Dell PowerEdge M520 Dell PowerConnect M6220/M6348/M8024 Switches Configuration
Dell PowerEdge M520 Manual
View all Dell PowerEdge M520 manuals
Add to My Manuals
Save this manual to your list of manuals |
Dell PowerEdge M520 manual content summary:
- Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 1
Dell™ PowerConnect™ M6220/M6348/M8024 Switches Configuration Guide Model PCM6220/PCM6348/PCM8024 www.dell.com | support.dell.com - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 2
: A NOTICE indicates either potential damage to hardware or loss of data and tells you how to avoid the problem. CAUTION: A CAUTION indicates a potential for of Dell Inc. is strictly forbidden. Trademarks used in this text: Dell, Dell OpenManage, the DELL logo, Inspiron, Dell Precision, Dimension, - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 3
Contents 1 About this Document 9 Organization 9 Additional Documentation 10 2 System Configuration 11 Traceroute 11 CLI Example 12 Configuration Scripting 13 Overview 13 Considerations 13 CLI Examples 13 Outbound Telnet 16 Overview 16 CLI Examples 16 Simple Network Time Protocol (SNTP - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 4
33 Link Aggregation/Port Channels 35 CLI Example 35 Web Interface Configuration: LAGs/Port-channels 38 Port Mirroring 38 Overview 38 CLI Examples 39 Link Layer Discovery Protocol 40 CLI Examples 40 Denial of Service Attack Protection 42 Overview 42 CLI Examples 43 DHCP Snooping 44 - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 5
CLI Examples 54 Simple Switch Mode Supported CLI Commands 59 sFlow 63 Overview 63 sFlow Agents 64 CLI Examples 65 4 Routing Configuration 67 VLAN Routing 67 CLI Examples 67 Using the Web Interface to Configure VLAN Routing 70 Virtual Router Redundancy Protocol 70 CLI Examples 70 Using - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 6
.1x MAC Authentication Bypass (MAB 103 Operation in the Network 103 CLI Examples 104 Authentication Server Filter Assignment 105 Access Control Lists (ACLs 106 Overview 106 MAC ACLs 107 IP ACLs 108 ACL Configuration Process 108 IP ACL CLI Examples 108 MAC ACL CLI Examples 110 RADIUS 113 - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 7
7 Quality of Service 133 Class of Service Queuing 133 Ingress Port Configuration 133 Egress Port Configuration-Traffic Shaping 134 Queue configuration 134 Queue Management Type 134 CLI Examples 134 Differentiated Services 137 CLI Example 138 DiffServ for VoIP Configuration Example 140 8 - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 8
8 - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 9
1 About this Document This configuration guide provides examples of how to use the following switches in a typical network: • Dell™ PowerConnect™ M6220 • Dell PowerConnect M6348 • Dell PowerConnect M8024 It describes the advantages of specific functions the PowerConnect M6220/M6348/M8024 switches - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 10
initial system setup and configuration instructions. • The Getting Started Guide for your Dell PowerConnect switch provides basic information to install, configure, and operate the system. • Release notes for your Dell PowerConnect product detail the platform-specific functionality of the software - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 11
" on page 21 • "Storm Control" on page 21 • "10GBASE-T Plug-in Module Configuration" on page 23 NOTE: For information on setting up the hardware and serial or TFTP connection, refer to the Getting Started Guide for your system. Traceroute Use Traceroute to discover the routes that packets take when - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 12
ms 130 ms 160 ms 250 ms 250 ms 250 ms Hop Count = 20 Last TTL = 30 Test attempt = 90 Test Success = 90 12 System Configuration - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 13
format of one CLI command per line. NOTE: The startup-config and backup-config scripts are not bound by the 2 MB memory limit. Considerations When you use configuration scripting, keep the following considerations in mind: • The total number of scripts stored on the system is limited by NVRAM/FLASH - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 14
script(s) found. 2046 Kbytes free. console#script delete test.scr Are you sure you want to delete the configuration script(s)? (y/n)y 1 configuration script(s) deleted. Example #3: Applying a Script to the Active Configuration console#script apply abc.scr Are you sure you want to apply the - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 15
want to start? (y/n) y 267 bytes transferred File transfer operation completed successfully. Example #6: Downloading a Configuration Script to the TFTP Server Use this command to download a configuration script from the TFTP server to the switch. console#copy tftp://10.27.64.141/abc.scr script abc - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 16
the configuration script? (y/n)y ip address dhcp username "admin" password 16d7a4fca7442dda3ad93c9a726597e4 level 15 encrypted exit Configuration script and terminate at a "Network Virtual Terminal" (NVT). • Server and user hosts do not maintain information about the characteristics of each other's - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 17
(Dell Routing)(Config) #sntp ? console(config)#sntp ? authenticate authentication-key broadcast client server trusted-key unicast Require authentication for received Network Time Protocol (NTP) traffic from servers. Define an authentication key for Simple Network Time Protocol (SNTP). Configure - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 18
this peer. Enable/Disable SNTP server polling. Configure SNTP server priority. Press enter to execute the command. console(config)#sntp server 192.168.10.25 Example status Client Mode: Unicast Last Update Time: JUN 08 20:26:02 2009 Unicast servers: Server Status 192.168.10.25 Unknown - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 19
messages and/or errors. • Can store to local files on the switch or a remote server running a syslog daemon. • Provides a method of collecting message logs from many systems. Interpreting Messages: 0 Dropped. CLI Command Logging : disabled Web Session Logging : disabled System Configuration 19 - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 20
. CLI Command Logging Configuration. Console Logging Configuration. Syslog Facility Configuration. Configure logging file parameters. Enable logging to all supporting destinations. SNMP Set Command Logging Configuration. Web Session Logging Configuration. Configure syslog server IP address or - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 21
