Home » Dell Manuals » Hubs & Switches » Dell PowerSwitch S4820T » Manual Viewer

Dell PowerSwitch S4820T Configuration Guide for the S4820T System 9.100.0 - Page 895

All system management protocols are supported on VLT ports, including SNMP, RMON, AAA, ACL, DNS, FTP

View all Dell PowerSwitch S4820T manuals

Add to My Manuals
Save this manual to your list of manuals

Page 895 highlights

• If the link between the VLT peer switches is established, changing the VLT system MAC address or the VLT unit-id causes the link between the VLT peer switches to become disabled. However, removing the VLT system MAC address or the VLT unit-id may disable the VLT ports if you happen to configure the unit ID or system MAC address on only one VLT peer at any time. • If the link between VLT peer switches is established, any change to the VLT system MAC address or unit-id fails if the changes made create a mismatch by causing the VLT unit-ID to be the same on both peers and/or the VLT system MAC address does not match on both peers. • If you replace a VLT peer node, preconfigure the switch with the VLT system MAC address, unit-id, and other VLT parameters before connecting it to the existing VLT peer switch using the VLTi connection. • If the size of the MTU for VLTi members is less than 1496 bytes, MAC addresses may not be synced. Dell Networking recommends retaining the default MTU allocation (1554 bytes) for VLTi members. • VLT backup link • In the backup link between peer switches, heartbeat messages are exchanged between the two chassis for health checks. The default time interval between heartbeat messages over the backup link is 1 second. You can configure this interval. The range is from 1 to 5 seconds. DSCP marking on heartbeat messages is CS6. • In order that the chassis backup link does not share the same physical path as the interconnect trunk, Dell Networking recommends using the management ports on the chassis and traverse an out-of-band management network. The backup link can use user ports, but not the same ports the interconnect trunk uses. • The chassis backup link does not carry control plane information or data traffic. Its use is restricted to health checks only. • Virtual link trunks (VLTs) between access devices and VLT peer switches • To connect servers and access switches with VLT peer switches, you use a VLT port channel, as shown in Overview. Up to 48 portchannels are supported; up to 16 member links are supported in each port channel between the VLT domain and an access device. • The discovery protocol running between VLT peers automatically generates the ID number of the port channel that connects an access device and a VLT switch. The discovery protocol uses LACP properties to identify connectivity to a common client device and automatically generates a VLT number for port channels on VLT peers that connects to the device. The discovery protocol requires that an attached device always runs LACP over the port-channel interface. • VLT provides a loop-free topology for port channels with endpoints on different chassis in the VLT domain. • VLT uses shortest path routing so that traffic destined to hosts via directly attached links on a chassis does not traverse the chassis-interconnect link. • VLT allows multiple active parallel paths from access switches to VLT chassis. • VLT supports port-channel links with LACP between access switches and VLT peer switches. Dell Networking recommends using static port channels on VLTi. • If VLTi connectivity with a peer is lost but the VLT backup connectivity indicates that the peer is still alive, the VLT ports on the Secondary peer are orphaned and are shut down. • In one possible topology, a switch uses the BMP feature to receive its IP address, configuration files, and boot image from a DHCP server that connects to the switch through the VLT domain. In the port-channel used by the switch to connect to the VLT domain, configure the port interfaces on each VLT peer as hybrid ports before adding them to the port channel (see Connecting a VLT Domain to an Attached Access Device (Switch or Server)). To configure a port in Hybrid mode so that it can carry untagged, single-tagged, and double-tagged traffic, use the portmode hybrid command in Interface Configuration mode as described in Configuring Native VLANs. • For example, if the DHCP server is on the ToR and VLTi (ICL) is down (due to either an unavailable peer or a link failure), whether you configured the VLT LAG as static or LACP, when a single VLT peer is rebooted in BMP mode, it cannot reach the DHCP server, resulting in BMP failure. • Software features supported on VLT port-channels • In a VLT domain, the following software features are supported on VLT port-channels: 802.1p, ingress and egress ACLs, BGP, DHCP relay, IS-IS, OSPF, active-active PIM-SM, PIM-SSM, VRRP, Layer 3 VLANs, LLDP, flow control, port monitoring, jumbo frames, IGMP snooping, sFlow, ingress and egress ACLs, and Layer 2 control protocols RSTP and PVST only. NOTE: Peer VLAN spanning tree plus (PVST+) passthrough is supported in a VLT domain. PVST+ BPDUs does not result in an interface shutdown. PVST+ BPDUs for a nondefault VLAN is flooded out as any other L2 multicast packet. On a default VLAN, RTSP is part of the PVST+ topology in that specific VLAN (default VLAN). • In a VLT domain, ingress and egress QoS policies are supported on physical VLT ports, which can be members of VLT port channels in the domain. • Ingress and egress QoS policies applied on VLT ports must be the same on both VLT peers. • Apply the same ingress and egress QoS policies on VLTi (ICL) member ports to handle failed links. • For detailed information about how to use VRRP in a VLT domain, see the following VLT and VRRP interoperability section. • For information about configuring IGMP Snooping in a VLT domain, see VLT and IGMP Snooping. • All system management protocols are supported on VLT ports, including SNMP, RMON, AAA, ACL, DNS, FTP, SSH, Syslog, NTP, RADIUS, SCP, TACACS+, Telnet, and LLDP. Virtual Link Trunking (VLT) 895

