Page 1 SFTOS Configuration Guide...
Page 2 © 2010 Dell Force10. All rights reserved. Reproduction of these materials in any manner whatsoever without the written permission of Dell Inc. is strictly forbidden. Trademarks used in this text: Dell™, the DELL logo, Dell Precision™, OptiPlex™, Latitude™, PowerEdge™, PowerVault™, PowerConnect™, OpenManage™, EqualLogic™, KACE™, FlexAddress™...
Page 3: New Features
New Features SFTOS 2.5.3 improves SFTOS internals only, with no new features. SFTOS 2.5.2 adds: • A substantial support interface that is not accessible through the standard CLI modes and is not publicly documented • Support for new S-Series platforms, including the S50N, S50N-DC, and S25P-DC Other Changes to the Document Changes in this edition include: •...
Page 4 New Features...
Page 5: Table Of Contents
Conventions ............16 Related Dell Force10 Documents and Additional Information .....16 Contact Information .
Page 6 Checking Status ............32 Viewing the Software Version and Switch Numbers .
Page 7 Deleting a Script ..........61 Downloading a Configuration Script from a TFTP Server .
Page 8 Best Practices ............89 Removing a Switch from a Stack .
Page 9 Configuring the Switch as a DHCP Server ........130 Important Points to Remember .
Page 10 Example of configuring STP ........152 Influencing the Spanning Tree Topology .
Page 11 Using the “show policy-map” Command ....... . .187 Using the show service-policy Command ....... .190 Configuring Differentiated Services by Department .
Page 12 Displaying GARP, GVRP, GMRP Properties ......222 show garp and show gvrp configuration all commands ....222 Creating an IP Subnet-based VLAN .
Page 13 VLAN IP Commands ..........262 VLAN Routing Configuration .
Page 14 Table of Contents...
Page 15: About This Guide
Audience on page 16 • Introduction to the Guide on page 16 • Conventions on page 16 • Related Dell Force10 Documents and Additional Information on page 16 • Contact Information on page 17 • Documentation Feedback on page 17 •...
Page 16: Audience
Related Dell Force10 Documents and Additional Information The following documents provide information on using Dell Force10 S-Series switches and SFTOS software. All of the documents are available on the Documents tab of iSupport (the Dell Force10 support website — http://www.force10networks.com/support: •...
Page 17: Contact Information
Technical Support The iSupport Website Dell Force10 iSupport provides a range of support programs to assist you with effectively using Dell Force10 equipment and mitigating the impact of network outages. Through iSupport you can obtain technical information regarding Dell Force10 products, access to software upgrades and patches, and open and manage your Technical Assistance Center (TAC) cases.
Page 18: Accessing Isupport Services
If you do not have one, you can request one at the website: 1. On the Dell Force10 iSupport page, click the Account Request link. 2. Fill out the User Account Request form and click Send. You will receive your userid and password by email.
Page 19: Sftos Features
SFTOS Features This chapter contains these major sections: • Overview of SFTOS Features on page 19 • Layer 2 Package Feature Details on page 20 • Layer 3 Package Feature Details on page 22 • Notable Differences between S-Series and E-Series on page 24 •...
Page 20: Layer 2 Package Feature Details
— Flow Control at the MAC layer: you may configure the switch or a port to temporarily halt traffic when necessary to prevent overload (formerly IEEE 802.3x) • Additional functions you can use to manage the network including IGMP Snooping (see Chapter 15, IGMP Snooping) , Port Mirroring (see...
Page 21: Qos
• 16k MAC Address Table • Jumbo Frame Support • 802.1p Priority Marking • ACL Entries (L2 + L3) • Bandwidth-based Rate Limiting • Priority Queues • Layer 2 Classification • Layer 3 DSCP • Wirespeed ACLs (L2/L3/L4) VLAN • IEEE 802.1q Support •...
Page 22: Stacking
• HTML-based Management • HTTPS/SSL • RMON Groups • SNMP v1/v2c • SNTP Support • SSHv2 • Syslog • Telnet (RFC 854) • TFTP (RFC 783) Stacking • Stacking Multiple Units • LAG across Units in a Stack • Hot Insertion and Removal of Units in a Stack •...
Page 23: Multicast Protocols
Multicast Protocols • IGMP v1/v2 (RFC 1112, 2236) • PIM-SM-edge • DVMRP • PIM-DM Management • ECMP SFTOS Features | 23...
Page 24: Load Balancing
Load Balancing • LAG Load Balancing: For IPv4 packets, LAG load balancing is provided automatically by a hash algorithm that is based on an XOR (eXclusive OR) of the 3 LSBs (Least Significant Bits) of the source and destination IP addresses. For all other packet types, the 3 LSBs of the source and destination MAC addresses are used.
Page 25 • Displaying the MAC address table: Both FTOS and SFTOS have the show mac-address-table command, but the SFTOS command provided different results than the FTOS command before SFTOS Release 2.3. The SFTOS syntax still contains the unit/slot/port form cited above, for example, show mac-addr-table interface 1/0/4.
Page 26: Port Naming Convention
• Software naming convention: E-Series software uses this naming convention: FTOS-EF-x.x.x.x Through version 2.3.1.5, the S-Series used a different format that ends with an “.opr” extension. Starting with SFTOS 2.4.1, SFTOS software image file names have a new naming format that is more descriptive and is consistent with the E-Series software naming convention: "SFTOS-<...
Page 27: Getting Started
Getting Started This chapter summarizes the following basic tasks: • Connecting to the Console Port on page 29 • Command Line Interface (CLI) Overview on page 31 • Checking Status on page 32 — Displaying Statistics on page 36 — Viewing the Software Version and Switch Numbers on page 32 —...
Page 28: Setting Up A Management Connection To The Switch
Setting up SNMP Management on page Note: The Dell Force10 Management System (FTMS) is a graphical network management software product that provides a global view of your complete Dell Force10 network. FTMS includes Node Manager, which not only provides GUI-based device management, it also includes the ability to execute CLI commands, either individually from Node Manager or by having Node Manager open a Telnet window to the device.
Page 29: Connecting To The Console Port
Connecting to the Console Port To access the console port, follow the procedure below: Step Task Caution: Install a straight-through RJ-45 copper cable (for example, an Ethernet cable) into the console port. This is different from many other implementations that require a crossover (rollover) cable. If connecting to a terminal server and using an Ethernet crossover cable, daisychain another crossover cable to effectively get a straight-through cable connection.
Page 30 Step Task (continued) Enter Line Config mode by logging in, entering Privileged Exec mode (enable command), Global Config mode (config command), then lineconfig. In Line Config mode, use the serial timeout command to set the console inactivity timeout (0 for no timeout; up to 160 minutes): Figure 3-2.
