Dell PowerConnect 6224 Configuration Guide

Dell PowerConnect 6224 Manual

Get Dell PowerConnect 6224 PDF manuals and user guides View all Dell PowerConnect 6224 manuals
Add to My Manuals
Save this manual to your list of manuals

Dell PowerConnect 6224 manual content summary:

  • Dell PowerConnect 6224 | Configuration Guide - Page 1
    Dell™ PowerConnect™ 6200 Series Configuration Guide Model: PC6224, PC6248, PC6224P, PC6248P, and PC6224F www.dell.com | support.dell.com
  • Dell PowerConnect 6224 | Configuration Guide - Page 2
    and PowerConnect are trademarks of Dell Inc. sFlow is a registered trademark of InMon Corporation. Cisco is a registered trademark of Cisco Systems, Inc. and/or its affiliates in the United States and certain other countries. Other trademarks and trade names may be used in this document to refer to
  • Dell PowerConnect 6224 | Configuration Guide - Page 3
    Documentation 10 2 System Configuration 11 Traceroute 12 CLI Example 12 Configuration Scripting 13 Overview 13 Considerations 13 CLI Examples 14 Outbound Telnet 16 Overview 16 CLI Examples 17 Simple Network Time Protocol (SNTP 17 Overview 17 CLI Examples 18 Syslog 20 Overview 20 CLI
  • Dell PowerConnect 6224 | Configuration Guide - Page 4
    CLI Examples 43 Link Aggregation/Port Channels 45 CLI Example 46 Web Interface Configuration: LAGs/Port-channels 48 Port Mirroring 49 Overview 49 CLI Examples 49 Port Security 50 Overview 50 Operation 50 CLI Examples 51 Link Layer Discovery Protocol 52 CLI Examples 52 Denial of Service
  • Dell PowerConnect 6224 | Configuration Guide - Page 5
    67 sFlow Agents 68 CLI Examples 69 4 Routing Configuration 73 VLAN Routing 74 CLI Examples 74 Using the Web Interface to Configure VLAN Routing 76 Virtual Router Redundancy Protocol 77 CLI Examples 77 Using the Web Interface to Configure VRRP 79 Proxy Address Resolution Protocol (ARP 80
  • Dell PowerConnect 6224 | Configuration Guide - Page 6
    109 Authenticated and Unauthenticated VLANs 109 Guest VLAN 109 CLI Examples 110 Authentication Server Filter Assignment 111 Access Control Lists (ACLs 111 Overview 111 MAC ACLs 113 IP ACLs 114 ACL Configuration Process 114 IP ACL CLI Example 115 Configuring a MAC ACL 116 RADIUS 117
  • Dell PowerConnect 6224 | Configuration Guide - Page 7
    Queue configuration 140 Queue Management Type 140 CLI Examples 140 Differentiated Services 143 CLI Example 144 DiffServ for VoIP Configuration Example 146 8 Multicast 149 Overview 149 When to Enable IP Multicast on the PowerConnect 6200 Series Switch 150 IGMP Configuration 150 CLI Example
  • Dell PowerConnect 6224 | Configuration Guide - Page 8
    Functional Description 162 CLI Examples 167 Nonstop Forwarding on a Switch Stack 168 Initiating a Failover 168 Checkpointing 168 Switch Stack MAC Addressing and Stack Design Considerations . . . 170 NSF Network Design Considerations 170 NSF Default Behavior 170 Configuration Examples 171 8
  • Dell PowerConnect 6224 | Configuration Guide - Page 9
    the Dell™PowerConnect™ 6200 Series switch in a typical network. It describes the advantages of specific functions the PowerConnect 6200 Series switch provides and includes information about configuring those functions using the command line interface (CLI). Organization This document is organized
  • Dell PowerConnect 6224 | Configuration Guide - Page 10
    documentation provides additional information about PowerConnect 6200 Series software: • The CLI Command Reference for your Dell PowerConnect switch describes the commands available from the command-line interface (CLI) for managing, monitoring, and configuring the switch. • The User's Guide
  • Dell PowerConnect 6224 | Configuration Guide - Page 11
    (SNTP)" on page 17 • "Syslog" on page 20 • "Port Description" on page 22 • "Storm Control" on page 23 • "Cable Diagnostics" on page 25 NOTE: For information on setting up the hardware and serial or TFTP connection, refer to the Getting Started Guide for your system. System Configuration 11
  • Dell PowerConnect 6224 | Configuration Guide - Page 12
    Tracks up to 30 hops • Default UDP port uses 33434 unless modified in the traceroute command CLI Example The following shows an example of using the traceroute command to determine how many hops there are to the destination. The command output shows each IP address the packet passes through and how
  • Dell PowerConnect 6224 | Configuration Guide - Page 13
    of memory. • Provides List, Delete, Apply, Upload, Download. • Provides script format of one CLI command per line. NOTE: The startup-config and backup-config scripts are not bound by the 2 MB memory limit. Considerations When you use configuration scripting, keep the following considerations in mind
  • Dell PowerConnect 6224 | Configuration Guide - Page 14
    CLI Examples The following are examples of the commands used for configurations scripting. Example #1: Viewing the Script Options console#script ? apply delete list show validate Applies configuration script to the switch. Deletes a configuration script file from the switch. Lists all
  • Dell PowerConnect 6224 | Configuration Guide - Page 15
    Use this command to download a configuration script from the TFTP server to the switch. console#copy tftp://10.27.64.141/abc.scr script abc.scr Mode TFTP Set TFTP Server IP 10.27.64.141 TFTP Path TFTP Filename abc.scr Data Type Config Script Destination Filename abc.scr Management access will
  • Dell PowerConnect 6224 | Configuration Guide - Page 16
    #script validate abc.scr ip address dhcp username "admin" password 16d7a4fca7442dda3ad93c9a726597e4 level 15 encrypted exit Configuration script 'abc.scr' validated. console#script apply abc.scr Are you sure you want to apply the configuration script? (y/n)y ip address dhcp username "admin" password
  • Dell PowerConnect 6224 | Configuration Guide - Page 17
    User:admin Password: (Dell PC62XX Routing) >enable Password: console#show ip interface Management Interface: IP Address 10.27.65.89 Subnet Mask 255.255.254.0 Default Gateway 10.27.64.1 Burned In MAC Address 00FF.F2A3.6688 Network Configuration Protocol Current......... DHCP Management VLAN ID
  • Dell PowerConnect 6224 | Configuration Guide - Page 18
    SNTP server address or the domain name. console(config)#sntp server 192.168.10.25 ? key poll priority Authentication key to use when sending packets to this peer. Enable/Disable SNTP server polling. Configure SNTP server priority. Press enter to execute the command. console(config)#sntp
  • Dell PowerConnect 6224 | Configuration Guide - Page 19
    the Simple Network Time Protocol (SNTP). console#show sntp configuration Polling interval: 64 seconds MD5 Authentication keys: Authentication is not required for synchronization. Trusted keys: No trusted keys. Unicast clients: Enable Unicast servers: Server Key --------- ----------- 192.168
  • Dell PowerConnect 6224 | Configuration Guide - Page 20
    Stack ID D. Component Name E. Thread ID F. File Name G. Line Number H Sequence Number I. Message Figure 2-1. Log Files Key CLI Examples The following are examples of the commands used in the Syslog feature. Example #1: Viewing Logging Information console#show logging Logging is enabled Console
  • Dell PowerConnect 6224 | Configuration Guide - Page 21
    . CLI Command Logging Configuration. Console Logging Configuration. Syslog Facility Configuration. Configure logging file parameters. Enable logging to all supporting destinations. SNMP Set Command Logging Configuration. Web Session Logging Configuration. Configure syslog server IP address or
  • Dell PowerConnect 6224 | Configuration Guide - Page 22
