Dell Force10 S2410-01-10GE-24P SFTOS Configuration Guide
Dell Force10 S2410-01-10GE-24P Manual
 |
View all Dell Force10 S2410-01-10GE-24P manuals
Add to My Manuals
Save this manual to your list of manuals |
Dell Force10 S2410-01-10GE-24P manual content summary:
- Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 1
SFTOS Configuration Guide - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 2
damage to hardware or loss of data if instruction are not followed. WARNING: A WARNING indicates a potential for property damage, personal injury, or death. Information in this publication is subject to change without notice. © 2010 Dell Force10. All rights reserved. Reproduction of these materials - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 3
New Features SFTOS 2.5.3 improves SFTOS internals only, with no new features. SFTOS 2.5.2 adds: • A substantial support interface that is not accessible through the standard CLI modes and is not publicly documented • Support for new S-Series platforms, including the S50N, S50N-DC, and S25P-DC Other - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 4
www.dell.com | support.dell.com 4 | New Features - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 5
Guide 16 Conventions 16 Related Dell Force10 Documents and Additional Information 16 Contact Information 17 Documentation Feedback 17 Technical Support 17 The iSupport Website 17 Accessing iSupport Services Routing and Switching Support 22 Routing Protocol Support 22 Multicast Protocols - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 6
www.dell.com | support.dell.com Checking Status 32 Viewing the Software Version and Switch Numbers 32 Verifying Details about the Switch 32 Showing Network Settings 34 Displaying Supported Features and System Up-time 34 Displaying Statistics 36 User Management 36 Creating a User and Password - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 7
TFTP Server 62 Troubleshooting a Downloaded Script Discovery Protocol (LLDP 75 Setting up Remote Network Monitoring (RMON 75 Important Points to Time 78 Setting the System Date and Time Manually 78 SNTP Overview 79 CLI Examples of about the Switch 81 5 Stacking S-Series Switches 83 S- - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 8
www.dell.com | support.dell.com Best Practices 89 Removing a Switch from a Stack 90 Setting Management Unit Preferences 91 107 Configure a syslog server 108 7 Configuring Interfaces 111 Interface Support in SFTOS 111 Viewing Interface Information 112 Viewing Layer 3 Interface Information - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 9
Using the CLI to Configure Access through RADIUS 138 Enabling Secure Management with SSH 140 Enabling SSH 142 10 Spanning Tree 145 SFTOS STP Switching Features 145 Forwarding, Aging, and Learning 145 Spanning Tree Protocol (STP, IEEE 802.1D 146 Basic STP (802.1D) CLI Management 146 Basic STP - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 10
www.dell.com | support.dell.com Example of configuring STP 152 Influencing the Spanning Tree configuration example 175 Displaying LAGs (Port Channels 176 12 Quality of Service 177 Using Differentiated Services (DiffServ 177 Deploying DiffServ 180 Creating Class-maps/DiffServ Classes 180 - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 11
service-policy Command 190 Configuring Differentiated Services by Department 191 Configuring Differentiated Services for Voice over IP 194 13 Access Control 197 SFTOS Support VLAN 217 Example of creating a routed VLAN on one switch 217 GARP and GVRP 218 GARP VLAN Registration Protocol (GVRP - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 12
www.dell.com | support.dell.com Displaying GARP, GVRP, GMRP Properties 222 show garp and show gvrp configuration all commands 222 Creating an IP Subnet-based VLAN 223 Configuring a Private - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 13
Recovering from a Lost Password 277 Recovering from Switch Stack Problems 277 Preventing Auto-negotiation Mismatches 278 Monitoring SFPs 280 Monitoring 10 GE Interfaces 281 Monitoring CPU and Memory Utilization 281 Software Forwarding 281 Troubleshooting No Output on the Console 282 A RFCs - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 14
14 | Table of Contents www.dell.com | support.dell.com - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 15
• The iSupport Website on page 17 • Objectives • Audience • Conventions • Related Dell Force10 Documents and Additional Information Objectives This document provides configuration instructions and examples for the following S-Series switches: • S50 • S50V • S50N, S50N-DC • S25P, S25P-DC It includes - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 16
The following documents provide information on using Dell Force10 S-Series switches and SFTOS software. All of the documents are available on the Documents tab of iSupport (the Dell Force10 support website - http://www.force10networks.com/support: • SFTOS Command Reference 16 | About this Guide - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 17
part number • Page number • Software release version Technical Support The iSupport Website Dell Force10 iSupport provides a range of support programs to assist you with effectively using Dell Force10 equipment and mitigating the impact of network outages. Through iSupport you can obtain technical - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 18
page. Contact Information E-mail: [email protected] Web: www.force10networks.com/support/ Telephone: US and Canada: 866.965.5800 International: 408.965.5800 For more on using the iSupport website and accessing services, see the Dell Force10 Service and Support Guide. 18 | About this - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 19
switch (with the exception of the Stacking module, which is not included on the S2410), while the Layer 3 Package includes both the core software and software that supports guarantees. See Using Differentiated Services (DiffServ) on page 177. • Layer 2 Switching: • Bridging support (the default) for - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 20
www.dell.com | support.dell.com - Flow Control at the MAC layer: you may configure the switch or a port to temporarily halt traffic when necessary to prevent overload (formerly IEEE 802.3x) • Additional functions you can use to manage the network including IGMP Snooping (see Chapter 15, IGMP - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 21
2 Classification • Layer 3 DSCP • Wirespeed ACLs (L2/L3/L4) VLAN • IEEE 802.1q Support • Frame Extensions (IEEE 802.3ac) • GVRP, GARP, GMRP • Port-based VLANs • Protocol-based VLANs • Supported Number of VLANs Multicast Protocols • IGMP Snooping • Layer 2 Multicast Forwarding Security and Packet - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 22
www.dell.com | support.dell.com • HTML-based Management • HTTPS/SSL • RMON Groups • SNMP v1/v2c • SNTP Support • SSHv2 • Syslog • Telnet (RFC of the features listed above, along with the following features. Extended Routing and Switching Support • 4k IPv4 Routing Table Entry • ARP (RFC 826) • CIDR ( - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 23
Multicast Protocols • IGMP v1/v2 (RFC 1112, 2236) • PIM-SM-edge • DVMRP • PIM-DM Management • ECMP SFTOS Features | 23 - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 24
www.dell.com | support.dell.com Load Balancing • LAG Load Balancing: For IPv4 packets, LAG FTOS requires more commands, usually with more detailed options than in SFTOS, to support the more complex E-Series switches. Note: As you can see in some command descriptions, below, the major difference - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 25
2-1. Using the show port Command (Force10 S50) #show port 1/0/2 Admin show sysinfo, and show tech-support provides the results of a group before SFTOS Release 2.3. • The service timestamps command: This FTOS command is • File management: Table 2-1. Switch File Management FTOS references system file - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 26
www.dell.com | support.dell.com • Software naming convention: E-Series software uses this naming convention: FTOS- >-.bin" for example: SFTOS-S2410-2.4.1.1-switching.bin. Port Naming Convention SFTOS supports stacking (one virtual switch made by connecting several switches) - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 27
32 - Displaying Statistics on page 36 - Viewing the Software Version and Switch Numbers on page 32 - Showing Network Settings on page 34 - Displaying Supported Features and System Up-time on page 34 - Verifying Details about the Switch on page 32 • User Management on page 36 - Creating a User and - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 28
Dell Force10 network. FTMS includes Node Manager, which not only provides GUI-based device management, it also includes the ability to execute CLI commands, either individually from Node Manager or by having Node Manager open a Telnet window to the device. • Telnet: See Enabling Telnet to the Switch - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 29
an additional crossover cable. fn00162s50 2 Connect the RJ-45/DB-9 adapter that is shipped with the switch to the RJ-45 cable. Note: The console port pinout: Pin 1 = NC Pin 2 = the serial configuration on both the switch and computer. See the command options in the following step. For more - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 30
www.dell.com | support.dell.com User:admin Password: Force10 >enable Password: Force10 #configure Force10 (Config)#lineconfig Force10 (Line)#? exit To Parity none For more on setting serial settings, see the hardware guide for your system or the System Management Commands chapter in the SFTOS - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 31
Command Line Interface (CLI) is the main way to manage S-Series switches. You can use the CLI through: • Console port: As described Exec: hostname > Note: The default text for the hostname part of the prompt is "Force10 S50". You can modify that part of the prompt by using the hostname command. See - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 32
modes: Figure 3-5. Using the show switch Command Force10 #show switch Management Preconfig Plugged-in Switch Code Switch Status Model ID Model ID Status Version 1 Mgmt Switch SA-01-GE-48T SA-01-GE-48T OK 2.3.1 Force10 # The Switch column shows the switch ID, which is useful if the - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 33
Switch Force10 #show switch Management Preconfig Plugged-in Switch Code Switch Status Model ID Model ID Status Version 1 Mgmt Switch SA-01-GE-48T SA-01-GE-48T OK 2.3.1 Force10 #show switch 1 Switch 1 Management Status Management Switch -support command is so lengthy, Dell Force10 - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 34
.dell.com | support.dell.com Showing Network Settings Execute the show interface managementethernet command from either the User Exec or Privileged Exec modes. The resulting display, as shown in the example below, displays all the settings relating to IP-based management connections to the switch - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 35
Supported Features and System Uptime Force10 #show version Switch: 1 System Description Force10 S50 Vendor ID 07 Plant ID 01 Country Code 04 Date Code 062005 Serial Number DE4000126 Part Number 759-00001-00 Revision 0A Catalog Number SA-01 Information Base for Network Management of TCP/IP - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 36
dell.com | support.dell.com Displaying Statistics Privileged Exec mode commands to display statistics include: • Switch summary statistics: - show interface switchport • Interface summary statistics: - show interface unit/slot/port • Switch is to reload the switch using factory defaults. See - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 37
w_turner passwd willspwd User login name and password are set. Force10 (Config)#no username w_turner Force10 (Config)#username w_turner passwd newpwd User login name and password are set.Password Changed! Note: SFTOS 2.5.1.3 adds support for the following special characters in other words, period - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 38
dell.com | support.dell new password: Figure 3-12. Setting the Enable Password Force10 #enable passwd Enter new password:******* Confirm new password • Setting the Management IP Address on page 39 • Enabling Telnet to the Switch on page 39 • Configuring an Interface with an IP Address on page 40 - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 39
Enabling an Individual Port Force10 >enable Force10 #config Force10 (Config)#interface 1/0/22 Force10 (Interface 1/0/22)#no shutdown of the management interface. Note: Creating a management IP address is supported by both the Layer 2 (Switching) and Layer 3 (Routing) licenses of SFTOS. By default, - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 40
www.dell.com | support.dell.com switch. Configures an IP address on an interface. The IP address may be a secondary IP address. Force10 #configure Force10 (Config)#ip routing Force10 (Config)#interface 1/0/3 Force10 01 Encapsulation Type Ethernet IP Mtu 1500 Force10 # 40 | Getting Started - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 41