Page 31: Command Line Interface (Cli) Overview
Command Line Interface (CLI) Overview The SFTOS Command Line Interface (CLI) is the main way to manage S-Series switches. You can use the CLI through: • Console port: As described above (Connecting to the Console Port on page 29), the port is the one located at bottom right of the front panel (Use only the console port of the management unit in an S50 stack.
Page 32: Getting Help From The Cli
Getting Help From the CLI The following help commands are the same as those found in the E-Series: • Use “ ” at the prompt to get a list of commands in that mode: “ ” Force10# ? • Use “ ”...
Page 33 • show running-config Because output from the show tech-support command is so lengthy, Dell Force10 recommends that you set the storage buffer high on your terminal access program, then use the option — non-paged show tech-support non-paged —...
Page 34: Showing Network Settings
Showing Network Settings Execute the show interface managementethernet command from either the User Exec or Privileged Exec modes. The resulting display, as shown in the example below, displays all the settings relating to IP-based management connections to the switch. The data includes the management IP address, subnet mask, default gateway, MAC information, etc., as shown below: Figure 3-7.
Page 35 Figure 3-8. Displaying All Supported Features and System Uptime Force10 #show version Switch: 1 System Description......Force10 S50 Vendor ID........07 Plant ID........01 Country Code........04 Date Code........062005 Serial Number........DE4000126 Part Number........759-00001-00 Revision........0A Catalog Number......... SA-01-GE-48T Burned In MAC Address......
Page 36: Displaying Statistics
Displaying Statistics Privileged Exec mode commands to display statistics include: • Switch summary statistics: — show interface switchport • Interface summary statistics: — show interface unit/slot/port • Switch detailed statistics: — show interface ethernet switchport • Interface detailed statistics: — show interface ethernet unit/slot/port User Management This section contains the following subsections: •...
Page 37: Showing And Removing Created Users
Figure 3-9. Creating a User and a Password Force10 (Config)#username w_turner passwd willspwd User login name and password are set. Force10 (Config)#no username w_turner Force10 (Config)#username w_turner passwd newpwd User login name and password are set.Password Changed! Note: SFTOS 2.5.1.3 adds support for the following special characters: , . { } | , in other words, period, comma, open bracket, close bracket, and bar.
Page 38: Setting The Enable Password
Figure 3-11. Creating and Displaying SNMP Access Levels For details on SNMP, see Setting up SNMP Management on page Setting the Enable Password To change the Privileged Exec password (also called the “Enable” password) in SFTOS Version 2.3.1 and above, you do so in Global Config mode. Enter enable passwd , press Enter, and enter a new password: Figure 3-12.
Page 39: Setting The Management Ip Address
Figure 3-14. Enabling an Individual Port Force10 >enable Force10 #config Force10 (Config)#interface 1/0/22 Force10 (Interface 1/0/22)#no shutdown For more on setting up ports, see Configuring Interfaces on page 111. Setting the Management IP Address On first startup, you have management access only through the console port. If you want to manage the switch through an IP-based access method (Telnet, SSH, SNMP, TFTP, etc.), you must configure a management IP interface, using the following the procedure.
Page 40: Configuring An Interface With An Ip Address
Configuring an Interface with an IP Address Note: You must have the optional SFTOS Layer 3 Package installed to configure routing commands and to set IP addressing an interface. Use the show version command (see Figure 3-8 on page 35) to determine what software is installed. To assign an IP address to an interface, use the following commands: Command Syntax Command Mode...
Page 41: Setting Up Snmp Management
Use the command to display a smaller set of information about all IP interfaces. show ip interface brief Figure 3-16. Using the show ip interface brief Command Force10 #show ip interface brief Netdir Multi Interface IP Address IP Mask Bcast CastFwd --------- --------------- --------------- -------- -------- 1/0/3...
Page 42: Setting Up The Management Vlan
Setting Up the Management VLAN As described in Setting the Management IP Address on page 39, when you set up a management IP address, you can manage the switch through an IP-based access method (SNMP, Telnet, etc.); any enabled port in the management VLAN is available for the IP-based access. By default, the management VLAN is set up on the default VLAN 1, which, on first startup, includes every port (although, by default, all ports are shut down until you enable them—see Enabling Ports on page...
Page 43: Managing Configuration And Software Files
Figure 3-18. Example of Entering STP Commands in CLI Force10 #configure Force10 (Config)#spanning-tree Force10 (Config)#spanning-tree port mode enable all Force10 (Config)#exit Force10 #show spanning-tree summary Spanning Tree Adminmode... Enabled Spanning Tree Version..... IEEE 802.1s Configuration Name....00-01-E8-D5-A0-F7 Configuration Revision Level..0 Configuration Digest Key..
Page 44: Important Points To Remember - Files
Important Points to Remember — Files • Beginning with SFTOS Version 2.3, when you save the running-config to the startup-config file, the startup-config is converted to text, if it is not already. Upgrading the software to Version 2.3 or above automatically invokes a conversion of the binary configuration file to text.
Page 45: Points To Remember When Transferring Files
For information on the SSL and SSH files listed above, see the Secure Communications folder on the S-Series Documentation and Software CD-ROM. Points to Remember when Transferring Files Points to remember when downloading software code or configuration files include: • Code: —...
Page 46: Using Xmodem To Download Software
Figure 3-19. Displaying the Current Software Version Force10 #show hardware Switch: 1 System Description......Force10 S50 Vendor ID........07 Plant ID........01 Country Code........04 Date Code........Serial Number........114 Part Number........Revision........Catalog Number......... SA-01-GE-48T Burned In MAC Address......00:D0:95:B7:CD:2E Software Version.......
Page 47: Using Tftp To Download Software
Or, typically, before starting the download, users want to increase the transfer rate to the maximum. So, instead of immediately selecting 4, you would select option 2, which accesses a menu that enables you to change the baud rate to 115200. Typically, you would then also need to modify your terminal software settings to 115200.
Page 48 Figure 3-21. Logging In and Using the enable Command Force10 User:admin Password: NOTE: Enter '?' for Command Help. Command help displays all options that are valid for the 'normal' and 'no' command forms. For the syntax of a particular command form, please consult the documentation.
Page 49: Saving The Running Configuration
With all versions of SFTOS, using the command to download SFTOS software to the management copy switch automatically propagates that software to all stack members. You also have the option of using the following version of the command to copy an image from the management unit to a stack member: copy copy image1...
Page 50: Installing System Software
Installing System Software After downloading a new software image (see Downloading a Software Image on page 45) and backing up the configuration (see Saving the Running Configuration on page 49), you are ready to install the new software. Execute the reload command, as shown in Using the reload command to upgrade to SFTOS 2.5.1...
Page 51 SFTOS Version 2.5.1 provides several new or revised software management commands: Command Syntax Command Mode Usage Privileged Exec Activate a particular image on the target system (“activate”, boot system image1 unit here, means to identify, to the system, the software to install image2 on the next reboot).
