Dell Z9500 User Manual

Dell Networking Configuration Guide for the Z9500 Switch
9.7(0.0)
Notes, Cautions, and Warnings
NOTE: A NOTE indicates important information that helps you make better use of your computer.
CAUTION: A CAUTION indicates either potential damage to hardware or loss of data and tells you how to avoid the problem.
WARNING: A WARNING indicates a potential for property damage, personal injury, or death.
intellectual property laws. Dell™ and the Dell logo are trademarks of Dell Inc. in the United States and/or other jurisdictions. All other marks and names mentioned herein may be trademarks of their respective companies.
2015 - 01
Rev. A00
Contents
1 About this Guide................................................................................................. 33
Audience..............................................................................................................................................33
Conventions........................................................................................................................................ 33
Related Documents............................................................................................................................ 33
2 Configuration Fundamentals........................................................................... 34
Accessing the Command Line............................................................................................................34
CLI Modes............................................................................................................................................34
Navigating CLI Modes................................................................................................................... 35
The do Command...............................................................................................................................38
Undoing Commands...........................................................................................................................39
Obtaining Help....................................................................................................................................40
Entering and Editing Commands....................................................................................................... 40
Command History............................................................................................................................... 41
Filtering show Command Outputs..................................................................................................... 41
Multiple Users in Configuration Mode............................................................................................... 43
3 Getting Started................................................................................................... 44
Console Access...................................................................................................................................44
Serial Console................................................................................................................................44
Default Configuration......................................................................................................................... 45
Configuring a Host Name...................................................................................................................45
Accessing the System Remotely........................................................................................................ 46
Accessing the Z9500 Remotely....................................................................................................46
Configure the Management Port IP Address............................................................................... 46
Configure a Management Route.................................................................................................. 47
Configuring a Username and Password.......................................................................................47
Configuring the Enable Password...................................................................................................... 47
Manage Configuration Files................................................................................................................48
File Storage....................................................................................................................................48
Copy Files to and from the System.............................................................................................. 48
Save the Running-Configuration..................................................................................................50
Configure the Overload Bit for a Startup Scenario......................................................................50
Viewing Files..................................................................................................................................50
Changes in Configuration Files..................................................................................................... 51
Enabling Software Features on Devices Using a Command Option................................................ 52
View Command History......................................................................................................................53
Upgrading the Dell Networking OS....................................................................................................53
Using Hashes to Validate Software Images........................................................................................53
4 Switch Management.......................................................................................... 55
Configuring Privilege Levels................................................................................................................55
Creating a Custom Privilege Level................................................................................................55
Removing a Command from EXEC Mode....................................................................................55
Moving a Command from EXEC Privilege Mode to EXEC Mode................................................ 55
Allowing Access to CONFIGURATION Mode Commands.......................................................... 56
Allowing Access to the Following Modes.................................................................................... 56
Applying a Privilege Level to a Username.................................................................................... 58
Applying a Privilege Level to a Terminal Line...............................................................................58
Configuring Logging...........................................................................................................................58
Audit and Security Logs.................................................................................................................59
Configuring Logging Format ...................................................................................................... 60
Setting Up a Secure Connection to a Syslog Server.................................................................... 61
Log Messages in the Internal Buffer...................................................................................................62
Configuration Task List for System Log Management.................................................................62
Disabling System Logging...................................................................................................................62
Sending System Messages to a Syslog Server....................................................................................63
Configuring a UNIX System as a Syslog Server............................................................................63
Display the Logging Buffer and the Logging Configuration............................................................. 63
Changing System Logging Settings................................................................................................... 64
Configuring a UNIX Logging Facility Level.........................................................................................65
Synchronizing Log Messages............................................................................................................. 66
Enabling Timestamp on Syslog Messages......................................................................................... 66
File Transfer Services...........................................................................................................................67
Configuration Task List for File Transfer Services........................................................................ 67
Enabling the FTP Server................................................................................................................ 67
Configuring FTP Server Parameters............................................................................................. 68
Configuring FTP Client Parameters..............................................................................................68
Terminal Lines.....................................................................................................................................69
Denying and Permitting Access to a Terminal Line.....................................................................69
Configuring Login Authentication for Terminal Lines................................................................. 70
Setting Time Out of EXEC Privilege Mode..........................................................................................71
Using Telnet to Access Another Network Device.............................................................................. 71
Lock CONFIGURATION Mode............................................................................................................72
Viewing the Configuration Lock Status........................................................................................ 72
Recovering from a Forgotten Password on the Z9500.....................................................................73
Ignoring the Startup Configuration and Booting from the Factory-Default Configuration............ 73
Recovering from a Failed Start on the Z9500....................................................................................74
Restoring Factory-Default Settings.................................................................................................... 74
Important Points to Remember....................................................................................................74
Restoring Factory-Default Boot Environment Variables..............................................................75
5 802.1X................................................................................................................... 78
The Port-Authentication Process.......................................................................................................79
EAP over RADIUS........................................................................................................................... 81
Configuring 802.1X..............................................................................................................................81
Related Configuration Tasks......................................................................................................... 81
Important Points to Remember..........................................................................................................82
Enabling 802.1X...................................................................................................................................82
Configuring Request Identity Re-Transmissions...............................................................................84
Configuring a Quiet Period after a Failed Authentication........................................................... 84
Forcibly Authorizing or Unauthorizing a Port....................................................................................85
Re-Authenticating a Port....................................................................................................................86
Configuring Timeouts......................................................................................................................... 87
Configuring Dynamic VLAN Assignment with Port Authentication..................................................88
Guest and Authentication-Fail VLANs................................................................................................89
Configuring a Guest VLAN............................................................................................................90
Configuring an Authentication-Fail VLAN....................................................................................90
6 Access Control Lists (ACLs)...............................................................................92
IP Access Control Lists (ACLs)............................................................................................................ 93
CAM Usage.................................................................................................................................... 93
Implementing ACLs ......................................................................................................................94
IP Fragment Handling......................................................................................................................... 96
IP Fragments ACL Examples......................................................................................................... 96
Layer 4 ACL Rules Examples.........................................................................................................96
Configure a Standard IP ACL.............................................................................................................. 97
Configuring a Standard IP ACL Filter............................................................................................99
Configure an Extended IP ACL.........................................................................................................100
Configuring Filters with a Sequence Number............................................................................100
Configuring Filters Without a Sequence Number...................................................................... 101
Configure Layer 2 and Layer 3 ACLs................................................................................................ 102
Using ACL VLAN Groups...................................................................................................................103
Guidelines for Configuring ACL VLAN Groups.......................................................................... 103
Configuring an ACL VLAN Group...............................................................................................104
Allocating ACL VLAN CAM..........................................................................................................105
Applying an IP ACL to an Interface...................................................................................................105
Configure Ingress ACLs.............................................................................................................. 106
Configure Egress ACLs................................................................................................................107
Applying Egress Layer 3 ACLs (Control-Plane).......................................................................... 107
Counting ACL Hits.......................................................................................................................108
IP Prefix Lists..................................................................................................................................... 108
Implementation Information...................................................................................................... 109
Configuration Task List for Prefix Lists....................................................................................... 109
ACL Resequencing.............................................................................................................................113
Resequencing an ACL or Prefix List............................................................................................ 113
Route Maps........................................................................................................................................ 115
Implementation Information.......................................................................................................115
Important Points to Remember........................................................................................................ 115
Configuration Task List for Route Maps......................................................................................115
Configuring Match Routes.......................................................................................................... 118
Configuring Set Conditions.........................................................................................................119
Configure a Route Map for Route Redistribution...................................................................... 120
Configure a Route Map for Route Tagging................................................................................ 121
Continue Clause.......................................................................................................................... 121
7 Bare Metal Provisioning (BMP)....................................................................... 123
Enhanced Behavior of the stop bmp Command.............................................................................123
Removal of User-Defined String Parameter in the reload-type Command...................................123
Service Tag Information in the Option 60 String.............................................................................123
8 Bidirectional Forwarding Detection (BFD).................................................. 124
