Dell PowerEdge M420 Dell PowerConnect M6220/M6348/M8024 Switches Configuration
Dell PowerEdge M420 Manual
View all Dell PowerEdge M420 manuals
Add to My Manuals
Save this manual to your list of manuals |
Dell PowerEdge M420 manual content summary:
- Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 1
Dell™ PowerConnect™ M6220/M6348/M8024 Switches Configuration Guide Model PCM6220/PCM6348/PCM8024 www.dell.com | support.dell.com - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 2
to hardware or loss of data and tells you how to avoid the problem. CAUTION: A CAUTION indicates a potential for property damage, personal injury, either the entities claiming the marks and names or their products. Dell Inc. disclaims any proprietary interest in trademarks and trade names other than - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 3
Contents 1 About this Document 9 Organization 9 Additional Documentation 10 2 System Configuration 11 Traceroute 11 CLI Example 12 Configuration Scripting 13 Overview 13 Considerations 13 CLI Examples 13 Outbound Telnet 16 Overview 16 CLI Examples 16 Simple Network Time Protocol (SNTP - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 4
38 CLI Examples 38 Port Security 39 Overview 39 Operation 39 CLI Examples 39 Link Layer Discovery Protocol 40 CLI Examples 40 Denial of Service Attack Protection 42 Overview 42 CLI Examples 43 DHCP Snooping 44 CLI Examples 46 Port Aggregator 51 Overview 51 Simple Mode Operation 53 4 - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 5
CLI Examples 54 Simple Switch Mode Supported CLI Commands 59 sFlow 63 Overview 63 sFlow Agents 64 CLI Examples 65 4 Routing Configuration 67 VLAN Routing 67 CLI Examples 67 Using the Web - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 6
VLANs 100 Guest VLAN 101 CLI Examples 101 802.1x MAC Authentication Bypass (MAB 103 Operation in the Network 103 CLI Examples 104 Authentication Server Filter Assignment 105 Access Control Lists (ACLs 106 Overview 106 MAC ACLs 107 IP ACLs 108 ACL Configuration Process 108 IP ACL CLI - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 7
Port Configuration 133 Egress Port Configuration-Traffic Shaping 134 Queue configuration 134 Queue Management Type 134 CLI Examples 134 Differentiated Services 137 CLI Example 138 DiffServ for VoIP Configuration Example 140 8 Multicast 143 Overview 143 IGMP Configuration 144 CLI Example - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 8
8 - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 9
1 About this Document This configuration guide provides examples of how to use the following switches in a typical network: • Dell™ PowerConnect™ M6220 • Dell PowerConnect M6348 • Dell PowerConnect M8024 It describes the advantages of specific functions the PowerConnect M6220/M6348/M8024 switches - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 10
initial system setup and configuration instructions. • The Getting Started Guide for your Dell PowerConnect switch provides basic information to install, configure, and operate the system. • Release notes for your Dell PowerConnect product detail the platform-specific functionality of the software - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 11
in Module Configuration" on page 23 NOTE: For information on setting up the hardware and serial or TFTP connection, refer to the Getting Started Guide for your system. Traceroute Use Traceroute to discover the routes that packets take when traveling on a hop-by-hop basis to their destination through - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 12
CLI Example The following shows an example of using the traceroute command to determine how many hops there are to the destination. The command output shows each IP address the packet passes through and how long it takes to get there. In this example, the packet takes 16 hops to reach its - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 13
Configuration Scripting Configuration scripting allows you to generate a text-formatted script file that shows the current system configuration. You can generate multiple scripts and upload and apply them to more than one switch. Overview Configuration scripting: • Provides scripts that can be - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 14
Example #2: Viewing and Deleting Existing Scripts console#script list Configuration Script Name Size(Bytes) abc.scr 360 running-config 360 startup-config 796 test.scr 360 4 configuration script(s) found. 2046 Kbytes free. console#script delete test.scr Are you sure you want to - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 15
start? (y/n) y 267 bytes transferred File transfer operation completed successfully. Example #6: Downloading a Configuration Script to the TFTP Server Use this command to download a configuration script from the TFTP server to the switch. console#copy tftp://10.27.64.141/abc.scr script abc.scr Mode - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 16
a telnet connection is initiated, each side of the connection is assumed to originate and terminate at a "Network Virtual Terminal" (NVT). • Server and user hosts do not maintain information about the characteristics of each other's terminals and terminal handling conventions. • Must use a valid IP - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 17
are examples of the commands used in the SNTP feature. Example #1: Viewing SNTP Options (Dell Routing)(Config) #sntp ? console(config)#sntp ? authenticate authentication-key broadcast client server trusted-key unicast Require authentication for received Network Time Protocol (NTP) traffic from - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 18
Authentication key to use when sending packets to this peer. Enable/Disable SNTP server polling. Configure SNTP server priority. Press enter to execute the command. console(config)#sntp server 192.168.10.25 Example #3: Viewing SNTP Information console#show sntp ? configuration status Show - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 19
Overview Syslog: • Allows you to store system messages and/or errors. • Can store to local files on the switch or a remote server running a syslog daemon. • Provides a method of collecting message logs from many systems. Interpreting Log Files Figure 2-1 describes the information that displays - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 20
Configuration. Syslog Facility Configuration. Configure logging file parameters. Enable logging to all supporting destinations. SNMP Set Command Logging Configuration. Web Session Logging Configuration. Configure syslog server IP address or Hostname up to 63 characters in length console(config - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 21
