Dell Force10 MXL Blade MXL 10/40GbE Switch IO Module Configuration Guide
Dell Force10 MXL Blade Manual
View all Dell Force10 MXL Blade manuals
Add to My Manuals
Save this manual to your list of manuals |
Dell Force10 MXL Blade manual content summary:
- Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 1
Dell Force10 Configuration Guide for the MXL 10/40GbE Switch IO Module Publication Date: March 2013 - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 2
loss of data and tells you how to avoid the problem. WARNING: A WARNING indicates a potential for property damage, personal injury, or death. Information in this publication is subject to change without notice. © 2013 Dell Force10. All rights reserved. Reproduction of these materials in any manner - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 3
a Host Name 42 Access the System Remotely 42 Access the MXL Switch Remotely 42 Configure the Management Port IP Address 43 Configure a Management Route 43 Configure a Username and Password 44 Configure the Enable Password 44 Configuration File Management 45 Copy Files to and from the System - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 4
timestamp on Syslog Messages 61 File Transfer Services 61 Configuration Task List for File Transfer Services 61 Enable the FTP Server 62 Configure the FTP Server Parameters 62 Configure FTP Client Parameters 63 Terminal Lines 63 Configure Login Authentication for Terminal Lines 64 Time - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 5
Tagging 97 Continue Clause 98 6 Bare Metal Provisioning (BMP 101 Overview 101 Auto-Configuration 103 BMP Mode 103 MAC-Based IP Assignment 103 DHCP Configuration 104 IP Server 105 Domain Name Server 105 Boot Commands 106 System Boot and Set-Up Behavior 106 7 Content Addressable Memory - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 6
for DCBX CIN 129 Applying DCB Policies in a Switch Stack 131 Configuring DCBX Operation 132 DCBX Operation 132 DCBX Port Roles 133 DCB Configuration Exchange 134 Configuration Source Election 135 Propagation of DCB Information 135 Auto-Detection and Manual Configuration of the DCBX Version - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 7
165 Address Resolution using DNS 165 Address Resolution using NetBIOS WINS 166 Create Manual Binding Entries 166 Debug DHCP Server 167 DHCP Clear Commands 167 Configure the System to be a Relay Agent 167 Configure the System to be a DHCP Client 169 DHCP Client on a Management Interface 175 - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 8
| support.dell.com DHCP MAC Source Address Validation 185 IP+MAC Source Address Validation 185 10 FIP Snooping 187 Fibre Channel over Ethernet 187 Ensuring Robustness in a Converged Ethernet Network 187 FIP Snooping on Ethernet Bridges 189 FIP Snooping in a Switch Stack 191 Configuring FIP - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 9
Task List for Physical Interfaces 223 Overview of Layer Modes 224 Configure Layer 2 (Data Link) Mode 224 Configure Layer 3 (Network) Mode 225 Management Interfaces 226 Configure Management Interfaces on the MXL Switch 227 VLAN Interfaces 229 Loopback Interfaces 230 Null Interfaces 230 Port - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 10
www.dell.com | support.dell.com Exclude a Smaller Port Range 240 Overlap Port Ranges 240 an Interface 246 Layer 2 Flow Control Using Ethernet Pause Frames 247 Enable Pause Frames 247 Configure MTU Size on an Interface 248 Port-Pipes 249 Auto-Negotiation on Ethernet Interfaces 250 Setting - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 11
Broadcast Addresses 274 UDP Helper with No Configured Broadcast Addresses 275 Troubleshooting UDP Helper 275 15 iSCSI Optimization 277 iSCSI Optimization Overview 277 Monitoring iSCSI Traffic Flows 279 Application of Quality of Service to iSCSI Traffic Flows 279 Information Monitored - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 12
www.dell.com | support.dell.com 10 | LACP Basic Configuration Example 294 Configuring a LAG on ALPHA 295 Summary of the Configuration on ALPHA 299 Summary of the Configuration on BRAVO 300 17 Layer 2 305 Managing the MAC Address Table 305 Clear the MAC Address Table 305 Set the Aging Time - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 13
Management Objects 331 19 Multiple Spanning Tree Protocol (MSTP 337 Overview 337 Implementation Information 338 Configure Multiple Spanning Tree Protocol 338 Related Configuration Tasks 338 Enable Multiple Spanning Tree Globally 339 Create Multiple Spanning Tree Instances 339 Influence MSTP - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 14
www.dell.com | support.dell.com Configuration Information 365 Configuration Task List for OSPFv2 (OSPF for IPv4 366 Enable OSPFv2 366 Enable Multi-Process OSPF 368 Assign an OSPFv2 area 369 Enable OSPFv2 on Interfaces 369 Configure Stub Areas 371 Configure LSA Throttling Timers 372 Enable - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 15
PVST+ in Multi-vendor Networks 411 PVST+ Extended System ID 411 PVST+ Sample Configurations 413 24 Quality of Service (QoS 415 Overview 415 Implementation Information 417 Port-Based QoS Configurations 417 Set dot1p Priorities for Incoming Traffic 418 Honor dot1p Priorities on Ingress Traffic - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 16
www.dell.com | support.dell.com 14 | Implementation Information 436 Configuration Information 436 Configuration Task List for RIP 436 Enable RIP Globally 437 Configure RIP on Interfaces 438 Control RIP Routing Updates 439 Set the Send and Receive Version 440 Generate a Default Route 442 - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 17
RADIUS 487 Apply the Method List to Terminal Lines 487 Specify a RADIUS Server Host 487 Set the Global Communication Parameters for all RADIUS Server Hosts . . . .488 Monitor RADIUS 489 TACACS 489 Configuration Task List for TACACS 489 Choose TACACS+ as the Authentication Method 490 Monitor - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 18
www.dell.com | support.dell.com 16 | Using SCP with SSH to Copy a Software Image 495 Secure Based SSH Authentication 497 Client-based SSH Authentication 499 Troubleshooting SSH 499 Telnet 500 VTY Line and Access-Class Configuration 500 VTY Line Local Authentication and Authorization 500 VTY - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 19
Object Value Updates using SNMP 522 Copy Configuration Files Using SNMP Troubleshooting SNMP Operations 544 31 Stacking 545 Overview 545 Stacking MXL 10/40GbE Switches 545 Stack Management Roles 546 Stack Master Election 547 Failover Roles 548 MAC Addressing 548 Stacking LAG 548 Supported - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 20
www.dell.com | support.dell.com 18 | Merging Two Stacks 558 Splitting a Stack 559 Managing Redundant Stack Management 559 Reset a Unit on a Stack 560 Verifying a Stack Configuration 560 Using LEDs 560 Using Show Commands 560 Troubleshooting a Switch Stack 565 Troubleshooting Commands 565 - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 21
NTP on an Interface 599 Configure a Source IP Address for NTP Packets 599 Configure NTP Authentication 600 FTOS Time and Date 603 Configuring Time and Date Settings 603 Set the Time and Date for the Switch Hardware Clock 603 Set the Time and Date for the Switch Software Clock 604 Set the - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 22
www.dell.com | support.dell.com 20 | VLANs and Port Tagging 625 Configuration Troubleshoot an Under-Voltage Condition 655 Buffer Tuning 656 Deciding to Tune Buffers 658 Buffer Tuning Commands 658 Using a Pre-Defined Buffer Profile 660 Sample Buffer Profile Configuration 661 Troubleshooting - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 23
Displaying Drop Counters 662 Dataplane Statistics 664 Displaying Stack Port Statistics 666 Displaying Stack Member Counters 666 Application Core Dumps 667 Mini Core Dumps 667 TCP Dumps 669 40 Standards Compliance 671 IEEE Compliance 671 RFC and I-D Compliance 672 General Internet Protocols - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 24
22 | www.dell.com | support.dell.com - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 25
this Guide Objectives This guide describes the supported protocols and software features, and provides configuration instructions and examples, for the Dell Force10 MXL 10/40GbE Switch IO Module running FTOS version 8.3.16.4. The MXL 10/40GbE Switch IO Module is installed in a Dell PowerEdge M1000e - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 26
-configurable. * Exception This symbol is a note associated with some other text on the page that is marked with an asterisk. Related Documents For more information about the Dell Force10 MXL 10/40GbE Switch IO Module, refer to the following documents: • FTOS Command Reference • Users's Guide - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 27
The Dell Force10 operating software (FTOS) command line interface (CLI) is a text-based interface through which you can configure configure an MXL Switch, refer to the Dell Chassis Management Controller (CMC) User's Guide on the Dell Support website at http://support.dell.com/support/edocs - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 28
www.dell.com | support.dell.com CLI Modes Different sets of commands are available in each mode is the mode in which you configure Layer 2 and Layer 3 protocols and IP services specific to an interface. An interface can be physical (management interface, 10-Gigabit Ethernet, or 40-Gigabit Ethernet) - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 29
of the end command, which takes you directly to EXEC Privilege mode and the exit command moves you up one command mode level. Note: Sub-CONFIGURATION modes all have the letters "conf" in the prompt with additional modifiers to identify the mode and slot/port information. These are shown in Table - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 30
dell.com | support.dell.com Table 2-1. FTOS Command Modes CLI Command Mode CONFIGURATION Prompt FTOS(conf)# Access Command • From EXEC privilege mode, enter the command configure Note: Access the following modes from CONFIGURATION mode: 10 Gigabit Ethernet Interface 40 Gigabit Ethernet Interface - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 31
-tree 0 FTOS(conf-stp)# New command prompt The do Command Enter an EXEC mode or EXEC privilege mode command from any CONFIGURATION mode (CONFIGURATION, INTERFACE, SPANNING TREE, etc.) without returning to EXEC mode by preceding the EXEC mode command with the command do. Figure 2-4 illustrates - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 32
www.dell.com | support.dell.com Figure 2-4. MXL-10/40GbE MXL-10/40GbE 8-3-16-47 56 1 Member not present 2 Member not present 3 Member not present 4 Member not present 5 Member not present Undoing Commands When you enter a command, the command line is added to the running configuration - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 33
available keywords. The output of this command is the same for the help command. Figure 2-6. ? Command Example FTOS#? start capture cd clear clock configure copy --More-- "?" at prompt for list of commands Start Shell Capture Packet Change current directory Reset functions Manage the system clock - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 34
www.dell.com | support.dell.com Entering and Editing Commands When entering commands: • The CLI is not case sensitive. • You can enter partial CLI keywords. • word. Moves the cursor forward one word. Deletes all characters from the cursor to the end of the word. 32 | Configuration Fundamentals - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 35
the UP and DOWN arrow keys display the previously-entered EXEC mode commands. • When you are in CONFIGURATION mode, the UP or DOWN arrows keys recall the previously-entered CONFIGURATION mode commands. Filtering show Command Outputs Filter the output of a show command to display specific information - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 36
dell.com | support.dell.com • except displays text that does not match the specified text. Figure 2-10 shows this command used in combination with the do show stack-unit all stack-ports all pfc details | except 0 command. Figure 2-10 | find regular-expression | save 34 | Configuration Fundamentals - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 37
over the console, Message 2 appears: Message 2 Multiple Users in Configuration Mode Telnet Message % Warning: User "" on line vty0 "10.11.130.2" is in configuration mode If either of these messages appear, Dell Force10 recommends coordinating with the users listed in the message so that - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 38
36 | Configuration Fundamentals www.dell.com | support.dell.com - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 39
monitor displays the Dell Force10 operating software (FTOS) banner and EXEC mode prompt (Figure 3-2). For details about using the command line interface (CLI), refer to the Accessing the Command Line section in the Configuration Fundamentals chapter. Console access The MXL 10/40GbE Switch IO Module - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 40
www.dell.com | support.dell.com Figure 3-1. Serial Console Flex IO Module in Expansion slot 1 Flex IO Module in Expansion slot 0 USB Storage port 40 GbE QSFP+ ports USB Console port 38 | Getting Started - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 41
to connect the MXL 10/40GbE Switch IO Module console port to a terminal server. Connect the other end of the cable to the DTE terminal server. Terminal settings on the Installation Procedure in the Getting Started Guide, the MXL Switch boots up. The MXL Switch with FTOS version 8.3.16.1 requires boot - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 42
www.dell.com | support.dell.com Done Initialized eMMC Host Controller Detected SD Card BLC is 1 (preset 10) Hit any key to stop autoboot: 0 Boot Image selection Reading the 320 MB 464 MB -> 2192 MB U-Boot 2010.03-rc1(Dell Force10) Built by build at tools-sjc-01 on Thu May 31 23:53: - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 43
Force10 application Welcome to Dell Easy Setup Wizard The setup wizard guides you through the initial switch configuration, and gets you up and running as quickly as possible. You can skip the setup wizard, and enter CLI mode to manually configure the switch. You must respond to the next question - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 44
a Hostname Default Hostname FTOS(conf)#hostname R1 R1(conf)# New Hostname Command Mode CONFIGURATION Access the System Remotely You can configure the system to access it remotely by Telnet. The MXL 10/40GbE Switch IO Module has a dedicated management port and a management routing table that is - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 45
routes are separate from IP routes and are only used to manage the system through the management port. To configure a management route, follow this step: Step Task 1 Configure a management route to the network from which you are accessing the system. Command Syntax Command Mode management route - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 46
dell.com | support.dell.com Configure a Username and Password Configure a system username and password to access the system remotely. To configure a username and password, follow this step: Step Task 1 Configure encrypted password from the configuration file of another Dell Force10 system. Can be - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 47
Configuration File Management You can store on and access files from various storage media. Rename, delete, and copy files on the system from EXEC Privilege mode. Note: Using flash memory cards in the system that have not been approved by Dell Force10 to the FTOS Command Reference Guide. • To copy a - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 48
copy ftp://myusername:[email protected]//FTOS/FTOS-EF-8.2.1.0.bin flash:// Destination file name [FTOS-EF-8.2.1.0.bin.bin 26292881 bytes successfully copied Save the Running-Configuration The running-configuration contains the current system configuration. Dell Force10 recommends copying your - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 49
filename copy running-config scp:// username:password@{hostip | hostname}/filepath/ filename EXEC Privilege Note: When copying to a server, you can only use a hostname if a DNS server is configured. View Files You can only view file information and content on local file systems. To view a list of - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 50
www.dell.com | support.dell.com Figure 3-7. Viewing a List of Files in the Internal Flash FTOS#dir Directory of flash: 1 drwx 2 drwx 3 drwx 4 drwx 5 d--6 -rwx 7 -rwx 8 -rwx 9 -rwx 10 -rwx 11 -rwx 12 -rwx 13 -rwx 4096 2048 4096 4096 4096 1272 10093 217155 5162 10507 4 6900 1244038 Jan 01 1980 00: - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 51
241/dt-m1000e-3-b2 boot system gateway 10.11.209.254 --More-- File System Management The Dell Force10 system can use the internal Flash, USB Flash, or remote devices to store files. The system stores files on the internal Flash by default, but you can configure it to store files elsewhere. To view - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 52
dell.com | support.dell.com You can change the default storage location to the USB Flash (Figure 3-10). File management commands then apply to the USB Flash rather than the internal Flash. Figure 3-10 from vty0 (10.11.68.5) [5/18 21:58:48]: CMD-(TEL0):[configure]by admin from vty0 (10.11.68.5) - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 53
4 Management This chapter explains the different protocols or services used to manage the Dell Force10 system including: • Configure Privilege Levels • Configure Logging • File Transfer Services • Terminal Lines • Lock CONFIGURATION Mode • Recovering from a Forgotten Password • Recovering from a - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 54
www.dell.com | support.dell.com Removing a Command from EXEC Mode Remove a command from the list of available commands in EXEC mode for a specific privilege level using the privilege exec command from CONFIGURATION mode. In the command, specify a level greater than the level given to a user or - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 55
capture bgp-pdu max-buffer-size command from EXEC Privilege to EXEC mode by requiring a minimum privilege level 3, which is the configured level for VTY 0 • allows access to CONFIGURATION mode with the banner command • allows access to INTERFACE and LINE modes with the no command Management | 53 - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 56
www.dell.com | support.dell.com Figure 4-1. Create a Custom Privilege Level Apply a Privilege Level to a Username FTOS(conf)#do show run privilege ! FTOS(conf)#privilege exec level 3 capture FTOS(conf)#privilege exec level 3 configure FTOS(conf)#privilege exec level 4 resequence FTOS(conf)# - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 57
system using event and error messages. By default, FTOS logs these messages on: • the internal buffer • console and terminal lines • any configured syslog servers Log Messages in the Internal Buffer All error messages, except those beginning with %BOOTUP (Message), are logged in the internal buffer - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 58
www.dell.com | support.dell.com Disable System Logging By default, logging is enabled and log messages are sent to the logging buffer, all terminal lines, console, and syslog servers. To enable and disable system logging: Task Disable all logging except on the console. Disable logging to the - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 59
To change the severity level of messages logged to a syslog server, use any or all of the following commands in CONFIGURATION mode: Task Specify the minimum severity level for logging to the logging buffer. Specify the minimum severity level for logging to the console. Specify the - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 60
www.dell.com | support.dell.com Figure 4-2. show logging Command Example FTOS#show logging Syslog logging: 172.16.1.162 Logging to 133.33.33.4 Logging to 10.10.10.4 Logging to 10.1.2.4 May 20 20:00:10: %STKUNIT0-M:CP %SYS-5-CONFIG_I: Configured from vty0 ( 10.11.68 .5 )by admin May 20 19:57:45: - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 61
configure a UNIX logging facility level, use the following command in CONFIGURATION mode: Command Syntax logging facility [facility-type] Command Mode CONFIGURATION logging ! logging buffered 524288 debugging service timestamps log datetime msec service timestamps debug datetime msec ! logging - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 62
www.dell.com | support.dell.com Synchronize log messages You can configure FTOS to filter and consolidate system messages for . To synchronize log messages, use these commands in the following sequence starting in CONFIGURATION mode: Step Command Syntax 1 line {console 0 | vty number [end-number - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 63
is not supported on VLAN interfaces. For more information about FTP, refer to RFC 959, File Transfer Protocol. Configuration Task List for File Transfer Services The following list includes the configuration tasks for file transfer services: • Enable the FTP Server (mandatory) • Configure the FTP - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 64
www.dell.com | support.dell.com Enable the FTP Server To enable the system as an FTP server, use the following command in CONFIGURATION mode: Command Syntax ftp-server enable Command Mode Purpose CONFIGURATION Enable FTP on the system. To view the FTP configuration, enter the show running-config - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 65
of accessing the system. The virtual terminal lines (VTY) connect you through Telnet to the system. Deny and Permit Access to a Terminal Line Dell Force10 recommends applying only standard access control lists (ACLs) to deny and permit access to VTY lines. • Layer 3 ACL deny all traffic that is - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 66
dell.com | support.dell.com Figure 4-5. Applying an Access List to a VTY Line FTOS(conf-std-nacl)#show config ! ip access-list standard myvtyacl seq 5 permit host 10 server to authenticate. • tacacs+-Prompt for a username and password and use a TACACS+ server to authenticate. To configure - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 67
a single authentication method, line (Figure 4-6). Figure 4-6. Configuring Login Authentication on a Terminal Line FTOS(conf)#aaa authentication the number of minutes and seconds. exec-timeout minutes [seconds] Default: 10 minutes on console, 30 minutes on VTY. Disable EXEC timeout by setting - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 68
www.dell.com | support.dell.com Figure 4-7. Configuring EXEC Timeout FTOS(conf)#line con 0 FTOS(conf-line-console EXEC Privilege Figure 4-8. Telnet to Another Network Device FTOS# telnet 10.11.80.203 Trying 10.11.80.203... Connected to 10.11.80.203. Exit character is '^]'. Login: Login: admin - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 69
means that you can exit to EXEC Privilege mode, and re-enter CONFIGURATION mode, without having to set the lock again. • Set a manual lock using the configure terminal lock command from CONFIGURATION mode. When you configure a manual lock, which is the default, you must enter this command each time - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 70
www.dell.com | support.dell.com You can then send any user a message using the switching them back on. Hit any key to abort the boot process. You enter uBoot i mme id at ely, as indicated by the => prompt. hit any key (during bootup) Set the system parameters to ignore the startup configuration - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 71
system. reset uBoot Configure a new enable password. enable {secret | password} CONFIGURATION Save the running-config supporting commands, and other commands that can help recover from a failed start, refer to the Boot User chapter in the FTOS Command Line Reference for the MXL 10/40GbE Switch - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 72
70 | Management www.dell.com | support.dell.com - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 73
filter (if configured) is applied. When a packet matches a filter, the switch drops or forwards the packet based on the filter's specified action. If the packet does not match any of the filters in the ACL, the packet is dropped (implicit deny). The number of ACLs supported - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 74
dell.com | support.dell.com IP Access Control Lists (ACLs) In the Dell Force10 switch For more information about ACL supported options, refer to the FTOS Command Reference Guide. For extended ACL TCP are enabled on IP ACL rules that are already configured, those counters are reset when a new rule is - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 75
Access list • L3 Egress Access list Note: IP ACLs are supported over VLANs in Version 6.2.1.1 and higher. V ACLs and ACLs are Used to Classify Traffic When you link class-maps to queues using the service-queue command, FTOS matches the class-maps according to queue priority (queue numbers closer - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 76
dell.com | support.dell. 1/0 FTOS(conf-if-ti-1/0)#service-policy input pmap IP Fragment Handling FTOS supports a configurable option to explicitly deny IP ACL Examples The following configuration permits all packets (both fragmented & non-fragmented) with destination IP 10.1.1.1. The second rule does - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 77
are permitted. All other fragments are denied. Figure 5-4. Layer 4 ACL Rules FTOS(conf)#ip access-list extended ABC FTOS(conf-ext-nacl)#permit tcp host 10.1.1.1 any eq 24 FTOS(conf-ext-nacl)#deny ip any any fragment FTOS(conf-ext-nacl) In (Figure 5-5), TCP packets that are first fragments or - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 78
www.dell.com | support.dell.com Note the following when configuring ACLs with the fragments keyword. When an ACL related to IP ACLs, refer to the FTOS Command Line Interface Reference Guide. To set up extended ACLs, refer to Configure an Extended IP ACL. A standard IP ACL uses the source IP address - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 79
/16 seq 30 deny 10.6.0.0 /16 seq 35 deny 10.7.0.0 /16 seq 40 deny 10.8.0.0 /16 seq 45 deny 10.9.0.0 /16 seq 50 deny 10.10.0.0 /16 FTOS# Figure 5-7 shows how the seq command orders the filters according to the sequence number assigned. In the example, filter 25 was configured before filter 15, but - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 80
www.dell.com | support.dell.com Figure 5-8 shows a standard IP ACL in which the sequence numbers were assigned by FTOS. The filters were assigned sequence numbers based on the order in which they were configured (for example, the first filter was given the lowest sequence number). The show config - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 81
the seq command orders the filters according to the sequence number assigned. In the example, filter 15 was configured before filter 5, but the show config command displays the filters in the correct order. Figure 5-10. Command Example: seq FTOS(conf-ext-nacl)#seq 15 deny ip host 112.45.0.0 any FTOS - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 82
www.dell.com | support.dell.com To configure a filter for an extended IP ACL without a specified sequence number, show config command in IP ACCESS LIST mode displays the two filters with the sequence numbers 5 and 10. Figure 5-11. Extended IP ACL FTOS(conf-ext-nacl)#deny tcp host 123.55.34.0 any - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 83
by the L3 ACL, then by the L2 ACL. • When packets are switched by FTOS, the egress L3 ACL does not filter the packet. For the following features, if you enable counters on rules that have already been configured and a new rule is either inserted or prepended, all the existing counters are - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 84
dell.com | support.dell FTOS(conf-if)#show conf ! interface TenGigabitEthernet 0/0 ip address 10.2.1.100 255.255.255.0 ip access-group nimule in no shutdown In the MXL Switch, either count (packets) or count (bytes) can be configured. However, for an ACL with multiple rules, you can configure some - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 85
