Section |
Page |
About this Guide |
23 |
Objectives |
23 |
Audience |
23 |
Conventions |
24 |
Information Symbols |
24 |
Related Documents |
24 |
Configuration Fundamentals |
25 |
Accessing the Command Line |
25 |
CLI Modes |
26 |
Navigating CLI Modes |
27 |
The do Command |
30 |
Undoing Commands |
30 |
Obtaining Help |
31 |
Entering and Editing Commands |
31 |
Command History |
32 |
Filtering show Command Outputs |
33 |
Multiple Users in Configuration mode |
35 |
Getting Started |
37 |
Console access |
37 |
Serial console |
37 |
Accessing the RJ-45 console port with a DB-9 adapter |
38 |
Default Configuration |
38 |
Configure a Host Name |
39 |
Access the System Remotely |
39 |
Access the Z-Series, and the S-Series Remotely |
39 |
Configure the Management Port IP Address |
39 |
Configure a Management Route |
40 |
Configure a Username and Password |
40 |
Configure the Enable Password |
41 |
Configuration File Management |
42 |
Copy Files to and from the System |
42 |
Important Points to Remember |
42 |
Save the Running-configuration |
43 |
View Files |
44 |
View Configuration Files |
45 |
File System Management |
46 |
View command history |
47 |
Upgrading FTOS |
48 |
Management |
49 |
Configure Privilege Levels |
49 |
Create a Custom Privilege Level |
49 |
Removing a command from EXEC mode |
50 |
Move a command from EXEC privilege mode to EXEC mode |
50 |
Allow Access to CONFIGURATION mode commands |
50 |
Allow Access to INTERFACE, LINE, ROUTE-MAP, and ROUTER mode |
50 |
Apply a Privilege Level to a Username |
53 |
Apply a Privilege Level to a Terminal Line |
53 |
Configure Logging |
53 |
Log Messages in the Internal Buffer |
54 |
Configuration Task List for System Log Management |
54 |
Disable System Logging |
54 |
Send System Messages to a Syslog Server |
54 |
Configure a Unix System as a Syslog Server |
55 |
Change System Logging Settings |
55 |
Display the Logging Buffer and the Logging Configuration |
56 |
Configure a UNIX logging facility level |
57 |
Synchronize log messages |
58 |
Enable timestamp on syslog messages |
58 |
File Transfer Services |
59 |
Configuration Task List for File Transfer Services |
59 |
Enable FTP server |
59 |
Configure FTP server parameters |
60 |
Configure FTP client parameters |
61 |
Terminal Lines |
61 |
Deny and Permit Access to a Terminal Line |
61 |
Configure Login Authentication for Terminal Lines |
62 |
Time out of EXEC Privilege Mode |
63 |
Telnet to Another Network Device |
64 |
Lock CONFIGURATION mode |
65 |
Viewing the Configuration Lock Status |
66 |
Recovering from a Forgotten Password on the S4810 and S6000 |
66 |
Recovering from a Forgotten Enable Password on the S4810 and S6000 |
68 |
Recovering from a Failed Start on the S4810 and S6000 |
69 |
802.1X |
71 |
Protocol Overview |
71 |
The Port-authentication Process |
72 |
EAP over RADIUS |
73 |
RADIUS Attributes for 802.1 Support |
74 |
Configuring 802.1X |
74 |
Related Configuration Tasks |
74 |
Important Points to Remember |
75 |
Enabling 802.1X |
75 |
Configuring Request Identity Re-transmissions |
76 |
Configuring a Quiet Period after a Failed Authentication |
77 |
Forcibly Authorizing or Unauthorizing a Port |
78 |
Re-authenticating a Port |
79 |
Periodic Re-authentication |
79 |
Configuring Timeouts |
80 |
Dynamic VLAN Assignment with Port Authentication |
81 |
Guest and Authentication-fail VLANs |
82 |
Configuring a Guest VLAN |
83 |
Configuring an Authentication-fail VLAN |
83 |
Access Control Lists (ACLs) |
85 |
Overview |
85 |
IP Access Control Lists (ACLs) |
86 |
CAM Profiling, CAM Allocation, and CAM Optimization |
86 |
User Configurable CAM Allocation |
87 |
CAM optimization |
87 |
Test CAM Usage |
87 |
Implementing ACLs on FTOS |
88 |
ACLs and VLANs |
88 |
Determine the order in which ACLs are used to classify traffic |
88 |
IP Fragment Handling |
89 |
IP fragments ACL examples |
90 |
Layer 4 ACL rules examples |
90 |
Configure a standard IP ACL |
91 |
Configure an extended IP ACL |
93 |
Configure filters with sequence number |
94 |
Configure filters without sequence number |
95 |
Configuring Layer 2 and Layer 3 ACLs on an Interface |
96 |
Assign an IP ACL to an Interface |
97 |
Counting ACL Hits |
98 |
Configuring Ingress ACLs |
99 |
Configuring Egress ACLs |
99 |
Egress Layer 3 ACL Lookup for Control-plane IP Traffic |
100 |
IP Prefix Lists |
101 |
Implementation Information |
101 |
Configuration Task List for Prefix Lists |
102 |
Configure a prefix list |
102 |
Use a prefix list for route redistribution |
104 |
ACL Resequencing |
106 |
Resequencing an ACL or Prefix List |
107 |
Route Maps |
108 |
Implementation Information |
108 |
Important Points to Remember |
108 |
Configuration Task List for Route Maps |
109 |
Create a route map |
109 |
Configure route map filters |
111 |
Configure a route map for route redistribution |
114 |
Configure a route map for route tagging |
115 |
Continue clause |
115 |
Bidirectional Forwarding Detection (BFD) |
117 |
Protocol Overview |
117 |
How BFD Works |
118 |
BFD packet format |
118 |
BFD sessions |
120 |