How BFD Works................................................................................................................................ 124
BFD Packet Format......................................................................................................................125
BFD Sessions................................................................................................................................127
BFD Three-Way Handshake........................................................................................................ 127
Session State Changes................................................................................................................ 128
Important Points to Remember........................................................................................................129
Configure BFD...................................................................................................................................129
Configure BFD for Static Routes.................................................................................................130
Configure BFD for OSPF..............................................................................................................131
Configure BFD for OSPFv3..........................................................................................................135
Configure BFD for IS-IS...............................................................................................................136
Configure BFD for BGP............................................................................................................... 139
Configure BFD for VRRP............................................................................................................. 146
Configuring Protocol Liveness................................................................................................... 149
9 Border Gateway Protocol IPv4 (BGPv4).......................................................150
Autonomous Systems (AS)................................................................................................................150
Sessions and Peers............................................................................................................................ 152
Establish a Session.......................................................................................................................153
Route Reflectors................................................................................................................................153
Communities............................................................................................................................... 154
BGP Attributes................................................................................................................................... 154
Best Path Selection Criteria.........................................................................................................155
Weight.......................................................................................................................................... 157
Local Preference..........................................................................................................................157
Multi-Exit Discriminators (MEDs)................................................................................................ 158
Origin........................................................................................................................................... 159
AS Path.........................................................................................................................................160
Next Hop..................................................................................................................................... 160
Multiprotocol BGP............................................................................................................................ 160
Implement BGP ................................................................................................................................ 161
Additional Path (Add-Path) Support............................................................................................161
Advertise IGP Cost as MED for Redistributed Routes.................................................................161
Ignore Router-ID for Some Best-Path Calculations..................................................................162
Four-Byte AS Numbers............................................................................................................... 162
AS4 Number Representation...................................................................................................... 162
AS Number Migration..................................................................................................................164
BGP4 Management Information Base (MIB).............................................................................. 166
Important Points to Remember..................................................................................................166
Configuration Information................................................................................................................167
BGP Configuration............................................................................................................................ 167
Enabling BGP...............................................................................................................................168
Configuring AS4 Number Representations................................................................................ 172
Configuring Peer Groups............................................................................................................ 173
Configuring BGP Fast Fail-Over..................................................................................................176
Configuring Passive Peering....................................................................................................... 178
Maintaining Existing AS Numbers During an AS Migration........................................................ 179
Allowing an AS Number to Appear in its Own AS Path..............................................................180
Enabling Neighbor Graceful Restart...........................................................................................180
Filtering on an AS-Path Attribute................................................................................................ 181
Regular Expressions as Filters..................................................................................................... 183
Redistributing Routes..................................................................................................................184
Enabling Additional Paths............................................................................................................185
Configuring IP Community Lists.................................................................................................185
Configuring an IP Extended Community List.............................................................................187
Filtering Routes with Community Lists.......................................................................................188
Manipulating the COMMUNITY Attribute...................................................................................188
Changing MED Attributes........................................................................................................... 190
Changing the LOCAL_PREFERENCE Attribute.......................................................................... 190
Changing the NEXT_HOP Attribute............................................................................................191
Changing the WEIGHT Attribute.................................................................................................192
Enabling Multipath.......................................................................................................................192
Filtering BGP Routes....................................................................................................................192
Filtering BGP Routes Using Route Maps.................................................................................... 194
Filtering BGP Routes Using AS-PATH Information.................................................................... 194
Configuring BGP Route Reflectors.............................................................................................195
Aggregating Routes.....................................................................................................................196
Configuring BGP Confederations...............................................................................................196
Enabling Route Flap Dampening................................................................................................ 197
Changing BGP Timers................................................................................................................ 200
Enabling BGP Neighbor Soft-Reconfiguration..........................................................................200
Route Map Continue...................................................................................................................201
Enabling MBGP Configurations........................................................................................................202
BGP Regular Expression Optimization.............................................................................................203
Debugging BGP................................................................................................................................ 203
Storing Last and Bad PDUs.........................................................................................................204
Capturing PDUs.......................................................................................................................... 205
PDU Counters.............................................................................................................................206
Sample Configurations.....................................................................................................................206
10 Content Addressable Memory (CAM)......................................................... 216
CAM Allocation..................................................................................................................................216
Test CAM Usage................................................................................................................................ 218
View CAM-ACL Settings....................................................................................................................218
View CAM Usage............................................................................................................................... 219
Return to the Default CAM Configuration.......................................................................................220
CAM Optimization............................................................................................................................ 220
Applications for CAM Profiling..........................................................................................................221
LAG HashingLAG Hashing Based on Bidirectional Flow............................................................221
Unified Forwarding Table (UFT) Modes............................................................................................221
Configuring UFT Modes.............................................................................................................. 221
11 Control Plane Policing (CoPP)..................................................................... 223
Z9500 CoPP Implementation.......................................................................................................... 223
Protocol-based Control Plane Policing..................................................................................... 223
Queue-based Control Plane Policing........................................................................................224
CoPP Example...................................................................................................................................225
Configure Control Plane Policing.................................................................................................... 226
Configuring CoPP for Protocols................................................................................................ 226
Examples of Configuring CoPP for Protocols............................................................................227
Configuring CoPP for CPU Queues...........................................................................................229
Examples of Configuring CoPP for CPU Queues......................................................................229
Displaying CoPP Configuration..................................................................................................230
Troubleshooting CoPP Operation................................................................................................... 234
Enabling CPU Traffic Statistics................................................................................................... 234
Viewing CPU Traffic Statistics.....................................................................................................234
Troubleshooting CPU Packet Loss.............................................................................................234
Viewing Per-Protocol CoPP Counters.......................................................................................237
Viewing Per-Queue CoPP Counters..........................................................................................239
12 Data Center Bridging (DCB)..........................................................................241
Ethernet Enhancements in Data Center Bridging............................................................................241
Priority-Based Flow Control.......................................................................................................242
Enhanced Transmission Selection............................................................................................. 243
Data Center Bridging Exchange Protocol (DCBx)..................................................................... 244
Data Center Bridging in a Traffic Flow.......................................................................................245
Enabling Data Center Bridging.........................................................................................................245
QoS dot1p Traffic Classification and Queue Assignment...............................................................246
SNMP Support for PFC and Buffer Statistics Tracking.................................................................... 246
DCB Maps and its Attributes.............................................................................................................247
DCB Map: Configuration Procedure.......................................................................................... 247
Important Points to Remember................................................................................................. 248
Applying a DCB Map on a Port...................................................................................................248
Configuring PFC without a DCB Map........................................................................................ 249
Configuring Lossless Queues.....................................................................................................249
Data Center Bridging: Default Configuration..................................................................................250
Configuring PFC and ETS in a DCB Map.......................................................................................... 251
PFC Configuration Notes............................................................................................................ 251
PFC Prerequisites and Restrictions.............................................................................................252
ETS Configuration Notes............................................................................................................ 252
ETS Prerequisites and Restrictions............................................................................................. 253
Configuring Priority-Based Flow Control........................................................................................254
Configuring Lossless Queues..................................................................................................... 255
Configure Enhanced Transmission Selection..................................................................................256
ETS Prerequisites and Restrictions............................................................................................. 256
Creating an ETS Priority Group.................................................................................................. 256
ETS Operation with DCBx...........................................................................................................257
Configuring Bandwidth Allocation for DCBx CIN..................................................................... 258
Applying the DCB Policies on Linecard........................................................................................... 259
Applying DCB Policies on SFM Ports............................................................................................... 259
Configure a DCBx Operation........................................................................................................... 259
DCBx Operation..........................................................................................................................260
DCBx Port Roles......................................................................................................................... 260