Step 1 2 3 Task Create an ACL that uses rules with the count option. Refer to Configure a Standard IP ACL Apply the ACL as an inbound or outbound ACL on an interface. Refer to 0/0 seq 5 permit tcp any any seq 10 deny icmp any any seq 15 permit 1.1.1.2 Access Control Lists (ACLs) | 83 - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 86
www.dell.com | support.dell.com Configuring Egress ACLs Configuring egress ACLs onto physical interfaces protects ! Extended Ingress IP access list abcd on tengigethernet 0/0 seq 5 permit tcp any any seq 10 deny icmp any any seq 15 permit 1.1.1.2 Egress Layer 3 ACL Lookup for Control-Plane IP - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 87
. The filters are processed in sequence so that if a route prefix does not match the criterion in the first filter, the second filter (if configured) is applied. When the route prefix matches a filter, FTOS drops or forwards the packet based on the filter's designated action. If the route prefix - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 88
OSPF], and border gateway protocol [BGP]). Note: The MXL Switch platform does not support all protocols. It is important to know which protocol you are supporting prior to implementing prefix lists. Configuration Task List for Prefix Lists To configure a prefix list, you must use commands in PREFIX - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 89
enter permit 0.0.0.0/0. Figure 5-15 shows how the seq command orders the filters according to the sequence number assigned. In the example, filter 20 was configured before filter 15 and 12, but the show config command displays the filters in the correct order. Figure 5-15. Command Example: seq FTOS - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 90
dell.com | support.dell.com Figure 5-16 shows a prefix list in which the sequence numbers were assigned by the software. The filters were assigned sequence numbers based on the order in which they were configured awe seq 5 permit 123.23.0.0/16 seq 10 deny 133.0.0.0/8 FTOS(conf-nprefixl)# To delete - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 91
router_rip)#show config ! router rip distribute-list prefix juba out network 10.0.0.0 FTOS(conf-router_rip)#router ospf 34 To apply a filter to name of a non-existent prefix list, all routes are forwarded. Apply a configured prefix list to incoming routes. You can specify which type of routes are - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 92
dell.com | support.dell.com To view the configuration, use the show config command in the ROUTER OSPF mode (Figure 5-20) or the show running-config ospf command in EXEC mode. Figure 5-20. Command Example: show config in ROUTER OSPF Mode FTOS(conf-router_ospf)#show config ! router ospf 34 network 10 - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 93
are incremented as a rule. These two mechanisms allow remarks to retain their original position in the list. For example, in Figure 5-22, remark 10 corresponds to rule 10 and as such they have the same number before and after the command is entered. Remark 4 is incremented as a rule, and all rules - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 94
www.dell.com | support.dell.com Figure 5-22. Resequencing Remarks FTOS(conf-ext-nacl)# show config ! ip access-list extended test remark 4 XYZ remark 5 this remark corresponds to permit any host 1.1.1.1 seq 5 permit ip any host 1.1.1.1 remark 9 ABC remark 10 this remark corresponds to permit ip any - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 95
map instance. The default action is permit and the default sequence number starts at 10. When you use the keyword deny in configuring a route map, routes that meet the match filters are not redistributed. To view the configuration, use the show config command in ROUTE-MAP mode (Figure 5-23). Figure - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 96
dell.com | support.dell.com You can create multiple instances of this route map using the sequence number option to place the route maps in the correct order. FTOS processes the route maps with the lowest sequence number first. When a configured (conf)#no route-map zakho 10 FTOS(conf)#end FTOS#show - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 97
Configure Route Map Filters Within ROUTE-MAP mode, there are match and set a match among ALL match commands. Refer to the following examples: Example 1 FTOS(conf)#route-map force permit 10 FTOS(conf-route-map)#match tag 1000 FTOS(conf-route-map)#match tag 2000 FTOS(conf-route-map)#match tag - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 98
www.dell.com | support.dell.com To configure match criterion for a route map, use any or all , enter the keyword loopback followed by a number between zero (0) and 16383. • For a 10-Gigabit Ethernet interface, enter the keyword tengigabitEthernet followed by the slot/port information. • For a VLAN - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 99
-type 1 redistribute static metric 20 metric-type 2 tag 0 route-map staticospf ! route-map staticospf permit 10 match interface TenGigabitEthernet 0/0 match metric 255 set level backbone Configure a Route Map for Route Tagging One method for identifying routes from different routing protocols is to - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 100
www.dell.com | support.dell.com In Figure 5-28, the redistribute ospf command with In this example, if a match is found in the route-map "test" module 10, module 30 are processed. Note: If you configure the continue clause without specifying a module, the next sequential module is processed. Figure - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 101
Access Control Lists (ACLs) | 99 - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 102
100 | Access Control Lists (ACLs) www.dell.com | support.dell.com - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 103
(BMP) Bare metal provisioning (BMP) improves accessibility to the MXL 10/40GbE Switch IO Module system. BMP performs auto configuration using a configuration file and an approved version of FTOS from a network source. BMP not only allows you to configure a stack with a minimum of effort, but it is - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 104
dell.com | support.dell : normal-reload] FTOS#show bootvar PRIMARY IMAGE FILE = tftp://10.11.9.3/WJ_m1000e-2-c2 SECONDARY IMAGE FILE = variable does not exist DEFAULT start] disable enable 50 1 FTOS#show boot jumpstart Config download enabled via DHCP/BOOTP Autoconfig State : Autoconfig process has - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 105
Mode BMP mode is the boot mode configured for a new system arriving from Dell Force10. This mode obtains the FTOS image and configuration file from a network source (a DHCP server). Before implementing this mode, you must set up a DHCP server and an IP server. The necessary FTOS image and start-up - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 106
www.dell.com | support.dell.com option configfile "pt-MXLSWitchIO-12"; ##### update the dhcp.conf file on the appropriate DHCP server. • Set up a DHCP server. For more information, refer to the FTOS Configuration Guide Dynamic Host Configuration Protocol chapter. The DHCP server is configured - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 107
it is the same image, the system reloads from the flash without downloading a new image. Domain Name Server • Set up a DNS server. For more information, refer to the FTOS Configuration Guide IPv4 Addressing chapter. You must configure the Domain Name Server to determine the hostname for applying the - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 108
the system in BMP mode. To reload in non-BMP mode, enter reload-type normal command. Enter config-download enable to download the configuration file from the DHCP server. Enter config-download disable so that the system uses the start-up configuration file on the flash. Enter auto-save enable to - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 109
:01:21: %STKUNIT0-M:CP %JUMPSTART-5-BOOT_OFFER: DHCP config file tftp://10.16.134.207/ pt-dt-m1000e-3-a2-12. 5. The system sends a unicast message to the server to retrieve the named configuration file and/or boot file from the base directory of the server. a The FTOS image is expected to be a Boot - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 110
The FTOS image download is successful. Erasing MXL 10/40GbE Switch IO Module Primary Image, please wait ...00:09:50: %STKUNsyncing disks... IT0-M:CP %CHMGR-1 5-RELOAD: User done request to reload the chassis rebooting • If there is no version mismatch, the system downloads the configuration file. 00 - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 111
stores information in the form of a look-up table (LUT). On Dell Force10 systems, the CAM stores Layer 2 and Layer 3 forwarding information, access Allocate space for IPV4 ACLs and quality of service (QoS) regions by using the cam-acl command in CONFIGURATION mode. The CAM space is allotted in field - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 112
MXL 10/40GbE Switch IO Module, there can be only one odd number of blocks in the command line interface (CLI) configuration; the other blocks must be in factors of two. For example, a CLI configuration of 5+4+2+1+1 blocks is not supported; a configuration to enable a service-policy. Create a - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 113
Figure 7-1. Command Example: test cam-usage FTOS#test cam-usage service-policy input pmap stack-unit all Stack-Unit | Portpipe | CAM Partition | Available CAM | Estimated CAM per Port | Status 2 | 0 | L2ACL | 28 | 1 | Allowed (28) View CAM-ACL - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 114
www.dell.com | support.dell.com CAM Optimization When you enable the CAM optimization command, chapter. However, enabling CAM optimization would apply a single rate policy FP entry. If the input service policy maps applied to several ports are the same, rate policing is applied to all the ports - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 115
8 Data Center Bridging (DCB) The data center bridging (DCB) features are supported on the MXL 10/40GbE Switch. This chapter describes the following data center bridging topics: • Ethernet Enhancements in Data Center Bridging • Enabling Data Center Bridging • Configuring Priority-Based Flow Control • - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 116
dell.com | support.dell service with lossless links. • Servers service traffic and I/O convergence of LAN, storage, and server DCBX features are supported in data center ) traffic between servers. PFC enhances (classes of service). Instead of stopping for storage and server traffic while allowing - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 117
-Based Flow Control PFC is implemented as follows in the Dell Force10 operating software (FTOS): • PFC is supported on specified 802.1p priority traffic (dot1p 0 to 7) and is configured per interface. However, only two lossless queues are supported on an interface: one for FCoE converged traffic and - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 118
dell.com | support.dell.com Although you can configure strict-priority queue scheduling for a priority group, ETS introduces flexibility that allows the bandwidth allocated to each priority group to be dynamically managed according to the amount of LAN, storage, and server groups are serviced. If a - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 119
any switch on which PFC or ETS are enabled. DCBX allows a switch to automatically discover DCB-enabled peers and exchange configuration supported for DCB parameter exchange: • PFC parameters: PFC Configuration TLV and Application Priority Configuration TLV. • ETS parameters: ETS Configuration - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 120
www.dell.com | support.dell.com Enabling Data Center Bridging Data center bridging is enabled by default on an MXL 10/40GbE Switch to support converged enhanced Ethernet (CEE) in a data center network, and is a prerequisite for configuring: • Priority-based flow control • Enhanced transmission - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 121
global switch level (refer to Honoring dot1p Values on Ingress Packets). • Layer 2 class maps: You can use dot1p priorities to classify traffic in a class map and apply a service policy to an ingress port to map traffic to egress queues (refer to Policy-Based QoS Configurations). Note: Dell Force10 - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 122
: None. Maximum number of loss less queues supported on the switch: 2. Separate priority values with a comma; specify a priority range with a dash; for example: pfc priority 1,3,5-7. pfc priority priority-range DCB INPUT POLICY Enable the PFC configuration on the port so that the priorities are - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 123
mode on command in DCB Input Policy Configuration mode. PFC is enabled or disabled as global DCB operation is enabled (dcb enable) or disabled (no dcb enable). You can number (2) of lossless queues supported globally on the switch. In this case, all PFC configurations received from PFC-enabled peers - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 124
www.dell.com | support.dell.com Configuring Lossless Queues DCB also supports the manual configuration of lossless queues on an interface when PFC mode is turned off and priority classes are disabled in a DCB input policy applied to the interface. The configuration of no-drop queues provides - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 125
) on an MXL Switch is 0. [no] dcb stack-unit all pfc-buffering pfc-port-count {1-56} pfc-queues {1-2} [no] dcb stack-unit stack-unit-id [port-set port-set-id] pfc-buffering pfc-ports {1-56} pfc-queues {1-2} CONFIGURATION CONFIGURATION FTOS Behavior: If you configure PFC on a 40GbE port, count - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 126
dell.com | support.dell.com Configuring Enhanced Transmission Selection Enhanced transmission selection (ETS) provides a way to optimize bandwidth allocation to outbound 802.1p classes of converged Ethernet traffic. Different traffic types have different service 3. Configure a DCB output policy in - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 127
bandwidth allocation and scheduling for priority traffic. Maximum: 32 characters. (Optional) Configure the method used to schedule priority traffic in port queues. Valid values: • strict - Strict priority traffic is serviced before any other queued traffic (refer to Strict-Priority Queueing). • werr - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 128
www.dell.com | support.dell.com FTOS Behavior: Traffic in priority groups is assigned to strict-queue or WERR scheduling in an ETS output policy and is managed using the ETS bandwidth-assignment algorithm. FTOS deqeues all frames of strict-priority traffic before servicing any other queues. A queue - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 129
CONFIGURATION Configure the priority-group identifier. Valid values: 0 to 7. Default: None. Configure configuration mode. exit PRIORITY-GROUP Repeat Steps 1 to 4 to configure should be configured in priority groups of priority groups supported in ETS output queues. If you configure more than one - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 130
www.dell.com | support.dell.com Applying an ETS Output Policy for a Priority Group to an Interface To apply ETS on egress port traffic, you must associate a priority group with an ETS output policy which has scheduling and bandwidth configuration in a DCB output policy, and then apply the output - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 131
in any priority group to increase to the maximum link bandwidth. CIN supports only the dot1p priority-queue assignment in a priority group. To configure a dot1p priority flow in a priority group to operate with link strict , refer to Allocate Bandwidth to the Queue. Data Center Bridging (DCB) | 129 - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 132
dell.com | support.dell policy. Maximum: 32 alphanumeric characters. Configure the percentage of bandwidth to be allocated Repeat Step 2 to configure bandwidth percentages for other Configuration mode. Enter INTERFACE Configuration service-policy output output-policy-name Command Mode CONFIGURATION - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 133
stack units. Task Command Apply the specified DCB output policy on all ports of the switch stack or a stacked switch. dcb-policy output stack-unit {all | stack-unit-id} stack-ports all dcb-output-policy-name Command Mode CONFIGURATION FTOS Behavior: A dcb-policy output stack-unit all command - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 134
iSCSI Optimization The following versions of DCBX are supported on an MXL Switch: CIN, CEE, and IEEE2.5. Prerequisite: DCBX requires the LLDP to be enabled on all DCB devices. DCBX Operation DCBX performs the following operations: • Discovers DCB configuration (such as PFC and ETS) in a peer device - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 135
. The network administrator must then reconfigure the peer device so that it advertises a compatible DCB configuration. The internally propagated configuration is not stored in the switch's running configuration. On a DCBX port in an auto-downstream role, all PFC, application priority, ETS recommend - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 136
priority TLV. - On manual ports: An application priority TLV is advertised only if the priorities in the TLV match the PFC priorities configured on the port. DCB Configuration Exchange On an MXL Switch, the DCBX protocol supports the exchange and propagation of configuration information for the - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 137
port has performed a DCBX exchange with a DCBX peer. • The switch is capable of supporting the received DCB configuration values through either a symmetric or asymmetric parameter exchange. A newly elected configuration source propagates configuration changes received from a peer to the other auto - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 138
how DCBX is used on an MXL Switch installed in a PowerEdge M1000e chassis in which servers are also installed. • The external 40GbE ports on the base module (ports 33 and 37) of two switches are used for uplinks configured as DCBX auto-upstream ports. The MXL Switch is connected to third-party, top - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 139
Prerequisites and Restrictions The following prerequisites and restrictions apply when you configure DCBX operation on a port: • DCBX requires LLDP in both down. • The CIN version of DCBX supports only PFC, ETS, and FCOE; it does not support iSCSI, backward congestion management (BCN), logical link - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 140
www.dell.com | support.dell.com DCBX Configuration Procedure To configure an MXL Switch for DCBX operation in a data center network, you must: 1. Configure ToR- and FCF-facing interfaces as auto-upstream ports. 2. Configure server-facing interfaces as auto-downstream ports. 3. Configure a port to - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 141
the port to serve as the configuration source on the switch. • manual configures the port to operate only on administer-configured DCB parameters. The port does not accept a DCB configuration received from a peer or a local configuration source. Default: Manual. [no] dcbx port-role {config-source - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 142
www.dell.com | support.dell.com Configuring DCBX Globally on the Switch To globally configure DCBX operation on a switch, follow these steps: Step 1 2 3 4 Task Command Command Mode Enter Global Configuration mode. configure EXEC PRIVILEGE Enter LLDP Configuration mode to enable DCBX - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 143
Configure the Application Priority TLVs to be advertised on unconfigured interfaces with a manual FIP Snooping and iSCSI Optimization. 6 Configure the FCoE priority advertised for the FCoE fcoe priority-bits priority-bitmap 7 Configure the iSCSI priority advertised for the configuration configuration - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 144
www.dell.com | support.dell.com Debugging DCBX on an Interface traces for DCBX auto-detect timers. • config-exchng: Enables traces for DCBX configuration exchanges. • fail: Enables traces for DCBX failures. • mgmt: Enables resource | sem | tlv} EXEC PRIVILEGE 142 | Data Center Bridging (DCB) - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 145
] (Figure 8-7) Displays the PFC configuration in a DCB input policy. show qos dcb-output [ets-profile] (Figure 8-8) Displays the ETS configuration in a DCB output policy. show qos priority-groups (Figure 8-9) Displays the ETS priority groups configured on the switch, including the 802.1p priority - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 146
www.dell.com | support.dell.com Figure 8-8. show qos dcb-output Command Example FTOS# show qos dcb-output dcb-output ets priority-group san qos-policy san priority-group ipc qos-policy ipc priority-group lan qos-policy lan Figure 8-9. show qos priority-groups - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 147
-unit and port number. PFC Admin mode is on or off with a list of the configured PFC priorities. When PFC admin mode is on, PFC advertisements are enabled to be sent and received from peers; received remote peer port: enabled or disabled. Number of PFC TLVs received. Data Center Bridging (DCB) | 145 - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 148
www.dell.com | support.dell.com Table 8-3. show interface pfc summary Command Description Field Description PFC TLV Frames Rx Total Frames Tx Total Frames 0 0 0 0 1 0 0 0 2 0 0 0 3 0 0 0 4 0 0 0 5 0 0 0 6 0 0 0 7 0 0 0 146 | Data Center Bridging (DCB) - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 149
ets summary Command Example FTOS(conf)# show interfaces te 0/0 ets Interface TenGigabitEthernet 0/0 Max Supported TC Groups is 4 Number of Traffic Classes is 8 Admin mode is on Admin Parameters Tx Status is disabled Traffic Class TLV Tx Status is disabled Data Center Bridging (DCB) | 147 - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 150
www.dell.com | support.dell.com Figure 8-13. show interface ets detail Command Example FTOS(conf)# show interfaces tengigabitethernet 0/0 ets Interface TenGigabitEthernet 0/0 Max Supported TC Groups is 4 Traffic Class TLV Pkts, 0 Error Traffic Class TLV Pkts 148 | Data Center Bridging (DCB) - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 151
pkts Interface type with stack-unit and port number. Maximum number of priority groups supported. Number of 802.1p priorities currently configured. ETS mode: on or off. When on, the scheduling and bandwidth allocation configured in an ETS output policy or received in a DCBX TLV from a peer can take - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 152
dell.com | support.dell all ets details Stack unit 0 stack port all Max Supported TC Groups is 4 Number of Traffic Classes is 1 Admin mode 6 - - 7 - - 8 - - Stack unit 1 stack port all Max Supported TC Groups is 4 Number of Traffic Classes is 1 Admin mode is on Admin Parameters: - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 153
-Sync Peer DCBX Status DCBX Operational Version is 0 DCBX Max Version Supported is 255 Sequence Number: 2 Acknowledgment Number: 2 Total DCBX Frames , or manual. Operational status (enabled or disabled) used to elect a configuration source and internally propagate a DCB configuration. The - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 154
www.dell.com | support.dell.com Table 8-5. show interface dcbx detail Command Description Field Description Local DCBX Compatibility mode DCBX version accepted in a DCB configuration as compatible. In auto-upstream mode, a port can only received a DCBX version supported on the remote peer. - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 155
This section contains examples of how to configure and apply DCB input and output policies on an interface. Using PFC and ETS to Manage Data Center Traffic In the example shown in Figure 8-17 for an MXL 10/40GbE Switch: • Incoming SAN traffic is configured for priority-based flow control. • Outbound - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 156
www.dell.com | support.dell.com QoS Traffic Classification: On the MXL Switch, the service-class dynamic dot1p command has been used in Global Configuration mode to map ingress dot1p frames to the 6 7 Priority Group Assignment LAN LAN LAN SAN IPC LAN LAN LAN 154 | Data Center Bridging (DCB) - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 157
maps to mark and map ingress traffic to output queues; for example: FTOS(conf)# service-class dynamic dot1p Or FTOS(conf)# interface tengigabitethernet 0/1 FTOS(conf-if-te-0/1)# service-class dynamic dot1p Configure a DCB input policy for applying PFC to lossless SAN priority traffic: FTOS(conf - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 158
service-policy output ets-queues Using PFC and ETS to Manage Converged Ethernet Traffic in a Switch Stack Figure 8-20 shows how to apply the DCB PFC input policy (ipc_san_lan) and ETS output policy (ets) configured in Figure 8-18 and Figure 8-19 on all ports on all MXL Switches in a switch stack - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 159
ETS Output Policies On an MXL Switch, ETS supports up to three levels of hierarchical scheduling. For example, you can apply ETS output policies with the following configurations: • Priority group 1 assigns to priority group 3 (mapped to two strict-priority queues). Data Center Bridging (DCB) | 157 - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 160
158 | Data Center Bridging (DCB) www.dell.com | support.dell.com - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 161
network administrators of manually configuring hosts, which can be a tedious and error-prone process when hosts often join, leave, and change locations on the network. • reclaims IP addresses that are no longer in use to prevent address exhaustion. DHCP is based on a client-server model. A host - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 162
www.dell.com | support.dell.com DHCP Packet Format and Options DHCP uses the user datagram protocol (UDP) as its transport protocol. The server listens on port 67 and transmits to port 68; the client listens on port 68 and transmits to port 67. The configuration parameters are carried as options - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 163
process over by sending a DHCPDISCOVER. • DHCPINFORM-A client uses this message to request configuration parameters when it assigned an IP address manually rather than with DHCP. The server responds by unicast. • DHCPNAK-A server sends this message to the client if it is not able to fulfill - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 164
allocated memory. • Supports 4K DHCP snooping entries. • Supports DAI on 16 VLANs per system. Configuration Tasks • Configure the System to be a DHCP Server • Configure the System to be a Relay Agent • Configure Secure DHCP Configure the System to be a DHCP Server A DHCP server is a network device - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 165
need. Configuring the Dell Force10 system to be a DHCP server is a three-step process: 1. Configure the Server for Automatic Address Allocation 2. Specify a Default Gateway 3. Enable DHCP Server Related Configuration Tasks • Configure a Method of Hostname Resolution • Create Manual Binding Entries - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 166
.dell.com Step 3 4 Task Command Syntax Specify the range of IP addresses from which the DHCP server may assign addresses. • network is the subnet address. • prefix-length specifies the number of bits used for the network portion of the address you specify. Display the current pool configuration - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 167
the show ip dhcp binding command and confirmed with the show lldp neighbors command. Figure 9-3. Configuring DHCP Server Relay Agent DNS Server 7/1 Configure a Method of Hostname Resolution Dell Force10 systems are capable of providing DHCP clients with parameters for two methods of hostname - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 168
to Microsoft DHCP clients. netbios-name-server address Specify the NetBIOS node type for a Microsoft DHCP client. Dell Force10 recommends specifying clients as hybrid. netbios-node-type type Command Mode DHCP DHCP Create Manual Binding Entries An address binding is a mapping - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 169
