayed.
4 Set the system parameters to ignore
the startup configuration file when
the switch reloads. 5 Reload the system. 6 Copy startup-confi g.bak to th e
running config. 7 Remove all authentication statements
you might have for the console. 8 Save the running-config. 9 Set the system parameters to ignore
the startup configuration file when
the switch reloads.
10 Save the running-config. copy running-config startup-config
Press any key. During switch bootup
ignore startup config
reload copy flash://startup-config.bak
running-config no authentication login
no password copy running-config startup-config
ignore startup config
or
write memory
BOOT USER
BOOT USER EXEC Privilege
LINE
EXEC Privilege BOOT USER
EXEC Privilege

Recovering from a Forgotten Enable Password

If you forget the enable password, follow these steps:
Step Task Command Syntax Command Mode
1 Log onto the system via console. 2 Power-cycle the chassis by switching off all of the power modules and then switching them back on. 3 Press any key to abort the boot
process and enter Boot User mode.
The BOOT USER prompt is
displayed.
80 | Switch Management
Press any key. During switch bootup
Step Task Command Syntax Command Mode
4 Set the system parameters to ignore
the startup configuration file when
the switch reloads. 5 Reload the system. reload BOOT USER 6 Configure a new enable password. 7 Save the running-config to the
startup-config.
ignore startup config
enable {secret | password} CONFIGURATION
copy running-config startup-config
or
write memory
BOOT USER
EXEC Privilege

Recovering from a Failed Start

An S5000 that does not start correctly might be attempting to boot from a corrupted FTOS image or from a mis-specified location. In that case, you can restart the system and interrupt the boot process to point the system to another FTOS image and boot parameters. For more information on the Boot User commands, refer to the Boot User chapter in the FTOS Command Line Reference for the S5000.
Step Task Command Syntax Command Mode
1 Power-cycle the chassis (pull the power cord and reinsert it). 2 Press any key to abort the boot process and
enter Boot User mode. The BOOT USER prompt is displayed.
Press any key. During switch
bootup
3 Configure the FTOS image and parameters
to use when the switch reloads. Default: The S5000 boots using the primary parameters if they are valid. If the primary parameters are not valid, the switch boots with the secondary parameters. If the secondary parameters are not valid, it boots with the default parameters.
4 Assign an IP address to the Management
Ethernet interface.
5 Assign an IP address as the default
gateway for the switch.
6 Reload the switch. reload BOOT USER
boot change {primary | secondary | default} BOOT USER
interface management ethernet ip address
ip-address
default gateway
ip-address BOOT USER
BOOT USER
Switch Management | 81
www.dell.com | support.dell.com
82 | Switch Management

802.1ag

802.1ag is available on the S5000 switch.
Ethernet Operations, Administration, and Maintenance (OAM) is a set of tools used to install, monitor, troubleshoot, and manage Ethernet infrastructure deployments. Etherne t OAM consists of three main areas:
1. Service Layer OAM: IEEE 802.1ag Connectivity Fault Management (CFM)
2. Link Layer OAM: IEEE 802.3ah OAM
3. Ethernet Local management Interface (MEF-16 E-LMI)
This chapter contains the following major sections:
Ethernet CFM
Maintenance Domains
Maintenance Points
Maintenance End Points
Implementation Information
Configuring CFM
Enabling Ethernet CFM
Creating a Maintenance Domain
Creating a Maintenance Association
Creating Maintenance Points
Continuity Check Messages
Loopback Message and Response
Linktrace Message and Response
Enabling CFM SNMP Traps
Displaying Ethernet CFM Statistics
5
802.1ag | 83
www.dell.com | support.dell.com