50.0.0.2 255.255.255.0 Disable Disable 1/0/4 66.1.1.1 255.255.255.0 Disable Disable Force10 # Setting up SNMP Management To use an SNMP-based network management tool, you must enable a management IP address for the switch, as described above (see Setting the Management IP Address on page 39 - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 42
dell.com | support.dell.com Setting Up the Management VLAN As described in Setting the Management IP Address on page 39, when you set up a management IP address, you can manage the switch to Configure a VLAN Force10 (Config)#interface vlan 55 Force10 (Conf-if-vl-55)#tagged 1/0/5 Force10 (Conf-if-vl- - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 43
Force10 (Config)#spanning-tree port mode enable all Force10 (Config)#exit Force10 #show spanning-tree summary Spanning Tree Adminmode........... Enabled Spanning Tree Version IEEE 802.1s Configuration Name 00-01 you can copy that file to the rebooted switch to be used as the configuration on the - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 44
www.dell.com | support.dell.com Important Points to Remember - Files • Beginning with SFTOS in this guide. Downloading and Uploading Files Use the copy command (in Privileged Exec mode) to download or upload various files using TFTP or Xmodem. The following files can be uploaded from the switch: • - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 45
, because a software upgrade includes an automatic conversion of the binary configuration file to text. Note: SFTOS Version 2.5.1 introduces support for dual software image management on the switch, so that you can download a new image and keep it on the system without installing it until you are - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 46
www.dell.com | support.dell.com Figure 3-19. Displaying the Current Software Version Force10 #show hardware Switch: 1 System Description Force10 S50 Vendor ID 07 Plant ID 01 Country Code 04 Date Code Serial Number 114 Part Number Revision Catalog Number SA-01-GE-48T Burned In MAC Address - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 47
you like to save them now? (y/n) n Configuration Not Saved! Are you sure you want to reload the stack? (y/n) y Reloading all switches. Force10 Boot Code... Version 01.00.26 06/03/2005 Select an option. If no selection in 2 seconds then operational code will start. 1 - Start operational code - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 48
www.dell.com | support.dell.com Figure 3-21. Logging In and Using the enable Command Force10 User:admin Password: NOTE: Enter '?' server from which to download the software image. Figure 3-22. Using the ping Command Force10 #ping 10.10.1.254 Send count=3, Receive count=3 from 10.16.1.254 5. Ping - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 49
://unit/{image1 | image2} For details on managing software in a stack of switches, see Upgrading Software in a Stack on page 94 in the Stacking chapter. cannot be directly saved to the network). Figure 3-24. Saving the Current Running Configuration to NVRAM Force10 #copy system:running-config nvram: - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 50
.dell.com | support.dell. in the stack. In addition, the copy command provides an option to manually copy an image to a selected stack member, typically a new member that next reboot. For details, see Copying SFTOS Software to a Member Switch on page 95 in the Stacking chapter. The reload [unit] command - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 51
unit number, the command displays image details for all nodes on the stack. Privileged Exec Update the bootcode (boot loader) on the designated switch. (The bootcode is read from the active image for subsequent reboots). Note: The following parameter definitions apply to the commands provided by - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 52
www.dell.com | support.dell.com The Boot Menu is also revised in SFTOS v. 2.5.1 to allow the user to SFTOS versions. Note that the installation of v. 2.5.1 incurs a pause of several minutes while the switch reformats its flash to accommodate the Dual Image Management feature. 52 | Getting Started - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 53
to SFTOS 2.5.1 Force10 #reload Are you sure you want to reload the stack? (y/n) y Reloading all switches. Force10 Boot Code... bin to the list dimImageAdd returned -3 Boot Menu Version: 30 Aug 2006 Version 02.01.42 08/30/2006 Select an option. If no selection in 2 seconds then operational - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 54
www.dell.com | support.dell.com After installing SFTOS 2.5.1 on the management switch and the stack, as described above, use OPTIONAL) Copy the startup configuration file to network storage. Install the designated SFTOS software image (see Step 3) on all switches in the stack or on the selected unit - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 55
you like to save them now? (y/n) n Configuration Not Saved! Are you sure you want to reload the stack? (y/n) y Reloading all switches. Force10 Boot Code... Version 01.00.26 06/03/2005 Select an option. If no selection in 2 seconds then operational code will start. 1 - Start operational code - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 56
www.dell.com | support.dell.com When converting from a Routing image to a Switching image, you must interrupt the reboot to revert the switch to factory defaults, as shown in Figure 3-27: Figure 3-27. Restoring Factory Defaults when Converting from Routing to Switching Image Force10 #reload - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 57
You can then download the edited file to any switch to use as the startup-config file. Caution: Force10 #clear config Are you sure you want to clear the configuration? (y/n)y Clearing configuration. Please wait for login prompt. Force10 # (Unit 1)> Saving the Startup Configuration to the Network - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 58
is of installing a configuration file from the network. Starting with SFTOS v. 2.3, you can save a startup-config file as a text file to a server, edit it, and then download it to any switch. Figure 3-30. Using the copy tftp Command to Download Startup-Config Force10 #copy tftp://10.16.1.56/s50_1 - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 59
9 to reload/boot the switch. Figure 3-31. Restoring the Configuration to Factory Defaults Force10 Boot Code... Version 01.00.27 11/18/2005 Select . See Downloading and Uploading Files on page 44 or Configuring from the Network on page 58. Resetting the Pre-configured System If you are bringing - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 60
www.dell.com | support.dell.com Using Configuration Scripts This that can be uploaded and downloaded to and from the switch and a TFTP server. See the Configuration Scripting section in Exec Create a configuration script by specific name. Force10 #show running-config test.scr Config script - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 61
name. Figure 3-32. Using the script show Command Force10 #script show test.scr 1 : !Current Configuration: 2 : ! 3 : hostname "Force10" 4 : network parms 10.10.1.33 255.255.255.0 10.10.1.254 Mode Purpose Privileged Exec Deletes the named script from the switch memory. Getting Started | 61 - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 62
www.dell.com | support.dell.com Force10 #script delete test.scr Are you sure you want to delete the configuration script(s)? "Force10" interface managementethernet ip address 10.10.1.33 255.255.255.0 exit management route default 10.10.1.254 interface vlan 11 Troubleshooting a - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 63
problem: Line 29:: permit 01:80:c2:00:00:00 any assign-queue 4 Line 30:: permit any 01:80:c2:00:00:ff assign-queue 3 redirect 1/0/10 Line 31:: permit 01 like to save them now? (y/n) n Configuration Not Saved! hostname "Force10" interface managementethernet ip address 10.10.1.33 255.255.255.0 exit - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 64
dell.com | support.dell.com For example, the command to create a class-map called "cm-1" is class-map match-all cm-1, while the command to edit cm-1 later is class-map cm-1 (For more on class-map, see Using Differentiated Services the script list Command Force10 #script list Configuration Script - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 65
the commands show logging or show logging history. • List of logging hosts - Use the command show logging hosts. • Traps - enabled trap events; cleared on switch reset - Use the command show logging traplogs. For details on the logs and logging, see the chapter System Logs on page 101. See also the - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 66
66 | Getting Started www.dell.com | support.dell.com - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 67
-if-ma)#exit Force10 (Config)#exit Force10 #show interface managementethernet IP Address 10.10.1.151 Subnet Mask 255.255.255.0 Default Gateway 10.10.1.254 Burned In MAC Address 00:01:E8:D5:A0:39 Locally Administered MAC Address 00:00:00:00:00:00 MAC Address Type Burned In Network Configuration - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 68
dell.com | support.dell as your guide. Step Command Force10 (Config)#interface vlan 5 Force10 (conf-if-vl-5)#name management_vlan Force10 (conf-if-vl-5)#interface 1/0/43 Force10 (conf-if-vl-5)#exit Force10 (Config)#interface managementethernet Force10 (Config-if-ma)#vlan participation 5 Force10 - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 69
Force10 #show interface managementethernet IP Address 192.168.0.50 Subnet Mask 255.255.255.0 Default Gateway 192.168.0.11 Burned In MAC Address 00:01:E8:0D:30:9A Locally Administered MAC Address 00:00:00:00:00:00 MAC Address Type Burned In Network Configuration Protocol Current......... None - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 70
The configuration has become very complex. • You want to move a switch from one network to another. Note: When upgrading from SFTOS version 2.2.x to 2.3.x, you do not need to be concerned about manually reconfiguring the switch to use the new SFTOS version 2.3.x commands, because the upgrade process - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 71
Rebooting Reloading all switches. Force10 Boot Code... Version 01.00.26 06/ switch. S-Series systems support SNMP versions 1, 2c, and 3, supporting both read-only and read-write modes. SFTOS sends SNMP traps, which are messages informing network management stations about the network. SFTOS supports - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 72
dell.com | support.dell.com SFTOS SNMP support conforms to RFC 1157 (SNMP v1), RFC 1213 (SNMP v2 (MIB-II)), and RFC 2570 (SNMP v3). For more on the MIBs and SNMP-related RFCs supported by SFTOS, refer to the SNMP appendix to this guide community for the switch to join. Dell Force10 suggests that you - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 73
ro: Restricts access to switch information to read-only. • snmp-server community rw: Sets access to switch information to read/write one command) Note: The DVMRP, OSPF, and PIM traps and associated commands are supported only in the Layer 3 software image of SFTOS. Commands to [disable] enable traps - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 74
www.dell.com | support.dell.com • [ is loaded. Figure 4-46. Using the show trapflags Command Force10 #show trapflags Authentication Flag Enable Link Up/Down Flag chapter of the SFTOS Command Reference. Note: SFTOS supports the RMON (Remote Network Monitoring) MIB (RFC 2819), which is enabled by - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 75
for the associated variable. • Configure LLDP on a single port (timers not supported on one interface) (Interface Config mode): - [no] lldp mode {tx Remote Network Monitoring (RMON) in SFTOS is based on industry RMON RFC standards, providing both 32-bit and 64-bit monitoring of S-Series switches, - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 76
www.dell.com | support.dell.com Alarm (OID 1.3.6.1.2.1.16.3) Events (OID 1.3.6.1.2.1.16.9) Collected data is lost during an S-Series chassis reboot. • Only SNMP GET/GETNEXT access is supported. Configure RMON using the RMON commands. RMON Command Set For details on RMON command syntax, see - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 77
2 [no] rmon alarm 1-65535 SNMP_OID 5-3600 {delta | Global Config absolute} rising-threshold 0-4294967295 index falling-threshold 0-4294967295 index [owner string] 3 show rmon alarms brief Privileged Exec Identify the event ID created in Step 1 for which you want to set [or disable] an - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 78
Force10# Setting the System Date and Time This section describes how to configure the date and time on the switch. The date and time are used for synchronizing network is not supported. This section contains the following major sub-sections: • Setting the System Date and Time Manually • SNTP - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 79
