Page 1 Dell™ PowerConnect™ 8024/8024F User’s Guide Model 8024/8024F w w w . d e l l . c o m | s u p p o r t . d e l l . c o m...
Page 2 Reproduction of these materials in any manner whatsoever without the written permission of Dell Inc. is strictly forbidden. Trademarks used in this text: Dell, the DELL logo, PowerEdge, PowerConnect, and OpenManage are trademarks of Dell Inc.; Microsoft and Windows are either trademarks or registered trademarks of Microsoft Corporation in the United States and/or other countries; sFlow is a registered trademark of InMon Corporation.
Page 3: Table Of Contents
Command-Line Interface Documentation ....Using Dell™ OpenManage™ Switch Administrator Setting the IP Address of the Switch ..... .
Page 4 ........PowerConnect 8024 Front Panel .
Page 5 ........PowerConnect 8024 and 8024F CLI Reference Guide .
Page 6 Update Boot Code ......Delete Backup Image ......Reset the System .
Page 7 Domain Name Server (DNS) ..... . . Default Domain Name ......Host Name Mapping .
Page 8 Client Detail ....... . CP Interface Client Status ......CP Client Status .
Page 9 iSCSI Optimizations ......iSCSI Optimization Global Configuration ....iSCSI Targets .
Page 10 STP LAG Settings ......Rapid Spanning Tree ......MSTP Settings .
Page 11 MFDB MLD Snooping Table ..... . . Configuring the Link Layer Discovery Protocol (LLDP) ... . LLDP Configuration .
Page 12 Viewing Statistics and Remote Monitoring Overview ........Table Views .
Page 13 Interface Configuration ......Neighbor Table ......Neighbor Configuration .
Page 14 Tunnels ........Tunnels Configuration .
Page 15 OSPFv3 Route Redistribution Summary ....IPv6 Routes ........IPv6 Route Entry Configuration .
Page 16 Multicast Admin Boundary Summary ....Multicast Static MRoute Configuration ....Multicast Static MRoute Summary .
Page 17 ......Dell Enterprise Training and Certification ....
Page 19: Introduction
NOTE: Before proceeding, read the release notes for this product. You can download the release notes from the Dell Support website, support.dell.com/manuals. The Dell™ PowerConnect™ 8024/8024F series are standalone Layer 2 and 3 switches that extend the Dell PowerConnect LAN switching product range. These switches include the following features: •...
Page 20: System Features
System Features sFlow sFlow is the standard for monitoring high-speed switched and routed networks. sFlow technology is built into network equipment and gives complete visibility into network activity, enabling effective management and control of network resources. CDP Interoperability Allows the PowerConnect switch to interoperate with Cisco™ devices running CDP. Industry Standard Discovery Protocol (ISDP) is a proprietary Layer 2 network protocol which inter- operates with Cisco network equipment and is used to share information between neighboring devices (routers, bridges, access servers, and switches).
Page 21 "Software Download and Reboot " Trivial File Transfer Protocol (TFTP) The PowerConnect 8024/8024F switches support boot image, firmware, and configuration upload or download through TFTP . Remote Monitoring (RMON) RMON is a standard Management Information Base (MIB) that defines current and historical MAC- layer statistics and control objects, allowing real-time information to be captured across the entire network.
Page 22: Switching Features
Switching Features PHY Power Down/Low Power on Pre-Link This feature provides a low-power mode. When the low-power mode is enabled and no link partner is detected, the PHY automatically goes into a low power mode. When the PHY detects a link partner, it returns to the "normal"...
Page 23 MLD Snooping In IPv4, Layer 2 switches can use IGMP Snooping to limit the flooding of multicast traffic by dynamically configuring Layer 2 interfaces so that multicast traffic is forwarded to only those interfaces associated with IP multicast address. In IPv6, MLD snooping performs a similar function. With MLD snooping, IPv6 multicast data is selectively forwarded to a list of ports intended to receive the data (instead of being flooded to all of the ports in a VLAN).
Page 24: Port-Based Features
The PowerConnect 8024/8024F enhances auto negotiation by providing port advertisement. Port advertisement allows the system administrator to configure the port speeds advertised. For information about auto negotiation, see "Port Configuration" or "LAG Configuration."...
Page 25: Virtual Local Area Network Supported Features
Cell Buffer Pool (CBP) memory. AFS, which is also known as cut-through mode, is configurable through the command-line interface. For information about how to configure the AFS CLI Reference Guide feature, see the , which is located on the Dell Support website at www.support.dell.com/manuals. Virtual Local Area Network Supported Features VLAN Support VLANs are collections of switching ports that comprise a single broadcast domain.
Page 26 Protected Ports (Private VLAN Edge) Private VLAN Edge (PVE) ports are a Layer 2 security feature that provides port-based security between ports that are members of the same VLAN. It is an extension of the common VLAN. Traffic from protected ports is sent only to the uplink ports and cannot be sent to other ports within the VLAN. Subnet-based VLAN This feature allows incoming untagged packets to be assigned to a VLAN and traffic class based on the source IP address of the packet.
Page 27: Spanning Tree Protocol Features
Spanning Tree Protocol Features Spanning Tree Now Supports IEEE 802.1Q-2005 This version of the IEEE Multiple Spanning Tree Protocol corrects problems associated with the previous version, provides for faster transition-to-forwarding, and incorporates new features for a port (restricted role and restricted TCN). Spanning Tree Enhancements •...
Page 28: Link Aggregation Features
Spanning Tree Root Guard Spanning Tree Root Guard is used to prevent the root of a Spanning Tree instance from changing unexpectedly. The priority of a Bridge ID can be set to zero but another Bridge ID with a lower mac address could also set its priority to zero and take over root.
Page 29: Routing Features
Routing Features VLAN Routing The PowerConnect 8024/8024F software supports VLAN routing. You can also configure the software to allow traffic on a VLAN to be treated as if the VLAN were a router port. Routing Information Protocol (RIP) The route configuration and route preference features have the following changes: •...
Page 30: Mac Address Supported Features
IP Interface Configuration IP interface configuration includes the ability to configure the bandwidth, Destination Unreachable messages, and ICMP Redirect messages. IP Helper Provides the ability to relay various protocols to servers on a different subnet. VRRP Route Interface Tracking Extends the capability of the Virtual Router Redundancy Protocol (VRRP) to allow tracking of specific route/interface IP state within the router that can alter the priority level of a virtual router for a VRRP group.
Page 31: Ipv4 Routing Features
IPv4 Routing Features Address Resolution Protocol The PowerConnect 8024/8024F uses the ARP protocol to associate a layer 2 MAC address with a layer 3 IPv4 address. Additionally, the administrator can statically add entries in to the ARP table. Open Shortest Path First The Open Shortest Path First (OSPF) Routing protocol defines two area types: regular OSPF area and OSPF stub area.
Page 32: Ipv6 Routing Features
Since IPv4 and IPv6 can coexist on a network, the router on such a network needs to forward both traffic types. Given this coexistence, the PowerConnect 8024/8024F maintains two routing tables, rto and rto6, which are both capable of forwarding over the same set of interfaces. IPv6 interfaces are managed in a manner similar to IPv4 interfaces.
Page 33: Ospfv3
OSPFv3 The OSPFv3 Configuration page has been updated with the following changes: • AutoCost Reference Bandwidth field • Default Passive Setting field • Maximum Paths increased from 2 to 4 • Passive Mode field Quality of Service Features Voice VLAN The Voice VLAN feature enables switch ports to carry voice traffic with defined priority.
Page 34: Multicast Features
Priority-based Flow Control (PFC) The Priority-based Flow Control feature allows the user to pause or inhibit transmission of individual priorities within a single physical link. By configuring PFC to pause a congested priority (priorities) independently, protocols that are highly loss sensitive can share the same link with traffic that has different loss tolerances.
Page 35: Ipv6 Multicast Features
Protocol Independent Multicast-Sparse Mode Protocol Independent Multicast-Sparse Mode (PIM-SM) is used to efficiently route multicast traffic to multicast groups that may span wide area networks, and where bandwidth is a constraint. PIM-SM uses shared trees by default and implements source-based trees for efficiency. This data threshold rate is used to toggle between trees.
Page 36: Command-Line Interface Documentation
Once established, such a connection is virtually no different to use than an unsecured connection. Command-Line Interface Documentation CLI Reference Guide, Another resource for the PowerConnect 8024/8024F is the which is located on the Dell Support website at www.support.dell.com/manuals It provides information about the command- line interface (CLI) commands used to configure and manage the switch.
Page 37: Using Dell™ Openmanage™ Switch Administrator
Setting the IP Address of the Switch • Starting the Application • Understanding the Interface • Using the Switch Administrator Buttons • Defining Fields • Accessing the Switch Through the CLI • Using the CLI Using Dell™ OpenManage™ Switch Administrator...
Page 38: Setting The Ip Address Of The Switch
Setting a Static Address on the OOB Interface 1. Type enable at the console> prompt, and press <Enter>. 2. At the console# prompt, type config and press <Enter>. 3. At the console(config)# prompt, type interface out-of-band and press <Enter>. Using Dell™ OpenManage™ Switch Administrator...
Page 39: Setting A Static Address On The Management Interface
4. To configure an ip address of 10.256.24.64, with a netmask of 255.255.248.0, and a gateway of 10.256.24.1, type the following: ip address 10.256.24.64 255.255.248.0 ip default-gateway 10.256.24.1 5. Type exit. 6. At the console# prompt, type show ip interface management and press <Enter>. Using Dell™ OpenManage™ Switch Administrator...
Page 40: Starting The Application
CLI by using the console port. Passwords are both case sensitive and alpha-numeric. For information about recovering a lost password, see "Password Recovery Procedure." 4. Click OK. 5. The Dell OpenManage Switch Administrator home page displays. Understanding the Interface The home page contains the following views: •...
Page 41 The components list contains a list of feature components. You can also view components by expanding a feature in the tree view. The information buttons provide access to information about the switch and access to Dell Support. For more information, see "Information Buttons." Using Dell™ OpenManage™ Switch Administrator...
Page 42: Using The Switch Administrator Buttons
The online help pages are context sensitive. For example, if the IP Addressing page is open, the help topic for that page displays if you click Help. About Contains the version and build number and Dell copyright information. Log Out Logs out of the application. Device Management Buttons Table 2-3.
Page 43: Check Boxes
To enable a configuration item, i.e., adjust sensitivity of log files, select match criteria for diffserv, select ACL rule parameters. Defining Fields User-defined fields can contain 1 159 characters, unless otherwise noted on the Dell OpenManage – Switch Administrator Web page. All characters may be used except for the following: •...
Page 44: Console Connection
The Privileged EXEC mode provides access to the device global configuration. For specific global configurations within the device, enter the next level, Global Configuration mode. A password is not required. The Global Configuration mode manages the device configuration on a global level. Using Dell™ OpenManage™ Switch Administrator...
Page 45: User Exec Mode
Use the exit command to move back to a previous mode. For example, you can move from Interface Configuration mode to Global Configuration mode, and from Global Configuration mode to Privileged EXEC mode. Using Dell™ OpenManage™ Switch Administrator...
Page 46: Global Configuration Mode
Port Channel — Contains commands for configuring Link Aggregation Groups (LAG). • Ethernet — Contains commands for managing Ethernet port configuration. • Loopback—Contains commands for managing Loopback interface configuration. • Tunnel—Contains commands for managing Tunnel interface configuration. • Out-of-band—Contains commands for configuring the out-of-band interface. Using Dell™ OpenManage™ Switch Administrator...
Page 47: Cable And Port Information
Cable and Port Information Overview This section describes the switch’s physical interfaces and provides information about cable connections. Stations are connected to the switch’s ports through the physical interface ports on the front panel. For each station, the appropriate mode (Half-Duplex, Full-Duplex, Auto) is set. The topics covered in this section include: •...
Page 48: Ethernet Interface
Ethernet Interface The switching port can connect to stations wired in standard RJ-45 Ethernet station mode. Figure 3-1. RJ-45 Connector Out of Band (OOB) Interface You can use a standard RJ-45 Ethernet cable to connect the switch OOB management interface to the network.
Page 49 3. Confirm that the device is connected and operating correctly by examining the LEDs on the front panel. For a complete explanation of the LEDs, see LED Definitions Figure 3-2. AC Power Connection to PowerConnect 8024/8024F To AC power To AC power...
Page 50 Cable and Port Information...
Page 51: Hardware Description
Hardware Description Overview This section contains information about device characteristics and modular hardware configurations for the PowerConnect 8024/8024F. The topics covered in this section include: • Ports • Physical Dimensions • Power Supplies • Ventilation System • PowerConnect 8024/8024F LED Definitions •...
Page 52: Ports
Ports PowerConnect 8024 Front Panel The PowerConnect 8024 front panel provides 24 100M/1G/10G Base-T ports, four of which are combined with SFP/SFP+ ports. Figure 4-1. PowerConnect 8024 100M/1G/10G Base-T Auto-sensing Combo Ports Full Duplex RJ-45 Ports • The switch automatically detects crossed and straight-through cables on RJ-45 ports.
Page 53: Powerconnect 8024F Front Panel
PowerConnect 8024F Front Panel The PowerConnect 8024F front panel provides 24 SFP/SFP+ ports, four of which are combined with 100M/1G/10G Base-T ports. Figure 4-2. PowerConnect 8024F SFP/SFP+ Ports Combo Ports • The switch automatically detects crossed and straight-through cables on RJ-45 ports. •...
Page 54: Powerconnect 8024/8024F Rear Panel
PowerConnect 8024/8024F Rear Panel Each PowerConnect 8024/8024F switch provides an RJ-45 serial console port, an OOB ethernet port, and two power supplies for redundant or loadsharing operation. Figure 4-3. PowerConnect 8024 Rear Panel RJ-45 serial console port AC power OOB Ethernet port...
Page 55: Power Supplies
Power Supplies Each PowerConnect 8024/8024F switch has two power supplies for redundant or loadsharing operation. Each power supply can support 300W. Ventilation System The PowerConnect 8024/8024F has three removable FANs (see PowerConnect 8024 Rear Panel), four Thermal sensors, and a FAN Speed Controller which can be used to control FAN speeds. You can verify operation by observing the LEDs.
Page 56: System Leds
Fans are operating correctly. One or more fans have failed. Temp Amber System temperature has exceeded threshold limit. SFP/SFP+ Port LEDs The following table contains SFP/SFP+ port LED definitions for the PowerConnect 8024/8024F switches. Table 4-4. SFP/SFP+ Port LEDs Definitions Color Definition LNK/ACT Solid Green The port is linked.
Page 57: Configuring Dell™ Powerconnect
Performing other functions is described later in this section. NOTE: Before proceeding, read the release notes for this product. You can download the release notes from the Dell Support website at support.dell.com/manuals. Configuring Dell™ PowerConnect™...
Page 58: Starting The Cli
However, to access the switch through Telnet, at least one user account must be defined. Also, if access is through a Telnet connection, the switch must have a defined IP address, corresponding management access granted, and a workstation connected to the switch before using CLI commands. Configuring Dell™ PowerConnect™...
Page 59 Boot menu (Special functions) Enter Wizard Reboot Standard Switch Installation Initial Configuration: IP Address, Subnetmask, Wizard Configuration Users Basic Security Process configuration Advanced Configuration: Advanced IP Address from DHCP, Switch IP Address from bootp, Installation Security management Configuring Dell™ PowerConnect™...
Page 60: General Configuration Information
General Configuration Information The PowerConnect 8024/8024F switches are delivered with binary files containing the switch operating system and ASCII configuration files that are used to define the relationship of the switch to its network environment. The configuration process consists of adjusting the ASCII configuration files so that each switch fits into its unique network topology.
Page 61: Booting The Switch
CPU Card ID: 0x10508548 Mounting TFFS System ... Device details... volume descriptor ptr (pVolDesc): 0x1ae4898 XBD device block I/O handle: 0x10001 auto disk check on mount: NOT ENABLED volume write mode: copyback (DOS_WRITE) max # of simultaneously open files: Configuring Dell™ PowerConnect™...
Page 62 8-bit (extended-ASCII) - root dir start sector: - # of sectors per root: - max # of entries in root: FAT handler information: ------------------------ - allocation group size: 2 clusters - free space on volume: 20,733,952 bytes Configuring Dell™ PowerConnect™...
Page 63 To return to operational code from the [Boot Menu] prompt, press 1. The following output displays an example configuration. Items such as addresses, versions, and dates may differ for each switch. Operational Code Date: Tue May 26 14:12:20 2009 Uncompressing..Configuring Dell™ PowerConnect™...
Page 64 # of different files in use: # of descriptors for deleted files: # of obsolete descriptors: current volume configuration: - volume label: NO LABEL ; (in boot sector: - volume Id: - total number of sectors: 124,408 Configuring Dell™ PowerConnect™...
Page 65 44,380,160 bytes PCI unit 0: Dev 0xb624, Rev 0x12, Chip BCM56624_B1, Driver BCM56624_B0 SOC unit 0 attached to PCI device BCM56624_B1 Adding BCM transport pointers Configuring CPUTRANS TX Configuring CPUTRANS RX st_state(0) = 0x0 st_state(1) = 0x2 Configuring Dell™ PowerConnect™...
Page 66 However, before configuring the switch, ensure that the software version installed on the switch is the latest version. If it is not the latest version, download and install the latest version. See "Software Download and Reboot." Configuring Dell™ PowerConnect™...
Page 67: Configuration Overview
The Easy Setup Wizard guides you in the basic initial configuration of a newly installed switch so that it can be immediately deployed, functional, and completely manageable through the Web, CLI, and the remote Dell Network Manager. After the initial set up, you may enter the system to set up more advanced configuration.
Page 68 The next time the system reboots you are given another opportunity to run the set-up wizard. Functional Flow The following functional flow diagram illustrates the procedures for the Easy Setup Wizard. Configuring Dell™ PowerConnect™...
Page 69 Is SNMP Management Community String & Required? Server IP Address Request user name, password Request IP Address, Network Mask, Default Gateway IP DHCP? Discard Changes and Restart Wizard Save Setup? Copy to Config Transfer to CLI mode Configuring Dell™ PowerConnect™...
Page 70 The following example contains the sequence of prompts and responses associated with running an example Dell Easy Setup Wizard session, using the input values listed above. Welcome to Dell Easy Setup Wizard The Setup Wizard guides you through the initial switch configuration, and gets you up and running as quickly as possible.
Page 71 The wizard automatically assigns the highest access level [Privilege Level 15] to this account. You can use Dell Network Manager or other management interfaces to change this setting, and to add additional management system later.
Page 72 If the information is incorrect, select (N) to discard configuration and restart the wizard: [Y/N] y<Enter> Thank you for using the Dell Easy Setup Wizard. You will now enter CLI mode..console>...
Page 73: Advanced Configuration
..print last deleted character Ctrl-Z ..return to root command prompt Ctrl-Q ..enables serial flow Ctrl-S ..disables serial flow Tab, <SPACE> command-line completion Exit ..go to next lower command prompt ..list choices Configuring Dell™ PowerConnect™...
Page 74: Powerconnect 8024 And 8024F Cli Reference Guide
Unit#/Interface ID — each interface is identified by the Interface ID (see below). NOTE: The PowerConnect 8024/8024F does not support stacking; therefore, the unit number is always 1. • Unit# — the unit number is used only in a stacking solution where a number of switches are stacked unit number identifies the physical device identifier within to form a virtual device.
Page 75 To go back to the previous level in the command hierarchy, use the exit command. SwitchA#configure SwitchA(config)#exit SwitchA# The following examples show the system prompts used by the PowerConnect 8024/8024F switches: SwitchA and the CLI in the User EXEC mode . • SwitchA> — indicates that the host name is •...
Page 76 Management Interface: IP Address........10.240.4.125 Subnet Mask........255.255.255.0 Default Gateway........ 10.240.4.1 Burned In MAC Address......00:10:18:82:04:35 Network Configuration Protocol Current..DHCP Management VLAN ID......1 Routing Interfaces: Configuring Dell™ PowerConnect™...
Page 77: Security Management And Password Configuration
Configuring Security Passwords The security passwords can be configured for the following services: • Console • Telnet • • HTTP Configuring Dell™ PowerConnect™...
Page 78 • When initially logging on to a switch through a console session, enter secret123 at the password prompt. • When changing a switch’s mode to enable, enter secret123 at the password prompt. Configuring Dell™ PowerConnect™...
Page 79 NOTE: In the Web browser enable SSL 2.0 or greater for the page content to appear. console(config)#crypto certificate 1 generate console(config)#ip https server NOTE: HTTP and HTTPS services require level 15 access and connect directly to the configuration level access. Configuring Dell™ PowerConnect™...
Page 80: Software Download And Reboot
2. Ensure that the file to be downloaded is saved on the TFTP server (the .stk file). 3. Enter the command show version to verify which software version is currently running on the switch. The following is an example of the information that appears: Configuring Dell™ PowerConnect™...
Page 81 Image Descriptions image1 : default image image2 : Images currently available on Flash -------------------------------------------------------------------- unit image1 image2 current-active next-active -------------------------------------------------------------------- 7.10.19.22 7.16.23.35 image2 image2 Configuring Dell™ PowerConnect™...
Page 82 If the image for the next boot is not selected by entering the boot system command, the system boots from the currently active image (image1, as given in the example). 6. Enter the command reload. The following message displays: Configuring Dell™ PowerConnect™...
Page 83: Update Bootcode
Select an option. If no selection in 10 seconds then operational code will start. 1 - Start operational code. 2 - Start Boot Menu. Select (1, 2): The Boot menu displays and contains the following configuration functions: Configuring Dell™ PowerConnect™...
Page 84: Start Operational Code
Use option 2 to change the baud rate of the serial interface. To change the baud rate from the Boot menu: 1. On the Boot menu, select 2 and press <Enter>. The following prompt displays: [Boot Menu]2 Select baud rate: Configuring Dell™ PowerConnect™...
Page 85: Retrieve Event Log Using Xmodem
Use option 4 when a new software version must be downloaded to replace corrupted files, update, or upgrade the system software. To download software from the Boot menu: 1. On the Boot menu, select 4 and press <Enter>. The following prompt displays: [Boot Menu] 4 Configuring Dell™ PowerConnect™...
Page 86: Display Operational Code Vital Product Data
File Name........image1 CRC..........0xb017 (45079) Target Device........0x10508548 Size...........0x8ec50c (9356556) Number of Components......2 Operational Code Size......0x7ec048 (8306760) Operational Code Offset......0x74 (116) Operational Code FLASH flag....1 Operational Code CRC......0x9B4D Boot Code Version......1 Boot Code Size.........0x100000 (1048576) Boot Code Offset.......0x7ec0bc (8306876) Configuring Dell™ PowerConnect™...
Page 87: Abort Boot Code Update
Do you wish to update Boot Code? (y/n) y Validating image2..OK Extracting boot code from image...CRC valid Erasing Boot Flash..Done. Wrote 0x10000 bytes. Wrote 0x20000 bytes. Wrote 0x30000 bytes. Wrote 0x40000 bytes. Wrote 0x50000 bytes. Wrote 0x60000 bytes. Wrote 0x70000 bytes. Configuring Dell™ PowerConnect™...
Page 88: Delete Backup Image
To reset the system from the Boot menu: 1. On the Boot menu, select 9 and press <Enter>. The following prompt displays: [Boot Menu] 9 Are you SURE you want to reset the system? (y/n):y Configuring Dell™ PowerConnect™...
Page 89: Restore Configuration To Factory Defaults
Use option 13 to format the flash file system if file corruption is observed. Certain critical files are copied from flash to RAM, the flash file system is invalidated and formatted. Then, the files are copied from RAM back to flash and the switch is rebooted. The following files are copied: • image1 Configuring Dell™ PowerConnect™...
Page 90 Formatting.../RamDisk/: file system is marked clean, skipping check Then, the file system is copied from flash memory to RAM: copying file /DskVol/files/image1 -> /RamDisk/image1 copying file /DskVol/files/image2 -> /RamDisk/image2 copying file /DskVol/files/startup-config -> /RamDisk/startup-config 2. The system reboots. Configuring Dell™ PowerConnect™...
Page 91: Sample Configuration Process
— should be erased and the switch rebooted. See "Device Default Settings." Switch Setup Requirements The following components are required for the purpose of this example: • PowerConnect 8024/8024F switch • A workstation with the following components installed: – Network adapter card ®...
Page 92 RAM. The code starts running from the RAM and the list of available port numbers and their states (up or down) are displayed. NOTE: The following screen is an example configuration. Items such as addresses, versions, and dates may differ for each switch. current volume configuration: Configuring Dell™ PowerConnect™...
Page 93 ------------------------ - allocation group size: 4 clusters - free space on volume: 44,380,160 bytes Boot Menu Version: 3.1.1.11 Select an option. If no selection in 10 seconds then operational code will start. 1 - Start operational code. Configuring Dell™ PowerConnect™...
Page 94 XBD device block I/O handle: 0x10001 auto disk check on mount: NOT ENABLED volume write mode: copyback (DOS_WRITE) max # of simultaneously open files: file descriptors in use: # of different files in use: # of descriptors for deleted files: Configuring Dell™ PowerConnect™...
Page 95 - max # of entries in root: FAT handler information: ------------------------ - allocation group size: 4 clusters - free space on volume: 44,380,160 bytes PCI unit 0: Dev 0xb624, Rev 0x12, Chip BCM56624_B1, Driver BCM56624_B0 SOC unit 0 attached to PCI device BCM56624_B1 Configuring Dell™ PowerConnect™...
Page 96 Instantiating RamCP: as rawFs, device = 0x20001 Formatting RamCP: for DOSFS Instantiating RamCP: as rawFs, device = 0x20001 Formatting...OK. (Unit 1 - Waiting to select management unit)> Applying Global configuration, please wait ... Applying Interface configuration, please wait ... console> Configuring Dell™ PowerConnect™...
Page 97: Device Default Settings
4. Enable DHCP on the management interface or out-of-band interface. NOTE: In order to function properly, DHCP cannot not be configured simultaneously on the management and OOB interfaces. Enter the config command at the console to enter the Configuration mode as follows: Configuring Dell™ PowerConnect™...
Page 98 ----50.1.1.2 PING Statistics---- 4 packets transmitted, 4 packets received, 0% packet loss round-trip (ms) min/avg/max = 0/0/0 8. Define a user name and password to allow privileged level 15 switch access for a remote user (HTTP and HTTPS). Configuring Dell™ PowerConnect™...
Page 99 In this example, the user name Dell, the password is Dell1234, and the privilege level is 15. Privilege levels range from 1 15, with 15 being the highest level. Level 15 access is the only level of access for the –...
Page 100: Configuring Secure Management Access (Https)
4. Click Yes to confirm accept the security certification (if it is not authenticated by a third party). The Login Screen displays. 5. Enter the assigned user name and password. The switch Dell OpenManage™ Switch Administrator displays. Configuring Dell™ PowerConnect™...
Page 101: Configuring System Information
Configuring System Information Overview Use the menus listed on the System page to define the switch’s relationship to its environment. To display the System page, click System in the tree view. The System menu page contains links to the following features: •...
Page 102: Defining General Device Information
Defining General Device Information The General menu page contains links to pages that allow you to configure device parameters. Use this page to access the following features: • Asset • System Health • Versions • System Resources • Time Zone Configuration •...
Page 103 The Asset page contains the following fields: • System Name (0 255 characters) — Use to assign device system name. – • System Contact (0 255 characters) — Use to assign the contact person’s name. – • System Location (0 255 characters) —...
Page 104: System Health
• System Management Commands • SNMP Commands • Clock Commands The following table summarizes the equivalent CLI commands you use to configure device information. Table 6-1. Device Configuration Commands CLI Command Description asset-tag Use to specify the switch asset tag. banner motd Controls the display of message-of-the-day banners.