error info notice warning Error conditions Informational messages Normal but significant conditions Warning conditions console(Config-logging)#level critical Port Description The Port Description feature lets you specify an alphanumeric interface identifier that can be used for SNMP network - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 22
Configuring a storm-control level also enables that form of storm-control. Disabling a storm-control level (using the "no" version of the command) sets the storm-control level back to default value and disables that form of storm-control. Using the "no" version of the "storm-control" command (not - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 23
provide two 10-Gigabit module slots that support plugin modules: • The M6220 supports CX-4, SFP+, XFP, manually configured. However, you can specify the switching modes advertised during autonegotiation. The software supports 1000f 10000f Example#2: Configure Low-Power Mode When No Cable is Connected - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 24
Use the following command to display the current status of low-power mode on an interface (see the Admin State column): console#show interfaces configuration Port Type 1/xg1 Unknown Neg ---Auto Auto Auto MDIX Mode ---Auto Auto Auto Admin State --------Up Up Low-power 24 System Configuration - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 25
"Denial of Service Attack Protection" end station may omit the tag, or the VLAN portion of the tag, in which case the first switch port to receive the packet may either reject it or insert a tag using its default VLAN ID. A given port may handle traffic for more than one VLAN, but it can only support - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 26
desired VLAN ID. • The MAC-based VLAN feature let packets originating from end stations become part of a VLAN according to source MAC address. To configure . The Private Edge VLAN feature lets you set protection between ports located on the switch. This means that a protected port cannot forward - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 27
)#exit Example #2: Assign Ports to VLAN2 This sequence shows how to assign ports to VLAN2, specify that frames will always be transmitted tagged from all member ports, and that untagged frames will be rejected on receipt. console(config)#interface ethernet 1/g17 console(config-if-1/g17)#switchport - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 28
, you must enable routing on the VLAN and on the switch. Routing is only permitted on VLAN interfaces. Routing on physical interfaces is not supported. console#configure console(config)#interface vlan 2 console(config-if-vlan2)#ip address 192.168.10.33 255.255.255.0 console(config-if-vlan2)#routing - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 29
and MAC-Based VLANs In addition to port-based VLANs, the switch also supports VLANs that are based on the IP address or MAC address of a Examples The following examples show how to associate an IP subnet with a VLAN, a specific IP address with a VLAN, and a MAC address with a VLAN. Example #1: - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 30
Subnet IP Mask 192.168.25.0 255.255.255.0 192.168.1.11 255.255.255.255 VLAN ID ------10 10 Protocol-Based VLANs The software supports protocol-based VLANs, where only packets are bridged based on their layer 3 protocol. Protocol-based VLANs are most often used in situations where network - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 31
Private Edge VLANs Use the Private Edge VLAN feature to prevent ports on the switch from forwarding traffic to each other even if they are on the same VLAN. • Protected ports cannot forward traffic to other protected ports in the same group, even if they have the same VLAN membership. Protected - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 32
IGMP Snooping This section describes the Internet Group Management Protocol (IGMP) Snooping feature. IGMP Snooping enables the switch to monitor IGMP transactions between hosts and routers. It can help conserve bandwidth by allowing the switch to forward IP multicast traffic only to connected hosts - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 33
Example #3: Show IGMP Snooping Information for an Interface console#show ip igmp snooping interface ethernet 1/g17 Slot/Port 1/g17 Global IGMP Snooping Admin Mode Enabled IGMP Snooping Admin Mode Enabled Fast Leave Mode Disabled Group Membership Interval 260 Max Response Time 10 - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 34
console(config)#ip igmp snooping querier query-interval 100 console(config)#ip igmp snooping querier timer expiry 100 Example #3: Show IGMP Snooping Querier Information console#show ip igmp snooping querier Global IGMP Snooping querier status IGMP Snooping Querier Mode Enable Querier Address 10. - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 35
used when connecting the switch to an external switch that does not support the exchange of LACPDUs. The feature offers the following benefits: shows an example of configuring the software to support Link Aggregation (LAG) to a server and to a Layer 3 switch. Figure 3-2 shows the example - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 36
Figure 3-2. LAG/Port-channel Example Network Diagram Server PPoorrtt11/g/017/2 LLAAGG__110 PPort 11//g01/83 LALGAG__110 PPoorrtt11/g/01/98 LLAAGG__220 PPoorrtt 11//g02/90 LALGAG__220 Layer 3 Switch Subnet 3 Layer 2 Switch Subnet 2 Subnet 3 Example 1: - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 37
console(config)#interface ethernet 1/g18 console(config-if-1/g18)#channel-group 1 mode auto console(config-if-1/g18)#exit console(config)#interface ethernet 1/g19 console(config-if-1/g19)#channel-group 2 mode auto console(config-if-1/g19)#exit console(config)#interface ethernet 1/g20 console(config- - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 38
feature, which can serve as a diagnostic tool, debugging tool, or means of fending off attacks. Overview Port mirroring selects network traffic from specific ports for analysis by a network analyzer, while allowing the same traffic to be switched to its destination. You can configure many switch - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 39
with allowable MAC address will be forwarded. • Supports both dynamic and static. • Implement two traffic are forwarded. - Static Locking: User manually specifies a list of static MAC addresses , all dynamically locked addresses are 'freed.' • If a specific MAC address is to be set for a port, set - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 40