The software clock runs only when the software is up. When the switch reboots, the clock restarts, based on the hardware clock. If you set the date and time manually, and then set up SNTP, the automatic update uses the SNTP update. Use the show clock command to check the accuracy of the - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 80
www.dell.com | support.dell.com CLI Examples of SNTP Setup The following examples show the major command sequences in configuring the SNTP connection. Example #1: Configuring SNTP client mode Figure 4-49. Configuring SNTP Client Mode Force10 (Config)#sntp client mode broadcast ? Press Enter to - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 81
show sntp server Figure 4-53. Using the show sntp server Command Force10 #show sntp server Server IP Address: 10.11.8.6 Server Type: 361 Gathering Details about the Switch In addition to the show commands demonstrated in this chapter, the section Verifying Details about the Switch on page 32 in the - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 82
82 | Management www.dell.com | support.dell.com - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 83
of interfaces from different units of the stack. • You manage the stack as a single switch by connecting to the management unit, which is a stack member that gets elected by eight units in the stack, Dell Force10 currently only supports a stack maximum of three units. Stacking S-Series Switches | 83 - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 84
Dell Force10 currently only supports a stack maximum of three units. • Each switch guide appropriate to your system. Figure 5-54. Methods for Cabling Stacks Ring Connection Cascade Connection Switch 1 A B Switch 1 A B Switch 2 A B Switch 3 A B Switch 2 A B Switch 3 A B Switch - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 85
to the other stack members. Starting with SFTOS 2.5.1, this command copies a selected software image from a TFTP server to the management switch. For supporting commands, see Downloading a Software Image on page 45 in the Getting Started chapter. Note: Previous to SFTOS 2.5.1, the archive download - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 86
www.dell.com | support.dell.com to be a management unit, then the newly added unit start the management unit election process. Unit Number Assignment You can manually assign numbers to stack members. For details, see Adding a Switch to a Stack on page 89. Otherwise, SFTOS automatically assigns - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 87
if you simply remove the stacking cables from units that are connected to the same network. If the management unit were to be removed, or it became non-functional for some reason, one of the other switches in the stack would then be elected manager by the management selection algorithm. It is - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 88
www.dell.com | support.dell.com All of the forwarding protocols run switch Command Force10 #show switch Management Preconfig Plugged-in Switch Code Switch Status Model ID Model ID Status Version 1 Mgmt Switch SA-01-GE-48T SA-01-GE-48T OK 2.3.1.5 2 Stack Member SA-01-GE-48T SA-01 - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 89
Adding a Switch to a Stack Note: Dell Force10 currently supports a stack maximum of three units. S50 models can only stack with other S50 models. The S25P, S50N, and S50V can be stacked together. See the Quick Reference appropriate to your S-Series model or its installation guide for instructions on - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 90
www.dell.com | support.dell.com Figure 5-57. Using the member Command to Add a Unit to a Stack Force10 #show supported switchtype Mgmt Code SID Switch Model ID Pref Type 1 SA-01-GE-48T 1 0x100b000 3 SA-01-GE-48T 1 0x100b000 4 SA-01-GE-48T 1 0x100b000 Force10 #configure Force10 ( - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 91
Command to Remove a Switch from a Stack Force10 (config-stack)#no member 5 Force10 (config-stack)#exit Force10 (Config)#exit Force10 #show switch Management Preconfig Plugged-in Switch Code Switch Status Model ID Model ID Status Version 1 Mgmt Switch SA-01-GE-48T SA-01-GE-48T OK F32 - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 92
www.dell.com | support.dell.com Figure 5-60. Changing Switch Unit Priority Force10 (Config)#switch 4 priority 2 Force10 (Config)#exit Force10 #show switch Management Preconfig Plugged-in Switch Code Switch Status Model ID Model ID Status Version 1 Stack Member SA-01-GE-48T SA-01-GE- - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 93
Model ID Model ID Status Version 1 Stack Member SA-01-GE-48T SA-01-GE-48T OK 2.3.1.5 3 Mgmt Switch SA-01-GE-48T SA-01-GE-48T OK 2.3.1.5 4 Stack Member SA-01-GE-48T SA-01-GE-48T OK 2.3.1.5 Force10 # Management Switch is now Unit 3 Inspecting Management Preferences The command show - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 94
www.dell.com | support.dell.com Administrative Management Preference The "Administrative Management Preference" indicates files including the unit number. Management Preference and MAC Address The role of each switch in a stack as either manager or member can be changed by setting the management - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 95
the copy command provides the following way to manually copy an image from the management switch to a selected stack member, typically one that but not yet in the new member. Notice, in Figure 5-62, that show switch reports Unit 2, but show stack does not, because all stack members are required to - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 96
.dell.com | support.dell.com Figure 5-62. Using the show bootvar Command within a Stack Force10-S50 #show switch Management Preconfig Plugged-in Switch Code Switch Status Model ID Model ID Status Version 1 Mgmt Switch SA-01-GE-48T SA-01-GE-48T OK F.10.20.1 2 Stack Member SA-01 - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 97
7 units on 1 cpu This switch is manager of the stack. Force10-S50 >show switch Management Preconfig Plugged-in Switch Code Switch Status Model ID Model ID Status Version 1 Mgmt Switch SA-01-GE-48T SA-01-GE-48T OK F.10.20.1 2 Stack Member SA-01-GE-48T SA-01-GE-48T OK F.10.20 - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 98
www.dell.com | support.dell.com Using show Commands for Stacking Information Use show commands to gather information about stack members. In this chapter, see the following examples of using show commands: • show stack-port: See Figure 5-55 on page 88. • show switch: See Figure 5-56 on page 88, - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 99
use the show switch unit command: Figure 5-69. show switch Command Example Force10 #show switch Management Preconfig Plugged-in Switch Code Switch Status Model ID Model ID Status Version 1 Mgmt Switch SA-01-GE-48T SA-01-GE-48T OK 2.3.1.5 3 Stack Member SA-01-GE-48T SA-01-GE-48T OK - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 100
www.dell.com | support.dell.com Figure 5-70. show stack Command Example Force10 #show stack Configured Running Stack Stack Link Link Unit Interface Mode Mode Status Speed (Gb/s) Port A N/A Stack Link Up 10 3 Stack Port B N/A Stack Link Up 10 100 | Stacking S-Series Switches - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 101
the Persistent Event Log on page 105 • Displaying the SNMP Trap Log on page 106 • Configuring Syslog Server Host Connections on page 107 The S-Series switch maintains five logs: • System log: This log, also referred to as the buffered log, collects events down to the level of "critical" (by default - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 102
www.dell.com | support.dell.com • logging host. See Configuring Syslog Server Host Connections on Note: See also the show trapflags and show snmptrap commands in the Management chapters of this guide and the SFTOS Command Reference. Configuring the System Log By default, buffered logging (the " - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 103
Date and Time Manually on page 78. Note: You can copy the System log from the switch to a TFTP Figure 6-71. Using the show logging Command Force10 #show logging ? 01 00:00:37 0.0.0.0-1 UNKN[213988280]: sysapi.c(1707) 63 %% Building defaults for file acl.cfg version 5 JAN 01 - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 104
dell.com | support.dell.com Interpreting system log messages Table 6-2 uses the first log message in Figure 6-71 as an example to present the field descriptions: JAN 01 6-2. A System Log Message Decomposed Field Example JAN 01 00:00:058 0.0.0.0-1 TRAPMGR [190295576]: traputil.c (661) - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 105
above, the switch maintains a persistent persistent memory for analysis by Dell Force10 Engineering. Error messages start with 6-72. Using the show eventlog Command Force10 #show eventlog Event Log --------- File EVENT can copy the Event log from the switch to a TFTP server. See Downloading and - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 106
dell.com | support.dell.com Displaying the SNMP Trap Log The show logging traplogs command displays a trap summary (number of traps since last reset and last view), followed by trap details, as shown in Figure 6-73. Figure 6-73. Using the show logging traplogs Command Force10 00:01:01 Cold switch - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 107
servers. You have the following choices for managing the logging settings: • Configure and enable the connections to up to eight syslog servers for a particular switch. • Limit the amount of data in the log, both by type (such as CLI activity) and severity. The following commands enable you to - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 108
www.dell.com | support.dell.com Figure 6-74. Using the logging host Command Force10 #config Force10 (Config)#logging ? hosts Command Force10 #show logging hosts ? Enter switch ID in the range of 1 to 8. Force10 #show logging hosts 1 ? Press Enter to execute command. Force10 #show - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 109
line in the /etc/syslog.conf file local7.debugging /var/adm/force10.log In the lines above, local7 is the logging facility and debugging , for more information on those keywords and on setting the output from the switch. To view the logging configuration, use the show logging hosts unit command in - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 110
110 | System Logs www.dell.com | support.dell.com - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 111
on page 117 • Configuring Physical Interfaces on page 117 • Bulk Configuration on page 126 Interface Support in SFTOS SFTOS supports the following interface types (SFTOS does not support null interfaces.): • 10/100/1000 Ethernet ports • Gigabit Ethernet ports (1G) • 10 Gigabit Ethernet ports - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 112
www.dell.com | support.dell.com Table 7-3. Interfaces in the S-Series Type of Interface Port Channel enabled. Figure 7-76. show running-config Command Example Showing Layer 2 Interface Information Force10 #show running-config !--initial output deleted--! interface 1/0/45 no shutdown exit interface - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 113
is optional. If specified, the class-of-service queue configuration of the interface is displayed. switch also provide status information. For details, see a the hardware guide for your switch. Figure 7-77. Using the show interface switchport Command for Switch Summary Packet Information Force10 - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 114
www.dell.com | support.dell.com Port Force10 #show interface 1/0/1 Ports 1 through 48 Packets Received Without Error 0 Errors 0 Collision Frames 0 Time Since Counters Last Cleared 0 day 0 hr 25 min 38 sec Force10 # Contrast the output in Figure 7-78, for the S50 model, to that of Figure 7- - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 115
Switch Force10 #show interface ethernet switchport Total Packets Received (Octets 0 Unicast Packets parameter, produces almost the same report - one version for the interface and the other for the switch. The version of the report generated with the unit/slot/port parameter is shown in Figure 7- - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 116
www.dell.com | support.dell.com Figure 7-82. Checking Detailed Interface Counters Per Port Using show interface ethernet Force10 #show interface ethernet 1/0/43 Total Packets Received (Octets 16217658 Packets Received > 1522 Octets 0 Packets RX and TX 64 Octets 3260 Packets RX and TX 65- - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 117
Command Example of a Layer 3 Interface Force10 #show ip interface brief Netdir Multi in Interface Support in SFTOS on page 111, three Layer 2 port types are available in S-Series switches: 10/100 manually set the speed and duplex mode. You cannot manually set the speed and duplex mode - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 118