below for the Port Description feature. Example #1: Enter a Description for a Port This example specifies the name "Test" for port 1/g17: console#configure console(config)#interface ethernet 1/g17 console(config-if-1/g17)#description Test console(config-if-1/g17)#exit console(config)#exit Example - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 22
as the forwarding-plane requires pps versus an absolute rate kbps. For example, if the configured limit is 10%, this is converted to ~25000 pps, and this pps limit is set in forwarding plane (hardware). You get the approximate desired output when 512bytes packets are used. CLI Example The following - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 23
and cannot be manually configured. However, you can specify the switching modes advertised during autonegotiation. The software supports 1G, 10G, and modes: console(config-if-1/xg17)#negotiation 1000f 10000f Example#2: Configure Low-Power Mode When No Cable is Connected (M8024 switch only) - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 24
Use the following command to display the current status of low-power mode on an interface (see the Admin State column): console#show interfaces configuration Port Type 1/xg1 10G - Level .... 1/xg21 10G - Level 1/xg22 10G - Level .... Duplex -----N/A Full N/A Speed ------Unknown 1000 Unknown - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 25
configuration • "Link Layer Discovery Protocol" on page 40 • "Denial of Service Attack Protection" on page 42 • "DHCP Snooping" on page 44 . The only physical requirement is that the end station, and the port to which it than one VLAN, but it can only support one default VLAN ID. Two features let - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 26
source IP address, network mask, and the desired VLAN ID. • The MAC-based VLAN feature let packets originating from end stations become part of a VLAN according to source MAC address. To configure the feature, you specify a source MAC address and a VLAN ID. The Private Edge VLAN feature lets you set - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 27
)#switchport general allowed vlan add 3 console(config-if-1/g19)#exit console(config)#interface ethernet 1/g20 console(config-if-1/g20)#switchport general allowed vlan add 3 Switching Configuration 27 - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 28
enable routing on the VLAN and on the switch. Routing is only permitted on VLAN interfaces. Routing on physical interfaces is not supported. console#configure console(config)#interface vlan 2 console(config-if-vlan2)#ip address 192.168.10.33 255.255.255.0 console(config-if-vlan2)#routing console - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 29
. CLI Examples The following examples show how to associate an IP subnet with a VLAN, a specific IP address with a VLAN, and a MAC address with a VLAN. Example #1: Associate an IP Subnet with a VLAN This example shows how to configure the switch so that all hosts with IP addresses in the 192.168.25 - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 30
.255.0 192.168.1.11 255.255.255.255 VLAN ID ------10 10 Protocol-Based VLANs The software supports protocol-based VLANs, where only packets are bridged based on their layer 3 protocol. Protocol-based VLANs following command: console(config)#protocol vlan group all 1 30 Switching Configuration - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 31
to only one set of protected ports, but an unprotected port can be added to a group as a protected port. The group name is configurable by the network administrator. Use the switchport protected command to designate a port as protected. Use the show switchport protected command to display a listing - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 32
1/g17 console(config-if-1/g17)#ip igmp snooping? host-time-out leave-time-out mrouter-time-out Configure host time out parameter. Configure leave time out parameter. Configure mrouter time out parameter. Press enter to execute the command. console(config-if-1/g17)#ip igmp snooping console - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 33
required. The IGMP Snooping Querier can perform the IGMP snooping functions on the VLAN. NOTE: Without an IP-multicast router on a VLAN, you must configure another switch as the IGMP querier so that it can send queries. When the IGMP snooping querier is enabled, the IGMP snooping querier sends out - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 34
10.10.10.33 IGMP Version 2 Querier Query Interval 100 Querier Expiry Interval 100 Example #4: Enable IGMP Snooping Querier on a VLAN To configure IGMP Snooping Querier on a VLAN, enter VLAN Database mode. The first ip igmp snooping command in this example enables the IGMP snooping querier - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 35
Link Aggregation feature to configure port-channels via the Command Line Interface and the Graphical User Interface. The Link configure more than one port-channel for a given switch. CLI Example The following shows an example of configuring the software to support Link Aggregation (LAG) to a server - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 36
Example Network Diagram Server PPoorrtt11/g/017/2 LLAAGG__110 PPort 11//g01/83 LALGAG__110 PPoorrtt11/g/01/98 LLAAGG__220 PPoorrtt 11//g02/90 LALGAG__220 Layer 3 Switch Subnet 3 Layer 2 Switch Subnet 2 Subnet 3 Example 1: Create Names for Two Port-Channels console#configure console(config - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 37
1/g20 3 No Configured Ports 3 No Configured Ports 3 No Configured Ports 3 No Configured Ports 3 No Configured Ports 3 No Configured Ports 3 No Configured Ports 3 No Configured Ports 3 No Configured Ports 3 No Configured Ports 3 No Configured Ports 3 No Configured Ports 3 No - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 38
LAGs/Port-channels To perform the same configuration using the Graphical User Interface, click Switching > Link Aggregation > network traffic from specific ports for analysis by a network analyzer, while allowing the same traffic to be switched to its destination. You can configure many switch ports - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 39
Supports both dynamic and static. • Implement two traffic filtering methods. These methods can be used concurrently. - Dynamic Locking: User forwarded. - Static Locking: User manually specifies a list of locked addresses are 'freed.' • If a specific MAC address is to be set for a Configuration 39 - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 40
and physical descriptions. Network managers can view this information and identify system topology and detect bad configurations on the LAN. LLDP has separately configurable transmit and receive functions. Interfaces can transmit and receive LLDP information. CLI Examples Example #1: Set Global - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 41