Ethernet CFM

Ethernet CFM is an end-to-end per-service-instance Ethernet OAM scheme which enables: proactive connectivity monitoring, fault verification, and fault isolation.
The service-instance with regard to OAM for Metro/Carrier Ethernet is a VLAN. This service is sold to an end-customer by a network service provider. Typically, the service provider contracts with multiple network operators to provide end-to-end service between customers. For end-to-end service between customer switches, connectivity must be present across the service provider through multiple network operators.
Layer 2 Ethernet networks usually cannot be managed with IP tools such as ICMP Ping and IP Traceroute. Traditional IP tools often fail because:
there are complex interactions between various Layer 2 and Layer 3 protocols such as STP, LAG, VRRP, and ECMP configurations.
Ping and traceroute are not designed to verify data connectivity in the network and within each node in the network (such as in the switching fabric and hardware forwarding tables).
when networks are built from different operational domains, access controls impose restrictions that cannot be overcome at the IP level, resulting in poor fault visibility. There is a need for hierarchical domains that can be monitored and maintained independently by each provider or operator.
routing protocols choose a subset of the total network topology for forwarding, making it hard to detect faults in links and nodes that are not included in the active routing topology. This is made more complex when using some form of Traffic Engineering (TE) based routing.
network and element discovery and cataloging is not clearly defined using IP troubleshooting tools.
There is a need for Layer 2 equivalents to manage and troubleshoot native Layer 2 Ethernet networks. W ith these tools, you can identify, isolate, and repair faults quickly and easily , which reduces operational cost of running the network. OAM also increases availability and reduces mean time to recovery, which allows for tighter service-level agreements, resulting in increased revenue for the service provider.
In addition to providing end-to-end OAM in native Layer 2 Ethernet Service Provider/Metro networks, you can also use CFM to manage and troubleshoot any Layer 2 ne twork including enterprise, datacenter, and cluster networks.

Maintenance Domains

A CFM maintenance domain is a management space on a network that is owned and operated by a single management entity . The network administrator assigns a unique maintenance level (0 to 7) to each domain to define the hierarchical relationship between domains. Domains can touch or nest but cannot overlap or intersect as that would require management by multiple entities.
CFM divides a network into hierarchical maintenance domains, as shown in the illustration below.
84 | 802.1ag
Figure 5-1. OAM Domains
Ethernet Access
MPLS Core MPLS Access
Customer Network
Customer Network
Customer Domain (7)
Provider Domain (6)
O
per
atorDom
ain (5)
Operator Domain (5)
Operator Domain (5)
MPLS Domain (4)
Service Provider Network
MIP
MEP
Customer Network
Service Provider Network
Customer Network
Ethernet Access
Operator Domain (5)
MPLS Core MPLS Access
Customer Domain (7)
Provider Domain (6)
Operator Dom
MPLS D
omain (4)
ain (5
)
Operator Domain (5)

Maintenance Points

Domains are comprised of logical entities called Maintenance Points. A maintenance point is an interface demarcation that confines CFM frames to a domain. There are two types of maintenance points:
Maintenance End Points (MEPs): a logical entity that marks the end-point of a domain
Maintenance Intermediate Points (MIPs): a logical entity configured at a port of a switch that is an intermediate point of a Maintenance Entity (ME). An ME is a point-to-point relationship between two MEPs within a single domain. MIPs are internal to a domain, not at the boundary, and respond to CFM only when triggered by linktrace and loopback messages. MIPs can be configured to snoop Continuity Check Messages (CCMs) to build a MIP CCM database.
Figure 5-2. Maintenance Points
These roles define the relationships between all devices so that each device can monitor the layers under its responsibility. Maintenance points drop all lower-level frames and forward all higher-level frames.
802.1ag | 85

Maintenance End Points

A Maintenance End Point (MEP) is a logical entity that marks the end-point of a domain. There are two types of MEPs defined in 802.1ag for an 802.1 bridge:
Up-MEP: monitors the forwarding path internal to an bridge on the customer or provider edge; on Dell Networking systems the internal forwarding path is effectively the switch fabric and forwarding engine.
Down-MEP: monitors the forwarding path external to another bridge.
Configure Up- MEPs on ingress ports, ports that send traffic towards the bridge relay. Configure Down-MEPs on egress ports, ports that send traffic away from the bridge relay.
www.dell.com | support.dell.com
Figure 5-3. Up-MEP versus Down-MEP
Customer Network
Service Provider Ethernet Access
towards relay
Up-MEP Down-MEP
away from relay

Implementation Information

Since the S5000 has a single MAC address for all physical/LAG interfaces, only one MEP is allowed per MA (per VLAN or per MD level).