Page 105 Figure 6-2. Health The Health page contains the following fields: • Power Supply Status — Displays the power supply status. – — The power supply is operating normally. – — The power supply is not operating normally. – Not Present — The power supply is currently not present. •...
Page 106: Versions
Versions Use the Versions page to view information about the software versions currently running. To display the Versions page, click System → General → Versions in the tree view. Figure 6-3. Versions The Versions page contains the following fields: • Unit No.
Page 107: System Resources
System Resources Use the System Resources page to view information about memory usage and task utilization. To display the System Resources page, click System → General → System Resources in the tree view. Figure 6-4. System Resources The System Resources page contains the following fields: •...
Page 108: Time Zone Configuration
– Five minutes Displaying System Resources Using CLI Commands For information about the CLI commands that perform this function, see the System Management CLI Reference Guide Commands chapter in the . The following table summarizes the equivalent CLI commands you use to display system resources information. Table 6-4.
Page 109: Summer Time Configuration
Defining the Time Zone Parameters 1. Open the Time Zone Configuration page. 2. Define the fields as needed. 3. Click Apply Changes. The time zone settings are modified, and the device is updated. Configuring Time Zone Settings Using CLI Commands For information about the CLI commands that perform this function, see the Clock Commands chapter CLI Reference Guide in the...
Page 110 Figure 6-6. Summer Time Configuration The fields on the Summer Time Configuration page change when you select or clear the Recurring check box. The Summer Time Configuration page contains the following fields: • Recurring — Select the check box to indicate that the configuration is to be repeated every year. •...
Page 111: Clock Detail
End Day — Select the ending day number. This field displays only when the Recurring check box is • selected. End Month — Select the ending month. • • End Time — Select the ending time in hh:mm format. • End Date —...
Page 112: Reset
Figure 6-7. Clock Detail The Clock Detail page provides information about the following clock features: Current Time — This section allows you to set the current time and date. • • Time Zone — This section displays the time zone settings. •...
Page 113 Figure 6-8. Reset The Reset page contains the following fields: • Reset Unit No. — Use to select the device in the stack that needs to be reset. Resetting the Device 1. Open the Reset page. 2. Click Reset Unit No. 3.
Page 114: Configuring Sntp Settings
Configuring SNTP Settings The device supports the Simple Network Time Protocol (SNTP). SNTP assures accurate network device clock time synchronization up to the millisecond. Time synchronization is performed by a network SNTP server. The device operates only as an SNTP client and cannot provide time services to other systems.
Page 115: Sntp Global Settings
• If more than one Unicast device responds, synchronization information is preferred from the device with the lowest stratum. • If the servers have the same stratum, synchronization information is accepted from the SNTP server that responded first. MD5 (Message Digest 5) Authentication safeguards device synchronization paths to SNTP servers. MD5 is an algorithm that produces a 128-bit hash.
Page 116: Sntp Authentication
Receive Broadcast Servers Update — If enabled, listens to the SNTP servers for Broadcast server time • information on the selected interfaces. The device is synchronized whenever an SNTP packet is received, even if synchronization was not requested. • Receive Unicast Servers Update — If enabled, polls the SNTP servers defined on the device for Unicast server time information.
Page 117 Figure 6-10. SNTP Authentication The SNTP Authentication page contains the following fields: • SNTP Authentication — If enabled, requires authenticating an SNTP session between the device and an SNTP server. Authentication — Type of authentication. System supports MD5 only. • •...
Page 118 Figure 6-11. Add Authentication Key 3. Define the fields as needed. 4. Click Apply Changes. The SNTP authentication key is added, and the device is updated. Displaying the Authentication Key Table 1. Open the SNTP Authentication page. 2. Click Show All. The Authentication Key Table page displays: Figure 6-12.
Page 119: Sntp Server
Defining SNTP Authentication Settings Using CLI Commands For information about the CLI commands that perform this function, see the Clock Commands chapter CLI Reference Guide in the . The following table summarizes the equivalent CLI commands you use to define SNTP authentication settings. Table 6-9.
Page 120 Encryption Key ID — Specifies user-defined key ID used to communicate between the SNTP server • and device. The encryption key ID is defined in the SNTP Authentication page. • Priority (1 8) — Specifies the priority of this server entry in determining the sequence of servers to –...
Page 121 The SNTP Servers Table page displays. Figure 6-15. SNTP Servers Table Modifying an SNTP Server 1. Open the SNTP Servers page. 2. Click Show All. The SNTP Servers Table opens. 3. Click Edit next to the SNTP Server entry you wish to modify. 4.
Page 122: Managing Logs
Table 6-10. SNTP Servers Commands CLI Command Description show sntp configuration Displays the SNTP configuration. show sntp status Displays the SNTP status. sntp server Configures the SNTP server to use SNTP to request and accept NTP traffic from it. Managing Logs The switch may generate messages in response to events, faults, or errors occurring on the platform as well as changes in configuration or other occurrences.
Page 123: Global Settings
• Log File • Remote Log Server Settings Global Settings Use the Global Settings page to enable logs globally, and to define log parameters. The Severity log messages are listed from the highest severity to the lowest. To display the Global Settings page, click System → Logs → Global Settings in the tree view. Figure 6-16.
Page 124 When you select a specific level, all of the levels above it are automatically selected. For example, if you select Error, the system automatically selects Error, Critical, Alert, and Emergency. If you deselect Error, all of the levels below (for example, Error, Warning, Notice, Informational, Debug) are deselected. •...
Page 125: Ram Log Table
Table 6-11. Global Logs Commands CLI Command Description logging Enables logging. show logging Displays the state of logging and the syslog messages stored in the internal buffer. RAM Log Table Use the RAM Log Table page to view information about specific RAM (cache) log entries, including the time the log was entered, the log severity, and a description of the log.
Page 126: Log File
The log information is removed from the log file table, and the device is updated. Displaying Log Information Using CLI Commands For information about the CLI commands that perform this function, see the Syslog Commands chapter CLI Reference Guide in the .
Page 127: Remote Log Server Settings
Description — The log description. • Removing Log Information 1. Open the Log File Table page. 2. Click Clear Log. The log information is removed from the log file table, and the device is updated. Removing Log Information Using CLI Commands For information about the CLI commands that perform this function, see the Syslog Commands chapter CLI Reference Guide in the...
Page 128 Figure 6-19. Remote Log Server Settings The Remote Log Server Settings page contains the following fields: • Log Server — Server to which logs can be sent. UDP Port (1 65535) — Sets the UDP port from which the logs are sent. The default value is 514. •...
Page 129 Sending Logs to a Server 1. Open the Remote Log Server Settings page. 2. Define the UDP Port, Facility, and Description fields. 3. Select the log type and log severity by using the Log Parameters check boxes. NOTE: When you select a severity level, all higher severity levels are automatically selected. 4.
Page 130: Defining Ip Addressing
2. Click Show All to display the Remote Log Servers Table page. Figure 6-21. Show All Log Servers 3. To remove a server, check the corresponding Remove check box. 4. Click Apply Changes. The server is removed, and the device is updated. Working with Remote Server Logs Using CLI Commands For information about the CLI commands that perform this function, see the Syslog Commands chapter CLI Reference Guide...
Page 131: Out Of Band Interface
• ARP Table • IPv6 Management Features Out of Band Interface Use the Out of Band Interface menu page to assign the Out of Band Interface IP address, the Subnet Mask, the Default Gateway IP address, and to assign the boot protocol. To display the Out of Band Interface page, click System →...
Page 132: Domain Name Server (Dns)
Domain Name Server (DNS) The Domain Name System converts user-defined domain names into IP addresses. Each time a domain name is assigned, this service translates the name into a numeric IP address. Domain Name System servers maintain domain name databases and their corresponding IP addresses. Use the Domain Name Server (DNS) page to enable and activate specific DNS servers.
Page 133: Default Domain Name
Figure 6-24. Add DNS Server 3. Define the relevant fields. 4. Click Apply Changes. The new DNS server is defined, and the device is updated. Configuring DNS Servers Using CLI Commands For information about the CLI commands that perform this function, see the IP Addressing Commands CLI Reference Guide chapter in the .
Page 134: Host Name Mapping
The Default Domain Name page contains the following field: • Default Domain Name (0 255 characters) — Contains the user-defined default domain name. When – configured, the default domain name is applied to all unqualified host names. Defining DNS Domain Names Using CLI Commands For information about the CLI commands that perform this function, see the IP Addressing Commands CLI Reference Guide chapter in the...
Page 135 Adding Host Domain Names 1. Open the Host Name Mapping page. 2. Click Add. The Add Static Host Name Mapping page displays: Figure 6-27. Add Static Host Name Mapping 3. Define the relevant fields. 4. Click Apply Changes. The IP address is mapped to the host name, and the device is updated. Displaying the Static Host Name Mapping Table 1.
Page 136: Dynamic Host Name Mapping
3. Select a Host Name Mapping Table entry. 4. Check the Remove check box. 5. Click Apply Changes. The Host Name Mapping Table entry is removed, and the device is updated. Mapping an IP Address to Domain Host Names Using CLI Commands For information about the CLI commands that perform this function, see the IP Addressing Commands CLI Reference Guide chapter in the...
Page 137: Arp Table
Click Clear All Entries to remove all Host Name IP Mapping entries from the table. Viewing Dynamic Host Entries Using CLI Commands For information about the CLI commands that perform this function, see the IP Addressing Commands CLI Reference Guide chapter in the .
Page 138: Ipv6 Management Features
IPv6 Management Features The PowerConnect 8024/8024F switch software includes several enhancements to the IPv6 management feature. You can assign either an IPv4 or IPv6 address to the management interface. In previous software releases, the management port supported IPv6 addresses, but only when the switch received its IPv6 addressing and gateway definitions through auto-configuration when connected to an IPv6 router on the management network.
Page 139 IPv6 Gateway — Enter the IPv6 gateway address (do not include a prefix). Use an IPv6 global or link- • local address format. Add IPv6 Address — To add an IPv6 address, select Add so you can specify an address in the New IPv6 •...
Page 140: Running Cable Diagnostics
Running Cable Diagnostics Use the Diagnostics menu page to perform virtual cable tests for copper and fiber optics cables. To display the Diagnostics page, click System → Diagnostics in the tree view. Use this page to go to the following feature: •...
Page 141: Optical Transceiver Diagnostics
Fiber Cable — A fiber cable is connected to the port. – • Cable Fault Distance — The distance from the port where the cable error occurred. • Last Update — The last time the port was tested. • Cable Length — The approximate cable length. This test can only be performed when the port is up and operating at 1 Gbps.
Page 142 To display the Optical Transceiver Diagnostics page, click System → Diagnostics → Optical Transceiver Diagnostics in the tree view. NOTE: Optical transceiver diagnostics can be performed only when the link is present. Figure 6-35. Optical Transceiver Diagnostics The Optical Transceiver Diagnostics page contains the following fields: •...
Page 143 Figure 6-36. Optical Transceiver Diagnostics Table The test runs and displays the Optical Transceiver Diagnostics Table page. Performing Fiber Optic Cable Tests Using CLI Commands For information about the CLI commands that perform this function, see the PHY Diagnostics CLI Reference Guide Commands chapter in the .
Page 144: Managing Device Security
Managing Device Security Use the Management Security menu page to set management security parameters for port, user, and server security. To display the Management Security page, click System → Management Security in the tree view. Use this page to go to the following features: •...
Page 145 Figure 6-37. Access Profile The Access Profile page contains the following fields: • Access Profile — Shows the Access Profile. • Current Active Access Profile — Shows profile that is activated. • Set Active Access Profile — Activates the access profile. •...
Page 146 Figure 6-38. Profile Rules Table Adding an Access Profile 1. Open the Access Profile page. 2. Click Add Profile. The Add an Access Profile page displays. Figure 6-39. Add an Access Profile 3. Enter the profile name in the Access Profile Name text box. 4.
Page 147 Management Method — Select from the dropdown box. The policy is restricted by the management chosen. Interface — Choose the check box for the interface if the policy should have a rule based on the interface. Interface can be a physical interface, a LAG, or a VLAN. Source IP Address —...
Page 148 Figure 6-40. Add An Access Profile Rule 3. Complete the fields in the dialog: Management Method — Select from the dropdown box. The policy is restricted by the management chosen. Interface — Choose the check box for the interface if the policy should have a rule based on the interface.
Page 149: Authentication Profiles
Removing a Rule 1. Open the Access Profile page. 2. Click Show All to display the Profile Rules Table page. 3. Select a rule. 4. Check the Remove check box. 5. Click Apply Changes. The rule is removed, and the device is updated. Defining Access Profiles Using CLI Commands For information about the CLI commands that perform this function, see the Management ACL CLI Reference Guide...
Page 150 Figure 6-41. Authentication Profiles The Authentication Profiles page contains the following fields: Authentication Profile Name Displays lists to which user-defined authentication profiles are added. Use the radio buttons to apply the authentication profile to govern either Login or Enable part of the switch’s operations, and to select one of two available lists: •...
Page 151 Line — The line password is used for user authentication. – – Enable — The enable password is used for authentication. NOTE: User authentication occurs in the order the methods are selected. If an error occurs during the Local RADIUS authentication, the next selected method is used.
Page 152 3. Select one or more Optional Methods by using the arrows. 4. Click Apply Changes. The user authentication profile is updated to the device. Removing an Authentication Profiles Entry 1. Open the Authentication Profiles page. 2. Click Show All. The Authentication Profiles Table opens. Figure 6-43.
Page 153: Select Authentication
Table 6-24. Authentication Profile Configuration Commands CLI Command Description aaa authentication enable Sets authentication for accessing higher privilege levels. aaa authentication login Defines login authentication. enable authentication Specifies the authentication method list when accessing a higher privilege level from a remote telnet or console. show authentication methods Shows information about authentication methods.
Page 154 Console — Authentication profiles used to authenticate console users. • • Telnet — Authentication profiles used to authenticate Telnet users. • Secure Telnet (SSH) — Authentication profiles used to authenticate Secure Shell (SSH) users. SSH provides clients secure and encrypted remote connections to a device. •...
Page 155 Local, TACACS+, None — Authentication first occurs locally. If authentication cannot be – verified locally, the TACACS+ server authenticates the management method. If the TACACS+ server cannot authenticate the management method, the session is permitted. – TACACS+, Local, None — Authentication first occurs at the TACACS+ server. If authentication cannot be verified at the TACACS+ server, the session is authenticated locally.
Page 156: Password Management
Table 6-25. Access Method and Authentication Profile Commands CLI Command Description enable authentication Specifies the authentication method list when accessing a higher privilege level from a remote telnet or console. ip http authentication Specifies authentication methods for http. ip https authentication Specifies authentication methods for https.
Page 157 Figure 6-45. Password Management The Password Management page contains the following fields: • Password Minimum Length (8 64) — Indicates the minimum password length, when checked. For – example, the administrator can define that all line passwords must have at least 10 characters. If you clear the check box and apply the changes, no minimum password length is required.
Page 158: Local User Database
Defining Password Constraints Using CLI Commands For information about the CLI commands that perform this function, see the Password Management CLI Reference Guide Commands chapter in the . The following table summarizes the equivalent CLI commands you use. Table 6-26. Password Constraints Commands CLI Command Description passwords aging...
Page 159 Figure 6-46. Local User Database The Local User Database page contains the following fields: User Name — List of users. • • Access Level — User access level. The lowest user access level is 1 (readonly), and 15 (readwrite) is the highest.
Page 160 Figure 6-47. Add a New User 3. Complete the fields. 4. Click Apply Changes. The new user is defined, and the device is updated. NOTE: You can define as many as eight local users on the device. Displaying Users on the Local User Database 1.
Page 161: Line Passwords
Assigning Users With CLI Commands For information about the CLI commands that perform this function, see the AAA Commands chapter CLI Reference Guide in the . The following table summarizes the equivalent CLI commands you use. Table 6-27. Users Commands CLI Command Description password...
Page 162: Enable Password
Defining Line Passwords 1. Open the Line Password page. 2. Select device access through a Console, Telnet, or Secure Telnet (SSH) session. 3. Define the Line Password field for the type of session you use to connect to the device. 4.
Page 163: Tacacs+ Settings
Enable Password (8 64 characters) — The Enable password for controlling access to normal and • – privilege levels. The password appears in the ***** format. Confirm Enable Password — Confirms the new Enable password. The password appears in the ***** •...
Page 164 Figure 6-51. TACACS+ Settings The TACACS+ Settings page contains the following fields: • Host Name / IP Address — Specifies the TACACS+ Server. • Priority (0 65535) — Specifies the order in which the TACACS+ servers are used. The default is 0. –...
Page 165 Timeout for Reply (1 30) — Enter the global user configuration time that passes before the • – connection between the device and the TACACS+ times out. Defining TACACS+ Parameters 1. Open the TACACS+ Settings page. 2. Define the fields as needed. 3.
Page 166 Figure 6-53. TACACS+ Servers Table Removing a TACACS+ Server from the TACACS+ Servers List 1. Open the TACACS+ Settings page. 2. Click Show All. The TACACS+ Servers Table opens. 3. Select a TACACS+ Servers Table entry. 4. Select the Remove check box. 5.
Page 167: Radius Global Configuration
RADIUS Global Configuration The Remote Authorization Dial-In User Service (RADIUS) client on the PowerConnect 8024/8024F switch supports multiple, named RADIUS servers. The RADIUS authentication and accounting server groups can contain one or more configured authentication servers that share the same RADIUS server name.
Page 168 Figure 6-54. RADIUS Global Configuration The RADIUS Global Configuration page contains the following fields: • Configured Authentication Servers — The number of RADIUS authentication servers configured on the system. The value can range from 0 to 32. • Configured Accounting Servers — The number of RADIUS accounting servers configured on the system.
Page 169: Radius Server Configuration
Accounting Mode — Use the menu to select whether the RADIUS accounting mode is enabled or • disabled on the current server. RADIUS Attribute 4 (NAS-IP Address) — To set the network access server (NAS) IP address for the • RADIUS server, select the option and enter the IP address of the NAS in the available field.
Page 170 Figure 6-55. RADIUS Server Configuration The RADIUS Server Configuration page contains the following fields: • RADIUS Server Host Address — Use the drop-down menu to select the IP address of the RADIUS server to view or configure. Click Add to display the Add RADIUS Server page used to configure additional RADIUS servers.
Page 171 Status — Indicates whether the selected RADIUS server is currently serving as the active RADIUS • server If more than one RADIUS server is configured with the same name, the switch selects one of the servers to be the active server from the group of servers with the same name. The status and can be one of the following: –...
Page 172: Radius Accounting Server Configuration
Figure 6-57. RADIUS Server Status 3. To remove a named server, select the check box in the Remove column. 4. Click Apply Changes. The RADIUS server is removed from the list. Configuring RADIUS Server Settings Using CLI Commands For information about the CLI commands that perform this function, see the RADIUS Commands CLI Reference Guide chapter in the .
Page 173 Figure 6-58. RADIUS Accounting Server Configuration The RADIUS Accounting Server Configuration page contains the following fields: RADIUS Accounting Server Host Address — Use the drop-down menu to select the IP address of the • accounting server to view or configure. Click Add to display the Add RADIUS Accounting Server page used to configure additional RADIUS servers.
Page 174 2. Click Add. The Add RADIUS Accounting Server page displays. Figure 6-59. Add RADIUS Accounting Server 3. Enter an IP address and name for the RADIUS accounting server to add. 4. Click Apply Changes. The new RADIUS server is added, and the device is updated. Viewing RADIUS Accounting Server Status and Removing a Accounting Named Server 1.
Page 175: Radius Accounting Server Statistics
Table 6-33. RADIUS Accounting Server Commands CLI Command Description acct-port Sets the port number for the designated radius accounting server. Sets the authentication and encryption key for all RADIUS communications between the switch and the RADIUS daemon. name Assigns a name to a RADIUS accounting server. radius-server acct Specifies a RADIUS accounting server host and enter RADIUS Server Configuration mode.
Page 176: Radius Server Statistics
Round Trip Time — Displays the time interval, in hundredths of a second, between the most recent • Accounting-Response and the Accounting-Request that matched it from this RADIUS accounting server. • Accounting Requests — The number of RADIUS Accounting-Request packets sent to this server. This number does not include retransmissions.
Page 177 Figure 6-62. RADIUS Server Statistics The RADIUS Server Statistics page contains the following fields: RADIUS Server Host Address — Use the drop-down menu to select the IP address of the RADIUS • server for which to display statistics. • Round Trip Time — The time interval, in hundredths of a second, between the most recent Access- Reply/Access-Challenge and the Access-Request that matched it from this RADIUS authentication server.
Page 178 Malformed Access Responses — The number of malformed RADIUS Access-Response packets • received from this server. Malformed packets include packets with an invalid length. Bad authenticators or signature attributes or unknown types are not included as malformed access- responses. • Bad Authenticators —...
Page 179: Authorization Network Radius
Authorization Network RADIUS In some networks, the RADIUS server is responsible for assigning traffic to a particular VLAN. From the Authorization Network RADIUS page, you can enable the switch to accept VLAN assignment by the RADIUS server. To display the Authorization Network RADIUS page, click System Management → Security → Authorization Network RADIUS in the tree view.
Page 180: Telnet Server
Telnet Server Use the Telnet Server page to enable or disable telnet service on the switch or to modify the telnet port. To display the Telnet Server page, click System → Management Security → Telnet Server. Figure 6-64. Telnet Server The Telnet Server page contains the following fields: •...
Page 181: Denial Of Service
Configuring the Telnet Server Using CLI Commands For information about the CLI commands that perform this function, see the Telnet Server Commands CLI Reference Guide chapter in the . The following table summarizes the equivalent CLI commands you use. Table 6-37. Telnet Server Commands CLI Command Description ip telnet server disable...
Page 182 Figure 6-65. Denial of Service The Denial of Service page contains the following fields: Denial of Service SIP=DIP — Enabling SIP=DIP DoS prevention causes the switch to drop packets • that have a source IP address equal to the destination IP address. •...
Page 183 Denial of Service L4 Port — Enabling L4 Port DoS prevention causes the switch to drop packets that • have the TCP/UDP source port equal to TCP/UDP destination port. Denial of Service ICMP — Enabling ICMP DoS prevention causes the switch to drop ICMP packets •...
Page 184: Captive Portal
Captive Portal The Captive Portal (CP) feature allows you to block clients directly connected to the switch from accessing the network until user verification has been established. You can configure CP verification to allow access for both guest and authenticated users. Authenticated users must be validated against a database of authorized Captive Portal users before access is granted.
Page 185 To configure the global CP settings, click System → Captive Portal → Global Configuration. Figure 6-66. CP Global Configuration The CP Global Configuration page contains the following fields: • Captive Portal — Enable or disable the CP feature on the switch. •...
Page 186: Cp Configuration
CP Configuration From the CP Configuration page, you can view summary information about captive portals on the system, add a captive portal, and configure existing captive portals. The switch supports 10 CP configurations. CP configuration 1 is created by default and can not be deleted.
Page 187 Guest — The user does not need to be authenticated by a database. – – Local — The switch uses a local database to authenticated users. – RADIUS — The switch uses a database on a remote RADIUS server to authenticate users. NOTE: To configure authorized users on the local or remote RADIUS database, see "Local User"...
Page 188: Cp Web Customization
Figure 6-68. Add CP Configuration 3. Enter a name for the new CP configuration. 4. Click Apply Changes. The CP configuration is added, and the device is updated. Displaying the CP Configuration Summary 1. Open the Captive Portal Configuration page. 2.
Page 189 Figure 6-70. CP Web Customization The CP Web Customization page contains the following fields: • Captive Portal ID — The drop-down menu lists each CP configured on the switch. To view information about the clients connected to the CP, select it from the list. •...
Page 190 Background Color — Enter the hexadecimal color code to as the background color in the login area. • Press the ... button for a color pick list. The sample account information is updated with the colors you choose. • Account Image — Select the image that will display on the Captive Portal page above the login field. The image display area is 55H X 310W pixels.
Page 191: Local User
Local User You can configure a portal to accommodate guest users and authorized users. Guest users do not have assigned user names and passwords. Authorized users provide a valid user name and password that must first be validated against a local database or RADIUS server. Authorized users can gain network access once the switch confirms the user’s credentials.
Page 192 2. Select the Remove option at the bottom of the page. 3. Click Apply Changes to remove the user. Adding a Local User 1. Open the Local User page. 2. Click Add. The Add Local User page displays: Figure 6-72. Add Local User 3.
Page 193: User Group
Configuring Users in a Remote RADIUS Server You can use a remote RADIUS server client authorization. You must add all users to the RADIUS server. The local database does not share any information with the remote RADIUS database. The following table indicates the RADIUS attributes you use to configure authorized captive portal clients.
Page 194 Figure 6-74. User Group The User Group page contains the following fields: • Group Name — The menu contains the name of all of the groups configured on the system. The Default user group is configured by default. New users are assigned to the 1-Default user group by default.
Page 195: Interface Association
Displaying the User Group Page 1. Open the User Group page. 2. Click Show All. The User Group Summary page displays: Figure 6-76. CP User Group Summary 3. To remove a configured group, select the Remove option in the appropriate row, and then click Apply Changes.
Page 196: Cp Status
CP Configuration — Lists the captive portals configured on the switch by number and name. • • Interface List — Lists the interfaces available on the switch that are not currently associated with a captive portal. Use the following steps to associate one or more interfaces with a captive portal: 1.
Page 197 Figure 6-78. CP Status The CP Status page contains the following fields: • CP Global Operational Status — Shows whether the CP feature is enabled. • CP Global Disable Reason — Indicates the reason for the CP to be disabled, which can be one of the following: –...
Page 198: Cp Activation And Activity Status
CP Activation and Activity Status The CP Activation and Activity Status page provides information about each CP configured on the switch. The CP Activation and Activity Status page has a drop-down menu that contains all captive portals configured on the switch. When you select a captive portal, the activation and activity status for that portal displays.
Page 199: Interface Activation Status
Blocked Status — Indicates whether authentication attempts to the captive portal are currently • blocked. Use the Block and Unblock buttons to control the blocked status. If the CP is blocked, users cannot gain access to the network through the CP. Use this function to temporarily protect the network during unexpected events, such as denial of service attacks.
Page 200: Interface Capability Status
Configuration Name — Select the CP configuration with the information to view. • • Operational Status — Shows whether the portal is active on the specified interface. • Disable Reason — If the selected CP is disabled on this interface, this field indicates the reason, which can be one of the following: –...
Page 201: Client Summary
Interface — Select the interface with the information to view. • • Bytes Received Counter — Shows whether the interface supports displaying the number of bytes received from each client. • Bytes Transmitted Counter — Shows whether the interface supports displaying the number of bytes transmitted to each client.
Page 202: Client Detail
MAC Address — Identifies the MAC address of the client (if applicable). • • IP Address — Identifies the IP address of the client (if applicable). • User — Displays the user name (or Guest ID) of the connected client. •...
Page 203: Cp Interface Client Status
CP Interface Client Status Use the Interface Client Status page to view clients that are authenticated to a specific interface. To view statistical information for clients connected to the switch through the captive portal, click System → Captive Portal → Interface Client Status. Figure 6-84.
Page 204 Figure 6-85. CP - Client Status The CP - Client Status page contains the following fields: • Configuration Name — The drop-down menu lists each CP configured on the switch. To view information about the clients connected to the CP configuration, select the CP configuration name from the list.
Page 205 (continued) Table 6-40. Captive Portal Configuration Commands CLI Command Description configuration Enables the captive portal instance mode. enable Globally enables captive portal. group Configures the group number for a captive portal configuration. interface Associates an interface with a captive portal configuration. locale Associates an interface with a captive portal configuration.