Section	Page
Dell Configuration Guide for the S4820T System 9.10(0.0)	3
About this Guide	32
Audience	32
Conventions	32
Related Documents	32
Configuration Fundamentals	33
Accessing the Command Line	33
CLI Modes	33
Navigating CLI Modes	35
The do Command	37
Undoing Commands	38
Obtaining Help	38
Entering and Editing Commands	39
Command History	40
Filtering show Command Outputs	40
Example of the grep Keyword	40
Multiple Users in Configuration Mode	41
Getting Started	42
Console Access	43
Serial Console	43
Accessing the CLI Interface and Running Scripts Using SSH	44
Entering CLI commands Using an SSH Connection	44
Executing Local CLI Scripts Using an SSH Connection	44
Default Configuration	45
Configuring a Host Name	45
Accessing the System Remotely	45
Accessing the System Remotely	45
Configure the Management Port IP Address	45
Configure a Management Route	46
Configuring a Username and Password	46
Configuring the Enable Password	46
Configuration File Management	47
Copy Files to and from the System	47
Mounting an NFS File System	48
Save the Running-Configuration	49
Configure the Overload Bit for a Startup Scenario	50
Viewing Files	50
Managing the File System	51
Enabling Software Features on Devices Using a Command Option	51
View Command History	52
Upgrading Dell Networking OS	52
Using HTTP for File Transfers	52
Verify Software Images Before Installation	53
Management	55
Configuring Privilege Levels	55
Creating a Custom Privilege Level	55
Removing a Command from EXEC Mode	56
Moving a Command from EXEC Privilege Mode to EXEC Mode	56
Allowing Access to CONFIGURATION Mode Commands	56
Allowing Access to Different Modes	56
Applying a Privilege Level to a Username	58
Applying a Privilege Level to a Terminal Line	58
Configuring Logging	58
Audit and Security Logs	59
Configuring Logging Format	60
Display the Logging Buffer and the Logging Configuration	61
Setting Up a Secure Connection to a Syslog Server	61
Log Messages in the Internal Buffer	63
Configuration Task List for System Log Management	63
Disabling System Logging	63
Sending System Messages to a Syslog Server	63
Configuring a UNIX System as a Syslog Server	63
Track Login Activity	64
Restrictions for Tracking Login Activity	64
Configuring Login Activity Tracking	64
Display Login Statistics	65
Limit Concurrent Login Sessions	66
Restrictions for Limiting the Number of Concurrent Sessions	66
Configuring Concurrent Session Limit	66
Enabling the System to Clear Existing Sessions	67
Changing System Logging Settings	67
Display the Logging Buffer and the Logging Configuration	68
Configuring a UNIX Logging Facility Level	69
Synchronizing Log Messages	70
Enabling Timestamp on Syslog Messages	70
File Transfer Services	71
Configuration Task List for File Transfer Services	71
Enabling the FTP Server	71
Configuring FTP Server Parameters	72
Configuring FTP Client Parameters	72
Terminal Lines	73
Denying and Permitting Access to a Terminal Line	73
Configuring Login Authentication for Terminal Lines	74
Setting Timeout for EXEC Privilege Mode	75
Using Telnet to get to Another Network Device	75
Lock CONFIGURATION Mode	76
Viewing the Configuration Lock Status	76
Recovering from a Forgotten Password	76
Recovering from a Forgotten Enable Password	77
Recovering from a Failed Start	78
Restoring the Factory Default Settings	78
Important Points to Remember	79
Restoring Factory Default Environment Variables	79
802.1X	81
Port-Authentication Process	83
EAP over RADIUS	84
Configuring 802.1X	84
Related Configuration Tasks	84