config-if-1/g10)#lldp transmit-mgmt console(config-if-1/g10)#exit console(config)#exit Example #3: Show Global LLDP Parameters console#show lldp LLDP Global Configuration Transmit Interval 30 seconds Transmit Hold Multiplier 8 Reinit Delay 5 seconds Notification Interval 1000 seconds Switching - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 42
lldp interface 1/g10 LLDP Interface Configuration Interface Link Transmit Receive Notify TLVs Mgmt 1/g10 Down Enabled Enabled Disabled Y TLV Codes: 0- Port Description, 1- System Name 2- System Description, 3- System Capabilities Denial of Service Attack Protection This section describes - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 43
TCP Hdr Size. ICMP DoS prevention causes the switch to drop ICMP packets that have a type set to ECHO_REQ (ping) and a size greater than the configured ICMP Pkt Size. Enabling L4 Port DoS prevention causes the switch to drop packets that have TCP/UDP source port equal to TCP/UDP destination - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 44
snooping globally and on specific VLANs. They can also configure ports within the VLAN to be trusted or untrusted. DHCP servers must be reached interface to further work with that port. The user can configure both the rate and the burst interval. The hardware rate limits DHCP packets sent to the CPU - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 45
configured external server or locally in flash depending upon the user configuration. When a switch learns of new bindings or when it loses bindings, the switch immediately updates snooping component does not forward server messages since they are forwarded in hardware. DHCP snooping forwards valid - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 46
DHCP snooping can be configured on switching VLANs and routing VLANs. When a DHCP packet is received on a routing VLAN, the DHCP snooping application applies its filtering rules and updates the bindings database. If a client message passes filtering rules, the message is placed into the software - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 47
)#ip dhcp snooping binding 00:01:02:03:04:05 vlan 1 10.131.11.1 interface 1/g2 console(config)#exit Example #10 Show DHCP Snooping configuration on VLANs and Ports show ip dhcp snooping binding DHCP snooping is Enabled DHCP snooping source MAC verification is enabled DHCP snooping is enabled on - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 48
No No ch3 No No ch4 No No ch5 No No ch6 No No --More-- or (q)uit console# Example #12 Show DHCP Snooping database configurations console#show ip dhcp snooping database agent url: local write-delay: 500 console# Example #13 Show DHCP Snooping binding entries Total number of bindings - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 49
No 15 ch5 No 15 ch6 No 15 ch7 No 15 ch8 No 15 ch9 No 15 ch10 No 15 --More-- or (q)uit console# 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 Switching Configuration 49 - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 50
ch11 0 ch12 0 ch13 0 ch14 0 ch15 0 Client Ifc Mismatch ---------0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 DHCP Server Msgs Rec'd ----------- 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 50 Switching Configuration - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 51
required for managing the blade-centric switch blades. This feature provides administrators configured to enable LACP automatically). All connectivity mapping is done through a simplified user interface. Port Aggregator is completely interoperable. Dynamic (via LACP) and static LAGs are supported - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 52
3-4. Default Aggregator Groups on Standalone Switch (Blade) The default Port Aggregator Group mapping is shown standalone switch in Simple Mode supports up to 8 Aggregator Groups. The number of internal ports in an Aggregator Group is unlimited and you can configure any number of internal ports in - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 53
user intervention. When configured in "off" mode, links on all but one uplink port in that Aggregator group will be forced to DOWN. In this case, lowest numbered uplink port will be active, and all other ports will be forced to "DOWN" state. To support NIC teaming failover on the server blades - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 54
for Port Aggregator. Example #1: Set the Operational Mode A user with privilege level 15 can change the operational mode from Normal to Simple and vice versa. Enter the commands to get into Global Configuration mode: console>enable console#configure console(config)# Use the mode simple command from - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 55
no mode simple Example #2: Enter Port Aggregator Mode Use the port-aggregator group command to enter the Port Aggregator mode to configure aggregator group attributes. GroupId is the Port Aggregator group identifier. (Range: 1-8) On a standalone switch, it is up to 8. By default, all ports - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 56
number of uplink ports in the group is 2 and the number of internal ports is 4. If the user sets the minimum active uplink ports to be 2, then both the uplink ports should be active; otherwise, 3 0006.2932.814D 1/xg18 Static 1001 0006.2932.814B 1/xg17 Static 56 Switching Configuration - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 57
Type ----- 3 2 Static 1000 2 Static Authorization Required Required console#show vlan VLAN AggregatorGroup ----- 2 4 3 2 1000 2 1001 3 Type -----Static Static Static Static Authorization Required Required Required Required Switching Configuration 57 - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 58
on the aggregator group. is an optional parameter in the command and, if not specified, the command shows all the configured parameters for all the Groups. console#show port-aggregator group summary 2 Group ----2 VLANs ----4023 Uplinks ------1 MTU ------Default Negotiation Speed - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 59
enable password ip http authentication ip https authentication login authentication password (Line Configuration) password (User EXEC) show authentication methods show user accounts show users login history username • Configuration and Image File Commands: boot system clear config copy delete backup - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 60