BFD three-way handshake |
121 |
Session state changes |
122 |
Important Points to Remember |
123 |
Configuring Bidirectional Forwarding Detection |
123 |
Configuring BFD for OSPF |
123 |
Related configuration tasks |
124 |
Establishing sessions with OSPF neighbors |
124 |
Changing OSPF session parameters |
125 |
Disabling BFD for OSPF |
126 |
Configuring BFD for IS-IS |
126 |
Related configuration tasks |
126 |
Establishing sessions with IS-IS neighbors |
126 |
Changing IS-IS session parameters |
128 |
Disabling BFD for IS-IS |
128 |
Configuring BFD for BGP |
129 |
Prerequisites |
129 |
Establishing sessions with BGP neighbors |
129 |
Disabling BFD for BGP |
131 |
Using BFD in a BGP Peer Group |
131 |
Displaying BFD for BGP Information |
132 |
Configuring Protocol Liveness |
136 |
Border Gateway Protocol |
137 |
Protocol Overview |
138 |
Autonomous Systems (AS) |
138 |
Sessions and Peers |
140 |
Establishing a session |
140 |
Peer Groups |
141 |
Route Reflectors |
141 |
Communities |
142 |
BGP Attributes |
143 |
Best Path Selection Criteria |
143 |
Best Path selection details |
144 |
Weight |
146 |
Local Preference |
146 |
Multi-Exit Discriminators (MEDs) |
146 |
Origin |
147 |
AS Path |
148 |
Next Hop |
149 |
Multiprotocol BGP |
149 |
Implementing BGP with FTOS |
149 |
Additional Path (Add-Path) support |
149 |
Advertise IGP cost as MED for redistributed routes |
149 |
Ignore Router-ID for some best-path calculations |
150 |
4-Byte AS Numbers |
150 |
AS4 Number Representation |
151 |
Dynamic AS Number Notation application |
152 |
AS Number Migration |
154 |
BGP4 Management Information Base (MIB) |
156 |
Important Points to Remember |
156 |
Configuration Information |
157 |
BGP Configuration |
158 |
Defaults |
158 |
Configuration Task List for BGP |
158 |
Enable BGP |
159 |
Configure AS4 Number Representations |
164 |
Configure Peer Groups |
166 |
BGP fast fall-over |
169 |
Configure passive peering |
172 |
Maintain existing AS numbers during an AS migration |
173 |
Allow an AS number to appear in its own AS path |
175 |
Enable graceful restart |
176 |
Filter on an AS-Path attribute |
177 |
Redistribute routes |
180 |
Enable additional paths |
181 |
Configure IP community lists |
181 |
Manipulate the COMMUNITY attribute |
184 |
Change MED attribute |
186 |
Change LOCAL_PREFERENCE attribute |
187 |
Change NEXT_HOP attribute |
188 |
Change WEIGHT attribute |
188 |
Enable multipath |
189 |
Filter BGP routes |
189 |
Configure BGP route reflectors |
192 |
Aggregate routes |
193 |
Configure BGP confederations |
194 |
Enable route flap dampening |
194 |
Change BGP timers |
199 |
BGP neighbor soft-reconfiguration |
199 |
Route map continue |
201 |
MBGP Configuration |
201 |
BGP Regular Expression Optimization |
202 |
Debugging BGP |
202 |
Storing Last and Bad PDUs |
203 |
Capturing PDUs |
204 |
PDU Counters |
206 |
Sample Configurations |
206 |
Bare Metal Provisioning 2.0 (BMP 2.0) |
217 |
Prerequisites |
217 |
Restrictions |
218 |
Comparison of BMP 1.5 and 2.0 |
218 |
Overview |
218 |
Jumpstart mode |
220 |
DHCP Server |
220 |
MAC-Based IP assignment |
220 |
DHCP configuration |
220 |
File Server |
221 |
Domain Name Server |
222 |
System boot and set-up behavior in Jumpstart Mode |
222 |
Content Addressable Memory (CAM) |
225 |
Content Addressable Memory |
225 |
When to Use CAM Profiling |
225 |
Important Points to Remember |
226 |
CAM Allocation |
226 |
Test CAM Usage |
228 |
View CAM-ACL settings |
228 |
Return to the Default CAM Configuration |
229 |
CAM Optimization |
229 |
Troubleshoot CAM Profiling |
229 |
CAM Profile Mismatches |
229 |
QoS CAM Region Limitation |
229 |
Control Plane Policing (CoPP) |
231 |
Overview |
231 |
Configure Control Plane Policing |
233 |
Configure CoPP for protocols |
234 |
Sample Config for CoPP protocol configuration |
235 |
Configure CoPP for CPU queues |
236 |
Sample Config for CoPP CPU queue configuration |
237 |
Show commands |
237 |
Dynamic Host Configuration Protocol (DHCP) |
239 |
Protocol Overview |
239 |
DHCP Packet Format and Options |
240 |
Assigning an IP Address using DHCP |
241 |
Implementation Information |
242 |
Configuration Tasks |
242 |
Configure the System to be a DHCP Server |
242 |
Configuration Tasks |
243 |
Related Configuration Tasks |
243 |
Configure the Server for Automatic Address Allocation |
243 |
Create an IP Address Pool |
243 |
Exclude Addresses from the Address Pool |
244 |
Specify an Address Lease Time |
244 |
Specify a Default Gateway |
244 |
Enable DHCP Server |
245 |
Configure a Method of Hostname Resolution |
245 |
Address Resolution using DNS |
245 |
Address Resolution using NetBIOS WINS |
246 |
Create Manual Binding Entries |
246 |
Debug DHCP server |
247 |
DHCP Clear Commands |
247 |
Configure the System to be a Relay Agent |
247 |
Configure Secure DHCP |
248 |
Option 82 |
249 |
DHCP Snooping |
249 |
Enable DCHP snooping |
251 |
Add a static entry in the binding table |
251 |
Clear the binding table |
251 |
Display the contents of the binding table |
251 |
Drop DHCP packets on snooped VLANs only |