    for SNMP network management. CLI Example Use the commands shown below for the Port Description feature. Example #1: Enter a Description for a Port This example specifies the name "Test" for port 1/g17: console#configure console(config)#interface ethernet 1/g17 console(config-if-1/g17)#description
  • Dell PowerConnect 6224 | Configuration Guide - Page 23
    . Configuring a storm-control level also enables that form of storm-control. Disabling a storm-control level (using the "no" version of the command) sets the storm-control level back to default value and disables that form of storm-control. Using the "no" version of the "storm-control" command
  • Dell PowerConnect 6224 | Configuration Guide - Page 24
    the command. Configure storm-control thresholds. console(config-if-1/g17)#storm-control broadcast level ? Enter the storm-control threshold as percent of port speed. Percent of port speed is converted to PacketsPerSecond based on 512 byte average packet size and applied to HW. Refer to
  • Dell PowerConnect 6224 | Configuration Guide - Page 25
    attached to a port. NOTE: The cable test feature is supported only for copper cable. it is not supported for optical fiber cable. NOTE: The copper-related commands do not apply to the stacking, 10G BaseT, or CX-4 ports associated with these plug-in modules. In privileged exec mode, enter test copper
  • Dell PowerConnect 6224 | Configuration Guide - Page 26
    #2: Show Copper Cable Length Use the show copper-ports cable-length command in Privileged EXEC mode to display the estimated copper cable length attached to a port. The following example displays the estimated copper cable length attached to all ports. console#show copper-ports cable-length Port
  • Dell PowerConnect 6224 | Configuration Guide - Page 27
    Cable Test Example #1: Show Optical Transceiver Diagnostics Use the show fiber-ports optical-transceiver command in command is only applicable to the SFP combo ports and XFP ports (not the ports on the SFP+ plug-in module). The following example displays the optical transceiver diagnostics. console
  • Dell PowerConnect 6224 | Configuration Guide - Page 28
    28 System Configuration
  • Dell PowerConnect 6224 | Configuration Guide - Page 29
    • "Link Aggregation/Port Channels" on page 45 • "Port Mirroring" on page 49 • "Port Security" on page 50 • "Link Layer Discovery Protocol" on page 52 • "Denial of Service Attack Protection" on page 54 • "DHCP Snooping" on page 56 • "sFlow" on page 67 Virtual LANs Adding Virtual LAN (VLAN) support to
  • Dell PowerConnect 6224 | Configuration Guide - Page 30
    • The IP-subnet Based VLAN feature lets you map IP addresses to VLANs by specifying a source IP address, network mask, and the desired VLAN ID. • The MAC-based VLAN feature let packets originating from end stations become part of a VLAN according to source MAC address. To configure the feature, you
  • Dell PowerConnect 6224 | Configuration Guide - Page 31
    CLI Examples The following examples show how to create VLANs, assign ports to the VLANs, and assign a VLAN as the default VLAN to a port. Example #1: Create Two VLANs Use the following commands to create two VLANs and to assign the VLAN IDs while leaving the names blank. console(config)#vlan
  • Dell PowerConnect 6224 | Configuration Guide - Page 32
    to function as a routing interface, you must enable routing on the VLAN and on the switch. Routing is only permitted on VLAN interfaces. Routing on physical interfaces is not supported. console#configure console(config)#interface vlan 2 console(config-if-vlan2)#ip address 192.168.10.33 255.255.255
  • Dell PowerConnect 6224 | Configuration Guide - Page 33
    #6: View Information About VLAN 2 console#show ip interface vlan 2 Primary IP Address 192.168.10.33/255.255.255.0 Routing Mode Enable Administrative Mode Enable Forward Net Directed Broadcasts Disable Proxy ARP Enable Local Proxy ARP Disable Active State Inactive Link Speed Data Rate 10
  • Dell PowerConnect 6224 | Configuration Guide - Page 34
    255.255.255.0 10 Example #2: Associate an IP Address with a VLAN This example shows how to configure the switch so a host with an IP addresses of 192.168.1.11 is a member of VLAN 10. console#configure console(config)#vlan database console(config-vlan)#vlan association subnet 192.168.1.11 255.255.255
  • Dell PowerConnect 6224 | Configuration Guide - Page 35
    #4: Viewing IP Subnet and MAC-Based VLAN Associations console#show vlan association mac MAC Address VLAN ID 00FF.F2A3.8886 10 console#show vlan association subnet IP Subnet IP Mask VLAN ID 192.168.25.0 255.255.255.0 10 192.168.1.11 255.255.255.255 10 Private Edge VLANs Use the
  • Dell PowerConnect 6224 | Configuration Guide - Page 36
    CLI Example Example #1: Configuring a Protected Port The commands in this example name the protected port group 1 "PP_Test" and assign ports 1 and 2 to the group. console(config)#switchport protected 1 name PP_Test console(config)#interface ethernet 1/g17 console(config-if-1/g17)#switchport
  • Dell PowerConnect 6224 | Configuration Guide - Page 37
    802.1P class of service (CoS) uses classification and scheduling to send network traffic from the switch in a predictable manner. The system uses the source MAC address of the traffic traveling through the port to identify the IP phone data flow. IP Phones will use this VLAN. They will obtain their
  • Dell PowerConnect 6224 | Configuration Guide - Page 38
    and earlier, the Voice VLAN feature can only be used by IP phones that support LLDP-MED, e.g. 4610SW Avaya phones. Example#1: Configuring Voice VLAN The commands in this example create a VLAN for voice traffic with a VLAN ID of 25. Then, Voice VLAN is administratively enabled on the switch. Finally
  • Dell PowerConnect 6224 | Configuration Guide - Page 39
    . Support for unauthenticated Voice VLANs is available in release 2.1 and later versions. console#configure console(config)#interface ethernet 1/g10 console(config-if-1/g10)#switchport mode general console(config-if-1/g10)#dot1x port-control mac-based console(config-if-1/g10)#voice vlan 25 console
  • Dell PowerConnect 6224 | Configuration Guide - Page 40
    about configuring the PowerConnect 6200 Series switch as a mutlicast router that also performs IGMP snooping, see "Multicast Routing and IGMP Snooping" on page 157. IGMP snooping can be enabled per VLAN. The IGMP feature on the PowerConnect 6200 Series switches uses IGMPv3 by default. CLI Examples
  • Dell PowerConnect 6224 | Configuration Guide - Page 41
    1. Create VLAN 100. console#configure console(config)#vlan database console(config-vlan)#vlan 100 2. Enable IGMP snooping on the VLAN. console(config-vlan)#ip igmp snooping 100 console(config-vlan)#exit 3. Forbid the forwarding of unregistered multicast addresses on VLAN 100 to prevent multicast
  • Dell PowerConnect 6224 | Configuration Guide - Page 42
    configuration. console#show ip igmp snooping Admin Mode Enable Multicast Control Frame Count 0 Interfaces Enabled for IGMP Snooping........... None Vlans enabled , as the following show command indicates. console#show bridge multicast address-table Vlan MAC Address Type Ports 100 0100.5E01
  • Dell PowerConnect 6224 | Configuration Guide - Page 43
    example enables the IGMP snooping querier on the switch. The second command specifies the IP address that the snooping querier switch should use as the source address when generating periodic queries. console(config)#ip igmp snooping console(config)#ip igmp snooping querier console(config)#ip igmp
  • Dell PowerConnect 6224 | Configuration Guide - Page 44
    IGMP Snooping Querier on a VLAN To configure IGMP Snooping Querier on a VLAN, enter VLAN Database mode. The first ip igmp snooping command in this example enables the IGMP snooping querier on VLAN 10. The second ip igmp snooping command specifies the IP address that the snooping querier switch