-authperiod dot1x timeout server-timeout dot1x timeout supp-timeout dot1x timeout tx-period show dot1x show dot1x statistics show dot1x users • Dot1x Advanced Features: dot1x guest-vlan dot1x unauth-vlan dot1x max-users show dot1x clients • Ethernet configuration commands: clear - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 61
snmp-server location snmp-server trap authentication • SSH commands: crypto key generate dsa crypto key generate rsa crypto key pubkey-chain ssh ip ssh port ip ssh pubkey-auth ip ssh server key-string show crypto key mypubkey show crypto key pubkey-chain ssh show ip ssh Switching Configuration 61 - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 62
show supported switchtype show switch show system show system id show system power show users show version switch priority switch renumber telnet traceroute traceroute {ipaddress|hostname} • TACACS commands: key port priority show tacacs tacacs-server host tacacs-server key tacacs-server timeout - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 63
https port ip https server key-generate location organization- of the switch continuously, with no impact on the distributed switching performance. • Minimal memory/CPU is required. Samples are not aggregated into a flow-table on the switch; change in sampling rate). Switching Configuration 63 - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 64
sFlow Collector. Counter samples may be taken opportunistically to fill these datagrams. To perform Packet Flow Sampling, an sFlow Sampler Instance is configured with a Sampling Rate. Packet Flow sampling results in the generation of Packet Flow Records. To perform Counter Sampling, an sFlow Poller - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 65
with a polling interval of 400 seconds console(config-if-1/g15)#sflow 1 polling 400 Example #4: Show the sFlow configuration for receiver index 1 console#show sflow 1 destination Receiver Index 1 Owner String site77 Time out 1529 IP Address 30.30.30.1 Address Type 1 Port 560 Datagram Version - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 66
1/g4 1/g5 1/g6 1/g7 1/g8 1/g9 1/g10 1/g15 Receiver Index ------1 1 1 1 1 1 1 1 1 1 1 Poller Interval ------200 200 200 200 200 200 200 200 200 200 400 66 Switching Configuration - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 67
This section describes configuration scenarios and instructions for the following routing features: • "VLAN Routing" on an example of how to configure PowerConnect M6220/M6348/M8024 switch software to support VLAN routing. NOTE: The management VLAN cannot be configured as a routing interface. The - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 68
and assigning the PVID for each port. The PVID determines the VLAN ID assigned to untagged frames received on the ports. console#configure console(config)#interface ethernet 1/g1 console(config-if-1/g1)#switchport mode general console(config-if-1/g1)#switchport general allowed vlan add 10 console - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 69
vlan 10 console(config-if-vlan10)#routing console(config-if-vlan10)#ip address 192.150.3.1 255.255.255.0 console(config-if-vlan10)#exit console#configure console(config)#interface vlan 20 console(config-if-vlan20)#routing console(config-if-vlan20)#ip address 192.150.4.1 255.255.255.0 console(config - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 70
over from a "master" router without affecting the end stations using the route. The end stations will use a "virtual" IP address that be configured as a virtual router. Either a physical port or a routed VLAN may participate. CLI Examples This example shows how to configure the switch to support VRRP - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 71
ID 20 Virtual Addr. 192.150.2.1 PVoLrAt 1N/06/40 192.150.4.1 Virtual Router ID 20 Virtual Addr. 192.150.2.1 Layer 2 Switch Hosts Example 1: Configuring VRRP on the Switch as a Master Router Enable routing for the switch. IP forwarding is then enabled by default. console#config console(config)#ip - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 72
ip vrrp 20 ip 192.150.2.1 Enable VRRP on the port: console(config-if-vlan50)#ip vrrp 20 mode console(config-if-vlan50)#exit Example 2: Configuring VRRP on the Switch as a Backup Router Enable routing for the switch. IP forwarding is then enabled by default. console#config console(config)#ip routing - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 73
vlan60)#exit Using the Web Interface to Configure VRRP Use the following screens to perform the same configuration using the Graphical User Interface: • Routing > IP > Configuration. To enable routing for the switch. • Routing > IP > Interface Configuration. To enable routing for the VLAN interfaces - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 74
sent. - Updates are sent to a multicast, not a broadcast address. • Hierarchical management: allows the network to be subdivided. The switch supports OSPFv2, which is used on IPv4 networks and OSPFv3, which has enhancements for handling 128-bit IPv6 addresses. The protocols are configured separately - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 75
(see Figure 4-5). A stub area is an area that does not receive routes that were learned from a protocol other than OSPF or were statically configured. These routes typically send traffic outside the AS. Therefore, routes from a stub area to locations outside the AS use the default gateway. A virtual - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 76
cost of an external type 2 route is the cost advertised by the ASBR in its external LSA. NOTE: The following example uses the CLI to configure OSPF. You can also use the Web interface. Click Routing > OSPF or IPv6 > OSPFv3 in the navigation tree. CLI Examples Example - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 77
exit exit ipv6 router ospf router-id 1.1.1.1 exit exit OSPF is globally enabled by default. To make it operational on the router, you configure OSPF for particular interfaces and identify which area the interface is associated with. The following commands also sets the priority and cost for the - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 78
255 ipv6 ospf cost 64 exit interface vlan 90 ipv6 ospf ipv6 ospf areaid 0.0.0.2 ipv6 ospf priority 255 ipv6 ospf cost 64 exit exit Example 2: Configuring Stub and NSSA Areas In this example, Area 0 connects directly to two other areas: Area 1 is defined as a stub area and Area 2 is defined as - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 79
links to an ASBR (not defined here) that routes traffic outside the AS. • Globally enable IPv6 and IPv4 routing: (console) #configure ipv6 unicast-routing ip routing • Configure IP address and enable OSPF on VLAN routing interfaces 6 and 12 and enable IPv6 OSPF on the interfaces. (OSPF is enabled - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 80