Important Points to Remember	84
Enabling 802.1X	85
Configuring MAC addresses for a do1x Profile	86
Configuring Request Identity Re-Transmissions	87
Configuring a Quiet Period after a Failed Authentication	87
Forcibly Authorizing or Unauthorizing a Port	88
Re-Authenticating a Port	89
Configuring Timeouts	90
Configuring Dynamic VLAN Assignment with Port Authentication	91
Guest and Authentication-Fail VLANs	92
Configuring a Guest VLAN	92
Configuring an Authentication-Fail VLAN	92
Configuring dot1x Profile	93
Configuring the Static MAB and MAB Profile	94
Configuring Critical VLAN	94
Access Control List (ACL) VLAN Groups and Content Addressable Memory (CAM)	96
Optimizing CAM Utilization During the Attachment of ACLs to VLANs	96
Guidelines for Configuring ACL VLAN Groups	97
Configuring ACL VLAN Groups and Configuring FP Blocks for VLAN Parameters	97
Viewing CAM Usage	99
Allocating FP Blocks for VLAN Processes	100
Access Control Lists (ACLs)	101
IP Access Control Lists (ACLs)	102
CAM Usage	102
Implementing ACLs on Dell Networking OS	103
IP Fragment Handling	105
IP Fragments ACL Examples	105
Layer 4 ACL Rules Examples	105
Configure a Standard IP ACL	106
Configuring a Standard IP ACL Filter	107
Configure an Extended IP ACL	108
Configuring Filters with a Sequence Number	108
Configuring Filters Without a Sequence Number	109
Configure Layer 2 and Layer 3 ACLs	110
Assign an IP ACL to an Interface	110
Applying an IP ACL	111
Counting ACL Hits	111
Configure Ingress ACLs	112
Configure Egress ACLs	112
Applying Egress Layer 3 ACLs (Control-Plane)	113
IP Prefix Lists	113
Implementation Information	114
Configuration Task List for Prefix Lists	114
ACL Resequencing	117
Resequencing an ACL or Prefix List	118
Route Maps	119
Implementation Information	119
Important Points to Remember	119
Configuration Task List for Route Maps	120
Configuring Match Routes	122
Configuring Set Conditions	123
Configure a Route Map for Route Redistribution	124
Configure a Route Map for Route Tagging	124
Continue Clause	125
Logging of ACL Processes	125
Guidelines for Configuring ACL Logging	126
Configuring ACL Logging	126
Flow-Based Monitoring Support for ACLs	127
Behavior of Flow-Based Monitoring	127
Enabling Flow-Based Monitoring	128
Bidirectional Forwarding Detection (BFD)	130
How BFD Works	130
BFD Packet Format	131
BFD Sessions	132
BFD Three-Way Handshake	133
Session State Changes	135
Important Points to Remember	135
Configure BFD	135
Configure BFD for Physical Ports	136
Configure BFD for Static Routes	139
Configure BFD for OSPF	141
Configure BFD for OSPFv3	143
Configure BFD for IS-IS	145
Configure BFD for BGP	147
Configure BFD for VRRP	154
Configuring Protocol Liveness	156
Troubleshooting BFD	156
Border Gateway Protocol IPv4 (BGPv4)	158
Autonomous Systems (AS)	158
Sessions and Peers	160
Establish a Session	160
Route Reflectors	161
BGP Attributes	162
Best Path Selection Criteria	162
Weight	164
Local Preference	164
Multi-Exit Discriminators (MEDs)	165
Origin	166
AS Path	166
Next Hop	167
Multiprotocol BGP	167
Implement BGP with Dell Networking OS	168
Additional Path (Add-Path) Support	168
Advertise IGP Cost as MED for Redistributed Routes	168
Ignore Router-ID in Best-Path Calculation	169
Four-Byte AS Numbers	169
AS4 Number Representation	169
AS Number Migration	171
BGP4 Management Information Base (MIB)	172
Important Points to Remember	172
Configuration Information	173
BGP Configuration	173
Enabling BGP	174
Configuring AS4 Number Representations	177
Configuring Peer Groups	178