www.dell.com | support.dell.com Physical interfaces can become part of virtual interfaces such as truncated at port 18.) Figure 7-84. Interfaces Listed in the show port all Command (Partial) Force10 #show port all Admin Physical Physical Link Link LACP Intf Type Mode Mode Status Status Trap - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 119
by the show slot Command Force10 #show slot Admin Power Configured Card Hot Power Slot Status State State Model ID Pluggable Down 1/0 Full Enable Enable SA-01-10GE-2P No No 2/0 Empty Enable Disable SA-01-10GE-2P No No 3/0 Empty Enable Disable SA-01-10GE-2P No No Note, in - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 120
www.dell.com | support.dell.com Enabling an Interface Ports are shut down by default and duplex mode. While you are still in Interface Config mode, you can use the following commands to manually set the speed and duplex mode. (See also Bulk Configuration on page 126.) Step Command Syntax 1 no - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 121
Using the show port Command to Verify Port Settings Force10 #show port 1/0/30 Admin Physical Physical Link Link installed and connected, they take precedence. For details, see the S50 hardware guide. The following table describes the expected interface status of two directly connected copper - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 122
dell.com | support.dell.com The following table describes the expected interface status of two directly connected fiber ports based on the configured or auto-negotiated speed and duplex settings. The fiber ports support command clears counters for the entire switch. When you enter the clear - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 123
shut down if the port attempting to power up has a higher PoE priority. • Support for PoE is provided in the CLI, as well as SNMP. • SNMP support is through the Power-Ethernet MIB (POWER-ETHERNET-MIB) and the Dell Force10 SFTOS-POWER-ETHERNET-MIB for snmpwalk. • Syslog messages are provided for PoE - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 124
www.dell.com | support.dell.com You can override the default power allocation method by using information for one port or all ports in the switch. See Figure 7-88. • show inlinepower: In User mode, display the status for all switches in a stack that support PoE. See Figure 7-89. 124 | Configuring - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 125
Figure 7-88. Sample of Output of show inlinepower Command for a Switch Force10-S50V >show inlinepower all Slot Admin Port Type Mode 1/0/1 Enable 1/0/2 Enable 1/0/3 Enable 1/0/4 Enable 1/0/5 Enable Class ----- 0 0 0 0 0 Priority --------- Low Low Low Low Low Output Power Limit - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 126
www.dell.com | support.dell.com Bulk Configuration Bulk configuration means configuring groups of interfaces , Bulk Configuration Examples on page 127, for more on bulk configuration. See also, in this guide, the IEEE 802.1Q VLANs chapter (VLANs on page 207) and the section Using the Interface - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 127
multiple ranges in order to configure the speed of the specified range of ports. Figure 7-91. Using Multiple Ranges Force10 (conf)#interface range ethernet 2/0/1-2/0/10,3/0/1-3/0/10 Force10 (conf-if-range-et-2/0/1-3/0/10)#speed 100 full-duplex Note that spaces are also not allowed around commas when - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 128
128 | Configuring Interfaces www.dell.com | support.dell.com - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 129
relay agent or a DHCP server. Note: The S-Series switch can only act as a DHCP/BootP relay agent when the - Chapter 20, Routing Commands Protocol Overview SFTOS support for DHCP is based on the following RFCs. For RFC 2241: DHCP Options for Novell Directory Services • RFC 2242: Netware/IP Domain Name - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 130
network address and canceling remaining leases. The client-to-server communication, asking for only local configuration parameters that the client already has externally configured as an address. Configuring the Switch as a DHCP Server Important Points to Remember • The S-Series supports - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 131
Step 1 Command ip dhcp pool poolname Mode Global Config 2 network ip_address mask DHCP Pool Config 3 default-router address1 DHCP Pool the SFTOS DHCP Server feature is disabled on the S-Series. Use the service dhcp command in Global Config mode to enable the SFTOS DHCP Server feature: - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 132
dell.com | support.dell.com Figure 8-92. Using the show ip dhcp server statistics Command Force10 clients and a DHCP server (you can only use the switch as a relay agent to one DHCP server). This section address of 255.255.255.255 (all networks broadcast address). The DHCP relay agent process - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 133
the Switch as Figure 8-93. Figure 8-93. Using the show bootpdhcprelay Command Force10 #show bootpdhcprelay Maximum Hop Count 4 Minimum Wait Time(Seconds 0 example, a DHCP address pool is created for PCs on the 10.1.3.0 network. In this pool, all addresses except the excluded address, which is the - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 134
www.dell.com | support.dell.com Figure 8-94. Diagram of Two Switches Acting as DHCP Server and Relay Agent Configure switch "S50-B", from the diagram above, as a DHCP server, as shown in Figure 8-95. Figure 8-95. Example of Configuring a Switch as a DHCP server S50-B #config S50-B (Config)#service - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 135
Enabling Secure Management with SSH on page 140 SFTOS supports several user-access security methods to the switch, including local (see Creating a User and Password and encrypted transport session (between the management station and switch) using Secure Shell (SSH). This chapter describes how to - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 136
www.dell.com | support.dell.com Step Command Syntax 4 show tacacs 5 show authentication Server Force10#config Force10 (Config)#tacacs-server host 1.1.1.1 Force10 (Tacacs)#timeout 5 Force10 (Tacacs)#exit Force10 (Config)# Figure 9-98. Display Settings for TACACS+ Server Connections Force10 - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 137
Figure 9-100. Verifying the Authentication Method Lists with the show authentication Command Force10_S50)#show authentication Authentication Login List Method 1 Method 2 Method 3 defaultList local undefined undefined one local tacacs undefined two undefined undefined undefined three - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 138
www.dell.com | support.dell.com Configuring a RADIUS Connection Remote Authentication Dial-In User Service (RADIUS) is another means of port-based network access control. The switch acts as an intermediary to a RADIUS server, which provides both an authentication and an accounting function to - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 139
network resources are located If a user, or supplicant, attempts to communicate through the switch on network resources. Figure 9-102. RADIUS Topology Figure 9-103. Configuration Example for RADIUS Force10 #config Force10 (Config)# Force10 (Config)#radius server host auth 10.10.10.10 Force10 - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 140
primary 10.10.10.10 Force10 (Config)#authentication login radiusList radius local Force10 (Config)#users defaultlogin radiusList Force10 (Config)#exit Enabling Secure Management with SSH SFTOS supports three ways to provide more secure management access to the switch: • Interactive login using the - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 141
switch. 4. Disable the insecure version of the management server (Telnet). The SSH keys certificates are in a .zip file that are on the S-Series CD-ROM. You can also get them from your Dell Force10 in accessing the switch through a Web browser. That functionality is not supported in SFTOS 2.5.2. The - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 142
www.dell.com | support.dell.com Enabling SSH Starting with SFTOS 2.5.1.1, you no longer need to 0 0 49 0 0 9920 1024 Figure 9-107. Using dir nvram Command to Inspect NVRAM for SSH Keys Force10 #dir nvram /DskVol/files> . .. hpc_broad.cfg startup-config image1 log2.bin olog1.txt slog0.txt boot.dim - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 143
SSH Server Status Force10 #show logging JAN 01 00:31:54 192.168.0.34-1 UNKN[222273672]: sshd_control.c(444) 15 %% SSHD: sshdListenTask started JAN 01 00:31:54 192 working. 5. Once you have verified that you can connect to the switch with an SSH client, the Telnet server can be disabled (if it - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 144
www.dell.com | support.dell.com 144 | Providing User Access Security - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 145
Example on page 156 • Display Spanning Tree Configuration on page 157 SFTOS STP Switching Features • Forwarding, Aging, and Learning • Spanning Tree, IVL and STP are forwarded according to their MAC address. • Aging: SFTOS supports a user-configurable address-aging timeout parameter, defined in IEEE - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 146
.dell.com | support.dell.com Spanning Tree Protocol (STP, IEEE 802.1D) When SFTOS is set to run in basic Spanning Tree Protocol (STP) mode, SFTOS conforms to IEEE 802.1D and the RFC 1493 Bridge MIB. A spanning tree algorithm provides path redundancy while preventing undesirable loops in a network - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 147
and IEEE 802.1w (Rapid Spanning Tree Protocol - RSTP). SFTOS also supports RSTP as a non-default, stanalone mode. See Setting the STP Version convergence than Spanning Tree Protocol (STP) and interoperability with other switches configured with STP and MSTP. RSTP Implementation Port Roles RSTP adds - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 148
www.dell.com | support.dell.com Port States RSTP with RSTP results from the use of BPDUs as keep-alives between adjacent switches, which establish the state before passing information to the downstream device. to recover from network outages, and increases network availability. 148 | Spanning Tree - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 149
switching package. Either IEEE 802.1D or IEEE 802.1s operates at any given time. The following is the SFTOS implementation of MSTP: • MSTP instances can only exist within a region. • One Common Instance (CIST) and 32 additional Multiple Instances (MSTIs) are supported in the network. MST regions - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 150
www.dell.com | support.dell.com MSTP CLI Management SFTOS supports Multiple Spanning Tree Protocol (MSTP) by default. tree bpdumigrationcheck {unit/slot/ port | all} Global Config Add an MSTP instance to the switch. The instance mstid is a number corresponding to the new instance ID to be added. - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 151
) • 802.1w - RST BPDUs are transmitted rather than MST BPDUs (IEEE 802.1w functionality supported) • 802.1s - MST BPDUs are transmitted (IEEE 802.1s functionality supported) The no spanning-tree forceversion command sets the Force Protocol Version parameter to the default value, 802.1s. Spanning - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 152
www.dell.com | support.dell.com Enabling STP Use the following commands to run Spanning Tree convergence on participating switches. spanning tree spanning-tree port mode enable spanning-tree port mode enable all spanning-tree port mode enable all Global Config Interface Config Global Config - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 153
root port. (Strictly speaking, the number is an index number. The number becomes more of an issue when the contending ports are on separate S-Series switches and have the same port ID, such as 1/0/1.) 4. Lowest bridge ID Spanning Tree | 153 - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 154
www.dell.com | support.dell.com The following commands influence which switch becomes the root bridge and the role of a port in the role. : Figure 10-114. Using the show spanning-tree mst port summary Command Force10 #show spanning-tree mst port summary 5 all STP STP Port Interface Mode Type - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 155
After lowering the priority of MST 5: Force10 #show spanning-tree mst port summary 5 all STP STP Port Interface Mode Type State Role 1/0/1 Enabled Disabled Disabled 1/0/2 Enabled Disabled Disabled 1/0/3 Enabled Disabled Disabled 1/0/4 Enabled - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 156
dell.com | support.dell.com Enabling an Edge Port Note: Only interfaces connected to end stations should be set up as edge ports. Edge ports in 802.1D mode are not supported start forwarding traffic sooner (typically saving 30 seconds that the switch would use to check for loops). To enable an edge - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 157