does not receive a response to its request and therefore cannot access the network. You can configure an interface on the Dell Force10 system to relay the DHCP messages to a specific DHCP server using the ip helper-address dhcp-address command from INTERFACE mode (Figure 9-4). Specify multiple DHCP - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 170
www.dell.com | support.dell.com Figure 9-4. Configuring Dell Force10 MXL 10/40GbE Switch IO Module system as a DHCP Relay Device To view the ip helper-address configuration for an interface, use the show ip interface command from EXEC privilege mode (Figure 9-5). Figure 9-5. Displaying the Helper - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 171
ip address dhcp Command Mode CONFIGURATION INTERFACE On an MXL switch configured as a DHCP client, you can release a dynamically-assigned IP address without removing the DHCP client operation on the interface. You can later manually acquire a new IP address from the DHCP server as follows: Task - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 172
www.dell.com | support.dell.com To display DHCP client information, enter the following show commands: Task Display statistics about DHCP client interfaces (Figure Rebind Time ======== 11-06-2034 13:46 Lease Expires At =========== 01-18-2038 11:14 170 | Dynamic Host Configuration Protocol (DHCP) - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 173
event-level debug messages displayed for the packet transmissions and state transitions on a DHCP client interface when you enable and disable a DHCP client. Dynamic Host Configuration Protocol (DHCP) | 171 - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 174
www.dell.com | support.dell.com Figure 9-8. DHCP Client: Debug Messages Logged during DHCP Client Enabling -LOG: DHCLIENT_DBG_PKT: Received DHCPOFFER packet in Interface Te 0/1 with Lease-Ip:10.16.134.250, Mask:255.255.0.0,Server-Id:10.16.134.249 172 | Dynamic Host Configuration Protocol (DHCP) - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 175
DISCOVER sent in Interface Te 0/1 May 27 15:55:31: %STKUNIT0-M:CP %DHCLIENT-5-DHCLIENT-LOG: DHCLIENT_DBG_PKT: Received DHCPOFFER packet in Interface Te 0/1 with Lease-Ip:10.16.134.250, Mask:255.255.0.0,Server-Id:10.16.134.249 Dynamic Host Configuration Protocol (DHCP) | 173 - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 176
www.dell.com | support.dell.com FTOS Behavior: The ip address dhcp command enables DHCP server-assigned dynamic IP addresses on an interface. This setting persists after a switch reboot. If you enter the shutdown command on the interface, DHCP transactions are stopped and the dynamically-acquired - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 177
. This route is added irrespective both when the DHCP client and server are in the same or different subnets. The management default route client must be manually deleted. • If a management route added by the DHCP client is removed or replaced by the same statically-configured management route, - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 178
Server A switch can operate as a DHCP client and a DHCP server with the exception that a DHCP client interface does not acquire a dynamic IP address from the DHCP server running on the switch. A dynamic IP address must be acquired from another DHCP server. 176 | Dynamic Host Configuration Protocol - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 179
, you must assign a priority that is less than 255 and that is the highest priority among all the priorities assigned in the group. Dynamic Host Configuration Protocol (DHCP) | 177 - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 180
www.dell.com | support.dell.com Configure Secure DHCP DHCP as defined by RFC 2131 provides no adds Option 82. The DHCP relay agent inserts Option 82 before forwarding DHCP packets to the server. The server can use this information to: • track the number of address requests per relay agent; - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 181
ports are ports through which attackers cannot connect. Manually configure ports connected to legitimate servers and relay agents as trusted. When you a lease expires or when the relay agent encounters a DHCPRELEASE. The switch maintains a list of snooped VLANs. When the binding table is exhausted, - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 182
www.dell.com | support.dell.com Add a Static Entry in the Binding Table To add a static entry in the binding table, follow this step: Task show ip dhcp snooping Command Mode EXEC Privilege Command Mode EXEC Privilege Command Mode EXEC Privilege 180 | Dynamic Host Configuration Protocol (DHCP) - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 183
view the DHCP snooping statistics, use the show ip dhcp snooping command (Figure 9-10). Figure 9-10. Command example: show ip dhcp snooping FTOS#show ip dhcp snooping IP DHCP max limit of 4000 entries, new IP address assignments are allowed. Dynamic Host Configuration Protocol (DHCP) | 181 - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 184
dell.com | support.dell 10.1.1.251 00:00:4d:57:f2:50 172800 D Vl 10 Te 0/2 10.1.1.252 00:00:4d:57:e6:f6 172800 D Vl 10 Te 0/1 10.1.1.253 00:00:4d:57:f8:e8 172740 D Vl 10 Te 0/3 10 -in-the-middle (MITM), and denial-of-service (DoS) attacks, among others. A spoofed Configuration Protocol (DHCP) - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 185
• denial of service-an attacker can send fraudulent ARP messages to a client to associate a for every DAI-enabled VLAN. You can enable DAI on up to 16 VLANs on a system. You can configure 10 to 16 DAI-enabled VLANs by allocating more CAM space to the L2SysFlow region before enabling DAI. Note: - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 186
www.dell.com | support.dell.com To see how many valid and invalid ARP packets have 1000 : 0 Bypass the ARP Inspection You can configure a port to skip ARP inspection by defining the interface as trusted, which is useful in multi-switch environments. ARPs received on trusted ports bypass validation - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 187
other clients. The DHCP binding table associates addresses assigned by the DHCP servers, with the port on which the requesting client is attached. When you Command Syntax ip dhcp snooping verify mac-address Command Mode CONFIGURATION IP+MAC Source Address Validation IP source address validation - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 188
www.dell.com | support.dell.com To enable IP+MAC source address validation, follow these steps: Step 1 copy running-config startup-config reload ip dhcp source-address-validation ipmac Command Mode CONFIGURATION EXEC Privilege EXEC Privilege INTERFACE FTOS creates an ACL entry for each IP+MAC - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 189
snooping is supported on the MXL 10/40GbE Switch. This chapter describes the FIP snooping concepts and configuration procedures: • Fibre Channel over Ethernet • Ensuring Robustness in a Converged Ethernet Network • FIP Snooping on Ethernet Bridges • FIP Snooping in a Switch Stack • Configuring FIP - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 190
between FCoE end-devices (ENodes) and the FCF. FIP uses its own EtherType and frame format. Figure 10-1 shows the communication that occurs between an ENode server and an FCoE switch (FCF). FIP performs the following functions: • FIP virtual local area network (VLAN) discovery: FCoE devices (ENodes - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 191
Figure 10-1. FIP discovery and login between an ENode and an FCF FIP Snooping server-facing ports • FCF mode for a trusted port directly connected to an FCF You must enable FIP snooping on an MXL Switch and configure the FIP snooping parameters. When you enable FIP snooping, all ports on the switch - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 192
to an FCF and on server-facing ENode ports. • Port-based ACLs take precedence over global ACLs. • FCoE-generated ACLs take precedence over user-configured ACLs. A user-configured ACL entry cannot deny FCoE and FIP snooping frames. Figure 10-2 shows an MXL 10/40GbE Switch used as a FIP snooping - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 193
address to an FCoE end-device (server ENode or storage device) after a server successfully logs in. • Set Dell Force10 recommends that you do not configure FIP Snooping on a stacked MXL Switch. Configuring FIP Snooping The configuration of FIP snooping consists of the following tasks: 1. Configure - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 194
www.dell.com | support.dell.com Enabling the FIP Snooping Feature As soon as you enable the FIP snooping feature on a switch-bridge, existing VLAN-specific and FIP snooping configurations are applied. By default, all FCoE and FIP frames are dropped unless specifically permitted by existing FIP - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 195
to be enabled on the switch for lossless Ethernet connections (refer to Data Center Bridging (DCB)). Dell recommends that you also enable ETS; ETS is recommended but not required. If you enable DCBX and PFC mode is on (PFC is operationally up) in a port configuration, FIP snooping is operational on - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 196
| support.dell.com FIP Snooping Restrictions The following restrictions apply when you configure FIP snooping on an MXL switch: • The maximum number of FCoE VLANs supported on the switch is eight. • The maximum number of FIP snooping sessions (including NPIV sessions) supported per ENode server is - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 197
also displayed. show fip-snooping config (Figure 10-4) Displays the FIP snooping status and configured FC-MAP values. show fip-snooping enode [ number] show fip-snooping system (Figure 10-9) Display information on the status of FIP snooping on the switch (enabled or disabled), including the - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 198
www.dell.com | support.dell.com Figure 10-3. show fip-snooping sessions Command Example FTOS#show fip-snooping 00 21:00:0e:fc:00:00:00:00 21:00:0e:fc:00:00:00:00 Table 10-2. show fip-snooping sessions Command Description Field Description ENode MAC ENode Interface FCF MAC FCF Interface VLAN - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 199
ee:37:34:40 VLAN ---100 FC-ID ----62:00:11 Table 10-3. show fip-snooping enode Command Description Field Description ENode MAC ENode Interface FCF by the session. Fibre Channel session ID assigned by the FCF. Figure 10-6. show fip-snooping fcf Command Example FTOS# show fip-snooping fcf FCF - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 200
www.dell.com | support.dell.com Figure 10-7. show fip-snooping statistics (VLAN and port) Command Example FTOS# show fip-snooping statistics interface vlan 100 Number of Vlan Requests Number of Vlan Notifications - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 201
Figure 10-8. show fip-snooping statistics (port channel) Command Example FTOS# show fip-snooping statistics interface port-channel 22 Number of Vlan Requests :0 Number of Vlan Notifications :2 - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 202
www.dell.com | support.dell.com Table 10-5. show fip-snooping statistics Command Descriptions Field Description Number of Vlan Requests Number of Session failures due Number of session failures due to hardware configuration that occurred on the to Hardware Config interface. 200 | FIP Snooping - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 203
) FCFs Enodes Sessions : Enabled : 1, 100 : 1 : 2 : 17 Note: NPIV sessions are included in the number of FIP-snooped sessions displayed. Figure 10-10. show fip-snooping vlan Command Example FTOS# show fip-snooping vlan * = Default VLAN VLAN ---*1 100 FC-MAP -----0X0EFC00 FCFs ---1 Enodes - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 204
www.dell.com | support.dell.com FIP Snooping Configuration Example Figure 10-11 shows an MXL Switch used as a FIP snooping bridge for FCoE traffic between an ENode (server blade) and an FCF (ToR switch). The ToR switch operates as an FCF and FCoE gateway. Figure 10-11. Configuration Example: FIP - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 205
-facing port (0/50), and an ENode server-facing port (0/1), and to configure the FIP snooping ports as tagged members of the FCoE VLAN enabled for FIP snooping. Figure 10-12. FIP Snooping Configuration Example Enable the FIP snooping feature on the switch (FIP snooping bridge): FTOS(conf)# feature - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 206
204 | FIP Snooping www.dell.com | support.dell.com - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 207
• Enabling GVRP Globally • Enabling GVRP on a Layer 2 Interface • Configuring GVRP Registration • Configuring a GARP Timer Overview Typical virtual local area network (VLAN) implementation involves manually configuring each Layer 2 switch that participates in a given VLAN. GARP VLAN registration - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 208
or multiple spanning tree protocol (MSTP). The MXL 10/40GbE Switch IO Module system does support enabling GVRP and MSTP at the same time GVRP. Configuring GVRP Globally, enable GVRP on each switch to facilitate GVRP communications. Then, GVRP configuration is per interface on a switch-by-switch basis - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 209
trunk ports for the edge and core switches. Edge Switches Core Switches VLANs 70-80 Edge Switches VLANs 10-20 VLANs 10-20 VLANs 30-50 VLANs 30-50 VLANs 70-80 NOTES: VLAN 1 mode is always fixed and cannot be configured All VLAN trunk ports must be configured for GVRP All VLAN trunk ports must - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 210
www.dell.com | support.dell.com Enabling GVRP Globally Enable GVRP for the entire switch using the gvrp enable command in CONFIGURATION mode (Figure 11-3). Use the show gvrp brief command to inspect the global configuration. Figure 11-3. Enabling GVRP Globally FTOS(conf)#protocol gvrp FTOS(conf- - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 211
register and de-register VLANs, and to propagate both dynamic and static VLAN information. • Fixed Registration Mode: Configuring a port in fixed registration mode allows for manual creation and registration of VLANs, prevents VLAN de-registration, and registers all VLANs known on other ports on - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 212
www.dell.com | support.dell.com Figure 11-6 shows GVRP registration. Figure 11-6. Configuring GVRP Registration FTOS(conf)# LeaveAll Timer 5000 FTOS(conf)# FTOS displays Message 1 if an attempt is made to configure an invalid GARP timer. Message 1 GARP Timer Error FTOS(conf)#garp timers join 300 - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 213
12 Internet Group Management Protocol (IGMP) Multicast is based on identifying many hosts by a single destination IP address. Hosts represented by the same IP address are a multicast group. The internet group management protocol (IGMP) is a Layer 3 multicast protocol that hosts use to join or leave - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 214
www.dell.com | support.dell.com Figure 12-1. IGMP Version 2 Packet Format Preamble Start Frame Destination MAC Delimiter Source MAC Ethernet Type IP Packet Padding FCS Version IHL (4) TOS (0xc0) - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 215
Code Sources (2) Source Addresses Maximum Response Time derived from this value Bit flag that when set to 1 suppresses router query response timer updates Query Interval derived from this value Source addresses to be filtered Code: 0x11: Membership Query Number of times that a router or - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 216
www.dell.com | support.dell.com Joining and Filtering Groups and Sources Figure 12-4 shows . 3. The host's third message indicates that it is only interested in traffic from sources 10.11.1.1 and 10.11.1.2. Because this request again prevents all other sources from reaching the subnet, the router - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 217
indicating it is leaving group 224.1.1.1 and that the included filter for 10.11.1.1 and 10.11.1.2 are no longer necessary. 2. The querier, before making any hosts, which is a waste of bandwidth. IGMP snooping enables switches to use information in IGMP packets to generate a forwarding table that - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 218
is supported on all MXL 10/40GbE stack members. • IGMP snooping reacts to STP and MSTP topology changes by sending a general query on the interface that transitions to the forwarding state. Configuring IGMP Snooping Configuring IGMP snooping is a one-step process. That is, you enable it on a switch - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 219
not learned (unregistered frame), the switch floods that packet out of all ports on the VLAN. On the MXL Switch, when you configure no ip igmp snooping flood, mrouter command from EXEC Privilege mode. Configuring the Switch as Querier Hosts that do not support unsolicited reporting wait for a general - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 220
www.dell.com | support.dell.com Fast Convergence after MSTP Topology Changes When a port transitions response to the general query and the forwarding database is updated without having to wait for the query interval to expire. When an IGMP snooping switch is not acting as a querier, it sends out the - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 221
This chapter describes 100/1000/10000 Mbps Ethernet, 10 Gigabit Ethernet, and 40 Gigabit Ethernet interface types, both physical and logical, and how to configure them with the Dell Force10 operating software (FTOS). Basic Interface Configuration: • Interface Types • View Basic Interface Information - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 222
www.dell.com | support.dell.com Interface Types The following lists the different interface types. traffic passing through the interface. If a port channel interface is configured, the show interfaces command can list the interfaces configured in the port channel. Note: To end output from the - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 223
up, line protocol is up Hardware is DellForce10Eth, address is 00:1e:c9:f1:00:05 Current address is 00:1e:c9:f1:00:05 Server Port AdminState is Up Pluggable media not present Interface index is 38080769 Internet address is not set Mode of IP Address Assignment : NONE DHCP Client - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 224
www.dell.com | support.dell.com Use the Manual administratively down down YES Manual up up YES Manual up up YES Manual up up YES Manual up up NO Manual administratively down down NO Manual administratively down down NO Manual administratively down down Use the show interfaces configured - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 225
access to the system. The switch interfaces support Layer 2 and Layer 3 traffic over the 100/1000/10000, 10-Gigabit, and 40-Gigabit Ethernet . FTOS Behavior: The MXL 10/40GbE switch systems use a single MAC address for all physical interfaces. Configuration Task List for Physical Interfaces - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 226
dell.com | support.dell.com The following section includes information about optional configurations for physical interfaces: • Overview of Layer Modes • Configure , 40 Gigabit Ethernet, 10 Gigabit Ethernet Management Loopback INTERFACE mode. You cannot configure switching or Layer 2 protocols, - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 227
interface. Place the interface in Layer 2 (switching) mode. For information about enabling and configuring STP, refer to Layer 2 on page 305 Layer 3 Interface FTOS(conf-if)#show config ! interface TenGigabitEthernet 1/5 ip address 10.10.10.1 /24 no shutdown FTOS(conf-if)# If an interface is in the - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 228
www.dell.com | support.dell.com To assign an IP address, use the following commands in INTERFACE mode: Command Syntax no shutdown ip address ip-address mask [secondary] Command Mode INTERFACE INTERFACE Purpose Enable the interface. Configure a primary IP address and mask on the interface. The ip - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 229
on the fabric D interface. The MXL Switch system supports the management ethernet interface as well as the standard interface on any front-end port. You can use either method to connect to the system. Configure Management Interfaces on the MXL Switch On the MXL Switch IO Module, the dedicated - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 230
www.dell.com | support.dell.com You can manage the MXL Switch from any port. Configure an IP address for the port using is 00:1e:c9:bb:02:c2 Current address is 00:1e:c9:bb:02:c2 Server Port AdminState is Down Pluggable media not present Interface index is 38080769 Internet address is not - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 231
rate shaping and ingress rate policing on the same VLAN. FTOS supports Inter-VLAN routing (Layer 3 routing in VLANs). You can add Configuration of a VLAN interface Vlan 10 ip address 1.1.1.2/24 tagged TenGigabitEthernet 2/2-13 tagged TenGigabitEthernet 5/0 ip ospf authentication-key Dell Force10 - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 232
www.dell.com | support.dell.com Loopback Interfaces A Loopback interface is a virtual interface in which the software emulates an interface. Packets routed to it are processed locally. Because this interface is not a physical interface, you can configure routing protocols on this interface to - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 233
by aggregating four 10-Gigabit Ethernet interfaces together. If one of the four interfaces fails, traffic is redistributed across the three remaining interfaces. Port Channel Implementation FTOS supports two types of port channels: • Static-port channels that are statically configured • Dynamic-port - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 234
www.dell.com | support.dell.com Table 13-2 lists the number of port channels per platform. Table 13-2. Number of Port Channels per Platform Platform MXL 10/40GbE Switch IO Module Port-channels 128 Members/Channel 16 As soon as a port channel is configured, FTOS treats it like a physical - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 235
group on an MXL Switch. To configure a port channel, follow these steps, starting in CONFIGURATION mode: Step configuring protocols or assigning access control lists. Add a Physical Interface to a Port Channel Note: Port channels can contain a mix of 100/1000/10000 Ethernet interfaces and 10 - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 236
dell.com | support.dell.com • ip mtu (if the interface is on a Jumbo-enabled by default.) Note: The MXL Switch supports jumbo frames by default (the default maximum transmission unit [MTU] is 1554 bytes) You can configure Privilege mode (Figure 13-10). Figure 13-10. show interfaces port-channel - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 237
As soon as a physical interface is added to a port channel, the properties of the port channel determine the properties of the physical interface. The configuration and status of the port channel are also applied to the physical interfaces within the port channel. For example, if the port channel is - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 238
www.dell.com | support.dell.com Figure 13-12. Error Message FTOS(conf-if-po-1)#show config ! interface Port-channel 1 no ip address channel-member TenGigabitEthernet 0/16 shutdown FTOS(conf-if-po-1)# FTOS(conf-if-po-1)#int tengig 1/6 FTOS(conf-if)#ip address 10.56.4.4 /24 % Error: Te 1/6 Port is - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 239
Mode INTERFACE Purpose Enter the number of links in a LAG that must be in "oper up" status. Default: 1 Figure 13-14 shows an example of configuring five minimum "oper up" links in a port channel. Figure 13-14. Example of Using the minimum-links Command FTOS#config t FTOS(conf)#int po 1 FTOS - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 240
www.dell.com | support.dell.com Assign an IP Address to a Port Channel You can assign an command in INTERFACE mode: Command Syntax ip address ip-address mask [secondary] Command Mode INTERFACE Purpose Configure an IP address and mask on the interface. • ip-address mask: enter an address in dotted - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 241
Entries • Exclude a Smaller Port Range • Overlap Port Ranges • Commas • Add Ranges Create a Single-Range Figure 13-15. Creating a Single-Range Bulk Configuration FTOS(conf)# interface range tengigabitethernet 5/1 - 23 FTOS(conf-if-range-te-5/1-23)# no shutdown FTOS(conf-if-range-te-5/1-23)# Create - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 242
www.dell.com | support.dell.com Figure 13- conf)#interface range tengigabitethernet 2/0 - 23 , tengigab 2/1 - 10 FTOS(conf-if-range-te-2/0-23)# Overlap Port Ranges If and 1/ 2. Figure 13-20. Multiple-Range Bulk Configuration Gigabit Ethernet and Ten-Gigabit Ethernet FTOS(conf-if)# interface - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 243
25)# no shutdown FTOS(conf-if-range)# Interface Range Macros You can define an interface-range macro to automatically select a range of interfaces for configuration. Before you can use the macro keyword in the interface-range macro command string, you must define the macro. To define an interface - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 244
www.dell.com | support.dell.com FTOS(conf)# interface range macro test FTOS(conf-if)# 242 | Interfaces - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 245
port information: • For a 100/1000/10000 Ethernet interface, enter the keyword TenGigabitEthernet followed by the slot/port information. • For a 10 Gigabit Ethernet interface, enter the keyword TenGigabitEthernet followed by the slot/port information. • For a 40-Gigabit Ethernet interface, enter the - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 246
Using TDR The time domain reflectometer (TDR) is supported on all Dell Force10 switch/routers. TDR is an assistance tool to resolve link becomes unterminated, or if a transceiver is unplugged). TDR is useful for troubleshooting an interface that is not establishing a link, that is, when the link - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 247
Ports to SFP+ Ports The MXL 10/40GbE switch supports splitting a 40GbE port on the base module or a 2-Port 40GbE QSFP+ module into four 10GbE the 40GbE ports to 4x10GbE mode as described below. Command Syntax stack-unit stack-unit port number portmode quad Command Mode Purpose CONFIGURATION Split - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 248
quad: Identifies the uplink port as a split 10GbE SFP+ port. Then save the configuration and reload the switch. FTOS# write memory FTOS#reload Important Points • You cannot use split ports as stack-link to stack an MXL Switch. • Split ports cannot be a part of any stacked system. • The quad port - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 249
implementing the pause operation instruct the MAC to enable reception are supported on full duplex only. The only configuration applicable configuration is on: Can't configure half duplex when flowcontrol is on, config ignored. Enable Pause Frames Note: If rx flow control is disabled, Dell Force10 - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 250
of traffic is received. Note: After you disable DCB, if link-level flow control is not automatically enabled on an interface, manually shut down the interface (shutdown command) and re-enable it (no shutdown command) to enable flow control. Configure MTU Size on an Interface If a packet includes - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 251
than or equal to the link MTU and IP MTU values configured on the channel members. For example, if the members have switch traffic between front-end ports is known as the port pipe. A port pipe is a Dell Force10 term for the hardware path that packets follow through a system. The MXL Switch supports - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 252
Dell Force10 recommends keeping auto-negotiation enabled. Auto-negotiation should only be disabled on switch ports that attach to devices not capable of supporting interface require manual speed synchronization, and to manually synchronize them above command.] Access CONFIGURATION mode. config - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 253
Te 0/6 Down Auto Te 0/7 Down Auto Te 0/8 Down Auto Te 0/9 Down Auto Te 0/10 Down Auto Te 0/11 Down Auto Te 0/12 Down Auto Te 0/13 Down Auto [output is disabled. Figure 13-26. Setting Port Speed Example FTOS#configure FTOS(conf)#interface tengig 0/1 FTOS(Interface 0/1)#speed 100 FTOS( - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 254