Page 52 The Boot Menu is also revised in SFTOS v. 2.5.1 to allow the user to select either image from the boot menu (or also to download a replacement image). This choice is available in two cases: • If the user interrupts the boot sequence •...
Page 53 The example in Figure 3-25 shows the boot messages when loading the switch (all switches in the stack are reloaded if a stack exists) with SFTOS 2.5.1: Figure 3-25. Using the reload command to upgrade to SFTOS 2.5.1 Force10 #reload Are you sure you want to reload the stack? (y/n) y Reloading all switches.
Page 54 After installing SFTOS 2.5.1 on the management switch and the stack, as described above, use the following procedure for subsequent upgrades: Command Step Command Syntax Mode Purpose Privileged Exec (OPTIONAL) Display SFTOS version information and show bootvar [ unit activation status on the specified stack member. If you do not specify a unit number, the command displays image details for all nodes on the stack.
Page 55 Figure 3-26. Example of Launching the Boot Menu to select the Backup Image Force10 #reload Management switch has unsaved changes. Would you like to save them now? (y/n) n Configuration Not Saved! Are you sure you want to reload the stack? (y/n) y Reloading all switches.
Page 56: Managing The Configuration
When converting from a Routing image to a Switching image, you must interrupt the reboot to revert the switch to factory defaults, as shown in Figure 3-27: Figure 3-27. Restoring Factory Defaults when Converting from Routing to Switching Image Force10 #reload Management switch has unsaved changes.
Page 57: Clearing The Running Configuration
When the switch is booted, its configuration is managed by the startup configuration (“startup-config”) file that is stored in non-volatile memory (NVRAM). As you make configuration changes, those changes are stored in volatile system memory as the “running config” until you copy them to the startup-config. The quickest way to do that is to use the write memory command (executed from the Privileged Exec mode).
Page 58: Configuring From The Network
Figure 3-29. Using the copy nvram:startup-config Command Force10 #copy nvram:startup-config tftp://10.16.1.56/s50_1 Mode........... TFTP Set TFTP Server IP......10.16.1.56 TFTP Path......../ TFTP Filename........s50_1 Data Type........Config File Are you sure you want to start? (y/n) y File transfer operation completed successfully. Configuring from the Network The following example is of installing a configuration file from the network.
Page 59: Resetting The Pre-Configured System
3. Select 10 to restore the configuration to factory defaults (deletes the configuration file). Note: Resetting to factory defaults is more powerful than executing the clear config command, because it resets all internal values. 4. Select option 9 to reload/boot the switch. Figure 3-31.
Page 60: Using Configuration Scripts
Using Configuration Scripts This section contains: • Creating a Configuration Script on page 60 • Viewing a Configuration Script File on page 60 • Uploading a Configuration Script to a TFTP Server on page 61 • Deleting a Script on page 61 •...
Page 61: Uploading A Configuration Script To A Tftp Server
Command Syntax Command Mode Purpose script show .scr scriptname Privileged Exec To view a configuration script by specific name. Figure 3-32. Using the script show Command Force10 #script show test.scr 1 : !Current Configuration: 2 : ! 3 : hostname "Force10" 4 : network parms 10.10.1.33 255.255.255.0 10.10.1.254 5 : interface vlan 11 6 : !System Description "Force10 S50"...
Page 62: Downloading A Configuration Script From A Tftp Server
Force10 #script delete test.scr Are you sure you want to delete the configuration script(s)? (y/n)y 1 configuration script(s) deleted. Downloading a Configuration Script from a TFTP Server To download a “config script”, use the copy command, as in the following. Command Syntax Command Mode Purpose...
Page 63: Applying A Configuration Script
Figure 3-35. Example of a Script Validation Error Message Configuration script validation failed. Following lines in the script may have problem: Line 29:: permit 01:80:c2:00:00:00 any assign-queue 4 Line 30:: permit any 01:80:c2:00:00:ff assign-queue 3 redirect 1/0/10 Line 31:: permit 01:80:c2:00:00:ee any assign-queue 4 Line 36:: match cos 5 Line 44:: police-simple 500000 64 conform-action transmit violate-action drop Line 45:: police-simple 500000 64 conform-action transmit violate-action drop...
Page 64: Listing Configuration Scripts
For example, the command to create a class-map called “cm-1” is , while class-map match-all cm-1 the command to edit cm-1 later is (For more on class-map, see Using Differentiated class-map cm-1 Services (DiffServ) on page 177 .) Attempting to apply an unmodified config script containing cm-1 to a machine that already has a class-map called cm-1 results in an error similar to the following example (see Figure 3-37 on page 64).
Page 65: Displaying Logs
Displaying Logs The switch maintains four logs: • Event log (“Persistent log”) — exception messages and critical boot-up messages; saved on switch reset — Use the command show eventlog. • System log, “buffered log”) – system trace information; cleared on switch reset —...
Page 66 Getting Started...
Page 67: Management
Management This chapter covers the following management tasks: • Creating the Management IP Address • Changing the Management VLAN from the Default on page 68 • Verifying Access to a Management Port on page 69 • Verifying Management Port Connectivity on page 69 •...
Page 68: Changing The Management Vlan From The Default
Changing the Management VLAN from the Default As stated in Setting Up the Management VLAN on page 42 in the Getting Started chapter, the default management VLAN is the default VLAN 1, so, when you configure the management IP interface (see Creating the Management IP Address on page 67), any port that is part of the default VLAN will carry management traffic.
Page 69: Verifying Access To A Management Port
Verifying Access to a Management Port It is possible to set the management VLAN to a VLAN that does not exist. If you cannot reach anything from the management address, inspect the management VLAN with the commands show interface managementethernet show running-config , to inspect the management IP settings, as shown in Figure...
Page 70: Setting The Host Name Prompt
Setting the Host Name Prompt If you have more than one individually managed S-Series switch, you can differentiate them by creating a unique CLI host name prompt for each switch. Use the hostname command, in Global Config mode, to edit the prompt, as shown in Figure 4-43: Figure 4-43.
Page 71: Setting Up Snmp Management
When the S50 starts to reload, the following text appears at the console: Figure 4-44. Rebooting Reloading all switches. Force10 Boot Code... Version 01.00.26 06/03/2005 Select an option. If no selection in 2 seconds then operational code will start. 1 - Start operational code. 2 - Start Boot Menu.
Page 72 The MIB files are on the S-Series product CD-ROM and on the iSupport website (password required): https://www.force10networks.com/csportal20/KnowledgeBase/Documentation.aspx As a best practice, Dell Force10 recommends polling several SNMP object IDs (OIDs), as described here. SNMP is especially valuable in certain cases — for example when a console connection is unavailable.
Page 73: Managing Snmp Traps
• : Sets a client IP mask for an SNMP community. snmp-server community ipmask • : Activates [deactivates] the designated SNMP community. snmp-server community mode name All configured communities are enabled by default. • : Restricts access to switch information to read-only. snmp-server community ro •...