DCB Configuration Exchange.................................................................................................... 262
Configuration Source Election...................................................................................................262
Propagation of DCB Information............................................................................................... 263
Auto-Detection and Manual Configuration of the DCBx Version............................................ 263
Behavior of Tagged Packets.......................................................................................................264
Configuration Example for DSCP and PFC Priorities................................................................ 264
DCBx Example.............................................................................................................................265
DCBx Prerequisites and Restrictions..........................................................................................265
Configuring DCBx.......................................................................................................................266
Verifying the DCB Configuration......................................................................................................270
Generation of PFC for a Priority for Untagged Packets...................................................................281
Operations on Untagged Packets.................................................................................................... 281
Performing PFC Using DSCP Bits Instead of 802.1p Bits.................................................................281
PFC and ETS Configuration Examples............................................................................................. 282
Using PFC and ETS to Manage Data Center Traffic........................................................................ 282
PFC and ETS Configuration Command Examples.................................................................... 284
Using PFC and ETS to Manage Converged Ethernet Traffic.....................................................284
Hierarchical Scheduling in ETS Output Policies........................................................................284
Priority-Based Flow Control Using Dynamic Buffer Method..........................................................285
Pause and Resume of Traffic......................................................................................................285
Buffer Sizes for Lossless or PFC Packets................................................................................... 286
Configuring the Dynamic Buffer Method........................................................................................286
Sample Configurations.....................................................................................................................289
.....................................................................................................................................................289
13 Debugging and Diagnostics......................................................................... 293
Offline Diagnostics........................................................................................................................... 293
Important Points to Remember................................................................................................. 293
Running Offline Diagnostics.......................................................................................................293
Examples of Running Offline Diagnostics..................................................................................295
TRACE Logs.......................................................................................................................................302
Auto Save on Reload, Crash, or Rollover................................................................................... 303
Last Restart Reason...........................................................................................................................303
Line Card Restart Causes and Reasons......................................................................................303
show hardware Commands.............................................................................................................303
Environmental Monitoring................................................................................................................305
Display Power Supply Status...................................................................................................... 305
Display Fan Status....................................................................................................................... 306
Display Transceiver Type............................................................................................................306
Recognize an Over-Temperature Condition............................................................................ 308
Troubleshoot an Over-Temperature Condition........................................................................309
Troubleshooting Packet Loss............................................................................................................311
Displaying Drop Counters........................................................................................................... 311
Displaying Dataplane Statistics................................................................................................... 313
Displaying Line-Card Counters.................................................................................................. 314
Accessing Application Core Dumps................................................................................................. 315
Mini Core Dumps.............................................................................................................................. 316
Full Kernel Core Dumps....................................................................................................................316
Enabling TCP Dumps.........................................................................................................................317
14 Dynamic Host Configuration Protocol (DHCP)........................................318
DHCP Packet Format and Options...................................................................................................318
Assign an IP Address using DHCP....................................................................................................320
Implementation Information............................................................................................................ 321
Configure the System to be a DHCP Server.................................................................................... 322
Configuring the Server for Automatic Address Allocation........................................................ 322
Specifying a Default Gateway.....................................................................................................324
Configure a Method of Hostname Resolution.......................................................................... 324
Using DNS for Address Resolution.............................................................................................324
Using NetBIOS WINS for Address Resolution............................................................................324
Creating Manual Binding Entries................................................................................................ 325
Debugging the DHCP Server......................................................................................................325
Using DHCP Clear Commands...................................................................................................325
Configure the System to be a Relay Agent......................................................................................326
Configure the System to be a DHCP Client.................................................................................... 328
DHCP Client on a Management Interface................................................................................. 328
DHCP Client Operation with Other Features............................................................................ 329
Configure Secure DHCP...................................................................................................................329
Option 82.................................................................................................................................... 330
DHCP Snooping..........................................................................................................................330
Drop DHCP Packets on Snooped VLANs Only..........................................................................334
Dynamic ARP Inspection............................................................................................................ 334
Configuring Dynamic ARP Inspection........................................................................................335
Source Address Validation................................................................................................................336
Enabling IP Source Address Validation.......................................................................................337
DHCP MAC Source Address Validation...................................................................................... 337
Enabling IP+MAC Source Address Validation............................................................................ 337
Viewing the Number of SAV Dropped Packets..........................................................................338
Clearing the Number of SAV Dropped Packets.........................................................................338
15 Equal Cost Multi-Path (ECMP)..................................................................... 339
ECMP for Flow-Based Affinity.......................................................................................................... 339
Enabling Deterministic ECMP Next Hop....................................................................................339
Configuring the Hash Algorithm Seed....................................................................................... 339
Link Bundle Monitoring.................................................................................................................... 340
Managing ECMP Group Paths....................................................................................................340
Creating an ECMP Group Bundle............................................................................................... 341
Modifying the ECMP Group Threshold...................................................................................... 341
ECMP Support in L3 Host and LPM Tables......................................................................................342
16 FCoE Transit....................................................................................................344
Fibre Channel over Ethernet............................................................................................................ 344
Ensure Robustness in a Converged Ethernet Network...................................................................344
FIP Snooping on Ethernet Bridges...................................................................................................346
Using FIP Snooping...........................................................................................................................348
FIP Snooping Prerequisites.........................................................................................................348
Important Points to Remember................................................................................................. 349
Enabling the FCoE Transit Feature.............................................................................................350
Enable FIP Snooping on VLANs..................................................................................................350
Configure the FC-MAP Value.....................................................................................................350
Configure a Port for a Bridge-to-Bridge Link............................................................................350
Configure a Port for a Bridge-to-FCF Link.................................................................................351
Impact on Other Software Features........................................................................................... 351
FIP Snooping Restrictions........................................................................................................... 351
Configuring FIP Snooping...........................................................................................................351
FCoE Transit Configuration Example...............................................................................................353
Displaying FIP Snooping Information.............................................................................................. 354
17 Enabling FIPS Cryptography.........................................................................361
Configuration Tasks.......................................................................................................................... 361
Preparing the System........................................................................................................................ 361
Enabling FIPS Mode.......................................................................................................................... 362
Generating Host-Keys...................................................................................................................... 362
Monitoring FIPS Mode Status........................................................................................................... 363
Disabling FIPS Mode......................................................................................................................... 363
18 Flex Hash..........................................................................................................365
Flex Hash Capability Overview......................................................................................................... 365
Configuring the Flex Hash Mechanism............................................................................................365
RDMA Over Converged Ethernet (RoCE) Overview........................................................................366
Preserving 802.1Q VLAN Tag Value for Lite Subinterfaces............................................................. 367
19 Force10 Resilient Ring Protocol (FRRP).....................................................368
Protocol Overview............................................................................................................................368
Ring Status...................................................................................................................................369
Multiple FRRP Rings.................................................................................................................... 370
Important FRRP Points................................................................................................................370
Important FRRP Concepts..........................................................................................................370
Implementing FRRP.......................................................................................................................... 372
FRRP Configuration...........................................................................................................................372
Creating the FRRP Group............................................................................................................372
Configuring the Control VLAN................................................................................................... 373
Configuring and Adding the Member VLANs.............................................................................374
Setting the FRRP Timers..............................................................................................................375
Clearing the FRRP Counters....................................................................................................... 375
Viewing the FRRP Configuration................................................................................................ 376
Viewing the FRRP Information....................................................................................................376
Troubleshooting FRRP......................................................................................................................376
Configuration Checks.................................................................................................................376
Sample Configuration and Topology...............................................................................................376
20 GARP VLAN Registration Protocol (GVRP)................................................379
Important Points to Remember....................................................................................................... 379
Configure GVRP................................................................................................................................380
Related Configuration Tasks...................................................................................................... 380
Enabling GVRP Globally....................................................................................................................381
Enabling GVRP on a Layer 2 Interface..............................................................................................381
Configure GVRP Registration........................................................................................................... 381
Configure a GARP Timer.................................................................................................................. 382