  • Dell PowerConnect 6224 | Configuration Guide - Page 45
    Election Participate Mode Enable Querier Vlan Address 10.10.11.40 Operational State Querier Operational version 2 Operational Max Resp Time 10 Link Aggregation/Port Channels This section shows how to use the Link Aggregation feature to configure port-channels via the Command Line Interface and
  • Dell PowerConnect 6224 | Configuration Guide - Page 46
    CLI Example The following shows an example of configuring the software to support Link Aggregation (LAG) to a server and to a Layer 3 switch. Figure 3-3 shows the example network. Server PPoorrtt11/g/018/2 LLAAGG__110 PPort 11//g01/93 LALGAG__110 PPoorrtt11/g/02/38 LLAAGG__220 PPoorrtt
  • Dell PowerConnect 6224 | Configuration Guide - Page 47
    -group 2 mode auto console(config-if-1/g24)#exit console(config)#exit Example 3: Show the Port Channels By default, the system enables link trap notification console#show interfaces port-channel Channel ------ch1 Ports Hash Algorithm Type No Configured Ports 3 Switching Configuration 47
  • Dell PowerConnect 6224 | Configuration Guide - Page 48
    Ports 3 ch20 No Configured Ports 3 At this point, the LAGs could be added to the default management VLAN. Web Interface Configuration: LAGs/Port-channels To perform the same configuration using the Graphical User Interface, click Switching > Link Aggregation > LAG Membership in the navigation
  • Dell PowerConnect 6224 | Configuration Guide - Page 49
    the destination port. CLI Examples The following are examples of the commands used in the Port Mirroring feature. Example #1: Set up a Port Mirroring Session The following command sequence enables port mirroring and specifies a source and destination ports. console#configure console(config)#monitor
  • Dell PowerConnect 6224 | Configuration Guide - Page 50
    (secure packets) are forwarded; all other packets (unsecure packets) are restricted. • Enabled on a per port basis. • When locked, only packets with allowable MAC address will be forwarded. • Supports both dynamic and static. • Implement two traffic filtering methods. These methods can be used
  • Dell PowerConnect 6224 | Configuration Guide - Page 51
    feature. Example #1: Enable Port Security on an Interface console(config)#interface ethernet 1/g18 console(config-if-1/g18)#port security ? discard max learned trap Press enter to execute the command. Discard frames with unlearned source addresses. Configure the maximum addresses that can be
  • Dell PowerConnect 6224 | Configuration Guide - Page 52
    LLDP Parameters The following commands configure the Ethernet interface 1/g10 to transmit and receive LLDP information. console#configure console(config)#interface ethernet 1/g10 console(config-if-1/g10)#lldp receive console(config-if-1/g10)#lldp transmit console(config-if-1/g10)#lldp transmit
  • Dell PowerConnect 6224 | Configuration Guide - Page 53
    1000 seconds Example #4 Show Interface LLDP Parameters console#show lldp interface 1/g10 LLDP Interface Configuration Interface Link Transmit Receive Notify TLVs Mgmt 1/g10 Down Enabled Enabled Disabled Y TLV Codes: 0- Port Description, 1- System Name 2- System Description, 3- System
  • Dell PowerConnect 6224 | Configuration Guide - Page 54
    by a dos-control command keyword. console(config)#dos-control ? firstfrag icmp l4port sipdip tcpflag tcpfrag Enables IPv4 first fragment checking. Enables ICMP size checking. Enables L4 port number checking. Enables SIP=DIP checking. Enables TCP flag checking. Enables TCP fragment checking
  • Dell PowerConnect 6224 | Configuration Guide - Page 55
    an IP fragment offset equal to 1. CLI Examples The commands shown below show how to enable DoS protection and view its status. Example #1: Enabling all DOS Controls console#configure console(config)#dos-control sipdip console(config)#dos-control firstfrag console(config)#dos-control tcpfrag console
  • Dell PowerConnect 6224 | Configuration Guide - Page 56
    of (MAC address, IP address, VLAN ID, port) authorized tuples. DHCP snooping is disabled globally and on all VLANs by default. Ports are untrusted by default. Network administrators can enable DHCP snooping globally and on specific VLANs. They can also configure ports within the VLAN to be trusted
  • Dell PowerConnect 6224 | Configuration Guide - Page 57
    DHCP client hardware address. When there is a mismatch, DHCP snooping logs and drops the packet. The network administrator can disable this feature using the no ip dhcp snooping verify mac-address command. DHCP snooping forwards valid client messages on trusted members within the VLAN. If DHCP relay
  • Dell PowerConnect 6224 | Configuration Guide - Page 58
    MAC address • Client IP address • Time when client lease expires • Client VLAN ID • Client port DHCP snooping can be configured on switching VLANs and routing VLANs. When a DHCP packet is received on a routing VLAN, the DHCP snooping application applies its filtering rules and updates the bindings
  • Dell PowerConnect 6224 | Configuration Guide - Page 59
    CLI Examples The commands below show examples of configuring DHCP Snooping for the switch and for individual interfaces. Example #1 Enable DHCP snooping for the switch console(config)#ip dhcp snooping console(config)#exit console# Example #2 Enable DHCP snooping on a VLAN console(config)#ip dhcp
  • Dell PowerConnect 6224 | Configuration Guide - Page 60
    -if-1/g1)#exit Example #8 Configure rate limiting on an interface console(config-if-1/g1)#ip dhcp snooping limit rate 50 burst interval 1 console(config-if-1/g1)#exit Example #9 Configure a DHCP snooping static binding entry console(config)#ip dhcp snooping binding 00:01:02:03:04:05 vlan 1 10.131.11
  • Dell PowerConnect 6224 | Configuration Guide - Page 61
    Example #10 Show DHCP Snooping configuration on VLANs and Ports show ip dhcp snooping binding DHCP snooping is Enabled DHCP snooping source MAC verification is enabled DHCP snooping is enabled on the following VLANs: 1 Interface Trusted 1/g1 Yes 1/g2 No 1/g3 No 1/g4 No 1/g5 No 1/g6
  • Dell PowerConnect 6224 | Configuration Guide - Page 62
    ch5 No ch6 No No No No No No No No No No No No No No No No No No No --More-- or (q)uit console# 62 Switching Configuration
  • Dell PowerConnect 6224 | Configuration Guide - Page 63
    Example #12 Show DHCP Snooping database configurations console#show ip dhcp snooping database agent url: local write-delay: 500 console# Example #13 Show DHCP Snooping binding entries Total number of bindings: 2 MAC Address IP Address VLAN Interface Type Lease (Secs) 00:01:02:03:04:05 10
  • Dell PowerConnect 6224 | Configuration Guide - Page 64
    No 15 1 1/g22 No 15 1 1/g23 No 15 1 1/g24 No 15 1 1/xg3 No 15 1 1/xg4 No 15 1 ch1 No 15 1 ch2 No 15 1 64 Switching Configuration
  • Dell PowerConnect 6224 | Configuration Guide - Page 65
    Statistics console#show ip dhcp snooping statistics Interface ----------1/g2 1/g3 1/g4 1/g5 1/g6 1/g7 1/g8 1/g9 1/g10 MAC Verify Failures ---------0 0 0 0 0 0 0 0 0 Client Ifc Mismatch ---------0 0 0 0 0 0 0 0 0 DHCP Server Msgs Rec'd ----------- 0 0 0 0 0 0 0 0 0 Switching Configuration 65
  • Dell PowerConnect 6224 | Configuration Guide - Page 66
    uit 1/g21 0 0 0 1/g22 0 0 0 1/g23 0 0 0 1/g24 0 0 0 1/xg3 0 0 0 1/xg4 0 0 0 ch1 0 0 0 ch2 0 0 0 ch3 0 0 0 ch4 0 0 0 ch5 0 0 0 ch6 0 0 0 ch7 0 0 0 ch8 0 0 0 ch9 0 0 0 ch10 0 0 0 ch11 0 0 0 ch12 0 0 0 66 Switching Configuration
  • Dell PowerConnect 6224 | Configuration Guide - Page 67