www.dell.com | support.dell.com Setting Auto-Negotiation Options The negotiation auto command provides a mode option for configuring an individual port to forced master/ forced slave after you enable auto-negotiation. Caution: Ensure that only one end of the node is configured as forced-master and - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 255
interval between keepalive messages. To view the new setting, use the show config command in INTERFACE mode. View Advanced Interface Information Display Only Configured Interfaces The following options have been implemented for the show [ip | running-config] interfaces command. When you use the - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 256
www.dell.com | support.dell.com Figure 13-28. show Commands with configured Keyword Examples FTOS#show interfaces configured FTOS#show interfaces tengigabitEthernet 0 configured FTOS#show ip interface configured FTOS#show ip interface tengigabitEthernet 1 configured FTOS#show interfaces - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 257
Interface Sampling Size To configure the number of seconds of traffic statistics to display 1 to 5 seconds, software polling is done at 5 sec interval. If you enter 6 to 10 sec, software polling is done at 10 sec interval. For any other value, software polling is done once every 15 seconds. So, for - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 258
www.dell.com | support.dell.com Figure 13-30 shows how to configure rate interval when changing the default value. Figure 13-30. Configuring Rate Interval Example FTOS#show interfaces TenGigabitEthernet 10/0 is down, line protocol is down Hardware is Dell Force10Eth, address is 00:01:e8:01:9e: - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 259
more than four counter-dependent applications on a port pipe, there is an impact on line rate performance. The following counter-dependent applications are supported by FTOS: • Egress VLAN • Ingress VLAN • Next Hop 2 • Next Hop 1 • Egress ACLs • ILM • IP FLOW • IP ACL • IP FIB • L2 ACL • L2 FIB - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 260
.dell.com | support.dell. channel followed by a number from 1 to 128. • For a 10-Gigabit Ethernet interface, enter the keyword TenGigabitEthernet followed by the slot/ source address (SA) drop counters when MAC learning limit is configured on the interface. When you enter this command, you must - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 261
The Dell Force10 operating software (FTOS) supports various IP addressing features. This chapter explains the basics of domain name service ( With VLSM, you can configure one network with different masks. Supernetting, which increases the number of subnets, is also supported. Subnetting occurs when - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 262
www.dell.com | support.dell.com Implementation Information In FTOS, you can configure any IP address as a static route except IP addresses already assigned to interfaces. Note: FTOS versions 7.7.1.0 and later support 31-bit subnet masks (/31, or 255.255.255.254) as defined by RFC 3021. This feature - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 263
Horizon is enabled Poison Reverse is disabled ICMP redirects are not sent ICMP unreachables are not sent FTOS# Configure Static Routes A static route is an IP address that is manually configured and not learned by a routing protocol, such as open shortest path first (OSPF). Often static routes are - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 264
dell.com | support.dell.com Command Syntax ip route ip-address mask {ip-address | interface [ip-address]} [distance] [permanent] [tag tag-value] Command Mode CONFIGURATION Purpose Configure Te 5/0 S 6.1.2.9/32 via 6.1.20.2, Te 5/0 S 6.1.2.10/32 via 6.1.20.2, Te 5/0 S 6.1.2.11/32 via 6.1.20 - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 265
. • When a recursive resolution is satisfied, FTOS re-installs the route. Configure Static Routes for the Management Interface When an IP address used by a protocol . This default setting provides some protection against denial of service (DOS) attacks. To enable FTOS to receive directed broadcasts - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 266
www.dell.com | support.dell.com Resolution of Host Names Domain name service (DNS) maps host names to following commands in CONFIGURATION mode: Command Syntax ip domain-lookup ip name-server ip-address [ip-address2 ... ip-address6] Command Mode CONFIGURATION CONFIGURATION Purpose Enable dynamic - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 267
. DNS with Traceroute To configure your switch to perform DNS with traceroute, use the following commands in CONFIGURATION mode. Command Syntax ip domain-lookup ip name-server ip-address [ip-address2 ... ip-address6] Command Mode CONFIGURATION CONFIGURATION Purpose Enable dynamic resolution of - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 268
www.dell.com | support.dell.com Command Syntax traceroute [host | ip-address ] Command Mode CONFIGURATION Purpose When you enter the traceroute command www.force10networks.com"...domain server (10.11.0.1) [OK] Type Ctrl-C to abort. Tracing the route to www.force10networks.com (10.11.84.18), - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 269
For a complete listing of all ARP-related commands, refer to the FTOS Command Line Reference Guide. Configure Static ARP Entries ARP dynamically maps MAC and IP addresses, and while most network host support dynamic mapping, you can configure an ARP entry (called a static ARP) for the ARP cache. To - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 270
www.dell.com | support.dell.com To view the static entries in the ARP cache, use the show arp static command in EXEC privilege mode (Figure 14-7). Figure 14-7. show arp static Command Example FTOS#show arp Protocol Address Age(min) Hardware Address Interface VLAN CPU Internet 10.11.68.14 - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 271
number from 1 to 128. • For a 10-Gigabit Ethernet interface, enter the keyword TenGigabitEthernet followed address conflicts • inform switches of their presence on a port so that packets can be forwarded • update the ARP table of command in CONFIGURATION mode: Task Enable ARP learning via gratuitous - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 272
www.dell.com | support.dell.com ARP Learning via ARP Request In FTOS versions prior the system does not look up the Target IP. It only updates the ARP entry for the Layer 3 interface with the source IP of the request. Configurable ARP Retries Beginning with FTOS version 8.3.1.0, the number of ARP - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 273
seconds. On the MXL switch platform, with FTOS version 8.3.8.0 and later, the time between ARP re-send is configurable. This timer is an of problems in a particular packet. These messages are sent only on unicast traffic. Configuration Task List for ICMP Use the following steps to configure ICMP: - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 274
) server per the ip helper-address configuration whether or not the UDP port list contains those ports. • If the UDP port list contains ports 67 or 68, UDP broadcast traffic is forwarded on those ports. Enabling UDP Helper To enable UDP helper, use the ip udp-helper udp-ports command (Figure 14-10 - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 275
the destination address because the forwarding process is Layer 2. 2. If you enable UDP helper, the system changes the destination IP address to the configured broadcast address 1.1.255.255 and forwards the packet to VLAN 100. 3. Packet 2 is also forwarded to the ingress interface with an unchanged - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 276
www.dell.com | support.dell.com Figure 14-12. UDP helper with All Broadcast Addresses Packet 1 Destination Address: 255.255.255.255 VLAN 100 IP address: 1.1.0.1/24 Subnet broadcast address: 1.1.0.255 Configured broadcast address: 1.1.255.255 Hosts on VLAN 100: 1.1.0.2, 1.1.0.3, 1.1.0.4 1/1 1/2 - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 277
2 Switched Packet Destination Address: 1.1.255.255 1/3 VLAN 101 IP address: 1.11.1/24 Subnet broadcast address: 1.1.1.255 Configured broadcast any interface, the unaltered packet is routed to the matching interfaces. Troubleshooting UDP Helper To display debugging information, use the debug ip udp - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 278
www.dell.com | support.dell.com Figure 14-16. Debugging IP Helper with UDP Helper Packet 0.0.0.0:68 -> 255.255.255.255:67 TTL 128 2005-11-05 11:59:35 % - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 279
15 iSCSI Optimization iSCSI optimization is supported on the MXL 10/40GbE Switch. This chapter describes how to configure internet small computer system interface (iSCSI) optimization, which enables quality-of-service (QoS) treatment for iSCSI traffic. The topics covered in this chapter include: • - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 280
TLVs are supported. Figure 15-1 shows iSCSI optimization between servers and a storage array in which a stack of three MXL Switches connect installed servers (iSCSI initiators) to a storage array (iSCSI targets) in a SAN network. iSCSI optimization running on the master MXL switch is configured to - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 281
from these ports as iSCSI traffic. You can configure the switch to monitor traffic for additional port numbers or a combination of port number and target IP address, and you can remove the well-known port numbers from monitoring. Application of Quality of Service to iSCSI Traffic Flows The iSCSI CoS - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 282
on the interface identified by LLDP. Detection and Port Configuration for Dell Compellent Arrays MXL Switches support the iscsi profile-compellent command to configure a port connected to a Dell Compellent storage array. The command configures a port for the best iSCSI traffic conditions and must - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 283
control and spanning tree port-fast on the port of detection. You can reconfigure any of the auto-provisioned configuration settings that result when you enable iSCSI on a switch. When you disable the iSCSI feature, iSCSI resources are released and the detection of EqualLogic arrays using LLDP is - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 284
: user-configurable. Not configured. 10 minutes iSCSI well-known ports 3260 and 860 are configured as default (with no IP address or name) but can be removed as any other configured target. iSCSI Optimization Prerequisites • iSCSI optimization requires that you enable LLDP on the switch. LLDP is - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 285
which the iSCSI target listens to requests. You can configure up to 16 target TCP ports on the switch in one command or multiple commands. Default: 860, dscp dscp-value [remark]} CONFIGURATION Set the aging time for iSCSI sessions. Valid values: 5 to 43,200 minutes. Default: 10 minutes. [no] iscsi - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 286
www.dell.com | support.dell.com Step 5 6 7 8 Task (Optional) Configures DCBX to send iSCSI TLV advertisements. You can configure iSCSI TLVs to be sent either globally or on a specified interface. The interface configuration takes priority over global configuration. Default: Enabled. (Optional) - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 287
:00:09:34(DD:HH:MM:SS) ISID:806978696102 Initiator Initiator Target Target Connection IP Address TCP Port IP Address TCPPort ID 10.10.0.44 33345 10.10.0.101 3260 0 Session 1 : Target:iqn.2010-11.com.ixia:ixload:iscsi-TG1 Initiator:iqn.2010-11.com.ixia.ixload:initiator-iscsi-35 - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 288
286 | iSCSI Optimization www.dell.com | support.dell.com - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 289
to Dynamic LAGs and LACP • LACP Configuration Tasks • Shared LAG State Tracking • LACP Basic Configuration Example Introduction to Dynamic LAGs and LACP A link aggregation group (LAG), referred to as a port channel by the Dell Force10 operating software (FTOS), provides both load-sharing - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 290
www.dell.com | support.dell.com Important Points to Remember • LACP allows you to add more information, refer to MTU Size on an Interface. LACP Modes FTOS provides the following three modes for configuration of LACP: • Off-In this state, an interface is not capable of being part of a dynamic - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 291
with compatible LACP modes (Off, Active, Passive), LACP can automatically link them, as defined in IEEE 802.3, Section 43. The following commands configure LACP: Command Syntax [no] lacp system-priority priority-value [no] port-channel-protocol lacp [no] port-channel number mode [active | passive - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 292
www.dell.com | support.dell.com The LAG is in the default VLAN. To place the LAG into a non-default VLAN, use the tagged command on the LAG (Figure 16-2): Figure 16-2. Placing a LAG into a Non-default VLAN FTOS(conf)#interface vlan 10 FTOS(conf-if-vl-10)#tagged port-channel 32 Configure the LAG - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 293
- Receiver is in expired state, P - Receiver is not in expired state Port TenGig 10/6 is enabled, LACP is enabled and mode is lacp Actor Admin: State ADEHJLMP Key 1 | [interface [in | out]]]] Purpose Debug LACP, including configuration and events. Link Aggregation Control Protocol (LACP) | 291 - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 294
www.dell.com | support.dell.com Shared LAG State Tracking Shared LAG state tracking provides the 2 into a single entity, called a failover group. Configure Shared LAG State Tracking To configure shared LAG state tracking, you must first configure a failover group. Follow these steps: Step 1 2 - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 295
FTOS#config FTOS(conf)#port-channel failover-group FTOS(conf-po-failover-grp)#group 1 port-channel 1 port-channel 2 To view the failover group configuration, use the show running-configuration po-failover-group command (Figure 16-7). Figure 16-7. Viewing Shared LAG State Tracking in the Running - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 296
www.dell.com | support.dell.com To view the status of a failover group member, use the members may still be in the up state. LACP Basic Configuration Example The screenshots in this section are based on the example topology shown in Figure 16-10. Two routers are named ALPHA and BRAVO, and their - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 297
16-10. LACP Sample Topology Configuring a LAG on ALPHA Figure 16-11 shows creating a LAG (ALPHA). Figure 16-11. Creating a LAG on ALPHA Alpha(conf)#interface port-channel 10 Alpha(conf-if-po-10)#no ip address Alpha(conf-if-po-10)#switchport Alpha(conf-if-po-10)#no shutdown Alpha(conf-if-po-10)#show - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 298
www.dell.com | support.dell.com Figure 16-12 shows the LAG port configuration (ALPHA). Figure 16-12. Inspecting a LAG Port Configuration on ALPHA 296 | Link Aggregation Control Protocol (LACP) - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 299
Figure 16-13 shows inspecting the LAG 10 configuration (ALPHA). Figure 16-13. Inspecting Configuration of LAG 10 on ALPHA Link Aggregation Control Protocol (LACP) | 297 - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 300
www.dell.com | support.dell.com To Verify LAG 10 Status on ALPHA, use the show lacp command (Figure 16-13). Figure 16-14. show lacp Command Example 298 | Link Aggregation Control Protocol (LACP) - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 301
ALPHA Figure 16-15 shows the summary of the configuration (ALPHA) Figure 16-15. Summary of the Configuration on ALPHA Alpha(conf-if-po-10)#int tengig 2/31 Alpha(conf-if-te-2/31)#no ip address Alpha(conf-if-te-2/31)#no switchport Alpha(conf-if-te-2/31)#shutdown Alpha( - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 302
www.dell.com | support.dell.com Summary of the Configuration on BRAVO Figure 16-16 shows the summary of the configuration (BRAVO). Figure 16-16. Summary of the Configuration on BRAVO Bravo(conf-if-te-3/21)#int port-channel 10 Bravo(conf-if-po-10)#no ip add Bravo(conf-if-po-10)#switch Bravo(conf-if- - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 303
To inspect a LAG port on BRAVO, use the show interface command (Figure 16-17). Figure 16-17. Inspect the LAG Port on BRAVO Link Aggregation Control Protocol (LACP) | 301 - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 304
www.dell.com | support.dell.com To inspect the LAG, use the show interfaces port-channel command (Figure 16-18). Figure 16-18. show interfaces port-channel Command Example to inspect LAG 10 To inspect the LAG status, use the show lacp command (Figure 16-19). 302 | Link Aggregation Control Protocol - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 305
Figure 16-19. show lacp Command Example to Inspect LAG status Link Aggregation Control Protocol (LACP) | 303 - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 306
www.dell.com | support.dell.com 304 | Link Aggregation Control Protocol (LACP) - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 307
Dell Force10 operating system (FTOS) provides the following management activities for the MAC address table: • Clear the MAC Address Table • Set the Aging Time for Dynamic Entries • Configure any dynamic entry, if no packet arrives on the switch with the MAC address as the source or destination - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 308
.dell.com To set the aging time for dynamic entries, use the following commands: Task Command Syntax Disable MAC address aging for all dynamic mac-address-table aging-time 0 entries. Specify an aging time. mac-address-table aging-time seconds Range: 10-1000000 Command Mode CONFIGURATION - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 309
the limit is reached, the system drops all traffic from a device with an unlearned MAC address. FTOS Behavior: When configuring the MAC learning limit on a port, the configuration is accepted (becomes part of the running-config and show mac learning-limit interface) before the system verifies that - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 310
www.dell.com | support.dell.com MAC Learning Limit Dynamic The MAC address table is stored created before this option is set are not affected. FTOS Behavior: If you do not configure the dynamic option, the MXL Switch does not detect station moves in which a MAC address learnt off of a MAC-limited - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 311
CONFIGURATION Recovering from Learning Limit and Station Move Violations After a learning-limit or station-move violation shuts down an interface, you must manually multiple network interface cards in a server to be represented by one MAC fails, traffic switches to the secondary NIC, because they are - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 312
be "moved". To ensure that this happens, you must configure the mac-address-table station-move refresh-arp command on the Dell Force10 switch at the time that NIC teaming is being configured on the server. Note: If you do not configure this command, traffic continues to be forwarded to the failed - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 313
is the number of times a station move must be detected in a single interval in order to trigger a system log message. For example, if you configure mac-address-table station-move threshold 2 time-interval 5000, and 4 station moves occur in 5000ms, two log messages are generated. Layer 2 | 311 - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 314
312 | Layer 2 www.dell.com | support.dell.com - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 315
TLV. • Type-the kind of information included in the TLV • Length-the value, in octets, of the TLV after the Length field • Value-the configuration information that the agent is advertising Figure 18-1. Type, Length, Value (TLV) Segment TLV Header TLV Type (1-127) 7 bits TLV Length Value 9 bits - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 316
types are mandatory in the construction of an LLDPDU except Optional TLVs. You can configure the inclusion of individual Optional TLVs. Table 18-1. Type, Length, Value (TLV) of LLDPDU fnC0047mp Optional TLVs The Dell Force10 operating software (FTOS) supports the following optional TLVs: • - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 317
a basic part of LLDP; the IEEE OUI is 00-80-C2. You can configure the Dell Force10 system to advertise any or all of these TLVs. Table 18-2. Optional TLV Types does not currently support this TLV. IEEE 802.1 Organizationally Specific TLVs 127 Port-VLAN ID On Dell Force10 systems, indicates the - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 318
auto-negotiation. This TLV is not available in the FTOS implementation of LLDP, but is available and mandatory (non-configurable) in the LLDP-MED implementation. 127 Power via MDI Dell Force10 supports the LLDP-MED protocol, which recommends that Power via MDI TLV is not implemented, and therefore - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 319
Services ELIN Indicates power requirements, priority, and power status Implementation of this set of TLVs is optional in LLDP-MED devices. None or all TLVs must be supported. FTOS does not currently support these TLVs. Indicates the hardware revision of the LLDP-MED device. Indicates the firmware - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 320
of the LLDP-MED Device Type is listed in Table 18-5. The Dell Force10 system is a Network Connectivity device, which is Type 4. When you Identification Extended Power via MDI-PSE Extended Power via MDI-PD Inventory reserved FTOS Support Yes Yes Yes Yes No No No Table 18-5. LLDP-MED Device Types - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 321
packets for which a connection is made. In this case, configure the signaling application. Table 18-6. Network Policy Applications Type Application for dedicated IP telephony handsets and other appliances supporting interactive voice services. Specify this application type only if voice control - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 322
www.dell.com | support.dell.com Figure 18-5. LLDP-MED Policies TLV TLV Type (127) TLV Length (8) power inline auto | static command. Dell Force10 also honors the power value (power requirement) sent by the powered device when the port is configured for power inline auto. Figure 18-6. - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 323
LLDP Agents • Configuring LLDPDU Intervals • Configuring Transmit and Receive Mode • Configuring a Time to Live • Debugging LLDP Important Points to Remember • LLDP is disabled by default. • Dell Force10 systems support up to eight neighbors per interface. • Dell Force10 systems support a maximum of - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 324
www.dell.com | support.dell.com Figure 18-7. Configuration and Interface mode LLDP Commands R1(conf)#protocol lldp R1(conf-lldp)#? advertise Advertise TLVs dcbx Configure Dcbx Parameters disable Disable LLDP protocol globally end Exit from configuration mode exit Exit from LLDP - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 325
an interface, only the interface sends LLDPDUs with the specified TLVs. If you configure LLDP both globally and at interface level, the interface-level configuration overrides the global configuration. To advertise TLVs, follow these steps: Step 1 2 Task Enter LLDP mode. Command protocol - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 326
www.dell.com | support.dell.com In Figure 18-8, LLDP is enabled globally. R1 and R2 are transmitting periodic LLDPDUs that contain management, 802.1, and 802.3 TLVs. Figure 18-8. Configuring LLDP Viewing the LLDP Configuration To display the LLDP configuration, use the show config command in either - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 327
Figure 18-10. Viewing LLDP Interface Configurations R1(conf-lldp)#exit R1(conf)#interface tengigabitethernet 1/31 R1(conf-if-te-1/31)#show config ! interface TenGigabitEthernet 1/31 no ip address ! no shutdown R1( - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 328
www.dell.com | support.dell.com Figure 18-12. Viewing All Information Advertised by Adjacent LLDP Agent FTOS#show lldp neighbors detail Local Interface Te 0/2 has 1 neighbor Total Frames Out: - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 329
LLDPDUs are transmitted periodically; the default interval is 30 seconds. To configure a non-default transmit interval-at CONFIGURATION level or INTERFACE level-use the hello command (Figure 18-13). Figure 18-13. Configuring LLDPDU Transmit and Receive Mode R1(conf)#protocol lldp R1(conf-lldp - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 330
www.dell.com | support.dell.com Configuring Transmit and Receive Mode After you enable LLDP, Dell Force10 systems transmit and receive LLDPDUs by default. You can configure the system-at CONFIGURATION level or INTERFACE level-to transmit only by executing the mode tx command, or receive only by - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 331
, use the no multiplier command (Figure 18-15). Figure 18-15. Configuring LLDPDU Time to Live R1(conf-lldp)#show config ! protocol lldp advertise system-capabilities system-description no disable R1(conf-lldp)#multiplier ? Multiplier (default=4) R1(conf-lldp)#multiplier 5 R1(conf- - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 332
www.dell.com | support.dell.com Debugging LLDP The debug lldp command allows you to view the TLVs that your system is sending and receiving. • Use the debug lldp brief - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 333
and transmitted TLVs. • Table 18-8 lists the objects associated with the LLDP configuration on the local agent. • Table 18-9 lists the objects associated with IEEE 802.1AB Organizationally Specific TLVs. • Table 18-10 lists the objects associated with received and transmitted LLDP-MED TLVs. Link - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 334
www.dell.com | support.dell.com Table 18-7. LLDP Configuration MIB Objects MIB Object Category LLDP Variable LLDP MIB Object Description LLDP Configuration Basic TLV Selection LLDP Statistics adminStatus lldpPortConfigAdminStatus Whether the local LLDP agent is enabled for transmit, receive, - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 335
Table 18-8. LLDP System MIB Objects TLV Type TLV Name 2 Port ID TLV Variable port subtype port ID 4 Port Description port description 5 System Name system name 6 System Description system description 7 System Capabilities system capabilities 8 Management Address enabled capabilities - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 336
dell.com | support.dell.com Table 18-9. LLDP 802.1 Organizationally Specific TLV MIB Objects TLV Type TLV Name 127 Port and Protocol VLAN ID 127 VLAN Name TLV Variable System port and protocol VLAN supported lldpXdot1LocVlanName lldpXdot1RemVlanName Table 18-10. LLDP-MED System MIB - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 337
Table 18-10. LLDP-MED System MIB Objects TLV Sub-Type TLV Name 2 Network Policy TLV Variable Application Type Unknown Policy Flag Tagged Flag VLAN ID L2 Priority - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 338
www.dell.com | support.dell.com Table 18-10. LLDP-MED System MIB Objects TLV Sub-Type TLV Name 4 Extended Power via MDI TLV Variable Power Device Type Power Source Power Priority Power Value - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 339
19 Multiple Spanning Tree Protocol (MSTP) Overview Multiple spanning tree protocol (MSTP)-specified in IEEE 802.1Q-2003-is an rapid spanning tree protocol (RSTP)-based spanning tree variation that improves on PVST+. MSTP allows multiple spanning tree instances and allows you to map many virtual - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 340
STP and RSTP. • FTOS supports only one MSTP region. • When you enable MSTP, all ports in Layer 2 mode participate in MSTP. • On the MXL Switch, you can configure 64 MSTIs including the default instance 0 (CIST). Configure Multiple Spanning Tree Protocol Configuring Multiple Spanning Tree is a four - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 341
MSTP, follow these steps: Step 1 2 Task Enter PROTOCOL MSTP mode. Enable MSTP. Command Syntax protocol spanning-tree mstp no disable Command Mode CONFIGURATION PROTOCOL MSTP To verify that MSTP is enabled, use the show config command from PROTOCOL MSTP mode (Figure 19-2). Figure 19-2. Verifying - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 342