Configuring CFM

Configuring CFM is a five-step process:
1. Configure the ecfmacl CAM region using the
Allocation.
2. Enabling Ethernet CFM.
3. Creating a Maintenance Domain.
4. Creating a Maintenance Association.
cam-acl command. Refer to User-Configurable CAM
5. Creating Maintenance Points.
6. Use CFM tools:
86 | 802.1ag
a Continuity Check Messages b Loopback Message and Response c Linktrace Message and Response

Related Configuration Tasks

Enabling CFM SNMP Traps
Displaying Ethernet CFM Statistics

Enabling Ethernet CFM

Task Command Syntax Command Mode
Spawn the CFM process. No CFM configuration is allowed until the CFM process is spawned.
Disable Ethernet CFM without stopping the CFM process.
ethernet cfm
disable
CONFIGURATION
ETHERNET CFM

Creating a Maintenance Domain

CFM divides a network into hierarchical maintenance domains, as shown in the illustration in Maintenance
Domains.
Step Task Command Syntax Command Mode
1 Create maintenance domain.
2 Display maintenance domain inform ati on.
FTOS# show ethernet cfm domain
Domain Name: customer Level: 7 Total Service: 1 Services MA-Name VLAN CC-Int X-CHK Status
My_MA 200 10s enabled
Domain Name: praveen Level: 6 Total Service: 1 Services MA-Name VLAN CC-Int X-CHK Status
Your_MA 100 10s enabled
domain name md-level number
Range: 0-7
show ethernet cfm domain [name | brief]
ETHERNET CFM
EXEC Privilege
802.1ag | 87

Creating a Maintenance Association

A Maintenance Association (MA) is a subdivision of an MD that contains all managed entities corresponding to a single end-to-end service, typically a VLAN. An MA is associated with a VLAN ID.
Task Command Syntax Command Mode
www.dell.com | support.dell.com
Create maintenance association.

Creating Maintenance Points

Domains are comprised of logical entities called Maintenance Points. A maintenance point is a interface demarcation that confines CFM frames to a domain. There are two types of maintenance points:
Maintenance End Points (MEPs): a logical entity that marks the end-point of a domain
Maintenance Intermediate Points (MIPs): a logical entity configured at a port of a switch that constitutes intermediate points of an Maintenance Entity (ME). An ME is a point-to-point relationship between two MEPs within a single domain.
These roles define the relationships between all devices so that each device can monitor the layers under its responsibility.

Creating a Maintenance End Point

A Maintenance End Point (MEP) is a logical entity that marks the end-point of a domain. There are two types of MEPs defined in 802.1ag for an 802.1 bridge:
Up-MEP: monitors the forwarding path internal to an bridge on the customer or provider edge; on Dell Networking systems the internal forwarding path is effectively the switch fabric and forwarding engine.
Down-MEP: monitors the forwarding path external another bridge.
service name vlan vlan-id ECFM DOMAIN
Configure Up- MEPs on ingress ports, ports that send traffic towards the bridge relay. Configure Down-MEPs on egress ports, ports that send traffic away from the bridge relay.
Task Command Syntax Command Mode
Create an MEP.
Display configured MEPs and MIPs.
88 | 802.1ag
ethernet cfm mep {up-mep | down-mep} domain {name | level } ma-name name mepid mep-id
Range: 1-8191
show ethernet cfm maintenance-points local [mep | mip]EXEC Privilege
INTERFACE
Task Command Syntax Command Mode
FTOS#show ethernet cfm maintenance-points local mep
------------------------------------------------------------------------------­MPID Domain Name Level Type Port CCM-Status MA Name VLAN Dir MAC
-------------------------------------------------------------------------------
100 cfm0 7 MEP Te 4/10 Enabled test0 10 DOWN 00:01:e8:59:23:45
200 cfm1 6 MEP Te 4/10 Enabled test1 20 DOWN 00:01:e8:59:23:45
300 cfm2 5 MEP Te 4/10 Enabled test2 30 DOWN 00:01:e8:59:23:45

Creating a Maintenance Intermediate Point

Maintenance Intermediate Point (MIP) is a logical entity configured at a port of a switch that constitutes intermediate points of an Maintenance Entity (ME). An ME is a point-to-point relationship between two MEPs within a single domain. An MIP is not associated with any MA or service instance, and it belongs to the entire MD.
Task Command Syntax Command Mode
Create an MIP. Display configured MEPs and
MIPs.
FTOS#show ethernet cfm maintenance-points local mip
------------------------------------------------------------------------------­MPID Domain Name Level Type Port CCM-Status MA Name VLAN Dir MAC
-------------------------------------------------------------------------------
0 service1 4 MIP Te 0/5 Disabled My_MA 3333 DOWN 00:01:e8:0b:c6:36
0 service1 4 MIP Te 0/5 Disabled Your_MA 3333 UP 00:01:e8:0b:c6:36
ethernet cfm mip domain {name | level } ma-name name INTERFACE show ethernet cfm maintenance-points local [mep | mip]EXEC Privilege