    built into network equipment and gives complete visibility into network activity, enabling effective management and control of network resources. Overview As illustrated in Figure 3-5, the sFlow Agent sFlow Agent sFlow Collector/Analyzer Figure 3-5. sFlow Architecture Switching Configuration 67
  • Dell PowerConnect 6224 | Configuration Guide - Page 68
    is required. Samples are not aggregated into a flow-table on the switch; they protocols found in the headers (e.g., TCP/IP, IPX, Ethernet, AppleTalk...). This Flow Sampling, an sFlow Sampler Instance is configured with a Sampling Rate. Packet Flow sampling results in the generation of Packet Flow
  • Dell PowerConnect 6224 | Configuration Guide - Page 69
    skip before taking the next sample is reset. The value of the counter is set • When a Packet Flow Sample is generated the sFlow CLI Examples The following are examples of the commands used for sFlow. Example #1: Configure destination IP address and maxdatagram size for an sFlow receiver index console
  • Dell PowerConnect 6224 | Configuration Guide - Page 70
    Example #4: Show the sFlow configuration for receiver index 1 console#show sflow 1 destination Receiver Index 1 Owner String site77 Time out 1529 IP Address 30.30.30.1 Address Type 1 Port 560 Datagram Version 5 Maximum Datagram Size 500 Example #5: Show sFlow sampling for receiver index 1
  • Dell PowerConnect 6224 | Configuration Guide - Page 71
    polling for receiver index 1 console#show sflow 1 polling Poller Data Source ----------1/g1 1/g2 1/g3 1/g4 1/g5 1/g6 1/g7 1/g8 1/g9 1/g10 1/g15 Receiver Poller Index Interval 1 200 1 200 1 200 1 200 1 200 1 200 1 200 1 200 1 200 1 200 1 400 Switching Configuration 71
  • Dell PowerConnect 6224 | Configuration Guide - Page 72
    72 Switching Configuration
  • Dell PowerConnect 6224 | Configuration Guide - Page 73
    This section describes configuration scenarios and instructions for the following routing features: • "VLAN Routing" on page 74 • "Virtual Router Redundancy Protocol" on page 77 • "Proxy Address Resolution Protocol (ARP)" on page 80 • "OSPF" on page 81 • "Routing Information Protocol" on
  • Dell PowerConnect 6224 | Configuration Guide - Page 74
    This section provides an example of how to configure PowerConnect 6200 Series software to support VLAN routing. NOTE: The management VLAN cannot be configured as a routing interface. The switch may also be managed via VLAN routing interfaces. CLI Examples The diagram in this section shows a Layer
  • Dell PowerConnect 6224 | Configuration Guide - Page 75
    console(config-vlan)#vlan 10 console(config-vlan)#vlan 20 console(config-vlan)#exit Example 2: Configure the VLAN Members The following code sequence shows an example of adding ports to the VLANs and assigning the PVID for each port. The PVID determines the VLAN ID assigned to untagged frames
  • Dell PowerConnect 6224 | Configuration Guide - Page 76
    an IP Address The following code sequence shows how to enable routing for the VLANs and how to configure the IP addresses and subnet masks for the virtual router ports.: console#configure console(config)#interface vlan 10 console(config-if-vlan10)#routing console(config-if-vlan10)#ip address 192
  • Dell PowerConnect 6224 | Configuration Guide - Page 77
    , more than one VLAN routing interface on a switch may participate in a virtual router. CLI Examples This example shows how to configure the switch to support VRRP. Router 1 is the default master router for the virtual route, and Router 2 is the backup router. NOTE: The VRRP IP address on a routing
  • Dell PowerConnect 6224 | Configuration Guide - Page 78
    is then enabled by default. console#config console(config)#ip routing 2 Configure the IP addresses and subnet masks for the VLAN routing interface that will participate in the protocol: console(config)#interface vlan 50 console(config-if-vlan50)#ip address 192.150.2.1 255.255.255.0 console(config-if
  • Dell PowerConnect 6224 | Configuration Guide - Page 79
    the Graphical User Interface: • Routing > IP > Configuration. To enable routing for the switch. • Routing > IP > Interface Configuration. To enable routing for the VLAN interfaces and configure their IP addresses and subnet masks. • Routing > VRRP > VRRP Configuration. To enable VRRP for the switch
  • Dell PowerConnect 6224 | Configuration Guide - Page 80
    the target IP address is an address configured on the interface where the ARP request arrived. CLI Examples The following are examples of the commands used in the proxy ARP feature. Example #1: Enabling Proxy ARP To enable IP Proxy ARP: console#config console(config)#interface vlan 10 console(config
  • Dell PowerConnect 6224 | Configuration Guide - Page 81
    into areas enables limiting the amount of route information communicated throughout the network. Areas are identified by a numeric ID in IP address format n.n.n.n (note, however, that these are not used as actual IP addresses). For simplicity, the area can be configured and referred to in normal
  • Dell PowerConnect 6224 | Configuration Guide - Page 82
    stub area to locations outside the AS use the default gateway. A virtual link cannot be configured across a stub area. A Not So Stubby Area if more than one type of route exists: 1 Intra-area (the source and destination address are in the same area) 2 Inter-area (the source and destination are not
  • Dell PowerConnect 6224 | Configuration Guide - Page 83
    in the navigation tree. CLI Examples Example 1: Configuring an OSPF Border Router and Setting Interface Costs The following example shows you how to configure an OSPF border router areas and interfaces in the switch. VLAN 50 192.150.2.1 VLAN 70 192.150.2.2 VLAN 80 192.150.3.1 VLAN 90 192.150
  • Dell PowerConnect 6224 | Configuration Guide - Page 84
    routing for the switch: console#config ip routing exit console#config ipv6 unicast-routing exit Enable routing and assign IP for VLANs 70, 80 and 90. config config interface vlan 70 routing ip address 192.150.2.2 255.255.255.0 exit interface vlan 80 routing ip address 192.130.3.1 255.255
  • Dell PowerConnect 6224 | Configuration Guide - Page 85
    config interface vlan 70 ip ospf area 0.0.0.0 ip ospf priority 128 ip ospf cost 32 exit interface vlan 80 ip ospf area 0.0.0.2 ip ospf priority 255 ip ospf cost 64 exit interface vlan 90 ip ospf area 0.0.0.2 ip ospf priority 255 ip ospf cost 64 exit exit IPv6 (OSPFv3) config interface vlan 70 ipv6
  • Dell PowerConnect 6224 | Configuration Guide - Page 86
    enable IPv6 and IPv4 routing: (console) #configure ipv6 unicast-routing ip routing • Configure IP address and enable OSPF on VLAN routing interfaces 6 and 12 and enable IPv6 OSPF on the interfaces. (OSPF is enabled on the IPv4 interface in the next code group.) interface vlan 6 routing ip address
  • Dell PowerConnect 6224 | Configuration Guide - Page 87
    255.255.255.0 10.2.3.3 • On VLANs 10, 5, and 17, configure IPv4 and IPv6 addresses and enable OSPF. For IPv6, associate VLAN 10 with Area 1 and VLAN 17 with Area 2. (OSPF is enabled on the IPv4 VLAN routing interface in the next code group.) interface vlan 10 routing ip address 10.1.2.2 255.255.255
  • Dell PowerConnect 6224 | Configuration Guide - Page 88
    an OSPF router. Define Area 1 as a stub. Enable OSPF for IPv4 on VLANs 10, 5, and 17 by globally defining the range of IP addresses associated with each interface, and then associating those ranges with Areas 1, 0, and 17, respectively. Then, configure a metric cost to associate with static routes
  • Dell PowerConnect 6224 | Configuration Guide - Page 89
    OSPF Configuration-Virtual Link Configure Router A: Router A is a backbone router. Configuration steps are similar to those for Router A in the previous example. (console)#configure ipv6 unicast-routing ip routing exit ipv6 router ospf router-id 3.3.3.3 exit interface vlan 5 routing ip address 10