www.dell.com | support.dell.com Figure 19-3. Mapping VLANs to MSTI Instances FTOS(conf)#protocol age 20, forward delay 15, max hops 19 Bridge Identifier has priority 32768, Address 0001.e80d.b6d6 Configured hello time 2, max age 20, forward delay 15, max hops 20 Current root has priority 32768, - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 343
bridge-priority priority PROTOCOL MSTP The simple configuration (Figure 19-1) by default yields the conf-mstp)# Interoperate with Non-FTOS Bridges FTOS supports only one MSTP region. A region is a for the name and revision matches on all Dell Force10 FTOS equipment. If you have non-FTOS equipment - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 344
www.dell.com | support.dell.com To change the region name or revision, use the configuration information before it refreshes that information by recomputing the MST topology. • Max-hops is the maximum number of hops a BPDU can travel before a receiving switch discards it. Note: Dell Force10 - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 345
Task Change the hello-time parameter. Note: With large configurations (especially those with more ports) Dell Force10 recommends that you increase the hello-time. Range: 1 to 10 Default: 2 seconds Change the max-age parameter. Range: 6 to 40 Default: 20 seconds Change the max-hops parameter. Range: - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 346
www.dell.com | support.dell.com Figure 19-8. BPDU Filtering enabled globally Task Enable BPDU Port Cost 1000-Mb/s Ethernet interfaces 40-Gigabit Ethernet interfaces 10-Gigabit Ethernet interfaces Port Channel with one 10-Gigabit Ethernet interface Port Channel with one 40-Gigabit Ethernet interface - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 347
Port Cost Values Port Cost Port Channel with two 10-Gigabit Ethernet interfaces Port Channel with two 40-Gigabit the BPDU violation. This feature is the same as PortFast mode in Spanning Tree. Caution: Configure EdgePort only on links connecting to an end station. EdgePort can cause loops if you - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 348
www.dell.com | support.dell.com To verify that EdgePort is enabled on a port, Configurations The running-configurations in Figure 19-11, Figure 19-12, and Figure 19-13 support the topology shown in Figure 19-10. The configurations are from FTOS systems. An MXL Switch system using FTOS, configured - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 349
Figure 19-10. MSTP with Three VLANs Mapped to Two Spanning Tree Instances root R1 R2 1/2 Forwarding 2/1 1/3 2/3 Blocking 3/1 3/2 R3 Figure 19-11. Router 1 Running-configuration protocol spanning-tree mstp no disable name Tahiti revision 123 MSTI 1 VLAN 100 MSTI 2 VLAN 200,300 ! interface - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 350
www.dell.com | support.dell.com Figure 19-12. Router 2 Running-configuration protocol spanning-tree mstp no disable name Tahiti revision 123 MSTI 1 VLAN 100 MSTI 2 VLAN 200,300 ! interface TenGigabitEthernet 2/11 no ip address switchport no - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 351
Figure 19-13. Router 3 Running-configuration protocol spanning-tree mstp no disable name Tahiti revision 123 MSTI 1 VLAN 100 MSTI 2 VLAN 200,300 ! interface TenGigabitEthernet 3/11 no ip address switchport no - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 352
www.dell.com | support.dell.com Figure 19-14. FTOS Example Running-Configuration spanning-tree spanning-tree configuration name Tahiti spanning-tree configuration revision 123 spanning-tree MSTi instance 1 spanning-tree MSTi vlan 1 100 spanning-tree MSTi instance 2 spanning-tree MSTi vlan 2 200 - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 353
packets are coming from a "Different Region" (Figure 19-18)? If so, one of the key parameters is not matching. • MSTP Region Name and Revision • The configured name and revisions must be identical among all the routers. • Is the Region name blank? That may mean that a name was - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 354
www.dell.com | support.dell.com • MSTP Instances. • Use the show commands to verify the VLAN to MSTP instance mapping. • Are there "extra" MSTP Instances in the Sending or Received logs? That may mean that an additional MSTP instance was configured on one router but not the others. Figure 19-16. - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 355
Figure 19-18. Displaying BPDUs and Events - Debug Log of Unsuccessful MSTP Configuration 4w0d4h : MSTP: Received BPDU on TenGig 2/21 : ProtId: 0, Ver: 3, Bpdu Type: MSTP, Flags 0x78Different Region CIST Root Bridge Id: 32768:0001.e806.953e, Ext Path - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 356
www.dell.com | support.dell.com 354 | Multiple Spanning Tree Protocol (MSTP) - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 357
-2328 Compliant OSPF Flooding • OSPF ACK Packing • OSPF Adjacency with Cisco Routers • Configuration Information • Configuration Task List for OSPFv2 (OSPF for IPv4) • Troubleshooting OSPFv2 • Sample Configurations for OSPFv2 OSPF protocol standards are listed in the Chapter 40, Standards Compliance - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 358
www.dell.com | support.dell.com Autonomous System (AS) Areas OSPF operates in a type of hierarchy. The largest entity within the hierarchy is the AS, which is a collection of networks - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 359
receive information from inter-area (IA) routes. Note that you must configure all routers within an assigned stub area as stubby so that they do address. However, Dell Force10 recommends that the router ID and the router's IP address reflect each other, to make troubleshooting easier. Open Shortest - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 360
www.dell.com | support.dell.com Figure 20-2 shows some examples of the different router designations. Figure 20-2. OSPF Routing Examples Router E Router F Interior Router Router M Interior Router Router K Router L - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 361
allow a reduction in network traffic and in the size of the topological database. • The DR maintains a complete topology table of the network and sends the updates to the other routers using multicast. All routers in an area form a slave/master relationship with the DR. Every time a router sends an - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 362
www.dell.com | support.dell.com These router designations are not the same as the router IDs described earlier. The DR and BDR are configurable in topology to all other local routers in the same area. The LSA types supported by Dell Force10 are defined as follows: • Type 1 - Router LSA • The router - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 363
the start-interval timer and the cycle begins again. When you configure the LSA throttle timers, syslog messages appear, indicating the interval times Mar 15 09:46:00: %STKUNIT0-M:CP %OSPF-4-LSA_BACKOFF: OSPF Process 10,Router lsa id 2.2.2.2 router-id 2.2.2.2 is backed off to transmit after 45000ms - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 364
www.dell.com | support.dell.com Figure 20 supports up to 10,000 OSPF routes. Within that 10,000, you can designate up to 8,000 routes as external and up to 2,000 designated as inter/intra area routes. FTOS version 7.8.1.0 and later supports multiple OSPF processes (OSPF MP). The MXL Switch supports - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 365
The faster the convergence, the more frequent the route calculations and updates. This impacts CPU utilization and may impact adjacency stability in larger domains, and creating smaller domains for easier management. • The MXL Switch supports up to 16 OSPFv2 processes. Each OSPFv2 process has a - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 366
www.dell.com | support.dell.com If you require the RFC 2328 flooding behavior, enable it by using the flood-2328 command in ROUTER OSPF mode. When you enable RFC 2328 flooding, this command configures FTOS to flood LSAs on all interfaces. To confirm RFC 2328 flooding behavior, use debug ip ospf - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 367
routers, manually set the dead interval of the Dell Force10 router to match the Cisco configuration. Use up Internet Address 20.0.0.1/24, Area 0 Process ID 10, Router ID 1.1.1.2, Network Type BROADCAST, Cost: go to www.force10networks.com/ support. Configuration Information The interfaces must be in - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 368
www.dell.com | support.dell.com To assign OSPF features and functions to each router, use the CONFIG-INTERFACE commands for each interface. Note: By default, OSPF is disabled. Configuration Task List for OSPFv2 (OSPF for IPv4) Configuration takes three steps: 1. Configure a physical interface. - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 369
Error: No router ID available. In CONFIGURATION ROUTER OSPF mode, assign the router ID. The router ID is not required to be the router's IP address. Dell Force10 recommends using the IP address as the router ID for easier management and troubleshooting. Command Syntax router-id ip address Command - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 370
allows multiple OSPFv2 processes on a single router. The following list shows the number of processes supported on each platform type. • The MXL Switch supports up to 16 OSPFv2 processes. When configuring a single OSPF process, follow the same steps described above. Repeat them as often as necessary - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 371
In CONFIGURATION ROUTER OSPF mode, assign the Router ID. The Router ID is not required to be the router's IP address. For easier management and troubleshooting, Dell Force10 recommends using the IP address as the Router ID. Command Syntax router-id ip address Command Mode Usage CONFIG-ROUTER- - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 372
1.2.3.4/24 area 0 FTOS(conf-router_ospf-1)#network 10.10.10.10/24 area 1 FTOS(conf-router_ospf-1)#network Dell Force10 recommends that the OSPFv2 Router ID be the interface IP addresses for easier management and troubleshooting. To view the configuration, use the show config command in CONFIGURATION - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 373
) Loopback 0 is up, line protocol is up Internet Address 10.168.253.2/32, Area 0.0.0.1 Process ID 1, Router ID 10.168.253.2, Network Type LOOPBACK, Cost: 1 Loopback interface is treated as a stub Host. FTOS# Configure Stub Areas OSPF supports different types of LSAs to help reduce the amount of - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 374
.dell.com | support.dell 10.1.2.100) (Process ID 34) Area ID 2.2.2.2 3.3.3.3 FTOS# Router 1 1 Network S-Net 0 0 0 0 S-ASBR Type-7 0 0 0 0 Subtotal 1 1 To view information on areas, use the show ip ospf process-id command in EXEC Privilege mode. Configure LSA Throttling Timers Configured - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 375
port-channel followed by a number from 1 to 128 • For a 10-Gigabit Ethernet interface, enter the keyword TenGigabitEthernet followed by the slot/port information configured. To enable both receiving and sending routing updates, use the no passive-interface interface command. When you configure - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 376
Designated Router (ID) 10.1.2.100, Interface address 10.1.3.100 Backup Designated Router (ID) 0.0.0.0, Interface address 0.0.0.0 Timer intervals configured, Hello 10, Dead 40, Wait only be selected following consultation with Dell Force10 technical support. 374 | Open Shortest Path First (OSPFv2) - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 377
conf-router_ospf-1)#ex FTOS#(conf)#ex FTOS##show ip ospf 1 Routing Process ospf 1 with ID 192.168.67.2 Supports only single TOS (TOS0) routes SPF schedule delay 5 secs, Hold time between two SPFs 10 secs Convergence Level 0 Min LSA origination 0 msec, Min LSA arrival 1000 msec Min LSA hold time 5000 - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 378
dell.com | support.dell.com To change OSPFv2 parameters on the interfaces, use any or all of the following commands in CONFIGURATION from 1 to 65535 (default is 10 seconds). The hello interval must be Change the wait period between the link state update packets sent out the interface. Seconds range - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 379
, Cost: 45 Transmit Delay is 1 sec, State DR, Priority 1 Designated Router (ID) 10.1.2.100, Interface address 10.1.2.100 Backup Designated Router (ID) 10.1.2.100, Interface address 0.0.0.0 Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5 Hello due in 00:00:06 Neighbor Count is - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 380
www.dell.com | support.dell.com Filter Routes To filter routes, use prefix lists. OSPF applies prefix lists to incoming or outgoing routes. Incoming routes must meet the conditions of the prefix lists, and if they do not, OSPF does not add the route to the routing table. Configure the prefix list - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 381
the current OSPF configuration, use the show running-config ospf command in EXEC mode or the show config command in ROUTER OSPF mode. Figure 20-17. show config Command Example FTOS(conf-router_ospf)#show config ! router ospf 34 network 10.1.2.32 0.0.0.255 area 2.2.2.2 network 10.1.3.24 0.0.0.255 - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 382
www.dell.com | support.dell.com Troubleshooting OSPFv2 FTOS has several tools to make troubleshooting easier. Be sure to check the following, as these are typical issues that interrupt an OSPFv2 process. This is not a comprehensive list, just some examples of typical troubleshooting checks: • Has - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 383
mib-binding ! router ospf 8 ! default-information originate always router-id 10.10.10.10 FTOS# To get general route and links status information, use the following summary information for the OSPF database To view the OSPFv2 configuration for a neighboring router, use the following command in EXEC - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 384
www.dell.com | support.dell.com To configure the debugging options of an OSPFv2 process, use the following command in EXEC Privilege mode. Command Syntax debug ip ospf process-id [event | packet | spf | - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 385
12.0/24 area 0 network 192.168.100.0/24 area 0 ! interface TenGigabitEthernet 1/1 ip address 10.1.11.1/24 no shutdown ! interface TenGigabitEthernet 1/2 ip address 10.2.12.2/24 no shutdown ! interface Loopback 10 ip address 192.168.100.100/24 no shutdown router ospf 33333 network 192.168.100.0/24 - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 386
www.dell.com | support.dell.com 384 | Open Shortest Path First (OSPFv2) - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 387
) and port-channel interfaces do not support port monitoring. • The monitored (source, MD) and monitoring ports (destination, MG) must be on the same switch. • In general, a monitoring port should have no ip address and no shutdown as the only configuration; FTOS permits a limited set of commands - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 388
session is four per port-pipe. Port Monitoring The MXL 10/40GbE Switch supports multiple source-destination statements in a monitor session, but example, 0/4). If you attempt to configure another destination, Message 3 appears. However, you can configure another monitoring session that uses one of - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 389
-3. Number of Monitoring Ports FTOS(conf-mon-sess-300)#do show mon session SessionID Source Destination --------- ------ ----------- 0 TenGig 0/13 TenGig 0/1 10 TenGig 0/14 TenGig 0/2 20 TenGig 0/15 TenGig 0/3 30 TenGig 0/16 TenGig 0/37 100 TenGig 0/25 TenGig 0/38 110 TenGig - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 390
dell.com | support.dell.com FTOS Behavior: All monitored frames are tagged if the configured MXL 10/40GbE Switch continues to mirror outgoing traffic even after an MD participating in Spanning Tree Protocol (STP) transitions from the forwarding to blocking. Configuring Port Monitoring To configure - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 391
)# In Figure 21-5, the host and server are exchanging traffic which passes through interface tengigabitethernet 1/1. Interface tengigabitethernet 1/1 is the monitored port and tengigabitethernet 1/2 is the monitoring port, which is configured to only monitor traffic received on tengigabitethernet - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 392
390 | Port Monitoring www.dell.com | support.dell.com - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 393
Reference Guide. This chapter contains the following sections: • Private VLAN Concepts • Private VLAN Commands • Private VLAN Configuration Task List • Private VLAN Configuration Example • Inspecting the Private VLAN Configuration Private VLANs (PVLANs) extend the Dell Force10 operating software - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 394
www.dell.com | support.dell.com Private VLAN Concepts The VLAN types in a PVLAN include: Community in the primary VLAN. • An isolated VLAN can only contain ports configured as host. Primary VLAN-the base VLAN of a private VLAN: • A switch can have one or more primary VLANs, or none. • A primary - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 395
, refer to Layer 2. Private VLAN Commands The commands dedicated to supporting the PVLANs feature are: Table 22-1. Private VLAN Commands Task Command Routing Commands chapter in the FTOS Command Reference Guide. • show vlan: refer to the Layer 2 Commands chapter in the FTOS Command Reference - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 396
www.dell.com | support.dell.com Private VLAN Configuration Task List The following sections contain the procedures that configure a PVLAN: • Creating (inter-switch PVLAN hub port) For interface details, refer to Enable a Physical Interface in Interfaces. Note: Interfaces that are configured as - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 397
and isolated VLANs. To create a primary VLAN, follow these steps: Step Command Syntax Command Mode Purpose 1 interface vlan vlan-id 2 no shutdown CONFIGURATION Access INTERFACE VLAN mode for the VLAN you want to assign the PVLAN interfaces. INTERFACE VLAN Enable the VLAN. 3 private-vlan mode - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 398
www.dell.com | support.dell.com Creating a Community VLAN A community VLAN is a secondary VLAN of isolated VLAN, follow these steps: Step Command Syntax Command Mode Purpose 1 interface vlan vlan-id CONFIGURATION Access INTERFACE VLAN mode for the VLAN that you want to make an isolated VLAN. 2 - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 399
FTOS(conf-vlan-100)# untagged Te 2/2 Private VLAN Configuration Example Figure 22-3. Sample Private VLAN Topology The following configuration is based on the Figure 22-3: On MXL 10/40GbE Switch: • TenGig 0/0 and TenGig 0/23 are configured as promiscuous ports, assigned to the primary VLAN, VLAN - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 400
.dell.com | support.dell. same intra-switch communication characteristics as described above for the MXL 10/40GbE Switch. • For transmission between switches, tagged packets 25 in each switch). Inspecting the Private VLAN Configuration The standard methods of inspecting configurations also apply in - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 401
Reference Guide. • show vlan private-vlan [community | interface | isolated | primary | primary_vlan | interface interface]: Display the configured the primary-secondary VLAN mapping. Refer to the example output from the MXL Switch in Figure 22-4. • Two show commands revised to display PVLAN data - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 402
www.dell.com | support.dell.com Figure 22-6. running-config Command Example of PVLAN Configuration FTOS#show vlan ! interface TenGigabitEthernet 1/1 no ip address switchport switchport mode private-vlan promiscuous no keepalive no shutdown ! interface TenGigabitEthernet 1/2 no ip address switchport - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 403
Private VLANs (PVLAN) | 401 - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 404
402 | Private VLANs (PVLAN) www.dell.com | support.dell.com - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 405
Plus (PVST+) Overview Per-VLAN spanning tree plus (PVST+) is a variation of spanning tree-developed by a third party-that allows you to configure a separate spanning tree instance for each VLAN (Figure 23-1). For more information about spanning tree, refer to Spanning Tree Protocol (STP). Figure - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 406
the default costs. If you are using Dell Force10 systems in a multi-vendor network, verify that the costs are values you intended. • You can enable PVST+ on 255 VLANs. Configuring Per-VLAN Spanning Tree Plus Configuring PVST+ is a four-step process: 1. Configure interfaces for Layer 2. 2. Place the - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 407
by entering the show config command from PROTOCOL PVST context (Figure 23-2). Figure 23-2. Display the PVST+ Configuration FTOS(conf-pvst)#show config verbose ! protocol spanning-tree pvst no disable vlan 100 bridge-priority 4096 Influence PVST+ Root Selection In Figure 23-1, all - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 408
www.dell.com | support.dell.com Forwarding Figure 23-3. Load Balancing with PVST+ STI 2 root vlan 100 bridge value for bridge priority is elected root. Because all bridges use the default priority (until configured otherwise), the lowest MAC address is used as a tie-breaker. Assign bridges a low - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 409
32768, Address 001e.c9f1.00f3 Root Bridge hello time 2, max age 20, forward delay 15 Bridge Identifier has priority 32768, Address 001e.c9f1.00f3 Configured hello time 2, max age 20, forward delay 15 Bpdu filter disabled globally We are the root of VLAN 2 Current root has priority 32768, Address - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 410
: 4 to 30 • Default: 15 seconds Change the hello-time parameter. Note: With large configurations (especially those with more ports), Dell Force10 recommends that you increase the hello-time. Range: 1 to 10 Default: 2 seconds Change the max-age parameter. Range: 6 to 40 Default: 20 seconds Command - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 411
for port cost by interface. Table 23-2. PVST+ Default Port Cost Values Port Cost 1000-Mb/s Ethernet interfaces 10-Gigabit Ethernet interfaces 40-Gigabit Ethernet interfaces Port Channel with one 10-Gigabit Ethernet interface Port Channel with one 40-Gigabit Ethernet interface Port Channel with two - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 412
dell.com | support.dell.com Note: The FTOS implementation of PVST+ uses IEEE 802.1s costs as the default costs. Other implementations use IEEE 802.1d costs as the default costs. If you are using Dell Force10 PortFast mode in Spanning Tree. Caution: Configure EdgePort only on links connecting to an - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 413
tree (no spanning-tree in CONFIGURATION mode). PVST+ in Multi-vendor Networks Some non-Dell Force10 systems that have hybrid ports PVST+ to avoid potential misconfigurations. If you enable PVST+ on the Dell Force10 switch in this network, P1 and P2 receive BPDUs from each other. Ordinarily - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 414
www.dell.com | support.dell.com Figure 23-6. PVST+ with Extend System ID Task Command Syntax Command Mode Augment (priority 32768 sys-id-ext 5), Address 0001.e832.73f7 We are the root of Vlan 5 Configured hello time 2, max age 20, forward delay 15 ... 412 | Per-VLAN Spanning Tree Plus (PVST+) - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 415
Figure 23-7, Figure 23-8, and Figure 23-9 provide the running configurations for the topology shown in Figure 23-3. Figure 23-7. PVST+ Sample Configuration: R1 Running-Configuration interface TenGigabitEthernet 1/22 no ip address switchport no shutdown ! interface TenGigabitEthernet 1/32 - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 416
www.dell.com | support.dell.com Figure 23-8. PVST+ Sample Configuration: R2 Running-Configuration interface TenGigabitEthernet 2/12 no ip address switchport no shutdown ! interface TenGigabitEthernet 2/32 no ip address switchport no shutdown ! interface Vlan 100 no ip address tagged - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 417
queues. The MXL Switch traffic has four data queues per port. All queues are serviced using the DCB disabled when you wish to apply these features exclusively. Table 24-1. FTOS Support for Port-based, Policy-based, and Multicast QoS Features Feature Direction Port-Based QoS Configurations - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 418
www.dell.com | support.dell.com Table 24-1. FTOS Support for Port-based, Policy-based, and Multicast QoS Features Feature Direction Create an Input QoS Policy Configure Policy-Based Rate Policing Set a DSCP Ingress Egress Ingress + Egress Ingress Egress - Egress 416 | Quality of Service (QoS) - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 419
QoS Architecture Implementation Information The Dell Force10 QoS implementation complies with IEEE 802.1p User Priority Bits for QoS Indication. It also implements these Internet Engineering Task Force (IETF) documents: • RFC 2474, Definition of the Differentiated Services Field (DS Field) in the - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 420
you set a dot1p priority for a port-channel, all port-channel members are configured with the same value. You cannot assign a dot1p value to individual interfaces in a port-channel. FTOS Behavior: The MXL Switch distributes eight dot1p priorities across four data queues. Table 24-2. dot1p-priority - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 421
On the MXL Switch, you can configure service-class dynamic dot1p from CONFIGURATION mode, which applies the configuration to all interfaces. A CONFIGURATION mode service-class dynamic dot1p entry supersedes any INTERFACE entries. For more information, refer to Mapping dot1p Values to Service Queues. - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 422
dell.com | support.dell.com Configure Port-based Rate Shaping Rate shaping buffers, rather than drops, traffic that exceeds the specified rate until the buffer is exhausted. If any stream exceeds the configured Policy-Based QoS Configurations Policy-based QoS configurations consist of the components - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 423
Class maps differentiate traffic so that you can apply separate quality of service policies to each class. For both class maps, Layer 2 and Layer 3, FTOS matches packets against match criteria in the order that you configure them. Create a Layer 3 Class Map A Layer 3 class map differentiates ingress - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 424
.dell.com | support.dell.com match-all class map, use the class-map match-all command from CONFIGURATION mode, and enter the keyword layer2. 2. After you create a class- match criteria, link the class-map to a queue using the service-queue command from POLICY MAP mode. Determine the Order in Which - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 425
Layer 3 egress traffic. The regulation mechanisms for output QoS policies are rate shaping and weighted random early detection (WRED). Note: When changing a service-queue configuration in a QoS policy map, all QoS rules are deleted and re-added automatically to ensure that the order of the rules is - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 426
www.dell.com | support.dell.com 1. Create a Layer 3 input QoS policy using the qos-policy-input command from CONFIGURATION mode. Create a Layer of the queue to which you should apply the QoS policy (using the command service-queue from POLICY-MAP-IN mode). Create an Output QoS Policy To create an - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 427
then 1% of the bandwidth is derived for unassigned queues from assigned queues. Configure a Scheduler to Queue By default, the MXL Switch schedules packets for egress based on weighted round robin (WRR). Note that Ingress Packets • Fall Back to trust diffserve or dot1p Quality of Service (QoS) | 425 - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 428