Page 74: Router Bgp Config Mode
• [no] snmp-server enable trap violation : This command enables the sending of new violation traps designating when a packet with a disallowed MAC address is received on a locked port (traps disabled by default). • snmp-server traps enable : This command sets the Authentication flag (traps disabled by default).
Page 75: Link Layer Discovery Protocol (Lldp)
Link Layer Discovery Protocol (LLDP) The IEEE 802.1AB standard defines the Link Layer Discovery Protocol (LLDP). This protocol allows a switch residing on an 802 VLAN to advertise connectivity, physical description, management information, and major capabilities. The information distributed via this protocol is stored by its recipients in a standard Management Information Base (MIB), facilitating multi-vendor interoperability and use of standard management tools to discover and make available physical topology information for network management.
Page 76: Important Points To Remember
Alarm Periodically takes statistical samples and compares them with set thresholds for events (OID 1.3.6.1.2.1.16.3) generation — includes the alarm table and requires the implementation of the event group. Alarm type, interval, starting threshold, stop threshold. Events Controls the generation and notification of events from this device — event type, (OID 1.3.6.1.2.1.16.9) description, last time event sent.
Page 77 [no] rmon alarm 1-65535 Global Config Identify the event ID created in Step 1 for which delta you want to set [or disable] an alarm, identify SNMP_OID 5-3600 { the target MIB, and configure the parameters absolute rising-threshold that trigger the alarm. 0-4294967295 index falling-threshold 0-4294967295...
Page 78: Example Of Configuring An Rmon Alarm
Example of configuring an RMON alarm The following example shows the use of the commands to create two event rmon event rmon alarm IDs and then associate them with an alarm. The event IDs are highlighted in the alarm statement. Figure 4-48.
Page 79: Sntp Overview
The software clock runs only when the software is up. When the switch reboots, the clock restarts, based on the hardware clock. If you set the date and time manually, and then set up SNTP, the automatic update uses the SNTP update. Use the command to check the accuracy of the system date and time.
Page 80: Cli Examples Of Sntp Setup
CLI Examples of SNTP Setup The following examples show the major command sequences in configuring the SNTP connection. Example #1: Configuring SNTP client mode Figure 4-49. Configuring SNTP Client Mode Force10 (Config)#sntp client mode broadcast ? <cr> Press Enter to execute the command. Force10 (Config)#sntp client mode unicast ? <cr>...
Page 81: Example #5: Show Sntp Server
Example #5: show sntp server Figure 4-53. Using the show sntp server Command Force10 #show sntp server Server IP Address: 10.11.8.6 Server Type: ipv4 Server Stratum: 3 Server Reference Id: NTP Srv: 128.4.1.2 Server Mode: Server Server Maximum Entries: 3 Server Current Entries: 1 SNTP Servers ------------...
Page 82 Management...
Page 83: Stacking S-Series Switches
• The S50N, S50V, and S25P models of the S-Series can be stacked together. While the hardware connection limit is a maximum of eight units in the stack, Dell Force10 currently only supports a stack maximum of three units. Stacking S-Series Switches | 83...
Page 84 The original S50 model can only be stacked with another S50. The number of S50s in a stack is limited by the number of S50s with 10G modules (the hardware supports stacking eight units, but the current software implementation limits stack size to seven), but, again, Dell Force10 currently only supports a stack maximum of three units.
Page 85: Stacking Commands Overview
Stacking Commands Overview Command Syntax Command Mode Purpose Privileged Exec Starting with SFTOS 2.5.1, this command copies a selected copy image1 image2 software image from the management switch to a designated unit:// image1 image2 unit switch. Note: Before SFTOS 2.5.1, the archive copy-sw command copied the system image from the management unit to the other stack members.
Page 86: Unit Number Assignment
to be a management unit, then the newly added unit changes its configured value to disable the management unit function. • Conversely, if the management unit function is enabled or unassigned on the unit and there is no other management unit in the system, then the unit becomes the management unit. •...
Page 87 Number Assignment on page 86). Use the command (Figure 5-56 on page 88) to see the show switch status of the individual members in a stack. Note: Unit numbers are stored in NVRAM and are persistent, even when a unit is removed from a stack.
Page 88 All of the forwarding protocols run on the management unit. The subordinate units do not run the full stack. The forwarding database resides on the management unit, which then synchronizes the forwarding tables in the other units in the stack. The individual units in the stack then make individual forwarding decisions based on their local copy of the forwarding table.
Page 89: Adding A Switch To A Stack
Adding a Switch to a Stack Note: Dell Force10 currently supports a stack maximum of three units. S50 models can only stack with other S50 models. The S25P, S50N, and S50V can be stacked together. See the Quick Reference appropriate to your S-Series model or its installation guide for instructions on making the physical stacking connections.
Page 90: Removing A Switch From A Stack
Figure 5-57. Using the member Command to Add a Unit to a Stack Force10 #show supported switchtype Mgmt Code Switch Model ID Pref Type --- -------------------------------- ------------ --------- SA-01-GE-48T 0x100b000 SA-01-GE-48T 0x100b000 SA-01-GE-48T 0x100b000 Force10 #configure Force10 (Config)#stack Force10 (config-stack)#member 5 1 Force10 (config-stack)#exit Force10 (Config)#exit Force10 #show switch...
Page 91: Setting Management Unit Preferences
Step Command Syntax Command Mode Purpose Attach the stacking cables to support the new configuration (see Figure 5-54 on page 84). show stack-port counters Privileged Exec Inspect the stack traffic data to confirm that the stack is successfully reconfigured. See Figure 5-68 on page To remove a switch from the stack, use the no member...
Page 92 Figure 5-60. Changing Switch Unit Priority Force10 (Config)#switch 4 priority 2 Force10 (Config)#exit Force10 #show switch Management Preconfig Plugged-in Switch Code Switch Status Model ID Model ID Status Version ------ ------------ ------------- ------------- --------------------- -------- Stack Member SA-01-GE-48T SA-01-GE-48T 2.3.1.5 Mgmt Switch SA-01-GE-48T SA-01-GE-48T...
Page 93: Inspecting Management Preferences
Figure 5-61. Moving the Management Unit Function within a Stack Force10 (config-stack)#movemanagement 1 3 Moving stack management will unconfigure entire stack including all interfaces. Are you sure you want to move stack management? (y/n) y Force10 (config-stack)# (Unit 1)>This switch is not manager of the stack. STACK: detach 15 units Unit 1 no longer (Unit 1)>...
Page 94: Administrative Management Preference
Administrative Management Preference The “Administrative Management Preference” indicates the preference given to this unit over another units in a stack by an administrator when the management unit fails. The default value is 1. A value of 0 means the unit cannot become a management unit. This field indicates the administrative management preference value assigned to the switch.