MP Databases

CFM maintains two MP databases:
MEP Database (MEP-DB): Every MEP must maintain a database of all other MEPs in the MA that have announced their presence via CCM.
802.1ag | 89
MIP Database (MIP-DB): Every MIP must maintain a database of all other MEPs in the MA that have announced their presence via CCM
Task Command Syntax Command Mode
Display the MEP Database.
FTOS#show ethernet cfm maintenance-points remote detail
MAC Address: 00:01:e8:58:68:78 Domain Name: cfm0 MA Name: test0 Level: 7
www.dell.com | support.dell.com
VLAN: 10 MP ID: 900 Sender Chassis ID: Dell MEP Interface status: Up MEP Port status: Forwarding Receive RDI: FALSE MP Status: Active
Display the MIP Database.
MP Database Persistence
Task Command Syntax Command Mode
Set the amount of time that data from a missing MEP is kept in the Continuity Check Database.
show ethernet cfm maintenance-points remote detail [active | domain {level | name} | expired | waiting]
show ethernet cfm mipdb
database hold-time minutes
Default: 100 minutes Range: 100-65535 minutes
EXEC Privilege
EXEC Privilege
ECFM DOMAIN

Continuity Check Messages

Continuity Check Messages (CCM) are periodic hellos used to:
discover MEPs and MIPs within a maintenance domain
detect loss of connectivity between MEPs
detect misconfiguration, such as VLAN ID mismatch between MEPs
to detect unauthorized MEPs in a maintenance domain
Continuity Check Messages (CCM) are multicast Ethernet frames sent at regular intervals from each MEP. They have a destination address based on the MD level (01:80:C2:00:00:3X where X is the MD level of the transmitting MEP from 0 to 7). All MEPs must listen to these multicast MAC addresses and process these messages. MIPs may optionally processes the CCM messages originated by MEPs and construct a MIP CCM database.
90 | 802.1ag
MEPs and MIPs filter CCMs from higher and lower domain levels as described in Table 5-1.
Table 5-1. Continuity Check Message Processing
Frames at Frames from UP-MEP Action Down-MEP Action MIP Action
Less than my level Bridge-relay side or Wire side Drop Drop Drop My level Bridge-relay side Consume Drop Add to MIP-DB
Wire side Drop Consume
Greater than my level Bridge-relay side or Wire side Forward Forward Forward
and forward
All the remote MEPs in the maintenance domain are defined on each MEP. Each MEP then expects a periodic CCM from the configured list of MEPs. A connectivity failure is then defined as:
1. Loss of 3 consecutive CCMs from any of the remote MEP, which indicates a network failure
2. Reception of a CCM with an incorrect CCM transmission interval, which indicates a configuration error.
3. Reception of CCM with an incorrect MEP ID or MAID, which indicates a configuration or cross-connect error. This could happen when different VLANs are cross-connected due to a configuration error.
4. Reception of a CCM with an MD level lower than that of the receiving MEP, which indicates a configuration or cross-connect error.
5. Reception of a CCM containing a port status/interface status TLV, which indicates a failed bridge or aggregated port.
The Continuity Check protocol sends fault notifications (Syslogs, and SNMP traps if enabled) whenever any of the above errors are encountered.
802.1ag | 91

Enabling CCM

Step Task Command Syntax Command Mode
www.dell.com | support.dell.com
1 Enable CCM.
2 Configure the transmit interval (mandatory).
The interval specified applies to all MEPs in the domain.
no ccm disable
Default: Disabled
ccm transmit-interval seconds
Default: 10 seconds
ECFM DOMAIN
ECFM DOMAIN

Enabling Cross-checking

Task Command Syntax Command Mode
Enable cross-checking.
Start the cross-check operation for an MEP. Configure the amount of time the system waits for a
remote MEP to come up before the cross-check operation is started.
mep cross-check enable
Default: Disabled
mep cross-check mep-id mep cross-check start-delay number
ETHERNET CFM
ETHERNET CFM ETHERNET CFM

Loopback Message and Response

Loopback Message and Response (LBM, LBR), also called Layer 2 Ping, is an administrative echo transmitted by MEPs to verify reachability to another MEP or MIP within the maintenance domain. LBM and LBR are unicast frames.
Task Command Syntax Command Mode
Send a Loopback message.