1/0/3)#spanning-tree port mode enable R4 (Interface 1/0/3)#exit 2. Configure switch R4, exactly as above. The fact that this example shows the Exec Privileged Exec Privileged Exec Display STP settings and parameters for the switch. See Figure 10-116 on page 158. Display settings and parameters - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 158
www.dell.com | support.dell.com Command and globally: Figure 10-116. Example Output from show spanning-tree interface Command Force10 #show spanning-tree interface 1/0/1 Hello Time 0 Port Mode Enabled Port Up Time IEEE 802.1s Configuration Name 00-01-E8-D5-A7-82 Configuration Revision Level - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 159
from spanning-tree brief Command Force10 #show spanning-tree brief Bridge Priority 32768 Bridge Identifier 80:00:00:01:E8:D5:A7:82 Bridge ID of root bridge chosen by all switches S50-3 #show spanning-tree Bridge Priority 32768 Bridge Identifier 80:00:00:01:E8:D5:A8:D6 Time Since Topology - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 160
www.dell.com | support.dell.com Figure 10-120 displays the output from the show spanning-tree mst port summary command for STP details of individual ports: Figure 10-120. - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 161
the priority of the MST instance, see Figure 10-123: Figure 10-123. Example Output from show spanning-tree mst port summary Command Force10 #show spanning-tree mst port summary 50 all STP STP Port Interface Mode Type State Role 0/1 Enabled Disabled Disabled 0/2 Enabled Disabled - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 162
www.dell.com | support.dell.com Figure 10-124 shows the output of the show spanning-tree mst port summary command after lowering the priority of the MST instance (contrast to Figure 10-122): Figure 10-124. Example Output from show spanning-tree mst port summary Command Force10 #show spanning-tree - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 163
command to display STP, MSTP, and RSTP BPDUs transmitted and received. Figure 10-126. Example Output from show interface ethernet Command Force10 #show interface ethernet 1/0/1 Type Normal Admin Mode Disable Physical Mode Auto Physical Status Down Speed 0 - None Duplex N/A Link Status Down - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 164
164 | Spanning Tree www.dell.com | support.dell.com - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 165
connect two switches when the traffic between them requires high bandwidth and reliability, or to provide a higher bandwidth connection to a public network. You can is used when connecting the switch to an external switch that does not support the exchange of LACP PDUs. Link Aggregation | 165 - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 166
www.dell.com | support.dell.com A LAG can offer the following benefits: • Increased is based on the source and destination MAC addresses, VLAN, type, ingress ASIC, and ingress port. • S2410: All packets: The hash is based on the source and destination MAC addresses, type, VLAN, VLAN priority, - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 167
SFTOS supports 48 LAGs, with a maximum of eight members each. SFTOS supports IEEE 802.3 Clause 43 with minor exceptions: • No optional features supported, with LACP PDUs, the system will wait three seconds and aggregate manually. The static LAG configuration should only be enabled if both parties - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 168
www.dell.com | support.dell.com Link Aggregation Group (LAG) Commands Privileged Exec and User Exec mode commands • To remove all LAGs: - clear port-channel • To display a summary of LAGs, - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 169
name to the selected LAG in the ingress direction. The 1-4294967295 option is as described above: - mac access-group name [1-4294967295] • Enable the support of static link aggregations on the LAG. By default, the static capability for all LAGs is disabled: - protocol static • Reenable the LACP on - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 170
www.dell.com | support.dell.com Interface Config mode commands Note: The [no] port lacpmode enable command is deprecated. The CLI commands in Interface Config mode used to configure LAGs - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 171
Step Command Syntax Command Mode Purpose (continued) 2 interface port-channel Global Config 1-128 (Before v. 2.5.1, the syntax was port-channel name) Create the LAG and/or enter Interface Port Channel Config mode. For the LAG ID, enter an integer between 1 and 128 that is not already in use - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 172
www.dell.com | support.dell.com Basic LAG configuration example This example shows configuring the S-Series switch to support LAGs to a server and to a Layer 2 switch. Figure 11-127. LAG Example Network Diagram 1. Use the show interface port-channel brief command to learn the LAG IDs already in use - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 173
-id command, and you use the tagged or untagged command, just as when you add a port to a VLAN: Figure 11-131. Adding a LAG to a VLAN Force10#show interface port-channel brief Codes: L - LACP Port-channel LAG Status Ports 1 Down 1/0/20 (Down) 1/0/21 (Down) 1/0/22 (Down) 2 Up 1/0/23 (Up) 1/0/24 (Up - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 174
www.dell.com | support.dell.com Using the Interface Range mode If you are applying the same in Interface Range Mode for LAGs Force10 (Config)#interface range port-channel 1,3 Force10 (conf-if-range-po-1,3)#? classofservice Configure Class of Service parameters. cos-queue Configure the - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 175
is dynamic (enabled with LACP) by default: Figure 11-133. Example of LAG Configuration with LACP Enabled by Default Force10 (Config)#interface port-channel 2 Force10 (conf-if-po- 2)#no shutdown Force10 (conf-if-po- 2)#channel-member 1/0/22-1/0/24 You would also need to enable the ports in the LAG - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 176
www.dell.com | support.dell.com Verify the status of the LAG as dynamic created through LACP: Figure 11-134. Displaying Details on a LAG with the show interface port-channel Command Force10 (Config)#exit Force10#show interface port-channel 2 Description MAC Address 00:01:E8:D5:A0:81 MTU 1518 - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 177
of service. As implemented on the S-Series, DiffServ allows you to control what traffic is accepted, what traffic is transmitted, and what bandwidth guarantees are provided. How you configure DiffServ support on the S-Series will likely vary depending on the role of the switch in your network - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 178
www.dell.com | support.dell.com • Interior node: A switch in the core of the network is responsible for forwarding packets, rather than for classifying them. It will decode the DSCP in an incoming packet, and provide buffering and forwarding services using the appropriate queue management - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 179
within all - No nested not conditions - No nested acl class types - Each class contains at most one referenced class. • Hierarchical service policies are not supported in a class definition. • Access list matched by reference only, and must be the sole criterion in a class. - I.e., ACL rules copied - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 180
www.dell.com | support.dell.com Deploying DiffServ The four basic steps necessary to deploy DiffServ interfaces in an ingress or egress capacity. 4. Enable DiffServ globally. (See Enabling Differentiated Services on page 184.) The following command sequence is annotated to show the four stages - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 181
not a member of that class. In this case, the traffic must carry a destination IP address in the 10.1.1.0 network and have a destination port of 7: Figure 12-137. Using the class-map match-all Command class-map match-all by any other class, this deletion attempt shall fail. Quality of Service | 181 - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 182
www.dell.com | support.dell.com Creating a Policy-Map The second step in deploying DiffServ is one or more QoS policy attributes. This association is then assigned to an interface to form a service. The user specifies the policy name when the policy is created. The DiffServ CLI does not necessarily - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 183
with the service-policy in policyname command. The in keyword indicates that the policy is specific to inbound traffic, because SFTOS supports only the global): Figure 12-140. service-policy Global Command Example Force10 #config Force10 (Config)#service-policy in pm-1 Force10 (Config)# Example (per - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 184
www.dell.com | support.dell.com Figure 12-141. service-policy Interface Command Example Force10 #config Force10 (Config)#interface 1/0/4 Force10 (Interface 1/0/4)#service-policy in pm-1 Force10 (Interface 1/0/4)# Note: When applied globally, a service-policy command appears under each interface, - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 185
Type All Match Criteria Values Destination Layer 4 Port 7(echo) Force10 # show class-map Command Syntax show class-map [classname] with the class type. The possible Match Criteria fields are: Class of Service, Destination IP Address, Destination Layer 4 Port, Destination MAC Address, Every - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 186
dell.com | support.dell.com Figure 12-143. show class-map Command Example Force10 #show class-map Class Class Name Type Reference Class Name cl-map-1 All cl-map-2 All cm-3 All cl-map-2 Force10 Syntax Command Mode Usage show diffserv [service [brief]] Privileged Exec This command - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 187
Figure 12-145. Using the show diffserv service brief Command Force10 #show diffserv service brief DiffServ Admin mode Enable Interface Direction . This allows a traffic classifier to specify which one of the supported hardware queues are used for handling packets belonging to the class. Conform - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 188
www.dell.com | support.dell.com Drop-Drop a packet upon arrival. This is useful for attributes actually configured are displayed): Class Name-The name of this class Mark CoS-Denotes the class of service value that is set in the 802.1p header of outbound packets. This is not displayed if the - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 189
policy-map: Figure 12-146. show policy-map Command Example Force10 #show policy-map Policy Name Policy Type Class Members pm-1 In cl-map-1 cl-map-2 Force10 # If the policy name is not specified, as shown above sample output from show policy-map policy-map-name: Quality of Service | 189 - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 190
www.dell.com | support.dell.com Figure 12-147. show policy-map Command Example Force10 #show policy-map pm-1 Policy Name pm-1 cl-map-2 In Discarded Packets 0 Force10 # Using the show service-policy Command show service-policy Command Syntax show service-policy in Command Mode Privileged Exec - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 191
element in the data path, such as the switching or routing function or an outbound link transmission element Force10 # Configuring Differentiated Services by Department The following example shows how a network administrator can provide equal access to the Internet (or other external network - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 192
www.dell.com | support.dell.com Figure 12-150. DiffServ Internet Access Example Network Diagram 1. Ensure DiffServ operation is enabled for the switch. Force10 #config Force10 (Config)#diffserv 2. Create a DiffServ class of type all for each of the departments, and name them. Define the match - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 193
service-policy Command Force10 (Config)#interface 1/0/10 Force10 (Interface 1/0/10)#service-policy in internet_access Force10 (Interface 1/0/10)#exit Force10 (Config)#interface 1/0/11 Force10 (Interface 1/0/11)#service-policy in internet_access Force10 presumed that the switch will forward this - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 194
www.dell.com | support.dell.com Configuring Differentiated Services for Voice over IP One of the most valuable uses of DiffServ is to support Voice over IP (VoIP). VoIP traffic is inherently time-sensitive. For a network to provide acceptable service, a guaranteed transmission rate is vital. This - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 195
all VoIP packets. Activate DiffServ for the switch. Force10 #config Force10 (Config)#cos-queue strict 5 Force10 (Config)#diffserv 2. Create a DiffServ classifier network. Force10 (Config)#class-map match-all class_ef Force10 (Config class-map)#match ip dscp ef Force10 (Config class-map)#exit Force10 - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 196
