Home » Dell Manuals » Hubs & Switches » Dell MX5108n » Manual Viewer

Dell MX5108n OS10 Enterprise Edition User Guide for PowerEdge MX IO Modules Re - Page 262

remote port monitoring, Reserved L2 VLAN, Source session, Restrictions

Add to My Manuals
Save this manual to your list of manuals

Page 262 highlights

• The member port of the reserved VLAN must have the MTU and IPMTU value as MAX+4 (to hold the VLAN tag parameter). • To associate with source session, the reserved VLAN can have a maximum of four member ports. • To associate with destination session, the reserved VLAN can have multiple member ports. • The reserved VLAN cannot have untagged ports. Reserved L2 VLAN • MAC address learning in the reserved VLAN is automatically disabled. • There is no restriction on the VLAN IDs used for the reserved remote monitoring VLAN. Valid VLAN IDs are from 2 to 4093. The default VLAN ID is not supported. • In monitored traffic, packets that have the same destination MAC address as an intermediate or destination device in the path used by the reserved VLAN to transport the mirrored traffic are dropped by the device that receives the traffic if the device has a L3 VLAN configured. Source session • Configure physical ports and port-channels as sources in remote port monitoring and use them in the same source session. You can use both L2 (configured with the switchport command) and L3 ports as source ports. Optionally configure one or more source VLANs to configure the VLAN traffic to be monitored on source ports. • Use the default VLAN and native VLANs as a source VLAN. • You cannot configure the dedicated VLAN used to transport mirrored traffic as a source VLAN. Restrictions • When you use a source VLAN, enable flow-based monitoring (flow-based enable). • In a source VLAN, only received (rx) traffic is monitored. • You cannot configure a source port-channel or source VLAN in a source session if the port-channel or VLAN has a member port configured as a destination port in a remote port monitoring session. • You cannot use a destination port for remote port monitoring as a source port, including the session the port functions as the destination port. • The reserved VLAN used to transport mirrored traffic must be a L2 VLAN - L3 VLANs are not supported. Configure remote port monitoring Remote port monitoring requires a source interface (monitored ports on different source network devices) and a reserved tagged VLAN for transporting mirrored traffic (configured on the source, intermediate, and destination devices). 1 Create a remote monitoring session in CONFIGURATION mode. monitor session session-id type rspan-source 2 Enter the source to monitor traffic in MONITOR-SESSION mode. source interface interface-range direction 3 Enter the destination to send the traffic to in MONITOR-SESSION mode. destination remote-vlan vlan-id 4 Enable the monitoring interface in MONITOR-SESSION mode. no shut Create remote monitoring session OS10(config)# monitor session 10 type rspan-source OS10(conf-mon-rspan-source-10)# Configure source and destination port, and traffic direction OS10(conf-mon-rspan-source-10)# source interface vlan 10 rx OS10(conf-mon-rspan-source-10)# destination remote-vlan 100 OS10(conf-mon-rspan-source-10)# no shut 262 Layer 2