252 |
Dynamic ARP Inspection |
252 |
Bypass the ARP Inspection |
254 |
Source Address Validation |
254 |
IP Source Address Validation |
254 |
DHCP MAC Source Address Validation |
255 |
IP+MAC Source Address Validation |
255 |
Debugging and Diagnostics |
257 |
Offline Diagnostics |
257 |
Important Points to Remember |
257 |
Running Offline Diagnostics |
258 |
TRACE logs |
265 |
Auto Save on Crash or Rollover |
265 |
Hardware watchdog timer |
265 |
Environmental monitoring |
265 |
Digital Optical Monitoring (DOM) Details via Command Line Interface and SNMP |
266 |
Power via Command Line Interface: |
266 |
Power via SNMP: |
268 |
Temperature via Command Line Interface: |
269 |
Temperature via SNMP: |
271 |
Recognize an Overtemperature Condition |
276 |
Troubleshoot an Overtemperature Condition |
277 |
Recognize an Under-Voltage Condition |
277 |
Troubleshoot an Under-Voltage Condition |
277 |
show hardware commands (S6000) |
277 |
Troubleshooting packet loss |
280 |
Displaying Drop Counters |
280 |
Dataplane Statistics |
281 |
Displaying Stack Member Counters |
283 |
Application Core Dumps |
284 |
Mini Core Dumps |
284 |
Kernel Core Dumps |
285 |
TCP Dumps |
285 |
Equal Cost Multi-Path (ECMP) |
287 |
Configurable Hash Algorithm Seed |
287 |
Link Bundle Monitoring |
287 |
Managing ECMP Group Paths |
288 |
Data Center Bridging (DCB) |
291 |
Ethernet Enhancements in Data Center Bridging |
291 |
Priority-Based Flow Control |
292 |
Enhanced Transmission Selection |
293 |
Data Center Bridging Exchange Protocol |
295 |
Data Center Bridging in a Traffic Flow |
295 |
Data Center Bridging: Default Configuration |
296 |
Enabling Data Center Bridging |
296 |
QoS dot1p Traffic Classification and Queue Assignment |
297 |
Configuring Priority-Based Flow Control |
298 |
Configuring Lossless Queues |
301 |
Configuration Enhanced Transmission Selection |
302 |
ETS Prerequisites and Restrictions |
303 |
Creating a QoS DCB Output Policy |
303 |
Creating an ETS Priority Group |
306 |
Applying an DCB Output Policy for a Priority Group to an Interface |
307 |
ETS Operation with DCBX |
308 |
Configuring Bandwidth Allocation for DCBX CIN |
309 |
Configuring DCBx Operation |
310 |
Supported DCBx Versions |
310 |
DCBx Operation |
310 |
DCBx Port Roles |
311 |
DCB Configuration Exchange |
312 |
Configuration Source Election |
313 |
Propagation of DCB Information |
313 |
Auto-Detection and Manual Configuration of the DCBx Version |
314 |
DCBx Example |
314 |
DCBx Prerequisites and Restrictions |
315 |
DCBx Configuration Procedure |
316 |
Configuring DCBx Globally on the Switch |
318 |
Verifying DCB Configuration |
319 |
Troubleshooting PFC, ETS, and DCBx Operation |
331 |
DCBx Oper Status is Down |
331 |
DCBx Error Messages |
333 |
Debugging DCBx on an Interface |
334 |
FIP Snooping |
335 |
Fibre Channel over Ethernet |
335 |
Ensuring Robustness in a Converged Ethernet Network |
335 |
FIP Snooping on Ethernet Bridges |
337 |
FIP Snooping in a Switch Stack |
339 |
Configuring FIP Snooping |
339 |
Enabling the FIP Snooping Feature |
340 |
Enabling FIP Snooping on VLANs |
340 |
Configuring the FC-MAP Value |
340 |
Configuring a Port for a Bridge-to-FCF Link |
340 |
Impact on other Software Features |
341 |
FIP Snooping Prerequisites |
341 |
FIP Snooping Restrictions |
341 |
Configuration Procedure |
342 |
Displaying FIP Snooping Information |
343 |
FIP Snooping Configuration Example |
349 |
Force10 Resilient Ring Protocol (FRRP) |
353 |
Protocol Overview |
353 |
Ring Status |
354 |
Ring Checking |
354 |
Ring Failure |
355 |
Ring Restoration |
355 |
Multiple FRRP Rings |
355 |
Member VLAN Spanning Two Rings Connected by One Switch |
355 |
Important FRRP Points |
356 |
Important FRRP Concepts |
357 |
Implementing FRRP |
358 |
FRRP Configuration |
359 |
Create the FRRP group |
359 |
Configure the Control VLAN |
359 |
Configure and add the Member VLANs |
361 |
Set FRRP Timers |
362 |
Clear FRRP counters |
362 |
Show FRRP configuration |
363 |
Show FRRP information |
363 |
Troubleshooting FRRP |
363 |
Configuration Checks |
363 |
Sample Configuration and Topology |
363 |
GARP VLAN Registration Protocol (GVRP) |
367 |
Protocol Overview |
367 |
Important Points to Remember |
367 |
Configuring GVRP |
368 |
Related Configuration Tasks |
369 |
Enabling GVRP Globally |
369 |
Enabling GVRP on a Layer 2 Interface |
370 |
Configuring GVRP Registration |
370 |
Configuring a GARP Timer |
371 |
Internet Group Management Protocol (IGMP) |
373 |
IGMP Implementation Information |
373 |
IGMP Protocol Overview |
373 |
IGMP version 2 |
374 |
Joining a Multicast Group |
374 |
Leaving a Multicast Group |
375 |
IGMP version 3 |
375 |
Joining and Filtering Groups and Sources |
376 |
Leaving and Staying in Groups |
377 |
Configuring IGMP |
378 |
Related Configuration Tasks |
378 |
Viewing IGMP Enabled Interfaces |
379 |
Selecting an IGMP Version |
379 |
Viewing IGMP Groups |
379 |
Adjusting Timers |
380 |
Adjusting Query and Response Timers |
380 |
Adjusting the IGMP Querier Timeout Value |
380 |