196 | Quality of Service www.dell.com | support.dell.com - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 197
an IP ACL to the Loopback Interface on page 203 • Enabling Broadcast Storm Control on page 205 SFTOS Support for Access Control Lists Access control lists (ACLs) are used to control the traffic entering a network. They are normally used in a firewall router or in a router connecting two internal - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 198
dell.com | support.dell the Quality of Service chapter in the unwarranted attempts to reach network resources. The following rules Force10 (Config)#mac access-list extended ml-1 Force10 (Config-mac-access-list)#permit 01:80:c2:00:00:00 any assign-queue 4 Force10 (Config-mac-access-list)#permit any 01 - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 199
identifies the MAC ACL to display: - show mac access-list name Figure 13-157. Sample Output from show mac access-list Command Force10 #show mac access-list ml-1 Rule Number: 1 Action permit Source MAC Address 01:80:C2:00:00:00 Assign Queue 4 Rule Number: 2 Action permit Destination MAC Address - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 200
www.dell.com | support.dell.com IP ACL Commands IP ACLs ensure that only authorized users have access to specific resources and block any unwarranted attempts to reach network resources. The following rules apply to IP ACLs: • SFTOS does not support IP ACL configuration for IP packet fragments. • - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 201
order of application of this ACL relative to other ACLs assigned to this interface. Figure 13-160. Using the ip access-group Command Force10 (Config)#interface 1/0/21 Force10 (Interface 1/0/21)#ip access-group 100 1 in When the ip access-group command is used in Interface Config mode, it attaches - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 202
dell.com | support.dell by the switch if the source and destination stations have IP addresses that are within defined sets. Figure 13-162. ACL Example Network Diagram an IP ACL Force10 #config Force10 (Config)#access-list 101 permit tcp 192.168.77.0 0.0.0.255 92.178.77.0 0.0.0.255 Force10 (Config)# - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 203
Force10 (Interface 1/0/2)#exit Applying an IP ACL to the Loopback Interface A loopback ACL (added in SFTOS 2.5.1), often called a management VTY ACL, uses loopback interface 0 to protect access to switch ACLs are supported only on ingress traffic. Only loopback interface 0 is supported for a - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 204
www.dell.com | support.dell.com To apply an ACL (standard or extended) for loopback, use the following sequence: Step Command Syntax 1 • For a Standard IP ACL: access-list 1-99 {deny | - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 205
.0 Force10 (Config)#interface loopback 0 Force10 (Conf-if-lo-0)# ip access-group 2 in 10 Force10 (Conf-if-lo-0)# exit 10 is the priority, an optional parameter. Force10 #show flood the LAN, degrading network performance. SFTOS provides broadcast storm control at a global (switch) level, not for - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 206
www.dell.com | support.dell.com Figure 13-167. Using the show interface-ethernet Command Force10 #show interface ethernet 1/0/2 Type Normal Admin Mode Enable Physical Mode Auto Physical Status Down Speed 0 - None Link Status Detach MAC Address 0001.E8D5.A058 Total - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 207
may not, correspond to subnets. While maintaining Layer 2 forwarding speed, network segmentation provides: • Better administration • Better security • Better management of multicast traffic Adding Virtual LAN (VLAN) support to a Layer 2 switch offers some of the benefits of both bridging and routing - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 208
www.dell.com | support.dell.com A VLAN is a set of end stations and the switch ports that switch uses as the matching criteria to determine if a particular packet belongs to a particular VLAN: • The IP subnet-based VLAN feature maps IP addresses to VLANs by specifying a source IP address, network - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 209
• It is possible to set the management VLAN to a VLAN that does not exist. If you cannot reach anything from the management IP address (see Creating the Management IP Address on page 67), check the management VLAN using show interface managementethernet or show running-config. Implementing VLANs - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 210
www.dell.com | support.dell.com VLAN Mode Commands The starting point for VLAN command syntax statements is the VLAN Commands chapter (Chapter 7) in the SFTOS Command Reference. Executing the - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 211
configuration, Creating VLANS on page 41. • For more information on VLAN routing in this guide, see the VLAN section in Chapter 17, VLAN Routing on page 262. Creating a VLAN and Adding Ports The following instructions are the basic configuration tasks for creating the VLAN and adding ports to it - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 212
www.dell.com | support.dell.com Example of creating a VLAN and assigning interfaces The diagram in this example shows four S-Series switches, R1, R2, R3, and R4, each configured with VLAN 2 to handle traffic destined for R1. This example creates VLAN 2 to connect four switches, with each switch - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 213
. • SFTOS 2.5 permits mixed tagged and untagged VLANs on an interface. Assign an interface to multiple VLANs The diagram in Figure 14-169 shows five S-Series switches, R1, R2, R3, R4, and R5, in a trunking relationship, where port 20 on R1 is connected through R5 on separate VLANs to the other three - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 214
www.dell.com | support.dell.com 3. Create VLAN 4 on switch R3 and assign port 3. R3 #config R3 (Config)#interface vlan 4 R3 (Conf-if-vl-4)#tagged 1/0/3 4. Create VLAN 3 on switch R4 Figure 14-170. Example of Removing VLANs Force10 #clear vlan The clear vlan command removes all VLAN information from - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 215
Note: Recovery of VLAN information from the startup configuration would then require reloading the switch. Adding a LAG to a VLAN To add a Link Aggregation Group (LAG) (also called a Port Channel) to a VLAN, you first create the LAG, as detailed in the - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 216
www.dell.com | support.dell.com Example of adding a LAG to a VLAN Figure 14-171. Adding a LAG to a VLAN 1. To create the topology shown in Figure 14-171, create the LAG on switch R1, giving it an integer ID (and, optionally, a description - the "admin1" shown here). Add ports to it, and enable it - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 217
Creating a Routed VLAN This section provides an example of how to configure an S-Series switch to enable VLAN routing. Your switch must be running a version of SFTOS that supports Layer 3 : Step Command Syntax 1 ip routing 2 interface vlan vlan_id 3 ip address ip_address subnet_mask 4 - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 218
www.dell.com | support.dell.com Figure 14-176. Enabling Routing Globally on a Switch R5#configure R5 (Config)#ip routing 2. Enable -if-vl-200)#untagged 1/0/3 5. Verify configurations with the show vlan id command on each switch. See an example of the command output in Figure 14-199 on page 234. Note - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 219
GARP) provides a generic attribute dissemination protocol used to support other protocols such as GVRP (GARP VLAN Registration Protocol (GVRP) • GVRP propagates VLAN membership throughout a network. • GVRP allows end stations and switches to issue and revoke declarations relating to VLAN membership. - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 220
www.dell.com | support.dell.com GARP Commands In Global Config mode, you can enable GVRP, or GMRP, or both for the switch: gvrp port 4 no shutdown 5 show garp Command Mode Usage Global Config Enable GVRP on each switch and on each port that is to be part of the GVRP VLAN. Global Config - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 221
1/0/1, and enable the port. Create VLAN 3 and add port 1/0/1 to it: Figure 14-180. Setting up the VLAN and GVRP on Switch 2 Force10 (Config)#hostname R2 R2 (Config)#gvrp adminmode enable R2 (Config)#interface 1/0/1 R2 (Interface 1/0/1)#no shutdown R2 (Interface 1/0/1)#gvrp interfacemode enable R2 - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 222
www.dell.com | support.dell.com Figure 14-181. Using the show vlan id Command (R1) #show vlan id 3 Codes: * - Default VLAN, G - GVRP VLANs, E - Ethernet interface Vlan Id Status Q Ports G 3 - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 223
in SFTOS 2.5.2.0, so it is not supported. As shown in Figure 14-183, use Force10 (Config)#show vlan association subnet IP Address IP Mask VLAN ID 192.168.10.10 255.255.255.0 2 Configuring a Private Edge VLAN (PVLAN) Use the Private Edge VLAN feature to prevent selected ports on the switch - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 224
www.dell.com | support.dell.com The Force10 (Config)#interface 1/0/10 Force10 (Interface 1/0/1)#switchport protected 1 Force10 (Interface 1/0/1)#exit Force10#show switchport protected 1 Name test_group Member Ports : 1/0/10 Force10# Configuring a Native VLAN SFTOS 2.5.1 introduced support - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 225
before you can add it to VLAN 4 as tagged native. Two commands can configure a native VLAN: • tagged interface-range native (The selected VLAN is supported as native by these tagged ports.) • untagged interface-range (These ports participate as untagged in the selected VLAN, which is the native VLAN - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 226
www.dell.com | support.dell.com Figure 14-186. Validating an Untagged Interface untagged 1/0/2 Is port 1/0/2 tagged as native for any other VLAN? No Is port 1/0/2 untagged for any other - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 227
in native VLAN 10; tagged VLAN 10, 11 Figure 14-189. Unconfiguring Native VLAN Force10 #config Force10 (Config)#interface vlan 10 Force10 (Conf-if-vl-10)#no tagged 1/0/1 native Force10 (Conf-if-vl-10)#no untagged 1/0/2 Force10 (Conf-if-vl-10)#exit 1/0/1 now in native VLAN 1; tagged in VLAN 11 - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 228
www.dell.com | support.dell.com Figure 14-190. Using show vlan Command to Display Native VLAN Members Force10 #show vlan Codes: * - Default VLAN, G - GVRP VLANs, E - Ethernet interface, ^ - Native VLAN Vlan Id Status Q Ports * 1 Inactive U E ^1/0/1 , ^1/0/2 ,1/0/3 ,1/0/4 ,1/0/5 ,1/0/6 - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 229
after SFTOS 2.5.1.13. VLAN stacking, also called Double VLAN (DVLAN) and QinQ, support VLAN tunneling. In more detail, with the VLAN-Stack feature, you can "stack" VLANs into one tunnel and switch them through the network. This feature is a way to pass VLAN traffic from one customer domain to - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 230
www.dell.com | support.dell.com Step Command Syntax -forwarding enable to disable forwarding. The default forwarding MAC address is 01:01:E8:00:00:00. Use dvlan-tunnel l2pdu-forwarding mac-address mac forwarding Command Force10 S50 #show dvlan-tunnel l2pdu-forwarding L2Pdu-Forwarding Mode: enabled. - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 231
3 going through switch R7. Figure 14-194. DVLAN Example Topology Configure switch R4: Figure 14-195. VLAN-Stack Configuration Sequence on R4 R4 (Config)#dvlan-tunnel ethertype vman !---------Access port R4 (Config)#interface 1/0/2 R4 (Interface 1/0/2)#no shutdown Force10 (Interface 1/0/1)#vlan - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 232
www.dell.com | support.dell.com Note: The first command in Figure 14-195 and in Figure 14-196 configures a dvlan-tunnel ethertype of vman, but you can assign a custom ethertype, which controls the encapsulation of the tunneled traffic, as long as the ethertype matches on both end switches (R4 and - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 233
entered) Display summary information for all configured VLANs. See Figure 14-199, below. • association Display associations to VLANs. • brief Display switch VLANs. • id Display VLAN configuration and configure VLANs. See Figure 14-200, below. • name Display VLAN configuration for a VLAN with - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 234
www.dell.com | support.dell.com Figure 14-198. Using the show running-config and show vlan brief Commands Force10 #show running-config !Current Configuration: ![excerpt showing just the vlan elements in the report]! interface vlan 1 exit interface vlan 2 exit interface vlan 3 exit Force10 #show - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 235