Configuring BGP Fast Fall-Over	181
Configuring Passive Peering	182
Maintaining Existing AS Numbers During an AS Migration	183
Allowing an AS Number to Appear in its Own AS Path	184
Enabling Graceful Restart	185
Enabling Neighbor Graceful Restart	186
Filtering on an AS-Path Attribute	186
Regular Expressions as Filters	187
Redistributing Routes	189
Enabling Additional Paths	189
Configuring IP Community Lists	190
Configuring an IP Extended Community List	191
Filtering Routes with Community Lists	192
Manipulating the COMMUNITY Attribute	192
Changing MED Attributes	194
Changing the LOCAL_PREFERENCE Attribute	194
Changing the NEXT_HOP Attribute	195
Changing the WEIGHT Attribute	195
Enabling Multipath	196
Filtering BGP Routes	196
Filtering BGP Routes Using Route Maps	197
Filtering BGP Routes Using AS-PATH Information	198
Configuring BGP Route Reflectors	198
Aggregating Routes	199
Configuring BGP Confederations	199
Enabling Route Flap Dampening	200
Changing BGP Timers	202
Enabling BGP Neighbor Soft-Reconfiguration	203
Route Map Continue	204
Enabling MBGP Configurations	204
BGP Regular Expression Optimization	205
Debugging BGP	205
Storing Last and Bad PDUs	206
Capturing PDUs	207
PDU Counters	208
Sample Configurations	208
Content Addressable Memory (CAM)	214
CAM Allocation	214
Test CAM Usage	216
View CAM Profiles	216
View CAM-ACL Settings	217
View CAM Usage	218
CAM Optimization	219
Troubleshoot CAM Profiling	219
CAM Profile Mismatches	219
QoS CAM Region Limitation	219
Control Plane Policing (CoPP)	220
Configure Control Plane Policing	221
Configuring CoPP for Protocols	222
Configuring CoPP for CPU Queues	224
CoPP for OSPFv3 Packets	225
Configuring CoPP for OSPFv3	227
Displaying CoPP Configuration	228
Data Center Bridging (DCB)	230
Ethernet Enhancements in Data Center Bridging	230
Priority-Based Flow Control	231
Enhanced Transmission Selection	232
Data Center Bridging Exchange Protocol (DCBx)	233
Data Center Bridging in a Traffic Flow	234
Enabling Data Center Bridging	234
DCB Maps and its Attributes	235
Data Center Bridging: Default Configuration	236
Configuring Priority-Based Flow Control	236
Configuring Lossless Queues	237
Configuring PFC in a DCB Map	238
PFC Configuration Notes	238
PFC Prerequisites and Restrictions	239
Applying a DCB Map on a Port	239
Configuring PFC without a DCB Map	240
Configuring Lossless QueuesExample:	240
Priority-Based Flow Control Using Dynamic Buffer Method	241
Pause and Resume of Traffic	241
Buffer Sizes for Lossless or PFC Packets	242
Behavior of Tagged Packets	242
Configuration Example for DSCP and PFC Priorities	243
Using PFC to Manage Converged Ethernet Traffic	243
Configure Enhanced Transmission Selection	244
ETS Prerequisites and Restrictions	244
Creating an ETS Priority Group	244
ETS Operation with DCBx	245
Configuring Bandwidth Allocation for DCBx CIN	246
Configuring ETS in a DCB Map	246
Hierarchical Scheduling in ETS Output Policies	248
Using ETS to Manage Converged Ethernet Traffic	248
Applying DCB Policies in a Switch Stack	248
Configure a DCBx Operation	248
DCBx Operation	249
DCBx Port Roles	249
DCB Configuration Exchange	250
Configuration Source Election	251
Propagation of DCB Information	251
Auto-Detection and Manual Configuration of the DCBx Version	251
DCBx Example	252
DCBx Prerequisites and Restrictions	252
Configuring DCBx	253
Verifying the DCB Configuration	256
Sample DCB Configuration	264
PFC and ETS Configuration Command Examples	266
QoS dot1p Traffic Classification and Queue Assignment	266