21 Internet Group Management Protocol (IGMP).........................................384
IGMP Implementation Information..................................................................................................384
IGMP Protocol Overview..................................................................................................................384
IGMP Version 2........................................................................................................................... 384
IGMP Version 3............................................................................................................................386
Configure IGMP................................................................................................................................ 389
Related Configuration Tasks...................................................................................................... 389
Viewing IGMP Enabled Interfaces....................................................................................................390
Selecting an IGMP Version...............................................................................................................390
Viewing IGMP Groups.......................................................................................................................391
Adjusting Timers................................................................................................................................391
Adjusting Query and Response Timers...................................................................................... 391
Adjusting the IGMP Querier Timeout Value...............................................................................392
Configuring a Static IGMP Group.....................................................................................................392
Enabling IGMP Immediate-Leave.....................................................................................................393
IGMP Snooping.................................................................................................................................393
IGMP Snooping Implementation Information........................................................................... 393
Configuring IGMP Snooping...................................................................................................... 393
Removing a Group-Port Association......................................................................................... 394
Disabling Multicast Flooding...................................................................................................... 394
Specifying a Port as Connected to a Multicast Router..............................................................395
Configuring the Switch as Querier.............................................................................................395
Fast Convergence after MSTP Topology Changes......................................................................... 396
Designating a Multicast Router Interface........................................................................................ 396
22 Interfaces......................................................................................................... 397
Basic Interface Configuration...........................................................................................................397
Advanced Interface Configuration...................................................................................................397
Port Numbering Convention............................................................................................................397
Interface Types................................................................................................................................. 398
View Basic Interface Information.....................................................................................................398
Enabling a Physical Interface........................................................................................................... 400
Physical Interfaces............................................................................................................................ 401
Port Pipes.....................................................................................................................................401
Network Processing Units (NPUs).............................................................................................. 401
Configuration Task List for Physical Interfaces......................................................................... 402
Overview of Layer Modes...........................................................................................................402
Configuring Layer 2 (Data Link) Mode....................................................................................... 402
Configuring Layer 2 (Interface) Mode........................................................................................403
Configuring Layer 3 (Network) Mode........................................................................................ 403
Configuring Layer 3 (Interface) Mode........................................................................................404
Egress Interface Selection (EIS)........................................................................................................405
Important Points to Remember................................................................................................. 405
Configuring EIS........................................................................................................................... 405
Management Interfaces................................................................................................................... 406
Configuring a Dedicated Management Interface .....................................................................406
Configuring a Management Interface on an Ethernet Port...................................................... 407
VLAN Interfaces................................................................................................................................ 408
Loopback Interfaces.........................................................................................................................409
Null Interfaces...................................................................................................................................409
Port Channel Interfaces....................................................................................................................410
Port Channel Definition and Standards......................................................................................410
Port Channel Benefits................................................................................................................. 410
Port Channel Implementation....................................................................................................410
10/40 Gbps Interfaces in Port Channels.....................................................................................411
Configuration Tasks for Port Channel Interfaces.......................................................................411
Creating a Port Channel..............................................................................................................412
Adding a Physical Interface to a Port Channel...........................................................................412
Reassigning an Interface to a New Port Channel...................................................................... 414
Configuring the Minimum Oper Up Links in a Port Channel.................................................... 415
Adding or Removing a Port Channel from a VLAN....................................................................415
Assigning an IP Address to a Port Channel................................................................................ 416
Deleting or Disabling a Port Channel.........................................................................................416
Load Balancing Through Port Channels.................................................................................... 416
Load-Balancing Methods............................................................................................................417
Changing the Hash Algorithm.................................................................................................... 417
Bulk Configuration............................................................................................................................418
Interface Range........................................................................................................................... 418
Bulk Configuration Examples..................................................................................................... 418
Defining Interface Range Macros.................................................................................................... 420
Define the Interface Range......................................................................................................... 421
Choosing an Interface-Range Macro.........................................................................................421
Monitoring and Maintaining Interfaces............................................................................................ 421
Displaying Traffic Statistics on HiGig Ports......................................................................................422
Link Bundle Monitoring.................................................................................................................... 423
Monitoring HiGig Link Bundles........................................................................................................ 423
Guidelines for Monitoring HiGig Link-Bundles .........................................................................424
Enabling HiGig Link-Bundle Monitoring.................................................................................... 425
Fanning out 40G Ports Dynamically................................................................................................ 425
Splitting QSFP Ports to SFP+ Ports.................................................................................................. 426
Converting a QSFP or QSFP+ Port to an SFP or SFP+ Port...................................................... 426
Link Dampening................................................................................................................................ 431
Important Points to Remember................................................................................................. 432
Enabling Link Dampening...........................................................................................................432
Using Ethernet Pause Frames for Flow Control.............................................................................. 433
Enabling Pause Frames...............................................................................................................434
Configure the MTU Size on an Interface......................................................................................... 435
Auto-Negotiation on Ethernet Interfaces........................................................................................436
Set Auto-Negotiation Options................................................................................................... 436
View Advanced Interface Information............................................................................................. 437
Configuring the Interface Sampling Size................................................................................... 437
Dynamic Counters............................................................................................................................439
Clearing Interface Counters....................................................................................................... 439
23 Internet Protocol Security (IPSec).............................................................. 441
Configuring IPSec ............................................................................................................................442
24 IPv4 Routing................................................................................................... 443
IP Addresses......................................................................................................................................443
Implementation Information......................................................................................................443
Configuration Tasks for IP Addresses.............................................................................................. 443
Assigning IP Addresses to an Interface............................................................................................444
Configuring Static Routes................................................................................................................ 445
Configure Static Routes for the Management Interface.................................................................446
Enabling Directed Broadcast............................................................................................................446
Resolution of Host Names............................................................................................................... 447
Enabling Dynamic Resolution of Host Names................................................................................ 447
Specifying the Local System Domain and a List of Domains......................................................... 448
Configuring DNS with Traceroute................................................................................................... 448
ARP....................................................................................................................................................449
Configuration Tasks for ARP............................................................................................................ 449
Configuring Static ARP Entries.........................................................................................................450
Enabling Proxy ARP.......................................................................................................................... 450
Clearing ARP Cache......................................................................................................................... 450
ARP Learning via Gratuitous ARP......................................................................................................451
Enabling ARP Learning via Gratuitous ARP...................................................................................... 451
ARP Learning via ARP Request..........................................................................................................451
Configuring ARP Retries................................................................................................................... 452
ICMP.................................................................................................................................................. 453
Configuration Tasks for ICMP.......................................................................................................... 453
Enabling ICMP Unreachable Messages............................................................................................453
UDP Helper....................................................................................................................................... 454
Configure UDP Helper................................................................................................................454
Important Points to Remember................................................................................................. 454
Enabling UDP Helper........................................................................................................................454
Configuring a Broadcast Address.....................................................................................................455
Configurations Using UDP Helper................................................................................................... 455
UDP Helper with Broadcast-All Addresses...................................................................................... 455
UDP Helper with Subnet Broadcast Addresses............................................................................... 456
UDP Helper with Configured Broadcast Addresses........................................................................ 457
UDP Helper with No Configured Broadcast Addresses.................................................................. 457
Troubleshooting UDP Helper...........................................................................................................458
25 IPv6 Routing....................................................................................................459
Protocol Overview............................................................................................................................459
Extended Address Space............................................................................................................ 459
Stateless Autoconfiguration....................................................................................................... 459
IPv6 Headers...............................................................................................................................460
IPv6 Header Fields.......................................................................................................................461
Extension Header Fields............................................................................................................. 462
IPv6 Addressing...........................................................................................................................463
IPv6 Implementation on the Dell Networking OS...........................................................................465