dell.com | support.dell.com 3. Apply the input policy map to an interface. Apply a Class-Map or Input QoS Policy to a Queue To assign an input QoS policy to a queue, use the service which queues FTOS maps the DSCP values. When you configure trust DSCP, the matched packets and matched bytes counters - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 429
more information, refer to Priority-Tagged Frames on the Default VLAN. Fall Back to trust diffserve or dot1p When using QoS service policies with multiple class maps, you can configure FTOS to use the incoming DSCP or dot1p marking as a secondary option for packet queuing in the event that no match - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 430
www.dell.com | support.dell.com Figure 24-10. Configuration Example ! policy-map-input input-policy service-queue 1 class-map qos-BE1 service-queue 3 class-map qos-AF3 service-queue 4 class-map qos-AF4 trust diffserv fallback ! class-map match-any qos-AF3 match ip dscp 24 match ip access-group qos- - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 431
modify a policy map after you apply it. • You cannot apply an input Layer 2 QoS policy on an interface you also configure with the vlan-stack access command. • If you apply a service policy that contains an ACL to more than one interface, FTOS uses ACL optimization to conserves CAM space. (See CAM - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 432
www.dell.com | support.dell.com Apply an Output Policy Map to an Interface To apply an output policy map to an interface, use the service-policy output with the no qos-rate-adjust parameter listed in the running-configuration. Task Command Syntax Include a specified number of bytes of packet - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 433
strict-priority to one unicast queue, 1 to 3, use the strict-priority command from CONFIGURATION mode. Strict-priority means that FTOS dequeues all packets from the assigned queue before servicing any other queues. • The strict-priority command supersedes the bandwidth-percentage command percentage - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 434
www.dell.com | support.dell.com Table 24-5. Pre-defined WRED Profiles expect DSCP of 111111, which is a Red packet and is always dropped). If you do not configure FTOS to honor DSCP values on ingress, all traffic defaults to green (refer to Honor DSCP 100 100 50 432 | Quality of Service (QoS) - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 435
Command Example FTOS#show qos statistics wred-profile Interface Te 0/20 Drop-statistic Green Yellow Out of Profile Dropped Pkts 11234 12484 0 FTOS# Quality of Service (QoS) | 433 - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 436
434 | Quality of Service (QoS) www.dell.com | support.dell.com - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 437
Information • Configuration Information • RIP Configuration Example RIP protocol every 30 seconds. If a router does not send an update within a certain amount of time, the hop count to routing table. This first RIP version does not support variable length subnet mask (VLSM) or classless inter-domain - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 438
. Another enhancement included in RIPv2 is multicasting for route updates on IP multicast address 224.0.0.9. Implementation Information The Dell Force10 operating software (FTOS) supports both versions of RIP and allows you to configure one version globally and the other version or both versions - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 439
Command Reference Guide. Enable RIP Globally By default, RIP is not enabled in FTOS. To enable RIP, use the following commands in sequence, starting in CONFIGURATION mode: Step -router_rip)#show config ! router rip network 10.0.0.0 FTOS(conf-router_rip)# Routing Information Protocol (RIP) | 437 - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 440
www.dell.com | support.dell.com When the RIP process has learned the RIP routes, 192.162.3.0/24 [120/1] via 29.10.10.12, 00:01:22, Fa 0/0 192.162.3.0/24 auto-summary To disable RIP globally, use the no router rip command in CONFIGURATION mode. Configure RIP on Interfaces When you enable RIP - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 441
or interfaces receive routing updates, you must configure a direct update to one router and configure interfaces to block RIP updates from other sources. To a specific router to exchange RIP information between it and the Dell Force10 system. You can use this command multiple times to exchange RIP - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 442
www.dell.com | support.dell.com To add routes from other routing instances or protocols, use 1 to 65535 • metric range: 0 to 16 • map-name: name of a configured route map. To view the current RIP configuration, use the show running-config command in EXEC mode or the show config command in ROUTER - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 443
Interface Recv Send TenGigabitEthernet 0/0 2 2 Routing for Networks: 10.0.0.0 Routing Information Sources: Gateway Distance Last Update Distance: (default is 120) FTOS# RIPv2 configured globally and on the interface. To configure the interfaces to send or receive different RIP versions - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 444
www.dell.com | support.dell.com The show ip protocols command example Figure 25-5 confirms that 1 2 Different RIP versions Routing for Networks: configured for this 10.0.0.0 interface Routing Information Sources: Gateway Distance Last Update Distance: (default is 120) FTOS# Generate - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 445
list access-list-name {in | out} offset [interface] Command Mode Purpose ROUTER RIP Apply a weight to all routes or a specific route and ACL. Configure the following parameters: • weight range: 1 to 255 (default is 120) • ip-address mask: the IP address in dotted decimal format (A.B.C.D), and the - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 446
www.dell.com | support.dell.com To view configuration changes, use the show config command in ROUTER disable RIP, use the no debug ip rip command. RIP Configuration Example The example in this section shows the command sequence to configure RIPv2 on the two routers shown in Figure 25-7-"Core 2" and - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 447
on Core 2 Figure 25-8. Configuring RIPv2 on Core 2 Core2(conf-if-te-2/31)# Core2(conf-if-te-2/31)#router rip Core2(conf-router_rip)#ver 2 Core2(conf-router_rip)#network 10.200.10.0 Core2(conf-router_rip)#network 10.300.10.0 Core2(conf-router_rip)#network 10.11.10.0 Core2(conf-router_rip)#network - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 448
www.dell.com | support.dell.com Figure 25-9. Example of RIP Configuration Response from Core 2 Core2(conf-router_rip)#end 00:12:24: %RPM0-P:CP %SYS-5-CONFIG_I: Configured from console by console Core2#show ip rip database Total number of routes in RIP database: 7 10.11.30.0/24 [120/1] via 10. - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 449
2/11 2 2 Routing for Networks: 10.300.10.0 10.200.10.0 10.11.20.0 10.11.10.0 Routing Information Sources: Gateway Distance 10.11.20.1 120 Last Update 00:00:12 Distance: (default is 120) Core2# RIP Configuration on Core 3 Figure 25-12. RIP Configuration on Core 3 Core3(conf-if-te - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 450
www.dell.com | support.dell.com Core 3 RIP Output The examples in this section are: • resort is not set Destination ----------R 10.11.10.0/24 C 10.11.20.0/24 C 10.11.30.0/24 R 10.200.10.0/24 R 10.300.10.0/24 C 192.168.1.0/24 C 192.168.2.0/24 Core3# Gateway ------via 10.11.20.2, TenGig 3/21 Direct - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 451
Command Example to Show RIP Configuration Activity on Core 3 Core3#show ip protocols Routing Protocol is "RIP" Sending updates every 30 seconds, next Networks: 10.11.20.0 10.11.30.0 192.168.2.0 192.168.1.0 Routing Information Sources: Gateway Distance 10.11.20.2 120 Last Update 00:00 - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 452
www.dell.com | support.dell.com RIP Configuration Summary Figure 25-16. Summary of Core 2 RIP Configuration Using Output of show run Command ! interface TenGigabitEthernet 2/11 ip address 10.11.10.1/24 no shutdown ! interface TenGigabitEthernet 2/31 ip address 10.11.20.2/24 no shutdown ! interface - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 453
Routing Information Protocol (RIP) | 451 - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 454
www.dell.com | support.dell.com 452 | Routing Information Protocol (RIP) - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 455
and 64-bit monitoring facility and long-term statistics collection on Dell Force10 Ethernet interfaces. RMON operates with the simple network management protocol with standard management information base (MIBs). Implementation You must configure SNMP prior to setting up RMON. For a complete SNMP - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 456
www.dell.com | support.dell.com RMON implements the following standard request for comment (RFCs) (for more information, refer to RFC and I-D Compliance): • RFC-2819 • RFC-3273 • RFC-3434 Fault - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 457
Set the RMON Alarm To set an alarm on any MIB object, use the rmon alarm or rmon hc-alarm command in GLOBAL CONFIGURATION mode. To disable the alarm, use the no form of these commands: Command Syntax Command Mode Purpose [no] rmon alarm number variable interval {delta | absolute} - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 458
www.dell.com | support.dell.com To configure an RMON alarm, use the rmon alarm command (Figure 26-1). Figure 26-1. rmon alarm Command Example FTOS(conf)#rmon alarm 10 1.3.6.1.2.1.2.2.1.20.1 20 delta rising-threshold 15 1 falling-threshold 0 owner nms1 Alarm Number MIB Variable Monitor Interval - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 459
the no RMON collection statistics command. Command Syntax [no] rmon collection statistics {controlEntry integer} [owner owner-string] Command Mode Purpose CONFIGURATION INTERFACE (conf-if) controlEntry: Specifies the RMON group of statistics using a value. integer: A value from 1 to 65,535 that - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 460
www.dell.com | support.dell.com Configure RMON Collection History To enable the RMON MIB history group of statistics collection on an interface, use the rmon collection history command in CONFIGURATION INTERFACE (conf-if) mode. To remove a specified RMON history group of statistics collection, use - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 461
Remote Monitoring (RMON) | 459 - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 462
460 | Remote Monitoring (RMON) www.dell.com | support.dell.com - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 463
) but provides faster convergence and interoperability with switches configured with STP and multiple spanning tree protocol (MSTP). FTOS supports three other variations of spanning tree (Table 27-1). Table 27-1. FTOS Supported Spanning Tree Protocols Dell Force10 Term Spanning Tree Protocol (STP - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 464
of ports to a range of VLANs sends multiple messages to the RSTP task. When using the range command, Dell Force10 recommends limiting the range to five ports and 40 VLANs. Configure Interfaces for Layer 2 Mode All interfaces on all bridges that participates in RST must be in Layer 2 and enabled - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 465
1 Enter the PROTOCOL SPANNING TREE RSTP mode. 2 Enable Rapid Spanning Tree. Command Syntax protocol spanning-tree rstp no disable Command Mode CONFIGURATION PROTOCOL SPANNING TREE RSTP Note: To disable RSTP globally for all Layer 2 interfaces, use the disable command from PROTOCOL SPANNING TREE - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 466
www.dell.com | support.dell.com To verify that RSTP is enabled, use the show config command from PROTOCOL SPANNING TREE RSTP mode (Figure 27-3). Figure 27-3. Verifying RSTP is - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 467
, Address 0001.e801.cbb4 Root Bridge hello time 2, max age 20, forward delay 15, max hops 0 Bridge Identifier has priority 32768, Address 0001.e801.cbb4 Configured hello time 2, max age 20, forward delay 15, max hops 0 We are the root Current root has priority 32768, Address 0001.e801.cbb4 Number of - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 468
www.dell.com | support.dell.com To confirm that a port is participating in RST, use Filter -------- No No No No Add and Remove Interfaces • To add an interface to the RST topology, configure it for Layer 2 and it is automatically added. If you previously disabled RSTP on the interface using the - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 469
: 15 seconds forward-delay seconds Change the hello-time parameter. Note: With large configurations (especially those with more ports) Dell Force10 recommends that you increase the hello-time. Range: 1 to 10 Default: 2 seconds hello-time seconds Change the max-age parameter. Range: 6 to 40 - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 470
www.dell.com | support.dell.com Enable BPDU Filtering globally The enabling of BPDU Filtering stops transmitting of BPDUs on the operational port fast enabled ports by default. When BPDUs - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 471
. This feature is the same as PortFast mode in Spanning Tree. Caution: Configure EdgePort only on links connecting to an end station. EdgePort can cause loops the show config command from INTERFACE mode. Dell Force10 recommends using the show config command (Figure 27-8). Rapid Spanning Tree Protocol - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 472
www.dell.com | support.dell.com FTOS Behavior: Regarding bpduguard shutdown-on-violation behavior: 1 If the spanning-tree in INTERFACE mode). 5 Disabling global spanning tree (no spanning-tree in CONFIGURATION mode). Figure 27-8. EdgePort Enabled on Interface FTOS(conf-if-te-2/0)#show config ! - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 473
SNMP traps for RSTP, MSTP, and PVST+ collectively, use the snmp-server enable traps xstp command. Fast Hellos for Link State Detection Use RSTP delay 15 Bridge ID Priority 0, Address 0001.e811.2233 We are the root Configured hello time 50 ms, max age 20, forward delay 15 Command Mode PROTOCOL - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 474
www.dell.com | support.dell.com 472 | Rapid Spanning Tree Protocol (RSTP) - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 475
Line and Access-Class Configuration For details about all Guide. AAA accounting enables tracking of services that users are accessing and the amount of network resources being consumed by those services. When you enable AAA accounting, the network server reports user activity to the security server - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 476
www.dell.com | support.dell.com • Configure AAA Accounting for Terminal Lines (optional) • Monitor AAA Accounting ( instructs the TACACS+ server to send a stop record accounting notice at the end of the requested user process. • tacacs+ -Designate the security service. Currently, FTOS supports only - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 477
Configure Accounting of EXEC and Privilege-Level Command Usage The network access server monitors the accounting functions defined accounting exec execAcct Monitor AAA Accounting The Dell Force10 operating software (FTOS) does not support periodic interim accounting because the periodic command can - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 478
service=shell FTOS# AAA Authentication FTOS supports a distributed client/server system implemented through authentication, authorization, and accounting (AAA) to help secure networks against unauthorized access. In the Dell Force10 FTOS Command Reference Guide. Configure Login Authentication for - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 479
of the system in the event that network-wide issue prevents access to these servers. To view the configuration, use the show config command in LINE mode or the show running-config command in EXEC Privilege mode. Note: Dell Force10 recommends that you use the none method only as a backup. This method - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 480
www.dell.com | support.dell.com Enable AAA Authentication To enable AAA authentication, use the following command in CONFIGURATION mode: Command Syntax Command Mode aaa authentication enable {method-list-name CONFIGURATION | default} method1 [... method4] Purpose • default-Uses the listed - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 481
enable mymethodlist radius tacacs FTOS(conf)# line vty 0 9 FTOS(conf-line-vty)# enable authentication mymethodlist Server-Side Configuration TACACS+: When using TACACS+, Dell Force10 sends an initial packet with service type SVC_ENABLE, and then, a second packet with just the password. The TACACS - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 482
dell.com | support.dell.com Privilege levels 2 through 14 are not configured and you can customize them for different users and access. After you configure other privilege levels, enter those levels by adding the level parameter after the enable command or by configuring Reference Guide. Configure a - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 483
the optional and required parameters: • name: Enter a text string up to 63 characters long. • access-class access-list-name: Enter the name of a configured IP ACL. • nopassword: Do not require the user to enter a password. • encryption-type: Enter 0 for plain text or 7 for encrypted text. • password - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 484
www.dell.com | support.dell.com Configure Custom Privilege Levels In addition to assigning privilege levels to the user, you can configure the privilege levels of commands so that they are visible in different privilege levels. Within FTOS, commands have certain privilege levels. With the privilege - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 485
confirms that "john" is in privilege level 8. In EXEC Privilege mode, "john" can access only the commands listed. In CONFIGURATION mode, "john" can access only the snmp-server commands. Figure 28-5. User john's Login and the List of Available Commands apollo% telnet 172.31.1.53 Trying 172.31.1.53 - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 486
www.dell.com | support.dell.com Specify the LINE Mode Password and Privilege You can service (RADIUS) is a distributed client/server protocol. This protocol transmits authentication, authorization, and configuration information between a central RADIUS server and a RADIUS client (the Dell Force10 - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 487
configuring AAA authorization, you can configure to limit the attributes of services available to a user. When you enable authorization, the network access server uses configuration the two idle-time values (configured or default) is used. The idle-time value is updated if both of the following - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 488
must be a string. Only standard ACLs in authorization (both RADIUS and TACACS) are supported. Authorization is denied in cases using extended ACLs. Auto-Command You can configure the system through the RADIUS server to automatically execute a command when you connect to a specific line. To do this - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 489
specified RADIUS method list. This procedure is mandatory if you are not using default lists. To use the methodlist. Specify a RADIUS Server Host When configuring a RADIUS server host, you can set different communication parameters, such as the UDP port, the key password, the number of retries, and - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 490
www.dell.com | support.dell.com To specify a RADIUS server host and configure its communication parameters, use the following command in CONFIGURATION mode: Command Syntax radius-server host {hostname | ip-address} [auth-port port-number] [retransmit retries] [timeout seconds] [key [encryption- - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 491
Command Mode Purpose EXEC Privilege View RADIUS transactions to troubleshoot problems. TACACS+ FTOS supports the terminal access controller access control system (TACACS+) client, including support for login authentication. Configuration Task List for TACACS+ The following list includes the - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 492
dell.com | support.dell.com • Choose TACACS+ as the Authentication Method For a complete listing of all commands related to TACACS+, refer to the Security chapter in the FTOS Command Reference Guide at least one TACACS+ server for the system to communicate with and configure TACACS+ as one of your - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 493
View TACACS+ transactions to troubleshoot problems. TACACS+ Remote Authentication and Authorization FTOS takes the access class from the TACACS+ server. Access class is the class of service that restricts Telnet access and packet sizes. If you have configured remote authorization, FTOS ignores - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 494
| support.dell.com Figure 28-7 shows how to configure access-class from a TACACS+ server. This causes the configured access-class on the VTY line to be ignored. If you have configured a deny10 ACL on the TACACS+ server, FTOS downloads it and applies it. If the user is found to be coming from the 10 - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 495
# FTOS# Command Authorization The AAA command authorization feature configures FTOS to send each configuration command to a TACACS server for authorization before it is added to the running configuration. By default, the AAA authorization commands configure the system to check both the EXEC mode and - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 496
Mode CONFIGURATION Purpose Configure the Dell Force10 system as an SCP/ SSH server. To enable the SSH server for version 1 or 2 only, use the following command in CONFIGURATION mode: Command Syntax ip ssh server version {1|2} Command Mode CONFIGURATION Purpose Configure the Dell Force10 system - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 497
CONFIGURATION EXEC Privilege Figure 28-9 shows the use of SCP and SSH to copy a software image from one switch running SSH Server on UDP port 99 to the local switch: Figure 28-9. Using SCP to copy from an SSH Server on another Switch FTOS#copy scp: flash: Address or name of remote host []: 10.10.10 - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 498
ip ssh server enable command. SSH supports three methods of Dell Force10 system. This is the simplest methods of authentication and uses SSH version 1. To enable SSH password authentication, use the ip ssh password-authentication enable command from CONFIGURATION mode. To view your SSH configuration - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 499
admin/.ssh/id_rsa.pub. Command Mode 2 Copy the public key id_rsa.pub to the Dell Force10 system. 3 Disable password authentication if enabled. no ip ssh password-authentication enable CONFIGURATION 4 Enable RSA authentication. ip ssh rsa-authentication enable EXEC Privilege 5 Bind the public - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 500
id_rsa.pub rhosts shosts admin@Unix_client# cat rhosts 10.16.127.201 admin 4 Copy the file shosts and rhosts to the Dell Force10 system. 5 Disable password authentication and • no ip ssh password-authentication RSA authentication, if configured • no ip ssh rsa-authentication 6 Enable host-based - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 501
version Troubleshooting SSH • You may not bind id_rsa.pub to RSA authentication while logged in using the console. In this case, Message 2 appears. Message 2 RSA Authentication Error %Error: No username set for this term. • You must enable host-based authentication on the server (Dell Force10 - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 502
www.dell.com | support.dell.com Telnet To use Telnet with SSH, you must first enable SSH, as described above. By default, the Telnet daemon is enabled. To disable the Telnet daemon, use the [no] ip telnet server enable command, or disable Telnet in the startup config (Figure 28-15). Figure 28-15. [ - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 503
in with RADIUS authentication, the privilege level is applied from the RADIUS server only if you configure RADIUS authentication. Figure 28-16 shows how to allow or deny a to deny incoming connections from subnet 10.0.0.0 without displaying a login prompt. The example uses TACACS+ as - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 504
| support.dell.com Figure 28-17. Example Access Class Configuration Using TACACS+ Without Prompt FTOS(conf)#ip access-list standard deny10 FTOS(conf-ext-nacl)#permit 10.0.0.0/8 FTOS(conf-ext-nacl)#deny any FTOS(conf)# FTOS(conf)#aaa authentication login tacacsmethod tacacs+ FTOS(conf)#tacacs-server - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 505
Security | 503 - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 506
504 | Security www.dell.com | support.dell.com - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 507
Sampling Rate • Back-Off Mechanism • sFlow on LAG ports • Extended sFlow Overview The Dell Force10 operating software (FTOS) supports sFlow version 5. sFlow is a standard-based sampling technology embedded within switches and routers which you can use to monitor network traffic (Figure 29-1). It is - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 508
www.dell.com | support.dell.com Figure 29-1. sFlow Traffic Monitoring System sFlow Collector Switch/Router Poll Interface Counters sFlow Datagrams sFlow Agent Interface Counters Switch ASIC Flow Samples Implementation Information The Dell Force10 sFlow is designed so that the hardware sampling - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 509
MXL Switch, up to 700 packets can be sampled and processed per second. Enable and Disable sFlow By default, sFlow is disabled globally on the system. To enable sFlow globally, use the sflow enable command in CONFIGURATION line interface (CLI) is supported on physical ports and link aggregation - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 510
.dell.com | support.dell.com Show sFlow Globally To view sFlow statistics, use the following command (Figure 29-2): Command Syntax show sflow Command Mode EXEC Purpose Display sFlow configuration information and statistics. Figure 29-2. show sflow Command Example FTOS#show sflow sFlow services - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 511
to which sFlow datagrams are forwarded. Default UDP port: 6343 Default max-datagram-size: 1400 Polling Intervals The sflow polling-interval command configures the polling interval for an interface in the maximum number of seconds between successive samples of counters to be sent to the collector - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 512
www.dell.com | support.dell.com . Command Syntax sflow polling-interval interval value Command Mode Usage CONFIGURATION or INTERFACE Change the global default counter polling interval. interval value-in seconds. Range: 15 to 86400 seconds. Default: 20 seconds. Sampling Rate The sFlow - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 513
manually change the sampling rate to the desired value. As a result of back-off, the actual sampling-rate of an interface may differ from its configured it inherits the sFlow configuration from the LAG port. Extended sFlow The MXL switch supports extended-switch information processing only. Extended - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 514
sflow sFlow services are enabled Global default sampling rate: 4096 Global default counter polling interval: 15 Extended sFlow settings show all 3 types are enabled Global extended information enabled: switch 1 collectors configured Collector IP addr: 10.10.10.3, Agent IP addr: 10.10.0.0, UDP - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 515
sFlow | 513 - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 516
514 | sFlow www.dell.com | support.dell.com - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 517
defined by RFC 2571. • FTOS supports up to 16 trap receivers. • The FTOS implementation of the sFlow MIB supports sFlow configuration via SNMP sets. • SNMP traps use to manage your Dell Force10 system using SNMP. Also, these configurations use SNMP version 2c. Configuring SNMP version 1 or version - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 518