Page 206: Defining Snmp Parameters
Defining SNMP Parameters Simple Network Management Protocol (SNMP) provides a method for managing network devices. The device supports SNMP version 1, SNMP version 2, and SNMP version 3. NOTE: By default, SNMPv2 is automatically enabled on the device. To enable SNMPv3, a local engine ID must be defined for the device.
Page 207 Figure 6-86. Global Parameters The Global Parameters page contains the following parameters: • Local Engine ID (6 32 hexadecimal characters) — Sets local SNMP engine ID. – Use Default — Configures the device to use the default SNMP EngineID. • •...
Page 208: Snmp View Settings
Enabling Authentication Trap 1. Open the Global Parameters page 2. Select Enable in the Authentication trap field. 3. Click Apply Changes. Authentication notifications are enabled, and the device is updated. Enabling SNMP Notifications Using CLI Commands For information about the CLI commands that perform this function, see the SNMP Commands chapter CLI Reference Guide in the .
Page 209 Figure 6-87. SNMP View Settings The SNMP View Settings page contains the following fields: • View Name — Contains a list of user-defined views. A view name can contain a maximum of 30 alphanumeric characters. • OID Subtree — Specifies a valid SNMP OID string that can include meta characters like *. •...
Page 210 3. Define the relevant fields. 4. Click Apply Changes. The SNMP view is added, and the device is updated. Displaying the View Table 1. Open the SNMP View Settings page 2. Click Show All. The View Table page displays: Figure 6-89. View Table Removing SNMP Views 1.
Page 211: Access Control Group
Table 6-42. SNMP Views Commands CLI Command Description show snmp views Displays the configuration of views. snmp-server view Creates or updates an SNMP server view entry. Access Control Group Use the Access Control Group page to view information for creating SNMP groups, and to assign SNMP access privileges.
Page 212 auth nopriv — Authenticates SNMP messages without encrypting them. – – auth priv — Authenticates SNMP messages and encrypts them. • Context Prefix (1 30) — This field permits the user to specify the context name by entering the first 1 –...
Page 213: Snmpv3 User Security Model (Usm)
Figure 6-92. Access Table Removing a Group 1. Open the Access Control Configuration page. 2. Click Show All. The Access Table opens. 3. Select a group. 4. Check Remove. 5. Click Apply Changes. The group is removed, and the device is updated. Defining SNMP Access Control Using CLI Commands For information about the CLI commands that perform this function, see the SNMP Commands chapter CLI Reference Guide...
Page 214 Figure 6-93. SNMPv3 User Security Model (USM) The SNMPv3 User Security Model (USM) page contains the following fields: • User Name — Contains a list of user-defined user names. • Group Name — Contains a list of user-defined SNMP groups. SNMP groups are defined in the Access Control Group page.
Page 215 des — Use a CBC-DES Symmetric Encryption Password for the authentication key. – – des-key — Use an HMAC-MD5-96 Authentication Pre-generated key. • Authentication Key(MD5-16; SHA-20 HEX character pairs) — Specify the authentication key. An authentication key is defined only if the authentication method is MD5 or SHA. •...
Page 216 Figure 6-95. Add Remote User 3. Define the relevant fields. 4. Click Apply Changes. 5. The user is added to the group, and the device is updated. Viewing the User Security Model Table 1. Open the SNMPv3 User Security Model (USM) page. 2.
Page 217: Communities
4. Check the Remove check box. 5. Click Apply Changes. The entry is removed, and the device is updated. Defining SNMP Users Using CLI Commands For information about the CLI commands that perform this function, see the SNMP Commands chapter CLI Reference Guide.
Page 218 Community String — Contains a list of user-defined community strings that act as a password and are • used to authenticate the SNMP management station to the device. A community string can contain a maximum of 20 characters. • SNMP Management Station — Contains a list of management station IP address for which community strings have been defined.
Page 219 In addition to the fields in the SNMPv1, 2 Community page, the Add SNMPv1,2 Community page contains the All (0.0.0.0) field, which indicates that the community can be used from any management station. 4. Click Apply Changes. The new community is saved, and the device is updated. Displaying Communities 1.
Page 220: Notification Filter
Configuring Communities Using CLI Commands For information about the CLI commands that perform this function, see the SNMP Commands chapter CLI Reference Guide in the . The following table summarizes the equivalent CLI commands you use to configure SNMP communities. Table 6-45.
Page 221 Filter Type — Indicates whether informs or traps are sent regarding the OID to the trap recipients. • – Excluded — Restricts sending OID traps or informs. – Included — Sends OID traps or informs. Adding SNMP Filters 1. Open the Notification Filter page. 2.
Page 222: Notification Recipients
Removing a Filter 1. Open the Notification Filter page. 2. Click Show All. The Show Notification page displays. 3. Select the Filter Table entry. 4. Check Remove. The filter entry is removed, and the device is updated. Configuring Notification Filters Using CLI Commands For information about the CLI commands that perform this function, see the SNMP Commands chapter CLI Reference Guide in the...
Page 223 Figure 6-103. Notification Recipients The Notification Recipients page contains the following fields: • Recipient IP — Contains a user-defined list of notification recipients IP addresses. • Notification Type — The type of notification sent. The possible field values are: – Trap —...
Page 224 NoAu NoPriv — The packet is neither authenticated nor encrypted. • • Auth NoPriv — The packet is authenticated. • Auth Priv — The packet is both authenticated and encrypted. • UDP Port (1 65535) — UDP port used to send notifications. The default is 162. –...
Page 225 The notification recipient is added, and the device is updated. the Notification Recipients Tables Displaying 1. Open Notification Recipients page. 2. Click Show All. The Notification Recipient Tables page opens: Figure 6-105. Notification Recipient Tables Removing Notification Recipients 1. Open the Notification Recipients page. 2.
Page 226: File Management
Table 6-47. SNMP Notification Recipients Commands CLI Command Description show snmp Displays the SNMP status. snmp-server host Specifies the recipient of SNMP notifications. snmp-server v3-host Specifies the recipient of SNMPv3 notifications. File Management Use the File Management menu page to manage device software, the image file, and the configuration files.
Page 227: Active Images
Figure 6-106. File System The File System page contains the following fields: File Name — A text field listing the names of the files on the file system. • • Image Description — A field 0-128 characters in length that displays an image description of the file. •...
Page 228: File Download
To display the File System page, click System → File Management → Active Images in the tree view. Figure 6-107. Active Images The Active Images page contains the following fields: • Unit — The unit on which the active image is running. •...
Page 229 Figure 6-108. File Download The File Download page contains the following fields: File Type — Select the type of file to be downloaded. Possible filetypes are: Firmware — Downloads the active image. • • SSH-1 RSA Key File — SSH-1 Rivest-Shamir-Adleman (RSA) Key File •...
Page 230 HTTP — Download files of various types to the switch using an HTTP session (in other words, by – using your web browser). Server Address — Specify the TFTP/SFTP/SCP server IP address from which the configuration files • are downloaded. •...
Page 231: File Upload
Table 6-50. Downloading Files Commands CLI Command Description copy Copies files from a source to a destination. File Upload Use the File Upload to Server page to upload configuration (ASCII), image (binary), operational log, and startup log files from the device to the server. To display the File Upload to Server page, click System →...
Page 232: Copy Files
SCP — Secure Copy – – HTTP— Hypertext Transfer Protocol Upload Upload contains the following fields: • Server Address — The server IP address to which the selected file is uploaded. • Destination File Name — The name which the file will have after it is uploaded. The name can be 1 –...
Page 233 To display the Copy Files page, click System → File Management → Copy Files in the tree view. Figure 6-110. Copy Files The Copy Files page contains the following fields: • Copy Master Firmware — Specifies that a software image file should be copied. •...
Page 234: Defining Advanced Settings
Copy Files Using CLI Commands For information about the CLI command that perform this function, see the Configuration and Image CLI Reference Guide Files Commands chapter in the . The following table summarizes the equivalent CLI command you use to copy files from one location to another. Table 6-52.
Page 235 • The IP addresses of DNS name servers (option 6). The IP addresses of DNS name servers should be returned from the DHCP server only if the DNS server is in the same LAN as the switch performing Auto Configuration. A DNS server is needed to resolve the IP address of the TFTP server if only the “sname”...
Page 236: Trap Manager
search for and download a configuration file from the server. If successful, it applies the configuration file to the switch. After starting the Auto Configuration process, you can monitor the status of the process by the messages in the Auto Configuration State and Retry Count fields. •...
Page 237: Trap Flags
Trap Flags The Trap Flags page is used to specify which traps you want to enable or disable. When the condition identified by an active trap is encountered by the switch, a trap message is sent to any enabled SNMP Trap Receivers, and a message is written to the trap log.
Page 238: Ospfv2 Trap Flags
Spanning Tree — Enable or disable activation of spanning tree traps by selecting the – corresponding line on the pull-down entry field. The factory default is enabled. • QOS Traps – ACL Traps — Enable or disable activation of ACL traps by selecting the corresponding line on the pull-down entry field.
Page 239 To access the OSPFv2 Trap Flags page, click System → Trap Manager → OSPFv2 Trap Flags in the navigation tree. Figure 6-113. OSPFv2 Trap Flags The OSPFv2 Trap Flags page contains the following fields: • Error Traps – Authentication Failure — Signifies that a packet has been received on a non-virtual interface from a router with an authentication key or authentication type that conflicts with this router's authentication key or authentication type.
Page 240 Configuration Error — Signifies that a packet has been received on a non-virtual interface from a – router with configuration parameters that conflict with this router's configuration parameters. The factory default is disabled. – Virtual Authentication Failure — Signifies that a packet has been received on a virtual interface from a router with an authentication key or authentication type that conflicts with this router's authentication key or authentication type.
Page 241: Ospfv3 Trap Flags
Neighbor State Change — Signifies that there has been a change in the state of a non-virtual – OSPF neighbor. This trap should be generated when the neighbor state regresses (e.g., goes from Attempt or Full to 1-Way or Down) or progresses to a terminal state (e.g.,2-Way or Full). When a neighbor transitions from or to Full on non-broadcast multi-access and broadcast networks, the trap should be generated by the designated router.
Page 242 Figure 6-114. OSPFv3 Trap Flags The OSPFv3 Trap Flags page contains the following fields: • Error Traps – Bad Packet — Signifies that an OSPF packet has been received on a non-virtual interface that cannot be parsed. The factory default is disabled. –...
Page 243 LSA Max Age — Signifies that one of the LSA in the router link-state database has aged to – MaxAge. The factory default is disabled. LSA Originate — Signifies that a new LSA has been originated by this router. This trap should not –...
Page 244: Trap Log
Configuring OSPFv3 Traps Using CLI Commands For information about the CLI command that performs this function, see the SNMP Commands chapter CLI Reference Guide in the . The following table shows the equivalent CLI command you use to configure OSPFv3 traps. Table 6-56.
Page 245: Sflow
Log — The sequence number of this trap. • • System Up Time — The time at which this trap occurred, expressed in days, hours, minutes and seconds since the last reboot of the switch. • Trap — Information associated with the trap. View the Trap Log Using CLI Commands For information about the CLI commands that perform this function, see the Syslog Commands chapter CLI Reference Guide...
Page 246: Sflow Agent Summary
Version — Uniquely identifies the version and implementation of this MIB. The version string must have the following structure: MIB Version; Organization; Software Revision where: – MIB Version — 1.3, the version of this MIB. – Organization — Dell Corp. – Revision — 1.0 Configuring System Information...
Page 247: Sflow Receiver Configuration
Agent Address — The IP address associated with this agent. • Configuring and Viewing sFlow Settings Using CLI Commands For information about the CLI commands that perform this function, see the Flow Commands chapter CLI Reference Guide in the . The following table summarizes the equivalent CLI commands you use to configure and view sFlow settings.
Page 248 Receiver Owner String — The entity making use of this sFlowRcvrTable entry. The empty string • indicates that the entry is currently unclaimed and the receiver configuration is reset to the default values. An entity wishing to claim an sFlowRcvrTable entry must ensure that the entry is unclaimed before trying to claim it.
Page 249: Sflow Sampler Configuration
Table 6-59. sFlow Receiver Commands CLI Command Description sflow destination Configures sFlow collector parameters (owner string, receiver timeout, ip address, and port). sFlow Sampler Configuration The sFlow Agent collects a statistical packet-based sampling of the switched flows and sends them to the configured receivers.
Page 250 Figure 6-119. sFlow Sampler Configuration The sFlow Sampler Configuration page contains the following fields: • Sampler DataSource— The sFlow data source for this sFlow sampler. This Agent supports physical ports only. • Receiver Index — The sFlow Receiver for this sFlow sampler. If set to zero, no packets will be sampled. Only active receivers can be set.
Page 251: Sflow Poll Configuration
Figure 6-120. sFlow Sampler Summary Configuring and Viewing sFlow Settings Using CLI Commands For information about the CLI commands that perform this function, see the sFlow Commands chapter CLI Reference Guide in the . The following table summarizes the equivalent CLI commands you use to configure and view sFlow settings.
Page 252 To access the sFlow Poll Configuration page, click System → sFlow → Poll Configuration in the navigation tree. Figure 6-121. sFlow Poll Configuration The sFlow Poll Configuration page contains the following fields: • Poll DataSource — The sFlow Sampler data source for this flow sampler. This Agent supports physical ports only.
Page 253: Industry Standard Discovery Protocol
Figure 6-122. sFlow Poll Summary Configuring and Viewing sFlow Settings Using CLI Commands For information about the CLI commands that perform this function, see the sFlow Commands chapter CLI Reference Guide in the . The following table summarizes the equivalent CLI commands you use to configure and view sFlow settings.
Page 254 Figure 6-123. ISDP Global Configuration The ISDP Global Configuration page contain the following fields: • ISDP Mode — Use this field to enable or disable the Industry Standard Discovery Protocol on the switch. • ISDP V2 Mode — Use this field to enable or disable the Industry Standard Discovery Protocol v2 on the switch.
Page 255: Cache Table
macAddress — Indicates that the value is in the form of Layer 2 MAC address. – – other — Indicates that the value is in the form of a platform specific ASCII string containing info that identifies the device. For example: ASCII string contains serialNumber appended/prepended with system name.
Page 256 Figure 6-124. ISDP Cache Table The ISDP Cache Table page contain the following fields: • Device ID — Displays the string with Device ID which is reported in the most recent ISDP message. • Interface — Displays the interface that this neighbor is attached to. •...
Page 257: Interface Configuration
Table 6-63. ISDP Cache Commands CLI Command Description clear isdp table Clears entries in the ISDP table. show isdp entry Displays ISDP entries. show isdp neighbors Displays the list of neighboring devices. Interface Configuration From the ISDP Interface Configuration page, you can configure the ISDP settings for each interface. If ISDP is enabled on an interface, it must also be enabled globally in order for the interface to transmit ISDP packets.
Page 258: Isdp Statistics
ISDP Mode — Use this field to enable or disable the Industry Standard Discovery Protocol on the • selected interface. Displaying the ISDP Interface Summary Table 1. Open the ISDP Interface Configuration page 2. Click Show All. The ISDP Interface Summary page displays: Figure 6-126.
Page 259 Figure 6-127. ISDP Statistics Configuring System Information...
Page 260: Iscsi Optimizations
The ISDP Statistics page contain the following fields: • Packets Received — Displays the number of all ISDP protocol data units (PDUs) received. • Packets Transmitted — Displays the number of all ISDP PDUs transmitted. • ISDPv1 Packets Received — Displays the number of v1 ISDP PDUs received. •...
Page 261: Iscsi Optimization Global Configuration
Use this feature in networks containing iSCSI initiators and targets where you want to protect this traffic from interruption by giving the traffic preferential QoS treatment. The dynamically generated classifier rules are used to direct the iSCSI data traffic to queues that can be given the desired preference characteristics over other data traveling through the switch.
Page 262: Iscsi Targets
iSCSI Status — Controls whether the switch is active in detecting iSCSI sessions and connections. If the iSCSI status is disabled, iSCSI resources will be released. Classification — Select the VLAN Priority Tag or DSCP option to determine which priority tag is to be used to set the traffic class queue for iSCSI traffic.
Page 263: Iscsi Sessions
Target Name — Identifies the iSCSI name of the iSCSI target. The name can be statically configured; however, it can be obtained from iSNS or from sendTargets response. The initiator MUST present both its iSCSI Initiator Name and the iSCSI Target Name to which it wishes to connect in the first login request of a new session or connection.
Page 264 Figure 6-131. iSCSI Sessions The iSCSI Sessions page contain the following fields: Target Name — Identifies the name of the iSCSI target. Initiator Name — Identifies the name of the iSCSI initiator. iSCSI Identifiers— Identifies the Initiator Defined Session Identifier (ISID) value. Configuring iSCSI Optimization Using CLI Commands For information about the CLI commands that perform this function, see the iSCSI Commands chapter CLI Reference Guide...
Page 265 Configuring System Information...
Page 266 Configuring System Information...
Page 267: Configuring Switching Information
Configuring Switching Information Overview This section provides all system operations and general information for network security, ports, address tables, GARP , VLANs, Spanning Tree, Port Aggregation, and Multicast Support. The topics covered in this section include: • Configuring Network Security •...
Page 268: Configuring Network Security
Configuring Network Security Use the Network Security menu page to set network security through port-based authentication, locked ports, DHCP Filtering configuration, and access control lists. To display the Network Security page, click Switching → Network Security in the tree view. The Network Security menu page contains links to the following features: •...
Page 269 Figure 7-1. Dot1x Authentication The Dot1x Authentication page contains the following fields: Global Parameters • Administrative Mode— Permits 802.1X port-based authentication on the switch. The possible field values are: – Enable — Enables 802.1X authentication on the switch. – Disable — Disables 802.1X authentication on the switch. Authentication Method —...
Page 270 None — Indicates that no authentication method is used. – – RADIUS — Indicates that authentication occurs at the RADIUS server. Interface Parameters • Interface — Selects the Unit and Port to be affected. • Guest VLAN — Enables or disables the guest VLAN mode on this interface. To enable the guest VLAN, select the VLAN ID to use as the guest VLAN.
Page 271 Max Users — Set the maximum number of clients supported on the port when MAC-based 802.1X • authentication is enabled on the port. The number of users allowed to authenticate per port ranges from 1 to 16. • Termination Cause — Displays the reason for termination. •...
Page 272 Figure 7-2. Dot1x Authentication Table 3. Use the horizontal scroll bar or click the right arrow at the bottom of the screen to display the right side of the table. 4. Use the Unit drop-down menu to view the Dot1x Authentication Table for other units in the stack, if they exist.
Page 273 Changing Administrative Port Control 1. Open the Dot1x Authentication page. 2. Click Show All. The Dot1x Authentication Table displays. 3. Scroll to the right side of the table and select the Edit check box for each port to configure. Change Admin Port Control to Authorized, Unauthorized, or Automode as needed for chosen ports.
Page 274: Authenticated Users
Table 7-1. 802.1x Authentication Commands CLI Command Description dot1x mac-auth-bypass Enables MAB on an interface. dot1x max-req Sets the maximum number of times the switch sends an EAP-request frame to the client before restarting the authentication process. dot1x max-users Sets the maximum number of clients supported on the port when MAC-based 802.1X authentication is enabled on the port.
Page 275: Port Security
Figure 7-3. Network Security Authenticated Users The Authenticated Users page contains the following fields: • Port — Displays the port used for authentication. • User Name — Specifies a user from the list of users authorized via the RADIUS Server. Displaying Authenticated Users Using CLI Commands For information about the CLI commands that perform this function, see the following chapter in the CLI Reference Guide...
Page 276 Figure 7-4. Network Security Port Security The Port Security page contains the following fields: • Interface — Displays the unit and port or the LAG on which the locked port security is enabled. Set Port — Enables locking the port or LAG. When a port is locked, all the current addresses that had •...
Page 277 The Port Security Table displays. Figure 7-5. Port Security Table 3. Use the Unit drop-down menu to view the Port Security Table for other units in the stack, if they exist. Defining Multiple Locked Ports 1. Open the Port Security page. 2.
Page 278: Ip Acl Configuration
IP ACL Configuration Access control lists (ACL) allow network managers to define classification actions and rules for specific ingress ports. Your switch supports up to 100 ACLs. However, the hardware resources are limited and may not be able to fully support 100 completely populated ACLs. Packets can be filtered on ingress or egress.
Page 279 Figure 7-7. Add IP ACL 3. Enter the desired ACL Name in the related entry field. 4. Click Apply Changes. The IP-based ACL is added, and the device is updated. Removing an IP-based ACL 1. Open the IP ACL Configuration page, and select the ACL to be deleted from the IP ACL drop-down menu.
Page 280: Ip Acl Rule Configuration
The following table summarizes the equivalent CLI commands you use to configure an IP-based ACL. Table 7-4. IP ACL Commands CLI Command Description access-list Creates an Access Control List show ip access-lists Displays access lists applied on interfaces and all rules that are defined for the access lists.
Page 281 Figure 7-9. IP ACL - Rule Configuration (Standard) The IP ACL Rule Configuration page contains the following fields: • IP ACL Name — Specifies an existing IP ACL. To set up a new IP ACL use the "IP ACL Configuration" page. •...
Page 282 Redirect Interface — Select from the drop-down list of interfaces one that packets meeting this rule • can be redirected to. Mirror Interface — Select from the drop-down list of interfaces one that packets meeting this rule can • be mirrored to. •...
Page 283 Match to Port — Click to add a user-defined Port ID. – • IP Precedence — Matches the packet IP Precedence value to the rule when checked. Enter the IP Precedence value to match. Either the DSCP value or the IP Precedence value is used to match packets to ACLs.
Page 284: Mac Acl Configuration
Table 7-5. IP Access Rule Command CLI Command Description access-list Use this command to specify rules for the IP access list. show ip access-lists Displays an Access Control List (ACL) and all of the rules that are defined for the ACL. MAC ACL Configuration The MAC ACL Configuration page allows network administrators to define a MAC-based ACL.
Page 285 2. Click Add to display the Add MAC ACL page. Figure 7-11. Add MAC ACL 3. Enter the desired MAC ACL Name in the entry field. 4. Click Apply Changes. The MAC-based ACL is added, and the device is updated. Removing a MAC-based ACL 1.
Page 286: Mac Acl Rule Configuration
• ACL Commands The following table summarizes the equivalent CLI commands you use to define a MAC ACL. Table 7-6. MAC ACL Commands CLI Command Description mac access-list Configures conditions required to allow traffic based on MAC addresses. show mac access-lists Displays a MAC access list and all of the rules that are defined for the ACL.
Page 287 MAC ACL Name — Specifies an existing MAC ACL. To set up a new MAC ACL use the MAC ACL • Configuration page. Rule Id — Selects or creates a user-defined ACLs. Enter an existing Rule ID, or create a new one by •...
Page 288 Modifying a MAC-based Rule NOTE: Rules can be modified only when the ACL to which they belong is not bound to an interface. 1. Open the MAC ACL Rule Configuration page. 2. Select the desired ACL from the MAC ACL drop-down menu. 3.
Page 289: Ipv6 Access Control Lists
Table 7-7. MAC ACL Commands CLI Command Description deny|permit Use the deny command to deny traffic if the conditions defined in the deny statement are matched. Use the permit command in Mac-Access- List Configuration mode to allow traffic if the conditions defined in the permit statement are matched.
Page 290 Figure 7-14. IPv6 ACL Configuration The IPv6 ACL Configuration page contains the following fields: • IPv6 ACL Name — Specify an IPv6 ACL name string which includes alphanumeric characters only. The name must start with an alphabetic character. This field displays the name of the currently selected IPv6 ACL if any ACLs have already been created.
Page 291 Displaying IPv6 ACLs 1. Open the IPv6 ACL Configuration page. 2. Click Show All. All IP ACLs and their related data display in the IPv6 ACL Table. Figure 7-16. IPv6 ACL Table The Summary page has the following fields: • IPv6 ACL Name —...
Page 292: Ipv6 Acl Rule Configuration
IPv6 ACL Rule Configuration Use the IPv6 ACL Rule Configuration page to define rules for IPv6-based ACLs. The access list definition includes rules that specify whether traffic matching the criteria is forwarded normally or discarded. Additionally, you can specify to assign traffic to a particular queue, filter on some traffic, change VLAN tag, shut down a port, and/or redirect the traffic to a particular port.
Page 293 Rule ID — Select an existing Rule ID to modify or select Create Rule to configure a new ACL Rule. To • create a new rule, enter a rule ID from 1–127 in the available field. New rules cannot be created if the maximum number of rules has been reached.
Page 294: Acl Bind Configuration
– Select one of the keyword from the list: DOMAIN, ECHO, FTP, FTPDATA, HTTP, SMTP, SNMP, TELNET, TFTP, and WWW. Each of these values translates into its equivalent port number, which is used as both the start and end of the port range. •...
Page 295 NOTE: Binding an ACL in the egress direction is not supported by the PowerConnect 8024/8024F switches. IP ACLs may be bound to an Ethernet interface in the egress direction. To display the ACL Bind Configuration page, click Switching → Network Security → Access Control Lists →...
Page 296 Assigning an ACL to an Interface 1. Open the ACL Bind Configuration page. 2. In the Interface field, specify the Unit and Port, LAG, or VLAN to configure. 3. Select the IP, IPv6, or MAC ACL in the Select an ACL field. NOTE: Whenever an ACL is assigned on a port, LAG, or VLAN, flows from that ingress interface that do not match the ACL are matched to the default rule, which is Drop unmatched packets.
Page 297: Configuring Ports
Configuring Ports The Ports menu page provides links for configuring port functionality, including advanced features such as storm control and port mirroring, and for performing virtual port tests. To display the page, click Switching → Ports in the tree view. The Ports menu page contains links to the following features: •...
Page 298 Enabling Ingress Backpressure 1. Open the Ports Global Parameters page. 2. Select Enable from the drop-down menu in the Flow Control field. 3. Click Apply Changes. 4. Ingress backpressure is now enabled. Configuring Flow Control Using CLI Commands For information about the CLI commands that perform this function, see the following chapter in the CLI Reference Guide •...
Page 299: Port Configuration
Port Configuration Use the Port Configuration page to define port parameters. To display the Port Configuration page, click Switching → Ports → Port Configuration in the tree view. Figure 7-20. Port Configuration The Port Configuration page contains the following fields: •...
Page 300 Half — Indicates that the interface supports transmission between the switch and the client in – only one direction at a time. Current Duplex Mode — Displays the synchronized port duplex mode. • • Auto Negotiation — Enables Auto Negotiation on the port. Auto Negotiation is a protocol between two link partners that enables a port to advertise its transmission rate, duplex mode, and flow control abilities to its partner.
Page 301 Figure 7-21. Port Configuration Table 3. Use the Unit drop-down menu to view the Port Configuration Table for other units in the stack, if they exist. Copying Port Configuration Settings 1. Open the Port Configuration page. 2. Click Show All. The Port Configuration Table displays.
Page 302: Protected Port Configuration
The following table summarizes the equivalent CLI commands for this feature. Table 7-12. Port Configuration Commands CLI Command Description description Adds a description to an interface. duplex Configures the full/half-duplex operation of a given Ethernet interface when not using auto-negotiation. interface ethernet Enters the interface configuration mode to configure an Ethernet type interface.
Page 303 Figure 7-22. Protected Port Configuration The Protected Port Configuration page contains the following fields: Port — Specifies the Unit and Port for which port parameters are defined. • • Protected Group ID — Drop-down menu used to assign a port to Group 0, 1, or 2. •...
Page 304: Lag Configuration
Adding Protected Port Groups 1. Open the Protected Port Configuration page. 2. Click Add. The Add Protected Group displays. Figure 7-24. Add Protected Port Use the drop-down menu to assign the numeric designation 0, 1, or 2 to the Protected Group ID. 4.