Configuring the LPM Table for IPv6 Extended Prefixes.................................................................. 467
ICMPv6.............................................................................................................................................. 467
Path MTU Discovery......................................................................................................................... 467
IPv6 Neighbor Discovery..................................................................................................................468
IPv6 Neighbor Discovery of MTU Packets.................................................................................469
Configuring the IPv6 Recursive DNS Server..............................................................................469
Secure Shell (SSH) Over an IPv6 Transport...................................................................................... 471
Configuration Tasks for IPv6.............................................................................................................471
Adjusting Your CAM Profile.........................................................................................................472
Assigning an IPv6 Address to an Interface................................................................................. 472
Assigning a Static IPv6 Route......................................................................................................473
Configuring Telnet with IPv6......................................................................................................474
SNMP over IPv6...........................................................................................................................474
Displaying IPv6 Information....................................................................................................... 474
Displaying an IPv6 Configuration............................................................................................... 475
Displaying IPv6 Routes................................................................................................................475
Displaying the Running Configuration for an Interface.............................................................477
Clearing IPv6 Routes...................................................................................................................477
26 iSCSI Optimization.........................................................................................478
iSCSI Optimization Overview........................................................................................................... 478
Default iSCSI Optimization Values...................................................................................................480
iSCSI Optimization Prerequisites..................................................................................................... 480
Configuring iSCSI Optimization.......................................................................................................480
Displaying iSCSI Optimization Information..................................................................................... 483
Enable and Disable iSCSI Optimization........................................................................................... 484
Synchronizing iSCSI Sessions Learned on VLT-Lags with VLT-Peer..............................................485
Monitoring iSCSI Traffic Flows......................................................................................................... 485
Information Monitored in iSCSI Traffic Flows..................................................................................485
Detection and Auto-Configuration for Dell EqualLogic Arrays......................................................486
Configuring Detection and Ports for Dell Compellent Arrays........................................................486
Application of Quality of Service to iSCSI Traffic Flows..................................................................487
27 Intermediate System to Intermediate System..........................................488
IS-IS Protocol Overview...................................................................................................................488
IS-IS Addressing................................................................................................................................488
Multi-Topology IS-IS........................................................................................................................ 489
Transition Mode..........................................................................................................................489
Interface Support........................................................................................................................490
Adjacencies.................................................................................................................................490
Graceful Restart................................................................................................................................490
Timers..........................................................................................................................................490
Implementation Information............................................................................................................ 491
Configuration Information............................................................................................................... 492
Configuration Tasks for IS-IS......................................................................................................492
Configuring the Distance of a Route..........................................................................................501
Changing the IS-Type................................................................................................................. 501
Redistributing IPv4 Routes......................................................................................................... 504
Redistributing IPv6 Routes..........................................................................................................505
Configuring Authentication Passwords..................................................................................... 506
Setting the Overload Bit............................................................................................................. 506
Debugging IS-IS.......................................................................................................................... 507
IS-IS Metric Styles.............................................................................................................................508
Configure Metric Values...................................................................................................................508
Maximum Values in the Routing Table...................................................................................... 509
Change the IS-IS Metric Style in One Level Only......................................................................509
Leaks from One Level to Another............................................................................................... 511
Sample Configurations......................................................................................................................511
28 Link Aggregation Control Protocol (LACP)...............................................514
Introduction to Dynamic LAGs and LACP........................................................................................514
Important Points to Remember..................................................................................................514
LACP Modes.................................................................................................................................515
Configuring LACP Commands....................................................................................................515
LACP Configuration Tasks................................................................................................................ 516
Creating a LAG.............................................................................................................................516
Configuring the LAG Interfaces as Dynamic.............................................................................. 517
Setting the LACP Long Timeout..................................................................................................517
Monitoring and Debugging LACP...............................................................................................518
Shared LAG State Tracking............................................................................................................... 518
Configuring Shared LAG State Tracking.....................................................................................519
Important Points about Shared LAG State Tracking..................................................................520
LACP Basic Configuration Example..................................................................................................521
Configure a LAG on ALPHA.........................................................................................................521
29 Layer 2..............................................................................................................529
Manage the MAC Address Table...................................................................................................... 529
Clearing the MAC Address Table................................................................................................529
Setting the Aging Time for Dynamic Entries..............................................................................529
Configuring a Static MAC Address............................................................................................. 530
Displaying the MAC Address Table.............................................................................................530
MAC Learning Limit.......................................................................................................................... 530
Setting the MAC Learning Limit.................................................................................................. 531
mac learning-limit Dynamic....................................................................................................... 531
mac learning-limit mac-address-sticky..................................................................................... 531
mac learning-limit station-move............................................................................................... 532
mac learning-limit no-station-move......................................................................................... 532
Learning Limit Violation Actions.................................................................................................533
Setting Station Move Violation Actions...................................................................................... 533
Recovering from Learning Limit and Station Move Violations..................................................533
NIC Teaming..................................................................................................................................... 534
Configure Redundant Pairs...............................................................................................................535
Important Points about Configuring Redundant Pairs.............................................................. 537
Far-End Failure Detection................................................................................................................ 538
FEFD State Changes....................................................................................................................539
Configuring FEFD........................................................................................................................540
Enabling FEFD on an Interface....................................................................................................541
Debugging FEFD......................................................................................................................... 542
30 Link Layer Discovery Protocol (LLDP)........................................................544
802.1AB (LLDP) Overview.................................................................................................................544
Protocol Data Units.................................................................................................................... 544
Optional TLVs....................................................................................................................................545
Management TLVs...................................................................................................................... 545
TIA-1057 (LLDP-MED) Overview...................................................................................................... 547
TIA Organizationally Specific TLVs.............................................................................................548
Configure LLDP.................................................................................................................................552
Related Configuration Tasks.......................................................................................................552
Important Points to Remember..................................................................................................553
LLDP Compatibility......................................................................................................................553
CONFIGURATION versus INTERFACE Configurations....................................................................553
Enabling LLDP................................................................................................................................... 554
Disabling and Undoing LLDP......................................................................................................554
Enabling LLDP on Management Ports............................................................................................. 554
Disabling and Undoing LLDP on Management Ports................................................................554
Advertising TLVs................................................................................................................................555
Viewing the LLDP Configuration......................................................................................................556
Viewing Information Advertised by Adjacent LLDP Agents.............................................................557
Configuring LLDPDU Intervals......................................................................................................... 558
Configuring Transmit and Receive Mode........................................................................................ 558
Configuring a Time to Live............................................................................................................... 559
Debugging LLDP...............................................................................................................................560
Relevant Management Objects........................................................................................................ 561
31 Microsoft Network Load Balancing............................................................ 567
NLB Unicast and Multicast Modes....................................................................................................567
NLB Unicast Mode Example....................................................................................................... 567
NLB Multicast Mode Example.....................................................................................................568
NLB Benefits......................................................................................................................................568
NLB Restrictions................................................................................................................................568
NLB VLAN Flooding.......................................................................................................................... 569
Configuring NLB on a Switch...........................................................................................................569
..................................................................................................................................................... 569
32 Multicast Source Discovery Protocol (MSDP)...........................................570
Protocol Overview............................................................................................................................ 570
Anycast RP.........................................................................................................................................572
Implementation Information............................................................................................................ 572
Configure Multicast Source Discovery Protocol............................................................................. 572
Related Configuration Tasks.......................................................................................................572
Enable MSDP..................................................................................................................................... 576
Manage the Source-Active Cache....................................................................................................577
Viewing the Source-Active Cache..............................................................................................577
Limiting the Source-Active Cache............................................................................................. 578
Clearing the Source-Active Cache.............................................................................................578
Enabling the Rejected Source-Active Cache.............................................................................578