protocols, are not injected into stub areas such as Area 1: (console)#configure ipv6 unicast-routing ipv6 route 3000:44:44::/64 3000:2:3::210:18ff:fe82: .23.67.0 255.255.255.0 10.2.3.3 • On VLANs 10, 5, and 17, configure IPv4 and IPv6 addresses and enable OSPF. For IPv6, associate VLAN 10 with Area 1 - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 81
static metric 1 subnets exit • For IPv6: Define an OSPF router. Define Area 1 as a stub and area 2 as a Not-So-Stubby-Area (NSSA). Configure a metric cost to associate with static routes when they are redistributed via OSPF: ipv6 router ospf router-id 2.2.2.2 area 0.0.0.1 stub area 0.0.0.2 nssa - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 82
B - ABR (4.4.4.4) Area 0 (0.0.0.0) - backbone VLAN 5 10.2.3.3/24 3000:2:3::/64 Router A - backbone (3.3.3.3) 10.2.3.2 3000:2:3::/64 VLAN 2 Area 1 (0.0.0.1) Configure Router A: Router A is a backbone router. Configuration steps are similar to those for Router A in the previous example. (console - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 83
5.5.5.5 network 10.2.3.0 0.0.0.255 area 0.0.0.0 network 10.1.2.0 0.0.0.255 area 0.0.0.1 exit ipv6 router ospf router-id 4.4.4.4 area 0.0.0.1 virtual-link 5.5.5.5 exit exit Configure Router C: Router C is a ABR that enables a virtual link from the remote Area 2 in the AS to Area 0. In addition to the - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 84
, and is typically used in small to medium-sized networks. RIP Configuration A router running RIP sends the contents of its routing table to stations on the attached network • RIP-2 defined in RFC 1723 - Route specification is extended to include subnet mask and gateway - The routing table is - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 85
The PowerConnect M6220/M6348/M8024 switches support both versions of RIP. You may configure a given port: • To receive packets being received • To prevent any RIP packets from being transmitted CLI Examples The configuration commands used in the following example enable RIP on ports vlan 2 and vlan - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 86
both ip rip send version rip2 exit interface vlan 3 ip rip ip rip receive version both ip rip send version rip2 exit exit 86 Routing Configuration - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 87
other route types to local hosts. Static routes have a default value of 1; however, this value and all other default preference values are user-configurable. A protocol can be assigned a preference value of 255 to prevent the router from forwarding packets using that protocol. For routed management - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 88
, static routes are assigned a preference value of 1. The following command changes this default: console#Config ip route distance 20 exit When you configure a static route, you can assign a preference value to it. The preference overrides the setting inherited as the default value for static routes - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 89
hops, then those routes will be treated as a single route with two next hops. For example, given the network in Figure 4-8, if the user configures the following two static routes on Router A, the routing table will contain a single route to 20.0.0.0/8: Figure 4-8. Next Hop with Two Static Routes - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 90
A and Router B. Then, on Router A, assume that OSPF reports to the routing table a route to 20.0.0.0/8 with a next hop of 10.1.1.2. If the user also configures a static route to 20.0.0.0/8 with a single next hop of 10.1.2.2, the routing table will not combine the OSPF and static routes into a single - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 91
can use the loopback interface to communicate with the router through various services such as telnet and SSH. The address on a loopback behaves Global Config mode by assigning it a unique ID from 0 to 7: console#configure console(config)#interface loopback 0 Next, you assign an IPv4 or IPv6 address - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 92
helper configuration. Network administrators can configure discard relay entries. Discard entries are used to discard packets received on a specific IEN-116 Name Service 42 DNS 53 NetBIOS Name Server 137 NetBIOS Datagram Server 138 TACACS Server 49 Time Service 37 DHCP 67 Trivial - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 93
so, the relay agent unicasts the packet to the configured server IP addresses. Otherwise, the relay agent verifies that there is a global configuration for the destination UDP port. If so, the relay agent unicasts the packet to the configured server IP addresses. Otherwise the packet is not relayed - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 94
Example 2: Configure IP Helper Globally (DHCP) To relay DHCP packets received on any interface to two DHCP servers (10.1.1.1 and 10.1.2.1), use the following commands: console (config)#ip helper-address 10.1.1.1 dhcp console (config)#ip helper-address 10.1.2.1 dhcp Example 3: Enable IP Helper - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 95
8: Show IP Helper Statistics The following command shows IP Helper configurations: console#show ip helper statistics DHCP client messages received 8 DHCP client messages relayed 2 DHCP server messages received 2 DHCP server messages relayed 2 UDP client messages received 8 UDP client messages - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 96
96 Routing Configuration - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 97
configuration scenarios for the following features: • "802.1x Network Access Control" on page 97 • "802.1X Authentication and VLANs" on page 100 • "802.1x MAC Authentication Bypass (MAB)" on page 103 • "Authentication Server access by supplicants or users to the services offered by a system. - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 98
M6220/M6348/M8024 switches support the authenticator role only, User Service (RADIUS) • Terminal Access Controller Access Control System (TACACS+) 802.1x Network Access Control Examples This section contains examples of the CLI commands used to configure 802.1X. Example #1: Configure RADIUS Server - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 99
Configured Authentication Servers : 1 Configured Accounting Servers : 0 Named Authentication Server Groups : 1 Named Accounting Server switches support MAC- authenticates separately with the RADIUS server. The following command enables MAC 1X authentication. console#configure console(config)#interface - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 100