Configuring the Dynamic Buffer Method	267
Dynamic Host Configuration Protocol (DHCP)	269
DHCP Packet Format and Options	269
Assign an IP Address using DHCP	271
Implementation Information	272
Configure the System to be a DHCP Server	272
Configuring the Server for Automatic Address Allocation	273
Specifying a Default Gateway	274
Configure a Method of Hostname Resolution	274
Using DNS for Address Resolution	274
Using NetBIOS WINS for Address Resolution	275
Creating Manual Binding Entries	275
Debugging the DHCP Server	275
Using DHCP Clear Commands	276
Configure the System to be a Relay Agent	276
Configure the System to be a DHCP Client	277
DHCP Client Operation with Other Features	278
DHCP Client on a Management Interface	279
Configure the System for User Port Stacking (Option 230)	279
Configure Secure DHCP	280
Option 82	280
DHCP Snooping	281
Configuring the DHCP secondary-subnet	284
Drop DHCP Packets on Snooped VLANs Only	284
Dynamic ARP Inspection	285
Configuring Dynamic ARP Inspection	286
Source Address Validation	287
Enabling IP Source Address Validation	287
DHCP MAC Source Address Validation	288
Enabling IP+MAC Source Address Validation	288
Viewing the Number of SAV Dropped Packets	289
Clearing the Number of SAV Dropped Packets	289
Equal Cost Multi-Path (ECMP)	290
ECMP for Flow-Based Affinity	290
Configuring the Hash Algorithm	290
Enabling Deterministic ECMP Next Hop	290
Configuring the Hash Algorithm Seed	291
Link Bundle Monitoring	291
Managing ECMP Group Paths	292
Creating an ECMP Group Bundle	292
Modifying the ECMP Group Threshold	292
RTAG7	293
Flow-based Hashing for ECMP	294
FIP Snooping	297
Fibre Channel over Ethernet	297
Ensure Robustness in a Converged Ethernet Network	297
FIP Snooping on Ethernet Bridges	299
FIP Snooping in a Switch Stack	300
Using FIP Snooping	301
FIP Snooping Prerequisites	301
Important Points to Remember	301
Enabling the FCoE Transit Feature	302
Enable FIP Snooping on VLANs	302
Configure the FC-MAP Value	303
Configure a Port for a Bridge-to-Bridge Link	303
Configure a Port for a Bridge-to-FCF Link	303
Impact on Other Software Features	303
FIP Snooping Restrictions	304
Configuring FIP Snooping	304
Displaying FIP Snooping Information	305
FCoE Transit Configuration Example	310
FIPS Cryptography	312
Configuration Tasks	312
Preparing the System	312
Enabling FIPS Mode	313
Generating Host-Keys	313
Monitoring FIPS Mode Status	313
Disabling FIPS Mode	314
Force10 Resilient Ring Protocol (FRRP)	315
Protocol Overview	315
Ring Status	316
Multiple FRRP Rings	316
Important FRRP Points	317
Important FRRP Concepts	318
Implementing FRRP	319
FRRP Configuration	319
Creating the FRRP Group	319
Configuring the Control VLAN	319
Configuring and Adding the Member VLANs	320
Setting the FRRP Timers	321
Clearing the FRRP Counters	322
Viewing the FRRP Configuration	322
Viewing the FRRP Information	322
Troubleshooting FRRP	322
Configuration Checks	322
Sample Configuration and Topology	323
GARP VLAN Registration Protocol (GVRP)	325
Important Points to Remember	325
Configure GVRP	326
Related Configuration Tasks	326
Enabling GVRP Globally	326
Enabling GVRP on a Layer 2 Interface	327
Configure GVRP Registration	327
Configure a GARP Timer	328
RPM Redundancy	328
High Availability (HA)	329
Component Redundancy	329
RPM Redundancy	329
Automatic and Manual Stack Unit Failover	331
Support for RPM Redundancy by Dell Networking OS Version	332
Synchronization between Management and Standby Units	332
Configuring RPM Redundancy	332
Online Insertion and Removal	333