Page 95: Copying Sftos Software To A Member Switch
For more on downloading SFTOS, see Downloading a Software Image on page 45 in the Getting Started chapter See also the command syntax for the set of Dual Software Image Management commands in that section of the System Configuration Commands chapter in the SFTOS Command Reference. The purpose of the two “image”...
Page 96 Figure 5-62. Using the show bootvar Command within a Stack Force10-S50 #show switch Management Preconfig Plugged-in Switch Code Switch Status Model ID Model ID Status Version ------ ------------ ---------------- ---------------- --------------- -------- Mgmt Switch SA-01-GE-48T SA-01-GE-48T F.10.20.1 Stack Member SA-01-GE-48T SA-01-GE-48T Code Version Mismatch F.10.16.2 Force10-S50 #show stack...
Page 97 Figure 5-64. Using the show bootvar Command within a Stack Force10-S50 #boot system 2 image2 Activating image image2 .. Force10-S50 #show bootvar Image Descriptions image1 : default image image2 : Images currently available on Flash -------------------------------------------------------------------- unit image1 image2 current-active next-active -------------------------------------------------------------------- F.10.20.1...
Page 98: Using Show Commands For Stacking Information
Using show Commands for Stacking Information show commands to gather information about stack members. In this chapter, see the following examples of using show commands: • : See Figure 5-55 on page show stack-port • : See Figure 5-56 on page Figure 5-57 on page Figure 5-58 on page 91, and...
Page 99 Figure 5-68. Using the show stack-port counters Command Example on an S50 Force10 #show stack-port counters ------------TX-------------- ------------RX-------------- Data Error Data Error Rate Rate Total Rate Rate Total Unit Interface (Mb/s) (Errors/s) Errors (Mb/s) (Errors/s) Errors ---- ---------------- ------ ---------- ---------- ------ ---------- ---------- Stack Port A Stack Port B Stack Port A...
Page 100 Figure 5-70. show stack Command Example Force10 #show stack Configured Running Stack Stack Link Link Unit Interface Mode Mode Status Speed (Gb/s) ---- ---------------- ---------- ---------- ------------ ------------ Stack Port A Stack Link Up Stack Port B Stack Link Up Stack Port A Stack Link Up...
Page 101: System Logs
System Logs This chapter describes the system logging features, in these major sections: • Logging Commands on page 101 • Configuring the System Log on page 102 • Using the Persistent Event Log on page 105 • Displaying the SNMP Trap Log on page 106 •...
Page 102: Configuring The System Log
• . See Configuring Syslog Server Host Connections on page 107. logging host • logging host reconfigure . See Configuring Syslog Server Host Connections on page 107. • logging host remove . See Configuring Syslog Server Host Connections on page 107.
Page 103: Displaying The System Log
Command Syntax Command Mode Purpose Configuring Syslog Server Host Connections on page 107. (Optional) To display accurate times and dates in the log, configure a connection to an SNTP server. See Setting the System Date and Time Manually on page Note: You can copy the System log from the switch to a TFTP server.
Page 104: Interpreting System Log Messages
Interpreting system log messages Table 6-2 uses the first log message in Figure 6-71 as an example to present the field descriptions: <189> JAN 01 00:00:58 0.0.0.0-1 TRAPMGR[190295576]: traputil.c(661) 67 %% Cold Start: Unit: 0 Table 6-2. A System Log Message Decomposed Field Example Description <189>...
Page 105: Using The Persistent Event Log
The log does not require configuration. The purpose of the Event log is to save system exception information to persistent memory for analysis by Dell Force10 Engineering. Error messages start with “ERROR”, while event messages start with “EVENT”, as shown in Figure 6-72.
Page 106: Displaying The Snmp Trap Log
Displaying the SNMP Trap Log show logging traplogs command displays a trap summary (number of traps since last reset and last view), followed by trap details, as shown in Figure 6-73. Figure 6-73. Using the show logging traplogs Command Force10 #show logging traplogs Number of Traps Since Last Reset....6 Number of Traps Since Log Last Viewed..6 Log System Up Time Trap...
Page 107: Configuring Syslog Server Host Connections
Configuring Syslog Server Host Connections A syslog server can: • Store system messages and/or errors • Store to local files on the switch or a remote server running a syslog daemon • Collect message logs from many systems The S-Series switch sends System log messages to all enabled syslog servers. You have the following choices for managing the logging settings: •...
Page 108: Configure A Syslog Server
Figure 6-74. Using the logging host Command Force10 #config Force10 (Config)#logging ? buffered Buffered (In-Memory) Logging Configuration. cli-command CLI Command Logging Configuration. console Console Logging Configuration. facility Syslog Facility Configuration. history Syslog Configuration. host Enter IP Address for Logging Host. Force10 (Config)#logging host ? <hostaddress>...
Page 109 local7.debugging /var/log/force10.log • for a 5.7 SunOS UNIX system, include this line in the file /etc/syslog.conf local7.debugging /var/adm/force10.log In the lines above, local7 is the logging facility and debugging is the Syslog level. Therefore the Syslog daemon sends all messages since debugging is the lowest Syslog level. Refer to the logging facility command descriptions, above, for more information on those keywords and on setting the logging host...
Page 110 System Logs...
Page 111: Configuring Interfaces
Configuring Interfaces This chapter contains overview information on interfaces supported by SFTOS, along with information on configuring physical interfaces, in the following sections: • Interface Support in SFTOS • Viewing Interface Information on page 112 • Viewing Layer 3 Interface Information on page 117 •...
Page 112: Viewing Interface Information
Table 7-3. Interfaces in the S-Series Modes Require Type of Interface Possible Creation Default State Port Channel Layer 2 Shut down (disabled) Layer 3 VLAN Layer 2 Yes* Enabled (active for Layer 2) Layer 3 Shut down (disabled for Layer 3) *The Default VLAN (VLAN 1) does not require creation, but it can be modified.
Page 113 In addition to inspecting the running config, as described above (see Figure 7-76), the CLI provides multiple commands to inspect the status and configuration of interfaces: • : Use this command, in either Privileged Exec mode or User Exec show interface managementethernet mode (the only command in this set that is available in User Exec mode), to display the current Management Ethernet interface settings.
Page 114 Port Force10 #show interface 1/0/1 Ports 1 through 48 Packets Received Without Error....0 Packets Received With Error....0 Broadcast Packets Received..... 0 Packets Transmitted Without Errors..... 0 Transmit Packet Errors......0 Collision Frames....... 0 Time Since Counters Last Cleared....0 day 0 hr 25 min 38 sec Force10 # Contrast the output in Figure...