www.dell.com | support.dell.com Configuring SNMP version 3 requires you to configure SNMP users in one of three methods. See Setting Up User-based Security (SNMPv3). 516 | Simple Network Management Protocol (SNMP) - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 519
to Managed Object Value Updates using SNMP • Copy Configuration Files Using SNMP • Manage VLANs Using SNMP • Enable and Disable a Port Using SNMP • Fetch Dynamic MAC Entries Using SNMP • Deriving Interface Indices • Monitor Port-channels • Troubleshooting SNMP Operations Important Points to - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 520
www.dell.com | support.dell.com Create a Community For SNMPv1 and SNMPv2, you must create a an SNMP community: Task Choose a name for the community. Command snmp-server community name {ro | rw} Command Mode CONFIGURATION Message 1 SNMP Enabled 22:31:23: %STKUNIT0-M:CP %SNMP-6-SNMP_WARM_START: - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 521
WORD SNMPv3 user name To set up a user with view privileges only (no password or privacy privileges): Task Configure the user. Configure an SNMP group. Configure an SNMPv3 view. Command snmp-server user name group-name 3 noauth snmp-server group group-name 3 noauth auth read name write name snmp - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 522
a member of the same community as the SNMP agent. Dell Force10 supports RFC 4001, Textual Conventions for Internet Work Addresses that defines the OID before the IP address for IPv4. >snmpwalk -v 2c -c public 10.11.195.63 1.3.6.1.2.1.4.34 IP-MIB::ip.34.1.3.1.4.1.1.1.1 = INTEGER: 1107787778 IP-MIB - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 523
Managed Objects at Once > snmpwalk -v 2c -c mycommunity 10.11.209.217 .1.3.6.1.2.1.1 SNMPv2-MIB::sysDescr.0 = STRING: Dell Force10 OS Operating System Version: 1.0 Application Software Version: E8-3-16-0 Series: MXL-10/40GbE Copyright (c) 1999-2012 by Dell Inc. All Rights Reserved. Build Time: Tue - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 524
dell.com | support.dell.com To configure system contact and location information from the Dell Force10 system: Task Command Identify the system manager along with this person's contact information (e.g., E-mail address or phone number). You may use up to 55 characters. Default: None snmp-server - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 525
to identify the SNMPv1 community string. 2 Specify which traps the Dell Force10 system sends to the trap receiver. • Enable all Dell Force10 enterpriseSpecific and RFC-defined traps using the command snmp-server enable traps from CONFIGURATION mode. • Enable all of the RFC-defined traps using - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 526
www.dell.com | support.dell.com Table 30-2. Dell Force10 Enterprise-specific SNMP Traps Command Option envmon CP %SNMP-4-RMON_HC_RISING_THRESHOLD: RMON high-capacity rising threshold alarm from SNMP OID 10.16.130.140 [10.16.130.140]: Trap SNMPv2-MIB::sysUpTime.0 = Timeticks: (6796) 0:01:07 - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 527
= INTEGER: 23 pfc pfc peer state enabled 10.16.130.140 [10.16.130.140]: Trap SNMPv2-MIB::sysUpTime.0 = Configuration Files Using SNMP Use SNMP from a remote client to: • copy the running-config file to the startup-config file • copy configuration files from the Dell Force10 system to a server - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 528
www.dell.com | support.dell.com • copy configuration files from a server to the Dell Force10 system You can perform all of these tasks using IPv4 addresses. The relevant MIBs for these functions are: Table 30-3. MIB Objects for Copying Configuration Files Using SNMP MIB Object copySrcFileType - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 529
an SNMP community string with read/ snmp-server community write privileges. community-name rw CONFIGURATION Copy the f10-copy-config.mib MIB from the Dell Force10 iSupport webpage to the server to which you are copying the configuration file. On the server, use the command snmpset as shown - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 530
www.dell.com | support.dell.com Note: In UNIX, enter the 10.10.10.10 copySrcFileType.101 i 2 copyDestFileType.101 i 3 FORCE10-COPY-CONFIG-MIB::copySrcFileType.101 = INTEGER: runningConfig(2) FORCE10-COPY-CONFIG-MIB::copyDestFileType.101 = INTEGER: startupConfig(3) Figure 30-8. Copying Configuration - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 531
Copying Configuration Files via SNMP and FTP to a Remote Server > snmpset -v 2c -c private -m ./f10-copy-config.mib 10.10.10.10 FORCE10-COPY-CONFIG-MIB::copyUserName.110 = STRING: mylogin FORCE10-COPY-CONFIG-MIB::copyUserPassword.110 = STRING: mypass Copy the startup-config to the server - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 532
www.dell.com | support.dell.com Table 30-4. Copying Configuration Files via SNMP Task Figure 30-12. Copying Configuration Files via SNMP and TFTP to a Remote Server .snmpset -v 2c -c private -m ./f10-copy-config.mib 10.10.10.10 copySrcFileType.4 i 3 copyDestFileType.4 i 1 copyDestFileLocation.4 i 3 - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 533
command to obtain a MIB object value. These examples assume that: • the server OS is Unix • you are using SNMP version 2c • the community name snmpget -v 2c -c private -m ./f10-copy-config.mib 10.11.131.140 copyTimeCompleted.110 FORCE10-COPY-CONFIG-MIB::copyTimeCompleted.110 = Timeticks: (1179831) - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 534
www.dell.com | support.dell.com Create a VLAN Use the dot1qVlanStaticRowStatus object to create a VLAN. The snmpset operation in Figure 30-16 creates VLAN 10 by specifying a value of 4 for instance 10 of the dot1qVlanStaticRowStatus object. Figure 30-16. Creating a VLAN Using SNMP > snmpset -v2c -c - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 535
10 Vlan 10 the Dell Force10 system sends in response to the snmpget request is a table that contains hexadecimal (hex) pairs, each pair representing a group of eight ports. • 7 hex pairs represents a stack unit. Seven pairs accommodates the greatest number of ports available on an MXL Switch - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 536
the output for an MXL Switch. All hex pairs are 00, indicating that no ports are assigned to VLAN 10. In Figure 30-20, Port 0/2 is added to VLAN 10 as untagged. And the first hex pair changes from 00 to 04. Figure 30-20. Displaying Ports in a VLAN using SNMP [Dell Force10 system output] FTOS - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 537
00 00 00 00 00 00 In Figure 30-22, Port 0/2 is added as a tagged member of VLAN 10. Figure 30-22. Adding Tagged Ports to a VLAN using SNMP >snmpset -v2c -c mycommunity 10.11.131.185 .1.3.6.1.2.1.17.7.1.4.3.1.2.1107787786 x "40 00 00 00 00 00 00 00 00 00 00 00 00 00 - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 538
www.dell.com | support.dell.com Enable and Disable a Port Using SNMP Step 1 2 3 Task Command Syntax Command Mode Create an SNMP community on the Dell Force10 system. snmp-server community CONFIGURATION From the Dell Force10 system, identify the interface index of the port for which you want - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 539
21 Active Query from Management Station >snmpwalk -v 2c -c techpubs 10.11.131.162 .1.3.6.1.2.1.17.4.3.1 SNMPv2-SMI::mib-2.17.4.3.1.1.0.1.232.6.149.172 Dynamic MAC Addresses on the Default VLAN MAC Addresses on Dell Force10 System FTOS(conf)#do show mac-address-table VlanId Mac - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 540
www.dell.com | support.dell.com Deriving Interface Indices FTOS assigns an interface number to each (configured or 10101010010001000100000001 in binary. The binary interface index for TenGigabitEthernet 0/41 of an MXL Switch is shown in Figure 30-28. Notice that the physical/logical bit - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 541
Dell Force10 system begins slot and port numbering from 0, then binary 1 represents slot and port 0. In S4810, the first interface is 0/0, but in the MXL Switch the first interface is 0/1. Hence, in the MXL Switch ~]$ snmpwalk -v 2c -c public 10.11.1.1 .1.3.6.1.4.1.6027.3.2.1.1 SNMPv2-SMI:: - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 542
www.dell.com | support.dell.com If we learn mac address for the LAG, status is shown for those 6027.3.1.1.4.1.2 = STRING: "OSTATE_DN: Changed interface state to down: Tengig 0/ 0" 2010-02-10 14:22:39 10.16.130.4 [10.16.130.4]: SNMPv2-MIB::sysUpTime.0 = Timeticks: (8500842) 23:36:48.42 SNMPv2-MIB - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 543
groups, which describe the physical elements and logical elements of a managed system The following tables are implemented for the MXL Switch Platform. Physical Entity A physical entity or physical component represents an identifiable physical resource within a managed system. Zero or more - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 544
www.dell.com | support.dell.com The status for the MIBS is as follows: vijayakrishnan@tapti[3:42pm] : /tftpboot > snmpwalk -c public -v 2c 10.16.130.135 1.3.6.1.2.1.47.1.1.1.1.2 SNMPv2-SMI::mib-2.47.1.1.1.1.2.1 = "" SNMPv2-SMI::mib-2.47.1.1.1.1.2.2 = STRING: "PowerConnect MXL 10/40GbE" SNMPv2-SMI:: - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 545
10G Level" SNMPv2-SMI::mib-2.47.1.1.1.1.2.125 = STRING: "Unit: 1 Port 52 10G Level" SNMPv2-SMI::mib-2.47.1.1.1.1.2.130 = STRING: "PowerConnect MXL 10/40GbE" SNMPv2-SMI::mib-2.47.1.1.1.1.2.131 = STRING: "Module 0" SNMPv2-SMI::mib-2.47.1.1.1.1.2.132 = STRING: "Unit: 2 Port 1 10G Level" SNMPv2-SMI::mib - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 546
www.dell.com | support.dell.com SNMPv2-SMI::mib-2.47.1.1.1.1.2.158 = STRING: "Unit: 2 Port 27 10G Level : "Unit: 2 Port 52 10G Level Troubleshooting SNMP Operations When you use SNMP to retrieve management data from an SNMP agent on a Dell Force10 router, take into account the following behavior: - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 547
a Stack Configuration • Troubleshooting a Switch Stack • Upgrading a Switch Stack • Upgrading a Single Stack Unit Stacking MXL 10/40GbE Switches A stack of MXL 10/40GbE Switches operates as a virtual chassis with management units (primary and standby) and member units. The Dell Force10 operating - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 548
dell.com | support.dell.com Figure 31-1. Four Stacked MXL 10/40GbE Switches 10GbE LAN Uplinks (LAG) 40GbE Stack Links Member Switches Master Switch Standby Switch local copy of the forwarding databases. From Stack master you can configure: • System-level features that apply to all stack members • - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 549
or MAC address becomes standby. Note: For the MXL Switch, the entire stack has only one management IP address. Stack Master Election The stack elects a master and standby unit at bootup time based on two criteria: • Unit priority: This is user-configurable. Valid values are from 1 to 14. A higher - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 550
www.dell.com | support.dell.com Figure 31-2. Displaying the Stack Master FTOS# show system brief Stack MAC : 00:1e:c9:f1:00:7b Reload Type : jump-start [Next boot : normal-reload] -- Stack Info -- Unit UnitType Status ReqTyp CurTyp Version Ports 0 Management online MXL-10/40GbE MXL-10/ - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 551
Stacking Topologies Stacking is supported on the MXL 10/40GbE Switch in ring and daisy-chain topologies. Example 1: Dual-Ring Stack Across Multiple Chassis Using two in a non-edge stack unit causes a split stack. Figure 31-3. Dual-Ring Stacking Topology for MXL 10/40GbE Switches Stacking | 549 - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 552
www.dell.com | support.dell.com Example 2: Dual Daisy-Chain Stack Across Multiple Chassis Using two separate, daisy-chained stacks in a stacking simplified when you have to take one stack offline (Figure 31-4). Figure 31-4. Dual Daisy-Chain Stacking Topology for MXL 10/40GbE Switches 550 | Stacking - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 553
on an MXL 10/40GbE Switch. Figure 31-5. Stack Groups on an MXL 10/40GbE Switch Stack Group 5 / Port 53 Stack Group 4 / Port 49 Stack Group 3 / Port 45 Stack Group 2 / Port 41 Stack Group 1 / Port 37 Stack Group 0 / Port 33 Configuring a Switch Stack To configure and bring up a switch stack, follow - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 554
configuration before you attach the cables. • All stacked MXL 10/40GbE Switches must run the same FTOS version. The minimum FTOS version required is 8.3.16.0. To check the FTOS version that a switch is running, use the show version command. To download an FTOS version, go to http://support.dell - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 555
network (VLAN) IP address of the management port and log in to the switch to access the CLI. Configuring and Bringing Up a Stack After you attach the 40G QSFP or direct attach cables in a stack of MXL 10/40GbE Switches, to bring up the stack, follow these steps. Note: The procedure uses command - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 556
www.dell.com | support.dell.com Step 3 4 5 6 Task Command Syntax Configure a 40GbE port for stacking mode, where: stack-unit < the stacking configuration on the 40GbE ports. write memory Repeat Steps 1 to 4 on each MXL 10/40GbE Switch in the stack. Log on to the CLI and reboot each switch, one - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 557
stacked unit is assigned the unit number. When you provision a unit number for an MXL 10/40GbE Switch: • The base-module ports on the switch (ports 33 and 37/stack groups 0 and 1) are pre-configured for 40GbE operation. • The 40GbE ports on FlexIO modules (ports 41 and 45 in slot 0; ports 49 and 53 - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 558
www.dell.com | support.dell.com FTOS Behavior: Stacking configuration is handled as follows on an MXL 10/40GbE Switch: • If a stack unit goes down and is removed from the stack, the logical provisioning configured for the stack-unit number is saved on the master and standby switches. • When you add - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 559
: Step 1 2 3 Task Command Syntax Command Mode Power on the switch. Attach QSFP or direct attach cables to connect 40GbE ports on the switch to one or more switches in the stack. Log on to the CLI and enter global configuration mode. Login: username --- Password: ***** FTOS> enable FTOS - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 560
assigned to the new unit, the pre-configured provisioning must match the switch type. If there is a conflict between the provisioned switch type and the new unit, a mismatch error message is displayed. Merging Two Stacks You can merge two MXL 10/40GbE Switch stacks while they are powered and online - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 561
configured with a higher priority than the current stack master, it becomes the new stack master and the stack reloads. If the new unit does not have a higher priority than the master switch, it is added as a member switch. Splitting a Stack To split an MXL 10/40GbE Switch failover, manual reset, - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 562
www.dell.com | support.dell.com Reset a problem state. Command Syntax reset stack-unit unit-number reset-self reset stack-unit unit-number hard Command Mode EXEC Privilege EXEC Privilege EXEC Privilege Verifying a Stack Configuration Using LEDs Table 31-1 lists the status of a stacked switch - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 563
-10/40GbE MXL-10/40GbE 9-1-0-853 56 1 Standby online MXL-10/40GbE MXL-10/40GbE 9-1-0-853 56 2 Member online MXL-10/40GbE MXL-10/40GbE 9-1-0-853 56 3 Member online MXL-10/40GbE MXL-10/40GbE 9-1-0-853 56 4 Member online MXL-10/40GbE MXL-10/40GbE 9-1-0-853 56 5 Member online MXL-10/40GbE - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 564
www.dell.com | support.dell.com Figure 31-9. show system Command Example FTOS#show system Stack MAC : 00:1e:c9:f1:00:e3 Reload Type : normal-reload [Next boot : normal-reload] -- Unit 0 -Unit Type Status Required Type : Member Unit : not present : MXL-10/40GbE - 34-port GE/TE/FG (XL) -- Unit 1 - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 565
Figure 31-10. show inventory optional-module Command Example FTOS# show inventory optional-module Unit Slot Expected Inserted Next Boot Power 0 0 SFP+ SFP+ AUTO Good 0 1 QSFP+ QSFP+ AUTO Good * - Mismatch Figure 31-11. show system stack-unit stack-group configured Command Example - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 566
www.dell.com | support.dell.com Figure 31-13. show system stack-ports (ring) Command Example FTOS# show system stack-ports Topology: Ring Interface Connection Link Speed Admin (Gb/s) Status - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 567
the commands in Table 31-3 on the master switch. Table 31-3. Troubleshooting Stack Commands Command Output show system stack-ports ( ports on stack units. Displays the master standby unit status, failover configuration, and result of the last master-standby synchronization; allows you to verify - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 568
www.dell.com | support.dell.com Figure 31-16. show redundancy Command Example FTOS#show redundancy -- Stack-unit stack-unit ID: 2 Stack-unit SW Version: E8-3-16-79 -- Stack-unit Redundancy Configuration -- Primary Stack-unit: mgmt-id 0 Auto Data Sync: Full Failover Type: Hot - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 569
0.00% of line-rate Failure Scenarios The following sections describe some of the common fault conditions that can happen in a switch stack and how they are resolved. Stack Member Fails Problem: A unit that is not the stack master fails in an operational stack. Resolution: If a stack member fails in - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 570
www.dell.com | support.dell.com Master Switch Fails Problem: The master switch fails due to a hardware fault, software crash, or power loss. Resolution: A failover procedure begins: 1. Keep-alive messages from the MXL 10/40GbE master switch time out after 60 seconds and the switch is removed from - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 571
that the problem has been resolved and the stacked switch is back online, use the show system brief command (Figure 31-20). Figure 31-19. Card Problem Error - MXL-10/40GbE MXL-10/40GbE 8-3-16-79 56 1 Member card problem MXL-10/40GbE unknown 56 2 Standby online MXL-10/40GbE MXL-10/40GbE - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 572
MXL-10/40GbE MXL-10/40GbE 8-3-16-79 56 1 Member online MXL-10/40GbE MXL-10/40GbE 8-3-16-79 56 2 Standby online MXL-10/40GbE MXL-10/40GbE 8-3-16-79 56 3 Member not present 4 Member not present 5 Member not present Stack Unit in Card-Problem State Due to Configuration Mismatch Problem - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 573
server. Download the FTOS image by accessing an interactive CLI that requests the server IP address and image filename, and prompts you to upgrade all member stack units. Specify the system partition on the master switch yes Image upgraded to all FTOS# configure FTOS(conf)# boot system stack-unit - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 574
: Step 1 2 3 4 Task Download the FTOS image from the master's boot partition to the member unit, and upgrade the relevant boot partition in the single stack-member unit. Reboot the stack unit from the master switch to load the FTOS image from the same partition. Save the configuration. Reset the - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 575
Stacking | 573 - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 576
574 | Stacking www.dell.com | support.dell.com - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 577
. FTOS Behavior: The Dell Force10 operating software (FTOS) supports broadcast control (storm-control broadcast command) for Layer 2 and Layer 3 traffic. FTOS Behavior: The minimum number of packets per second (PPS) that storm control can limit is two. Configuring Storm Control Storm control - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 578
www.dell.com | support.dell.com You can configure storm control for ingress traffic in CONFIGURATION mode. Do not apply per-virtual local area network (per-VLAN) quality of service (QoS) on an interface that you have enabled storm-control (either on an interface or globally) 576 | Storm Control - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 579
switch CPU utilization and memory consumption. Table 33-1 lists the variations of STP that FTOS supports. Table 33-1. FTOS Supported Spanning Tree Protocols Dell Force10 • SNMP Traps for Root Elections and Topology Changes • Displaying STP Guard Configuration Spanning Tree Protocol (STP) | 577 - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 580
www.dell.com | support.dell.com Configuring Spanning Tree Configuring STP is a two-step process: 1. Configure interfaces for Layer 2. 2. Enable STP. Related Configuration Tasks • Adding an Interface to the Spanning Tree Group • Removing an Interface from the Spanning Tree Group • Modifying Global - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 581
Interfaces for Layer 2 Mode All interfaces on all switches that participate in STP must be in Layer 2 mode and enabled. Figure 33-1. Example of Configuring Interfaces for Layer 2 Mode To configure the interfaces for Layer 2 and then enable them, follow these steps: Step Task 1 If the interface - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 582
www.dell.com | support.dell.com To verify that an interface is in Layer 2 mode and enabled, mode. 2 Enable Spanning Tree. Command Syntax protocol spanning-tree 0 no disable Command Mode CONFIGURATION PROTOCOL SPANNING TREE Note: To disable STP globally for all Layer 2 interfaces, use the - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 583
0 Command Example FTOS#show spanning-tree 0 Executing IEEE compatible Spanning Tree Protocol Bridge Identifier has priority 32768, address 0001.e826.ddb7 Configured hello time 2, max age 20, forward delay 15 Bpdu filter disabled globally Current root has priority 32768, address 0001.e80d.2462 Root - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 584
www.dell.com | support.dell.com To confirm that a port is participating in STP, use the show hello time 2, max age 20, forward delay 15 Bridge ID Priority 32768, Address 0001.e80d.2462 Configured hello time 2, max age 20, forward delay 15 Bpdu filter disabled globally Interface Name Tengig 1/1 - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 585
seconds Change the hello-time parameter (the BPDU transmission interval). Note: With large configurations (especially those with more ports) Dell Force10 recommends increasing the hello-time. Range: 1 to 10 Default: 2 seconds hello-time seconds Change the max-age parameter (the refresh interval - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 586
www.dell.com | support.dell.com Modifying Interface STP Parameters You can set the port cost and port priority values of interfaces in Layer 2 mode. • Port cost is a value that - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 587
-8 shows a scenario in which an edgeport might unintentionally receive a BPDU. The port on the Dell Force10 system is configured with Portfast. If the switch is connected to the hub, the BPDUs that the switch generates might trigger an undesirable topology change. If you enabled BPDU guard, when the - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 588
www.dell.com | support.dell.com Note: Note that unless you enable the shutdown-on- time 2, max age 20, forward delay 15 Bridge ID Priority 32768, Address 001e.c9f1.00cf Configured hello time 2, max age 20, forward delay 15 Bpdu filter disabled globally Interface Designated Name PortID - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 589
Figure 33-8. Enabling BPDU Guard FTOS Behavior: BPDU guard blocks BPDUs (refer to Removing an Interface from the Spanning Tree Group). • BPDU guard is used on edgeports and blocks all traffic on edgeport if it receives a BPDU. BPDU Filtering . Global BPDU Filtering When BPDU Filtering is enabled - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 590
www.dell.com | support.dell.com Figure 33-9. BPDU Filtering enabled globally ] Interface BPDU Filtering When BPDU Filtering is enabled takes the highest precedence. By default bpdu filtering on an interface is disabled. Figure 33-10. BPDU Filtering enabled globally 588 | Spanning Tree Protocol (STP) - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 591
age 20, forward delay 15 FTOS# STP Root Guard Use the STP root guard feature in a Layer 2 network to avoid bridging loops. In STP, the switch in the network with the lowest priority (as determined by STP or set with the bridge-priority command) is selected as the root bridge. If - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 592
www.dell.com | support.dell.com In STP topology 2 (Figure 33-12 upper right), STP is enabled on device D on which a software bridge application is started to connect to the network. Because the priority of the bridge in device D is lower than the root bridge in Switch A, device D is elected as root - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 593
Figure 33-12. STP Root Guard Prevents Bridging Loops 1 2 3 Port State: STP Block STP Root-Inconsistent Spanning Tree Protocol (STP) | 591 - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 594
www.dell.com | support.dell.com Root Guard Configuration You enable STP root guard on a per-port or per-port-channel basis. FTOS Behavior: The following conditions apply to a port enabled with STP root guard: • Root guard is supported on any STP-enabled port or port-channel interface except when - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 595
shut down (Error Disabled state) after receiving a BPDU. • Bpdu filter is disabled on the ports. Figure 33-13. Displaying STP Guard Configuration FTOS#show spanning-tree 0 guard Interface Name Instance Sts Guard type Tengig 0/1 0 INCON(Root) Rootguard Tengig 0/2 0 LIS Loopguard Tengig - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 596
www.dell.com | support.dell.com 594 | Spanning Tree Protocol (STP) - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 597
a time-serving host. NTP clients choose from among several NTP servers to determine which offers the best available source of time and the sources are detected and avoided. Dell Force10 recommends configuring NTP for the most accurate time. In FTOS, you can configure other time sources (the hardware - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 598
www.dell.com | support.dell.com NTP is designed to produce 34-1). Information included in the NTP message allows each client/server peer to determine the timekeeping characteristics of its other peers, several other clocks, update the local clock, and estimate its accuracy. 596 | System Time and - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 599
with the Time Derived from NTP • Configure NTP Broadcasts • Disable NTP on an Interface • Configure a Source IP Address for NTP Packets (optional) Enable NTP NTP is disabled by default. To enable it, specify an NTP server to which the Dell Force10 system will synchronize. Enter the command multiple - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 600
www.dell.com | support.dell.com To specify an NTP server, use the following command. Task Specify the NTP server to which the Dell Force10 system will synchronize. Command ntp server ip-address Command Mode CONFIGURATION To display the system clock state with respect to NTP, use the show ntp - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 601
mode. If ntp disable is not listed in the show config command output, NTP is enabled. (The show config command displays only non-default configuration information.) Configure a Source IP Address for NTP Packets By default, the source address of NTP packets is the IP address of the interface used to - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 602
www.dell.com | support.dell.com To configure an IP address as the source address of NTP packets, use the following command in CONFIGURATION mode: Command Syntax ntp source interface Command Mode Purpose CONFIGURATION Enter the following keywords and slot/port or number information: • For a - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 603