RPM Online Insertion and Removal	334
Linecard Online Insertion and Removal	334
Hitless Behavior	335
Graceful Restart	336
Software Resiliency	336
Software Component Health Monitoring	336
System Health Monitoring	336
Failure and Event Logging	336
Hot-Lock Behavior	337
Process Restartability	337
Enabling Process Restartability	338
Internet Group Management Protocol (IGMP)	339
IGMP Implementation Information	339
IGMP Protocol Overview	339
IGMP Version 2	339
IGMP Version 3	341
Configure IGMP	343
Related Configuration Tasks	344
Viewing IGMP Enabled Interfaces	344
Selecting an IGMP Version	344
Viewing IGMP Groups	345
Adjusting Timers	345
Adjusting Query and Response Timers	345
Enabling IGMP Immediate-Leave	346
IGMP Snooping	346
IGMP Snooping Implementation Information	346
Configuring IGMP Snooping	346
Removing a Group-Port Association	347
Disabling Multicast Flooding	347
Specifying a Port as Connected to a Multicast Router	348
Configuring the Switch as Querier	348
Fast Convergence after MSTP Topology Changes	349
Egress Interface Selection (EIS) for HTTP and IGMP Applications	349
Protocol Separation	349
Enabling and Disabling Management Egress Interface Selection	350
Handling of Management Route Configuration	351
Handling of Switch-Initiated Traffic	352
Handling of Switch-Destined Traffic	352
Handling of Transit Traffic (Traffic Separation)	353
Mapping of Management Applications and Traffic Type	353
Behavior of Various Applications for Switch-Initiated Traffic	354
Behavior of Various Applications for Switch-Destined Traffic	355
Interworking of EIS With Various Applications	356
Designating a Multicast Router Interface	356
Interfaces	357
Basic Interface Configuration	357
Advanced Interface Configuration	357
Interface Types	358
View Basic Interface Information	358
Resetting an Interface to its Factory Default State	360
Enabling a Physical Interface	360
Physical Interfaces	361
Configuration Task List for Physical Interfaces	361
Overview of Layer Modes	361
Configuring Layer 2 (Data Link) Mode	362
Configuring Layer 2 (Interface) Mode	362
Configuring Layer 3 (Network) Mode	362
Configuring Layer 3 (Interface) Mode	363
Egress Interface Selection (EIS)	364
Important Points to Remember	364
Configuring EIS	364
Management Interfaces	364
Configuring Management Interfaces	364
Configuring a Management Interface on an Ethernet Port	366
VLAN Interfaces	367
Loopback Interfaces	367
Null Interfaces	368
Port Channel Interfaces	368
Port Channel Definition and Standards	368
Port Channel Benefits	368
Port Channel Implementation	369
Interfaces in Port Channels	369
Configuration Tasks for Port Channel Interfaces	369
Creating a Port Channel	370
Adding a Physical Interface to a Port Channel	370
Reassigning an Interface to a New Port Channel	372
Configuring the Minimum Oper Up Links in a Port Channel	372
Adding or Removing a Port Channel from a VLAN	373
Assigning an IP Address to a Port Channel	374
Deleting or Disabling a Port Channel	374
Load Balancing Through Port Channels	374
Changing the Hash Algorithm	375
Bulk Configuration	376
Interface Range	376
Bulk Configuration Examples	376
Defining Interface Range Macros	377
Define the Interface Range	378
Choosing an Interface-Range Macro	378
Monitoring and Maintaining Interfaces	378
Maintenance Using TDR	379
Splitting QSFP Ports to SFP+ Ports	380
Converting a QSFP or QSFP+ Port to an SFP or SFP+ Port	380
Important Points to Remember	381
Example Scenarios	381
Configuring wavelength for 10–Gigabit SFP+ optics	384