Page 115 Switch Force10 #show interface ethernet switchport Total Packets Received (Octets)....0 Unicast Packets Received....... 0 Multicast Packets Received..... 0 Broadcast Packets Received..... 0 Receive Packets Discarded...... 0 Octets Transmitted......0 Packets Transmitted Without Errors..... 0 Unicast Packets Transmitted....0 Multicast Packets Transmitted....0 Broadcast Packets Transmitted....
Page 116 Figure 7-82. Checking Detailed Interface Counters Per Port Using show interface ethernet Force10 #show interface ethernet 1/0/43 Total Packets Received (Octets)....16217658 Packets Received > 1522 Octets....0 Packets RX and TX 64 Octets....3260 Packets RX and TX 65-127 Octets....11968 Packets RX and TX 128-255 Octets....
Page 117: Viewing Layer 3 Interface Information
Viewing Layer 3 Interface Information Note: Layer 3 interfaces can only be created with the Layer 3 Package of SFTOS. Use the show version command to determine what package is installed. See Figure 3-8 on page To enable Layer 3 traffic on a particular interface, use the command in Global Config mode to ip routing enable routing for the system, then add an IP address to the selected interface using the...
Page 118 Physical interfaces can become part of virtual interfaces such as VLANs or Link Aggregation Groups (LAGs), also called port channels: • For more information on VLANs, see VLANs on page 207. • For more information on port channels, see Link Aggregation on page 165.
Page 119 — Lag—This port is a member of a port-channel (LAG). — Probe—This port is a probe port. • The Admin Mode column shows if the port is enabled or shut down. To enable the port, see Enabling an Interface on page 120.
Page 120: Enabling An Interface
Enabling an Interface Ports are shut down by default. To enable them, you can do so in bulk mode or per port. For more on bulk configuration, see Bulk Configuration on page 126. To enable an individual port, use the following sequence of commands: Step Command Syntax Command Mode...
Page 121 Figure 7-86. Using the show port Command to Verify Port Settings Force10 #show port 1/0/30 Admin Physical Physical Link Link LACP Interface Type Mode Mode Status Status Trap Mode -------------- ------ ------- -------- ------ ------ ------- 1/0/30 Enable Auto 100 Full Up Enable Enable The Link Status field indicates whether the port is passing traffic.
Page 122: Configuring Layer 3 Mode
The following table describes the expected interface status of two directly connected fiber ports based on the configured or auto-negotiated speed and duplex settings. The fiber ports support only auto-negotiation or 1 Gbps full-duplex. Table 7-5. Expected Interface Status of Directly Connected Fiber Ports Port B Port A 1 Gbps Full...
Page 123: Enabling Power Over Ethernet Ports (Poe)
PoE priority. • Support for PoE is provided in the CLI, as well as SNMP. • SNMP support is through the Power-Ethernet MIB (POWER-ETHERNET-MIB) and the Dell Force10 SFTOS-POWER-ETHERNET-MIB for snmpwalk. • Syslog messages are provided for PoE events.
Page 124 You can override the default power allocation method by using the CLI to prioritize the delivery of power to the ports. When the power budget is exceeded, the next port attempting to power up causes the port with the lowest priority to stop delivering power, to allow higher priority ports to deliver power. In any case, even if a connected device is not currently drawing power, the port can stay up and pass data.
Page 125 Figure 7-88. Sample of Output of show inlinepower Command for a Switch Force10-S50V >show inlinepower all Slot Admin Output Port Type Mode Class Priority Power Limit Status ------ --------------- ------- ----- --------- ------ ----- --------- 1/0/1 Enable 0.000 Searching 1/0/2 Enable 0.000 Searching...
Page 126: Bulk Configuration
Bulk Configuration Bulk configuration means configuring groups of interfaces (physical or logical) with the same command(s). You have these bulk configuration options: • Global: Make system-level changes in the Global Config mode. For example, to enable all ports, enter no shutdown all in Global Config mode.
Page 127: Bulk Configuration Examples
Bulk Configuration Examples The following examples are of using the command for bulk configuration. interface range Configure a single range In this example, the command was used to select ports 1 through 23 on stack interface range ethernet range member 5. Then, the command enabled all of those ports.
Page 128 Configuring Interfaces...
Page 129: Dhcp
DHCP This chapter describes how to configure the S-Series to serve as a DHCP/BootP relay agent or a DHCP server. Note: The S-Series switch can only act as a DHCP/BootP relay agent when the Layer 3 Package of SFTOS is installed. This chapter contains the following sections: •...
Page 130: Configuring The Switch As A Dhcp Server
Table 8-6. Messages Exchanged between a DHCP Client and Server Reference Message 0x01 DHCPDISCOVER The client is looking for available DHCP servers. 0x02 DHCPOFFER The server response to the client’s DHCPDISCOVER message. 0x03 DHCPREQUEST The client broadcasts to the server, requesting offered parameters from one server specifically, as defined in the packet.
Page 131: Configuring A Dhcp Address Pool (Required)
Configuring a DHCP address pool (required) You can configure a DHCP address pool with a name that is a symbolic string (such as “Engineering”) or an integer (such as 0). Configuring a DHCP address pool also places you in DHCP pool configuration mode, as identified by the “(config-dhcp)#”...
Page 132: Using The Switch As A Bootp/Dhcp Relay Agent
Figure 8-92. Using the show ip dhcp server statistics Command Force10 #show ip dhcp server statistics Automatic Bindings......0 Expired Bindings....... 0 Malformed Bindings......0 Messages Received ---------- ---------- DHCP DISCOVER........5 DHCP REQUEST........0 DHCP DECLINE........0 DHCP RELEASE........0 DHCP INFORM........
Page 133: Configuring The Switch As A Dhcp Relay Agent
Configuring the Switch as a DHCP Relay Agent Implement the DHCP relay agent feature with bootpdhcprelay commands, all in Global Config mode. For details on these commands, see the Bootp/DHCP Relay Commands section of the Routing Commands chapter in the SFTOS Command Reference Step Command...
Page 134 Figure 8-94. Diagram of Two Switches Acting as DHCP Server and Relay Agent Configure switch “S50-B”, from the diagram above, as a DHCP server, as shown in Figure 8-95. Figure 8-95. Example of Configuring a Switch as a DHCP server S50-B #config S50-B (Config)#service dhcp S50-B (Config)#ip dhcp pool Pool1...
Page 135: Providing User Access Security
Providing User Access Security This chapter contains the following major sections: • Choosing a TACACS+ Server and Authentication Method • Configuring TACACS+ Server Connection Options on page 137 • Configuring a RADIUS Connection on page 138 • Enabling Secure Management with SSH on page 140 SFTOS supports several user-access security methods to the switch, including local (see Creating a User and Password on page...
Page 136 Command Step Command Syntax Mode Purpose show tacacs Privileged Verify the configuration and status of TACACS Exec Figure 9-98) servers (See show authentication Privileged Display the ordered authentication methods for all Exec authentication login lists. would generally not be the last method specified, in order to avoid a situation where the final TACACS authentication option depends on a server that might be offline.