Configuring a Static IGMP Group |
381 |
Enabling IGMP Immediate-leave |
381 |
IGMP Snooping |
381 |
IGMP Snooping Implementation Information |
382 |
Configuring IGMP Snooping |
382 |
Related Configuration Tasks |
382 |
Enabling IGMP Immediate-leave |
382 |
Disabling Multicast Flooding |
383 |
Specifying a Port as Connected to a Multicast Router |
383 |
Configuring the Switch as Querier |
383 |
Adjusting the Last Member Query Interval |
383 |
Fast Convergence after MSTP Topology Changes |
384 |
Designating a Multicast Router Interface |
384 |
Debugging IGMP |
384 |
Interfaces |
385 |
Basic Interface Configuration: |
385 |
Advanced Interface Configuration: |
385 |
Interface Types |
386 |
View Basic Interface Information |
386 |
Enable a Physical Interface |
388 |
Physical Interfaces |
389 |
Configuration Task List for Physical Interfaces |
389 |
Overview of Layer Modes |
390 |
Configure Layer 2 (Data Link) Mode |
390 |
Configure Layer 3 (Network) Mode |
391 |
Management Interfaces |
392 |
Configure Management Interfaces |
392 |
VLAN Interfaces |
393 |
Loopback Interfaces |
394 |
Null Interfaces |
395 |
Port Channel Interfaces |
395 |
Port channel definition and standards |
395 |
Port channel benefits |
396 |
Port channel implementation |
396 |
Configuration task list for port channel interfaces |
397 |
Create a port channel |
397 |
Add a physical interface to a port channel |
398 |
Reassign an interface to a new port channel |
400 |
Configure the minimum oper up links in a port channel (LAG) |
401 |
Add or remove a port channel from a VLAN |
401 |
Assign an IP address to a port channel |
402 |
Delete or disable a port channel |
402 |
Load balancing through port channels |
403 |
S-Series load-balancing |
403 |
Hash algorithm |
404 |
Hash Seed |
404 |
Bulk Configuration |
406 |
Interface Range |
406 |
Bulk Configuration Examples |
406 |
Create a single-range |
407 |
Create a multiple-range |
407 |
Exclude duplicate entries |
407 |
Exclude a smaller port range |
407 |
Overlap port ranges |
407 |
Commas |
408 |
Add ranges |
408 |
Interface Range Macros |
408 |
Define the Interface Range |
409 |
Choose an Interface-range Macro |
409 |
Monitor and Maintain Interfaces |
409 |
Splitting QSFP ports to SFP+ ports |
410 |
Important Points |
411 |
Link Dampening |
412 |
Important Points to Remember |
412 |
Enable Link Dampening |
412 |
Clear Dampening Counters |
413 |
Configure MTU size on an Interface |
413 |
Ethernet Pause Frames |
414 |
Threshold Settings |
414 |
Enable Pause Frames |
415 |
Configure MTU Size on an Interface |
415 |
Adjust the keepalive timer |
416 |
View Advanced Interface Information |
417 |
Display Only Configured Interfaces |
417 |
Configure Interface Sampling Size |
418 |
Dynamic Counters |
419 |
Clear interface counters |
421 |
IPv4 Routing |
423 |
IP Addresses |
423 |
Implementation Information |
424 |
Configuration Task List for IP Addresses |
424 |
Assign IP addresses to an interface |
424 |
Configure static routes |
426 |
Configure static routes for the management interface |
427 |
Directed Broadcast |
428 |
Resolution of Host Names |
428 |
Enable dynamic resolution of host names |
428 |
Specify local system domain and a list of domains |
429 |
DNS with traceroute |
430 |
ARP |
431 |
Configuration Task List for ARP |
431 |
Configure static ARP entries |
431 |
Enable Proxy ARP |
432 |
Clear ARP cache |
432 |
ARP Learning via Gratuitous ARP |
433 |
ARP Learning via ARP Request |
434 |
Configurable ARP Retries |
434 |
ICMP |
435 |
Configuration Task List for ICMP |
435 |
Enable ICMP unreachable messages |
435 |
UDP Helper |
436 |
Configuring UDP Helper |
436 |
Important Points to Remember about UDP Helper |
436 |
Enabling UDP Helper |
436 |
Configuring a Broadcast Address |
437 |
Configurations Using UDP Helper |
438 |
UDP Helper with Broadcast-all Addresses |
438 |
UDP Helper with Subnet Broadcast Addresses |
439 |
UDP Helper with Configured Broadcast Addresses |
439 |
UDP Helper with No Configured Broadcast Addresses |
440 |
Troubleshooting UDP Helper |
440 |
IPv6 Routing |
443 |
Protocol Overview |
443 |
Extended Address Space |
444 |
Stateless Autoconfiguration |
444 |
IPv6 Headers |
444 |
IPv6 Header Fields |
445 |
Version (4 bits) |
445 |
Traffic Class (8 bits) |
445 |
Flow Label (20 bits) |
446 |
Payload Length (16 bits) |
446 |
Next Header (8 bits) |
446 |
Hop Limit (8 bits) |
447 |
Source Address (128 bits) |
447 |
Destination Address (128 bits) |
447 |
Extension Header fields |
447 |
Hop-by-Hop Options header |
447 |
Addressing |
448 |
Link-local Addresses |
449 |
Static and Dynamic Addressing |
449 |
Implementing IPv6 with FTOS |
449 |
ICMPv6 |
452 |
Path MTU Discovery |
453 |
IPv6 Neighbor Discovery |
453 |
IPv6 Neighbor Discovery of MTU packets |
454 |
SSH over an IPv6 Transport |
455 |
Configuration Task List for IPv6 |
455 |
Adjust your CAM-Profile |
455 |
Assign an IPv6 Address to an Interface |
456 |
Assign a Static IPv6 Route |
456 |
Telnet with IPv6 |
457 |
SNMP over IPv6 |
458 |
Show IPv6 Information |
458 |
Show an IPv6 Interface |