[key keyid] [prefer] [version number] Command Mode CONFIGURATION Purpose Configure an NTP server. Configure the IP address of a server and the following optional parameters: • key keyid: Configure a text string as the key exchanged between the NTP server and client. • prefer: Enter the keyword to - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 604
www.dell.com | support.dell.com • Leap Indicator (sys.leap, peer.leap, pkt.leap): local clock was last updated. If the local clock has never been synchronized, the value is zero. • Originate Timestamp: The departure time on the server of its last NTP message. If the server becomes unreachable, the - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 605
set the time and date using the FTOS CLI. Configuring Time and Date Settings The following list includes the configuration tasks for setting the system time: • Set the Time and Date for the Switch Hardware Clock • Set the Time and Date for the Switch Software Clock • Set the Timezone • Set Daylight - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 606
www.dell.com | support.dell.com Set the Time and Date for the Switch Software Clock You can change timezone, use the following command: Command Syntax clock timezone timezone-name offset Command Mode CONFIGURATION Purpose Set the clock to the appropriate timezone. timezone-name: Enter the name of - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 607
FTOS# Set Daylight Savings Time FTOS supports setting the system to daylight savings date (and time zone) on which to convert the switch to daylight savings time on a one-time basis. -day end-year end-time [offset] Command Mode CONFIGURATION Purpose Set the clock to the appropriate timezone and - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 608
dell.com | support.dell.com Command Syntax Command Mode Purpose FTOS(conf)#clock summer-time pacific date Mar 14 2012 00:00 Nov 7 2012 00:00 FTOS(conf)# Set Recurring Daylight Saving Time Set a date (and time zone) on which to convert the switch ] Command Mode CONFIGURATION Purpose Set the - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 609
Command Syntax Command Mode Purpose • end-week: If you entered a start-week, enter one of the following as the week that daylight savings ends: • week-number: enter a number from 1 to 4 as the number of the week to end daylight savings time. • first: enter the keyword first to end daylight savings - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 610
608 | System Time and Date www.dell.com | support.dell.com - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 611
the loss of upstream connectivity. For example, in Figure 35-1 Switches S1 and S2 both have upstream connectivity to Router R1 and downstream connectivity to the server. UFD operation is shown in Steps A through C: • In Step A, the server configuration uses the connection to S1 as the primary path - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 612
www.dell.com | support.dell.com Figure 35-1. Uplink Failure Detection How Uplink Failure Detection Works UFD creates an association between upstream and downstream interfaces. The association of uplink and - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 613
group are put into a link-down state. Using UFD, you can configure the automatic recovery of downstream ports in an uplink-state group when the and NIC Teaming Uplink Failure Detection on a switch can be used with network adapter teaming on a server (see Network Interface Controller (NIC) Teaming on - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 614
www.dell.com | support.dell.com Important Points to Remember When you configure Uplink Failure Detection, the following conditions apply: • You can configure up to sixteen uplink-state groups. By default, no uplink-state groups are created. An uplink-state group is considered to be operationally up - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 615
and enabling the tracking of upstream links on the switch/router. Valid group-id values are 1 to one of the following interface types: 10-Gigabit Ethernet: tengigabitethernet {slot/port {upstream | downstream} interface command. (Optional) Configures the number of downstream links in the uplink-state - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 616
dell.com | support.dell . Clearing a UFD-Disabled Interface You can manually bring up a downstream interface in an uplink Re-enables a downstream interface on the switch/router that is in a UFD-disabled one of the following interface types: 10-Gigabit Ethernet: tengigabitethernet {slot/port | - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 617
up state. Message 1 Syslog Messages before and after entering clear ufd-disable uplink-state-group Command 00:10:12: %STKUNIT0-M:CP %IFMGR-5-ASTATE_DN: Changed interface Admin state to down: Te 0/1 00:10:12: %STKUNIT0-M:CP %IFMGR-5-ASTATE_DN: Changed interface Admin state to down: Te 0/2 00 - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 618
dell.com | support.dell interface specifies one of the following interface types: 10-Gigabit Ethernet: Enter tengigabitethernet slot/port. 40-Gigabit id] Command Mode: EXEC Or show configuration Command Mode: UPLINK-STATE-GROUP Displays the current configuration of all uplink-state groups (Figure 35 - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 619
Figure 35-3. show uplink-state-group Command Output FTOS# show uplink-state-group Uplink State Group: 1 Uplink State Group: 3 Uplink State Group: 5 Uplink State Group: 6 Uplink State Group: 7 Uplink State Group: 16 Status: Enabled, Up Status: Enabled, Up Status: Enabled, Down Status: Enabled, Up - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 620
www.dell.com | support.dell.com Figure 35-4. show interfaces Command: UFD Output FTOS#show interfaces tengigabitethernet 7/45 TenGigabitEthernet 7/45 is up, line protocol is down (error-disabled[UFD]) Hardware is Dell Force10Eth, address is 00:01:e8:32:7a:47 Current address is 00:01:e8:32:7a:47 - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 621
: Uplink Failure Detection Figure 35-7 shows a sample configuration of Uplink Failure Detection on a switch/router in which you: • Configure uplink-state group 3. • Add downstream links TenGigabitethernet 0/1, 0/2, 0/5, 0/9, 0/11, and 0/12. • Configure two downstream links to be disabled if an - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 622
www.dell.com | support.dell.com Figure 35-7. Configuring Uplink Failure Detection FTOS(conf)#uplink-state-group 3 FTOS(conf-uplink-state-group-3)# 00:23:52: %STKUNIT0-M:CP %IFMGR-5-ASTATE_UP: Changed uplink state group Admin - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 623
Direct any questions or concerns about the FTOS Upgrade Procedures to the Dell Force10 Technical Support Center. You can reach Technical Support: • On the Web: www.force10networks.com/support/ • By email: [email protected] • By phone: US and Canada: 866.965.5800, International: 408 - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 624
622 | Upgrade Procedures www.dell.com | support.dell.com - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 625
move traffic at wire speed and can span multiple devices. The Dell Force10 operating software (FTOS) supports up to 4093 port-based VLANs and 1 default VLAN, as .1Q Virtual Bridged Local Area Networks. In this guide, see also: • Bulk Configuration in Interfaces • VLAN Stacking For a complete listing - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 626
www.dell.com | support.dell.com Table 37-1 lists the defaults for VLANs in FTOS. Table 37-1. VLAN Defaults on FTOS Feature Spanning Tree group ID Mode Default VLAN ID Default All VLANs are part of Spanning Tree group 0 Layer 2 (no IP address is assigned) VLAN 1 Default VLAN When you configure - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 627
VLAN conserves bandwidth. Finally, you can have multiple VLANs configured on one switch, thus segmenting the device. Interfaces within a port-based in Layer 2 mode, it is automatically placed in the default VLAN. FTOS supports IEEE 802.1Q tagging at the interface level to filter traffic. When you - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 628
www.dell.com | support.dell.com The tag header contains some key information used by Port-Based VLAN The default VLAN as VLAN 1 is part of the system startup configuration and does not require configuration. To configure a port-based VLAN, you must create the VLAN and then add physical interfaces - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 629
pass through the VLAN. If the VLAN is not a routed VLAN (that is, configured with an IP address), the shutdown command has no affect on VLAN traffic. When you the command statement in the Layer 2 chapter of the FTOS Command Reference Guide. To view just the interfaces that are in Layer 2 mode, use - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 630
www.dell.com | support.dell.com To tag frames leaving an interface in Layer 2 mode, you must assign that interface to a port-based VLAN to tag it with that VLAN ID. To tag interfaces, follow these steps: Step Command Syntax 1 interface vlan vlan-id 2 tagged interface Command Mode CONFIGURATION - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 631
Command Syntax interface vlan vlan-id 2 untagged interface Command Mode CONFIGURATION INTERFACE Purpose Access INTERFACE VLAN mode of the VLAN to which you want to assign the interface. Configure an interface as untagged. This command is available only in VLAN - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 632
www.dell.com | support.dell.com The only way to remove an interface from the is connecting a voice over IP (VOIP) phone and a PC to the same port of the switch. The VOIP phone is configured to generate tagged packets (with VLAN = VOICE VLAN), and the attached PC generates untagged packets. 630 - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 633
, service providers who perform frequent reconfigurations for customers with changing requirements occasionally enable multiple interfaces, each connected to a different customer, before the interfaces are fully configured. This presents a vulnerability because both interfaces are initially - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 634
632 | Virtual LANs (VLAN) www.dell.com | support.dell.com - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 635
on the VRRP VRID and allows for up to 255 VRRP routers on a network. Figure 38-1 shows a typical network configuration using VRRP. Instead of configuring the hosts on the network 10.10.10.0 with the IP address of either Router A or Router B as their default router; their default router is the IP - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 636
.dell.com | support.dell.com In Figure 38-1, Router A is configured as the MASTER router. It is configured with 10/1. Until Router A resumes operation, VRRP allows Router B to provide uninterrupted service to the users on the LAN segment accessing the Internet. Figure 38-1. Basic VRRP Configuration - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 637
The MXL 10/40GbE Switch supports a total of 2000 VRRP groups on a switch and 255 VRRP groups per interface (Table 38-1). Within a single VRRP group, up to 12 virtual IP addresses are supported. Virtual IP addresses can belong to the primary or secondary IP address' subnet configured on - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 638
dell.com | support.dell.com VRRP Configuration By default, VRRP is not configured. Configuration Task List for VRRP The following list specifies the configuration of all commands related to VRRP, refer to FTOS Command Line Interface Guide. Create a Virtual Router To enable VRRP, you must create a - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 639
10.10.10.1/24 ! vrrp-group 111 no shutdown FTOS(conf-if-te-1/1)# Note that the interface has an IP Address and is enabled Assign Virtual IP addresses Virtual routers contain virtual IP addresses configured IP subnets configured on the interface, Dell Force10 recommends configuring virtual IP - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 640
.dell.com | support.dell.com To configure a virtual IP address, follow these steps: Step 1 2 Task Configure a VRRP group. VRID Range: 1 to 255 Configure ip address 10.10.10.1/24 ! vrrp-group 111 priority 255 virtual-address 10.10.10.1 virtual-address 10.10.10.2 virtual-address 10.10.10.3 ! vrrp - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 641
10.10.10.1 10.10.10.2 10.10.10.3 10.10.10.10 Authentication: (none) Tengigabitethernet 1/2, VRID: 111, Net: 10.10.2.1 State: Master, Priority: 100, Master: 10.10 priority. Note: Configuring VRRP priority 255 on an interface on which DHCP Client is enabled is not supported. If two routers - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 642
.dell.com | support.dell.com To configure the VRRP group's priority, use the following command: Task Configure IP address: 10.10.10.1 10.10.10.2 10.10.10.3 10.10.10.10 Authentication: (none Tengigabitethernet 1/2, VRID: 111, Net: 10.10.2.1 State: Master, Priority: 125, Master: 10.10.2.1 (local) - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 643
vrid-111)#authentication-type ? FTOS(conf-if-te-1/1-vrid-111)#authentication-type simple 7 force10 Encryption type (encrypted) Password Figure 38-10. show config Command Example (a Simple Password is Configured) FTOS(conf-if-te-1/1-vrid-111)#show conf ! vrrp-group 111 authentication-type simple - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 644
www.dell.com | support.dell.com 255 virtual-address 10.10.10.1 virtual-address 10.10.10.2 virtual-address 10.10.10.3 virtual-address 10.10.10.10 FTOS(conf-if- with the highest priority transitions to MASTER. Note: Dell Force10 recommends increasing the VRRP advertisement interval to a value - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 645
10 authentication-type simple 7 387a7f2df5969da4 no preempt priority 255 virtual-address 10.10.10.1 virtual-address 10.10.10.2 virtual-address 10.10.10.3 virtual-address 10.10.10.10 must be less than the configured priority on the VRRP group. If the VRRP group is configured as OWNER router (priority - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 646
www.dell.com | support.dell.com You can configure a tracked object for a VRRP group (using the track object-id command in INTERFACE-VRID mode) before you actually create the tracked object (using a track object-id command in CONFIGURATION mode) (Figure 38-15) and (Figure 38-16). However, no changes - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 647
MAC address: 00:00:5e:00:01:15 Virtual IP address: 10.1.1.2 Authentication: (none) FTOS# Figure 38-18. show running-config set on individual interfaces and is supported on all physical interfaces, VLANS, and link aggregation groups (LAGs). When you configure both CLIs, the later timer rules - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 648
www.dell.com | support.dell.com Task Command Syntax Set the delay time for VRRP to provide guidance for only a typical VRRP configuration. You can copy and paste from the example to your CLI. Be sure you make the necessary changes to support your own IP addresses, interfaces, names, etc - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 649
Figure 38-19. VRRP for IPv4 Topology Virtual Router Redundancy Protocol (VRRP) | 647 - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 650
www.dell.com | support.dell.com Figure 38-20. Configure VRRP for IPv4 Router R2(conf)#int tengig 2/31 R2(conf-if-te-2/31)#ip address 10.1.1.1/24 R2(conf-if-te-2/31)#vrrp-group 99 R2(conf-if-te-2/31-vrid-99)#priority 200 R2(conf-if-te-2/31-vrid-99)#virtual 10.1.1.3 R2(conf-if - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 651
Logs • Show Hardware Commands • Environmental Monitoring • Buffer Tuning • Troubleshooting Packet Loss • Application Core Dumps • Mini Core Dumps • TCP also perform snake tests using virtual local area network (VLAN) configurations. Note: Diagnostic is not allowed in Stacking mode, including member - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 652
dell.com | support.dell.com Important Points to Remember • You can only perform offline diagnostics on an offline standalone unit. You cannot perform diagnostics if the ports are configured CurTyp Version Ports 0 Management online MXL-10/40GbE MXL-10/40GbE 8-3-16-0 56 1 Member not - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 653
the Dell Force10 operating buffer and can be saved to a file either manually or automatically upon failover. Auto Save on Crash or Non-management Member units do not support this functionality. Figure 39-3. Command Privilege commands used with the MXL Switch. These commands display information from - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 654
www.dell.com | support.dell.com Table 39-1. show hardware Commands Command MXL Switch components use environmental monitoring hardware to detect transmit power readings, receive power readings, and temperature updates. To receive periodic power updates, you must enable the enable optic-info-update - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 655
Figure 39-4. show interfaces transceiver Command Example FTOS#show int ten 0/49 transceiver SFP is present SFP 49 Serial Base ID fields SFP 49 Id = 0x03 SFP 49 Ext Id = 0x04 SFP 49 Connector = 0x07 SFP 49 Transceiver Code = 0x00 0x00 0x00 0x01 0x20 0x40 0x0c 0x01 SFP 49 Encoding = 0x01 - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 656
www.dell.com | support.dell.com 41 71 81 86 FTOS# Troubleshoot an Over-Temperature Condition To troubleshoot an over-temperature condition: 1. use the power-on command in EXEC mode. In addition, Dell Force10 requires that you install blanks in all slots without a line card to - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 657
that the specified card is not receiving enough power. In response, the system first shuts down Power over Ethernet (PoE). Troubleshoot an Under-Voltage Condition To troubleshoot an under-voltage condition, check that the correct number of power supplies are installed and their Status light emitting - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 658
dell.com | support.dell.com The simple network management protocol (SNMP) traps and OIDs in Table 39-2 provide information about environmental monitoring hardware and hardware components. Table 39-2. SNMP Traps and OIDs OID String Receiving power .1.3.6.1.4.1.6027.3.10 -info-update-interval switch - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 659
support allocated as needed, up to a configured limit. Using dynamic buffers provides the manage up to 2k packets. You can configure dynamic buffers per port on both 1G and 10G FPs - Total Dedicated Pool = 5904 cells • Oversubscription ratio = 10 • Dynamic Cell Limit Per port = 59040/29 = 2036 - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 660
www.dell.com | support.dell.com Deciding to Tune Buffers Dell Force10 recommends exercising caution when configuring any non-default buffer traffic on one interface might prevent other interfaces from receiving the configured dynamic allocation, which causes packet loss. You cannot allocate more - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 661
show buffer-profile [detail | summary] command output by using the no buffer [fp-uplink |csf] stack-unit port-set buffer-policy command from CONFIGURATION mode and the no buffer-policy command from INTERFACE mode. Display the allocations for any buffer profile using the show commands in Figure 39 - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 662
.dell.com | support.dell.com Figure 39-9. Displaying Buffer Profile Allocations FTOS#show running-config interface tengigabitethernet 2/0 ! interface TenGigabitEthernet 2/0 no ip address mtu 9252 switchport no shutdown buffer-policy myfsbufferprofile FTOS#show buffer-profile detail int tengig 0/10 - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 663
displays an error message instructing you to remove the default configuration using the no buffer-profile global command. Sample Buffer Profile Configuration The two general types of network environments are sustained data transfers and voice/data. Dell Force10 recommends a single-queue approach - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 664
www.dell.com | support.dell.com Figure 39-10. Single Queue Application with Default Packet Pointers ! buffer-profile fp Tengig 0/10 ! interface TenGigabitEthernet 0/10 no ip address Troubleshooting Packet Loss The show hardware stack-unit command is intended primarily to troubleshoot packet loss - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 665
Figure 39-11. Displaying Drop Counter Statistics FTOS#show hardware stack-unit 0 drops UNIT No: 0 Total Ingress Drops :0 Total IngMac Drops :0 Total Mmu Drops :0 Total EgMac Drops :0 Total Egress Drops :0 UNIT No: 1 Total Ingress Drops :0 Total IngMac Drops :0 Total Mmu Drops :0 Total EgMac Drops :0 - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 666
www.dell.com | support.dell.com Figure 39-12. Displaying Buffer Statistics, Displaying Drop Counters FTOS#show hardware stack-unit 0 drops unit 0 port 1 --- Ingress Drops --- Ingress Drops : 30 IBP CBP - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 667
Figure 39-13. Displaying Buffer Statistics, Displaying Dataplane Statistics FTOS#show hardware stack-unit 2 cpu data-plane statistics bc pci driver statistics for device: rxHandle :0 noMhdr :0 noMbuf :0 noClus :0 recvd :0 dropped :0 recvToNet :0 rxError :0 rxDatapathErr :0 rxPkt( - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 668
www.dell.com | support.dell.com Displaying Stack Port Statistics The show hardware stack-unit stack-port command displays input and output statistics for a stack-port interface (Figure 39-15). - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 669
Enable RPM core dumps and specify the shutdown mode. Command Syntax logging coredump server Command Mode CONFIGURATION To undo this command, use the no logging coredump server command. Mini Core Dumps FTOS supports mini core dumps for application and kernel crashes. The mini core dump applies - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 670
www.dell.com | support.dell.com Figure 39-17. Mini 44:22 +00:00 startup-config.bak Aug 28 2009 16:16:10 +00:00 f10StkUnit0.mrtm.acore.mini.txt Aug 28 2009 17: crashes, the mini core file is uploaded to new master. In the MXL Switch, only the master unit has the ability to upload the coredump. Figure - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 671
TCP Dumps TCP dump captures CPU bound control plane traffic to improve troubleshooting and system manageability. When enabled, a TCP dump captures all the packets on the | max-file-count value | packet-count value | snap-length value | write-to path] CONFIGURATION Debugging and Diagnostics | 669 - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 672
670 | Debugging and Diagnostics www.dell.com | support.dell.com - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 673
standard cited here is listed as supported by Dell Force10 operating software (FTOS), FTOS also supports predecessor standards. One way to search .3ad - Link Aggregation with LACP • 802.3ae - 10 Gigabit Ethernet (10GBASE-W, 10GBASE-X) • 802.3ak - 10 Gigabit Ethernet (10GBASE-CX4) • 802.3i - Ethernet - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 674
dell.com | support.dell.com RFC and I-D Compliance The following standards are supported by FTOS, and are grouped by related protocol. The columns showing support by platform indicate which version of FTOS first supports CHAP) 2474 Definition of the Differentiated Services Field (DS Field) in the - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 675
an Address Assignment and Aggregation Strategy Clarifications and Extensions for the Bootstrap Protocol Requirements for IP Version 4 Routers Dynamic Host Configuration Protocol Virtual Router Redundancy Protocol (VRRP) Using 31-Bit Prefixes on IPv4 Point-to-Point Links DHCP Relay Agent Information - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 676
www.dell.com | support.dell.com Border Gateway Protocol (BGP) RFC# Full Name 1997 BGP BGP-4 3065 Autonomous System Confederations for BGP 4360 BGP Extended Communities Attribute 4893 BGP Support for Four-octet AS Number Space 5396 Textual Representation of Autonomous System (AS) Numbers - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 677
Open Shortest Path First (OSPF) RFC# Full Name 1587 2154 2328 2370 3623 4222 The OSPF Not-So-Stubby Area (NSSA) Option OSPF with Digital Signatures OSPF Version 2 The OSPF Opaque LSA Option Graceful OSPF Restart Prioritized Treatment of Specific OSPF Version 2 Packets and Congestion Avoidance - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 678
www.dell.com | support.dell.com Network Management RFC# 1155 1156 1157 1212 1215 1493 1724 1850 1901 the User Datagram Protocol using SMIv2 Definitions of Managed Objects for Data Link Switching using SMIv2 IP Forwarding Table MIB Introduction and Applicability Statements for Internet Standard - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 679
Control Table, Ethernet History Table, Alarm Table, Event Table, Log Table The Interfaces Group MIB Remote Authentication Dial In User Service (RADIUS) Remote Network Monitoring Management Information Base for High Capacity Networks (64 bits): Ethernet Statistics High-Capacity Table, Ethernet - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 680
www.dell.com | support.dell.com IEEE 802.1AB Management Information Base module for LLDP configuration, statistics, local system data and remote systems data sFlow Version 5 MIB FORCE10-BGP Force10 BGP MIB 4-V2-MIB (draft-ietf-idr-bgp4-mibv2-05) FORCE10-IF-E Force10 Enterprise IF Extension MIB - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 681
# Full Name FORCE10-LIN Force10 Enterprise Link Aggregation MIB KAGG-MIB FORCE10-COP Force10 File Copy MIB (supporting SNMP Y-CONFIG-MI SET operation) B FORCE10-MO Force10 Monitoring MIB N-MIB FORCE10-PRO Force10 Product Object Identifier MIB DUCTS-MIB FORCE10-SS- Force10 S-Series Enterprise - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 682
/MIBs/MIB_OIDs.aspx Some pages of iSupport require a login. To request an iSupport account, go to: https://www.force10networks.com/CSPortal20/Support/AccountRequest.aspx If you have forgotten or lost your account information, contact Dell Force10 TAC for assistance. 680 | Standards Compliance - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 683
Index Numerics 10/100/1000 Base-T Ethernet line card, auto negotiation 250 100/1000 null-username command 474 AAA Authentication authentication and authorization, local by default 479 command 478 configuring 477 enable 478 enable command 478 enable method 477 line method 477 local method 477 none - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 684
dell.com | support.dell.com E extended IP ACL 72 F Fast Convergence after MSTP-Triggered Topology Changes 218 fast-convergence OSPF 374 File Transfer Protocol. See FTP. flowcontrol 248 forward delay 467, 583 FTOS 362 FTP 61 configuring client parameters 63 configuring server 224 10-Gigabit Ethernet - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 685
362 NSSA External 362 Opaque Area-local 362 Opaque Link-local 363 Router 362 types supported 362 M management interface 224 configuring a management interface 227 configuring IP address 227 definition 227 management interface, switch 223 max age 467 MIB Location 680 minimum oper up links in a port - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 686
www.dell.com | support.dell.com restarting OSPF 367, 369 router ID 370 using loopback interfaces 371 using prefix lists 378 viewing configuration of neighboring router 381 viewing interface areas 370 P passwords configuring password 481 port channel definition 231 port channel (LAG), configure 233 - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 687
440 configuring interfaces to run RIP 438 debugging RIP 444 default values 436 default version 437 disabling RIP 438 ECMP paths supported 436 STG. SSH 494 debug 495 display 494 host-keys 496 ssh command 494 SSHv2 server 496 standard IP ACL 72 static route 261 STG changing parameters 467, 583 default - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 688
www.dell.com | support.dell.com TCP Tiny and 636 VRID 633, 636 VTY lines access class configuration 500 access classes and TACACS+ servers 491 assigning access classes by username 501 deny , support for 501 remote authentication and authorization 491 remote authentication and authorization, 10.0.0.0 - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 689
Index | 687 - Dell Force10 MXL Blade | MXL 10/40GbE Switch IO Module Configuration Guide - Page 690
688 | Index www.dell.com | support.dell.com
Dell Force10 Configuration
Guide for the MXL 10/40GbE
Switch IO Module
Publication Date: March 2013