discard max trap Discard frames with unlearned source addresses. Configure the maximum addresses that can be learned on the port. Sends SNMP Traps, and specifies the minimum time between consecutive traps. console(config-if-1/g18)#port security Example #2: Show Port Security console#show ports - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 41
Range seconds. console(config)#lldp notification-interval 1000 console(config)#lldp timers ? hold interval reinit The interval multiplier to set local LLDP data TTL. The interval in seconds to transmit local LLDP data. The delay before re-initialization. Press - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 42
feature. Overview Denial of Service: • Spans two categories: - Protection of the switch - Protection of the network • Protects against the exploitation of a number of vulnerabilities which would make the host or network unstable • Compliant with Nessus. Dell tested the switch software with - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 43
The following table describes the dos-control keywords. Table 3-1. DoS Control Keyword firstfrag icmp l4port sipdip tcpflag tcpfrag Meaning Enabling First Fragment DoS prevention causes the switch to drop packets that have a TCP header smaller then the configured Min TCP Hdr Size. ICMP DoS - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 44
. Ports are untrusted by default. Network administrators can enable DHCP snooping globally and on specific VLANs. They can also configure ports within the VLAN to be trusted or untrusted. DHCP servers must be reached through trusted ports. DHCP snooping enforces the following security rules: • DHCP - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 45
the binding database. The DHCP binding database resides on a configured external server or locally in flash depending upon the user configuration. When a switch ACK Complete binding The DHCP snooping component does not forward server messages since they are forwarded in hardware. DHCP snooping - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 46
DHCP snooping can be configured on switching VLANs and routing VLANs. When a DHCP packet is received on a routing VLAN, the DHCP snooping application applies its filtering rules and updates the bindings database. If a client message passes filtering rules, the message is placed into the software - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 47
Example #7 Configure an interface as DHCP snooping trusted console(config-if-1/g1)#ip dhcp snooping trust console(config-if-1/g1)#exit Example #8 Configure rate limiting on an interface console(config-if-1/g1)#ip dhcp snooping limit rate 50 burst interval 1 console(config-if-1/g1)#exit Example #9 - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 48
1/g17 No No 1/g18 No No 1/g19 No No 1/g20 No No 1/g21 No No 1/g22 No No 1/g23 No No 1/g24 No No 1/xg3 No No 1/xg4 No No ch1 No No ch2 No No ch3 No No ch4 No No ch5 No No ch6 No No --More-- or (q)uit console# Example #12 Show DHCP Snooping database - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 49
1/g1 Yes 50 1/g2 No 15 1/g3 No 15 1/g4 No 15 1/g5 No 15 1/g6 No 15 1/g7 No 15 1/g8 No 15 1/g9 No 15 1/g10 No 15 1/g11 No 15 1/g12 No 15 1/g13 No 15 1/g14 No 15 1/g15 No 15 1/g16 No 15 1/g17 No 15 1/g18 No 15 --More-- or (q)uit 1/g19 No 15 1/ - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 50
ch11 0 ch12 0 ch13 0 ch14 0 ch15 0 Client Ifc Mismatch ---------0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 DHCP Server Msgs Rec'd ----------- 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 50 Switching Configuration - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 51
the administration required for managing the blade-centric switch blades. This feature provides administrators the in Simple mode, which is disabled by default. From the Dell CLI Setup Wizard, you can select the operational mode as " ) and static LAGs are supported. Figure 3-4 illustrates the - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 52
Default Aggregator Groups on Standalone Switch (Blade) The default Port Aggregator Group mapping is Uplink (External) Ports 1/xg17, 1/xg18, 1/xg19, 1/xg20 A standalone switch in Simple Mode supports up to 8 Aggregator Groups. The number of internal ports in an Aggregator Group is unlimited and - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 53
DOWN. In this case, lowest numbered uplink port will be active, and all other ports will be forced to "DOWN" state. To support NIC teaming failover on the server blades, all the internal ports in the Aggregator Group will be brought DOWN, if the links on all the uplink ports in that Aggregator - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 54
Simple Mode. • The switch handles traffic in the following way when in Simple Mode: • Ingress filtering is enabled on all ports. This means that tagged traffic would be dropped if the incoming port is not a member of the incoming packet's VLAN. • Untagged traffic should be switched and untagged at - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 55
console(config)#mode simple Switching modes will immediately clear the configuration. Are you sure you want to continue? (y/n) To select Normal mode as the operational mode, use the no form of mode simple command. console(config)#no mode simple Example #2: Enter Port Aggregator Mode Use the port- - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 56
Example #6: Set Group LACP Mode to Dynamic Use the lacp auto command to set the LACP (Link Aggregation) mode to dynamic for that Aggregator Group. This means that when more than one uplink port is in the Group, those uplink ports will be enabled automatically with LACP. console(config)#port- - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 57
Example #10: Show Group VLAN Table Use the show vlan [port-aggregator group < GroupId >] command to show the VLAN table for a particular aggregator group. [port-aggregator group is an optional parameter in the command and, if not specified, shows all the MAC entries in all the Groups. - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 58
Example #11: Show Group Configuration Summary Use the show port-aggregator group summary [< GroupId >] command to show the parameters configured on the aggregator group. is an optional parameter in the command and, if not specified, the command shows all the configured parameters for all - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 59
Simple Switch Mode Supported CLI Commands Commands that were available in Interface mode of Normal switch mode are now available in Simple mode and can execute on a Port Aggregator - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 60
-control dot1x re-authenticate dot1x re-authentication dot1x system-auth-control dot1x timeout quiet-period dot1x timeout re-authperiod dot1x timeout server-timeout dot1x timeout supp-timeout dot1x timeout tx-period show dot1x show dot1x statistics show dot1x users • Dot1x Advanced Features: dot1x - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 61