Page 305 Figure 7-25. LAG Configuration The LAG Configuration page contains the following fields: • LAG — Contains a list of LAG numbers. • LAG Type — The port types that comprise the LAG. • Description (0–64 Characters) — Description of the port. Admin Status —...
Page 306 Figure 7-26. LAG Configuration Table Editing LAG Parameters 1. Open the LAG Configuration page. 2. Click Show All. 3. The LAG Configuration Table displays. 4. Check Edit for all LAGs to be modified. 5. Admin Status and Description can now be edited as needed. 6.
Page 307: Storm Control
Table 7-14. LAG Commands CLI Command Description channel-group Configure a port-to-port channel. description Adds a description to a LAG . hashing-mode Sets the hashing algorithm on trunk ports. interface port-channel Configure a port-channel type and enters port-channel configuration mode. interface range port-channel Use this command in Global Configuration mode to execute a command on multiple port channels at the same time.
Page 308 Port — Specifies the Unit and Port for which storm control is enabled. • • Storm Control Mode — Specifies the mode of broadcast affected by storm control. – Broadcast — If the rate of L2 broadcast traffic ingressing on an interface increases beyond the configured threshold, the traffic will be dropped.
Page 309 Modifying Broadcast Control 1. Open the Storm Control interface. 2. Click Show All. The Storm Control Settings Table displays. 3. Check Edit for each port that Broadcast Control is to be modified. 4. Edit Broadcast Control as needed. 5. Click Apply Changes. The storm control port parameters are saved to the switch.
Page 310: Configuring Traffic Mirroring
Configuring Traffic Mirroring Traffic mirroring allows the user to configure the switch to send copies of packets on a port that is being mirrored to the mirroring port. The mirroring can be port-based or flow-based. Use the Traffic Mirroring menu page to define port mirroring sessions and configure flow-based mirroring.
Page 311 The Port Mirroring page contains the following fields: • Session — Specifies the monitoring session. • Admin Mode — Enables or Disables the port mirroring. • Destination Port — Select the port to which port traffic may be copied. • Reset Session —...
Page 312: Flow Based Mirroring
Modifying a Port Mirroring Session 1. Open the Port Mirroring page. 2. Modify the fields. 3. Click Apply Changes. The port mirroring session fields are modified, and the device is updated. Removing a Port Mirroring Session 1. Open the Port Mirroring page. 2.
Page 313 Figure 7-31. Flow Based Mirroring The Flow Based Mirroring page contains the following fields: Policy Name — Selects policy to associate with a traffic class. Policy Name is defined using the • DiffServ "Policy Configuration" web page. • Member Classes — Selects the traffic class associated with this policy. Member Class is defined using the DiffServ "Class Configuration"...
Page 314: Configuring Address Tables
Table 7-17. Flow-based Mirroring Commands CLI Command Description diffserv Sets the DiffServ operational mode to active. policy-map Establishes a new DiffServ policy mirror Mirrors all the data that matches a policy to the specified destination port. Configuring Address Tables MAC addresses are stored in either the static or dynamic address table. Static addresses are defined by you.
Page 315 Figure 7-32. Static MAC Address The Static MAC Address page contains the following fields: Interface — Specifies the Unit and Port or LAG to which the static MAC address is applied. To view • addresses for a different Unit/Port or LAG, change the Interface listed here. •...
Page 316 Figure 7-33. Adding Static MAC Address 3. Complete the fields as needed. 4. Click Apply Changes. The new static address is added to the Static MAC Address Table, and the device is updated. Modifying a Static Address in the Static MAC Address Table 1.
Page 317: Dynamic Address Table
2. Click Show All to display the Static MAC Address Table. 3. Check the Remove check box for the address to be removed. 4. Click Apply Changes. The static address is deleted, and the device is updated. Configuring Static Address Parameters Using CLI Commands For information about the CLI commands that perform this function, see the following chapter in the CLI Reference Guide •...
Page 318 Figure 7-35. Dynamic Address Table The Dynamic Address Table contains the following fields: • Address Aging (10–1000000) — Specifies aging time in seconds before a dynamic MAC address is erased. The default value is 300 seconds. • Clear Table — Clears all dynamic MAC address data from the table when checked and Apply Changes is clicked.
Page 319: Configuring Garp
Defining the Aging Time 1. Open the Dynamic Address Table page. 2. Define the Address Aging field. 3. Click Apply Changes. The aging time is modified, and the device is updated. Querying the Dynamic Address Table 1. Open the Dynamic Address Table page. 2.
Page 320: Garp Timers
To display the GARP menu page, click Switching → GARP in the tree view. GARP Timers The GARP Timers page contains fields for enabling GARP on the switch. To display the GARP Timers page, click Switching → GARP → GARP Timers in the tree view. Figure 7-36.
Page 321 The parameters are copied to the selected ports or LAGs in the GARP Timers Table, and the device is updated. Displaying Parameters in the GARP Timers Table 1. Open the GARP Timers page. 2. Click Show All. The GARP Timers Table displays. Figure 7-37.
Page 322 The GARP Timers Table displays. 3. Click Edit for each Interface to modify. 4. Edit the GARP Timers fields as needed. 5. Click Apply Changes. The GARP Timers settings are modified, and the device is updated. Defining GARP Timers Using CLI Commands For information about the CLI commands that perform this function, see the following chapter in the CLI Reference Guide •...
Page 323: Configuring The Spanning Tree Protocol
Configuring the Spanning Tree Protocol The Spanning Tree Protocol (STP) provides a tree topology for any arrangement of bridges. STP also provides one path between end stations on a network, eliminating loops. Spanning tree versions supported include Classic STP, Multiple STP , and Rapid STP . Classic STP provides a single path between end stations, avoiding and eliminating loops.
Page 324 Figure 7-38. Spanning Tree Global Settings The STP Global Settings page contains the following fields: • Spanning Tree Status — Enables or disables RSTP, STP, or MSTP on the switch. • STP Operation Mode — Specifies the STP mode by which STP is enabled on the switch. Possible field values are: Classic STP , Rapid STP, and Multiple STP.
Page 325 If set to Enable, when a BPDU is received on an edge port, that port is disabled. Once the port has been disabled it requires manual-intervention to be re-enabled. Bridge Settings • Priority — Specifies the bridge priority value. When switches or bridges are running STP, each are assigned a priority.
Page 326 Table 7-21. Spanning Tree Global Commands CLI Command Description spanning-tree Enables spanning-tree functionality. spanning-tree bpdu flooding Allows flooding of BPDUs received on nonspanning-tree ports to all other non-spanning-tree ports. spanning-tree bpdu-protection Enables BPDU protection on a switch. spanning-tree forward-time Configures the spanning-tree bridge forward time, which is the amount of time a port remains in the listening and learning states before entering the forwarding state.
Page 327: Stp Port Settings
STP Port Settings Use the STP Port Settings page to assign STP properties to individual ports. To display the STP Port Settings page, click Switching → Spanning Tree → STP Port Settings in the tree view. Figure 7-39. STP Port Settings The STP Port Settings page contains the following fields: •...
Page 328 Blocking — The port is currently blocked and cannot be used to forward traffic or learn MAC – addresses. Listening — The port is currently in the listening mode. The port cannot forward traffic nor can it – learn MAC addresses. –...
Page 329: Stp Lag Settings
Displaying the STP Port Table and Configuring STP Port Settings 1. Open the STP Port Settings page. 2. Click Show All. The STP Port Table displays. Figure 7-40. STP Port Table 3. Use the Unit drop-down menu to view the STP Port Table for other units in the stack, if they exist. 4.
Page 330 To display the STP LAG Settings page, click Switching → Spanning Tree → STP LAG Settings in the tree view. Figure 7-41. STP LAG Settings The STP LAG Settings page contains the following fields: • Select a LAG — Specifies the LAG number for which you want to modify STP settings. •...
Page 331 Forwarding — The LAG is currently in the forwarding mode, and it can forward traffic and learn – new MAC addresses. Broken — The LAG is currently malfunctioning and cannot be used for forwarding traffic. – • STP Root Guard — Enables or disables STP Root Guard. The default is disable. •...
Page 332: Rapid Spanning Tree
Figure 7-42. STP LAG Table 3. To change the STP settings for one or more LAGs, select the Edit option for the LAG(s), configure the desired settings, and then click Apply Changes. Defining STP LAG Settings Using CLI Commands See "Configuring Spanning Tree Port Settings Using CLI Commands" on page 329. Rapid Spanning Tree Rapid Spanning Tree Protocol (RSTP) detects and uses network topologies that allow a faster convergence of the spanning tree without creating forwarding loops.
Page 333: Mstp Settings
Mode — Displays the administrative mode and if its enabled or disabled. • • Fast Link Operational Status — Indicates if Fast Link is enabled or disabled for the port or LAG. If Fast Link is enabled for a port, the port is automatically placed in the forwarding state. This setting can be changed from the "STP Port Settings"...
Page 334 To display the MSTP Settings page, click Switching → Spanning Tree → MSTP Settings in the tree view. Figure 7-45. MSTP Settings The MSTP Settings page contains the following fields divided into two sections, Global Settings and Instance Settings: • Region Name (1–32 characters) —...
Page 335 Root Path Cost — Indicates the path cost of the selected instance. • Modifying MSTP Settings: 1. Open the MSTP Settings page. 2. Modify the fields in the Global Settings and Instance Settings sections as needed. 3. Click Apply Changes. The MSTP parameters are modified, and the device is updated.
Page 336: Mstp Interface Settings
Table 7-23. MST CLI Command Description instance Maps VLANS to an MST instance. name Define the configuration name for an MST instance. revision Identifies the configuration revision number of an MST instance. spanning-tree max-hops Sets the MSTP Max Hops parameter to a new value for the common and internal spanning tree.
Page 337 The MSTP Interface Settings page contains the following fields: • Instance ID — Selects the MSTP instances configured on the switch. Possible field range is 1–15. • Interface — Selects either a Unit/Port or LAG for this MSTP instance. • Port State —...
Page 338 4. Specify Interface Priority and Path Cost. 5. Click Apply Changes. The interface settings are saved, and the device is updated. Displaying the MSTP Interface Settings Table 1. Open the MSTP Settings page. 2. Click Show All. The MSTP Interface Table displays. Figure 7-48.
Page 339: Configuring Vlans
• Spanning Tree Commands The following table summarizes the equivalent CLI commands for this feature. Table 7-24. MST Port Commands CLI Command Description spanning-tree mst 0 external-cost Sets the external cost for the common spanning tree. spanning-tree mst cost Configure the path cost for multiple spanning tree (MST) calculations. spanning-tree mst port-priority Configures port priority.
Page 340 • VLAN 1 is the default VLAN of which all ports are members, and • VLAN 4095 is designated as the "Discard VLAN." Valid VLANs that can be created are 2–4093. VLAN 4094 is reserved. To display the VLAN Membership page, click Switching → VLAN → VLAN Membership in the tree view.
Page 341 Default — Indicates the VLAN is the default VLAN. – • Remove VLAN — Removes the displayed VLAN from the VLAN Membership Table when checked. The VLAN Membership tables display which Ports and LAGs are members of the VLAN, and whether they’re tagged (T), untagged (U), or forbidden (F).
Page 342 4. Click Apply Changes. The new VLAN is added, and the device is updated. Assigning VLAN Membership to a Port or LAG 1. Open the VLAN Membership page. 2. Select a VLAN from the VLAN ID or VLAN Name drop-down menu. 3.
Page 343: Double Vlan
Table 7-26. VLAN Membership Commands CLI Command Description name Configures a name to a VLAN. show interfaces switchport Displays switchport configuration. show vlan Displays VLAN information. switchport forbidden vlan Forbids adding specific VLANs to a port. switchport general allowed vlan Adds or removes VLANs from a port in General mode.
Page 344 Figure 7-51. Double VLAN Global Configuration The Double VLAN Global Configuration page contains the following fields: • EtherType — The two-byte hex Ethertype to be used as the first 16 bits of the Double VLAN tag: 802.1Q — Commonly used tag representing 0x8100. This value is supported by several network –...
Page 345 Figure 7-52. Double VLAN Interface Configuration The Double VLAN Interface Configuration page contains the following fields: • Interface — Select the port or LAG for which you want to display or configure data. • Interface Mode — Enables or disables double VLAN tagging on the selected interface. The default value is Disable.
Page 346 Figure 7-53. Double VLAN Port Parameters Table Copying Double VLAN Parameters 1. Open the Double VLAN Interface Configuration page. 2. Click Show All. The Double VLAN Port Parameters Table displays. 3. Specify the Port you are copying from in Copy Parameters From. 4.
Page 347: Vlan Port Settings
Table 7-27. Double VLAN Commands CLI Command Description dvlan-tunnel ethertype Configures the EtherType for the interface. mode dvlan-tunnel Enables Double VLAN tunneling on the specified interface show dvlan-tunnel Displays all interfaces enabled for Double VLAN Tunneling. show dvlan-tunnel interface Displays detailed information about Double VLAN Tunneling for the specified interface.
Page 348 Access — The port belongs to a single untagged VLAN. When a port is in Access mode, the packet – types which are accepted on the port (packet type) cannot be designated. It is also not possible to enable/disable ingress filtering on an access port. –...
Page 349: Vlan Lag Settings
3. Use the Unit drop-down menu to view the VLAN Port Table for other units in the stack, if they exist. Modifying Settings for Multiple Ports 1. Open the VLAN Port Settings page. 2. Click Show All. The VLAN Port Table displays. 3.
Page 350 Figure 7-56. VLAN LAG Settings The VLAN LAG Settings page contains the following fields: • LAG — Specifies the LAG number included in the VLAN. • Port VLAN Mode — Indicates the Port VLAN mode for the LAG. Possible values are: –...
Page 351: Bind Mac To Vlan
The VLAN LAG parameters are defined, and the device is updated. Displaying the VLAN LAG Table 1. Open the VLAN LAG Settings page. 2. Click Show All. The VLAN LAG Table displays. Figure 7-57. VLAN LAG Table Modifying Settings for Multiple LAGs 1.
Page 352 To display the Bind MAC to VLAN page, click Switching → VLAN → Bind MAC to VLAN in the tree view. Figure 7-58. Bind MAC to VLAN The Bind MAC to VLAN page contains the following fields: • MAC Address — Specifies MAC Address for a VLAN. •...
Page 353 Figure 7-59. MAC - VLAN Bind Table Modifying VLAN for Multiple MAC Addresses 1. Open the Bind MAC to VLAN page. 2. Click Show All. The MAC - VLAN Bind Table displays. 3. Click Edit for each MAC Address with a VLAN to modify. 4.
Page 354: Bind Ip Subnet To Vlan
Table 7-29. MAC - VLAN Binding Commands CLI Command Description vlan association mac Associates a MAC address to a VLAN. show vlan association mac Displays the VLAN associated with a specific configured MAC address. Bind IP Subnet to VLAN An IP Subnet to VLAN mapping is defined by configuring an entry in the IP Subnet to VLAN table, an entry is specified through a source IP address, network mask, and the desired VLAN ID.
Page 355 2. Enter the IP Address to bind to the VLAN. 3. Enter the IP Subnet associated with the IP address. 4. Enter the VLAN ID to which the IP address and subnet mask are assigned. 5. Click Apply Changes. The listed VLAN and IP Subnet are now bound, and the device is updated. Displaying the IP Subnet - VLAN Bind Table 1.
Page 356: Protocol Group
4. Click Apply Changes. The entry/entries are removed, and the device is updated. Binding IP Subnets to VLANs Using CLI Commands For information about the CLI commands that perform this function, see the following chapter in the CLI Reference Guide •...
Page 357 Figure 7-62. Protocol Group The Protocol Group page contains the following fields: • Protocol Group — Displays the name associated with the protocol group ID (up to 16 characters). Create a new group by clicking the Add button. • Protocol — Specifies protocols (in hexadecimal format in the range 0x0600 to 0xffff) associated with this group.
Page 358 Figure 7-63. Add Protocol Group 3. Enter a new Protocol Group Name and a VLAN ID to associate with this group. 4. Return to the Protocol Group page. 5. Select the Protocol Group that you added, then select the protocol. 6.
Page 359: Gvrp Parameters
2. Click Show All. The Protocol Group Table displays. Figure 7-64. Protocol Group Table 3. Check Remove for the protocol groups you want to remove. 4. Click Apply Changes. The protocol is removed, and the device is updated. Configuring VLAN Protocol Groups Using CLI Commands For information about the CLI commands that perform this function, see the following chapter in the CLI Reference Guide •...
Page 360 Use the GVRP Global Parameters page to enable GVRP globally. You can also enable GVRP on a per- interface basis. To display the GVRP Global Parameters page, click Switching → VLAN → GVRP Parameters in the tree view. Figure 7-65. GVRP Global Parameters The GVRP Global Parameters page contains the following fields: •...
Page 361 2. Select Enable in the GVRP Global Status field for the desired interface. 3. Select Enable in the GVRP Registration field. 4. Click Apply Changes. GVRP VLAN Registration is enabled on the port, and the device is updated. Displaying the GVRP Port Parameters Table 1.
Page 362 Modifying GVRP Parameters for Multiple Ports 1. Open the GVRP Global Parameters page. 2. Click Show All. The GVRP Port Parameters Table displays. 3. Click Edit for each Interface/LAG to modify. 4. Edit the GVRP Port Parameter fields as needed. 5.
Page 363: Configuring Voice Vlan
Configuring Voice VLAN The Voice VLAN feature enables switch ports to carry voice traffic with defined priority. The priority level enables the separation of voice and data traffic coming onto the port. A primary benefit of using Voice VLAN is to ensure that the sound quality of an IP phone is safeguarded from deteriorating when the data traffic on the port is high.
Page 364 VLAN ID — Configure VLAN tagging for the voice traffic. The VLAN ID range is 1–4093. – – dot1p — Configure Voice VLAN 802.1p priority tagging for voice traffic. The priority tag range is 0–7. – Untagged — Configure the phone to send untagged voice traffic. •...
Page 365: Aggregating Ports
Aggregating Ports Link Aggregation allows one or more full-duplex (FDX) Ethernet links to be aggregated together to form a Link Aggregation Group (LAG). This allows the networking switch to treat the LAG as if it is a single link. Static LAGs are supported. When a port is added to a LAG as a static member, it neither transmits nor receives LACPDUs.
Page 366 Global Parameters • LACP System Priority (1–65535) — Indicates the LACP priority value for global settings. The default value is 1. Port Parameters • Interface— Specifies the unit and port number to which timeout and priority values are assigned. • LACP Port Priority (1–65535) —...
Page 367: Lag Membership
Modifying LACP Parameters for Multiple Ports 1. Open the LACP Parameters page. 2. Click Show All. The LACP Parameters Table displays. 3. Click Edit for each Port to modify. 4. Edit the fields as needed. 5. Click Apply Changes. The LACP Parameter settings are modified, and the device is updated. Configuring LACP Parameters Using CLI Commands For information about the CLI commands that perform this function, see the following chapter in the CLI Reference Guide...
Page 368 Figure 7-70. LAG Membership The LAG Membership page contains a table with the following fields: LACP — Aggregates a LAG port to LACP membership. For ports with a number in the LAG row, you • can click in the LACP row to toggle LACP "on." Each click toggles between L (LACP) and blank (no LACP).
Page 369: Assigning Ports To Lags And Lacps Using Cli Commands
Assigning Ports to LAGs and LACPs Using CLI Commands For information about the CLI commands that perform this function, see the following chapter in the CLI Reference Guide • Port Channel Commands The following table summarizes the equivalent CLI commands for this feature. Table 7-35.
Page 370: Lag Hash Summary
– Source IP and Source TCP/UDP Port (default) – Destination IP and Destination TCP/UDP Port – Source/Destination MAC, VLAN, EtherType, source MODID/port – Source/Destination IP and source/destination TCP/UDP port Configuring the LAG Hash 1. Open the LAG Hash Configuration page. 2.
Page 371 Figure 7-72. LAG Hash Summary The LAG Hash Summary page contains a table with the following fields: • LAGs — Lists the LAG numbers. • Hash Algorithm Type — Shows the type of HASH algorithm for unicast traffic flows that is associated with the LAG.
Page 372: Managing Multicast Support
Managing Multicast Support The Layer 2 Multicast Forwarding Database is used by the switch to make forwarding decisions for packets that arrive with a multicast destination MAC address. By limiting multicasts to only certain ports in the switch, traffic is prevented from going to parts of the network where that traffic is unnecessary. When a packet enters the switch, the destination MAC address is combined with the VLAN ID and a search is performed in the Layer 2 Forwarding database.
Page 373: Bridge Multicast Group
The Multicast Global Parameters page contains the following field: • Bridge Multicast Filtering — Enables or disables bridge Multicast filtering. The default value is disabled. • IGMP Snooping Status — Enables or disables IGMP snooping. The default value is disabled. •...
Page 374 Figure 7-74. Bridge Multicast Group The Bridge Multicast Group page contains the following fields: • VLAN ID — Selects the VLAN to add a multicast group to or to modify ports on an existing multicast group. Bridge Multicast Address — Identifies the multicast group MAC address/IP address associated with •...
Page 375 LAGs — Displays and assigns multicast group membership to LAGs. To assign membership, click in • Static for a specific LAG. Each click toggles between S, F, and blank. See the following table for definitions. The following table contains definitions for port/LAG IGMP management settings. Table 7-39.
Page 376 3. Select the VLAN ID from the drop-down menu. 4. Define the New Bridge Multicast IP or MAC address. 5. In the Bridge Multicast Group tables, assign a setting by clicking in the Static row for a specific port/LAG. Each click toggles between S, F, and blank. (not a member). 6.
Page 377: Bridge Multicast Forward
Table 7-40. Bridge Multicast Groups Commands CLI Command Description bridge multicast address Register MAClayer Multicast addresses to the bridge table and adds ports to the group statically. bridge multicast forbidden address Forbids adding a specific Multicast address to specific ports. show bridge multicast address-table Displays Multicast MAC address table information.
Page 378: Igmp Snooping
Filter Unregistered — Prohibits the forwarding of IPv4 multicast packets with a destination – address that does not match any of the groups announced in earlier IGMP Membership Reports. Changing the Bridge Multicast Forwarding Mode. 1. Open the Bridge Multicast Forward page. 2.
Page 379: General Igmp Snooping
Allowing switches to snoop IGMP packets is a creative effort to solve this problem. The switch uses the information in the IGMP packets as they are being forwarded throughout the network to determine which segments should receive packets directed to the group address. To display the IGMP Snooping page, click Switching →...
Page 380 Host Timeout — Specifies time before an IGMP snooping entry is aged out. The default time is 260 • seconds. Multicast Router Timeout — Specifies time before aging out a Multicast router entry. The default • value is 300 seconds. •...
Page 381 The IGMP Snooping Table displays. 3. Click Edit for each Port, LAG, or VLAN to modify. 4. Edit the IGMP Snooping fields as needed. 5. Click Apply Changes. The IGMP Snooping settings are modified, and the device is updated. Copying IGMP Snooping Settings to Multiple Ports, LAGs, or VLANs 1.
Page 382 Table 7-42. IGMP Snooping Commands CLI Command Description ip igmp snooping (Interface) Enables Internet Group Management Protocol (IGMP) snooping on a specific VLAN. ip igmp snooping host-time-out Configures the host-time-out. ip igmp snooping leave-time-out Configures the leave-time-out. ip igmp snooping mrouter-time-out Configures the mrouter-time-out.
Page 383: Global Querier Configuration
Global Querier Configuration Use the Global Querier Configuration page to configure the parameters for the IGMP Snooping Querier. To display the Global Querier Configuration page, click Switching → Multicast Support → IGMP Snooping → Global Querier Configuration in the tree view. Figure 7-79.
Page 384: Vlan Querier
• IGMP Snooping Querier Commands The following table summarizes the equivalent CLI commands for this feature. Table 7-43. IGMP Snooping Querier Global Commands CLI Command Description ip igmp snooping querier Enables/disables IGMP Snooping Querier on the system (Global Configuration mode) or on a VLAN. ip igmp snooping querier election Enables the Snooping Querier to participate in the Querier Election participate...
Page 385 The VLAN Querier page contains the following fields: • VLAN ID — Specifies the VLAN for the IGMP Snooping Querier configuration. • VLAN Mode — Enables or disables the IGMP Snooping Querier on the VLAN selected in the VLAN ID field. •...
Page 386: Vlan Querier Status
Figure 7-82. VLAN Querier Summary Table Configuring VLAN Querier Settings with CLI Commands See "Configuring IGMP Snooping Querier Settings with CLI Commands" on page 383. VLAN Querier Status Use the VLAN Querier Status page to view the IGMP Snooping Querier settings for individual VLANs. To display the VLAN Querier Status page, click Switching →...
Page 387: Mfdb Igmp Snooping Table
VLAN Mode — Shows whether the IGMP Snooping Querier is enabled or disabled on the VLAN. • • Querier Election Participate Mode — Shows whether the mode is enabled or disabled. When this mode is disabled, upon seeing another querier of same version in the VLAN, the Snooping Querier transitions to non-querier state.
Page 388 Figure 7-84. MFDB IGMP Snooping Table The MFDB IGMP Snooping Table page contains the following fields: • VLAN — Displays the VLAN ID associated with an IGMP group entry in the MFDB table. • MAC Address — Displays the MAC Address associated with an IGMP group entry in the MFDB table. •...
Page 389: Mrouter Status
MRouter Status Use the MRouter Status page to display the status of dynamically learned multicast router interfaces. To access this page, click Switching → Multicast Support → MRouter Status in the navigation tree. Figure 7-85. MRouter Status The MRouter Status page contains the following fields: •...
Page 390: Mld Snooping
MLD Snooping In IPv4, Layer 2 switches can use IGMP snooping to limit the flooding of multicast traffic by dynamically configuring Layer-2 interfaces so that multicast traffic is forwarded to only those interfaces associated with an IP multicast address. In IPv6, MLD snooping performs a similar function. With MLD snooping, IPv6 multicast data is selectively forwarded to a list of ports that want to receive the data instead of being flooded to all ports in a VLAN.
Page 391 • Auto Learn — Enable or Disable the ability of the switch to automatically learn about dynamic MLD ports. • Host Timeout — Specifies time (in seconds) before an MLD snooping entry is aged out. The range is from 2 to 3600 seconds. The default time is 260 seconds. •...
Page 392: Mld Snooping Global Querier Configuration
Configuring MLD Snooping with CLI Commands For information about the CLI commands that perform this function, see the following chapter in the CLI Reference Guide: • IPv6 MLD Snooping Commands The following table summarizes the equivalent CLI commands for this feature. Table 7-46.
Page 393 Figure 7-88. MLD Snooping Global Querier Configuration The MLD Snooping Global Querier Configuration page contains the following fields: • IP Address— Specifies the Snooping Querier IPv6 Address which will be used as the source address in periodic MLD queries. This address is used when no address is configured for the VLAN on which the query is being sent.
Page 394: Mld Snooping Vlan Querier
Table 7-47. MLD Snooping Querier Commands CLI Command Description ipv6 mld snooping querier Enables MLD Snooping Querier on the system or on a VLAN. ipv6 mld snooping querier address Sets the global MLD Snooping Querier address on the system or on a VLAN.
Page 395 VLAN ID — Specifies the VLAN for the MLD Snooping Querier configuration. • • VLAN Mode — Enables or disables the MLD Snooping Querier on the VLAN selected in the VLAN ID field. • Querier Election Participate Mode — Enables or disables the MLD participation in election mode by the Snooping Querier.
Page 396: Fmld Snooping Vlan Querier Status
Figure 7-91. VLAN Querier Summary Table Configuring VLAN Querier Settings with CLI Commands See "Configuring IGMP Snooping Querier Settings with CLI Commands" on page 383. FMLD Snooping VLAN Querier Status Use the VLAN Querier Status page to view the MLD Snooping Querier settings for individual VLANs. To display the VLAN Querier Status page, click Switching →...