30 Maximum Requests 2 Max Users 3 VLAN Assigned 10 Supplicant Timeout 30 Server Timeout (secs 30 Logical Port type of 802.1X authentication a client uses when it accesses the switch. The RADIUS server or IEEE 802.1X Authenticator can provide information to the switch about which VLAN to assign - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 101
the RADIUS server or 802.1X authenticator. If you use an external RADIUS server to manage VLANs, you configure the server to use Tunnel Guest VLAN feature allows a switch to provide a distinguished service to unauthenticated users. This feature provides a mechanism to allow visitors and contractors - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 102
this example allows the switch to accept VLAN assignment by the RADIUS server. NOTE: The feature is available in release 2.1 and later. console . NOTE: Define the VLAN before configuring an interface to use it as the guest VLAN. console#configure console(config)#interface ethernet 1/g20 console - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 103
server. MAB only works when the port control mode of the port is mac-based. MAB uses the 802.1x infrastructure, and it cannot be supported independent of the Dot1x component. Operation in the Network Mac Authentication Bypass (MAB) can be configured assigned VLAN or apply a specific Filter ID to the - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 104
Figure 5-2. MAB Operation - Authentications Based on MAC Address in Database CLI Examples Example 1: Enable/Disable MAB To enable/disable MAB on interface 1/5, use the following commands: console(config-if-1/g5)#dot1x mac-auth-bypass console(config-if-1/g5)#no dot1x mac-auth-bypass 104 Device - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 105
Control -------TRUE Reauth Period ---------300 Quiet Period 60 Transmit Period 30 Maximum Requests 2 Max Users 16 Supplicant Timeout 30 Server Timeout (secs 30 MAB mode (configured Enabled MAB mode (operational Enabled Logical Port ------64 Supplicant MAC-Address 0012.43D1.D19F AuthPAE - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 106
users and allowing authorized users to access specific resources. ACLs can also provide traffic flow control, restrict contents of routing updates rule. When you configure ACL Logging, you augment the ACL deny rule specification with a "log" parameter that enables hardware hit count collection and - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 107
traffic not specifically permitted by the ACL is denied access. NOTE: Although the maximum number of ACLs is 100, and the maximum number of rules per ACL is 127, the system cannot support 100 ACLs that each have 127 rules. MAC ACLs MAC ACLs are Layer 2 ACLs. You can configure the rules to - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 108
Packet • IP DSCP • IP Precedence • IP TOS • Protocol • Source IP with wildcard mask • Source L4 port • Destination Layer 4 port ACL Configuration Process To configure ACLs, follow these steps: 1 Create a MAC ACL by specifying a name. 2 Create an IP ACL by specifying a number. 3 Add new rules to - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 109
Figure 5-3. IP ACL Example Network Diagram Example #1: Create an ACL and Define an ACL Rule This command creates an ACL named list1 and configures a rule for the ACL. After the mask has been applied, it permits packets carrying TCP traffic that matches the specified Source IP address, and sends - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 110
(config)#mac access-list extended mac1 console(config)#exit Example #5: Specify MAC ACL Attributes console(config-mac-access-list)#deny ? any Configure a match condition for all the source MAC addresses in the Source MAC Address field. Enter a MAC Address. console(config-mac-access-list - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 111
to execute the command. console(config-mac-access-list)#deny any 00:11:22:33:44:55 00:00:00:00:FF:FF log Example #6 Configure MAC Access Group console(config)#interface ethernet 1/g5 console(config-if-1/g5)#mac access-group mac1 ? in Enter the direction . Press enter to - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 112
source MAC addresses in the Source MAC Address field. Enter a MAC Address. console(config-mac-access-list)#permit any ? any bpdu Configure a match condition for all the destination MAC addresses in the Destination MAC Address field. Match on any BPDU destination MAC Address. Enter a MAC - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 113
Server-can greatly simplify the authentication and management of users in a large network. One such type of Authentication Server supports the Remote Authentication Dial In User Service a pre-configured RADIUS server. The server can authenticate the user itself, or make use of a back-end device to - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 114
server has a unique shared secret key. The shared secrets are configured to be secret1 and secret2 respectively. The server at 10.10.10.10 is configured as the primary server the event that the RADIUS server cannot be contacted. Figure 5-4. RADIUS Servers in a Network When a user attempts to log in, - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 115
login, the NAS (Network Access Server) prompts for the user login credentials and requests services from the TACACS+ client. The client then uses the configured list of servers for authentication, and provides results back to the NAS. You can configure the TACACS+ server list with one or more hosts - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 116
Figure 5-5. PowerConnect M6220/M6348/M8024 Switches with TACACS+ When a user attempts to log into the switch, the NAS or switch prompts for a username and password. The switch attempts to communicate with the highest priority configured TACACS+ server at 10.10.10.10. Upon successful connection with - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 117
allows client access only on user verification. Verification can be configured to allow access for guest and authenticated users. Users must be validated against a database of authorized captive portal users locally or through a radius client. The Authentication server supports both HTTP and HTTPS - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 118
guest users; users that do not have assigned user names and passwords. User verification can also be configured to allow access for authenticated users. Authenticated users are required to enter a valid user name and password that are validated against the local database or a RADIUS server. Network - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 119