snmp engineID show snmp groups show snmp views snmp-server community snmp-server community-group snmp-server contact snmp-server enable traps snmp-server engineID local snmp-server group snmp-server host snmp-server location snmp-server trap authentication • SSH commands: crypto key generate dsa - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 62
show supported switchtype show switch show system show system id show system power show users show version switch priority switch renumber telnet traceroute traceroute {ipaddress|hostname} • TACACS commands: key port priority show tacacs tacacs-server host tacacs-server key tacacs-server timeout - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 63
ip https port ip https server key-generate location organization-unit show crypto certificate mycertificate show ip http show ip https state sFlow This section describes the sFlow feature. sFlow is the industry standard - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 64
• sFlow collector can receive data from multiple switches, providing a real-time synchronized view of the whole network. • The Collector can analyze traffic patterns based on protocols found in the headers (e.g., TCP/IP, IPX, Ethernet, AppleTalk...). This alleviates the need for a layer 2 switch to - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 65
Counter Sampling The primary objective of Counter Sampling is to efficiently, periodically export counters associated with Data Sources. A maximum Sampling Interval is assigned to each sFlow instance associated with a Data Source. Counter Sampling is accomplished as follows: • sFlow Agents keep a - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 66
Example #5: Show sFlow sampling for receiver index 1 console#show sflow 1 sampling Sampler Data Source ----------1/g1 1/g2 1/g3 1/g4 1/g5 1/g6 1/g7 1/g8 1/g9 1/g10 1/g15 Receiver Index ------1 1 1 1 1 1 1 1 1 1 1 Packet Sampling Rate 1500 1500 1500 1500 1500 1500 1500 1500 1500 1500 1500 Max - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 67
Routing Configuration This section describes configuration scenarios and instructions for the following routing features: • "VLAN an example of how to configure PowerConnect M6220/M6348/M8024 switch software to support VLAN routing. NOTE: The management VLAN cannot be configured as a routing - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 68
VLAN 20 Layer 2 Switch Example 1: Create Two VLANs The following code sequence shows an example of creating two VLANs with egress frame tagging enabled. console#configure console(config)#vlan database console(config-vlan)#vlan 10 console(config-vlan)#vlan 20 console(config-vlan)#exit Example - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 69
console(config-if-1/g2)#exit console#configure console(config)#interface ethernet 1/g3 console(config-if-1/g3)#switchport mode general console(config-if-1/g3)#switchport general allowed vlan add 20 console(config-if-1/g3)#switchport general pvid 20 console(config-if-1/g3)#exit Example 3: Set Up VLAN - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 70
is introduced into the network. If the router goes down, the end station is unable to communicate. Since static configuration is a convenient may participate. CLI Examples This example shows how to configure the switch to support VRRP. Router 1 will be the default master router for the virtual route - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 71
Figure 4-2. VRRP Example Network Configuration Layer 3 Switch acting as Router 1 Layer 3 Switch acting as Router 2 VPLoArtN1/500/2 192.150.2.1 Virtual Router ID 20 Virtual Addr. 192.150.2.1 PVoLrAt 1N/06/40 192.150.4.1 Virtual Router ID 20 Virtual Addr. 192.150.2.1 Layer 2 Switch Hosts - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 72
Assign virtual router IDs to the port that will participate in the protocol: console(config)#interface vlan 50 console(config-if-vlan50)#ip vrrp 20 Specify the IP address that the virtual router function will recognize. The priority default is 255. console(config-if-vlan50)#ip vrrp 20 ip 192.150.2.1 - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 73
Enable VRRP on the port. console(config-if-vlan60)#ip vrrp 20 mode console(config-if-vlan60)#exit Using the Web Interface to Configure VRRP Use the following screens to perform the same configuration using the Graphical User Interface: • Routing > IP > Configuration. To enable routing for the switch - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 74
changed is sent. - Updates are sent to a multicast, not a broadcast address. • Hierarchical management: allows the network to be subdivided. The switch supports OSPFv2, which is used on IPv4 networks and OSPFv3, which has enhancements for handling 128-bit IPv6 addresses. The protocols are configured - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 75
from a protocol other than OSPF or were statically configured. These routes typically send traffic outside the AS. Therefore, routes from a stub area to locations outside the AS use the default gateway. A virtual link cannot be configured across a stub area. A Not So Stubby Area can import limited - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 76
External routes are those imported into OSPF from other routing protocol or processes. OSPF computes the path cost differently for external type 1 and external type 2 routes. The cost of an external type 1 route is the cost advertised in the external LSA plus the path cost from the calculating - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 77
IPv4 (OSPFv2) IPv6 (OSPFv3) Enable routing and assign IP for VLANs 70, 80 and 90. config config interface vlan 70 routing ip address 192.150.2.2 255.255.255.0 exit interface vlan 80 routing ip address 192.130.3.1 255.255.255.0 exit interface vlan 70 routing ipv6 enable exit interface vlan 80 - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 78
IPv4 (OSPFv2) config interface vlan 70 ip ospf area 0.0.0.0 ip ospf priority 128 ip ospf cost 32 exit interface vlan 80 ip ospf area 0.0.0.2 ip ospf priority 255 ip ospf cost 64 exit interface vlan 90 ip ospf area 0.0.0.2 ip ospf priority 255 ip ospf cost 64 exit exit IPv6 (OSPFv3) config interface - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 79
Figure 4-4. OSPF Configuration-Stub Area and NSSA Area Area 2 (0.0.0.2) IR (5.3.0.0) 10.1.101.1 3000:1:101::/64 Router 1 (1.1.1.1) Virtual Link Area 1 (0.0.0.1) - stub 10.1.2.1 3000:1:2::/64 10.1.2.2 3000:1:2:: Router 2 (2.2.2.2) 10.2.4.2 3000:2:4:: IR (5.4.0.0) Area 0 (0.0.0.0) 10.1.2.2 3000 - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 80