or all parameter, to learn the association between individual ports and VLANs: Figure 14-201. Example Output from show vlan Command Force10-S50 #show vlan port 1/0/1 Port Acceptable Ingress Default Interface VLAN ID Frame Types Filtering GVRP Priority 1/0/1 1 Admit All Enable Disable - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 236
236 | VLANs www.dell.com | support.dell.com - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 237
on page 238 See also IGMP Proxy on page 251 in the Routing chapter of this guide. IGMP in SFTOS: • Uses Version 3 of IGMP • Includes IGMP Snooping that can be enabled per VLAN Typically, a switch employing IGMP forwards multicast packets out all ports in a VLAN until it receives an IGMP membership - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 238
www.dell.com | support.dell.com interval) set igmp maxresponse 1-3599 (typically, 1 less than group the Privileged Exec mode to inspect your settings. Figure 15-202. Report from show igmpsnooping Command Force10 #show igmpsnooping ? Press Enter to execute the command. Enter - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 239
-table igmpsnooping Command Force10 #show mac-address-table igmpsnooping MAC AddressTypeDescriptionInterfaces 00:01:01:00:5E:00:01:16DynamicNetwork AssistFwd: 1/0/47 00:01:01:00:5E:00:01:18DynamicNetwork AssistFwd: 1/0/47 00:01:01:00:5E:37:96:D0DynamicNetwork AssistFwd: 1/0/47 00:01:01:00:5E:7F - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 240
www.dell.com | support.dell.com Figure 15-205. Report from show ip igmp interface Command Force10 #show ip igmp ? Press Enter to execute the command. groups Display the subscribed multicast groups. interface Display IGMP configuration information. Force10 #show ip igmp interface 1/0/2 Slot/ - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 241
page 244 Port Mirroring Features • Enables you to monitor network traffic with an external network analyzer • Forwards a copy of each incoming and 33% per port for three, and so on. Inbound or outbound packets will switch to their destination and will be copied to the mirrored port. Figure 16-208 - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 242
www.dell.com | support.dell.com Port Mirroring Commands The following are common port mirroring commands using mirrored port: Figure 16-209. Using the show monitor session command Force10 #show monitor session 1 Session IDAdmin ModeProbe PortMirrored Port 1 Enable1/0/51/0/4 242 | Port - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 243
unit/slot/port. Then use the port-security command, as shown in Figure 16-211. Figure 16-211. Example of Enabling Port Security Force10 (Interface 1/0/4) #port-security ? Press Enter to execute the command. mac-addressAdd Static MAC address to the interface. max-dynamicSet Dynamic Limit for - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 244
www.dell.com | support.dell.com Stopping the mirroring session and removing probe and mirrored ports Figure 16-213. Command Examples: Removing port mirroring configuration Force10 (Config)#no monitor session 1 mode Force10 (Config)#no monitor session source Force10 (Config)#no monitor session - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 245
all existing probe ports and mirrored ports, along with their operational status: Figure 16-215. Example of show port all Showing Port Mirroring Force10 S50 #show port all Admin Physical Physical Link Link LACP Interface Type Mode Mode Status Status Trap Mode 1/0/1 Mirror Enable Auto 100 - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 246
246 | Port Mirroring www.dell.com | support.dell.com - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 247
support for port routing in a simple network, and explain how to activate the most common routing protocols. A discussion of the use of VLANs with and without VLAN routing is followed by sections on Link Aggregation and Virtual Router Redundancy Protocol. For an introduction to the use of services - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 248
dell.com | support.dell.com Enabling Routing The S-Series always provides Layer 2 bridging, while Layer 3 routing must be explicitly enabled, first for the S-Series router as a whole, and then for each port that is to participate in the routed network interface Command Example Force10 >show ip int - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 249
4 routing Interface Config 5 exit Interface Config 6 exit Global Config 7 show ip interface unit/ Privileged Exec slot/port Purpose Enable routing on the switch. To access the INTERFACE mode for the selected port, enter the keyword interface followed by the port number in unit/slot/ port - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 250
the S-Series to provide the port routing support shown in the diagram. Figure 17-219. Port Routing Example Network Diagram 1. Enable routing for the switch. IP forwarding will then be enabled by default. Force10 #config Force10 (Config)#ip routing Force10 (Config)#exit 2. Enable routing for the - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 251
255.255.255.0 Force10 (Interface 1/0/2)#exit Force10 (Config)#interface 1/0/5 Force10 (Interface 1/0/5)#routing Force10 (Interface 1/0/5)#ip address 192.150.5.1 255.255.255.0 Force10 (Interface 1/0/5)#exit Force10 (Config)#exit IGMP Proxy The Layer 3 package of SFTOS fully supports IGMPv3, and is - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 252
www.dell.com | support.dell.com IGMP Proxy Configuration The following procedure shows the basic example The following example, as illustrated in Figure 17-221 on page 253, configures the S-Series switch identified as Unit 1, as the IGMP Proxy router, then configures port 1/0/48 as the IGMP Proxy - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 253
, use the ip igmp-proxy unsolicit-rprt-interval command: Figure 17-223. Configuring an Interface to Enable IGMP Proxy Force10 #config Force10 (Config)#interface 1/0/15 Force10 (Interface 1/0/15)#ip igmp-proxy ? Press Enter to execute the command. reset-status Reset All the proxy interface - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 254
www.dell.com | support.dell.com Verifying the configuration Verify the configuration with these enabled, as shown in Figure 17-225 Figure 17-224. Using the show ip igmp-proxy Command Force10 #show ip igmp-proxy Admin Mode Enable Operational Mode Disable • show ip igmp-proxy groups command: - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 255
ip igmp-proxy interface Command Force10-S50V#show ip igmp- guide. RIP Configuration Routing Information Protocol (RIP) is one of the protocols that routers can use to exchange network supported by SFTOS and the S-Series: • RIPv1 defined in RFC 1058 • Routes are specified by IP destination network - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 256
www.dell.com | support.dell.com RIP Configuration Example The configuration commands used in the following example enable RIP on ports 1/0/2 and 1/0/3: 1. Enable routing for the switch. Figure 17-228. Using the ip routing Command to Enable Routing Force10 #config Force10 (Config)#ip routing 2. - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 257
Path First (OSPF) is generally used in preference to RIP. OSPF offers several benefits to the administrator of a large and/or complex network: • Less network traffic: • Routing table updates are sent only when a change has occurred. • Only changed part of the table is sent. • Updates are sent - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 258
www.dell.com | support.dell.com Figure 17-232. OSPF Example Network Diagram: Inter-area Router 1. Enable routing for the switch. Figure 17-233. Enabling Routing for the Switch Force10 #config Force10 (Config)#ip routing 2. For ports 0/2 and 0/3, enable routing, and assign the IP: Figure 17-234. - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 259
ip ospf cost 32 Force10 (Interface 1/0/2)#exit Force10 (Config)#interface 1/0/3 Force10 (Interface 1/0/3)#ip ospf Force10 (Interface 1/0/3)#ip ospf areaid 0.0.0.3 Force10 (Interface 1/0/3)#ip ospf priority 255 Force10 (Interface 1/0/3)#ip ospf cost 64 Force10 (Interface 1/0/3)#exit Layer 3 Routing - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 260
www.dell.com | support.dell.com Configuring OSPF on an S-Series operating as a border router The next diagram shows the same network segment with the S-Series operating as the border router in area 0.0.0.2. The example shows the commands used to configure the switch with OSPF enabled on port 0/2 - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 261
enable OSPF for the switch. Set disable 1583compatibility to prevent the routing loop. Force10 (Config)#router ospf Force10 (Config router)#enable Force10 (Config router)#router-id 192.130.1.1 Force10 (Config router)#no 1583compatibility Force10 (Config router)#exit Force10 (Config)# 4. Enable OSPF - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 262
dell.com | support.dell 267 You can configure an S-Series switch with some ports supporting VLANs and some supporting routing. You can also configure it physical networks, or when additional segmentation or security is required. The next section shows how to configure the S-Series to support VLAN - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 263
in this guide (VLANs on page 207) contains a detailed explanation of enabling an IP VLAN (routed VLAN) on one S-Series switch. See Creating switch participating in an IP VLAN: Figure 17-238. Creating an IP VLAN Force10 #configure Force10 (Config)#ip routing Force10 (Config)#interface vlan 5 Force10 - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 264
dell.com | support.dell.com 4. As above, create VLAN 200 on switch networks. This section provides an example of configuring VLAN routing using OSPF. The example adds support for the switch: Figure 17-243. Enabling Routing for the Switch Force10 #config Force10 (Config)#ip routing Force10 (Config)# - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 265
: Figure 17-245. Output of the show ip ospf Command Before Enabling OSPF Force10 #show ip ospf Router ID 0.0.0.0 OSPF Admin Mode Disable ASBR Mode Disable RFC 1583 Compatibility Enable Force10 # 4. Enable OSPF for the switch and specify a router ID. Figure 17-246. Output of the show ip ospf - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 266
www.dell.com | support.dell.com Figure 17-247. Output of the show ip ospf Command after Enabling OSPF Force10#show ip ospf Router ID 1.1.1.1 OSPF Admin Mode Enable ASBR Mode Disable RFC 1583 Compatibility Enable ABR Status Disable Exit Overflow Interval 0 External LSA Count 0 - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 267
Number of Link Events 3 Force10 # VLAN Routing RIP support for RIPv2 to the configuration created in the previous base VLAN routing example (Example of creating a routed VLAN between switches on page 263). A second router, using port routing rather than VLAN routing, has been added to the network - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 268
#show ip vlan MAC Address used by Routing VLANs: 00:01:E8:D5:A0:6C Logical VLAN ID Interface IP Address Subnet Mask 10 0/2/1 192.150.3.1 255.255.255.0 20 0/2/2 192.150.4.1 255.255.255.0 Force10 (Config)#ip routing 2. Enable RIP for the switch. The route preference will default to 15 - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 269
included in a VLAN. More than one LAG may be configured for a given switch. For more details on LAGs, see Link Aggregation on page 165. Link an example of configuring the S-Series to support a routed Link Aggregation Group (LAG). SFTOS does not support directly assigning an IP address to a LAG - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 270
www.dell.com | support.dell.com Figure 17-253. Inspecting a Layer 3 LAG Configuration R1 (Config)#exit R1 #show Disable Proxy ARP Enable Active State Inactive Link Speed Data Rate Inactive MAC Address 00:01:E8:D5:A1:52 Encapsulation Type Ethernet IP MTU 1500 R1 #show vlan id 100 270 - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 271
appear as more than one virtual router to the network. Also, more than one port on the S-Series up to 20 virtual routers (VRRP groups) on a switch. A group can be assigned one primary IP address and example shows how to configure S-Series routers to support VRRP. Router 1 will be the default master - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 272
www.dell.com | support.dell.com Figure 17-254. VRRP Example Network Configuration Layer 3 Switch acting as Router 1 Layer 3 Switch acting as by default. Figure 17-255. Enabling Routing for a Switch Force10 # config Force10 (Config)#ip routing Force10 (Config)#exit 2. VRRP is enabled by default for - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 273
VRID) (a VRRP group ID) to the port: Figure 17-258. Assigning Virtual Router ID to the Port Participating in the VRRP Group Force10 (Interface 1/0/2)#ip vrrp 20 Force10 (Interface 1/0/2) 5. Specify the virtual IP address for that VRRP group. Note that the virtual IP address on port 1/0/2 is the same - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 274