only allow a subset of users access to a specific captive portal instance. Network access is granted upon successful verification of user credentials. A remote RADIUS server can be used for client authentication. RADIUS authentication and accounting servers are configured separately from the captive - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 120
method is part of the captive portal configuration, therefore the locale specific web pages for any given configuration are of the same verification type (Guest, Local, or RADIUS). The authentication server generates user verification pages upon receipt of a specific URL request. The URL provides an - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 121
not for the end user (it is intended to be read by the text-based configuration). The following data specific Captive Portal CLI show commands. The local user database passwords appear in encrypted format when the user issues "show runningconfig". Dedicated CLI commands accept password configuration - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 122
client. Captive Portal Statistics Client session statistics are available for both guest and authenticated users.Client statistics are used to enforce the idle timeout and other limits configured for the user and captive portal instance. Client statistics may not be cleared by the administrator - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 123
...... 300 Authentication Timeout 600 Supported Captive Portals 10 Configured Captive Portals 2 Active Captive Portals 1 System Supported Users 1024 Local Supported Users 128 Authenticated Users 0 Example 7: Modify the Default Captive Portal Configuration (Change Verification Method to - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 124
the following command: console#show captive-portal user Session User ID User Name Timeout 1 user1 14400 Idle Timeout -------0 Group ID -------1 Group Name ---------Default Example 8: Associate an Interface with a Captive Portal Configuration To associate an interface with a Captive - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 125
CP ID 1 CP Name Default Client MAC Address 00:12:79:BF:94:7A Client IP Address Interface Interface Description 192.168.1.10 1/g18 Slot: 1 Port: 18 Gigabit - Level This command shows a statistics for the above client #show captive-portal client 00:12:79:BF:94:7A statistics Client MAC - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 126
126 Device Security - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 127
subnet) and a device interface specific portion (host). While the length of the network portion is still variable, most users have standardized on using a software supports stateless auto configuration of end nodes. The switch supports both EUI-64 interface identifiers and manually configured - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 128
identifier, to auto configure a host's address. Routers have their network prefixes configured and may use EUI64 or manually configured interface IDs. In traverse an IPv4 network and has the IPv4 headers removed at the other end of the tunnel. CLI Example In Figure 6-1, two devices are connected as - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 129
ipv6 router ospf router-id 1.1.1.1 exit interface vlan 15 routing ip address 20.20.20.1 255.255.255.0 ip ospf area 0.0.0.0 exit interface vlan 2 routing ipv6 enable ipv6 address 2020:1::1/64 ipv6 ospf ipv6 ospf network point-to-point exit interface tunnel 0 ipv6 address 2001::1/64 tunnel mode ipv6ip - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 130
in that it is less relied upon for IP address assignment. DHCPv6 server and client interactions are described by RFC 3315 [6]. There are many server behavior. In order for a router to drive a DHCPv6 client to utilize stateless DHCPv6, the "other stateful configuration" option must be configured - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 131
as /64) In Figure 6-2, the PE router acts as Prefix Delegation server and defines one or more "general" prefixes to delegate to a CPE router acting as a Prefix Delegation client. The CPE router then can then allocate more specific addresses within the given general prefix range to assign to its - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 132
DHCPv6 pool configuration: console# config ipv6 dhcp pool testpool domain-name dell.com dns-server 2001::1 exit exit Per-interface DHCPv6 configuration: console#config interface vlan 15 ipv6 dhcp server testpool preference 10 exit exit 132 IPv6 - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 133
of traffic over others. To set up this preferential treatment, you can configure the ingress ports, the egress ports, and individual queues on the egress ports to provide customization that suits your environment. The level of service is determined by the egress port queue to which the traffic is - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 134
Weighted scheduling requires a specification supports the tail drop method of queue management. This means that any packet forwarded to a full queue is dropped regardless of its importance. CLI Examples Figure 7-1 illustrates the network operation as it relates to CoS mapping and queue configuration - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 135
you configured the egress Port 1/g8 for strict priority on queue 6, and a set a weighted scheduling scheme for queues 5-0. Assuming queue 5 has a higher weighting than queue 1 (relative weight values shown as a percentage, with 0% indicating the bandwidth is not guaranteed), the queue service order - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 136
System Diagram PPoorrtt 11//0g/1100 Portt11//0g/8 Server You will configure the ingress interface uniquely for all cos-queue rate of 80 Kbps (assuming a 100Mbps link speed), you would add a simple configuration line expressing the shaping rate as a percentage of link speed. console#config interface - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 137
does not support DiffServ in the outbound direction. During configuration, you define DiffServ rules in terms of classes, policies and services: • Class stream to a specific egress interface (physical port or LAG). PowerConnect M6220/M6348/M8024 switch software supports the Traffic Conditioning - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 138
• Service - Assigns a policy to an interface for inbound traffic. CLI Example the Internet. Figure 7-3. DiffServ Internet Access Example Network Diagram Example #1: DiffServ Inbound Configuration Ensure DiffServ operation is enabled for the switch. console#config diffserv Create a DiffServ class - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 139