  • Dell PowerConnect 6224 | Configuration Guide - Page 90
    traverses Area 1 to Router C (5.5.5.5). (console)#configure ipv6 unicast-routing ip routing interface vlan 2 routing ip address 10.2.3.2 255.255.255.0 ipv6 address 3000:2:3::/64 eui64 ipv6 ospf exit interface vlan 7 routing ip address 10.1.2.2 255.255.255.0 ipv6 address 3000:1:2::211:88FF:FE2A:3CB3
  • Dell PowerConnect 6224 | Configuration Guide - Page 91
    64 eui64 ipv6 ospf ipv6 ospf areaid 1 exit interface vlan 11 routing ip address 10.1.101.1 255.255.255.0 ipv6 address 3000:1:101::/64 eui64 ipv6 ospf ipv6 ospf areaid 2 exit ipv6 router ospf router-id 5.5.5.5 area 0.0.0.1 virtual-link 4.4.4.4 exit router ospf router-id 5.5.5.5 area 0.0.0.1 virtual
  • Dell PowerConnect 6224 | Configuration Guide - Page 92
    RIP: • RIP-1 defined in RFC 1058 - Routes are specified by IP destination network and hop count - The routing table is broadcast to all address, reducing network traffic - An authentication method is used for security The PowerConnect 6200 Series supports both versions of RIP. You may configure
  • Dell PowerConnect 6224 | Configuration Guide - Page 93
    #2: Enable Routing for Ports The following command sequence enables routing and assigns IP addresses for VLAN 2 and VLAN 3. console#config interface vlan 2 routing ip address 192.150.2.2 255.255.255.0 exit interface vlan 3 routing ip address 192.130.3.1 255.255.255.0 exit exit Routing Configuration
  • Dell PowerConnect 6224 | Configuration Guide - Page 94
    This command sequence enables RIP for VLAN 2 and VLAN 3. Authentication defaults to none, and no default route entry is created. The commands specify that both interfaces receive both RIP-1 and RIP-2 frames, but send only RIP-2 formatted frames. console#config interface vlan 2 ip rip ip rip
  • Dell PowerConnect 6224 | Configuration Guide - Page 95
    to control how for your network. The PowerConnect 6200 Series switch enables you to identify the preferred default preference values are user-configurable. A protocol can be assigned a preference value of 255 to prevent the router from forwarding packets using that protocol. For routed management
  • Dell PowerConnect 6224 | Configuration Guide - Page 96
    170 exit Example 2: Assigning Administrative Preferences to Static Routes By default, static routes are assigned a preference value of 1. The following command changes this default: console#Config ip route distance 20 exit When you configure a static route, you can assign a preference value to it
  • Dell PowerConnect 6224 | Configuration Guide - Page 97
    taking advantage of the bandwidth of both links. A hash algorithm is applied to the destination IP addresses to provide a mechanism for selecting among the available ECMP paths. ECMP routes may be configured statically or learned dynamically. If a user configures multiple static routes to the same
  • Dell PowerConnect 6224 | Configuration Guide - Page 98
    different sources to create ECMP routes. Referring to Figure 4-8, assume OSPF is configured on only one of the links between Router A and Router B. default static route preference of 1. console#Config ip route 20.0.0.0 255.0.0.0 10.1.1.2 ip route 20.0.0.0 255.0.0.0 10.1.2.2 exit The following command
  • Dell PowerConnect 6224 | Configuration Guide - Page 99
    interface configuration from the Privileged Exec mode: console#show ip interface loopback 0 Primary IP Address 192.168.2.2/255.255.255.255 Routing Mode Enable Administrative Mode Enable Forward Net Directed Broadcasts Disable Proxy ARP Enable Local Proxy ARP Disable Active State Active Link
  • Dell PowerConnect 6224 | Configuration Guide - Page 100
    Enabled To delete a loopback interface, enter the following command from the Global Config mode: console(config)#no interface loopback 0 console(config)# IP Helper The IP Helper feature provides the ability for a router to forward configured UDP broadcast packets to a particular IP address
  • Dell PowerConnect 6224 | Configuration Guide - Page 101
    IP helper enables DHCP relay. Certain pre-existing configurable DHCP relay options do not apply to relay of other protocols. These options are unchanged. You can optionally set a maximum hop count or minimum wait time using the bootpdhcprelay maxhopcount and bootpdhcprelay minwaittime commands
  • Dell PowerConnect 6224 | Configuration Guide - Page 102
    )#ip helper-address 10.1.2.1 dhcp Example 3: Enable IP Helper Globally (UDP) To relay UDP packets received on any interface for all default ports (Table 2) to the server at 20.1.1.1, use the following commands: console (config)#ip helper-address 20.1.1.1 Example 4: Enable IP Helper on a VLAN Routing
  • Dell PowerConnect 6224 | Configuration Guide - Page 103
    192.168.30.1, use the following commands: console(config-if-vlan100)#ip helper-address 192.168.30.1 dhcp console(config-if-vlan100)#ip helper-address 192.168.30.1 domain Example 6: Enable IP Helper on Multiple VLAN Routing Interfaces With the following configuration, the relay agent relays: • DHCP
  • Dell PowerConnect 6224 | Configuration Guide - Page 104
    Show IP Helper Configurations The following command shows IP Helper configurations: console#show ip helper-a IP helper is enabled Interface UDP Port Discard Hit Count Server Address vlan 100 domain No 0 192.168.30.1 vlan 100 dhcp No 0 192.168.10.1 192.168.20.1 192.168.30.1 vlan
  • Dell PowerConnect 6224 | Configuration Guide - Page 105
    Device Security This section describes configuration scenarios for the following features: • "802.1x Network Access Control" on page 106 • "802.1X Authentication and VLANs" on page 109 • "Authentication Server Filter Assignment" on page 111 • "Access Control Lists (ACLs)" on page 111 • "RADIUS" on
  • Dell PowerConnect 6224 | Configuration Guide - Page 106
    uses RADIUS as the authentication method. This authentication list is associated with the 802.1x default login. 802.1x port based access control is enabled for the system, and interface 1/g1 is configured to be in force-authorized mode because this is where the RADIUS server and protected network
  • Dell PowerConnect 6224 | Configuration Guide - Page 107
    Deadtime : 0 Source IP : 0.0.0.0 RADIUS Attribute 4 Mode : Disable RADIUS Attribute 4 Value : 0.0.0.0 console(config)#aaa authentication login radiusList radius console(config)#aaa authentication dot1x default radius console(config)#dot1x system-auth-control console(config)#interface ethernet 1/g1
  • Dell PowerConnect 6224 | Configuration Guide - Page 108
    mode general command sets the port to an 802.1Q VLAN. The port must be in general mode in order to enable MAC-based 802.1X authentication. console#configure console(config)#interface ethernet 1/g8 console(config-if-1/g8)#switchport mode general console(config-if-1/g8)#dot1x port-control mac-based
  • Dell PowerConnect 6224 | Configuration Guide - Page 109
    does not support 802.1X is connected to an unauthorized port that is 802.1X-enabled, the client does not respond to the 802.1X requests from the switch. Therefore, the port remains in the unauthorized state, and the client is not granted access to the network. If a guest VLAN is configured for that
  • Dell PowerConnect 6224 | Configuration Guide - Page 110
    default radius Example #2: Enable Guest VLANs This example shows how to set the guest VLAN on interface 1/g20 to VLAN 100. This command automatically enables the Guest VLAN Supplicant Mode on the interface. NOTE: Define the VLAN before configuring an interface to use it as the guest VLAN. console