459 |
Show IPv6 Routes |
460 |
Show the Running-Configuration for an Interface |
462 |
Clear IPv6 Routes |
462 |
iSCSI Optimization |
465 |
iSCSI Optimization Overview |
465 |
Monitoring iSCSI Traffic Flows |
467 |
Application of Quality of Service to iSCSI Traffic Flows |
467 |
Information Monitored in iSCSI Traffic Flows |
467 |
Detection and Autoconfiguration for Dell EqualLogic Arrays |
468 |
Detection and Port Configuration for Dell Compellent Arrays |
468 |
Enabling and Disabling iSCSI Optimization |
469 |
Default iSCSI Optimization Values |
470 |
iSCSI Optimization Prerequisites |
470 |
Configuring iSCSI Optimization |
470 |
Displaying iSCSI Optimization Information |
472 |
Intermediate System to Intermediate System |
475 |
Protocol Overview |
475 |
IS-IS Addressing |
476 |
Multi-Topology IS-IS |
477 |
Transition Mode |
477 |
Interface support |
477 |
Adjacencies |
478 |
Implementation Information |
478 |
Configuration Information |
479 |
Configuration Task List for IS-IS |
479 |
Enable IS-IS |
480 |
Configure Multi-Topology IS-IS (MT IS-IS) |
483 |
Configure Multi-Topology IS-IS (MT IS-IS) |
484 |
Configure IS-IS Graceful Restart |
484 |
Change LSP attributes |
487 |
Configure IS-IS metric style and cost |
487 |
Configuring the distance of a route |
490 |
Change the IS-type |
490 |
Control routing updates |
491 |
Distribute Routes |
491 |
Redistribute routes |
493 |
Configure authentication passwords |
495 |
Set the overload bit |
496 |
Debug IS-IS |
496 |
IS-IS Metric Styles |
497 |
Configure Metric Values |
498 |
Maximum Values in the Routing Table |
498 |
Changing the IS-IS Metric Style in One Level Only |
498 |
Leaking from One Level to Another |
500 |
Sample Configuration |
501 |
Link Aggregation Control Protocol (LACP) |
505 |
Introduction to Dynamic LAGs and LACP |
505 |
Important Points to Remember |
506 |
LACP modes |
506 |
LACP Configuration Commands |
507 |
LACP Configuration Tasks |
507 |
Create a LAG |
507 |
Configure the LAG interfaces as dynamic |
508 |
Set the LACP long timeout |
508 |
Monitor and Debugging LACP |
509 |
Shared LAG State Tracking |
509 |
Configure Shared LAG State Tracking |
510 |
Important Points about Shared LAG State Tracking |
512 |
LACP Basic Configuration Example |
512 |
Configuring a LAG on ALPHA |
513 |
Summary of the configuration on ALPHA |
516 |
Summary of the configuration on BRAVO |
517 |
Layer 2 |
521 |
Managing the MAC Address Table |
521 |
Clear the MAC Address Table |
521 |
Set the Aging Time for Dynamic Entries |
522 |
Configure a Static MAC Address |
522 |
Display the MAC Address Table |
522 |
MAC Learning Limit |
522 |
mac learning-limit dynamic |
524 |
mac learning-limit mac-address-sticky |
524 |
mac learning-limit station-move |
524 |
mac learning-limit no-station-move |
525 |
Learning Limit Violation Actions |
525 |
Station Move Violation Actions |
525 |
Recovering from Learning Limit and Station Move Violations |
526 |
NIC Teaming |
527 |
Configuring Redundant Pairs |
528 |
Important Points about Configuring Redundant Pairs |
530 |
Far-end Failure Detection |
531 |
FEFD state changes |
532 |
Important Points to Remember |
532 |
Configuring FEFD |
533 |
Enable FEFD Globally |
533 |
Enable FEFD on an Interface |
533 |
Debugging FEFD |
534 |
During an RPM Failover |
535 |
Link Layer Discovery Protocol (LLDP) |
537 |
802.1AB (LLDP) Overview |
537 |
Protocol Data Units |
537 |
Optional TLVs |
539 |
Management TLVs |
539 |
Organizationally Specific TLVs |
539 |
IEEE Organizationally Specific TLVs |
540 |
TIA-1057 (LLDP-MED) Overview |
541 |
TIA Organizationally Specific TLVs |
541 |
LLDP-MED Capabilities TLV |
542 |
LLDP-MED Network Policies TLV |
543 |
Extended Power via MDI TLV |
545 |
Configuring LLDP |
545 |
Related Configuration Tasks |
545 |
Important Points to Remember |
546 |
LLDP Compatibility |
546 |
CONFIGURATION versus INTERFACE Configurations |
546 |
Enabling LLDP |
547 |
Disabling and Undoing LLDP |
547 |
Advertising TLVs |
547 |
Viewing the LLDP Configuration |
548 |
Viewing Information Advertised by Adjacent LLDP Agents |
549 |
Configuring LLDPDU Intervals |
550 |
Configuring Transmit and Receive Mode |
551 |
Configuring a Time to Live |
551 |
Debugging LLDP |
552 |
Relevant Management Objects |
553 |
Multicast Source Discovery Protocol (MSDP) |
559 |
Protocol Overview |
559 |
Anycast RP |
560 |
Implementation Information |
561 |
Configuring Multicast Source Discovery Protocol |
561 |
Related Configuration Tasks |
561 |
Enable MSDP |
567 |
Manage the Source-active Cache |
567 |
View the Source-active Cache |
568 |
Limit the Source-active Cache |
568 |
Clear the Source-active Cache |
568 |
Enable the Rejected Source-active Cache |
568 |
Accept Source-active Messages that fail the RFP Check |
569 |
Limit the Source-active Messages from a Peer |
571 |
Prevent MSDP from Caching a Local Source |
572 |
Prevent MSDP from Caching a Remote Source |
573 |
Prevent MSDP from Advertising a Local Source |
574 |
Log Changes in Peership States |
575 |
Terminate a Peership |
575 |