Section	Page
OS10 Enterprise Edition User Guide — PowerEdge MX I/O Modules Release 10.4.0E(R3S)	3
Getting Started	21
Supported Hardware	21
OS10 image for MX Ethernet I/O modules	21
Download OS10 image and license	22
Installation	23
Automatic installation	24
Manual installation	24
Log into OS10	25
Install OS10 license	26
Remote access	27
Configure Management IP address	27
Management Route Configuration	28
Configure user name and password	28
Upgrade OS10	29
CLI Basics	29
User accounts	29
Key CLI features	29
CLI command modes	30
CLI command hierarchy	30
CLI command categories	30
CONFIGURATION Mode	31
Command help	31
Check device status	33
Candidate configuration	35
Change to transaction-based configuration	38
Copy running configuration	38
Restore startup configuration	39
Reload system image	39
Filter show commands	40
Alias command	40
Batch mode commands	44
Linux shell commands	44
SSH commands	45
OS9 environment commands	46
Common commands	46
alias	46
alias (multi-line)	47
batch	48
boot	48
commit	49
configure	49
copy	49
default (alias)	51
delete	51
description (alias)	52
dir	52
discard	53
do	53
feature config-os9-style	53
exit	54
license	54
line (alias)	55
lock	55
management route	56
move	56
no	57
reload	57
show alias	57
show boot	59
show candidate-configuration	59
show environment	61
show inventory	62
show ip management-route	62
show ipv6 management-route	63
show license status	63
show running-configuration	64
show startup-configuration	66
show system	67
show version	69
start	69
system	70
system identifier	70
terminal	70
traceroute	71
unlock	72
write	72
PowerEdge MX Ethernet I/O modules	74
Operating modes	74
Changing operating modes	76
Restrictions	76
Port groups on I/O modules	76
Double-density QSFP28 interfaces	76
Virtual ports	79
Single-density QSFP28 interfaces	82
Server-facing interfaces	83
Interfaces	85
Ethernet interfaces	85
L2 mode configuration	85
L3 mode configuration	86
Fibre Channel interfaces	86
Management interface	88
VLAN interfaces	88
User-configured default VLAN	89
VLAN scale profile	89
Loopback interfaces	90
Port-channel interfaces	90
Create port-channel	91
Add port member	91
Minimum links	92
Assign Port Channel IP Address	92
Remove or disable port-channel	92
Load balance traffic	93
Change hash algorithm	93
Configure interface ranges	93
Switch-port profiles	94
S4148-ON Series port profiles	95
S4148U-ON port profiles	96
Unified port groups	97
Configure breakout mode	99
Breakout auto-configuration	99
Reset default configuration	100
Forward error correction	101
Energy-efficient Ethernet	102
Enable energy-efficient Ethernet	103
Clear interface counters	103
View EEE status/statistics	103
EEE commands	104
View interface configuration	107
Interface commands	110
channel-group	110
default interface	110
default vlan-id	113
description (Interface)	113
duplex	114
feature auto-breakout	114
fec	115
interface ethernet	115
interface loopback	115
interface mgmt	116
interface null	116
interface port-channel	116
interface range	117
interface vlan	117
link-bundle-utilization	118
mode	118
mode l3	119
mtu	120
port-group	120
scale-profile vlan	121
show discovered-expanders	121
show interface	122
show inventory media	123
show link-bundle-utilization	124
show port-channel summary	124
show port-group	125
show switch-operating-mode	126
show switch-port-profile	126
show unit-provision	126
show vlan	127
shutdown	127
speed (Fibre Channel)	128
speed (Management)	128
switch-port-profile	129
switchport access vlan	131
switchport mode	131
switchport trunk allowed vlan	132
unit-provision	132
Fibre channel	134
Fibre Channel over Ethernet	134
Configure FIP snooping	135
Terminology	136
Virtual fabric	136
Fibre Channel zoning	139
F_Port on Ethernet	141
F_Port, NPG, and FCoE commands	141
clear fcoe database	141
clear fcoe statistics	141
fc alias	142
fc zone	142
fc zoneset	143
fcoe	143
fcoe max-sessions-per-enodemac	144
feature fc	144
feature fc npg	144
feature fip-snooping	145
fip-snooping enable	145
fip-snooping fc-map	145
fip-snooping port-mode fcf	146
member (alias)	146
member (zone)	147
member (zoneset)	147
name	147
show fc alias	148
show fc ns switch	148
show fc statistics	149
show fc switch	150
show fc zone	150
show fc zoneset	151
show fcoe enode	152
show fcoe fcf	152
show fcoe sessions	153
show fcoe statistics	153
show fcoe system	154
show fcoe vlan	154
show npg devices	154
show running-config vfabric	155
show vfabric	156
vfabric	157
vfabric (interface)	157
vlan	157
zone default-zone permit	158
zoneset activate	158
Layer 2	159
802.1X	159
Port authentication	160
EAP over RADIUS	161
Configure 802.1X	161
Enable 802.1X	162
Identity retransmissions	163
Failure quiet period	164
Port control mode	164
Reauthenticate port	165
Configure timeouts	166
802.1X commands	167
Link aggregation control protocol	172
Modes	172
Configuration	172
Interfaces	173
Rates	173
Sample configuration	174
LACP commands	177
Link layer discovery protocol	183
Protocol data units	183
Optional TLVs	184
Organizationally-specific TLVs	185
Media endpoint discovery	186
Network connectivity device	186
LLDP-MED capabilities TLV	186
Network policies TLVs	187
Define network policies	188
Packet timer values	188
Disable and re-enable LLDP	189
Disable and re-enable LLDP on management ports	190
Advertise TLVs	190
Network policy advertisement	191
Fast start repeat count	191
View LLDP configuration	192
Adjacent agent advertisements	193
Time to live	194
LLDP commands	194
Media Access Control	206
Static MAC Address	206
MAC Address Table	207
Clear MAC Address Table	207
MAC Commands	208
Multiple spanning-tree protocol	210
Configure MST protocol	211
Create instances	211
Root selection	213
Non-Dell hardware	213
Region name or revision	213
Modify parameters	214
Interface parameters	215
Forward traffic	215
Spanning-tree extensions	216
Debug configurations	218
MST commands	218
Rapid per-VLAN spanning-tree plus	228
Load balance and root selection	229