Linktrace Message and Response

Linktrace Message and Response (LTM, LTR), also called Layer 2 Traceroute, is an administratively sent multicast frames transmitted by MEPs to track, hop-by-hop, the path to another MEP or MIP within the maintenance domain. All MEPs and MIPs in the same domain respond to an LTM with a unicast LTR. Intermediate MIPs forward the LTM toward the target MEP.
92 | 802.1ag
ping ethernet domain name ma-name ma-name remote {mep-id
|
mac-addr mac-address} source {mep-id | port interface}
EXEC Privilege
Figure 5-4. Linktrace Message and Response
MPLS Core
MEP
MIP MIP
MIP
L
i
n
k
t
r
a
c
e
m
M
e
s
s
a
g
e
Link trace messages carry a unicast target address (the MAC address of an MIP or MEP) inside a multicast frame. The destination group address is based on the MD level of the transmitting MEP (01:80:C2:00:00:3[8 to F]). The MPs on the path to the target MAC address reply to the LTM with an LTR, and relays the LTM towards the target MAC until the target MAC is reached or TTL equals 0.
Task Command Syntax Command Mode
Send a Linktrace message. Since the
traceroute ethernet domain
EXEC Privilege L TM is a Multicast message sent to the entire ME, there is no need to specify a destination.

Enabling Link Trace Cache

After a Link Trace command is executed, the trace information can be cached so that you can view it later without retracing.
Task Command Syntax Command Mode
Enable Link Trace caching. Set the amount of time a trace result is cached.
Set the size of the Link Trace Cache.
Display the Link Trace Cache.
traceroute cache traceroute cache hold-time minutes
Default: 100 minutes Range: 10-65535 minutes
traceroute cache size entries
Default: 100 Range: 1 - 4095 entries
show ethernet cfm traceroute-cache
CONFIGURATION ETHERNET CFM
ETHERNET CFM
EXEC Privilege
802.1ag | 93
Task Command Syntax Command Mode
FTOS#show ethernet cfm traceroute-cache
Traceroute to 00:01:e8:52:4a:f8 on Domain Customer2, Level 7, MA name Test2 with VLAN 2
-----------------------------------------------------------------------------­ Hops Host IngressMAC Ingr Action Relay Action Next Host Egress MAC Egress Action FWD Status
------------------------------------------------------------------------------
4 00:00:00:01:e8:53:4a:f8 00:01:e8:52:4a:f8 IngOK RlyHit 00:00:00:01:e8:52:4a:f8 Terminal MEP
www.dell.com | support.dell.com
Delete all Link Trace Cache entries.

Enabling CFM SNMP Traps

Task Command Syntax Command Mode
Enable SNMP trap messages for Ethernet CFM.
A Trap is sent only when one of the five highest priority defects occur, as shown in Table 5-2.
Table 5-2. ECFM SNMP Traps
Cross-connect defect Error-CCM defect MAC Status defect Remote CCM defect RDI defect
clear ethernet cfm traceroute-cache
snmp-server enable traps ecfm
%ECFM-5-ECFM_XCON_ALA RM: Cross connect fault detected by MEP 1 in Domai n customer1 at Level 7 VLAN 1000
%ECFM-5-ECFM_ERROR_ALARM: Error CCM Defect detected by MEP 1 in Domain customer1 at Level 7 VLAN 1000
%ECFM-5-ECFM_MAC_STATUS_ALARM: MAC Status Defect detected by MEP 1 in Domain provider at Level 4 VLAN 3000
%ECFM-5-ECFM_REMOTE_ALARM: Remote CCM Defect detected by MEP 3 in Domain customer1 at Level 7 VLAN 1000
%ECFM-5-ECFM_RDI_ALARM: RDI Defect detected by MEP 3 in Domain customer1 at Level 7 VLAN 1000
EXEC Privilege
CONFIGURATION
Three values are giving within the trap messages: MD Index, MA Index, and MPID. You can reference these values against the output of
mep
94 | 802.1ag
show ethernet cfm domain and show ethernet cfm maintenance-points local
.
FTOS#show ethernet cfm maintenance-points local mep
------------------------------------------------------------------------
------­MPID Domain Name Level Type Port
CCM-Status MA Name VLAN Dir MAC
------------------------------------------------------------------------
-------
100 cfm0 7 MEP Te 4/10 Enabled
test0 10 DOWN 00:01:e8:59:23:45
FTOS(conf-if-te-0/6)#do show ethernet cfm domain
Domain Name: My_Name
MD Index: 1
Level: 0 Total Service: 1 Services
MA-Index MA-Name VLAN CC-Int X-CHK Status
1 test 0 1s enabled
Domain Name: Your_Name MD Index: 2 Level: 2 Total Service: 1 Services
MA-Index MA-Name VLAN CC-Int X-CHK Status
1 test 100 1s enabled