ipv6 address 3000:3:100::/64 eui64 ip ospf area 0.0.0.0 ipv6 ospf exit • Define an OSPF router: ipv6 router ospf router-id 3.3.3.3 exit router ospf router-id 3.3.3.3 exit exit Configure Router B: Router B is a ABR that connects Area 0 to Areas 1 and 2. • Configure IPv6 and IPv4 routing. The static - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 81
ipv6 address 3000:2:4::/64 eui64 ipv6 ospf ipv6 ospf areaid 2 exit • For IPv4: Define an OSPF router. Define Area 1 as a stub. Enable OSPF for IPv4 on VLANs 10, 5, and 17 by globally defining the range of IP addresses associated with each interface, and then associating those ranges with Areas 1, 0, - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 82
Figure 4-5. OSPF Configuration-Virtual Link Area 2 (0.0.0.2) IR (5.3.0.0) 10.1.101.1 VLAN 11 3000:1:101::/64 Router C - ABR (5.5.5.5) VLAN 10 10.1.2.1/24 3000:1:2::/64 VLAN 7 10.1.2.2/24 3000:1:2::/64 eui64 Virtual Link Router B - ABR (4.4.4.4) Area 0 (0.0.0.0) - backbone VLAN 5 10.2.3.3/24 - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 83
Configure Router B: Router B is a ABR that directly connects Area 0 to Area 1. In addition to the configuration steps described in the previous example, we define a virtual link that traverses Area 1 to Router C (5.5.5.5). (console)#configure ipv6 unicast-routing ip routing interface vlan 2 routing - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 84
network and hop count - The routing table is broadcast to all stations on the attached network • RIP-2 defined in RFC 1723 - Route specification is extended to include subnet mask and gateway - The routing table is sent to a multicast address, reducing network traffic - An authentication method - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 85
The PowerConnect M6220/M6348/M8024 switches support both versions of RIP. You may configure a given port: • To receive packets in either or both formats • To transmit packets formatted for RIP-1 or RIP-2 - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 86
Example #2: Enable Routing for Ports The following command sequence enables routing and assigns IP addresses for VLAN 2 and VLAN 3. console#config interface vlan 2 routing ip address 192.150.2.2 255.255.255.0 exit interface vlan 3 routing ip address 192.130.3.1 255.255.255.0 exit exit Example #3. - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 87
Using the Web Interface to Configure RIP Use the following screens to perform the same configuration using the Graphical User Interface: • Routing > IP > Configuration> To enable routing for the switch. • Routing > IP > Interface Configuration > To configure the VLAN routing interfaces. • Routing > - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 88
Example 1: Configure Administrative Preferences The following commands configure the administrative preference for the RIP and OSPF: console#Config router rip distance rip 130 exit For OSPF, an additional parameter identifies the type of OSPF route that the preference value applies to: router ospf - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 89
Using Equal Cost Multipath The equal cost multipath (ECMP) feature allows a router to use more than one next hop to forward packets to a given destination prefix. It can be used to promote a more optimal use of network resources and bandwidth. A router that does not use ECMP forwards all packets to - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 90
provide for the creation, deletion, and management of loopback interfaces. A loopback interface is a software-only interface that is not associated with a physical location; as such it is not dependent on the physical status of a particular router interface and is always considered "up" as long as - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 91
Loopbacks are typically used for device management purposes. A client can use the loopback interface to communicate with the router through various services such as telnet and SSH. The address on a loopback behaves identically to any of the local addresses of the router in terms of the processing - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 92
entries. Discard entries are used to discard packets received on a specific interface when those packets would otherwise be relayed according to a Number IEN-116 Name Service 42 DNS 53 NetBIOS Name Server 137 NetBIOS Datagram Server 138 TACACS Server 49 Time Service 37 DHCP 67 Trivial - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 93
verifies that the interface is configured to relay to the destination UDP port. If so, the relay agent unicasts the packet to the configured server IP addresses. Otherwise, the relay agent verifies that there is a global configuration for the destination UDP port. If so, the relay agent unicasts the - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 94
received on any interface for all default ports (Table 2) to the server at 20.1.1.1, use the following commands: console (config)#ip helper-address 20.1.1.1 address 192.168.20.1 dhcp Example 5: Enable IP Helper on an Interface on a Server (DHCP and DNS) To relay DHCP and DNS packets to 192.168.30.1, - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 95
IP helper is enabled Interface vlan 100 vlan 101 any UDP Port ----------dhcp any dhcp Discard -------No Yes No Hit Count ---------10 2 0 Server Address 10.100.1.254 10.100.2.254 10.200.1.254 Example 8: Show IP Helper Statistics The following command shows IP Helper configurations: console - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 96
96 Routing Configuration - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 97
available via that Port. • Supplicant - Port that attempts to access services offered by the Authenticator. Additionally, there exists a third role: • Authentication server - Server that performs the authentication function necessary to check the credentials of the supplicant on behalf of the - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 98
PowerConnect M6220/M6348/M8024 switches support the authenticator role only, in external authentication server: • Remote Authentication Dial-In User Service (RADIUS) mode because this is where the RADIUS server and protected network resources are located. Figure 5-1. Switch with 802.1x Network - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 99
Based Authentication Mode The PowerConnect M6220/M6348/M8024 switches support MAC-based 802.1X authentication. This feature allows same port, each of the connected hosts authenticates separately with the RADIUS server. The following command enables MAC-based authentication on port 1/g8 and limits - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 100
