Egress Interface Selection (Eis); Important Points To Remember; Configuring Eis - Dell S4048–ON Configuration Manual
Hide thumbs
Also See for S4048–ON:
- Configuration manual (1039 pages) ,
- Deployment manual (78 pages) ,
- Troubleshooting manual (29 pages)
Table of Contents
Advertisement
To view all interfaces to see with an IP address assigned, use the show ip interfaces brief command in EXEC mode as shown in
View Basic Interface
Information.
To view IP information on an interface in Layer 3 mode, use the show ip interface command in EXEC Privilege mode.
Dell>show ip interface vlan 58
Vlan 58 is up, line protocol is up
Internet address is 1.1.49.1/24
Broadcast address is 1.1.49.255
Address determined by config file
MTU is 1554 bytes
Inbound access list is not set
Proxy ARP is enabled
Split Horizon is enabled
Poison Reverse is disabled
ICMP redirects are not sent
ICMP unreachables are not sent
IP unicast RPF check is not supported
Egress Interface Selection (EIS)
EIS allows you to isolate the management and front-end port domains by preventing switch-initiated traffic routing between the two
domains. This feature provides additional security by preventing flooding attacks on front-end ports. The following protocols support EIS:
DNS, FTP, NTP, RADIUS, sFlow, SNMP, SSH, Syslog, TACACS, Telnet, and TFTP. This feature does not support sFlow on stacked units.
When you enable this feature, all management routes (connected, static, and default) are copied to the management EIS routing table. Use
the management route command to add new management routes to the default and EIS routing tables. Use the show ip
management-eis-route command to view the EIS routes.
Important Points to Remember
•
Deleting a management route removes the route from both the EIS routing table and the default routing table.
•
If the management port is down or route lookup fails in the management EIS routing table, the outgoing interface is selected based on
route lookup from the default routing table.
•
If a route in the EIS table conflicts with a front-end port route, the front-end port route has precedence.
•
Due to protocol, ARP packets received through the management port create two ARP entries (one for the lookup in the EIS table and
one for the default routing table).
Configuring EIS
EIS is compatible with the following protocols: DNS, FTP, NTP, RADIUS, sFlow, SNMP, SSH, Syslog, TACACS, Telnet, and TFTP.
To enable and configure EIS, use the following commands:
1
Enter EIS mode.
CONFIGURATION mode
management egress-interface-selection
2
Configure which applications uses EIS.
EIS mode
application {all | application-type}
NOTE:
If you configure SNMP as the management application for EIS and you add a default management route, when
you perform an SNMP walk and check the debugging logs for the source and destination IPs, the SNMP agent uses the
destination address of incoming SNMP packets as the source address for outgoing SNMP responses for security.
Interfaces
399
Advertisement
Table of Contents
Troubleshooting