Clear Peer Statistics |
576 |
Debugging MSDP |
576 |
MSDP with Anycast RP |
577 |
Reducing Source-active Message Flooding |
579 |
Specify the RP Address Used in SA Messages |
579 |
MSDP Sample Configurations |
582 |
Multiple Spanning Tree Protocol (MSTP) |
587 |
Protocol Overview |
587 |
Implementation Information |
588 |
Configure Multiple Spanning Tree Protocol |
588 |
Related Configuration Tasks |
588 |
Enable Multiple Spanning Tree Globally |
589 |
Add and Remove Interfaces |
589 |
Create Multiple Spanning Tree Instances |
589 |
Influence MSTP Root Selection |
591 |
Interoperate with Non-FTOS Bridges |
591 |
Modify Global Parameters |
592 |
Modify Interface Parameters |
593 |
Configure an EdgePort |
594 |
Flush MAC Addresses after a Topology Change |
595 |
MSTP Sample Configurations |
595 |
Debugging and Verifying MSTP Configuration |
599 |
Multicast Features |
603 |
Implementation Information |
603 |
Enable IP Multicast |
603 |
Multicast with ECMP |
604 |
Multicast Policies |
604 |
IPv4 Multicast Policies |
605 |
Limit the Number of Multicast Routes |
605 |
Prevent a Host from Joining a Group |
606 |
Rate Limit IGMP Join Requests |
608 |
Prevent a PIM Router from Forming an Adjacency |
608 |
Prevent a Source from Registering with the RP |
608 |
Prevent a PIM Router from Processing a Join |
610 |
Open Shortest Path First (OSPFv2) |
611 |
Protocol Overview |
611 |
Autonomous System (AS) Areas |
612 |
Area Types |
613 |
Networks and Neighbors |
613 |
Router Types |
613 |
Backbone Router (BR) |
614 |
Area Border Router (ABR) |
615 |
Autonomous System Border Router (ASBR) |
615 |
Internal Router (IR) |
615 |
Designated and Backup Designated Routers |
615 |
Link-State Advertisements (LSAs) |
616 |
LSA throttling |
617 |
Virtual Links |
617 |
Router Priority and Cost |
617 |
Implementing OSPF with FTOS |
618 |
Fast Convergence (OSPFv2, IPv4 only) |
619 |
Multi-Process OSPF (OSPFv2, IPv4 only) |
619 |
Processing SNMP and Sending SNMP Traps |
619 |
RFC-2328 Compliant OSPF Flooding |
619 |
OSPF ACK Packing |
620 |
OSPF Adjacency with Cisco Routers |
621 |
Configuration Information |
621 |
Configuration Task List for OSPFv2 (OSPF for IPv4) |
622 |
Enable OSPFv2 |
622 |
Enable Multi-Process OSPF |
624 |
Assign an OSPFv2 area |
625 |
Enable OSPFv2 on interfaces |
626 |
Configure stub areas |
628 |
Configure LSA throttling timers |
629 |
Enable passive interfaces |
629 |
Enable fast-convergence |
631 |
Change OSPFv2 parameters on interfaces |
632 |
Enable OSPFv2 authentication |
634 |
Filter routes |
635 |
Redistribute routes |
635 |
Troubleshooting OSPFv2 |
636 |
Sample Configurations for OSPFv2 |
638 |
Basic OSPFv2 Router Topology |
638 |
PIM Sparse-Mode (PIM-SM) |
641 |
Implementation Information |
641 |
Protocol Overview |
641 |
Requesting Multicast Traffic |
641 |
Refusing Multicast Traffic |
642 |
Sending Multicast Traffic |
642 |
Important Points to Remember |
643 |
Configure PIM-SM |
643 |
Related Configuration Tasks |
643 |
Enable PIM-SM |
644 |
Configurable S,G Expiry Timers |
645 |
Configure a Static Rendezvous Point |
646 |
Override Bootstrap Router Updates |
647 |
Configure a Designated Router |
647 |
Create Multicast Boundaries and Domains |
648 |
Configure a Dynamic RP |
648 |
Debugging PIM |
649 |
PIM Source-Specific Mode (PIM-SSM) |
651 |
Implementation Information |
653 |
Important Points to Remember |
653 |
Configure PIM-SM |
653 |
Related Configuration Tasks |
653 |
Enable PIM-SSM |
653 |
Use PIM-SSM with IGMP version 2 Hosts |
654 |
Port Monitoring |
657 |
Important Points to Remember |
657 |
Port Monitoring on S-Series, and Z-Series |
658 |
Configuring Port Monitoring |
661 |
Private VLANs |
663 |
Private VLAN Concepts |
664 |
Private VLAN Commands |
665 |
Private VLAN Configuration Task List |
666 |
Creating PVLAN ports |
666 |
Creating a Primary VLAN |
667 |
Creating a Community VLAN |
668 |
Creating an Isolated VLAN |
668 |
Private VLAN Configuration Example |
669 |
Inspecting the Private VLAN Configuration |
670 |
Per-VLAN Spanning Tree Plus (PVST+) |
673 |
Protocol Overview |
673 |
Implementation Information |
674 |
Configure Per-VLAN Spanning Tree Plus |
674 |
Related Configuration Tasks |
674 |
Enable PVST+ |
675 |
Disable PVST+ |
675 |
Influence PVST+ Root Selection |
675 |
Modify Global PVST+ Parameters |
677 |
Modify Interface PVST+ Parameters |
678 |
Configure an EdgePort |
679 |
PVST+ in Multi-vendor Networks |
680 |
PVST+ Extended System ID |
680 |
PVST+ Sample Configurations |
681 |
Quality of Service (QoS) |
685 |
Implementation Information |
687 |
Port-based QoS Configurations |
687 |
Set dot1p Priorities for Incoming Traffic |
688 |
Honor dot1p Priorities on Ingress Traffic |
688 |
Priority-tagged Frames on the Default VLAN |
689 |
Configure Port-based Rate Policing |
689 |
Configure Port-based Rate Shaping |
690 |
Policy-based QoS Configurations |
690 |
Classify Traffic |
691 |
Create a Layer 3 class map |
691 |
Create a Layer 2 class map |
692 |
Determine the order in which ACLs are used to classify traffic |
692 |
Create a QoS Policy |