to be placed into a particular VLAN based on the result of type of 802.1X authentication a client uses when it accesses the switch. The RADIUS server or IEEE 802.1X Authenticator can provide information to the switch about which VLAN to assign the host (supplicant). When a host connects to a switch - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 101
feature allows a switch to provide a distinguished service to unauthenticated users. This feature provides a 1X mode, when a client that does not support 802.1X is connected to an unauthorized port that VLANs. The examples assume that the RADIUS server and VLAN information has already been configured - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 102
based on the result of the authentication. The command in this example allows the switch to accept VLAN assignment by the RADIUS server. NOTE: The feature is available in release 2.1 and later. console#config console(config)#aaa authorization network default radius Example #2: Enable Guest VLANs - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 103
the 802.1x infrastructure, and it cannot be supported independent of the Dot1x component. Operation in the The authenticator sends a request to the authentication server with the MAC address of the client in in a RADIUS assigned VLAN or apply a specific Filter ID to the client traffic. Figure 5-2 - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 104
Figure 5-2. MAB Operation - Authentications Based on MAC Address in Database CLI Examples Example 1: Enable/Disable MAB To enable/disable MAB on interface 1/5, use the following commands: console(config-if-1/g5)#dot1x mac-auth-bypass console(config-if-1/g5)#no dot1x mac-auth-bypass 104 Device - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 105
(supplicant). The application of the policy is applied to the host after the authentication process has completed. To enable filter assignment by an external server, the following conditions must be true: 1 The port that the host is connected to must be enabled for MAC-based port access control by - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 106
policy, see "Differentiated Services" on page 137. policy specified within the server attribute does not exist support Flow-based Mirroring and ACL Logging, which have the following characteristics: • Flow-based mirroring is the ability to mirror traffic that matches a permit rule to a specific - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 107
not both. • The PowerConnect M6220/M6348/M8024 switches support a limited number of counter resources, so it may an ACL for a given port, all traffic not specifically permitted by the ACL is denied access. NOTE: • Destination MAC mask • VLAN ID • Class of Service (CoS) (802.1p) • Ethertype L2 ACLs can - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 108
IP ACLs IP ACLs classify for Layers 3 and 4. Each ACL is a set of up to ten rules applied to inbound traffic. Each rule specifies whether the contents of a given field should be used to permit or deny access to the network, and may apply to one or more of the following fields within a packet: • - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 109
Figure 5-3. IP ACL Example Network Diagram Example #1: Create an ACL and Define an ACL Rule This command creates an ACL named list1 and configures a rule for the ACL. After the mask has been applied, it permits packets carrying TCP traffic that matches the specified Source IP address, and sends - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 110
Example #2: Define the Second Rule for ACL 179 Define the rule to set similar conditions for UDP traffic as for TCP traffic. console(config)#access-list list1 permit udp 192.168.77.0 0.0.0.255 192.168.77.3 0.0.0.255 console(config)#exit Example #3: Apply the Rule to Outbound (Egress) Traffic on - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 111
log mirror redirect vlan Configure logging for this access list rule. Configure the packet mirroring attribute. Configure the packet redirection attribute. Configure a match condition based on a VLAN ID. Enter a four-digit hexadecimal number in the range of - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 112
Example #7: Setup an ACL with Permit Action console# Config console(config)#mac access-list extended mac2 console(config-mac-access-list)#permit ? any Configure a match condition for all the source MAC addresses in the Source MAC Address field. Enter a MAC Address. console(config-mac- - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 113
large network. One such type of Authentication Server supports the Remote Authentication Dial In User Service (RADIUS) protocol as defined by RFC request to a pre-configured RADIUS server. The server can authenticate the user itself, or make use of a back-end device to ascertain authenticity. In - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 114
host 10.10.10.10 console(Config-radius)#key secret1 console(Config-radius)#priority 1 console(Config-radius)#exit console(config)#radius-server host 11.11.11.11 console(Config-radius)#key secret2 console(Config-radius)#priority 50 console(Config-radius)#exit console(config)#aaa authentication login - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 115
can configure each server host with a specific connection type, port, timeout, and shared key, or you can use global configuration for the key and timeout. Like RADIUS, the TACACS+ server can do the authentication itself, or redirect the request to another back-end device. All sensitive information - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 116
or does not allow the user to gain access to the switch. If neither of the two servers can be contacted, the switch searches its local user database for the user. console# config console(config)#tacacs-server host 10.10.10.10 console(config)#key tacacs1 console(config)#exit console(config)#tacacs - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 117
authorized captive portal users locally or through a radius client. The Authentication server supports both HTTP and HTTPS web connections. In addition, Captive Portal can to the network administrator communicating with interface-specific components as required. Functional Description Captive Portal - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 118
users. Authenticated users are required to enter a valid user name and password that are validated against the local database or a RADIUS server. Network access is granted once user verification has been confirmed. The administrator can block access to a captive portal configuration. When an - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 119