www.dell.com | support.dell.com 4. Assign the same virtual router ID to the port as defined for Router 1. Force10 (Config)#interface 1/0/4 Force10 (Interface 1/0/4)#ip vrrp 20 5. Specify the virtual IP address that the VRRP function will recognize. Since the virtual IP address on port 1/0/4 is the - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 275
and resolve software problems related to SFTOS on an S-Series switch. Unless otherwise noted, the term switch refers to a standalone switch and to a switch stack. Additional troubleshooting information, such as LED descriptions, is provided in the hardware installation guide. This chapter consists - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 276
.dell.com | support.dell.com Note: In SFTOS 2.3.1.9, these messages also appear when moving from the routing image to the switching the wrong file to the switch or by deleting the image file. Figure 18-261. Downloading Software to the Switch Force10 S50 #copy tftp://192.168 . 276 | Troubleshooting - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 277
An RPC timeout message like the following indicates a communication problem between the management unit and the member switch with the MAC address of 0:1:e8:d5:e6:20. The communication problem in this case was caused by the stack cable. RPC - Timeout to CPU: 0:1:e8:d5:e6:20. Troubleshooting | 277 - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 278
dell.com | support.dell.com In addition to issuing the show switch and show stack commands, use the show stack-port diag command to display communication statistics for the stacking ports: Figure 18-263. Using the show stack-port diag command Force10 correct configuration. 278 | Troubleshooting - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 279
to a remote port that does not support a speed of 1 Gbps, the speed 18-265. Error Message when Links Do Not Come Up Force10 S50 (Interface 1/0/1)#speed 1000 full-duplex Force10 S50 (Interface 1/0/1)# JAN 01 09:19:27 10.16.128.183-1 TRAPMGR[244244160]: often undesirable. Troubleshooting | 279 - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 280
www.dell.com | support.dell.com Monitoring SFPs The four fiber ports on the S50 and . The port fails loop testing with acceptable power measurement levels. Note: Dell Force10 recommends closely following the instructions in the referenced document on cleaning the optics. 280 | Troubleshooting - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 281
following steps: 1. Verify that you are using the correct XFP type. Optical specifications are available on the Dell Force10 website: http://www.force10networks.com/products/specifications.asp 2. Reseat the XFP or swap it with a known so the packet is sent to the CPU to forward. Troubleshooting | 281 - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 282
dell.com | support.dell but Layer 2 entries are still subject to timeouts in SFTOS. Troubleshooting No Output on the Console Your console might experience a temporary kill the session connecting to your switch. Then re-connect. • A topology loop is occurring in the network and flooding a large number - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 283
0 Baud Rate (bps 9600 Character Size (bits 8 Flow Control Disable Stop Bits 1 Parity none 3. If you contact the Dell Force10 Technical Assistance Center, please have the following information: • How long did it take for the switch to show a response to a keystroke? Troubleshooting | 283 - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 284
network differently? Are they passing different kinds of traffic? In addition, as a best practice, configure a remote management approach, such as SSH or HTTPS, to access an S-Series switch when console access is not possible but the switch is actively forwarding data traffic. 284 | Troubleshooting - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 285
RFCs, MIBs, and Traps This appendix contains these sections: • IEEE Compliance • RFC Compliance on page 286 • SNMP-related RFCs on page 289 • Industry MIBs Supported by SFTOS on page 290 • Force 10 MIBs on page 291 • SNMP Traps on page 293 This appendix contains auxiliary information to the section - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 286
dell.com | support.dell.com • GMRP - Dynamic L2 Multicast Registration • GVRP - Dynamic VLAN Registration RFC Compliance The following is a list of the RFCs supported supported only in the Layer 3 Package (Routing) of SFTOS 2.5.1. General Switching RFC 2030 - Simple Network Time Protocol (SNTP) - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 287
Protocol Interaction Management • HTML 4.0 Specification - December, 1997 (also HTML 4.01 Specification - December, 1999) • Java and JavaScript 1.3 • RFC 854 - 05) • RFC 2572 - Message Processing and Dispatching for the Simple Network Management Protocol (SNMP) • RFC 2573 - SNMP v3 Applications • - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 288
dell.com | support.dell.com QoS • RFC 2474 - Definition of the Differentiated Services Field (DS Field) in IPv4 Headers • RFC 2475 - An Architecture for Differentiated Services RFC 2453-RIP v2 RMON • RFC 2819 - Remote Network Monitoring MIB: Ethernet Statistics Table, Ethernet History Control Table, - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 289
-exchange-04 - Diffie-Hellman Group Exchange for the SSH Transport Layer Protocol SNMP-related RFCs The following is a list of other SNMP-related RFCs supported by FTOS: • draft-ietf-magma-mgmd-mib-03.txt - Multicast Group Membership Discovery MIB • Draft-ietf-idmr-dvmrp-mib-11.txt - DVMRP MIB • RFC - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 290
www.dell.com | support.dell.com • RFC 2096: IP DIFFSERV-MIB Management Information Base for the Differentiated Services Architecture Entity MIB (Version 2) Definitions of Managed MIB module for managing Virtual Bridged Local Area Networks RADIUS Accounting Client MIB (RFC 2620) RADIUS Authentication Client - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 291
defines objects to help support coexistence between SNMPv1, SNMPv2 -SERVICES-MIB The MIB module to describe the Integrated Services Dell Force10-specific MIBs in the show sysinfo report: Table A-10. Dell Force10-specific MIBs MIB FORCE10-REF-MIB F10OS-POWER-ETHERNET-MIB Description Dell Force10 - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 292
www.dell.com | support.dell.com Table A-10. Dell Force10-specific MIBs (continued) MIB Description F10OS-SWITCHING-MIB F10OS Switching - Layer 2 F10OS-INVENTORY-MIB F10OS Unit and Slot configuration F10OS-PORTSECURITY-PRIVATE-MIB Port Security MIB F10OS-RADIUS-AUTH-CLIENT-MIB F10OS Radius - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 293
in the System log, as described in Displaying the SNMP Trap Log on page 106. Figure A-269. Using the show logging traplogs Command Force10 #show logging traplogs Number of Traps Since Last Reset 60926 Trap Log Capacity 256 Number of Traps Since Log Last Viewed.......... 59852 Log System - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 294
294 | RFCs, MIBs, and Traps www.dell.com | support.dell.com - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 295
channel-member command 171, 174 CIDR (RFC 1519) 22 Class 178 Class of Service commands (CoS) 177 class-map 64 class-map match-all 64 clear config 78 clock, setting manually 78 config command 30 config file management 70, 71 configuration file, delete 59 configuration guide 16 configuration script 44 - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 296
-MIB 123 Dell Force10-specific MIBs 291 deny permit, QoS 198 Deploying DiffServ 180 Designated Root (DR) 159 destination port (mirroring port) 241 DHCP pool 130 DHCP server 129 DHCP/BootP relay agent 129 296 | Index differences, S-Series and E-Series 24 Differentiated Services (DiffServ) 177 - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 297
Differentiated Services 184 292 F10OS-SWITCHING-MIB 292 FCS (Frame Check Sequence) 278 filedescr (image) command 51 flags, trap 73 Flow Control (IEEE 802.3x) 20 FORCE10-REF-MIB GVRP, Using 220 H hardware installation guide 16 Hardware installation guides 17 hashing algoritm, traffic distribution 166 - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 298
www.dell.com | support.dell.com IGMP (Internet Group Management Protocol) commands 237 igmp limit command 124 inlinepower priority command 124 inlinepower threshold command 124 inlinepower type command 124 INTEGRATED-SERVICES-MIB 291 Inter-area 257 inter-area router 257 interface 218, 251, 253, 256 - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 299
22 iSupport 16, 17 iSupport (SNMP information) 72, 74 IVL (Independent VLAN Learning) 145 J Jumbo Frame Support 21 L LACP 175 LACP (Link Aggregation Control Protocol) 174 LACP enable 175 LACP PDU 165, 167 LAG 165 command (VLAN) 210 Management 21 management access to the switch 140 Index | 299 - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 300
MIB, Power-Ethernet 123 MIBs 290 MIBs, counter 72 MIBs, Dell Force10-specific 291 MIBs, supported industry 290 mirrored port (source port) 241 mode dot1q-tunnel 148 N name command (VLAN) 68, 210 native VLAN 208, 210, 224 network command 131 NIC bonding 165 NIC teaming 165 168, 170, 175 no ip telnet - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 301
802.1p Priority Marking 21 ACLs 21 Bandwidth-based Rate Limiting 21 Layer 2 Classification 21 Layer 3 DSCP 21 Priority Queues 21 Quality of Service (QoS) 177 Quick Reference 17 R RADIUS 21, 36, 135 radius accounting mode command 138, 139 RADIUS Connection, Configuring a 138 radius server host acct - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 302
www.dell.com | support.dell.com Remote Authentication Dial-In User Service (RADIUS) 138 resetting the stack 86 log command 76 show rmon statistics brief command 76 show rmon statistics command 76 RMON (Remote Network Monitoring) MIB 74 rmon alarm command 77 RMON Command Set 76 rmon event command 76 - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 303
S2410 documentation 15 S50 interface managementethernet command 72 snmp-server community command 72 S50V switch 123 Saving the Startup Config to the Network clock manually 78 Setting Up a Management VLAN 42 severity levels, logging 104 SFTOS Command Reference 16 SFTOS Configuration Guide 17 SFTOS - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 304
dell.com | support.dell command fields 278 show storm-control command 205 show supported switchtype command 85, 90 show switch command 32, 45, 85, 90, 95, show vlan port command 233 Showing Created Users 37 Showing Network Settings 34 Simple Network Time Protocol (SNTP) 78 Slot defined 26 SMLT 165 - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 305
135 S-Series stack 83 S-Series Training slides 135 S-Series troubleshooting 275 SSH 28 SSH keys 141 SSH2 Server Support 21 SSHv2 22 stack command 85 stack maximum 83, Learning) 145 switch management access 140 switch priority command 85, 86, 89 switch renumber command 85, 89 Switching Features 145 - Dell Force10 S2410-01-10GE-24P | SFTOS Configuration Guide - Page 306
.dell.com | support.dell. 44 Trap Management 73 trapflags command 74 Traps 65 troubleshooting S-Series 275 trunking 213 tunnel port 229 U service-policy" Command 190 USM-TARGET-TAG-MIB 291 306 | Index V Verifying Management Port Connectivity 69 Verifying Management Port Network 69 Verifying Switch
-
1 -
2 -
3 -
4 -
5 -
6 -
7 -
8
-
9
-
10
-
11
-
12
-
13
-
14
-
15
-
16
-
17
-
18
-
19
-
20
-
21
-
22
-
23
-
24
-
25
-
26
-
27
-
28
-
29
-
30
-
31
-
32
-
33
-
34
-
35
-
36
-
37
-
38
-
39
-
40
-
41
-
42
-
43
-
44
-
45
-
46
-
47
-
48
-
49
-
50
-
51
-
52
-
53
-
54
-
55
-
56
-
57
-
58
-
59
-
60
-
61
-
62
-
63
-
64
-
65
-
66
-
67
-
68
-
69
-
70
-
71
-
72
-
73
-
74
-
75
-
76
-
77
-
78
-
79
-
80
-
81
-
82
-
83
-
84
-
85
-
86
-
87
-
88
-
89
-
90
-
91
-
92
-
93
-
94
-
95
-
96
-
97
-
98
-
99
-
100
-
101
-
102
-
103
-
104
-
105
-
106
-
107
-
108
-
109
-
110
-
111
-
112
-
113
-
114
-
115
-
116
-
117
-
118
-
119
-
120
-
121
-
122
-
123
-
124
-
125
-
126
-
127
-
128
-
129
-
130
-
131
-
132
-
133
-
134
-
135
-
136
-
137
-
138
-
139
-
140
-
141
-
142
-
143
-
144
-
145
-
146
-
147
-
148
-
149
-
150
-
151
-
152
-
153
-
154
-
155
-
156
-
157
-
158
-
159
-
160
-
161
-
162
-
163
-
164
-
165
-
166
-
167
-
168
-
169
-
170
-
171
-
172
-
173
-
174
-
175
-
176
-
177
-
178
-
179
-
180
-
181
-
182
-
183
-
184
-
185
-
186
-
187
-
188
-
189
-
190
-
191
-
192
-
193
-
194
-
195
-
196
-
197
-
198
-
199
-
200
-
201
-
202
-
203
-
204
-
205
-
206
-
207
-
208
-
209
-
210
-
211
-
212
-
213
-
214
-
215
-
216
-
217
-
218
-
219
-
220
-
221
-
222
-
223
-
224
-
225
-
226
-
227
-
228
-
229
-
230
-
231
-
232
-
233
-
234
-
235
-
236
-
237
-
238
-
239
-
240
-
241
-
242
-
243
-
244
-
245
-
246
-
247
-
248
-
249
-
250
-
251
-
252
-
253
-
254
-
255
-
256
-
257
-
258
-
259
-
260
-
261
-
262
-
263
-
264
-
265
-
266
-
267
-
268
-
269
-
270
-
271
-
272
-
273
-
274
-
275
-
276
-
277
-
278
-
279
-
280
-
281
-
282
-
283
-
284
-
285
-
286
-
287
-
288
-
289
-
290
-
291
-
292
-
293
-
294
-
295
-
296
-
297
-
298
-
299
-
300
-
301
-
302
-
303
-
304
-
305
-
306
 |
 |
SFTOS Configuration Guide