Page 397: Mfdb Mld Snooping Table
Querier Election Participate Mode — Shows whether the mode is enabled or disabled. When this • mode is disabled, upon seeing another querier of same version in the VLAN, the Snooping Querier transitions to non-querier state. When this mode is enabled, the Snooping Querier participates in querier election, where in the lowest IP address wins the querier election and operates as the querier in that VLAN.
Page 398 To display the MFDB MLD Snooping Table page, click Switching → Multicast Support → MLD Snooping → MFDB MLD Snooping Table in the tree view. Figure 7-93. MFDB MLD Snooping Table The MFDB MLD Snooping Table page contains the following fields: •...
Page 399: Configuring The Link Layer Discovery Protocol (Lldp)
Table 7-49. MFDB MLD Snooping Commands CLI Command Description show ipv6 mld snooping groups Displays the MLD Snooping entries in the MFDB table. Configuring the Link Layer Discovery Protocol (LLDP) The IEEE 802.1AB defined standard, Link Layer Discovery Protocol (LLDP), allows stations residing on an 802 LAN to advertise major capabilities and physical descriptions.
Page 400 Figure 7-94. LLDP Configuration The LLDP Configuration page contains the following fields: Global Settings • Transmit Interval (1–32768) — Specifies the interval at which frames are transmitted. The default is 30 seconds. • Hold Multiplier (2–10) — Specifies multiplier on the transmit interval to assign to TTL. Default is 4. •...
Page 401 Included TLVs — Selects TLV information to transmit. Choices include System Name, System • Capabilities, System Description, and Port Description. Modifying the LLDP Configuration 1. Open the LLDP Configuration page. 2. Define the fields as needed. 3. Click Apply Changes. LLDP parameters are saved to the switch.
Page 402: Lldp Statistics
Modifying LLDP Interface Settings for Multiple Ports 1. Open the LLDP Configuration page. 2. Click Show All. The LLDP Interface Settings Table displays. 3. Click Edit for each Unit/Port to modify. 4. Edit the LLDP Interface fields as needed. 5. Click Apply Changes. The LLDP Interface settings are modified, and the device is updated.
Page 403 Figure 7-96. LLDP Statistics Configuring Switching Information...
Page 404 The LLDP Statistics page displays the following statistics: System-wide Statistics • Last Update — Displays the value of system up time the last time a remote data entry was created, modified, or deleted. • Total Inserts — Displays the number of times a complete set of information advertised by a remote switch has been inserted into the table.
Page 405: Lldp Connections
Table 7-51. LLDP Statistics Commands CLI Command Description show lldp statistics Displays the current LLDP traffic statistics. clear lldp statistics Resets all LLDP statistics. LLDP Connections Use the LLDP Connections page to view the list of ports with LLDP enabled. Basic connection details are displayed.
Page 406 Viewing Details about the LLDP Connections 1. Open the LLDP Connections page. 2. Click the interface in the Local Interface field to view details about that device. The LLDP Connections - Detailed page for the device displays. Figure 7-98. Detailed LLDP Connections 3.
Page 407: Configuring Link Layer Discovery Protocol (Lldp) For Media Endpoint Devices
Table 7-52. LLDP Connections Commands CLI Command Description show lldp interface Displays the current LLDP interface state. show lldp local-device Displays the LLDP local data show lldp remote-device Displays the LLDP remote data clear lldp remote data Deletes all data from the remote data table. Configuring Link Layer Discovery Protocol (LLDP) for Media Endpoint Devices The IEEE 802.1AB standard, which describes the Link Layer Discovery Protocol (LLDP), formalizes the...
Page 408 To display the LLDP-MED Global Configuration page, click Switching→ LLDP → LLDP-MED → LLDP-MED Global Configuration in the tree view. Figure 7-99. LLDP-MED Global Configuration The LLDP-MED Global Configuration page contains the following fields: • Fast Start Repeat Count — Specifies the number of LLDP PDUs that will be transmitted when the protocol is enabled.
Page 409: Lldp-Med Interface Configuration
• LLDP Commands The following table summarizes the equivalent CLI commands for this feature. Table 7-53. LLDP-MED Global Commands CLI Command Description lldp med faststartrepeatcount Sets the value of the fast start repeat count. show lldp med Displays a summary of the current LLDP MED configuration. lldp med confignotification Enables sending the topology change notifications.
Page 410 LLDP-MED Mode — Specifies the Link Layer Data Protocol-Media End Point (LLDP-MED) mode • for the selected interface. Enabling MED effectively enables the transmit and receive function of LLDP. • Config Notification Mode — Specifies the LLDP-MED topology notification mode for the selected interface.
Page 411: Lldp-Med Local Device Information
Figure 7-101. LLDP-MED Interface Summary Configuring LLDP-MED Interface Settings with CLI Commands For information about the CLI commands that perform this function, see the following chapter in the CLI Reference Guide: • LLDP Commands The following table summarizes the equivalent CLI commands for this feature. Table 7-54.
Page 412 To display the LLDP-MED Local Device Information page, click Switching→ LLDP→ LLDP-MED→ LLDP-MED Local Device Information in the tree view. Figure 7-102. LLDP-MED Local Device Information The LLDP-MED Local Device Information page contains the following fields: • Port — Select the unit and port to display the LLDP local data advertised by the port. The port drop- down list contains only the ports with LLDP-MED enabled.
Page 413 Vlan Id — Specifies the VLAN ID associated with a particular policy type. – – Priority — Specifies the priority associated with a particular policy type. – DSCP — Specifies the DSCP associated with a particular policy type. – Unknown Bit Status — Specifies the unknown bit associated with a particular policy type. –...
Page 414: Lldp-Med Remote Device Information
Viewing LLDP-MED Local Device Information with CLI Commands For information about the CLI commands that perform this function, see the following chapter in the CLI Reference Guide: • LLDP Commands The following table summarizes the equivalent CLI commands for this feature. Table 7-55.
Page 415 Capability Information — Specifies the supported and enabled capabilities that was received in MED • TLV on this port. Supported Capabilities — Specifies supported capabilities that was received in MED TLV on this – port. – Enabled Capabilities — Specifies enabled capabilities that was received in MED TLV on this port.
Page 416 Sub Type — Specifies type of location information. – – Location Information — Specifies the location information as a string for given type of location • Extended PoE — Specifies if remote device is a PoE device. – Device Type — Specifies remote device's PoE device type connected to this port. •...
Page 417: Creating Link Dependencies
Creating Link Dependencies The link dependency feature provides the ability to enable or disable one or more ports based on the link state of one or more different ports. With link dependency enabled on a port, the link state of that port is dependent on the link state of another port.
Page 418 Figure 7-104. Link Dependency Summary The Link Dependency Summary page contains the following fields: • Group ID — The ID number of the group. • Member Ports — The list of member ports belonging to the group. • Ports Depended On — The list of ports upon which the group depends. •...
Page 419 Figure 7-105. Link Dependency Group Configuration 3. To add a port to the Member Ports column, click the port in the Available Ports column, and then click the << button to the left of the Available Ports column. Ctrl + click to select multiple ports. 4.
Page 420: Dynamic Arp Inspection
Table 7-57. Link Dependency Commands CLI Command Description link-dependency group Enters the link-dependency mode to configure a link-dependency group. add ethernet Adds member Ethernet port(s) to the dependency list. add port-channel Adds member port-channels to the dependency list. depends-on ethernet Adds the dependent Ethernet ports list.
Page 421 Figure 7-106. Dynamic ARP Inspection Global Configuration The Dynamic ARP Inspection Global Configuration page contains the following fields: • Validate Source MAC — Select the DAI Source MAC Validation Mode for the switch. If you select Enable, Sender MAC validation for the ARP packets will be enabled. The default is Disable. •...
Page 422: Dai Interface Configuration
DAI Interface Configuration Use the DAI Interface Configuration page to select the DAI Interface for which information is to be displayed or configured. To display the DAI Interface Configuration page, click Switching → Dynamic ARP Inspection → DAI Interface Configuration in the navigation tree. Figure 7-107.
Page 423: Dai Vlan Configuration
• Dynamic ARP Inspection Commands The following table summarizes the equivalent CLI commands for this feature. Table 7-59. Dynamic ARP Inspection Interface Commands CLI Command Description ip arp inspection limit Configures the rate limit and burst interval values for an interface. ip arp inspection trust Configures an interface as trusted for Dynamic ARP Inspection.
Page 424: Dai Acl Configuration
Logging Invalid Packets — Select whether Dynamic ARP Inspection logging is Enabled or Disabled • on this VLAN. The default is Disable. ARP ACL Name — The name of the ARP Access List. A VLAN can be configured to use this ARP •...
Page 425 Figure 7-109. Dynamic ARP Inspection ARP ACL Configuration The Dynamic ARP Inspection ARP ACL Configuration page contains the following field: • ARP ACL Name — Use this field to create a new ARP ACL for Dynamic ARP Inspection. The name can be 1 to 31 alphanumeric characters in length.
Page 426: Dai Acl Rule Configuration
Configuring Dynamic ARP Inspection DAI ACL With CLI Commands For information about the CLI commands that perform this function, refer to the following chapter in CLI Reference Guide • Dynamic ARP Inspection Commands The following table summarizes the equivalent CLI commands for this feature. Table 7-61.
Page 427: Dai Statistics
Sender IP Address — To create a new rule for the selected ARP ACL, enter in this field the Sender IP • Address match value for the ARP ACL. Sender MAC Address — To create a new rule for the selected ARP ACL, enter in this field the Sender •...
Page 428 Figure 7-113. Dynamic ARP Inspection Statistics The Dynamic ARP Inspection Statistics page contains the following fields: • VLAN ID — Select the DAI-enabled VLAN ID for which to display statistics. • DHCP Drops — The number of ARP packets that were dropped by DAI because there was no matching DHCP snooping binding entry found.
Page 429: Dhcp Snooping
Forwarded — The number of valid ARP packets forwarded by DAI. • • Dropped — The number of not valid ARP packets dropped by DAI. Viewing Dynamic ARP Inspection Statistics With CLI Commands For information about the CLI commands that perform this function, refer to the following chapter in CLI Reference Guide •...
Page 430: Dhcp Snooping Configuration
Table 7-64. DHCP Snooping Destination UDP Port 67 (from client) Destination UDP Port 68 (from server) Trusted Port Forward in hardware Copy to CPU (Complete the tentative binding for a given DHCP client, based on the MAC address.) Untrusted Port Trap to CPU (enforcement) Trap to CPU (error logging) To display the DHCP Snooping page, click Switching →...
Page 431: Dhcp Snooping Interface Configuration
Figure 7-114. DHCP Snooping Configuration The DHCP Snooping Configuration page contains the following fields: DHCP Snooping Mode — Enables or disables the DHCP Snooping feature. The default is Disable. • • MAC Address Validation — Enables or disables the validation of sender MAC Address for DHCP Snooping.
Page 432 The hardware rate limits DHCP packets sent to the CPU from untrusted interfaces to 64 Kbps. There is no hardware rate limiting on trusted interfaces. To prevent DHCP packets from being used as a DoS attack when DHCP snooping is enabled, the snooping application enforces a rate limit for DHCP packets received on untrusted interfaces.
Page 433 Port — Select the interface for which data is to be displayed or configured. • • Trust State — If it is enabled, the DHCP snooping application considers the port as trusted. The default is Disable. • Logging Invalid Packets — If it is enabled, the DHCP snooping application logs invalid packets on this interface.
Page 434: Dhcp Snooping Vlan Configuration
Table 7-66. DHCP Snooping Interface Configuration Commands CLI Command Description ip dhcp snooping limit Controls the maximum rate of DHCP messages. ip dhcp snooping log-invalid Enables logging of DHCP messages filtered by the DHCP Snooping application. ip dhcp snooping trust Configure a port as trusted for DHCP snooping.
Page 435 Figure 7-117. DHCP Snooping VLAN Configuration The DHCP Snooping VLAN Configuration page contains the following fields: • VLAN ID — Select the VLAN for which information to be displayed or configured for the DHCP snooping application. • DHCP Snooping Mode — Enables or disables the DHCP snooping feature on the selected VLAN. The default is Disable.
Page 436: Dhcp Snooping Persistent Configuration
Configuring DHCP Snooping VLANs With CLI Commands For information about the CLI commands that perform this function, refer to the following chapter in CLI Reference Guide • DHCP Snooping Commands The following table summarizes the equivalent CLI commands for this feature. Table 7-67.
Page 437: Dhcp Snooping Static Bindings Configuration
Store Locally — Choose whether to store the DHCP snooping database locally in flash or on a remote • system: Local — Select the Local check box to store the DHCP binding database in the flash memory on – the switch. –...
Page 438 The DHCP binding database is persisted on a configured external server or locally in flash, depending on the user configuration. A row-wise checksum is placed in the text file that is going to be stored in the remote configured server. On reloading, the switch reads the configured binding file to build the DHCP snooping database.
Page 439 Figure 7-121. DHCP Snooping Static Bindings Configuration The DHCP Snooping Static Bindings Configuration page contains the following fields: • Interface — Select the interface to add a binding into the DHCP snooping database. • MAC Address — Specify the MAC address for the binding to be added. This is the Key to the binding database.
Page 440: Dhcp Snooping Dynamic Bindings Summary
Figure 7-122. DHCP Snooping Static Bindings Summary Configuring DHCP Snooping Static Bindings With CLI Commands For information about the CLI commands that perform this function, refer to the following chapter in CLI Reference Guide • DHCP Snooping Commands The following table summarizes the equivalent CLI commands for this feature. Table 7-69.
Page 441 Figure 7-123. DHCP Snooping Dynamic Bindings Summary The DHCP Snooping Dynamic Bindings Summary page contains the following fields: • Interface — Displays the interface. • MAC Address — Displays the MAC address. • VLAN ID — Displays the VLAN ID. IP Address —...
Page 442: Dhcp Snooping Statistics
Table 7-70. DHCP Snooping Dynamic Bindings Summary Commands CLI Command Description show ip dhcp snooping binding Displays the DHCP snooping binding entries. clear ip dhcp snooping binding Clears all DHCP Snooping entries. DHCP Snooping Statistics The DHCP Snooping Statistics page displays DHCP snooping interface statistics. To access the DHCP Snooping Statistics page, click Switching →...
Page 443: Dhcp Relay
Client Ifc Mismatch — The number of DHCP messages that are dropped based on the source MAC • address and client hardware address verification. DHCP Server Msgs Received — The number of server messages that are dropped on an untrusted •...
Page 444: Dhcp Relay Global Configuration
• DHCP Relay VLAN Configuration DHCP Relay Global Configuration Use this page to enable or disable the switch to act as a DHCP Relay agent. This functionality must also be enabled on each port you want this service to operate on (see DHCP Relay Interface Configuration). The switch can also be configured to relay requests only when the VLAN of the requesting client corresponds to a service provider’s VLAN ID that has been enabled with the L2 DHCP relay functionality (see DHCP Relay VLAN Configuration).
Page 445: Dhcp Relay Interface Configuration
DHCP Relay Interface Configuration Use this page to enable L2 DHCP relay on individual ports. NOTE: L2 DHCP relay must also be enabled globally on the switch. To access this page, click Switching → DHCP Relay → Interface Configuration in the tree view. Figure 7-126.
Page 446: Dhcp Relay Interface Statistics
The DHCP Relay Interface Summary table displays. Figure 7-127. DHCP Relay Interface Summary Configuring DHCP Relay With CLI Commands For information about the CLI commands that perform this function, refer to the following chapter in CLI Reference Guide • L2 DHCP Relay Agent Commands The following table summarizes the equivalent CLI commands for this feature.
Page 447 Figure 7-128. DHCP Relay Interface Statistics The DHCP Relay Interface Statistics page contains the following fields: Interface — Select the slot/port to configure this feature on. • • Untrusted Server Msgs With Option-82 — If the selected interface is configured in untrusted mode, this field shows the number of messages received on the interface from a DHCP server that contained Option 82 data.These messages are dropped.
Page 448: Dhcp Relay Vlan Configuration
Viewing DHCP Relay Statistics With CLI Commands For information about the CLI commands that perform this function, refer to the following chapter in CLI Reference Guide • L2 DHCP Relay Agent Commands The following table summarizes the equivalent CLI commands for this feature. Table 7-74.
Page 449 Figure 7-129. DHCP Relay VLAN Configuration The DHCP Relay VLAN Configuration page contains the following fields: • VLAN ID — Select a VLAN ID from the list for configuration. This is an S-VID (as indicated by the service provider) that identifies a VLAN that is authorized to relay DHCP packets through the provider network.
Page 450 This sub-option can be used by the server for parameter assignment. The content of this option is vendor-specific. Displaying the DHCP Relay VLAN Summary Table 1. Open the DHCP Relay VLAN Configuration page. 2. Click Show All. The DHCP Relay VLAN Summary table displays. Figure 7-130.
Page 451: Priority-Based Flow Control (Pfc)
Priority-based Flow Control (PFC) PFC Overview The Priority-based Flow Control feature allows the user to pause (inhibit transmission) of individual priorities within a single physical link. By configuring PFC to independently pause congested priorities, protocols that are highly loss sensitive can share the same link with traffic with different loss tolerances. Priorities are differentiated by the priority field of the 802.1Q VLAN header.
Page 452: Pfc Statistics
The PFC Configuration page contains the following fields: • Interface — Select the Unit/Port or LAG from drop-down menus for PFC treatment. Click Global to specify all interfaces. • PFC Admin Mode — Sets the Admin Mode to enable or disable PFC on the selected interface. •...
Page 453 Transmitted PFC Frames — Displays the total number of PFC frames that have been received by the • selected interface. Priority — Displays the priority value of which the PFC statistics of the selected interface are being • shown. • Received PFC Frames (per Priority) —...
Page 454 Configuring Switching Information...
Page 455: Viewing Statistics And Remote Monitoring
Viewing Statistics and Remote Monitoring Overview This section explains the RMON options available from the Statistics/RMON menu page. These options include viewing statistics in table form, editing and viewing RMON statistics, and charting Port and LAG statistics. The Statistics/RMON menu page provides access to these options through the following menu pages: •...
Page 456: Table Views
Table Views The Table Views menu page contains links to web pages that display statistics in table form. To display this page, click Statistics/RMON → Table Views in the tree view. Following are the web pages accessible from this menu page: •...
Page 457 The Interface Statistics page contains the following fields: • Interface — Select physical interface (unit, port) or LAG interface for which statistics is displayed. • Refresh Rate — Specifies amount of time that passes before statistics are refreshed. The possible field values are No Refresh, 15, 30 and 60 seconds.
Page 458: Etherlike Statistics
Etherlike Statistics Use the Etherlike Statistics page to display interface statistics. To display the page, click Statistics/RMON → Table Views → Etherlike Statistics in the tree view. Figure 8-2. Etherlike Statistics The Etherlike Statistics page contains the following fields: • Interface —...
Page 459: Gvrp Statistics
Received Pause Frames — Displays number of received paused frames on the selected interface. • • Transmitted Pause Frames — Displays number of transmitted paused frames on the selected interface. • Received PFC Frames — Displays the total number of PFC frames received by this interface. •...
Page 460 Figure 8-3. GVRP Statistics Viewing Statistics and Remote Monitoring...
Page 461 The GVRP Statistics page contains the following fields: • Interface — Select physical interface (unit, port) or LAG interface for which statistics will be displayed. • Refresh Rate — Specifies amount of time that passes before statistics are refreshed. The possible field values are No Refresh, 15, 30, and 60 seconds.
Page 462: Eap Statistics
EAP Statistics Use the EAP Statistics page to display information about EAP packets received on a specific port. For more information about EAP, see "Dot1x Authentication." To display the EAP Statistics page, click Statistics/RMON → Table Views → EAP Statistics in the tree view Figure 8-4.
Page 463: Utilization Summary
Request ID Frames Received — Displays the number of EAP Request ID frames that have been • received on the port. Request Frames Transmitted — Displays the number of EAP Request frames transmitted through the • port. • Request ID Frames Transmitted — Displays the number of EAP Requested ID frames transmitted through the port.
Page 464 Figure 8-5. Utilization Summary The Utilization Summary page contains the following fields: • Unit — Specifies the unit for which statistics are displayed. • Refresh Rate — Specifies amount of time that passes before statistics are refreshed. The possible field values are No Refresh, 15, 30, and 60 seconds.
Page 465: Counter Summary
Viewing Interface Utilization Statistics Using CLI Commands For information about the CLI commands that perform this function, see the following chapter in the CLI Reference Guide • RMON Commands The following table summarizes the equivalent CLI commands for this feature. Table 8-5.
Page 466: Rmon
Interface Status — Displays status of the interface. • • Received Unicast Packets — Displays number of received Unicast packets on the interface. • Transmit Unicast Packets — Displays number of transmitted Unicast packets from the interface. • Received Non Unicast Packets — Displays number of received non-Unicast packets on the interface. •...
Page 467: Rmon Statistics
RMON Statistics Use the RMON Statistics page to display details about switch use such as packet processing statistics and errors that have occurred on the switch. To display the page, click Statistics/RMON → RMON → Statistics in the tree view. Figure 8-7.
Page 468 Multicast Packets Received — Displays number of good multicast packets received on the interface • since the switch was last refreshed. CRC & Align Errors — Displays number of CRC and Align errors that have occurred on the interface • since the switch was last refreshed.
Page 469: Rmon History Control Statistics
Table 8-7. RMON Commands CLI Command Description show rmon statistics Displays RMON Ethernet Statistics. RMON History Control Statistics Use the RMON History Control page to maintain a history of statistics on each port. For each interface (either a physical port or a port-channel), you can define how many buckets exist, and the time interval between each bucket snapshot.
Page 470 Adding a History Control Entry 1. Open the RMON History Control page. 2. Click Add. The Add History Entry page displays. Figure 8-9. Add History Entry 3. Complete the fields on this page and click Apply Changes. The entry is added to the RMON History Control Table. Displaying the RMON History Control Table 1.
Page 471: Rmon History Table
Viewing RMON History Control Using CLI Commands For information about the CLI commands that perform this function, see the following chapter in the CLI Reference Guide • RMON Commands The following table summarizes the equivalent CLI commands for this feature. Table 8-8.
Page 472 Sampling Interval — Sets the time in seconds between successive samples. • • Sample No. — Indicates the specific sample the information in the table reflects. • Drop Events — Displays the total number of events in which packets were dropped by the port due to lack of resources.
Page 473: Rmon Event Control
Viewing RMON History Table Using CLI Commands For information about the CLI commands that perform this function, see the following chapter in the CLI Reference Guide • RMON Commands The following table summarizes the equivalent CLI commands for this feature. Table 8-9.
Page 474 Event Type — Selects the event type. Possible values are: • – Log — Event type is a log entry. – Trap — Event type is a trap. – Log and Trap — Event type is both a log entry and a trap. –...
Page 475: Rmon Event Log
Displaying the RMON Event Control Table 1. Open the RMON Event Control page. 2. Click Show All. The Event Control Table displays. Figure 8-14. Event Control Table Removing RMON Event Entries 1. Open the RMON Event Control page. 2. Choose the event to remove from the drop-down menu in the Event Entry field and check Remove. 3.
Page 476: Rmon Alarms
Figure 8-15. RMON Event Log The RMON Event Log page contains the following fields: • Event — Displays the RMON Events Log entry number. • Log No. — Displays the log number. • Log Time — Displays the time when the log entry was entered. •...
Page 477 Figure 8-16. RMON Alarms The RMON Alarms page contains the following fields: • Alarm Entry — Selects a specific alarm from the drop-down menu. • OID — Specifies the Object Identifier. • Counter Value — Displays the number of selected events counted. •...
Page 478 Falling Threshold (0–2147483647) — Displays the falling counter value that triggers the falling • threshold alarm. The falling threshold is graphically presented on top of the graph bars. Each monitored variable is designated a color. The default is 20. • Falling Event —...
Page 479 Displaying the Alarm Table 1. Open the RMON Alarms page. 2. Click Show All. The left side of the RMON Alarms Table displays. Figure 8-18. RMON Alarms Table 3. Click the right arrow at the bottom of the screen to view the right side of the table. Removing One Alarm Table Entry 1.
Page 480 Table 8-12. Alarm Configuration Commands CLI Command Description rmon alarm Configures alarm conditions. show rmon alarm display alarm configuration. show rmon alarm-table Displays the alarms summary table. Viewing Statistics and Remote Monitoring...
Page 481: Charts
Charts The Chart menu page contains links to web pages that allow you to chart statistics on a graph. To display the Charts menu page, click Statistics/RMON → Charts in the tree view. The Charts menu page contains links to the following features: •...
Page 482: Lag Statistics
Refresh Rate — Selects the amount of time that passes before statistics are refreshed. The possible • field values are No Refresh, 15, 30 and 60 seconds. The default rate is No Refresh. Displaying Port Statistics 1. Open the Ports Statistics page. 2.
Page 483 Figure 8-20. LAG Statistics The LAG Statistics page contains the following fields: • Interface Statistics — Selects Interface Statistics when clicked, and specifies the type of interface statistics to graph from the drop-down menu. The default is Received Rate. • Etherlike Statistics —...
Page 484 • RMON Commands • GVRP Commands The following table summarizes the equivalent CLI commands for this feature. The following table summarizes the equivalent CLI commands for this feature. Table 8-14. LAG Statistics Commands CLI Command Description show interfaces counters Display traffic seen by the interface. show statistics ethernet Displays detailed statistics for a specific port or for the entire switch.
Page 485: Configuring Routing
Configuring Routing Overview The PowerConnect 8024/8024F supports the IP routing feature. Use the Routing menu page to configure routing on VLANs. The Routing menu page contains links to the following features: • • • OSPF • BOOTP/DHCP Relay Agent •...
Page 486: Arp
The PowerConnect 8024/8024F uses the ARP protocol to associate a layer 2 MAC address with a layer 3 IPv4 address. Additionally, the administrator can statically add entries into the ARP table. ARP is a necessary part of the internet protocol (IP) and is used to translate an IP address to a media (MAC) address, defined by a local area network (LAN) such as Ethernet.
Page 487 Figure 9-1. ARP Create The ARP Create page contains the following fields: • IP Address — Enter the IP address you want to add. It must be the IP address of a device on a subnet attached to one of the switch's existing routing interfaces. •...
Page 488: Arp Table Configuration
ARP Table Configuration Use this page to change the configuration parameters for the Address Resolution Protocol Table. You can also use this screen to display the contents of the table. To display the page, click Routing → ARP → ARP Table Configuration in the tree view. Figure 9-2.
Page 489 Cache Size — Enter an integer which specifies the maximum number of entries for the ARP cache. • The range for this field is 256 to 896 . The default value for Cache Size is 896. Dynamic Renew — This controls whether the ARP component automatically attempts to renew ARP •...
Page 490 Table 9-2. ARP Table Commands CLI Command Description arp cachesize Configures the maximum number of entries in the ARP cache. arp dynamicrenew Enables the ARP component to automatically renew dynamic ARP entries when they age out. arp purge Causes the specified IP address to be removed from the ARP cache. arp resptime Configures the ARP request response timeout.
Page 491: Ip Configuration
The IP menu page contains links to web pages that configure and display IP routing data. To display this page, click Routing → IP in the tree view. Following are the web pages accessible from this menu page: • IP Configuration •...
Page 492: Ip Statistics
ICMP Redirects — Select Enable to allow the switch to generate ICMP redirect messages. Select • Disable to prevent the switch from generating ICMP redirect messages. The ICMP Redirect feature is also configurable on each interface. • ICMP Rate Limit Interval — To control the ICMP error packets, you can specify the number of ICMP error packets that are allowed per burst interval.