groups and modify the user/group association to only allow a subset of users access to a specific captive portal instance. Network access is granted upon successful verification of user credentials. A remote RADIUS server can be used for client authentication. RADIUS authentication and accounting - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 120
Interchange Format) and/or JPEG (Joint Photographic Experts Group) file types are supported. Once an image file is copied to the switch it can be selected from a drop down list and associated with a locale specific web page configuration. The verification method is part of the captive portal - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 121
for script files. Although the data is shown in ASCII, it not for the end user (it is intended to be read by the text-based configuration). The output. The actual contents however can still be displayed using the specific Captive Portal CLI show commands. The local user database passwords appear in - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 122
The size of the table has a limit of 1024 entries. If the list becomes full, new table entries are rejected and a trap is sent for every rejected client. Captive Portal Statistics Client session statistics are available for both guest and authenticated users.Client statistics are used to enforce the - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 123
Port 0 Peer Switch Statistics Reporting Interval...... 300 Authentication Timeout 600 Supported Captive Portals 10 Configured Captive Portals 2 Active Captive Portals 1 System Supported Users 1024 Local Supported Users 128 Authenticated Users 0 Example 7: Modify the Default Captive Portal - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 124
following command: console#show captive-portal configuration 1 interface CP ID 1 CP Name Default Interface --------1/g18 Interface Description Unit: 1 Slot: 0 Port: 18 Gigabit - Level Operational Status ----------Disabled Block Status -----Not Blocked To view the status of a captive client - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 125
CP ID 1 CP Name Default Client MAC Address 00:12:79:BF:94:7A Client IP Address Interface Interface Description 192.168.1.10 1/g18 Slot: 1 Port: 18 Gigabit - Level This command shows a statistics for the above client #show captive-portal client 00:12:79:BF:94:7A statistics Client MAC - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 126
126 Device Security - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 127
prefix length of 64 bits. This leaves 64 bits for the interface specific portion, called an Interface ID in IPv6. Depending upon the underlying switch software supports stateless auto configuration of end nodes. The switch supports both EUI-64 interface identifiers and manually configured interface - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 128
. Routers have their network prefixes configured and may use EUI64 or manually configured interface IDs. In addition to one or more global addresses, to traverse an IPv4 network and has the IPv4 headers removed at the other end of the tunnel. CLI Example In Figure 6-1, two devices are connected as - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 129
ipv6 router ospf router-id 1.1.1.1 exit interface vlan 15 routing ip address 20.20.20.1 255.255.255.0 ip ospf area 0.0.0.0 exit interface vlan 2 routing ipv6 enable ipv6 address 2020:1::1/64 ipv6 ospf ipv6 ospf network point-to-point exit interface tunnel 0 ipv6 address 2001::1/64 tunnel mode ipv6ip - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 130
, the role of DHCPv6 within the network is different than that of DHCPv4 in that it is less relied upon for IP address assignment. DHCPv6 server and client interactions are described by RFC 3315 [6]. There are many similarities between DHCPv6 and DHCPv4 interactions and options, but the messages and - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 131
as Prefix Delegation server and defines one or more "general" prefixes to delegate to a CPE router acting as a Prefix Delegation client. The CPE router then can then allocate more specific addresses within the following CLI configuration: Enable DHCPv6: console# config Service dhcpv6 exit IPv6 131 - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 132
DHCPv6 pool configuration: console# config ipv6 dhcp pool testpool domain-name dell.com dns-server 2001::1 exit exit Per-interface DHCPv6 configuration: console#config interface vlan 15 ipv6 dhcp server testpool preference 10 exit exit 132 IPv6 - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 133
configure the ingress ports, the egress ports, and individual queues on the egress ports to provide customization that suits your environment. The level of service is determined by the egress port queue to which the traffic is assigned. When traffic is queued for transmission, the rate at which it - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 134
Port Configuration-Traffic Shaping For unit/slot/port interfaces, you can specify scheduling requires a specification of priority for Management Type The switch supports the tail drop method default queue 3. Since packet C does not contain a VLAN tag, the 802.1p user priority does not exist, so - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 135
queue 5 has a higher weighting than queue 1 (relative weight values shown as a percentage, with 0% indicating the bandwidth is not guaranteed), the queue service order is 6 followed by 5 followed by 1. Assuming each queue unloads all packets shown in the diagram, the packet transmission order as - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 136
Figure 7-2. CoS1/g Configuration Example System Diagram PPoorrtt 11//0g/1100 Portt11//0g/8 Server You will configure the ingress interface uniquely for all cos-queue and VLAN parameters. console# console#config interface ethernet 1/g8 traffic-shape 42200 kbps exit exit 136 Quality of Service - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 137
and how it should be handled to provide the desired quality of service. As implemented in PowerConnect M6220/M6348/M8024 switch software, DiffServ allows stream to a specific egress interface (physical port or LAG). PowerConnect M6220/M6348/M8024 switch software supports the Traffic Conditioning - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 138
• Service - Assigns a policy to an interface for inbound traffic. CLI Example This example shows how a network administrator can provide equal access to the Internet Source IP address-for the new classes. class-map match-all finance_dept match srcip 172.16.10.0 255.255.255.0 138 Quality of Service - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 139