Page 137: Configuring Tacacs+ Server Connection Options
Figure 9-100. Verifying the Authentication Method Lists with the show authentication Command Force10_S50)#show authentication Authentication Login List Method 1 Method 2 Method 3 ------------------------- -------- -------- -------- defaultList local undefined undefined local tacacs undefined undefined undefined undefined three tacacs reject undefined Figure 9-101 shows the assignment of list “three”...
Page 138: Configuring A Radius Connection
Configuring a RADIUS Connection Remote Authentication Dial-In User Service (RADIUS) is another means of port-based network access control. The switch acts as an intermediary to a RADIUS server, which provides both an authentication and an accounting function to maintain data on service usages. Under RFC 2866, an extension was added to the RADIUS protocol giving the client the ability to deliver accounting information about a user to an accounting server.
Page 139 • radiusList method associated with the 802.1x default login (for non-configured users for 802.1x port security). 802.1x port-based access control is enabled for the system. • Interface 1/0/1 in force-authorized mode, because this is where the RADIUS server and protected network resources are located If a user, or supplicant, attempts to communicate through the switch on any interface except port 1/0/1, the system challenges the supplicant for login credentials.
Page 140: Enabling Secure Management With Ssh
Figure 9-104. Topology with Two RADIUS Servers Figure 9-105. Configuration Example for Two RADIUS Servers Force10 #config Force10 (Config)#radius server host auth 10.10.10.10 Force10 (Config)#radius server key auth 10.10.10.10 Enter secret (16 characters max):****** Re-enter secret:****** Force10 (Config)#radius server host auth 11.11.11.11 Force10 (Config)#radius server key auth 11.11.11.11 Enter secret (16 characters max):****** Re-enter secret:******...
Page 141 4. Disable the insecure version of the management server (Telnet). The SSH keys certificates are in a .zip file that are on the S-Series CD-ROM. You can also get them from your Dell Force10 account team. The .zip file contains two directories—ssh and ssl: •...
Page 142: Enabling Ssh
Enabling SSH Starting with SFTOS 2.5.1.1, you no longer need to generate the SSH keys off-line. Before you enable the SSH server, NVRAM does not contain the keys, as shown (or not shown, in this case) in Figure 9-106. After you enable the SSH server and the SSH keys are automatically generated, the keys will not be deleted even if SSH is disabled later.
Page 143 2. To verify that the server has started, use the command to show the SSH server status. show ip ssh Figure 9-108. Using the show ip ssh Command to Show SSH Server Status Force10 #show ip ssh SSH Configuration Administrative Mode: ......Enabled Protocol Levels: ......
Page 144 Providing User Access Security...
Page 145: Spanning Tree
Spanning Tree This chapter discusses the SFTOS implementation of Spanning Tree Protocol (STP), Multiple Spanning Tree Protocol (MSTP), and Rapid Spanning Tree Protocol (RSTP). The chapter contains the following major sections: • SFTOS STP Switching Features • Spanning Tree Protocol (STP, IEEE 802.1D) on page 146 •...
Page 146: Spanning Tree Protocol (Stp, Ieee 802.1D)
Spanning Tree Protocol (STP, IEEE 802.1D) When SFTOS is set to run in basic Spanning Tree Protocol (STP) mode, SFTOS conforms to IEEE 802.1D and the RFC 1493 Bridge MIB. A spanning tree algorithm provides path redundancy while preventing undesirable loops in a network: •...
Page 147: Basic Stp Cli Port Management
Basic STP CLI Port Management Privileged and User Exec Mode CLI command: • Display STP settings and parameters for an interface — show spanning-tree interface unit/slot/port Global Config Mode CLI command: • [Disable] enable STP administrative mode for all interfaces —...
Page 148: Port States
Port States RSTP merges states from STP, leaving just three possible operational states. The 802.1D blocking and disabled states are merged into the 802.1w discarding state. The 802.1D learning and listening states are merged into the 802.1w learning state. Port Costs RSTP introduces new default port costs.
Page 149: Important Points To Remember
Important Points to Remember MSTP is part of the SFTOS switching package. Either IEEE 802.1D or IEEE 802.1s operates at any given time. The following is the SFTOS implementation of MSTP: • MSTP instances can only exist within a region. •...
Page 150: Mstp Cli Management
MSTP CLI Management SFTOS supports Multiple Spanning Tree Protocol (MSTP) by default. The basic STP commands (see Basic STP (802.1D) CLI Management on page 146) applicable to MSTP. In addition to display commands (see Display Spanning Tree Configuration on page 157), SFTOS provides the following commands specific to MSTP: Command Syntax...
Page 151: Setting The Stp Version Parameter
4. Verify the global configuration, the interface configuration, and the STP convergence. See Display Spanning Tree Configuration on page 157. 5. (OPTIONAL) Influence the STP topology. See Influencing the Spanning Tree Topology on page 153 6. (OPTIONAL) Change global STP operational parameters. See Changing Spanning Tree Global Parameters on page 155.
Page 152: Enabling Stp
Enabling STP Use the following commands to run Spanning Tree convergence on participating switches. spanning tree Global Config Enable the Spanning Tree Protocol on participating switches. spanning-tree port mode enable Interface Config Enable STP on selected ports. spanning-tree port mode enable all Global Config Alternatively to enabling STP on selected ports, activate STP on all ports.
Page 153: Influencing The Spanning Tree Topology
Figure 10-111. Using the spanning-tree Command S50-1 #config S50-1 (Config)#spanning-tree S50-2 #config S50-2 (Config)#spanning-tree S50-3 #config S50-3 (Config)#spanning-tree 3. Use either the command in Global Config mode to enable Spanning spanning-tree port mode enable all Tree on all ports (as shown in Figure 10-112), or use the command in...
Page 154: Example Of Influencing The Spanning Tree Configuration
The following commands influence which switch becomes the root bridge and the role of a port in the spanning tree: Command Syntax Command Mode Purpose spanning-tree msti { 0 {cost 1-200000000 Interface To influence the role of the selected port in the Config | external-cost 1-200000000 | 0-240 } | spanning tree:...
Page 155: Changing Spanning Tree Global Parameters
After lowering the priority of MST 5: Force10 #show spanning-tree mst port summary 5 all Port Interface Mode Type State Role --------- -------- ------- ----------------- ---------- 1/0/1 Enabled Disabled Disabled 1/0/2 Enabled Disabled Disabled 1/0/3 Enabled Disabled Disabled 1/0/4 Enabled Disabled Disabled 1/0/5...
Page 156: Enabling An Edge Port
Enabling an Edge Port Note: Only interfaces connected to end stations should be set up as edge ports. Edge ports in 802.1D mode are not supported. The edge port feature (Portfast) enables interfaces to begin forwarding packets immediately after they are connected.