Page 493 Figure 9-4. IP Statistics The IP Statistics page contains the following fields: • IpInReceives — The total number of input datagrams received from interfaces, including those received in error. • IpInHdrErrors — The number of input datagrams discarded due to errors in their IP headers, including bad checksums, version number mismatch, other format errors, time-to-live exceeded, errors discovered in processing their IP options, etc.
Page 494 IpInDiscards — The number of input IP datagrams for which no problems were encountered to • prevent their continued processing, but which were discarded (for example, for lack of buffer space). Note that this counter does not include any datagrams discarded while awaiting re-assembly. •...
Page 495 IcmpInParmProbs — The number of ICMP Parameter Problem messages received. • • IcmpInSrcQuenchs — The number of ICMP Source Quench messages received. • IcmpInRedirects — The number of ICMP Redirect messages received. • IcmpInEchos — The number of ICMP Echo (request) messages received. •...
Page 496: Ip Interface Configuration
Displaying IP Statistics Using CLI Commands For information about the CLI command that performs this function, see the following chapter in the CLI Reference Guide: • IP Routing Commands The following table summarizes the equivalent CLI commands for this feature. Table 9-4.
Page 497 Interface — Select the interface to configure from the drop-down menu. The drop-down menu • contains loopback interfaces and VLANs created from the Switching→ VLAN→ VLAN Membership→ Add page. • IP Address — Enter the IP address for the interface. •...
Page 498 Modifying an IP Interface 1. Open the IP Interface Configuration page. 2. Change values as needed. 3. Click Apply Changes. Changes are saved, and the IP Interface is updated. IP Interface Configuration CLI Commands For information about the CLI commands that perform this function, see the following chapters in the CLI Reference Guide: •...
Page 499: Ospf
IP Addresses must be in the same area as the primary IP Address so that they get advertised by OSPF. This is always true in the case of the PowerConnect 8024/8024F software implementation because the area configuration is on a per interface basis as against a per network basis.
Page 500 Figure 9-6. OSPF Configuration The OSPF Configuration page contains the following fields: • Router ID — The 32-bit integer in dotted decimal format that uniquely identifies the router within the autonomous system (AS). If you want to change the Router ID you must first disable OSPF. After you set the new Router ID, you must re-enable OSPF to have the change take effect.
Page 501 RFC 1583 Compatibility — Select Enable or Disable from the drop-down menu to specify the • preference rules that are used when choosing among multiple AS-external-LSAs advertising the same destination. If you select Enable, the preference rules are those defined by RFC 1583. If you select Disable, the preference rules are those defined in Section 16.4.1 of the OSPF-2 standard (RFC 2328), which prevent routing loops when AS-external-LSAs for the same destination have been originated from different areas.
Page 502 External LSDB Limit — The maximum number of AS-External-LSAs that can be stored in the • database. A value of -1 implies there is no limit on the number that can be saved. The valid range of values is -1 to 2147483647. •...
Page 503 Table 9-6. OSPF Global Commands CLI Command Description auto-cost Changes the reference bandwidth used in computing link cost. bandwidth Changes the bandwidth used in computing link cost. capability opaque Enables Opaque Capability on the router. clear ip ospf Resets specific OSPF states. default-information originate Controls the advertisement of default routes.
Page 504: Area Configuration
Area Configuration The OSPF Area Configuration page lets you create a Stub area configuration and NSSA once you’ve enabled OSPF on an interface through Routing → OSPF → Interface Configuration. At least one router must have OSPF enabled for this web page to display. To display the page, click Routing →...
Page 505 Area LSA Count — The total number of link-state advertisements in this area's link-state database, • excluding AS External LSAs. Area LSA Checksum — The 32-bit unsigned sum of the link-state advertisements' LS checksums • contained in this area's link-state database. This sum excludes external (LS type 5) link-state advertisements.
Page 506 The OSPF area is defined and configured. Displaying an OSPF Area Configuration 1. Open the OSPF Area Configuration page. 2. Select the OSPF area to display from the drop-down menu. The OSPF area configuration is displayed for this area. Deleting an OSPF Area Configuration Use these steps to delete NSSA configuration or Stub area configuration.
Page 507 Table 9-7. OSPF Area Configuration Commands CLI Command Description area default-cost Configures the monetary default cost for the stub area. area nssa Configures the specified area ID to function as an NSSA. area nssa default-info-originate Configures the metric value and type for the default route advertised into the NSSA.
Page 508: Stub Area Summary
Stub Area Summary The OSPF Stub Area Summary page displays OSPF stub area detail. To display the page, click Routing → OSPF → Stub Area Summary in the tree view. Figure 9-8. OSPF Stub Area Summary The OSPF Stub Area Summary page displays the following fields: Area ID —...
Page 509: Area Range Configuration
Area Range Configuration Use the OSPF Area Range Configuration page to configure and display an area range for a specified NSSA. To display the page, click Routing → OSPF → Area Range Configuration in the tree view. Figure 9-9. OSPF Area Range Configuration The OSPF Area Range Configuration page contains the following fields: •...
Page 510 2. Enter Area ID, IP Address, Subnet Mask, LSDB Type and Advertisement. 3. Click the Add check box. 4. Click Apply Changes. The OSPF area range is defined and configured. All configured OSPF area ranges are displayed in the table on the OSPF Area Range Configuration page. Removing an OSPF Area Range Configuration 1.
Page 511: Interface Statistics
Interface Statistics Use the OSPF Interface Statistics page to display statistics for the selected interface. The information is displayed only if OSPF is enabled. To display the page, click Routing → OSPF → Interface Statistics in the tree view. Figure 9-10. OSPF Interface Statistics The OSPF Interface Statistics page contains the following fields: •...
Page 512 Invalid Destination Address — The number of OSPF packets discarded because the packet's • destination IP address is not the address of the ingress interface and is not the AllDrRouters or AllSpfRouters multicast addresses. • Wrong Authentication Type — The number of packets discarded because the authentication type specified in the OSPF header does not match the authentication type configured on the ingress interface.
Page 513 Displaying OSPF Interface Statistics Using CLI Commands For information about the CLI command that performs this function, see the following chapter in the CLI Reference Guide: • OSPF Commands The following table summarizes the equivalent CLI commands for this feature. Table 9-10.
Page 514: Interface Configuration
Interface Configuration Use the OSPF Interface Configuration page to configure an OSPF interface. To display the page, click Routing → OSPF → Interface Configuration in the tree view. Figure 9-11. OSPF Interface Configuration The OSPF Interface Configuration page contains the following fields: •...
Page 515 NOTE: Once OSPF is initialized on the router, it remains initialized until the router is reset. • OSPF Area ID — Enter the 32-bit integer in dotted decimal format that uniquely identifies the OSPF area to which the selected router interface connects. If you assign an Area ID which does not exist, the area is created with default values.
Page 516 Point-to-Point — When there are only two routers on the network, OSPF can operate more – efficiently by treating the network as a point-to-point network. For point-to-point networks, OSPF does not elect a designated router or generate a network link state advertisement (LSA). Both endpoints of the link must be configured to operate in point-to-point mode.
Page 517 Designated Router — This router is itself the Designated Router on the attached network. – Adjacencies are established to all other routers attached to the network. The router must also originate a network-LSA for the network node. The network- LSA contains links to all routers (including the Designated Router itself) attached to the network.
Page 518 Configuration data for this interface display. Configuring an OSPF Interface using CLI Commands For information about the CLI commands that perform this function, see the following chapter in the CLI Reference Guide: • OSPF Commands The following table summarizes the equivalent CLI commands for this feature. Table 9-11.
Page 519: Neighbor Table
Neighbor Table Use the OSPF Neighbor Table page to display the OSPF neighbor table list. When a particular neighbor ID is specified, detailed information about a neighbor is given. The information below is only displayed if OSPF is enabled. To display the page, click Routing → OSPF → Neighbor Table in the tree view. Figure 9-12.
Page 520: Neighbor Configuration
Table 9-12. OSPF Neighbor Table Commands CLI Command Description show ip ospf neighbor Displays information about OSPF neighbors. Neighbor Configuration Use the OSPF Neighbor Configuration page to display the OSPF neighbor configuration for a selected neighbor ID. When a particular neighbor ID is specified, detailed information about a neighbor is given. The information below is only displayed if OSPF is enabled and the interface has a neighbor.
Page 521 Router Priority — Displays the OSPF priority for the specified neighbor. The priority of a neighbor is a • priority integer from 0 to 255. A value of 0 indicates that the router is not eligible to become the designated router on this network. •...
Page 522 2. Select the interface and the IP address to display. The neighbor configuration displays. Displaying OSPF Neighbor Configuration Using CLI Commands For information about the CLI command that performs this function, see the following chapter in the CLI Reference Guide: •...
Page 523: Link State Database
Link State Database Use the OSPF Link State Database page to display OSPF link state, external LSDB table, and AS opaque LSDB table information. To display the page, click Routing → OSPF → Link State Database in the tree view. Figure 9-14.
Page 524 – Network Summary – ASBR Summary – AS-external • LS ID — The Link State ID identifies the piece of the routing domain that is being described by the advertisement. The value of the LS ID depends on the advertisement's LS type. •...
Page 525: Virtual Link Configuration
Virtual Link Configuration Use the Virtual Link Configuration page to create or configure virtual interface information for a specific area and neighbor. A valid OSPF area must be configured before this page can be displayed. To display the page, click Routing → OSPF → Virtual Link Configuration in the tree view. Figure 9-15.
Page 526 Dead Interval — Enter the OSPF dead interval for the specified interface in seconds. This specifies • how long a router waits to see a neighbor router's Hello packets before declaring that the router is down. This parameter must be the same for all routers attached to a network. This value should a multiple of the Hello Interval (for example, 4).
Page 527 None — This is the initial interface state. If you select this option from the drop-down menu on – the second screen and click Apply Changes, you are returned to the first screen. Simple — If you select Simple you are prompted to enter an authentication key. This key is –...
Page 528 Figure 9-16. OSPF Virtual Link Configuration 5. Click Configure Authentication to modify authentication. The following page appears: Configuring Routing...
Page 529 Figure 9-17. OSPF Virtual Link Authentication Configuration 6. Select values for Authentication Type and Authentication Key. 7. Click Apply Changes when finished. Configuring Virtual Link Data 1. Open the OSPF Virtual Link Configuration page. 2. Specify the area ID and neighbor router ID to configure. 3.
Page 530 The related virtual link data displays. 3. Click Delete. The virtual link is removed, and the device is updated. Configuring Virtual Link Data Using CLI Commands For information about the CLI commands that perform this function, see the following chapter in the CLI Reference Guide: •...
Page 531: Virtual Link Summary
Virtual Link Summary Use the OSPF Virtual Link Summary page to display all of the configured virtual links. To display the page, click Routing → OSPF → Virtual Link Summary in the tree view. Figure 9-18. OSPF Virtual Link Summary The OSPF Virtual Link Summary page contains the following fields: •...
Page 532: Route Redistribution Configuration
Iftransit Delay Interval (secs) — The OSPF Transit Delay for the virtual link in units of seconds. It • specifies the estimated number of seconds it takes to transmit a link state update packet over this interface. Displaying the Virtual Link Summary Using CLI Commands For information about the CLI command that performs this function, see the following chapter in the CLI Reference Guide: •...
Page 533 Figure 9-19. OSPF Route Redistribution Configuration The OSPF Route Redistribution Configuration page contains the following fields: Source — A protocol configured for OSPF to redistribute the routes learned through this protocol. • Only source routes that have been configured for redistribution by OSPF are available. Possible values are Static, Connected, and RIP.
Page 534 – Destination IP Address and netmask – Action (permit or deny) All other fields (source and destination port, precedence, tos, and so on.) are ignored. The source IP address is compared to the destination IP address of the route. The source IP netmask in the access list rule is treated as a wildcard mask, indicating which bits in the source IP address must match the destination address of the route.
Page 535: Route Redistribution Summary
The following table summarizes the equivalent CLI commands for this feature. Table 9-17. OSPF Route Redistribution Configuration Commands CLI Command Description redistribute Configures OSPF protocol to allow redistribution of routes from the specified source protocol/routers. distribute-list out Specifies the access list to filter routes received from the source protocol.
Page 536: Bootp/Dhcp Relay Agent
BOOTREQUEST was arrived. This interface can be identified by giaddr field. T he PowerConnect 8024/8024F DHCP component also supports DHCP relay agent options to identify the source circuit when customers are connected to the Internet with high-speed modem. The relay agent inserts these options when forwarding the request to the server and removes them when sending the reply to the clients.
Page 537 To display the page, click Routing → BOOTP/DHCP Relay Agent → Configuration in the tree view. Figure 9-21. BOOTP/DHCP Relay Agent Configuration The BOOTP/DHCP Relay Agent Configuration page contains the following fields: Maximum Hop Count — Enter the maximum number of hops a client request can take before being •...
Page 538: Ip Helper
Configuring BOOTP/DHCP using CLI Commands For information about the CLI commands that perform this function, see the following chapter in the CLI Reference Guide: • DHCP and BOOTP Relay Commands The following table summarizes the equivalent CLI commands for this feature. Table 9-19.
Page 539 Figure 9-22. IP Helper Global Configuration The IP Helper Global Configuration page contains the following fields: • UDP Relay Mode — Use the menu to enable or disable the UDP relay mode. You must enable the UDP Relay Mode to relay any other protocols for which an IP helper address has been configured. By default UDP Relay Mode is Enabled.
Page 540 Table 9-20. UDP Port Allocations UDP Port Number Acronym Application SUNRPC Sun Microsystems Rpc Network Time NetBiosNameService NT Server to Station Connections NetBiosDatagramService NT Server to Station Connections NetBios SessionServiceNT Server to Station Connections SNMP Simple Network Management SNMP-trap Simple Network Management Traps Unix Rwho Daemon syslog...
Page 541: Ip Helper Interface Configuration
4. Enter the IP address of the server to which the packets with the given UDP Destination Port will be relayed. 5. Click Apply Changes. The UDP/Helper Relay is added and the device is updated. Configuring IP Helper Global Settings Using CLI Commands For information about the CLI commands that perform this function, see the following chapter in the CLI Reference Guide: •...
Page 542 Source IP Interface — Select the interface to use for UDP/Helper relays. Select All to configure relay • entries on all available interfaces. UDP Destination Port — Identifies destination UDP port number of UDP packets to be relayed. For a •...
Page 543: Ip Helper Statistics
The UDP/Helper Relay is added to the interface and the device is updated. Configuring IP Helper Interfaces Using CLI Commands For information about the CLI commands that perform this function, see the following chapter in the CLI Reference Guide: • IP Helper Commands The following table summarizes the equivalent CLI commands for this feature.
Page 544 DHCP Client Messages Relayed — The number of DHCP client messages relayed to a server. If a • message is relayed to multiple servers, the count is increased once for each server. DHCP Server Messages Received — The number of DHCP responses received from the DHCP server. •...
Page 545: Rip
Table 9-23. IP Helper Statistics Commands CLI Command Description show ip helper statistics Displays the number of DHCP and other UDP packets processed and relayed by the UDP relay agent. clear ip helper statistics Resets (to 0) the statistics displayed in show ip helper statistics. Routing Information Protocol (RIP) is an Interior Gateway Protocol (IGP) based on the Bellman-Ford algorithm and targeted at smaller networks (network diameter no greater than 15 hops).
Page 546 Figure 9-27. RIP Configuration The RIP Configuration page contains the following fields: • RIP Admin Mode — Select Enable or Disable from the drop-down menu. If you select Enable, RIP is enabled for the switch. The default is Disable. • Split Horizon Mode —...
Page 547 Configuring RIP 1. Open the RIP Configuration page. 2. Enter data in the fields as needed. 3. Click Apply Changes when finished. RIP is configured, and the device is updated. Configuring RIP Using CLI Commands For information about the CLI commands that perform this function, see the following chapter in the CLI Reference Guide: •...
Page 548: Rip Interface Configuration
RIP Interface Configuration Use the RIP Interface Configuration page to enable and configure or to disable RIP on a specific interface. To display the page, click Routing → RIP → Interface Configuration in the tree view. Figure 9-28. RIP Interface Configuration The RIP Interface Configuration page contains the following fields: •...
Page 549 Both — accept packets in either format. – • None — no RIP control packets is accepted. • RIP Admin Mode — Select Enable or Disable from the drop-down menu. Before you enable RIP version 1 or version 1c on an interface, you must first enable network directed broadcast mode on the corresponding interface.
Page 550: Rip Interface Summary
Selecting an Authentication Method 1. Open the RIP Interface Configuration page. 2. Specify the interface for which the authentication method is to be configured. 3. Click Modify. The Authentication Method page displays. 4. Specify the Authentication Type (None, Simple, or Encrypt) from the drop-down menu. 5.
Page 551 Figure 9-29. RIP Interface Summary The RIP Interface Summary page displays the following fields: • Interface — The interface, such as the routing-enabled VLAN on which RIP is enabled. • IP Address — The IP Address of the router interface. •...
Page 552: Rip Route Redistribution Configuration
Displaying RIP Interface Summary Using CLI Commands For information about the CLI command that performs this function, see the following chapter in the CLI Reference Guide: • Routing Information Protocol (RIP) Commands The following table summarizes the equivalent CLI commands for this feature. Table 9-26.
Page 553 Figure 9-30. RIP Route Redistribution Configuration The RIP Route Redistribution Configuration page contains the following fields: Source — Select the type of source route to configure for redistribution by RIP. Possible values are: • – Static – Connected – OSPF Metric —...
Page 554 destination netmask in the access list serves as a wildcard mask, indicating which bits in the route’s destination mask are significant for the filtering operation. • Redistribute — Enables or disables the redistribution for the selected source protocol. This field has to be enabled in order to be able to configure any of the route redistribution attributes.
Page 555: Rip Route Redistribution Summary
RIP Route Redistribution Summary Use the RIP Route Redistribution Summary page to display Route Redistribution configurations. To display the page, click Routing → RIP → Route Redistribution Summary in the tree view. Figure 9-31. RIP Route Redistribution Summary The RIP Route Redistribution Summary page contains the following fields: •...
Page 556: Router Discovery
Displaying RIP Route Redistribution Summary Using CLI Commands For information about the CLI command that performs this function, see the following chapter in the CLI Reference Guide: • Routing Information Protocol (RIP) Commands The following table summarizes the equivalent CLI commands for this feature. Table 9-28.
Page 557 Figure 9-32. Router Discovery Configuration The Router Discovery Configuration page contains the following fields: • VLAN Interface — Select the router interface for which data is to be configured. • Advertise Mode — Select Enable or Disable from the drop-down menu. If you select Enable, Router Advertisements are transmitted from the selected interface.
Page 558: Router Discovery Status
Configuring Router Discovery Using CLI Commands For information about the CLI commands that perform this function, see the following chapter in the CLI Reference Guide: • Router Discovery Protocol Commands The following table summarizes the equivalent CLI commands for this feature. Table 9-29.
Page 559 Figure 9-33. Router Discovery Status The Router Discovery Status page displays the following fields: • Interface — The router interface for which data is displayed. • Advertise Mode — The values are Enable or Disable. Enable denotes that Router Discovery is enabled on that interface.
Page 560: Router
Table 9-30. Router Discovery Status Command CLI Command Description show ip irdp Displays the router discovery information for all interfaces, or for a specified interface. Router The Router menu page contains links to web pages that configure and display route tables. To display this page, click Routing →...
Page 561: Best Routes Table
Network Address — The IP route prefix for the destination. • • Subnet Mask — Also referred to as the subnet/network mask, this indicates the portion of the IP interface address that identifies the attached network. • Protocol — This field tells which protocol created the specified route. The possibilities are one of the following: –...
Page 562 Figure 9-35. Router Best Routes Table The Router Best Routes Table page displays the following fields: • Total Number of Routes — The total number of routes in the route table. • Network Address — The IP route prefix for the destination. •...
Page 563: Route Entry Configuration
Displaying the Best Routes Table Using CLI Commands For information about the CLI command that performs this function, see the following chapter in the CLI Reference Guide: • IP Routing Commands The following table summarizes the equivalent CLI commands for this feature. Table 9-32.
Page 564 – Local – Static – Default – OSPF Intra – OSPF Inter – OSPF Type-1 – OSPF Type-2 – • Next Hop Interface — The outgoing router interface to use when forwarding traffic to the destination. • Next Hop IP Address — The outgoing router IP address to use when forwarding traffic to the next router (if any) in the path towards the destination.
Page 565: Configured Routes
Static — Enter values for Network Address, Subnet Mask, Next Hop IP Address, and Preference. Figure 9-38. Route Entry Configuration - Add Static Route Type 4. Click Apply Changes. The new route is added, and you are redirected to the Configured Routes page. Adding a Router Route Using CLI Commands For information about the CLI command that performs this function, see the following chapter in the CLI Reference Guide:...
Page 566 Figure 9-39. Configured Routes The Configured Routes page displays the following fields: Network Address — The IP route prefix for the destination. • • Subnet Mask — Also referred to as the subnet/network mask, this indicates the portion of the IP interface address that identifies the attached network.
Page 567: Route Preferences Configuration
Displaying Configured Routes Using CLI Commands For information about the CLI command that performs this function, see the following chapter in the CLI Reference Guide: • IP Routing Commands The following table summarizes the equivalent CLI commands for this feature. Table 9-34.
Page 568 Figure 9-40. Router Route Preferences Configuration The Router Route Preferences Configuration page contains the following fields: • Local — This field displays the local route preference value. • Static — The static route preference value in the router. The default value is 1. The range is 1 to 255. •...
Page 569: Vlan Routing
This section shows how to configure the PowerConnect 8024/8024F software to support VLAN routing. A port can be either a VLAN port or a router port, but not both. However, a VLAN port may be part of a VLAN that is itself a router port.
Page 570 Figure 9-41. VLAN Routing Summary The VLAN Routing Summary page displays the following fields: VLAN ID — The ID of the VLAN whose data is displayed in the current table row. • • MAC Address — The MAC Address assigned to the VLAN Routing Interface. •...
Page 571: Vrrp
Table 9-36. VLAN Routing Summary Commands CLI Command Description interface vlan Enters the interface configuration (VLAN) mode. interface range vlan Enters the interface configuration mode to configure multiple VLANs. name Configures a name to a VLAN. show ip vlan Displays the VLAN routing information for all VLANs with routing enabled.
Page 572: Vrrp Configuration
VRRP Configuration Use the VRRP Configuration page to enable or disable the administrative status of a virtual router. To display the page, click Routing → VRRP → Router Configuration in the tree view. Figure 9-42. VRRP Configuration The VRRP Configuration page contains the following field: •...
Page 573: Vrrp Router Configuration
VRRP Router Configuration Use the VRRP Configuration page to configure a virtual router. To display the page, click Routing → VRRP → Router Configuration in the tree view. Figure 9-43. VRRP Router Configuration The VRRP Router Configuration page contains the following fields: •...
Page 574 Priority — The operational priority of the VRRP router, which is relative to the configured priority and • depends on the priority decrements configured through tracking process. The priority and configured priority are the same unless a tracked event (for example a tracked interface is down) has occurred to change the value.
Page 575 Figure 9-44. Virtual Router Secondary Address 3. In the Secondary Address field, select Create to add a new secondary IP address, or select an existing secondary IP address to modify. 4. In the IP Address field, enter the secondary IP address. 5.
Page 576 Figure 9-46. Add VRRP Interface Tracking 4. Complete the fields as necessary. The Add VRRP Interface Tracking page contains the following fields. • Interface — The interface associated with the Virtual Router ID. • Virtual Router ID — The Virtual Router ID. •...
Page 577 Figure 9-48. Add VRRP Route Tracking 4. Complete the fields as necessary. The Add VRRP Route Tracking page contains the following fields. • Interface — The interface associated with the Virtual Router ID. • Virtual Router ID — The Virtual Router ID. •...
Page 578: Vrrp Virtual Router Status
Table 9-38. VRRP Configuration Commands CLI Command Description ip vrrp authentication Sets the authorization details value for the virtual router configured on a specified interface. ip vrrp ip Sets the virtual router IP address value for an interface. ip vrrp mode Enables the virtual router configured on an interface.
Page 579 Figure 9-49. Virtual Router Status The Virtual Router Status page displays the following fields: • VRID — Virtual Router Identifier. • VLANID - Indicates the interface associate with the VRID. • Priority — The priority value used by the VRRP router in the election for the master virtual router. •...
Page 580 – None — Specifies that the authentication type is none. – Simple — Specifies that the authentication type is a simple text password. • State — The current state of the Virtual Router: – Initialize – Master – Backup Status — The current status of the Virtual Router: •...
Page 581: Vrrp Virtual Router Statistics
VRRP Virtual Router Statistics Use the Virtual Router Statistics page to display statistics for a specified virtual router. To display the page, click Routing → VRRP → Virtual Router Statistics in the tree view. Figure 9-50. Virtual Router Statistics The Virtual Router Statistics page contains the fields listed below. Many of the fields display only when there is a valid VRRP configuration.
Page 582 State Transitioned to Master — The total number of times that this virtual router's state has • transitioned to Master. Advertisement Received — The total number of VRRP advertisements received by this virtual router. • • Advertisement Interval Errors — The total number of VRRP advertisement packets received for which the advertisement interval was different than the one configured for the local virtual router.
Page 583: Tunnels
Tunnels The PowerConnect 8024/8024F switches support the creation, deletion, and management of tunnel interfaces. These are dynamic interfaces that are created and deleted through user-configuration. Each switch also supports the functionality of a 6to4 border router that connects a 6to4 site to a 6to4 domain.
Page 584: Tunnels Configuration
Tunnels Configuration Use the Tunnels Configuration page to create, configure, or delete a tunnel. To display the page, click Routing → Tunnels → Configuration in the tree view. Figure 9-51. Tunnels Configuration The Tunnels Configuration page contains the following fields: •...
Page 585 You also have the option to specify the 64-bit extended unique identifier (EUI-64). • IPv6 Prefix Length — Specify the IPv6 prefix length. • Source — Select the desired source, IPv4 Address or Interface. If Address is selected, the source address for this tunnel must be entered in dotted decimal notation.
Page 586: Tunnels Summary
3. Change field values as desired in the remaining fields. 4. Click Apply Changes. The new configuration is saved, and the device is updated. Removing a Tunnel 1. Open the Tunnels Configuration page. 2. Specify the tunnel to remove in the Tunnel drop-down menu. 3.
Page 587 Figure 9-53. Tunnels Summary The Tunnels Summary page contains the following fields: Tunnel ID — The Tunnel ID. • • Tunnel Mode — The corresponding mode of the Tunnel. • IPv6 Mode — Shows whether IPv6 is enabled on the tunnel. •...
Page 588: Loopbacks
Loopbacks The PowerConnect 8024/8024F provides for the creation, deletion, and management of loopback interfaces. They are dynamic interfaces that are created and deleted through user-configuration. The PowerConnect 8024/8024F supports multiple loopback interfaces. A loopback interface is always expected to be up. As such, it provides a means to configure a stable IP address on the device that may be referred to by other switches.
Page 589 Figure 9-54. Loopback Configuration The Loopbacks Configuration pages contain the following fields: • Loopback — Use the drop-down menu to select from the list of currently configured loopback interfaces. Create is also a valid choice if the maximum number of loopback interfaces has not been created.
Page 590 The following fields display when a primary address is configured. You can configure multiple secondary addresses. Secondary Address — Select a configured IPv4 secondary address for the selected Loopback interface • from the drop-down menu. A new address can be entered in the Secondary IP Address field by selecting Add Secondary IP Address here (if the maximum number of secondary addresses has not been configured).
Page 591 Figure 9-56. Loopback Configuration - Add Secondary Address 8. Complete the Secondary Address, Secondary IP Address, and Secondary Subnet Mask fields. 9. Click the Add Secondary button. The secondary address is saved, and the webpage reappears showing the primary and secondary loopback addresses. Creating a New Loopback (IPv6) 1.