Enable RPVST+	229
Select root bridge	230
Root assignment	231
Loop guard	232
Global parameters	232
RPVST+ commands	233
Rapid spanning-tree protocol	241
Enable globally	241
Global parameters	242
Interface parameters	243
Root bridge selection	244
EdgePort forward traffic	245
Spanning-tree extensions	245
RSTP commands	247
Virtual LANs	253
Default VLAN	253
Create or remove VLANs	254
Access mode	255
Trunk mode	256
Assign IP address	256
View VLAN configuration	257
VLAN commands	259
Port monitoring	260
Local port monitoring	260
Remote port monitoring	261
Encapsulated remote port monitoring	263
Flow-based monitoring	264
Remote port monitoring on VLT	265
Port monitoring commands	266
Layer 3	272
Border gateway protocol	272
Sessions and peers	273
Route reflectors	274
Multiprotocol BGP	274
Attributes	275
Selection criteria	275
Weight and local preference	276
Multiexit discriminators	277
Origin	277
AS path and next-hop	278
Best path selection	278
More path support	279
Advertise cost	279
4-Byte AS numbers	280
AS number migration	280
Configure border gateway protocol	281
Enable BGP	281
Configure Dual Stack	283
Peer templates	283
Neighbor fall-over	285
Fast external fallover	286
Passive peering	288
Local AS	288
AS number limit	289
Redistribute routes	290
Additional paths	290
MED attributes	291
Local preference attribute	291
Weight attribute	292
Enable multipath	293
Route-map filters	293
Route reflector clusters	293
Aggregate routes	294
Confederations	295
Route dampening	296
Timers	297
Neighbor soft-reconfiguration	297
BGP commands	298
Equal cost multi-path	323
Load balancing	323
ECMP commands	323
IPv4 routing	326
Assign interface IP address	326
Configure static routing	327
Address resolution protocol	328
IPv4 routing commands	328
IPv6 routing	332
Enable or disable IPv6	332
IPv6 addresses	333
Stateless autoconfiguration	334
Neighbor discovery	335
Duplicate address discovery	336
Static IPv6 routing	337
IPv6 destination unreachable	337
IPv6 hop-by-hop options	338
View IPv6 information	338
IPv6 commands	338
Internet group management protocol	349
IGMP snooping	349
IGMP snooping commands	352
Open shortest path first	357
Autonomous system areas	357
Areas, networks, and neighbors	358
Router types	359
Designated and backup designated routers	360
Link-state advertisements	360
Router priority	361
Shortest path first throttling	362
OSPFv2	363
OSPFv3	394
Object tracking manager	413
Interface tracking	414
Host tracking	415
Set tracking delays	416
Object tracking	416
View tracked objects	416
OTM commands	417
Policy-based routing	420
Policy-based route-maps	420
Access-list to match route-map	420
Set address to match route-map	420
Assign route-map to interface	421
View PBR information	421
PBR commands	422
Virtual routing and forwarding	424
Configure management VRF	424
VRF commands	426
Virtual router redundancy protocol	430
Configuration	431
Create virtual router	432
Group version	432
Virtual IP addresses	433
Configure virtual IP address	433
Set group priority	434
Authentication	435
Disable preempt	435
Advertisement interval	436
Interface/object tracking	437
Configure tracking	437
VRRP commands	438
UFT modes	444
Configure UFT modes	444
UFT commands	445
hardware forwarding-table mode	445
show hardware forwarding-table mode	445
show hardware forwarding-table mode all	446
System management	447
Dynamic host configuration protocol	447
Packet format and options	447
DHCP server	448
Automatic address allocation	449
Hostname resolution	450
Manual binding entries	451
DHCP relay agent	451
View DHCP Information	452
System domain name and list	452
DHCP commands	453
DNS commands	458
Network time protocol	460
Enable NTP	460
Broadcasts	461
Source IP address	461
Authentication	462
NTP commands	463
System clock	468
System Clock commands	468
User session management	470
User session management commands	470
Telnet server	471
Telnet commands	472
Security	472
User re-authentication	473
Password strength	473
Role-based access control	474
Assign user role	474
RADIUS authentication	475
TACACS+ authentication	475
SSH Server	476
Virtual terminal line	477
Enable login statistics	477
Security commands	478
Simple network management protocol	490
SNMP commands	490
Uplink Failure Detection	492
Configure uplink failure detection	493
UFD commands	494
OS10 image upgrade	498
Boot system partition	498
Upgrade commands	499
Access Control Lists	504
IP ACLs	504
MAC ACLs	505
IP fragment handling	505
IP fragments ACL	505
L3 ACL rules	506
Permit ACL with L3 information only	506
Deny ACL with L3 information only	506
Permit all packets from host	506
Permit only first fragments and non-fragmented packets from host	506
Assign sequence number to filter	506
User-provided sequence number	507
Auto-generated sequence number	507
L2 and L3 ACLs	507
Assign and apply ACL filters	508
Ingress ACL filters	509
Egress ACL filters	509
Clear access-list counters	510
IP prefix-lists	510
Route-maps	511
Match routes	512
Set conditions	512
continue Clause	513
ACL flow-based monitoring	513
Flow-based mirroring	513
Enable flow-based monitoring	514
ACL commands	515
clear ip access-list counters	515
clear ipv6 access-list counters	515
clear mac access-list counters	516
deny	516
deny (IPv6)	517
deny (MAC)	517
deny icmp	518
deny icmp (IPv6)	519
deny ip	519
deny ipv6	520
deny tcp	520
deny tcp (IPv6)	521
deny udp	522
deny udp (IPv6)	523
description	524
ip access-group	524
ip access-list	524
ip as-path access-list	525
ip community-list standard deny	526
ip community–list standard permit	526
ip extcommunity-list standard deny	527
ip extcommunity-list standard permit	527
ip prefix-list description	527
ip prefix-list deny	528
ip prefix-list permit	528
ip prefix-list seq deny	529
ip prefix-list seq permit	529
ipv6 access-group	530
ipv6 access-list	530
ipv6 prefix-list deny	530
ipv6 prefix-list description	531
ipv6 prefix-list permit	531
ipv6 prefix-list seq deny	532
ipv6 prefix-list seq permit	532