Accept Source-Active Messages that Fail the RFP Check...............................................................578
Specifying Source-Active Messages................................................................................................ 582
Limiting the Source-Active Messages from a Peer......................................................................... 583
Preventing MSDP from Caching a Local Source.............................................................................583
Preventing MSDP from Caching a Remote Source.........................................................................584
Preventing MSDP from Advertising a Local Source.........................................................................585
Logging Changes in Peership States................................................................................................586
Terminating a Peership.....................................................................................................................586
Clearing Peer Statistics..................................................................................................................... 586
Debugging MSDP..............................................................................................................................587
MSDP with Anycast RP......................................................................................................................587
Configuring Anycast RP....................................................................................................................589
Reducing Source-Active Message Flooding..............................................................................589
Specifying the RP Address Used in SA Messages.......................................................................589
MSDP Sample Configurations.......................................................................................................... 592
33 Multiple Spanning Tree Protocol (MSTP).................................................. 595
Protocol Overview............................................................................................................................595
Spanning Tree Variations..................................................................................................................596
Implementation Information......................................................................................................596
Configure Multiple Spanning Tree Protocol....................................................................................596
Related Configuration Tasks...................................................................................................... 596
Enable Multiple Spanning Tree Globally.......................................................................................... 597
Adding and Removing Interfaces..................................................................................................... 597
Creating Multiple Spanning Tree Instances..................................................................................... 597
Influencing MSTP Root Selection.................................................................................................... 599
Interoperate with Non-Dell Bridges................................................................................................ 599
Changing the Region Name or Revision.........................................................................................600
Modifying Global Parameters.......................................................................................................... 600
Modifying the Interface Parameters.................................................................................................601
Configuring an EdgePort..................................................................................................................602
Flush MAC Addresses after a Topology Change.............................................................................603
MSTP Sample Configurations.......................................................................................................... 603
Router 1 Running-ConfigurationRouter 2 Running-ConfigurationRouter 3 Running-
ConfigurationExample Running-Configuration........................................................................604
Debugging and Verifying MSTP Configurations..............................................................................607
34 Multicast Features..........................................................................................610
Enabling IP Multicast.........................................................................................................................610
Multicast with ECMP.........................................................................................................................610
Implementation Information.............................................................................................................611
First Packet Forwarding for Lossless Multicast................................................................................ 612
Multicast Policies...............................................................................................................................612
IPv4 Multicast Policies.................................................................................................................612
35 Open Shortest Path First (OSPFv2 and OSPFv3)...................................... 620
Protocol Overview............................................................................................................................620
Autonomous System (AS) Areas.................................................................................................620
Area Types................................................................................................................................... 621
Networks and Neighbors............................................................................................................622
Router Types............................................................................................................................... 622
Designated and Backup Designated Routers............................................................................ 624
Link-State Advertisements (LSAs)...............................................................................................624
Virtual Links................................................................................................................................. 626
Router Priority and Cost............................................................................................................. 626
OSPF Implementation.......................................................................................................................627
Fast Convergence (OSPFv2, IPv4 Only)..................................................................................... 627
Multi-Process OSPFv2 (IPv4 only).............................................................................................. 627
RFC-2328 Compliant OSPF Flooding........................................................................................ 628
OSPF ACK Packing......................................................................................................................629
Setting OSPF Adjacency with Cisco Routers............................................................................. 629
Configuration Information............................................................................................................... 630
Configuration Task List for OSPFv2 (OSPF for IPv4)................................................................. 630
Sample Configurations for OSPFv2................................................................................................. 645
Basic OSPFv2 Router Topology................................................................................................. 645
OSPF Area 0 — Te 1/1 and 1/2....................................................................................................645
OSPF Area 0 — Te 3/1 and 3/2...................................................................................................646
OSPF Area 0 — Te 2/1 and 2/2...................................................................................................646
Configuration Task List for OSPFv3 (OSPF for IPv6)....................................................................... 646
Enabling IPv6 Unicast Routing................................................................................................... 647
Assigning IPv6 Addresses on an Interface..................................................................................647
Assigning Area ID on an Interface.............................................................................................. 647
Assigning OSPFv3 Process ID and Router ID Globally.............................................................. 648
Configuring Stub Areas...............................................................................................................648
Configuring Passive-Interface....................................................................................................648
Redistributing Routes................................................................................................................. 649
Configuring a Default Route...................................................................................................... 649
OSPFv3 Authentication Using IPsec...........................................................................................650
Troubleshooting OSPFv3............................................................................................................657
36 Pay As You Grow ........................................................................................... 659
Installing a License............................................................................................................................659
Displaying License Information........................................................................................................662
37 PIM Sparse-Mode (PIM-SM)......................................................................... 664
Implementation Information............................................................................................................664
Protocol Overview............................................................................................................................664
Requesting Multicast Traffic.......................................................................................................664
Refuse Multicast Traffic.............................................................................................................. 665
Send Multicast Traffic................................................................................................................. 665
Configuring PIM-SM.........................................................................................................................666
Related Configuration Tasks...................................................................................................... 666
Enable PIM-SM................................................................................................................................. 666
Configuring S,G Expiry Timers......................................................................................................... 667
Configuring a Static Rendezvous Point...........................................................................................668
Overriding Bootstrap Router Updates....................................................................................... 669
Configuring a Designated Router.................................................................................................... 669
Creating Multicast Boundaries and Domains.................................................................................. 670
Enabling PIM-SM Graceful Restart...................................................................................................670
38 PIM Source-Specific Mode (PIM-SSM)....................................................... 671
Implementation Information............................................................................................................ 671
Important Points to Remember..................................................................................................671
Configure PIM-SMM......................................................................................................................... 672
Related Configuration Tasks.......................................................................................................672
Enabling PIM-SSM.............................................................................................................................672
Use PIM-SSM with IGMP Version 2 Hosts........................................................................................672
Configuring PIM-SSM with IGMPv2........................................................................................... 673
39 Policy-based Routing (PBR)......................................................................... 675
Overview............................................................................................................................................675
Implementing Policy-based Routing with Dell Networking OS......................................................677
Configuration Task List for Policy-based Routing...........................................................................677
PBR Exceptions (Permit).............................................................................................................680
Sample Configuration.......................................................................................................................683
Create the Redirect-List GOLDAssign Redirect-List GOLD to Interface 2/11View
Redirect-List GOLD.................................................................................................................... 684
40 Port Monitoring............................................................................................. 686
Local Port Monitoring.......................................................................................................................686
Important Points to Remember................................................................................................. 686
Examples of Port Monitoring..................................................................................................... 686
Configuring Port Monitoring......................................................................................................688
Remote Port Mirroring..................................................................................................................... 689
Remote Port Mirroring Example................................................................................................ 689
Configuring Remote Port Mirroring...........................................................................................690
Displaying a Remote-Port Mirroring Configuration..................................................................692
Configuring Remote Port Monitoring........................................................................................692
Encapsulated Remote-Port Monitoring.......................................................................................... 696
41 Private VLANs (PVLAN)..................................................................................698
Private VLAN Concepts.................................................................................................................... 698
Using the Private VLAN Commands................................................................................................ 699
Configuration Task List.....................................................................................................................700
Creating PVLAN ports.................................................................................................................700
Creating a Primary VLAN.............................................................................................................701
Creating a Community VLAN..................................................................................................... 702
Creating an Isolated VLAN..........................................................................................................703
Private VLAN Configuration Example.............................................................................................. 704
Inspecting the Private VLAN Configuration..................................................................................... 705
42 Per-VLAN Spanning Tree Plus (PVST+)......................................................708
Protocol Overview............................................................................................................................708
Implementation Information............................................................................................................709
Configure Per-VLAN Spanning Tree Plus........................................................................................ 709
Related Configuration Tasks.......................................................................................................709
Enabling PVST+.................................................................................................................................709
Disabling PVST+................................................................................................................................ 710
Influencing PVST+ Root Selection................................................................................................... 710
Modifying Global PVST+ Parameters................................................................................................712
Modifying Interface PVST+ Parameters............................................................................................713