693 |
Create an input QoS policy |
694 |
Create an output QoS policy |
694 |
Create Policy Maps |
695 |
Create Input Policy Maps |
695 |
Apply an input policy map to an interface |
698 |
Create Output Policy Maps |
698 |
QoS Rate Adjustment |
699 |
Strict-priority Queueing |
700 |
Weighted Random Early Detection |
700 |
Create WRED Profiles |
701 |
Apply a WRED profile to traffic |
701 |
Display Default and Configured WRED Profiles |
702 |
Display WRED Drop Statistics |
702 |
Pre-calculating Available QoS CAM Space |
703 |
Routing Information Protocol (RIP) |
705 |
Protocol Overview |
705 |
RIPv1 |
705 |
RIPv2 |
706 |
Implementation Information |
706 |
Configuration Information |
706 |
Configuration Task List for RIP |
707 |
Enable RIP globally |
707 |
Configure RIP on interfaces |
708 |
Control RIP routing updates |
709 |
Set send and receive version |
710 |
Generate a default route |
712 |
Summarize routes |
712 |
Control route metrics |
713 |
Debug RIP |
713 |
RIP Configuration Example |
714 |
Configuring RIPv2 on Core 2 |
715 |
Core 2 Output |
715 |
RIP Configuration on Core 3 |
717 |
Core 3 RIP Output |
717 |
RIP Configuration Summary |
719 |
Remote Monitoring (RMON) |
721 |
Implementation |
721 |
Fault Recovery |
722 |
Set rmon alarm |
723 |
Configure an RMON event |
724 |
Configure RMON collection statistics |
725 |
Configure RMON collection history |
726 |
Enable an RMON MIB collection history group |
726 |
Rapid Spanning Tree Protocol (RSTP) |
727 |
Protocol Overview |
727 |
Configuring Rapid Spanning Tree |
727 |
Related Configuration Tasks |
727 |
Important Points to Remember |
728 |
Configure Interfaces for Layer 2 Mode |
728 |
Enable Rapid Spanning Tree Protocol Globally |
730 |
Add and Remove Interfaces |
733 |
Modify Global Parameters |
733 |
Modify Interface Parameters |
734 |
Configure an EdgePort |
735 |
Influence RSTP Root Selection |
736 |
SNMP Traps for Root Elections and Topology Changes |
737 |
Fast Hellos for Link State Detection |
737 |
Security |
739 |
AAA Accounting |
739 |
Configuration Task List for AAA Accounting |
740 |
Enable AAA Accounting |
740 |
Suppress AAA Accounting for null username sessions |
741 |
Configure Accounting of EXEC and privilege-level command usage |
741 |
Configure AAA Accounting for terminal lines |
741 |
Monitor AAA Accounting |
741 |
AAA Authentication |
742 |
Configuration Task List for AAA Authentication |
742 |
Configure login authentication for terminal lines |
743 |
Configure AAA Authentication login methods |
743 |
Enable AAA Authentication |
744 |
AAA Authentication—RADIUS |
744 |
Server-side configuration |
745 |
AAA Authorization |
745 |
Privilege Levels Overview |
745 |
Configuration Task List for Privilege Levels |
746 |
Configure a username and password |
746 |
Configure the enable password command |
747 |
Configure custom privilege levels |
748 |
Specify LINE mode password and privilege |
750 |
Enable and disabling privilege levels |
751 |
Reset a S6000 password |
751 |
RADIUS |
752 |
RADIUS Authentication and Authorization |
752 |
Idle Time |
753 |
ACL |
753 |
Auto-command |
753 |
Set access to privilege levels through RADIUS |
754 |
Configuration Task List for RADIUS |
754 |
Define a aaa method list to be used for RADIUS |
754 |
Apply the method list to terminal lines |
755 |
Specify a RADIUS server host |
755 |
Set global communication parameters for all RADIUS server hosts |
756 |
Monitor RADIUS |
757 |
TACACS+ |
757 |
Configuration Task List for TACACS+ |
757 |
Choose TACACS+ as the Authentication Method |
757 |
Monitor TACACS+ |
759 |
TACACS+ Remote Authentication and Authorization |
759 |
Command Authorization |
761 |
Protection from TCP Tiny and Overlapping Fragment Attacks |
761 |
SCP and SSH |
761 |
Using SCP with SSH to copy a software image |
763 |
Secure Shell Authentication |
764 |
Important Points to Remember for SSH Authentication |
764 |
SSH Authentication by Password |
764 |
RSA Authentication of SSH |
765 |
Host-based SSH Authentication |
765 |
Client-based SSH Authentication |
766 |
Troubleshooting SSH |
767 |
Telnet |
767 |
VTY Line and Access-Class Configuration |
768 |
VTY Line Local Authentication and Authorization |
768 |
VTY Line Remote Authentication and Authorization |
769 |
VTY MAC-SA Filter Support |
769 |
Service Provider Bridging |
771 |
VLAN Stacking |
771 |
Important Points to Remember |
772 |
Configure VLAN Stacking |
772 |
Related Configuration Tasks |
772 |
Create Access and Trunk Ports |
773 |
Enable VLAN-Stacking for a VLAN |
773 |
Configure the Protocol Type Value for the Outer VLAN Tag |
774 |
FTOS Options for Trunk Ports |
775 |
Debug VLAN Stacking |
776 |
VLAN Stacking in Multi-vendor Networks |
776 |
VLAN Stacking with S-Series |
776 |
VLAN Stacking Packet Drop Precedence |
779 |
Enable Drop Eligibility |
780 |
Honor the Incoming DEI Value |
780 |
Mark Egress Packets with a DEI Value |
781 |
Dynamic Mode CoS for VLAN Stacking |
781 |
Layer 2 Protocol Tunneling |
784 |
Implementation Information |
786 |
Enable Layer 2 Protocol Tunneling |