Match case Limit results 1 per page

•

The member port of the reserved VLAN must have the MTU and IPMTU value as MAX+4 (to hold the VLAN tag parameter).

•

To associate with source session, the reserved VLAN can have a maximum of four member ports.

•

To associate with destination session, the reserved VLAN can have multiple member ports.

•

The reserved VLAN cannot have untagged ports.

Reserved L2 VLAN

•

MAC address learning in the reserved VLAN is automatically disabled.

•

There is no restriction on the VLAN IDs used for the reserved remote monitoring VLAN. Valid VLAN IDs are from 2 to 4093. The default

VLAN ID is not supported.

•

In monitored

traﬃc,

packets that have the same destination MAC address as an intermediate or destination device in the path used by

the reserved VLAN to transport the mirrored

traﬃc

are dropped by the device that receives the

traﬃc

if the device has a L3 VLAN

conﬁgured.

Source session

•

Conﬁgure

physical ports and port-channels as sources in remote port monitoring and use them in the same source session. You can use

both L2

(conﬁgured

with the

switchport

command) and L3 ports as source ports. Optionally

conﬁgure

one or more source VLANs

conﬁgure

the VLAN

traﬃc

to be monitored on source ports.

•

Use the default VLAN and native VLANs as a source VLAN.

•

You cannot

conﬁgure

the dedicated VLAN used to transport mirrored

traﬃc

as a source VLAN.

Restrictions

•

When you use a source VLAN, enable

ﬂow-based

monitoring (

flow-based enable

•

In a source VLAN, only received (

)

traﬃc

is monitored.

•

You cannot

conﬁgure

a source port-channel or source VLAN in a source session if the port-channel or VLAN has a member port

conﬁgured

as a destination port in a remote port monitoring session.

•

You cannot use a destination port for remote port monitoring as a source port, including the session the port functions as the

destination port.

•

The reserved VLAN used to transport mirrored

traﬃc

must be a L2 VLAN — L3 VLANs are not supported.

Conﬁgure

remote port monitoring

Remote port monitoring requires a source interface (monitored ports on

diﬀerent

source network devices) and a reserved tagged VLAN for

transporting mirrored

traﬃc

(conﬁgured

on the source, intermediate, and destination devices).

Create a remote monitoring session in CONFIGURATION mode.

monitor session

session-id

type rspan-source

Enter the source to monitor

traﬃc

in MONITOR-SESSION mode.

source interface

interface-range

direction

Enter the destination to send the

traﬃc

to in MONITOR-SESSION mode.

destination remote-vlan

vlan-id

Enable the monitoring interface in MONITOR-SESSION mode.

no shut

Create remote monitoring session

OS10(config)# monitor session 10 type rspan-source

OS10(conf-mon-rspan-source-10)#

Conﬁgure

source and destination port, and

traﬃc

direction

OS10(conf-mon-rspan-source-10)# source interface vlan 10 rx

OS10(conf-mon-rspan-source-10)# destination remote-vlan 100

OS10(conf-mon-rspan-source-10)# no shut

262

Layer 2