Page 592 Figure 9-57. Loopbacks Configuration - IPv6 Entry 5. Choose IPv6 from the drop-down box in the Protocol field. 6. Add the IPv6 Address. 7. Enter desired values in the remaining fields. 8. Click Submit. The new loopback is saved, and the device is updated. Configuring an Existing Loopback 1.
Page 593: Loopbacks Summary
2. Specify the loopback to be affected. 3. Specify the secondary address to be removed. 4. Click Delete Selected Secondary. The secondary address is deleted, and the device is updated. Configuring a Loopback using CLI Commands For information about the CLI commands that perform this function, see the following chapters in the CLI Reference Guide: •...
Page 594 Figure 9-58. Loopbacks Summary The Loopbacks Summary page displays the following fields: • Loopback Interface — The ID of the configured loopback interface. Addresses — A list of the addresses configured on the loopback interface. • Displaying the Loopbacks Summary Using CLI Commands For information about the CLI command that performs this function, see the following chapter in the CLI Reference Guide: •...
Page 595: Configuring Ipv6
On the PowerConnect 8024/8024F, IPv6 coexists with IPv4. As with IPv4, IPv6 routing can be enabled on loopback and VLAN interfaces. Each L3 routing interface can be used for IPv4, IPv6, or both.
Page 596: Global Configuration
Global Configuration Use the Global Configuration page to enable IPv6 forwarding on the router, enable the forwarding of IPv6 unicast datagrams, and configure global IPv6 settings. To display the page, click IPv6 → Global Configuration in the tree view. Figure 10-1. IPv6 Global Configuration The IPv6 Global Configuration page contains the following fields: •...
Page 597 Configuring IPv6 Parameters 1. Open the IPv6 Global Configuration page. 2. Enable or disable unicast routing from the drop-down menu. 3. Enable or disable IPv6 frames forwarding from the drop-down menu. 4. Click Apply Changes. Settings are saved, and the device is updated. Configuring IPv6 Using CLI Commands For information about the CLI commands that perform this function, see the following chapter in the CLI Reference Guide...
Page 598: Interface Configuration
Interface Configuration Use the Interface Configuration page to configure IPv6 interface parameters. This page has been updated to include the IPv6 Destination Unreachables field. To display the page, click IPv6 → Interface Configuration in the tree view. Figure 10-2. IPv6 Interface Configuration The IPv6 Interface Configuration page contains the following fields: •...
Page 599 IPv6 Prefix — Specifies the IPv6 prefix for an interface. When the selection is changed, the screen is • refreshed and valid lifetime, preferred lifetime, on-link flag, and autonomous flag fields are updated for the selected IPv6 address. • EUI-64 — If checked, specifies 64-bit unicast prefix. •...
Page 600 Router Lifetime Interval — Specifies the router advertisement lifetime field sent from the interface. • This value must be greater than or equal to the maximum advertisement interval. 0 means do not use the router as the default router. The range of router lifetime is 0 to 9000. •...
Page 601 Table 10-2. IPv6 Interface Routing Commands CLI Command Description ipv6 address Configures an IPv6 address on an interface (including tunnel and loopback interfaces). ipv6 enable Enables IPv6 routing on an interface (including tunnel and loopback interfaces) that has not been configured with an explicit IPv6 address. ipv6 host Defines static host name-to- ipv6 address mapping in the host cache.
Page 602: Interface Summary
Interface Summary Use the Interface Summary page to display settings for all IPv6 interfaces. To display the page, click IPv6 → Interface Summary in the tree view. Figure 10-3. IPv6 Interface Summary The IPv6 Interface Summary page contains the following fields: Interface —...
Page 603: Ipv6 Statistics
Table 10-3. IPv6 Interface Summary Commands CLI Command Description show ipv6 interface Shows the usability status of IPv6 interfaces. IPv6 Statistics Use the IPv6 Statistics page to display IPv6 traffic statistics for one or all interfaces. To display the page, click IPv6 → IPv6 Statistics in the tree view. Figure 10-4.
Page 604 Received Datagrams Locally Delivered — The total number of datagrams successfully delivered to • IPv6 user-protocols (including ICMP). This counter is incremented at the interface to which these datagrams were addressed, which might not be necessarily the input interface for some of the datagrams.
Page 605 Datagrams Forwarded — The number of output datagrams which this entity received and forwarded • to their final destinations. In entities which do not act as IPv6 routers, this counter includes only those packets which were Source-Routed through this entity, and the Source-Route processing was successful.
Page 606 ICMPv6 Router Solicit Messages Received — The number of ICMP Router Solicit messages received • by the interface. ICMPv6 Router Advertisement Messages Received — The number of ICMP Router Advertisement • messages received by the interface. • ICMPv6 Neighbor Solicit Messages Received — The number of ICMP Neighbor Solicit messages received by the interface.
Page 607 ICMPv6 Router Solicit Messages Transmitted — The number of ICMP Router Solicitation messages • sent by the interface. ICMPv6 Router Advertisement Messages Transmitted — The number of ICMP Router • Advertisement messages sent by the interface. • ICMPv6 Neighbor Solicit Messages Transmitted — The number of ICMP Neighbor Solicitation messages sent by the interface.
Page 608: Ipv6 Neighbor Table
IPv6 Neighbor Table Use the IPv6 Neighbor Table page to display IPv6 neighbor details for a specified interface. To display the page, click IPv6 → IPv6 Neighbor Table in the tree view. Figure 10-5. IPv6 Neighbor Table The IPv6 Neighbor Table page contains the following fields: •...
Page 609 Reachable — Positive confirmation was received within the last Reachable Time milliseconds that – the forward path to the neighbor was functioning properly. While in REACH state, the device takes no special action as packets are sent. – Stale — More than ReachableTime milliseconds have elapsed since the last positive confirmation was received that the forward path was functioning properly.
Page 610: Dhcpv6
DHCPv6 DHCP is generally used between clients (for example hosts) and servers (for example routers) for the purpose of assigning IP addresses, gateways, and other networking definitions such as DNS, NTP, and/or Session Initiation Protocol (SIP) parameters. However, IPv6 natively provides for auto configuration of IP addresses through IPv6 Neighbor Discovery Protocol (NDP) and the use of Router Advertisement messages.
Page 611 Figure 10-6. DHCPv6 Global Configuration The DHCPv6 Global Configuration page contains the following fields: • DHCPv6 Admin Mode — Specifies DHCPv6 operation on the switch. Possible values are Enable and Disable; the default value is Disable. • Relay Option — Specifies Relay Agent Information Option value. The values allowed are between 32 to 65535, and represent the value exchanged between the relay agent and the server.
Page 612: Dhcpv6 Pool Configuration
The following table summarizes the equivalent CLI commands for this feature. Table 10-6. DHCPv6 Global Commands CLI Command Description service dhcpv6 Enables DHCPv6 configuration on the router. show ipv6 dhcp Displays the DHCPv6 server name and status. DHCPv6 Pool Configuration DHCP for IPv6 clients are connected to a server which is configured to use parameters from a pool that you set up.
Page 613 DNS Server Address — Drop-down menu that specifies the IPv6 address of a DNS server within a • particular DHCPv6 pool. When Add is selected from the menu, the following field is cleared of data, in preparation for a new address. •...
Page 614: Prefix Delegation Configuration
3. Click the Delete box if deleting the DNS Server Address for this pool. 4. Click the Delete box if deleting the Domain Name for this pool. 5. Click the Delete Pool box if deleting the entire pool. 6. Click Apply Changes. The pool or its parameter setting is deleted, and the device is updated.
Page 615 Figure 10-8. Prefix Delegation Configuration The Prefix Delegation Configuration page contains the following fields: • Pool Name — Specifies all the pool names configured. Select the pool to configure. • Delegated Prefix — Drop-down menu that specifies the delegated IPv6 prefix to associate with the specified pool.
Page 616: Dhcpv6 Pool Summary
The delegated prefix and parameters are saved, and the device is updated. Configuring a delegated prefix Using CLI Commands For information about the CLI commands that perform this function, see the following chapter in the CLI Reference Guide • DHCPv6 Commands The following table summarizes the equivalent CLI commands for this feature.
Page 617: Dhcpv6 Interface Configuration
DNS Server — Displays the IPv6 address of the associated DNS server. • • Domain Name — Displays the DNS domain name. • Host IP Address — Displays the IPv6 address and mask length for the delegated prefix. • DUID — Identifier used to identify the client's unique DUID value. •...
Page 618 Figure 10-10. DHCPv6 Interface Configuration The fields that display on the DHCPv6 Interface Configuration pages depend on the value selected in the Interface Mode field. The following list describes all the possible fields on the page: • Interface — Select the interface for which you are configuring DHCPv6 server functionality. Interface Mode —...
Page 619 Configuring a DHCPv6 Interface for Relay Interface Mode 1. Open the DHCPv6 Interface Configuration page. 2. Specify the desired Interface, and select Relay from the Interface Mode drop down menu. The following screen appears: Figure 10-11. DHCPv6 Interface Configuration - Relay 3.
Page 620 Figure 10-12. DHCPv6 Interface Configuration - Server 3. Modify the fields as needed. 4. Click Apply Changes. The DHCPv6 interface configuration is saved, and the device is updated. Configuring a DHCPv6 Interface Using CLI Commands For information about the CLI commands that perform this function, see the following chapter in the CLI Reference Guide •...
Page 621: Dhcpv6 Server Bindings Summary
DHCPv6 Server Bindings Summary Use the Server Bindings Summary page to display all DHCPv6 server bindings. To display the page, click IPv6 → DHCPv6 → Bindings Summary in the tree view. Figure 10-13. Server Bindings Summary The Server Bindings Summary page contains the following fields: Client Address —...
Page 622: Dhcpv6 Statistics
Table 10-11. DHCPv6 Binding Commands CLI Command Description show ipv6 dhcp binding Displays the configured DHCP pool. DHCPv6 Statistics Use the DHCPv6 Statistics page to display DHCPv6 statistics for one or all interfaces. To display the page, click IPv6 → DHCPv6 → Statistics in the tree view. Figure 10-14.
Page 623 Messages Received This section specifies the aggregate of all interface level statistics for received messages: • DHCPv6 Solicit Packets Received — Specifies the number of Solicits. DHCPv6 Request Packets Received — Specifies the number of Requests. • • DHCPv6 Confirm Packets Received — Specifies the number of Confirms. •...
Page 624: Ospfv3
• DHCPv6 Commands The following table summarizes the equivalent CLI commands for this feature. Table 10-12. DHCPv6 Statistics Commands CLI Command Description show ipv6 dhcp statistics Displays the DHCPv6 server name and status. clear ipv6 dhcp Clears DHCPv6 statistics for all interfaces or for a specific interface. OSPFv3 OSPFv3 is the Open Shortest Path First routing protocol for IPv6.
Page 625: Ospfv3 Configuration
OSPFv3 Configuration Use the OSPFv3 Configuration page to activate and configure OSPFv3 for a switch. To display the page, click IPv6 → OSPFv3 → Configuration in the tree view. Figure 10-15. OSPFv3 Configuration The OSPFv3 Configuration page contains the following fields: •...
Page 626 ASBR Mode — Reflects whether the ASBR mode is enabled or disabled. Enable implies that the • router is an autonomous system border router. Router automatically becomes an ASBR when it is configured to redistribute routes learned from other protocol. •...
Page 627 Default Route Advertise: Use this section to configure the parameters for Default Route • Advertisements into OSPF domain. Default Information Originate — Enable or disable Default Route Advertise. • NOTE: The values for Always, Metric, and Metric Type can only be configured after Default Information Originate is set to Enable.
Page 628: Ospfv3 Area Configuration
Table 10-13. OSPFv3 Global Configuration Commands CLI Command Description default-information originate Controls the advertisement of default routes. default-metric Sets a default for the metric of distributed routes. distance ospf Sets the route preference value of OSPF in the router. enable Resets the default administrative mode of OSPF in the router (active).
Page 629 Figure 10-16. OSPFv3 Area Configuration The OSPFv3 Area Configuration page contains the following fields: • Area ID — The OSPFv3 area. An Area ID is a 32-bit integer in dotted decimal format that uniquely identifies the area to which a router interface connects. •...
Page 630 Configuring OSPFv3 Area 1. Open the OSPFv3 Area Configuration page. 2. Modify the fields as needed. 3. Click Apply Changes. The configuration is saved and the device is updated. The web page reappears with Create Stub Area and NSSA Create buttons. Figure 10-17.
Page 631 5. Complete the remaining fields. 6. Click Apply Changes. The Stub Area information is saved and the device is updated. Configuring OSPFv3 NSSA Area 1. Open the OSPFv3 Area Configuration page. 2. Modify the fields as needed. 3. Click Apply Changes. The web page reappears with Create Stub Area and NSSA Create buttons.
Page 632 Deleting OSPFv3 NSSA Information 1. Open the OSPFv3 Area Configuration page with configured NSSA information. 2. Click NSSA Delete. 3. Click Apply Changes. Configuring OSPFv3 Area Using CLI Commands For information about the CLI commands that perform this function, see the following chapter in the CLI Reference Guide •...
Page 633: Ospfv3 Stub Area Summary
OSPFv3 Stub Area Summary Use the OSPFv3 Stub Area Summary page to display OSPFv3 stub area detail. To display the page, click IPv6 → OSPFv3 → Stub Area Summary in the tree view. Figure 10-20. OSPFv3 Stub Area Summary The OSPFv3 Stub Area Summary page displays the following fields: •...
Page 634: Ospfv3 Area Range Configuration
OSPFv3 Area Range Configuration Use the OSPFv3 Area Range Configuration page to configure OSPFv3 area ranges. To display the page, click IPv6 → OSPFv3 → Area Range Configuration in the tree view. Figure 10-21. OSPFv3 Area Range Configuration The OSPFv3 Area Range Configuration page contains the following fields: •...
Page 635 LSDB Type — The Link Advertisement type for the address range and area. • • Advertisement — The Advertisement mode for the address range and area. • Delete — Click this check box to delete the specified OSPFv3 area range. Configuring OSPFv3 Area Range 1.
Page 636: Ospfv3 Interface Configuration
OSPFv3 Interface Configuration Use the OSPFv3 Interface Configuration page to create and configure OSPFv3 interfaces. This page has been updated to include the Passive Mode field. To display the page, click IPv6 → OSPFv3 → Interface Configuration in the tree view. Figure 10-22.
Page 637 OSPFv3 Area ID — Enter the 32-bit integer in dotted decimal format that uniquely identifies the • OSPFv3 area to which the selected router interface connects. If you assign an Area ID which does not exist, the area is created with default values. •...
Page 638 interface or through something like a bit error test. For this reason, IP packets may still be addressed to an interface in Loopback state. To facilitate this, such interfaces are advertised in router- LSAs as single host routes, whose destination is the IP interface address. –...
Page 639: Ospfv3 Interface Statistics
Table 10-17. OSPFv3 Interface Commands CLI Command Description ipv6 ospf Enables OSPF on a router interface or loopback interface. ipv6 ospf areaid Sets the OSPF area to which the specified router interface belongs. ipv6 ospf cost Configures the cost on an OSPF interface. ipv6 ospf dead-interval Sets the OSPF dead interval for the specified interface.
Page 640 Figure 10-23. OSPFv3 Interface Statistics The OSPFv3 Interface Statistics page displays the following fields: • Interface — Select the interface for which data is to be displayed. • OSPFv3 Area ID — The OSPF area to which the selected router interface belongs. An OSPF Area ID is a 32-bit integer in dotted decimal format that uniquely identifies the area to which the interface connects.
Page 641 Neighbor Events — The number of times this neighbor relationship has changed state, or an error has • occurred. External LSA Count — The number of external (LS type 5) link-state advertisements in the link-state • database. • Sent packets — The number of OSPFv3 packets transmitted on the interface. •...
Page 642: Ospfv3 Neighbors
LS Acknowledgements Received — The number of LS acknowledgements received on this interface • by this router. Displaying OSPFv3 Interface Statistics 1. Open the OSPFv3 Interface Statistics page. 2. Select the interface to display from the Interface drop-down menu. Statistics for the interface display. Displaying OSPFv3 Interface Statistics Using CLI Commands For information about the CLI commands that perform this function, see the following chapter in the CLI Reference Guide...
Page 643 Figure 10-24. OSPFv3 Neighbors The OSPFv3 Neighbors page contains the following fields: • Interface — Selects the interface for which data is to be displayed or configured. Neighbor Router ID — Selects the IP Address of the neighbor for which data is to be displayed. •...
Page 644 Attempt — This state is only valid for neighbors attached to NBMA networks. It indicates that no – recent information has been received from the neighbor, but that a more concerted effort should be made to contact the neighbor. This is done by sending the neighbor Hello packets at intervals of Hello Interval.
Page 645: Ospfv3 Neighbor Table
Table 10-19. OSPFv3 Neighbor Command CLI Command Description show ipv6 ospf neighbor Displays information about OSPF neighbors. OSPFv3 Neighbor Table Use the OSPFv3 Neighbor Table page to display the OSPF neighbor table list. When a particular neighbor ID is specified, detailed information about a neighbor is given. The neighbor table is only displayed if OSPF is enabled.
Page 646: Ospfv3 Link State Database
IntlfID — The Interface ID that the neighbor advertises in its Hello packets on this link. • • Interface — The slot/port that identifies the neighbor interface index. • State — State of the relationship with this neighbor. • Dead Time — Number of seconds since last Hello was received from adjacent neighbors. Set this value to 0 for neighbors in a state less than or equal to Init.
Page 647 Figure 10-26. OSPFv3 Link State Database The OSPFv3 Link State Database page displays the following fields: • Adv. Router — The 32-bit integer in dotted decimal format that uniquely identifies the router within the autonomous system (AS). The Router ID is set on the OSPFv3 Configuration page. •...
Page 648: Ospfv3 Virtual Link Configuration
– Intra-Area-Prefix-LSA • Link ID — The Link State ID identifies the piece of the routing domain that is being described by the advertisement. The value of the LS ID depends on the advertisement's LS type. • Age — The time since the link state advertisement was first originated, in seconds. •...
Page 649 To display the page, click IPv6 → OSPFv3 → Virtual Link Configuration in the tree view. Figure 10-27. OSPFv3 Virtual Link Configuration The OSPFv3 Virtual Link Configuration page contains the following fields: Create New Virtual Link — Select this option from the drop-down menu to define a new virtual link. •...
Page 650 Interface Delay Interval (secs) — Enter the OSPF Transit Delay for the specified interface. This • specifies the estimated number of seconds it takes to transmit a link state update packet over the selected interface. Valid values range from 1 to 3600 seconds (1 hour). The default value is 1 second. •...
Page 651: Ospfv3 Virtual Link Summary
4. Click Create. The new link is created, and you are returned to the Virtual Link Configuration page. Configuring a Virtual Link 1. Open the OSPFv3 Virtual Link Configuration page. 2. Select the virtual link to configure. 3. Modify the remaining fields as needed. 4.
Page 652 Figure 10-28. OSPFv3 Virtual Link Summary The OSPFv3 Virtual Link Summary page displays the following fields: • Area ID — The Area ID portion of the virtual link identification for which data is to be displayed. The Area ID and Neighbor Router ID together define a virtual link. •...
Page 653: Ospfv3 Route Redistribution Configuration
Interface Delay Interval (secs) — The OSPF Transit Delay for the virtual link in units of seconds. It • specifies the estimated number of seconds it takes to transmit a link state update packet over this interface. Displaying OSPFv3 Virtual Link Summary Using CLI Commands For information about the CLI commands that perform this function, see the following chapter in the CLI Reference Guide •...
Page 654 Figure 10-29. OSPFv3 Route Redistribution Configuration The OSPFv3 Route Redistribution Configuration page contains the following fields: • Source Protocol — Select the type of source routes to configure for redistribution by OSPF. Valid values are Static and Connected. • Metric — Sets the metric value to be used as the metric of redistributed routes. This field displays the metric if the source was pre-configured and can be modified.
Page 655: Ospfv3 Route Redistribution Summary
4. Click Apply Changes. The selected route redistribution is configured for OSPFv3, and the device is updated. Configuring OSPFv3 Route Redistribution Using CLI Commands For information about the CLI commands that perform this function, see the following chapter in the CLI Reference Guide •...
Page 656 Figure 10-30. OSPFv3 Route Redistribution Summary The OSPFv3 Route Redistribution Summary page displays the following fields: • Source — The Source Route to be Redistributed by OSPF. • Redistribute — Specify whether to allow the routes learned through this protocol to be redistributed. •...
Page 657 Displaying OSPFv3 Route Redistribution Summary Using CLI Commands For information about the CLI commands that perform this function, see the following chapter in the CLI Reference Guide • OSPFv3 Commands The following table summarizes the equivalent CLI commands for this feature. Table 10-25.
Page 658: Ipv6 Routes
IPv6 Routes The IPv6 Routes menu page contains links to web pages that define and display IPv6 Routes parameters and data. To display this page, click IPv6 → IPv6 Routes in the tree view. Following are the web pages accessible from this menu page: •...
Page 659: Ipv6 Route Table
Next Hop IPv6 Address — Enter an IPv6 Next Hop Address. If the Next Hop IPv6 Address specified is • a Link-local IPv6 Address, specify the Interface for the Link-local IPv6 Next Hop Address. Select Global or Link-local from the drop-down menu to apply to this address. •...
Page 660 Figure 10-32. IPv6 Route Table The IPv6 Route Table page displays the following fields: • Routes Displayed — Select to view either the Configured Routes, Best Routes, or All Routes from the drop-down menu. • Number of Routes — Displays the total number of active routes/best routes in the route table for the type of route selected.
Page 661: Ipv6 Route Preferences
Displaying the IPv6 Route Table Using CLI Commands For information about the CLI commands that perform this function, see the following chapter in the CLI Reference Guide • IPv6 Routing Commands The following table summarizes the equivalent CLI commands for this feature. Table 10-27.
Page 662 Figure 10-33. IPv6 Route Preferences The IPv6 Route Preferences page contains the fields shown below. In each case, the lowest values indicate the highest preference. • Local — This field displays the local route preference value. Static — The static route preference value in the router. The default value is 1. The range is 1 to 255. •...
Page 663: Configured Ipv6 Routes
Configuring IPv6 Route Preference Using CLI Commands For information about the CLI commands that perform this function, see the following chapter in the CLI Reference Guide • IPv6Routing Commands The following table summarizes the equivalent CLI commands for this feature. Table 10-28.
Page 664 Routes Displayed — Select to view either the Configured Routes, Best Routes or All Routes. • When the Configured Routes option is selected, the following fields appear: • IPv6 Prefix/Prefix Length — Displays the Network Prefix and Prefix Length for the Configured Route. •...
Page 665: Configuring Quality Of Service
Configuring Quality of Service Overview The Quality of Service menu page contains links to the following pages: • Differentiated Services • Class of Service • Auto VoIP In a typical switch, each physical port consists of one or more queues for transmitting packets on the attached network.
Page 666: Differentiated Services
Differentiated Services DiffServ Overview The QoS feature contains Differentiated Services (DiffServ) support that allows traffic to be classified into streams and given certain QoS treatment in accordance with defined per-hop behaviors. Standard IP-based networks are designed to provide “best effort” data delivery service. “Best effort” service implies that the network delivers the data in a timely fashion, although there is no guarantee that it will.
Page 667: Diffserv Configuration
Diffserv Configuration Use the Diffserv Configuration page to display DiffServ General Status Group information, which includes the current administrative mode setting as well as the current and maximum number of rows in each of the main DiffServ private MIB tables. To display the page, click Quality of Service →...
Page 668: Class Configuration
Changing Diffserv Admin Mode 1. Open the Diffserv Configuration page. 2. Turn Diffserv Admin Mode on or off by selecting Enable or Disable from the drop-down menu. 3. Click Apply Changes. The Diffserv Admin Mode is changed, and the device is updated. Displaying MIB Tables Using CLI Commands For information about the CLI commands that perform this function, see the following chapter in the CLI Reference Guide:...
Page 669 Figure 11-2. Diffserv Class Configuration The Diffserv Class Configuration page contains the following fields: • Class Name — Selects a class name to rename or delete. Click Add to set up a new class name. • Rename — Renames the class displayed when the box is checked and a new name is entered. •...
Page 670: Class Criteria
Figure 11-3. Add DiffServ Class Enter a name for the class and select the protocol to use for class match criteria. 3. Click Apply Changes. The new class is added and the device is updated. Adding a Class Configuration Using CLI Commands For information about the CLI commands that perform this function, see the following chapter in the CLI Reference Guide: •...
Page 671 Figure 11-4. Diffserv Class Criteria IPv4 The Diffserv Class Criteria page contains the following fields: • Class Name — Selects the class name for which you are specifying criteria. • Class Type — Displays the class type. The only configurable class type supported is All. Match Attributes (IPv4) Use the following fields to match IPv4 packets to a class.
Page 672 Subnet Mask — The subnet mask of the destination IP address. This field is required when • Destination IP Address is checked. Source L4 Port— Requires a packet’s TCP/UDP source port to match the port listed here. Select one • of the following options: –...
Page 673 Reference Class — Selects a class to start referencing for criteria. Select the Add Diffserv Class check • box, then select a previously configured Diffserv class from the related drop-down menu. Figure 11-5. Diffserv Class Criteria IPv6 Match Attributes (IPv6) Use the following fields to match IPv6 packets to a class.
Page 674 Service Type Criteria Click to select one of the following three Match fields to use in matching packets to class criteria: • IP DSCP — Matches the packet’s DSCP to the class criteria’s when selected. Either select the DSCP type from the drop-down menu or enter a DSCP value to match. Valid range is 0-63. •...
Page 675: Policy Configuration
Policy Configuration Use the Diffserv Policy Configuration page to associate a collection of classes with one or more policy statements. To display the page, click Quality of Service → Differentiated Services → Policy Configuration in the tree view. Figure 11-6. Diffserv Policy Configuration The Diffserv Policy Configuration page contains the following fields: •...
Page 676 Use Add a Class to associate a class with this policy. Use Remove a Class to remove the class from this policy. 4. Select the class to be affected from the relevant drop-down menu. 5. Click Apply Changes. The modified policy is saved, and the device is updated. Renaming a Policy 1.
Page 677 Figure 11-8. Diffserv Policy Summary Removing a Policy Configuration 1. Open the Diffserv Policy Configuration page. 2. Select the policy name to be deleted from the Policy Name drop-down menu. 3. Check the Remove check box. 4. Click Apply Changes. The associated policy configuration is removed, and the device is updated.
Page 678: Policy Class Definition
Policy Class Definition Use the Diffserv Policy Class Definition page to associate a class to a policy, and to define attributes for that policy-class instance. To display the page, click Quality of Service → Differentiated Services → Policy Class Definition in the tree view.
Page 679 Policing: Allows you to configure how policing is performed, as well as configure what happens to – packets that are considered conforming and non-conforming. For more information on the fields that display when Policing is selected, see "Policing Traffic Condition." •...
Page 680 You have the option of marking one of the following fields in the packet: • IP DSCP — Selects the IP DSCP to mark. Select from the drop down menu or enter directly in the User Value field. • IP Precedence — Selects the specified IP Precedence queue number to mark. •...
Page 681 Color Mode — Selects the type of color policing used. Choose Color Blind or Color Aware from the • drop-down menu. Conform Action Selector — Selects what happens to packets that are considered conforming (below • the police rate). Options are Send, Drop, Mark CoS, Mark IP DSCP, Mark IP Precedence. •...
Page 682 Table 11-5. Policy Class Configuration Commands CLI Command Description assign-queue Modifies the queue ID to which the associated traffic stream is assigned. conform-color Specifies for each outcome, the only possible actions are drop, set-cos- transmit, set-sec-cos-transmit, setdscp-transmit, set-prec-transmit, or transmit drop Use the drop policy-class-map configuration command to specify that all packets for the associated traffic stream are to be dropped at ingress.