787 |
Specify a Destination MAC Address for BPDUs |
787 |
Rate-limit BPDUs on the S-Series, and Z-Series |
787 |
Debug Layer 2 Protocol Tunneling |
788 |
Provider Backbone Bridging |
788 |
sFlow |
789 |
Overview |
789 |
Implementation Information |
790 |
Important Points to Remember |
790 |
Enable and Disable sFlow |
791 |
Enable and Disable on an Interface |
791 |
sFlow Show Commands |
791 |
Show sFlow Globally |
792 |
Show sFlow on an Interface |
792 |
Show sFlow on a Line Card |
793 |
Polling Intervals |
793 |
Back-off Mechanism |
794 |
sFlow on LAG ports |
794 |
Extended sFlow |
794 |
Simple Network Management Protocol (SNMP) |
795 |
Protocol Overview |
795 |
Implementation Information |
795 |
Configure Simple Network Management Protocol |
796 |
Related Configuration Tasks |
796 |
Important Points to Remember |
796 |
Create a Community |
796 |
Read Managed Object Values |
797 |
Write Managed Object Values |
798 |
Configure Contact and Location Information using SNMP |
798 |
Subscribe to Managed Object Value Updates using SNMP |
799 |
Copy Configuration Files Using SNMP |
802 |
Manage VLANs using SNMP |
807 |
Create a VLAN |
807 |
Assign a VLAN Alias |
808 |
Display the Ports in a VLAN |
808 |
Add Tagged and Untagged Ports to a VLAN |
810 |
Enable and Disable a Port using SNMP |
812 |
Fetch Dynamic MAC Entries using SNMP |
812 |
Deriving Interface Indices |
813 |
Storm Control |
817 |
Configure Storm Control |
817 |
Configure storm control from INTERFACE mode |
817 |
Configure storm control from CONFIGURATION mode |
818 |
Spanning Tree Protocol (STP) |
819 |
Protocol Overview |
819 |
Configuring Spanning Tree |
819 |
Related Configuration Tasks |
820 |
Important Points to Remember |
820 |
Configuring Interfaces for Layer 2 Mode |
820 |
Enabling Spanning Tree Protocol Globally |
822 |
Adding an Interface to the Spanning Tree Group |
824 |
Removing an Interface from the Spanning Tree Group |
824 |
Modifying Global Parameters |
825 |
Modifying Interface STP Parameters |
826 |
Enabling PortFast |
826 |
Preventing Network Disruptions with BPDU Guard |
827 |
STP Root Selection |
829 |
SNMP Traps for Root Elections and Topology Changes |
830 |
System Time and Date |
831 |
Network Time Protocol (NTP) |
831 |
Protocol Overview |
832 |
Implementation Information |
833 |
Configuring Network Time Protocol |
833 |
Related Configuration Tasks |
833 |
Enable NTP |
834 |
Set the Hardware Clock with the Time Derived from NTP |
835 |
Configure NTP broadcasts |
835 |
Disable NTP on an interface |
835 |
Configure a source IP address for NTP packets |
836 |
Configure NTP authentication |
836 |
FTOS Time and Date |
839 |
Configuring time and date settings |
839 |
Set the time and date for the switch hardware clock |
840 |
Set the time and date for the switch software clock |
840 |
Set the timezone |
841 |
Set daylight saving time |
842 |
Set Daylight Saving Time Once |
843 |
Set Recurring Daylight Saving Time |
844 |
Upgrade Procedures |
847 |
Find the upgrade procedures |
847 |
Get Help with upgrades |
847 |
Virtual LANs (VLAN) |
849 |
Default VLAN |
850 |
Port-Based VLANs |
851 |
VLANs and Port Tagging |
851 |
Configuration Task List for VLANs |
852 |
Create a port-based VLAN |
852 |
Assign interfaces to a VLAN |
853 |
Assign an IP address to a VLAN |
856 |
Native VLANs |
856 |
Enable Null VLAN as the Default VLAN |
857 |
Virtual Link Trunking (VLT) |
859 |
Overview |
859 |
Enhanced VLT |
861 |
VLT Concepts Terminology |
861 |
Configuring Virtual Link Trunking |
862 |
Important Points to Remember |
862 |
Configuration Notes |
862 |
RSTP and VLT |
867 |
VLT Bandwidth Monitoring |
867 |
VLT and IGMP Snooping |
868 |
VLT Port Delayed Restoration |
868 |
PIM-Sparse Mode Support on VLT |
869 |
RSTP Configuration |
870 |
Preventing Forwarding Loops in a VLT Domain |
870 |
Sample RSTP Configuration |
871 |
VLT Configuration Procedure |
871 |
eVLT Configuration Example |
882 |
PIM-Sparse Mode Configuration Example |
884 |
Verifying a VLT Configuration |
885 |
Sample Configuration: Virtual Link Trunking |
887 |
Troubleshooting VLT |
890 |
Virtual Router Redundancy Protocol (VRRP) |
893 |
VRRP Overview |
893 |
VRRP Benefits |
895 |
VRRP Implementation |
895 |
VRRP Configuration |
896 |
Configuration Task List for VRRP |
896 |
Create a Virtual Router |
897 |
Assign Virtual IP addresses |
897 |
Set VRRP Group (Virtual Router) Priority |
900 |
Configure VRRP Authentication |
901 |
Disable Preempt |
901 |
Change the Advertisement interval |
902 |
Track an Interface |
903 |
VRRP initialization delay |
904 |
Sample Configurations |
905 |
Standards Compliance |
909 |
IEEE Compliance |
909 |
RFC and I-D Compliance |
910 |
General Internet Protocols |
910 |
General IPv4 Protocols |
910 |
General IPv6 Protocols |
911 |
Border Gateway Protocol (BGP) |
912 |
Open Shortest Path First (OSPF) |
912 |
Intermediate System to Intermediate System (IS-IS) |
913 |
Routing Information Protocol (RIP) |
914 |
Multiprotocol Label Switching (MPLS) |
914 |
Multicast |
915 |
Network Management |
915 |