Displaying Ethernet CFM Statistics

Task Command Syntax Command Mode
Display MEP CCM statistics.
FTOS# show ethernet cfm statistics
Domain Name: Customer Domain Level: 7 MA Name: My_MA MPID: 300
CCMs: Transmitted: 1503 RcvdSeqErrors: 0 LTRs: Unexpected Rcvd: 0 LBRs: Received: 0 Rcvd Out Of Order: 0 Received Bad MSDU: 0 Transmitted: 0
Display CFM statistics by port.
show ethernet cfm statistics [domain {name | level} vlan-id
vlan-id mpid mpid
show ethernet cfm port-statistics [interface] EXEC Privilege
EXEC Privilege
802.1ag | 95
www.dell.com | support.dell.com
Task Command Syntax Command Mode
FTOS#show ethernet cfm port-statistics interface tengigabitethernet 0/5 Port statistics for port: Te 0/5 ==================================
RX Statistics ============= Total CFM Pkts 75394 CCM Pkts 75394 LBM Pkts 0 LTM Pkts 0 LBR Pkts 0 LTR Pkts 0 Bad CFM Pkts 0 CFM Pkts Discarded 0 CFM Pkts forwarded 102417
TX Statistics ============= Total CFM Pkts 10303 CCM Pkts 0 LBM Pkts 0 LTM Pkts 3 LBR Pkts 0 LTR Pkts 0
96 | 802.1ag

802.1X

802.1X is supported on the S5000 switch.
This chapter contains the following major sections:
Protocol Overview
Port-authentication Process
EAP over RADIUS
Configuring 802.1X
Enabling 802.1X
Configuring Request Identity Re-transmissions
Configuring a Quiet Period after a Failed Authentication
Forcibly Authorizing or Unauthorizing a Port
Re-authenticating a Port
Configuring Timeouts
Dynamic VLAN Assignment with Port Authentication
Guest and Authentication-fail VLANs
6