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1,000
1,001
1,002
1,003
1,004
1,005
1,006
1,007
1,008
1,009
1,010
1,011
1,012
1,013

Match case Limit results 1 per page

•

If the link between the VLT peer switches is established, changing the VLT system MAC address or the VLT unit-id causes the link

between the VLT peer switches to become disabled. However, removing the VLT system MAC address or the VLT unit-id may

disable the VLT ports if you happen to

conﬁgure

the unit ID or system MAC address on only one VLT peer at any time.

•

If the link between VLT peer switches is established, any change to the VLT system MAC address or unit-id fails if the changes

made create a mismatch by causing the VLT unit-ID to be the same on both peers and/or the VLT system MAC address does not

match on both peers.

•

If you replace a VLT peer node,

preconﬁgure

the switch with the VLT system MAC address, unit-id, and other VLT parameters

before connecting it to the existing VLT peer switch using the VLTi connection.

•

If the size of the MTU for VLTi members is less than 1496 bytes, MAC addresses may not be synced. Dell Networking recommends

retaining the default MTU allocation (1554 bytes) for VLTi members.

•

VLT backup link

•

In the backup link between peer switches, heartbeat messages are exchanged between the two chassis for health checks. The

default time interval between heartbeat messages over the backup link is 1 second. You can

conﬁgure

this interval. The range is

from 1 to 5 seconds. DSCP marking on heartbeat messages is CS6.

•

In order that the chassis backup link does not share the same physical path as the interconnect trunk, Dell Networking recommends

using the management ports on the chassis and traverse an out-of-band management network. The backup link can use user ports,

but not the same ports the interconnect trunk uses.

•

The chassis backup link does not carry control plane information or data

traﬃc.

Its use is restricted to health checks only.

•

Virtual link trunks (VLTs) between access devices and VLT peer switches

•

To connect servers and access switches with VLT peer switches, you use a VLT port channel, as shown in

Overview

. Up to 48 port-

channels are supported; up to 16 member links are supported in each port channel between the VLT domain and an access device.

•

The discovery protocol running between VLT peers automatically generates the ID number of the port channel that connects an

access device and a VLT switch. The discovery protocol uses LACP properties to identify connectivity to a common client device

and automatically generates a VLT number for port channels on VLT peers that connects to the device. The discovery protocol

requires that an attached device always runs LACP over the port-channel interface.

•

VLT provides a loop-free topology for port channels with endpoints on

diﬀerent

chassis in the VLT domain.

•

VLT uses shortest path routing so that

traﬃc

destined to hosts via directly attached links on a chassis does not traverse the

chassis-interconnect link.

•

VLT allows multiple active parallel paths from access switches to VLT chassis.

•

VLT supports port-channel links with LACP between access switches and VLT peer switches. Dell Networking recommends using

static port channels on VLTi.

•

If VLTi connectivity with a peer is lost but the VLT backup connectivity indicates that the peer is still alive, the VLT ports on the

Secondary peer are orphaned and are shut down.

•

In one possible topology, a switch uses the BMP feature to receive its IP address,

conﬁguration

ﬁles,

and boot image from a

DHCP server that connects to the switch through the VLT domain. In the port-channel used by the switch to connect to the

VLT domain,

conﬁgure

the port interfaces on each VLT peer as hybrid ports before adding them to the port channel (see

Connecting a VLT Domain to an Attached Access Device (Switch or Server)

). To

conﬁgure

a port in Hybrid mode so that it can

carry untagged, single-tagged, and double-tagged

traﬃc,

use the

portmode hybrid

command in Interface

Conﬁguration

mode as described in

Conﬁguring

Native VLANs

•

For example, if the DHCP server is on the ToR and VLTi (ICL) is down (due to either an unavailable peer or a link failure),

whether you

conﬁgured

the VLT LAG as static or LACP, when a single VLT peer is rebooted in BMP mode, it cannot reach the

DHCP server, resulting in BMP failure.

•

Software features supported on VLT port-channels

•

In a VLT domain, the following software features are supported on VLT port-channels: 802.1p, ingress and egress ACLs, BGP, DHCP

relay, IS-IS, OSPF, active-active PIM-SM, PIM-SSM, VRRP, Layer 3 VLANs, LLDP,

ﬂow

control, port monitoring, jumbo frames,

IGMP snooping, sFlow, ingress and egress ACLs, and Layer 2 control protocols RSTP and PVST only.

NOTE:

Peer VLAN spanning tree plus (PVST+) passthrough is supported in a VLT domain. PVST+ BPDUs does not

result in an interface shutdown. PVST+ BPDUs for a nondefault VLAN is

ﬂooded

out as any other L2 multicast

packet. On a default VLAN, RTSP is part of the PVST+ topology in that

speciﬁc

VLAN (default VLAN).

•

In a VLT domain, ingress and egress QoS policies are supported on physical VLT ports, which can be members of VLT port channels

in the domain.

•

Ingress and egress QoS policies applied on VLT ports must be the same on both VLT peers.

•

Apply the same ingress and egress QoS policies on VLTi (ICL) member ports to handle failed links.

•

For detailed information about how to use VRRP in a VLT domain, see the following

VLT and VRRP interoperability

section.

•

For information about

conﬁguring

IGMP Snooping in a VLT domain, see

VLT and IGMP Snooping

•

All system management protocols are supported on VLT ports, including SNMP, RMON, AAA, ACL, DNS, FTP, SSH, Syslog, NTP,

RADIUS, SCP, TACACS+, Telnet, and LLDP.

Virtual Link Trunking (VLT)

895