  • Dell PowerConnect 6224 | Configuration Guide - Page 111
    also provide traffic flow control, restrict contents of routing updates, and decide which types of traffic are forwarded or blocked. Normally ACLs reside in a firewall router or in a router connecting two internal networks. The PowerConnect 6200 Series switch supports ACL configuration in both the
  • Dell PowerConnect 6224 | Configuration Guide - Page 112
    2. IP ACLs operate on Layers 3 and 4. Limitations The following limitations apply to ingress and egress ACLs. • Maximum of 100 ACLs. • Maximum rules per ACL is 127. • You can configure mirror or redirect attributes for a given ACL rule, but not both. • The PowerConnect 6200 Series switch supports
  • Dell PowerConnect 6224 | Configuration Guide - Page 113
    should be dropped. MAC ACLs MAC ACLs are Layer 2 ACLs. You can configure the rules to inspect the following fields of a packet: • Source MAC address • Source MAC mask • Destination MAC address • Destination MAC mask • VLAN ID • Class of Service (CoS) (802.1p) • Ethertype L2 ACLs can apply to one or
  • Dell PowerConnect 6224 | Configuration Guide - Page 114
    with wildcard mask • Destination L4 Port • Every Packet • IP DSCP • IP Precedence • IP TOS • Protocol • Source IP with wildcard mask • Source L4 port • Destination Layer 4 port ACL Configuration Process To configure ACLs, follow these steps: 1 Create an ACL. • Create a MAC ACL by specifying a name
  • Dell PowerConnect 6224 | Configuration Guide - Page 115
    one to UDP traffic. The content of the two rules is the same. TCP and UDP packets will only be accepted by the PowerConnect 6200 Series switch if the source and destination stations have IP addresses that fall within the defined sets. Figure 5-2. IP ACL Example Network Diagram Device Security 115
  • Dell PowerConnect 6224 | Configuration Guide - Page 116
    This command creates an ACL named list1 and configures a rule for the ACL. After the mask has been applied, it permits packets carrying TCP traffic that matches the specified Source IP address, and sends these packets to the specified Destination IP address. console#config console(config)#access
  • Dell PowerConnect 6224 | Configuration Guide - Page 117
    NAS or user-login interface then prompts the user for a name and password. The NAS encrypts the supplied information and a RADIUS client transports the request to a pre-configured RADIUS server. The server can authenticate the user itself, or make use of a back-end device to ascertain authenticity
  • Dell PowerConnect 6224 | Configuration Guide - Page 118
    , which is equivalent to privilege level 15. admin Auth-Type := Local, User-Password == "pass1234" Service-Type = NAS-Prompt-User enable Auth-Type := Local, User-Password == "pass5678" Service-Type = Administrative-User The values for the Service-Type attribute are as follows: • NAS-Prompt
  • Dell PowerConnect 6224 | Configuration Guide - Page 119
    1 console(Config-radius)#exit console(config)#radius-server host 11.11.11.11 console(Config-radius)#key secret2 console(Config-radius)#priority 50 console(Config-radius)#exit console(config)#aaa authentication login radiusList radius local console(config)#aaa authentication dot1x default radius
  • Dell PowerConnect 6224 | Configuration Guide - Page 120
    you do not specify an IP address in the command, the NAS-IP address uses the interface IP address that connects the switch to the RADIUS server. console#config console(config)#radius-server attribute 4 192.168.20.12 TACACS+ TACACS+ (Terminal Access Controller Access Control System) provides access
  • Dell PowerConnect 6224 | Configuration Guide - Page 121
    Figure 5-4. PowerConnect 6200 Series Switch with TACACS+ When a user attempts to log into the switch, the NAS or switch prompts for a username and password. The switch attempts to communicate with the highest priority configured TACACS+ server at 10.10.10.10. Upon successful connection with the
  • Dell PowerConnect 6224 | Configuration Guide - Page 122
    a request to the authentication server with the MAC address of the client in 'hhhhhhhhhhhh' format as the username and the MD5 hash of the Mac address as the password. The authentication server checks its database for the authorized Mac addresses and returns an 'AccessAccept' or an 'Access-Reject
  • Dell PowerConnect 6224 | Configuration Guide - Page 123
    -Accept Figure 5-5. MAB Operation - Authentications Based on MAC Address in Database CLI Examples Example 1: Enable/Disable MAB To enable/disable MAB on interface 1/5, use the following commands: console(config-if-1/g5)#dot1x mac-auth-bypass console(config-if-1/g5)#no dot1x mac-auth-bypass Device
  • Dell PowerConnect 6224 | Configuration Guide - Page 124
    Example 2: Show MAB Configuration To show the MAB configuration for interface 1/5, use the following command: console#show dot1x ethernet 1/g5 Administrative Mode Enabled Port Admin Oper Reauth Reauth Mode Mode Control Period 1/g5 mac-based Authorized TRUE 300 Quiet Period 60
  • Dell PowerConnect 6224 | Configuration Guide - Page 125
    is set in a captive-portal-enabled state; all traffic coming into the port from unauthenticated clients are dropped except for the ARP, DHCP, DNS, and NETBIOS packets. These packets forwarded by the switch so that the unauthenticated clients can get an IP address resolve the hostname or domain names
  • Dell PowerConnect 6224 | Configuration Guide - Page 126
    . Blocking a captive portal instance is a temporary command executed by the administrator (not saved in the configuration). When using Local authentication, the administrator provides user identities for Captive Portal by adding unique user names and passwords to the Local User Database. This
  • Dell PowerConnect 6224 | Configuration Guide - Page 127
    command. If a captive portal instance is configured for the HTTPS protocol and there is not a valid certificate present on the system, the captive portal instance status shows Disabled with an appropriate reason code. Client Authentication Logout Request The administrator can configure and enable
  • Dell PowerConnect 6224 | Configuration Guide - Page 128
    feature is not enabled, or the user CLI. Figure 5-6. PowerConnect 6200 Series Switch with TACACS+ The administrator can download and configure image files for branding purposes. Each image links to the data in the Captive Portal configuration The administrator may issue a command to de-authenticate a
  • Dell PowerConnect 6224 | Configuration Guide - Page 129
    ability to monitor the configured limits. CLI Examples Example 1: Enter Captive Portal configuration mode To enter Captive Portal configuration mode, use the following command: console(config)#captive-portal console(config-CP)# Example 2: Enable Captive Portal To globally enable Captive Portal, use
  • Dell PowerConnect 6224 | Configuration Guide - Page 130
    -portal Administrative Mode Enabled Operational Status Enabled Disable Reason Administrator Disabled Captive Portal IP Address 1.2.3.4 Example 6: Show Captive Portal Instances To show the status of all Captive Portal instances in the system, use the following command: console#show captive-portal
  • Dell PowerConnect 6224 | Configuration Guide - Page 131
    method to local, use the following command: console(config-CP 1)#verification local To view the configuration change, use the following command: console#show captive-portal configuration 1 status CP ID 1 CP Name Default CP Mode Enable Protocol Mode HTTP Verification Mode Local Group
  • Dell PowerConnect 6224 | Configuration Guide - Page 132