Protocol Overview

802.1X is a method of port security. A device connected to a port that is enabled with 802.1X is disallowed from sending or receiving packets on the network until its identity can be verified (through a username and password, for example). This feature is named for its IEEE specification.
802.1X | 97
802.1X employs Extensible Authentication Protocol (EAP)* to transfer a device’s credentials to an
Preamble
Start Frame Delimiter
Destination MAC (1:80:c2:00:00:03)
Source MAC (Auth Port MAC)
Ethernet Type (0x888e)
Protocol Version (1)
Packet Type
EAPOL Frame
Length
Code (0-4)
ID (Seq Number)
EAP-Method Frame
Length
EAP-Method Code (0-255)
Length
EAP-Method Data (Supplicant Requested Credentials)
Range: 0-4 Type: 0: EAP Packet 1: EAPOL Start 2: EAPOL Logoff 3: EAPOL Key 4: EAPOL Encapsulated-ASF-Alert
Range: 0-4 Type: 0: EAP Packet 1: EAPOL Start 2: EAPOL Logoff 3: EAPOL Key 4: EAPOL Encapsulated-ASF-Alert
EAP Frame
Padding
FCS
Range: 1-4 Codes: 1: Request 2: Response 3: Success 4: Failure
Range: 1-255 Codes: 1: Identity 2: Notification 3: NAK 4: MD-5 Challenge 5: One-Time Challenge 6: Generic Token Card
authentication server (typically RADIUS) via a mandatory intermediary network access device, in this case, a Dell Networking switch. The network access device mediates all communication between the end-user device and the authentication server so that the network remains secure. The network access device uses EAP over Ethernet (EAPOL) to communicate with the end-user device and EAP over RADIUS to communicate with the server.
www.dell.com | support.dell.com
The illustration above and the illustration below show how EAP frames are encapsulated in Ethernet and RADIUS frames.
Figure 6-1. EAPOL Frame Format
98 | 802.1X
Note: FTOS supports 802.1X with EAP-MD5, EAP-OTP, EAP-TLS, EAP-TTLS, PEAPv0, PEAPv1, and
MS-CHAPv2 with PEAP.
The authentication process involves three devices:
The device attempting to access the network is the supplicant. The supplicant is not allowed to
communicate on the network until the port is authorized by the authenticator. It can only communicate with the authenticator in response to 802.1X requests.
The device with which the supplicant communicates is the authenticator. The authenicator is the gate
keeper of the network. It translates and forwards requests and responses between the authentication server and the supplicant. The authenticator also changes the status of the port based on the results of the authentication process. The Dell Networking switch is the authenticator .
•The authentication-server selects the authentication method, verifies the information provided by the
supplicant, and grants it network access privileges.
Ports can be in one of two states:
Ports are in an unauthorized state by default. In this state, non-802.1X traffic cannot be forwarded in
or out of the port.
The authenticator changes the port state to authorized if the server can authenticate the supplicant. In
this state, network traffic can be forwarded normally.
Note: The Dell Networking switches place 802.1X-enabled ports in the unauthorized state by default.

Port-authentication Process

The authentication process begins when the authenticator senses that a link status has changed from down to up:
1. When the authenticator senses a link state change, it requests that the supplicant identify itself using an EAP Identity Request Frame.
2. The supplicant responds with its identity in an EAP Response Identity frame.
3. The authenticator decapsulates the EAP Response from the EAPOL frame, encapsulates it in a RADIUS Access-Request frame, and forwards the frame to the authentication server.
4. The authentication server replies with an Access-Challenge. The Access-Challenge is request that the supplicant prove that it is who it claims to be, using a specified method (an EAP-Method). The challenge is translated and forwarded to the supplicant by the authenticator.
5. The supplicant can negotiate the authentication method, but if it is acceptable, the supplicant provides the requested challenge information in an EAP Response, which is translated and forwarded to the authentication server as another Access-Request.
6. If the identity information provided by the supplicant is valid, the authentication server sends an Access-Accept frame in which network privileges are specified. The authenticator changes the port state to authorized, and forwards an EAP Success frame. If the identity information is invalid, the server sends and Access-Reject frame. The port state remains unauthorized, and the authenticator forwards EAP Failure frame
802.1X | 99
Figure 6-2. 802.1X Authentication Process
on
EAP {Sucess | Failure}
Code
Identifier
Length
Message-Authenticator Attribute
EAP-Message Attribute
Range: 1-4 Codes: 1: Access-Request 2: Access-Accept 3: Access-Reject 11: Access-Challenge
Type (79)
Length
EAP-Method Data (Supplicant Requested Credentials)
fnC0034mp
Supplicant
Authenticator
Authenticati Server
www.dell.com | support.dell.com
EAP over LAN (EAPOL)
Request Identity
Response Identity
EAP Request
EAP Reponse

EAP over RADIUS

Access Request
Access Challenge
Access Request
Access {Accept | Reject}
EAP over RADIUS
802.1X uses RADIUS to shuttle EAP packets between the authenticator and the authentication server, as
defined in RFC 3579. EAP messages are encapsulated in RADIUS packets as a type of attribute in Type, Length, Value (TLV) format. The Type value for EAP messages is 79.
Figure 6-3. RADIUS Frame Format

RADIUS Attributes for 802.1 Support

Dell Networking systems includes the following RADIUS attributes in all 802.1X-triggered Access-Request messages:
Attribute 31—Calling-station-id: relays the supplicant MAC address to the authentication server.
100 | 802.1X
Loading...
Buy Points How it Works FAQ Contact Us Questions and Suggestions Privacy Policy Cookie Policy Terms of Use