Page 683 (continued) Table 11-5. Policy Class Configuration Commands CLI Command Description match protocol Adds to the specified class definition a match condition based on the value of the IP Protocol field in a packet using a single keyword notation or a numeric value notation. match source-address mac Adds to the specified class definition a match condition based on the source MAC address of the packet.
Page 684: Service Configuration
Service Configuration Use the Diffserv Service Configuration page to activate a policy on a port. To display the page, click Quality of Service → Differentiated Services → Service Configuration in the tree view. Figure 11-13. Diffserv Service Configuration The Diffserv Service Configuration page contains the following fields: •...
Page 685: Service Detailed Statistics
Figure 11-14. Diffserv Service Summary Assigning a Policy to a Port Using CLI Commands For information about the CLI commands that perform this function, see the following chapter in the CLI Reference Guide: • QoS Commands The following table summarizes the equivalent CLI commands for this feature. Table 11-6.
Page 686 Figure 11-15. Diffserv Service Detailed Statistics The Diffserv Service Detailed Statistics page contains the following fields: • Counter Mode Selector — Type of statistics to display. Packets is the only available type. • Interface — Selects the Unit and Port or LAG for which service statistics are to display. •...
Page 687: Class Of Service
Table 11-7. DiffServ Statistics Commands CLI Command Description show diffserv service brief Displays all interfaces in the system to which a DiffServ policy has been attached. Class of Service The Class of Service (CoS) queueing feature lets you directly configure certain aspects of switch queueing.
Page 688 The Trust Mode selected on the Mapping Table Configuration page affects how the page displays and the fields accessible from the page. There are three trust modes available from here: • Untrusted (None) • CoS(802.1P) • IP DSCP CoS(802.1P) is the default mode, so this is the page that displays when Mapping Table Configuration is selected from the Class of Service menu page.
Page 689 Queue — Selects a queue for each Class of Service from the drop-down menu. Default queues are • displayed initially. Restore Defaults — Restores default queue values when checked and Apply Changes is clicked. • Configuring CoS (802.1P) Trust Mode 1.
Page 690 Figure 11-17. DSCP Queue Mapping Table The DSCP Queue Mapping Table page contains the following fields: • DSCP In — Check to select as a criterion, and enter which DiffServ Code Point in the packet to use. This field determines to which queue the packet is sent. •...
Page 691: Interface Configuration
2. Click the Restore Defaults check box. 3. Click Apply Changes. Queue values are returned to their defaults, and the device is updated. Mapping Table Configuration Using CLI Commands For information about the CLI commands that perform this function, see the following chapter in the CLI Reference Guide: •...
Page 692 Figure 11-18. Interface Configuration The Interface Configuration page contains the following fields: • Interface — Selects the interface to be affected by the Interface Shaping Rate. Select Unit/Port, or LAG to be affected from the drop-down menu. Select Global to specify all interfaces. •...
Page 693: Interface Queue Configuration
Defining Interface Configuration Using CLI Commands For information about the CLI commands that perform this function, see the following chapter in the CLI Reference Guide: • QoS Commands The following table summarizes the equivalent CLI commands for this feature. Table 11-9. Interface Configuration Commands CLI Command Description traffic-shape...
Page 694 Queue ID — Selects the queue to be configured from the drop-down menu. • • Minimum Bandwidth — Selects a percentage of the maximum negotiated bandwidth for the port. Specify a percentage from 0 to 100, in increments of 5. •...
Page 695 Configuring an Interface Queue Using CLI Commands For information about the CLI commands that perform this function, see the following chapter in the CLI Reference Guide: • QoS Commands The following table summarizes the equivalent CLI commands for this feature. Table 11-10.
Page 696: Auto Voip
Auto VoIP Voice over Internet Protocol (VoIP) allows you to make telephone calls using a computer network over a data network like the Internet. With the increased prominence of delay-sensitive applications (voice, video, and other multimedia applications) deployed in networks today, proper QoS configuration will ensure high-quality application performance.
Page 697: Auto Voip Interface Configuration
Figure 11-21. Auto VoIP Configuration The Auto VoIP Configuration page contains the following fields: • Auto VoIP Mode — Enables or Disables Auto VoIP mode. The default is Disable. • Traffic Class — Displays the traffic class used for VoIP traffic. Configuring Auto VoIP Using CLI Commands For information about the CLI commands that perform this function, see the following chapter in the CLI Reference Guide:...
Page 698 Figure 11-22. Auto VoIP Interface Configuration The Auto VoIP Interface Configuration page contains the following fields: • Interface — Lists the interfaces, Unit and Port or LAG, on which Auto VoIP can be configured. Auto VoIP Mode — Use the mode setting to either Enable or Disable the Auto VoIP mode on the •...
Page 699 The following table summarizes the equivalent CLI commands for this feature. Table 11-12. AutoVoIP Interface Commands CLI Command Description switchport voice detect auto Enables the VoIP Profile on all the specified interface. show switchport voice Displays the status of auto-voip on an interface or all interfaces. Configuring Quality of Service...
Page 700 Configuring Quality of Service...
Page 701: Configuring Ip Multicast
Configuring IP Multicast Overview This chapter describes how to configure IPv4 and IPv6 multicast features on the PowerConnect 8024/8024F. To display the IPv4 Multicast menu page, click IPv4 Multicast in the tree view. The IPv4 Multicast menu page contains links to the following features: •...
Page 702: Multicast
Multicast The IPv4 Multicast menu page contains links to web pages that define and display Multicast parameters and data. To display this page, click IPv4 Multicast → Multicast in the tree view. Following are the web pages accessible from this menu page: •...
Page 703 The Multicast Global Configuration page contains the following fields: • Admin Mode — Select Enable or Disable to set the administrative status of Multicast Forwarding in the router. The default is Disable. • Protocol State — The operational state of the multicast forwarding module. •...
Page 704 (continued) Table 12-1. Multicast Global Commands CLI Command Description ip pimsm spt-threshold Configures the Data Threshold rate for the last hop router to switch to the shortest path. ip pimsm ssm Defines the Source Specific Multicast (SSM) range of IP multicast addresses.
Page 705: Multicast Interface Configuration
Multicast Interface Configuration Use the Multicast Interface Configuration page to configure the TTL threshold of a multicast interface. You must configure at least one router interface before fields display on this page. To display the page, click IPv4 Multicast → Multicast → Interface Configuration in the tree view. Figure 12-2.
Page 706: Multicast Route Table
• Multicast Commands The following table summarizes the equivalent CLI commands for this feature. Table 12-2. Multicast Interface Configuration Commands CLI Command Description ttlvalue ip multicast ttl-threshold Applies a to a routing interface. show ip mcast interface Displays the multicast information for the specified interface. Multicast Route Table Use the Multicast Route Table page is used to display MRoute data.
Page 707: Multicast Admin Boundary Configuration
Incoming Interface — The incoming interface on which multicast packets for this source/group arrive. • • Outgoing Interfaces — The list of outgoing interfaces on which multicast packets for this source/group are forwarded. • Up Time — The time in hours:minutes:seconds since the entry was created. •...
Page 708 Figure 12-4. Multicast Admin Boundary Configuration The Multicast Admin Boundary Configuration page contains the following fields: • Interface — Select the router interface for which the administratively scoped boundary is to be configured. • Group IP — Enter the multicast group address for the start of the range of addresses to be excluded. The address must be in the range of 239.0.0.0 through 239.255.255.255.
Page 709: Multicast Admin Boundary Summary
Multicast Admin Boundary Summary Use the Multicast Admin Boundary Summary page to display existing administratively scoped boundaries. To display the page, click IPv4 Multicast → Multicast → Admin Boundary Summary in the tree view. Figure 12-5. Multicast Admin Boundary Summary The Multicast Admin Boundary Summary page displays the following fields: Interface —...
Page 710 To display the page, click IPv4 Multicast → Multicast → Static MRoute Configuration in the tree view. Figure 12-6. Multicast Static Routes Configuration The Multicast Static MRoute Configuration page contains the following fields: • Source IP — Enter the IP Address that identifies the multicast packet source for the entry you are creating.
Page 711: Multicast Static Mroute Summary
Table 12-6. Multicast Static Route Configuration Commands CLI Command Description ip mroute Creates a static multicast route for a source range. Multicast Static MRoute Summary Use the Multicast Static Routes Summary page to display static routes and their configurations. To display the page, click IPv4 Multicast → Multicast → Static MRoute Summary in the tree view. Figure 12-7.
Page 712 Table 12-7. Multicast Static Route Summary Command CLI Command Description show ip mcast mroute static Displays all the static routes configured in the static mcast table. Configuring IP Multicast...
Page 713: Distance Vector Multicast Routing Protocol
Distance Vector Multicast Routing Protocol Distance Vector Multicast Routing Protocol (DVMRP) exchanges probe packets with all its DVMRP enabled routers, it establishes two way neighboring relationships, and it builds a neighbor table. It exchanges report packets and creates a unicast topology table, with which it builds the multicast routing table.
Page 714: Dvmrp Interface Configuration
The DVMRP Global Configuration page contains the following fields: • Admin Mode — Select Enable or Disable from the drop-down menu. This sets the administrative status of DVMRP to active or inactive. The default is Disable. • Version — The current value of the DVMRP version string. •...
Page 715 Figure 12-9. DVMRP Interface Configuration The DVMRP Interface Configuration page contains the following fields: • Interface — Select the interface for which data is to be configured. You must configure at least one router interface before you configure a DVMRP interface. Interface Mode —...
Page 716: Dvmrp Configuration Summary
Table 12-9. DVMRP Interface Commands CLI Command Description ip dvmrp metric Configures the metric for an interface. DVMRP Configuration Summary Use the DVMRP Configuration Summary page to display or print the DVMRP configuration and data for a selected interface. You must configure at least one router interface before you can display data for a DVMRP interface.
Page 717 Interface Mode — Displays the administrative mode of the selected DVMRP routing interface, either • Enable or Disable. Protocol State — Displays the operational state of the DVMRP protocol on the selected interface, • either Operational or Non-operational. • Local Address — Displays the IP address used as a source address in packets sent from the selected interface.
Page 718: Next Hop Summary
Displaying DVMRP Configuration Summary Using CLI Commands For information about the CLI commands that perform this function, see the following chapter in the CLI Reference Guide: • DVMRP Commands The following table summarizes the equivalent CLI commands for this feature. Table 12-10.
Page 719: Prune Summary
Type — Displays the next hop type. Leaf means that no downstream dependent neighbors exist on the • outgoing interface. Otherwise, the type is Branch. Displaying the Next Hop Summary Using CLI Commands For information about the CLI commands that perform this function, see the following chapter in the CLI Reference Guide: •...
Page 720: Route Summary
Group IP — The group address which has been pruned. • • Source IP — The address of the source or source network which has been pruned. • Source Mask — The subnet mask to be combined with the source IP address to identify the source or source network which has been pruned.
Page 721 Figure 12-13. Route Summary The Route Summary page displays the following fields: • Source Address - The network address that is combined with the source mask to identify the sources for this entry. • Source Mask — The subnet mask to be combined with the source address to identify the sources for this entry.
Page 722 Table 12-13. DVMRP Route Summary Command CLI Command Description show ip dvmrp route Displays the multicast routing information for DVMRP . Configuring IP Multicast...
Page 723: Internet Group Management Protocol
PowerConnect 8024/8024F are DVMRP , PIM-DM, and PIM-SM. The PowerConnect 8024/8024F supports IGMP Version 3. Version 3 adds support for source filtering, which is the ability for a system to report interest in receiving packets only from specific source addresses, as required to support Source-Specific Multicast [SSM], or from all but specific source addresses, sent to a particular multicast address.
Page 724: Routing Interface
Setting the IGMP Mode 1. Open the IGMP Global Configuration page. 2. Set Admin Mode to Enable or Disable, to turn IGMP on or off. 3. Click Apply Changes. The IGMP configuration is saved, and the device is updated. Setting IGMP Mode Using CLI Commands For information about the CLI commands that perform this function, see the following chapter in the CLI Reference Guide: •...
Page 725 Figure 12-15. IGMP Interface Configuration The IGMP Interface Configuration page contains the following fields: • Interface — Select the interface for which data is to be displayed or configured from the drop-down menu. Interface Mode — Select Enable or Disable from the drop-down menu to set the administrative status •...
Page 726 Last Member Query Interval (1/10 of a second) — Enter the last member query interval in tenths of a • second. This is the maximum response time to be inserted into group-specific queries sent in response to leave group messages, and is also the amount of time between group-specific query messages. Valid values are from 0 to 255.
Page 727 IGMP Configuration Summary Use the IGMP Configuration Summary page to display IGMP routing parameters and data. You must configure at least one IGMP router interface to access this page. To display the page, click IPv4 Multicast → IGMP → Routing Interface → Configuration Summary in the tree view.
Page 728 Robustness — The robustness parameter for the selected interface. This variable allows tuning for the • expected packet loss on a subnet. If a subnet is expected to be lossy, the robustness variable may be increased. IGMP is robust to (robustness variable-1) packet losses. •...
Page 729 Table 12-16. IGMP Configuration Summary Command CLI Command Description show ip igmp interface Displays the IGMP information for the specified interface. IGMP Cache Information Use the IGMP Cache Information page to display cache parameters and data for an IP multicast group address.
Page 730 Version 1 Host Timer — The time remaining until the local router assumes that there are no longer • any IGMP version 1 members on the IP subnet attached to this interface. When an IGMPv1 membership report is received, this timer is reset to the group membership timer. While this timer is non-zero, the local router ignores any IGMPv2 leave messages for this group that it receives on the selected interface.
Page 731 Figure 12-18. IGMP Interface Source List Information The IGMP Interface Source List Information page displays the following fields: • Multicast Group IP — Select the IP multicast group address for which data is to be displayed. If no group membership reports have been received on the selected interface, you cannot make this selection, and none of the remaining fields are displayed.
Page 732: Proxy Interface
Displaying IGMP Interface Detailed Membership Using CLI Commands For information about the CLI command that performs this function, see the following chapter in the CLI Reference Guide: • IGMP Commands The following table summarizes the equivalent CLI commands for this feature. Table 12-18.
Page 733 Figure 12-19. IGMP Proxy Interface Configuration The IGMP Proxy Interface Configuration page contains the following fields: • Interface — Select the port for which data is to be displayed or configured from the drop-down menu. You must have configured at least one router interface before configuring or displaying data for an IGMP Proxy interface and it should not be a IGMP routing interface.
Page 734 Table 12-19. IGMP Proxy Global Commands CLI Command Description ip igmp-proxy Enables the IGMP Proxy on the router. ip igmp-proxy unsolicited-report-interval Sets the unsolicited report interval for the IGMP Proxy router. IGMP Proxy Configuration Summary Use the IGMP Proxy Configuration Summary page to display proxy interface configurations by interface.
Page 735 Figure 12-20. IGMP Proxy Configuration Summary The IGMP Proxy Configuration Summary page displays the following fields: • Interface — Displays the interface on which IGMP proxy is enabled. There can be only one IGMP Proxy interface. IP Address — The IP address of the IGMP Proxy interface. •...
Page 736 Unsolicited Report Interval — The Unsolicited Report Interval is the time between repetitions of a • host's initial report of membership in a group. Default: 1 second. Version 1 Querier Timeout — The older IGMP version 1 querier timeout value in seconds. The Older •...
Page 737 Figure 12-21. IGMP Proxy Interface Membership Info The IGMP Proxy Interface Membership Info page displays the following fields: • Interface — Displays the interface on which IGMP proxy is enabled. Multicast Group IP — Select the IP multicast group address for which data is to be displayed. If no •...
Page 738 Table 12-21. IGMP Proxy Interface Membership Command CLI Command Description show ip igmp-proxy Displays a summary of the host interface status parameters. show ip igmp-proxy groups Displays a table of information about multicast groups that IGMP Proxy reported. IGMP Proxy Interface Membership Info Detailed Use the IGMP Proxy Interface Membership Info Detailed page to display detailed interface membership data.
Page 739 State — The state of the host entry. A host can be in one of the following states: • – Non-member State — Does not belong to the group on the interface. – Delaying Member State — Host belongs to the group on the interface and report timer is running. The report timer is used to send out the reports.
Page 740: Multicast Listener Discovery
Multicast Listener Discovery Multicast Listener Discovery (MLD) protocol enables IPv6 routers to discover the presence of multicast listeners, the nodes who wish to receive the multicast data packets, on its directly-attached interfaces. The protocol specifically discovers which multicast addresses are of interest to its neighboring nodes and provides this information to the active multicast routing protocol that makes decisions on the flow of multicast data packets.
Page 741: Mld Routing Interface Configuration
The MLD Global Configuration page contains the following field: • Admin Mode — Select Enable or Disable to set the MLD administrative status. The default is disable. Click Apply Changes to send the updated configuration to the router. Configuration changes take effect immediately.
Page 742: Mld Routing Interface Summary
The MLD Routing Interface Configuration page contains the following fields: • Interface — From the drop-down menu, select the VLAN routing interface to be configuration. • Interface Mode — Select Enable or Disable to set the administrative status of MLD on the selected interface.
Page 743 To access this page, click IPv6 Multicast → MLD → Routing Interface → Interface Summary in the navigation tree. Figure 12-25. MLD Routing Interface Summary The MLD Routing Interface Summary page contains the following fields: • Interface — Select the VLAN for which data is to be displayed. Interface Parameters •...
Page 744 Robustness — Displays the robustness parameter for the selected interface. This value allows tuning • for the expected packet loss on a subnet. If a subnet is expected to be lossy, increase the robustness variable. MLD is robust to (robustness variable - 1) packet losses. •...
Page 745: Mld Routing Interface Cache Information
The following table summarizes the equivalent CLI commands for this feature. Table 12-25. IPv6 MLD Interface Summary Commands CLI Command Description show ipv6 mld interface Displays MLD related information for an interface. MLD Routing Interface Cache Information The MLD Routing Interface Cache Information page displays cache parameters and data for an IP multicast group address that has been reported to operational MLD routing interfaces.
Page 746: Mld Routing Interface Source List Information
Expiry Time — The cache timer value which indicates the remaining lifetime in • hours:minutes:seconds for each entry. Version1 Host Timer — The time in hours:minutes:seconds remaining until the local router assumes • that there are no longer any MLD version 1 members on the IP subnet attached to this interface. When an MLDv1 membership report is received, this timer is reset to the group membership timer.
Page 747: Mld Traffic
Figure 12-27. MLD Routing Interface Source List Information The MLD Routing Interface Source List Information page contains the following fields: • Multicast Group IP — Select the IP multicast group address for which data is to be displayed. Only if group membership reports have been received on the selected interface can you make this selection, and the data on this page displays.
Page 748 Figure 12-28. MLD Traffic The MLD Traffic page contains the following fields: • Valid MLD Packets Received — The total number of valid MLD packets received by the router. • Valid MLD Packets Sent — The total number of valid MLD packets sent from the router •...
Page 749: Mld Proxy Configuration
MLD Routing Traffic Table 12-27. Command CLI Command Description show ipv6 mld traffic Displays MLD statistical information for the router. MLD Proxy Configuration When you configure an interface in MLD proxy mode, it acts as a proxy multicast host that sends MLD membership reports on one interface for MLD Membership reports received on all other MLD-enabled router interfaces.
Page 750: Mld Proxy Configuration Summary
Interface — Select the interface for which data is to be displayed or configured from the menu. You • must have configured at least one router interface before configuring or displaying data for an MLD Proxy interface and it should not be a MLD routing interface. •...
Page 751 Figure 12-30. MLD Proxy Configuration Summary The MLD Proxy Configuration Summary page contains the following fields: • Interface — Select the interface on which MLD proxy is enabled and for which data is to be displayed. IPv6 Address — The IPv6 address of the MLD Proxy interface. •...
Page 752: Interface Membership Information
Version 1 Querier Timeout — The older MLD version 1 querier timeout value in • hours:minutes:seconds. The Older Version Querier Interval is the time-out for transitioning a host back to MLD mode once an older version query is heard. When an older version query is received, hosts set their Older Version Querier Present Timer to Older Version Querier Interval.
Page 753 Figure 12-31. Interface Membership Information The Interface Membership Information page contains the following fields: • Interface — Displays the interface on which MLD proxy is enabled. • Multicast Group IP — Select the IP multicast group address for which data is to be displayed. If no group membership reports have been received on the selected interface you will not be able to make this selection, and none of the non-configurable data will be displayed.
Page 754: Interface Membership Information-Detailed
Filter Mode — The group filter mode for the specified group on the MLD Proxy interface. Possible • values are Include, Exclude, or None. Number of Sources — The number of source hosts present in the selected multicast group. • Click Refresh to refresh the data on the screen with the present state of the data in the router.
Page 755: Protocol Independent Multicast
The Interface Membership Information — Detailed page contains the following fields: • Interface — Select the interface on which MLD proxy is enabled for which data is to be displayed. • Multicast Group IP — Select the IP multicast group address for which data is to be displayed. If no group membership reports have been received on the selected MLD Proxy interface you will not be able to make this selection, and none of the non-configurable data will be displayed.
Page 756: Pim Global Configuration
• Few senders -to- many receivers (due to frequent flooding) • High volume of multicast traffic • Constant stream of traffic Protocol Independent Multicast-Sparse Mode (PIM-SM) is used to efficiently route multicast traffic to multicast groups that may span wide area networks and where bandwidth is a constraint. PIM-SM uses shared trees by default and implements source-based trees for efficiency.
Page 757 Figure 12-33. PIM Global Configuration The PIM Global Configuration page contains the following fields: • PIM Protocol — Select PIM-DM or PIM-SM. Only one PIM protocol can be enabled on the switch at a time. If you select PIM-SM, additional fields appear. •...
Page 758: Pim Global Status
The following table summarizes the equivalent CLI commands for this feature. Table 12-32. PIM Global Configuration Commands CLI Command Description ip pimdm Enables the administrative mode of PIM-DM in the router. ip pimsm Enables the administrative mode of PIM-SM in the router. PIM Global Status Use the PIM Global Status page to view the administrative status of PIM-DM or PIM-SM on the switch.
Page 759: Pim Interface Configuration
Viewing Global PIM Settings Using CLI Commands For information about the CLI command that performs this function, see the following chapter in the CLI Reference Guide: • PIM-DM or PIM-SM Commands The following table summarizes the equivalent CLI commands for this feature. Table 12-33.
Page 760: Interface Summary
Admin Mode — Select Enable or Disable from the drop-down menu to set the administrative status • of PIM for the selected interface. The default is Disable. Hello Interval — Enter the number of seconds between PIM hello messages transmitted from the •...
Page 761 Figure 12-36. PIM Interface Summary The PIM Interface Summary page contains the following fields: • Interface — Select the interface for which data is to be displayed. There must be configured at least one router interface before displaying data for a PIM interface, otherwise an error message displays. Interface Parameters fields are: •...
Page 762: Candidate Rp Configuration
Neighbor Count — The number of PIM neighbors on the selected interface. • • Neighbor IP — The IP address of the PIM neighbor for which this entry contains information. • Up Time (hh:mm:ss) — The time since this PIM neighbor (last) became a neighbor of the local router. •...
Page 763 Figure 12-37. Candidate RP Configuration The Candidate RP Configuration page contains the following fields: • RP Interface — Displays the interface for which the Candidate RP data is to be displayed. Slot 0 is the base unit. Group Address — Displays the group address transmitted in Candidate-RP-Advertisements. •...
Page 764: Static Rp Configuration
Table 12-36. PIM Candidate RP Configuration Commands CLI Command Description ipv6 pimsm rp-candidate Configures the router to advertise itself as a PIM candidate rendezvous point (RP) to the bootstrap router (BSR). Adding a Candidate RP Use the Add Candidate RP page to add PIM Candidate rendezvous points (RPs) for each IP multicast group.
Page 765 Figure 12-39. Static RP Configuration The Static RP Configuration page contains the following fields: • RP Address — Select the slot and port for which data is to be displayed. Slot 0 is the base unit. • Group Address — Specify the group address transmitted in Candidate-RP-Advertisements in Prefix/Length format.
Page 766: Ssm Range Configuration
Figure 12-40. Add Static RP 3. Enter the IP address of the RP for the group range. 4. Enter the group address of the RP. 5. Enter the group mask of the RP. 6. Check the Override option to configure the static RP to override the dynamic (candidate) RPs learned for same group ranges.
Page 767 Figure 12-41. SSM Range Configuration The SSM Range Configuration page contains the following fields: • SSM Group Address — Displays the Source-Specific Multicast (SSM) group IP address. • SSM Group Mask — (IPv4) Displays the SSM group ip-address mask. • SSM Prefix Length —...
Page 768: Bsr Candidate Configuration
Figure 12-42. Add SSM Range 3. Click the Add Default SSM Range check box to add the default SSM Range. The default SSM Range is ff3x::/32. 4. Enter the SSM Group IP Address. 5. Enter the SSM Group Mask (IPv4) or SSM Prefix Length (IPv6). 6.
Page 769 Figure 12-43. BSR Candidate Configuration The BSR Candidate Configuration page contains the following fields: • Interface — Select the interface for which data is to be displayed. • Hash Mask Length — The CBSR hash mask length to be advertised in bootstrap messages if this interface is elected as the bootstrap router.
Page 770: Bsr Candidate Summary
BSR Candidate Summary Use this page to display information about the configured BSR candidates. To display this page, click IPv4 Multicast → PIM → BSR Candidate Summary or IPv6 Multicast → PIM → BSR Candidate Summary. Figure 12-44. BSR Candidate Summary The BSR Candidate Summary page contains the following fields: •...
Page 771 Table 12-40. PIM BSR Candidate Configuration Commands CLI Command Description show ipv6 pimsm bsr Displays the bootstrap router (BSR) information. Configuring IP Multicast...
Page 772 Configuring IP Multicast...
Page 773: Getting Help
Getting Help This section contains information about getting help for questions about the PowerConnect 8024/8024F switches. The topics covered in this section include: • Obtaining Assistance • Dell Enterprise Training and Certification • Problems With Your Order • Product Information •...
Page 774: Obtaining Assistance
3. If the preceding steps have not resolved the problem, see "Contacting Dell" on page 778. NOTE: Call Dell Support from a telephone near or at the computer so that the support staff can assist you with any necessary procedures.
Page 775: Automated Order-Status Service
Log in as user: anonymous, and use your e-mail address as your password. Automated Order-Status Service To check on the status of any Dell products that you have ordered, you can go to support.dell.com, or you can call the automated order-status service. A recording prompts you for the information needed to locate and report on your order.
Page 776: Product Information
If you need information about additional products available from Dell, or if you would like to place an order, visit the Dell website at www.dell.com. For the telephone number to call for your region or to speak to a sales specialist, see "Contacting Dell" on page 778.
Page 777 See your operating system documentation to determine the contents of the system’s start-up files. If the computer is connected to a printer, print each file. Otherwise, record the contents of each file before calling Dell. Error message, beep code, or diagnostic code:...
Page 778: Contacting Dell
Dell product catalog. Dell provides several online and telephone-based support and service options. Availability varies by country and product, and some services may not be available in your area. To contact Dell for sales, technical support, or customer service issues: 1.

This manual is also suitable for:

Powerconnect 8024f

Dell PowerConnect 8024 User Manual

1 Introduction

2 Using Dell™ Openmanage™ Switch Administrator

3 Cable and Port Information

4 Hardware Description

5 Configuring Dell™ Powerconnect

6 Configuring System Information

7 Configuring Switching Information

Quick Links

Related Manuals for Dell PowerConnect 8024

Summary of Contents for Dell PowerConnect 8024