    Portal configuration, use the following command: console#configure (Config)#captive-portal (Config-CP)#configuration 1 console(Config-CP 1)#interface 1/g18 To view the new interface, use the following command: console#show captive-portal configuration 1 interface CP ID 1 CP Name Default 132
  • Dell PowerConnect 6224 | Configuration Guide - Page 133
    To view the status of a captive client (connected to 1/g18), use the following command: console#show captive-portal configuration 1 client status CP ID 1 CP Name Default Client Client MAC Address IP Address Interface Interface Description 00:12:79:BF:94:7A 192.168.1.10 1/g18 Slot
  • Dell PowerConnect 6224 | Configuration Guide - Page 134
    134 Device Security
  • Dell PowerConnect 6224 | Configuration Guide - Page 135
    and is required for IPv6. As part of router advertisement, PowerConnect 6200 Series software supports stateless auto configuration of end nodes. The switch supports both EUI-64 interface identifiers and manually configured interface IDs. While optional in IPv4, router advertisement is mandatory
  • Dell PowerConnect 6224 | Configuration Guide - Page 136
    IPv6 networks over the IPv4 network. VLAN 2 VLAN 15 Network VLAN 15 VLAN 2 Figure 6-1. IPv6 Example Device 1 console# config ip routing ipv6 unicast-routing router ospf router-id 1.1.1.1 exit ipv6 router ospf router-id 1.1.1.1 exit interface vlan 15 routing ip address 20.20.20.1 255.255.255
  • Dell PowerConnect 6224 | Configuration Guide - Page 137
    ip address 1.1.1.1 255.255.255.0 exit exit Device 2 console# config ip routing ipv6 unicast-routing router ospf router-id 2.2.2.2 exit ipv6 router ospf router-id 2.2.2.2 exit interface vlan 15 routing ip address 10.10.10.1 255.255.255.0 ip ospf area 0.0.0.0 exit interface vlan 2 routing ipv6 enable
  • Dell PowerConnect 6224 | Configuration Guide - Page 138
    2020:2::2/64 ipv6 ospf ipv6 ospf network point-to-point exit interface tunnel 0 ipv6 address 2001::2/64 tunnel mode ipv6ip tunnel source 10.10.10.1 tunnel destination 20.20.20.1 ipv6 ospf ipv6 ospf network point-to-point exit interface loopback 0 ip address 2.2.2.2 255.255.255.0 exit exit 138 IPv6
  • Dell PowerConnect 6224 | Configuration Guide - Page 139
    serviced depends on how the queue is configured and possibly the amount of traffic present in other queues for that port. Some traffic is classified for service default priority value (set by configuring VLAN Port Priority in the Switching sub-menu) that determines the egress queue its traffic gets
  • Dell PowerConnect 6224 | Configuration Guide - Page 140
    . Queue Management Type The switch supports the tail drop method of queue management. This means that any packet forwarded to a full queue is dropped regardless of its importance. CLI Examples Figure 7-1 illustrates the network operation as it relates to CoS mapping and queue configuration. Four
  • Dell PowerConnect 6224 | Configuration Guide - Page 141
    default configured the egress Port 1/g8 for strict priority on queue 6, and a set a weighted scheduling scheme for queues 5-0. Assuming queue 5 has a higher weighting than queue 1 (relative weight values shown as a percentage, with 0% indicating the bandwidth is not guaranteed), the queue service
  • Dell PowerConnect 6224 | Configuration Guide - Page 142
    to shape the egress interface for a sustained maximum data rate of 80 Kbps (assuming a 100Mbps link speed), you would add a simple configuration line expressing the shaping rate as a percentage of link speed. console#config interface ethernet 1/g8 traffic-shape 42200 kbps exit exit 142 Quality of
  • Dell PowerConnect 6224 | Configuration Guide - Page 143
    control what traffic is accepted and what traffic is discarded. Traffic to be processed by the DiffServ feature requires an IP header if the system uses IP Precedence or IP DSCP marking. How you configure DiffServ support in PowerConnect Services Code Point (DSCP) added to a packet's IP header
  • Dell PowerConnect 6224 | Configuration Guide - Page 144
    Network Diagram Example #1: DiffServ Inbound Configuration Ensure DiffServ operation is enabled for the switch. console#config diffserv Create a DiffServ class of type "all" for each of the departments, and name them. Define the match criteria-Source IP address-for the new classes. class-map
  • Dell PowerConnect 6224 | Configuration Guide - Page 145
    1/g4 in the inbound direction interface ethernet 1/g1 service-policy in internet_access exit interface ethernet 1/g2 service-policy in internet_access exit interface ethernet 1/g3 service-policy in internet_access exit interface ethernet 1/g4 service-policy in internet_access exit Quality of
  • Dell PowerConnect 6224 | Configuration Guide - Page 146
    0 25 25 25 25 0 0 exit exit DiffServ for VoIP Configuration Example One of the most valuable uses of DiffServ is to support Voice over IP (VoIP). VoIP traffic is inherently time-sensitive: for a network to provide acceptable service, a guaranteed transmission rate is vital. This example shows one
  • Dell PowerConnect 6224 | Configuration Guide - Page 147
    Figure 7-4. DiffServ VoIP Example Network Diagram Quality of Service 147
  • Dell PowerConnect 6224 | Configuration Guide - Page 148
    Example #2: Configuring DiffServ VoIP Support Enter Global Config mode. Set queue 6 on all ports to use strict priority mode. This queue shall be used for all VoIP packets. Activate DiffServ for the switch. console#config cos-queue strict 6 diffserv Create a DiffServ classifier named class_voip and
  • Dell PowerConnect 6224 | Configuration Guide - Page 149
    Multicast This section provides configuration scenarios for the following features: • "IGMP Configuration" on page 150 • "IGMP Proxy" on page 151 • "DVMRP" on page 152 • "PIM" on page 154 • "Multicast Routing and IGMP Snooping" on page 157 Overview IP Multicasting enables a network host (or multiple
  • Dell PowerConnect 6224 | Configuration Guide - Page 150
    a PowerConnect 6200 Series switch in order to route multicast traffic between VLANs. IP routing, IP multicasting, and IGMP are globally enabled on the router. Then, IGMP is configured on the selected interface(s). console#configure ip routing ip multicast ip igmp interface vlan 2 routing ip address
  • Dell PowerConnect 6224 | Configuration Guide - Page 151
    should be enabled and also multicast forwarding must be enabled on the router. Use these commands from the Interface mode: console#configure ip routing ip multicast ip igmp interface vlan 15 ip igmp-proxy Additional configuration options are available for the igmp-proxy command: reset-status
  • Dell PowerConnect 6224 | Configuration Guide - Page 152
    modes to show IGMP proxy configuration data. • Use the following command to display a summary of the host interface status parameters. It displays the parameters only when IGMP Proxy is enabled. console#show ip igmp-proxy Interface Index vlan 15 Admin Mode Enabled Operational Mode Disabled • Use
  • Dell PowerConnect 6224 | Configuration Guide - Page 153
    enabled on several interfaces. console#configure router ospf router-id 3.3.1.1 exit ip routing ip multicast ip igmp ip dvmrp interface vlan 15 routing ip address 3.3.3.1 255.255.255.0 ip dvmrp ip igmp ip ospf area 0 exit interface vlan 30 routing ip address 1.1.1.1 255.255.255.0 ip dvmrp ip igmp ip
  • Dell PowerConnect 6224 | Configuration Guide - Page 154
    default is configured to enabled as candidate bootstrap routers. If it is not apparent which router should be the BSR, the candidates flood the domain with advertisements. The router with the highest priority is elected. If all the priorities are equal, then the candidate with the highest IP address
  • Dell PowerConnect 6224 | Configuration Guide - Page 155