Configuring an EdgePort.................................................................................................................. 714
PVST+ in Multi-Vendor Networks.....................................................................................................715
Enabling PVST+ Extend System ID................................................................................................... 715
PVST+ Sample Configurations..........................................................................................................716
43 Quality of Service (QoS)................................................................................ 718
Implementation Information............................................................................................................ 718
Port-Based QoS Configurations.......................................................................................................719
Setting dot1p Priorities for Incoming Traffic.............................................................................. 719
Honoring dot1p Priorities on Ingress Traffic..............................................................................720
Configuring Port-Based Rate Policing.......................................................................................720
Configuring Port-Based Rate Shaping........................................................................................721
Policy-Based QoS Configurations....................................................................................................722
Classify Traffic............................................................................................................................. 722
Create a QoS Policy.................................................................................................................... 728
Create Policy Maps......................................................................................................................731
DSCP Color Maps..............................................................................................................................735
Creating a DSCP Color Map....................................................................................................... 735
Displaying DSCP Color Maps......................................................................................................736
Displaying a DSCP Color Policy Configuration .........................................................................736
Enabling QoS Rate Adjustment.........................................................................................................737
Enabling Strict-Priority Queueing.................................................................................................... 738
Weighted Random Early Detection..................................................................................................738
Creating WRED Profiles.............................................................................................................. 739
Applying a WRED Profile to Traffic.............................................................................................740
Displaying Default and Configured WRED Profiles................................................................... 740
Displaying WRED Drop Statistics................................................................................................740
Explicit Congestion Notification.......................................................................................................741
ECN Packet Classification........................................................................................................... 741
Example: Color-marking non-ECN Packets in One Traffic Class.............................................742
Example: Color-marking non-ECN Packets in Different Traffic Classes..................................742
Using A Configurable Weight for WRED and ECN.......................................................................... 743
Benefits of Using a Configurable Weight for WRED with ECN................................................. 744
Setting Average Queue Size using a Weight..............................................................................744
Global Service-Pools for WRED with ECN.................................................................................745
Configuring a Weight for WRED and ECN Operation............................................................... 746
Pre-Calculating Available QoS CAM Space..................................................................................... 747
SNMP Support for Buffer Statistics Tracking................................................................................... 748
44 Routing Information Protocol (RIP)...........................................................749
Protocol Overview............................................................................................................................749
RIPv1............................................................................................................................................ 749
RIPv2............................................................................................................................................749
Implementation Information............................................................................................................750
Configuration Information............................................................................................................... 750
Configuration Task List............................................................................................................... 750
RIP Configuration Example.........................................................................................................757
45 Remote Monitoring (RMON)........................................................................763
Implementation Information............................................................................................................ 763
Fault Recovery...................................................................................................................................763
Setting the RMON Alarm............................................................................................................ 764
Configuring an RMON Event...................................................................................................... 765
Configuring RMON Collection Statistics....................................................................................765
Configuring the RMON Collection History................................................................................766
46 Rapid Spanning Tree Protocol (RSTP)........................................................767
Protocol Overview............................................................................................................................ 767
Configuring Rapid Spanning Tree.................................................................................................... 767
Related Configuration Tasks.......................................................................................................767
Important Points to Remember........................................................................................................767
RSTP and VLT.............................................................................................................................. 768
Configuring Interfaces for Layer 2 Mode.........................................................................................768
Enabling Rapid Spanning Tree Protocol Globally............................................................................769
Adding and Removing Interfaces......................................................................................................771
Modifying Global Parameters........................................................................................................... 772
Enabling SNMP Traps for Root Elections and Topology Changes............................................773
Modifying Interface Parameters........................................................................................................773
Influencing RSTP Root Selection......................................................................................................774
Configuring an EdgePort.................................................................................................................. 774
Configuring Fast Hellos for Link State Detection.............................................................................775
47 Security.............................................................................................................777
Role-Based Access Control.............................................................................................................. 777
Overview of RBAC....................................................................................................................... 777
User Roles................................................................................................................................... 780
AAA Authentication and Authorization for Roles.......................................................................784
Role Accounting..........................................................................................................................787
Display Information About User Roles.......................................................................................788
AAA Accounting................................................................................................................................ 789
Configuration Task List for AAA Accounting..............................................................................789
AAA Authentication........................................................................................................................... 791
Configuration Task List for AAA Authentication.........................................................................791
Obscuring Passwords and Keys....................................................................................................... 794
AAA Authorization............................................................................................................................. 795
Privilege Levels Overview............................................................................................................795
Configuration Task List for Privilege Levels............................................................................... 795
RADIUS..............................................................................................................................................800
RADIUS Authentication and Authorization................................................................................800
Configuration Task List for RADIUS............................................................................................801
TACACS+.......................................................................................................................................... 804
Configuration Task List for TACACS+........................................................................................804
TACACS+ Remote Authentication and Authorization.............................................................. 806
Command Authorization............................................................................................................807
Protection from TCP Tiny and Overlapping Fragment Attacks......................................................808
Enabling SCP and SSH......................................................................................................................808
Using SCP with SSH to Copy a Software Image........................................................................809
Removing the RSA Host Keys and Zeroizing Storage ...............................................................810
Configuring When to Re-generate an SSH Key ........................................................................810
Configuring the SSH Server Cipher List......................................................................................810
Configuring the HMAC Algorithm for the SSH Server................................................................811
Configuring the SSH Server Cipher List......................................................................................812
Secure Shell Authentication........................................................................................................812
Troubleshooting SSH.................................................................................................................. 815
Telnet.................................................................................................................................................815
VTY Line and Access-Class Configuration.......................................................................................816
VTY Line Local Authentication and Authorization..................................................................... 816
VTY Line Remote Authentication and Authorization................................................................. 817
VTY MAC-SA Filter Support.........................................................................................................817
48 Service Provider Bridging.............................................................................819
VLAN Stacking................................................................................................................................... 819
Important Points to Remember................................................................................................. 820
Configure VLAN Stacking............................................................................................................821
Creating Access and Trunk Ports................................................................................................821
Enable VLAN-Stacking for a VLAN............................................................................................. 822
Configuring the Protocol Type Value for the Outer VLAN Tag................................................ 822
Configuring Options for Trunk Ports......................................................................................... 822
Debugging VLAN Stacking..........................................................................................................823
VLAN Stacking in Multi-Vendor Networks.................................................................................824
VLAN Stacking Packet Drop Precedence.........................................................................................827
Enabling Drop Eligibility.............................................................................................................. 827
Honoring the Incoming DEI Value.............................................................................................828
Marking Egress Packets with a DEI Value.................................................................................. 829
Dynamic Mode CoS for VLAN Stacking...........................................................................................829
Mapping C-Tag to S-Tag dot1p Values......................................................................................831
Layer 2 Protocol Tunneling.............................................................................................................. 831
Implementation Information......................................................................................................833
Enabling Layer 2 Protocol Tunneling.........................................................................................833
Specifying a Destination MAC Address for BPDUs....................................................................834
Setting Rate-Limit BPDUs...........................................................................................................834
Debugging Layer 2 Protocol Tunneling.....................................................................................835
Provider Backbone Bridging.............................................................................................................835
49 sFlow................................................................................................................ 836
Overview........................................................................................................................................... 836
Implementation Information............................................................................................................836
Important Points to Remember..................................................................................................837
Enabling and Disabling sFlow...........................................................................................................837
Enabling and Disabling sFlow on an Interface.................................................................................837
Enabling sFlow Max-Header Size Extended.................................................................................... 837
sFlow Show Commands...................................................................................................................839
Displaying Show sFlow Global................................................................................................... 839
Displaying Show sFlow on an Interface.....................................................................................839
Displaying Show sFlow on a Line Card......................................................................................840
Configuring Specify Collectors........................................................................................................840
Changing the Polling Intervals.........................................................................................................840
Back-Off Mechanism........................................................................................................................841
