Dell PowerSwitch S4128F-ON OS10 Enterprise Edition User Guide Release 10.4.1.0 - Page 579
Establish TLS connection
View all Dell PowerSwitch S4128F-ON manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 579 highlights
2 Configure the logical switch instance, of-switch-1. OS10# configure terminal OS10 (config)# openflow OS10 (config-openflow)# switch of-switch-1 b Option 2; for in-band management: 1 Configure one of the front-panel ports as the management port. OS10# configure terminal OS10 (config)# openflow OS10 (config-openflow)# in-band-mgmt interface ethernet 1/1/1 OS10 (config-openflow)# 2 Configure an IPv4 address on the front-panel management port. OS10# configure terminal OS10 (config)# interface ethernet 1/1/1 OS10 (conf-if-eth1/1/1)# ip address 11.1.1.1/24 OS10 (conf-if-eth1/1/1)# no shutdown 3 Configure the logical switch instance, of-switch-1. OS10# configure terminal OS10 (config)# openflow OS10 (config-openflow)# switch of-switch-1 4 Configure the OpenFlow controller to establish a connection with the logical switch instance. OS10 (config-openflow-switch)# controller ipv4 ip-address port port-id OS10 (config-openflow-switch)# controller ipv4 10.1.1.1 port 6633 where a.b.c.d is the IP address of the controller and port 6633 is for OpenFlow communication. 5 Enter the no shutdown command to enable the logical switch instance. OS10 (config-openflow-switch) no shutdown Establish TLS connection • Generate the switch and controller certificates from a server that supports public-key infrastructure (PKI). You need the following certificates: - Controller certificate - Switch certificate - Private key file to verify the switch certificate • The certificates and private key files must be in the Privacy-Enhanced Mail (PEM) format. For certificate-based authentication, you must establish a TLS connection between the switch and the controller before you configure OpenFlow on the switch. The following procedure explains how to install the controller and switch certificates on the OS10 switch. Refer to the controller documentation for information on how to install the certificates on the controller. NOTE: This procedure is optional. Use this procedure if you want to configure certificate-based authentication between the switch and the controller. 1 Log in to the OS10 switch with administrator credentials. 2 Enter the following command to copy the certificates to the OS10 switch. In the following commands, the destination path and the destination file name on the OS10 switch, for example, config://../ openflow/cacert.pem, remain the same in your deployment. Ensure that you enter the destination path and destination file names as specified in the following example: OS10# copy scp://username:password@server-ip/full-path-to-the-certificates/controllercert.pem config://../openflow/cacert.pem OS10# copy scp://username:password@server-ip/full-path-to-the-certificates/switch-cert.pem config://../openflow/sc-cert.pem OS10# copy scp://username:password@server-ip/full-path-to-the-certificates/switchprivkey.pem config://../openflow/sc-privkey.pem OpenFlow 579