    , enable routing, IGMP, PIM-SM, and OSPF on one or more interfaces. console#configure router ospf router-id 3.3.1.1 exit ip routing ip multicast ip igmp ip pimsm [NOTE: This router should be an RP.] ip pimsm rp-address 1.1.1.1 224.0.0.0 240.0.0.0 interface vlan 15 routing ip address
  • Dell PowerConnect 6224 | Configuration Guide - Page 156
    enable routing, IGMP, PIM-DM, and OSPF on one more interfaces. console#configure router ospf router-id 3.3.1.1 exit ip routing ip multicast ip igmp ip pimdm interface vlan 1 routing ip address 3.3.3.1 255.255.255.0 ip pimdm ip igmp ip ospf area 0 exit interface vlan 3 routing ip address 1.1.1.1 255
  • Dell PowerConnect 6224 | Configuration Guide - Page 157
    console(config)#vlan database console(config-vlan)#vlan 100,200 2 Enable IGMP snooping on VLAN 100. console(config-vlan)#ip igmp snooping 100 console(config-vlan)#exit 3 Enable routing on the switch. console(config)#ip routing 4 Configure VLAN 100 as a VLAN routing interface and assign an IP address
  • Dell PowerConnect 6224 | Configuration Guide - Page 158
    . console(config)#ip igmp snooping console(config)#ip multicast console(config)#ip igmp console(config)#ip pimdm NOTE: Only one multicast routing protocol (PIM-SM, PIM-DM, or DVMRP) can be enabled globally on the switch at a time. 9 Configure ports 1/g5 and 1/g10 as members of VLAN 100. console
  • Dell PowerConnect 6224 | Configuration Guide - Page 159
    console#show ip igmp IGMP Admin Mode Enabled IGMP Router-Alert check Disabled IGMP INTERFACE STATUS Interface Interface-Mode Operational-Status vlan 100 Enabled Operational vlan 200 Enabled Operational The host connected to interface 1/g5 sends an IGMP join message for multicast group
  • Dell PowerConnect 6224 | Configuration Guide - Page 160
    160 Multicast
  • Dell PowerConnect 6224 | Configuration Guide - Page 161
    Utility This section describes the following features: • "Auto Config" on page 162 • "Nonstop Forwarding on a Switch Stack" on page 168 9 Utility 161
  • Dell PowerConnect 6224 | Configuration Guide - Page 162
    default gateway (option 3), if needed for IP communication After an IP address is assigned to the switch, if a hostname is not already assigned, Auto Config issues a DNS request for the corresponding hostname. This hostname is also displayed as the CLI prompt (as in response to the hostname command
  • Dell PowerConnect 6224 | Configuration Guide - Page 163
    as the attempts to download a host-specific configuration file. The default network configuration file should have IP address to hostname mappings using the command ip host . If the default network configuration file does not contain the switch's IP address, the switch uses DNS
  • Dell PowerConnect 6224 | Configuration Guide - Page 164
    the first 32 characters of the switch's hostname. If the switch is unable to map its IP address to a hostname, Auto Config sends TFTP requests for the default configuration file "host.cfg." Table 9-1 summarizes the config files which may be downloaded, and the order in which they are sought. Table
  • Dell PowerConnect 6224 | Configuration Guide - Page 165
    Considerations BOOTP or DHCP must be enabled on the switch in order for the Auto Config procedure to operate. Network Configuration Considerations Specifying a Default Router Some network configurations require the specification of a default gateway through which some IP communication can occur. The
  • Dell PowerConnect 6224 | Configuration Guide - Page 166
    be downloaded. • If a default gateway is needed to forward TFTP requests, IP helper addresses will need to be configured on the gateway to provide those services. Other Functions CLI Scripting CLI scripting can apply config files. It can be used to manage (view, validate, delete) downloaded config
  • Dell PowerConnect 6224 | Configuration Guide - Page 167
    across a stack. When an administrator saves configuration, the config file is distributed across a stack. CLI Examples Example 1: Show Auto Config Process To display the current status of the Auto Config process, use the following command: console#show boot Config Download via DHCP: enabled Auto
  • Dell PowerConnect 6224 | Configuration Guide - Page 168
    storage is not always practical. The NSF checkpoint service allows the management unit to communicate certain data to the backup unit in the stack. When the stack selects a backup unit, the checkpoint service notifies applications to start a complete checkpoint. After the initial checkpoint is done
  • Dell PowerConnect 6224 | Configuration Guide - Page 169
    each VLAN Neighbor cache entries Connections List of interfaces with MED devices attached Neighbors and designated routers Neighbors and designated routers IPv4 and IPv6 dynamic routes The system's MAC addresses. System up time. IP address, network mask, default gateway on each management interface
  • Dell PowerConnect 6224 | Configuration Guide - Page 170
    stack link does not divide the stack into multiple stacks. If a stack is partitioned such that some units lose all connectivity to other units, then both parts of the stack start using the same MAC addresses. This can cause severe problems in the network. If you move the management unit of stack
  • Dell PowerConnect 6224 | Configuration Guide - Page 171
    switches, AS1 and AS2. The stack has a link from two different units to each aggregation switch, with each pair of links grouped together in a LAG. The two LAGs and link between AS1 and AS2 are members of the same VLAN. Spanning tree is enabled on the VLAN. Assume spanning tree selects AS1 as
  • Dell PowerConnect 6224 | Configuration Guide - Page 172
    Phone A LAG Phone B DHCP Snooping Scenario Figure 9-3 illustrates an L2 access switch running DHCP snooping. DHCP snooping only accepts DHCP server messages on ports configured as trusted ports. DHCP snooping listens to DHCP messages to build a bindings database that lists the IP address the DHCP
  • Dell PowerConnect 6224 | Configuration Guide - Page 173
    messages get through. Thus, DHCP snooping does not miss any new bindings during a failover. As DHCP snooping applies its checkpointed DHCP bindings, IPSG confirms the existence of the bindings with the hardware by reinstalling its source IP address filters. If Dynamic ARP Inspection is enabled on
  • Dell PowerConnect 6224 | Configuration Guide - Page 174
    Servers (iSCSI Initiators) 10.1.1.10 10.1.1.11 When the management unit fails, session A drops. The initiator at 10.1.1.10 detects a link down on its primary NIC and attempts to reestablish the session on its backup NIC to a different IP address on the disk array. The hardware forwards the packets
  • Dell PowerConnect 6224 | Configuration Guide - Page 175
    graceful restart feature for OSPF is disabled by default. To enable OSPF to perform a graceful restart for all planned and unplanned warm restart events, use the nsf command in Router OSPF Config mode: console#configure console(config)#router ospf console(config-router)#nsf The grace LSAs reach the
  • Dell PowerConnect 6224 | Configuration Guide - Page 176
    176 Utility
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
  • 130
  • 131
  • 132
  • 133
  • 134
  • 135
  • 136
  • 137
  • 138
  • 139
  • 140
  • 141
  • 142
  • 143
  • 144
  • 145
  • 146
  • 147
  • 148
  • 149
  • 150
  • 151
  • 152
  • 153
  • 154
  • 155
  • 156
  • 157
  • 158
  • 159
  • 160
  • 161
  • 162
  • 163
  • 164
  • 165
  • 166
  • 167
  • 168
  • 169
  • 170
  • 171
  • 172
  • 173
  • 174
  • 175
  • 176
www.dell.com | support.dell.com
Dellâ„¢ PowerConnectâ„¢ 6200 Series
Configuration Guide
Model: PC6224, PC6248, PC6224P, PC6248P, and PC6224F