sFlow on LAG ports...........................................................................................................................841
Enabling Extended sFlow..................................................................................................................841
Important Points to Remember................................................................................................. 842
50 Simple Network Management Protocol (SNMP)..................................... 844
Protocol Overview............................................................................................................................844
Implementation Information............................................................................................................844
Configuration Task List for SNMP....................................................................................................844
Related Configuration Tasks...................................................................................................... 845
Important Points to Remember....................................................................................................... 845
Set up SNMP..................................................................................................................................... 845
Creating a Community............................................................................................................... 845
Setting Up User-Based Security (SNMPv3)................................................................................ 846
Reading Managed Object Values..................................................................................................... 847
Writing Managed Object Values...................................................................................................... 848
Configuring Contact and Location Information using SNMP........................................................ 848
Subscribing to Managed Object Value Updates using SNMP.........................................................849
Enabling a Subset of SNMP Traps....................................................................................................850
Copy Configuration Files Using SNMP.............................................................................................852
Copying a Configuration File..................................................................................................... 854
Copying Configuration Files via SNMP...................................................................................... 855
Copying the Startup-Config Files to the Running-Config........................................................855
Copying the Startup-Config Files to the Server via FTP............................................................856
Copying the Startup-Config Files to the Server via TFTP..........................................................856
Copy a Binary File to the Startup-Configuration....................................................................... 857
Additional MIB Objects to View Copy Statistics.........................................................................857
Obtaining a Value for MIB Objects.............................................................................................858
MIB Support to Display the Available Memory Size on Flash..........................................................859
Viewing the Available Flash Memory Size..................................................................................859
MIB Support to Display the Software Core Files Generated by the System...................................859
Viewing the Software Core Files Generated by the System..................................................... 860
Manage VLANs using SNMP.............................................................................................................860
Creating a VLAN..........................................................................................................................860
Assigning a VLAN Alias................................................................................................................ 861
Displaying the Ports in a VLAN................................................................................................... 861
Add Tagged and Untagged Ports to a VLAN..............................................................................861
Managing Overload on Startup........................................................................................................862
Enabling and Disabling a Port using SNMP..................................................................................... 863
Fetch Dynamic MAC Entries using SNMP........................................................................................863
Deriving Interface Indices.................................................................................................................865
Monitor Port-Channels.................................................................................................................... 866
Troubleshooting SNMP Operation...................................................................................................867
51 Storm Control.................................................................................................868
Configure Storm Control................................................................................................................. 868
Configuring Storm Control from INTERFACE Mode.................................................................868
Configuring Storm Control from CONFIGURATION Mode......................................................868
52 Spanning Tree Protocol (STP)......................................................................869
Protocol Overview............................................................................................................................869
Configure Spanning Tree................................................................................................................. 869
Related Configuration Tasks...................................................................................................... 869
Important Points to Remember.......................................................................................................869
Configuring Interfaces for Layer 2 Mode.........................................................................................870
Enabling Spanning Tree Protocol Globally...................................................................................... 871
Adding an Interface to the Spanning Tree Group........................................................................... 873
Modifying Global Parameters...........................................................................................................874
Modifying Interface STP Parameters................................................................................................875
Enabling PortFast.............................................................................................................................. 875
Preventing Network Disruptions with BPDU Guard........................................................................876
Selecting STP Root........................................................................................................................... 878
STP Root Guard................................................................................................................................ 879
Root Guard Scenario.................................................................................................................. 879
Configuring Root Guard.............................................................................................................880
Enabling SNMP Traps for Root Elections and Topology Changes................................................. 881
STP Loop Guard................................................................................................................................ 881
Configuring Loop Guard............................................................................................................ 882
Displaying STP Guard Configuration............................................................................................... 883
53 System Time and Date...................................................................................885
Network Time Protocol....................................................................................................................885
Protocol Overview......................................................................................................................886
Configure the Network Time Protocol...................................................................................... 887
Enabling NTP...............................................................................................................................887
Configuring NTP Broadcasts...................................................................................................... 887
Disabling NTP on an Interface................................................................................................... 888
Configuring a Source IP Address for NTP Packets....................................................................888
Configuring NTP Authentication................................................................................................888
Time and Date...................................................................................................................................892
Configuration Task List ..............................................................................................................892
Setting the Time and Date for the Switch Software Clock....................................................... 892
Setting the Timezone................................................................................................................. 892
Set Daylight Saving Time............................................................................................................ 893
Setting Daylight Saving Time Once............................................................................................893
Setting Recurring Daylight Saving Time.................................................................................... 894
54 Tunneling ....................................................................................................... 896
Configuring a Tunnel........................................................................................................................896
Configuring Tunnel Keepalive Settings............................................................................................897
Configuring a Tunnel Interface........................................................................................................898
Configuring Tunnel allow-remote Decapsulation..........................................................................898
Configuring Tunnel source anylocal Decapsulation.......................................................................899
Multipoint Receive-Only Tunnels.................................................................................................... 899
Guidelines for Configuring Multipoint Receive-Only Tunnels................................................. 899
55 Upgrade Procedures......................................................................................901
Upgrade OverviewGet Help with Upgrades.....................................................................................901
Z9500 Bootup and Upgrades...........................................................................................................901
56 Uplink Failure Detection (UFD)....................................................................903
Feature Description.......................................................................................................................... 903
How Uplink Failure Detection Works.............................................................................................. 904
UFD and NIC Teaming......................................................................................................................905
Important Points to Remember....................................................................................................... 905
Configuring Uplink Failure Detection..............................................................................................906
Clearing a UFD-Disabled Interface..................................................................................................908
Displaying Uplink Failure Detection.................................................................................................909
Sample Configuration: Uplink Failure Detection..............................................................................911
57 Virtual LANs (VLANs)...................................................................................... 913
Default VLAN..................................................................................................................................... 913
Port-Based VLANs.............................................................................................................................914
VLANs and Port Tagging...................................................................................................................914
Configuration Task List..................................................................................................................... 915
Creating a Port-Based VLAN.......................................................................................................915
Assigning Interfaces to a VLAN...................................................................................................916
Moving Untagged Interfaces.......................................................................................................917
Assigning an IP Address to a VLAN.............................................................................................918
Configuring Native VLANs................................................................................................................ 919
Enabling Null VLAN as the Default VLAN.........................................................................................920
58 Virtual Routing and Forwarding (VRF)....................................................... 921
VRF Overview.................................................................................................................................... 921
VRF Configuration Notes..................................................................................................................922
DHCP...........................................................................................................................................925
VRF Configuration.............................................................................................................................925
Load VRF CAM.............................................................................................................................925
Creating a Non-Default VRF Instance........................................................................................925
Assigning an Interface to a VRF..................................................................................................925
Assigning a Front-end Port to a Management VRF...................................................................926
View VRF Instance Information..................................................................................................926
Assigning an OSPF Process to a VRF Instance...........................................................................927
Configuring VRRP on a VRF Instance.........................................................................................927
Configuring Management VRF...................................................................................................928
Configuring a Static Route......................................................................................................... 928
Sample VRF Configuration............................................................................................................... 929
Route Leaking VRFs.......................................................................................................................... 936
Dynamic Route Leaking................................................................................................................... 936
Configuring Route Leaking without Filtering Criteria................................................................936
Configuring Route Leaking with Filtering.................................................................................. 939
59 Virtual Link Trunking (VLT).......................................................................... 942
Overview........................................................................................................................................... 942
VLT on Core Switches................................................................................................................ 943
Enhanced VLT............................................................................................................................. 943
VLT Terminology.............................................................................................................................. 944
Configure Virtual Link Trunking....................................................................................................... 945
Important Points to Remember................................................................................................. 945
Configuration Notes...................................................................................................................946
Primary and Secondary VLT Peers............................................................................................. 949
Loading...
+ 1009 hidden pages