g1 through 1/g4 in the inbound direction interface ethernet 1/g1 service-policy in internet_access exit interface ethernet 1/g2 service-policy in internet_access exit interface ethernet 1/g3 service-policy in internet_access exit interface ethernet 1/g4 service-policy in internet_access Quality of - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 140
DiffServ for VoIP Configuration Example One of the most valuable uses of DiffServ is to support Voice over IP (VoIP). VoIP traffic is inherently time-sensitive: for a network to provide acceptable service, a guaranteed transmission rate is vital. This example shows one way to provide the necessary - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 141
Figure 7-4. DiffServ VoIP Example Network Diagram Quality of Service 141 - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 142
Example #2: Configuring DiffServ VoIP Support Enter Global Config mode. Set queue 6 on all ports to use strict priority mode. ip-dscp ef assign-queue 5 exit exit Attach the defined policy to an inbound service interface. interface ethernet 1/g1 service-policy in pol_voip exit exit 142 Quality of - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 143
8 Multicast Overview IP Multicasting enables a network host (or multiple hosts) to send an IP datagram to multiple destinations simultaneously. The initiating host sends each multicast datagram only once to a destination multicast group address, and multicast routers forward the datagram only to - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 144
there are interested receivers. Refer to those sections for configuration instructions. IGMP Proxy IGMP proxy enables a multicast router to learn and PIM-SM) and have a tree-like topology, as there is no support for features like reverse path forwarding (RPF) to correct packet route loops. The - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 145
the forwarding decision for subsequent multicast packets with same combination of source and group. CLI Examples The CLI component of the Dell switch allows the end users to configure the network device and to view device settings and statistics using a serial interface or telnet session. Example - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 146
on RIP: it forwards multicast datagrams to other routers in the AS and constructs a forwarding table based on information it learns in response. More specifically, it uses this sequence. • A new multicast packet is forwarded to the entire multicast network, with respect to the time-to-live (TTL) of - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 147
CLI Example The following example configures two DVMRP interfaces. First, this example configures an OSPF router1 and globally enables IP routing and IP multicast. IGMP is globally enabled so that this router can manage group membership information for its directly-connected hosts (IGMP may not be - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 148
on an RP do not necessarily provide the shortest, most optimal path. In such cases, PIM-SM provides a means to switch to more efficient source-specific trees. A data threshold rate is configured to determine when to switch from shared-tree to source-tree. PIM-SM uses a Bootstrap Router (BSR), which - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 149
datagram. PIM-DM initially floods multicast traffic throughout the network. Routers that do not have any downstream neighbors send back Prune messages that instruct the upstream router to remove that multicast route from its forwarding table. In addition to the Prune messages, PIM-DM makes use of - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 150
To minimize the repeated flooding of datagrams and subsequent pruning associated with a particular source-group (S,G) pair, PIM-DM uses a State Refresh message. This message is sent by the router(s) directly connected to the source and is propagated throughout the network. When received by a router - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 151
to save the configuration. The Auto Config process depends upon the configuration of other devices in the network, including: • DHCP or BOOTP server • TFTP server • DNS server (if necessary) IP Address Assignment If BOOTP or DHCP is enabled on the switch and an IP address has not been assigned, the - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 152
to get the final configuration. The process is described below. The switch attempts to download a host-specific configuration file if a bootfile name was specified by the DHCP or BOOTP server. The switch makes three unicast TFTP requests for the specified bootfile. If the unicast attempts fail, or - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 153
files which may be downloaded, and the order in which they are sought. Table 9-1. Configuration File Possibilities Order Sought File Name Description 1 .cfg Host-specific config file, ending in a *.cfg file extension 2 fp-net.cfg Default network config file 3 .cfg Host - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 154
is disconnected from the network, or when the requisite configuration files are configured on TFTP servers. Termination of the Auto Config process ends further periodic requests for a host-specific file. Managing Downloaded Config Files The configuration files downloaded by Auto Config are stored in - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 155
the specification of a default gateway through which some IP communication can occur. The default gateway is specified by Option 3 of a BOOTP or DHCP response. Dependency Upon Other Network Services The Auto Config process depends upon the following network services: • A DHCP or BOOTP server must - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 156
logged. • Auto Config component initiating a TFTP request for a ".cfg" file, receiving the file, or timing out of that request. Filenames, server IP addresses, and hostnames are logged. • Applying a config script. • Failure of the CLI scripting utility to apply a config file. SIM The SIM - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 157
Stacking The downloaded configuration file is not distributed across a stack. When an administrator saves configuration, the config file is distributed across a stack. CLI Examples Example 1: Show Auto Config Process To display the current status of the Auto Config process, use the following command - Dell PowerEdge M420 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 158
Example 2: Enable Auto Config To start or stop Auto Config on the switch, use the following commands: console#boot host dhcp console#no boot host dhcp 158 Utility
www.dell.com | support.dell.com
Dellâ„¢ PowerConnectâ„¢
M6220/M6348/M8024
Switches
Configuration Guide
Model PCM6220/PCM6348/PCM8024