g1 through 1/g4 in the inbound direction interface ethernet 1/g1 service-policy in internet_access exit interface ethernet 1/g2 service-policy in internet_access exit interface ethernet 1/g3 service-policy in internet_access exit interface ethernet 1/g4 service-policy in internet_access Quality of - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 140
0 25 25 25 25 0 0 exit exit DiffServ for VoIP Configuration Example One of the most valuable uses of DiffServ is to support Voice over IP (VoIP). VoIP traffic is inherently time-sensitive: for a network to provide acceptable service, a guaranteed transmission rate is vital. This example shows one - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 141
Figure 7-4. DiffServ VoIP Example Network Diagram Quality of Service 141 - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 142
Example #2: Configuring DiffServ VoIP Support Enter Global Config mode. Set queue 6 on all ports to use strict priority mode. ip-dscp ef assign-queue 5 exit exit Attach the defined policy to an inbound service interface. interface ethernet 1/g1 service-policy in pol_voip exit exit 142 Quality of - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 143
that are required to reach a destination group member. Protocols such as DVMRP, and PIM handle this function. This section describes the following multicast protocols: • "IGMP Configuration" on page 144 • "IGMP Proxy" on page 144 • "DVMRP" on page 146 • "PIM" on page 148 Multicast 143 - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 144
interested receivers. Refer to those sections for configuration instructions. IGMP Proxy IGMP proxy enables a support for features like reverse path forwarding (RPF) to correct packet route loops. The proxy contains many downstream interfaces and a unique upstream interface explicitly configured - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 145
the forwarding decision for subsequent multicast packets with same combination of source and group. CLI Examples The CLI component of the Dell switch allows the end users to configure the network device and to view device settings and statistics using a serial interface or telnet session. Example - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 146
Protocol (DVMRP) is one of several multicast routing protocols you can configure on the switch (PIM-SM and PIM-DM are the others). Note and constructs a forwarding table based on information it learns in response. More specifically, it uses this sequence. • A new multicast packet is forwarded to - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 147
when there are no directly connected hosts). Next, DVMRP is globally enabled. Finally, DVMRP, IGMP, and OSPF are enabled on several interfaces. console#configure router ospf router-id 3.3.1.1 exit ip routing ip multicast ip igmp ip dvmrp interface vlan 15 routing ip address 3.3.3.1 255.255.255.0 ip - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 148
provide the shortest, most optimal path. In such cases, PIM-SM provides a means to switch to more efficient source-specific trees. A data threshold rate is configured to determine when to switch from shared-tree to source-tree. PIM-SM uses a Bootstrap Router (BSR), which advertises information - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 149
, IGMP, PIM-SM, and OSPF on one or more interfaces. console#configure router ospf router-id 3.3.1.1 exit ip routing ip multicast ip igmp ip pimsm do not have any downstream neighbors send back Prune messages that instruct the upstream router to remove that multicast route from its forwarding - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 150
router and globally enable IP routing, multicast, IGMP, and PIM-DM. Next, enable routing, IGMP, PIM-DM, and OSPF on one more interfaces. console#configure router ospf router-id 3.3.1.1 exit ip routing ip multicast ip igmp ip pimdm interface vlan 1 routing ip address 3.3.3.1 255.255.255.0 ip pimdm ip - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 151
administrator must explicitly issue a save request in order to save the configuration. The Auto Config process depends upon the configuration of other devices in the network, including: • DHCP or BOOTP server • TFTP server • DNS server (if necessary) IP Address Assignment If BOOTP or DHCP is enabled - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 152
bootfile cannot be found. • a failure occurs in the host-specific configuration file download. • the switch was not provided a specific bootfile name by the DHCP server. The switch unicasts or broadcasts TFTP requests for a network configuration file in the same manner as the attempts to download - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 153
files which may be downloaded, and the order in which they are sought. Table 9-1. Configuration File Possibilities Order Sought File Name Description 1 .cfg Host-specific config file, ending in a *.cfg file extension 2 fp-net.cfg Default network config file 3 .cfg Host - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 154
or when the requisite configuration files are configured on TFTP servers. Termination of the Auto Config process ends further periodic requests for a host-specific file. Managing Downloaded Config Files The configuration files downloaded by Auto Config are stored in the nonvolatile memory. The files - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 155
Configuration Considerations Specifying a Default Router Some network configurations require the specification of Services The Auto Config process depends upon the following network services: • A DHCP or BOOTP server must be configured on the network with appropriate services. • A configuration - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 156
" file, receiving the file, or timing out of that request. Filenames, server IP addresses, and hostnames are logged. • Applying a config script. • hostname of the switch. After the DNS client resolves the hostname, it configures the SIM with the hostname. The Auto Config component queries the SIM to - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 157
file is not distributed across a stack. When an administrator saves configuration, the config file is distributed across a stack. CLI Examples Example 1: Show Auto Config Process To display the current status of the Auto Config process, use - Dell PowerEdge M520 | Dell PowerConnect M6220/M6348/M8024 Switches Configuration - Page 158
Example 2: Enable Auto Config To start or stop Auto Config on the switch, use the following commands: console#boot host dhcp console#no boot host dhcp 158 Utility
www.dell.com | support.dell.com
Dellâ„¢ PowerConnectâ„¢
M6220/M6348/M8024
Switches
Configuration Guide
Model PCM6220/PCM6348/PCM8024