Page 157: Display Spanning Tree Configuration
1. Configure switch R7. Enable STP globally and on associated ports; create MST instances and associated VLANs: R4 (Config)#interface vlan R4 (Conf-if-vl-2)#tagged 1/0/2 R4 (Conf-if-vl-2)#tagged 1/0/3 R4 (Conf-if-vl-2)#exit R4 (Config)#interface vlan 3 R4 (Conf-if-vl-3)tagged 1/0/2 R4 (Conf-if-vl-3)tagged 1/0/3 R4 (Config)#spanning-tree R4 (Config)#spanning-tree configuration name span1 R4 (Config)#spanning-tree configuration revision 1 R4 (Config)#spanning-tree msti instance 2...
Page 158 Command Syntax Command Mode Purpose show spanning-tree mst detailed mstid Privileged Exec Display settings and parameters for one MST instance. show spanning-tree vlan vlanid Privileged Exec Display the association between an MST instance and a VLAN. See Figure 10-125 on page 162.
Page 159 Use the command (Figure 10-118) to determine current bridge characteristics: show spanning-tree brief Figure 10-118. Example Output from spanning-tree brief Command Force10 #show spanning-tree brief Bridge Priority........ 32768 Bridge Identifier......80:00:00:01:E8:D5:A7:82 Bridge Max Age......... 20 Bridge Max Hops........ 20 Bridge Hello Time......2 Bridge Forward Delay......
Page 160 Figure 10-120 displays the output from the command for STP details show spanning-tree mst port summary of individual ports: Figure 10-120. Example Output of show spanning-tree mst port summary Command S50-2 #show spanning-tree mst port summary 0 1/0/1 MST Instance ID........ CST Port Interface Mode...
Page 161 Figure 10-122 shows the output of the command from S50-3 for show spanning-tree mst port summary participating ports: Figure 10-122. Example Output from show spanning-tree mst port summary Command S50-3 #show spanning-tree mst port summary 0 1/0/1 MST Instance ID........ CST Port Interface Mode...
Page 162 Figure 10-124 shows the output of the command after lowering the show spanning-tree mst port summary priority of the MST instance (contrast to Figure 10-122): Figure 10-124. Example Output from show spanning-tree mst port summary Command Force10 #show spanning-tree mst port summary 50 all Port Interface Mode...
Page 163: Displaying Stp, Mstp, And Rstp Operation
Displaying STP, MSTP, and RSTP Operation Use the show interface ethernet command to display STP, MSTP, and RSTP BPDUs unit/slot/port transmitted and received. Figure 10-126. Example Output from show interface ethernet Command Force10 #show interface ethernet 1/0/1 Type........... Normal Admin Mode........Disable Physical Mode........
Page 164 Spanning Tree...
Page 165: Link Aggregation
Link Aggregation This chapter contains the following major sections: • Link Aggregation—IEEE 802.3 • Link Aggregation Group (LAG) Commands on page 168 • Configuring a LAG on page 170 • Link Aggregation Control Protocol (LACP) on page 174 • Displaying LAGs (Port Channels) on page 176 Note: SFTOS 2.5.1 introduces the Interface Port Channel Config mode (see Interface Port Channel Config mode commands on page...
Page 166: Lag Load Distribution
A LAG can offer the following benefits: • Increased reliability and availability — if one of the physical links in the LAG goes down, traffic will be dynamically and transparently reassigned to one of the other physical links. • Better use of physical resources — traffic can be load-balanced across the physical links. •...
Page 167: Lag Implementation Restrictions
LAG Implementation Restrictions Interface restrictions: • All of the physical links of a LAG must run in full-duplex mode at the same speed. Set the speed and mode of a port to that of the LAG before adding the port to the LAG. •...
Page 168: Link Aggregation Group (Lag) Commands
Link Aggregation Group (LAG) Commands Privileged Exec and User Exec mode commands • To remove all LAGs: — clear port-channel • To display a summary of LAGs, including port assignments: — show interface port-channel brief • To display settings and counters for a specific LAG, including port assignments: —...
Page 169 The CLI commands in the Interface Port Channel Config mode include the following: • Add to the selected LAG (or delete from it), one or more ports: — [ – channel-member unit/slot/port unit/slot/port unit/slot/port • Enter a description for the selected LAG: —...
Page 170: Interface Config Mode Commands
Interface Config mode commands Note: The [no] port lacpmode enable command is deprecated. The CLI commands in Interface Config mode used to configure LAGs are: • Add a port to a LAG: — (where is the logical interface defined by the system for addport unit/slot/port unit/slot/port the LAG)
Page 171: Lag Configuration Examples
Step Command Syntax Command Mode Purpose (continued) interface port-channel Global Config Create the LAG and/or enter Interface Port Channel 1–128 Config mode. For the LAG ID, enter an integer between 1 (Before v. 2.5.1, the syntax and 128 that is not already in use by another LAG. The was port-channel name character string allows the dash “-”...
Page 172: Basic Lag Configuration Example
Basic LAG configuration example This example shows configuring the S-Series switch to support LAGs to a server and to a Layer 2 switch. Figure 11-127. LAG Example Network Diagram 1. Use the command to learn the LAG IDs already in use (see show interface port-channel brief Figure 11-130 on page 173).
Page 173: Adding A Lag To A Vlan
4. Verify both LAGs. Figure 11-130. Using the show interface port-channel brief Command Force10#show interface port-channel brief Codes: L - LACP Port-channel LAG Status Ports --- ------ ------- Up 1/0/2 (Up) 1/0/3 (Up) Up 1/0/2 (Up) 5. At this point, the LAGs could be added to VLANs, as described next. Adding a LAG to a VLAN To add a LAG to a VLAN, you access the Interface VLAN mode with the command,...
Page 174: Using The Interface Range Mode
Using the Interface Range mode If you are applying the same configuration elements to a number of LAGs (also called bulk configuration you can replicate the steps shown in the examples above for all of those LAGs from the Interface Range mode.
Page 175: Lacp Configuration
LACP works by constantly exchanging custom MAC PDUs across LAN Ethernet links. The protocol packets are only exchanged between ports that are configured to be LACP-capable. LACP Configuration SFTOS allows the user to enable LACP and configure LACP timeout characteristics for a particular LAG. Note: LACP is enabled by default.
Page 176: Displaying Lags (Port Channels)
Verify the status of the LAG as dynamic created through LACP: Figure 11-134. Displaying Details on a LAG with the show interface port-channel Command Force10 (Config)#exit Force10#show interface port-channel 2 Description........MAC Address........00:01:E8:D5:A0:81 MTU..........1518 Packets RX and TX 64 Octets....0 Packets RX and TX 65-127 Octets....
Page 177: Quality Of Service
Quality of Service This chapter contains the following major sections: • Using Differentiated Services (DiffServ) on page 177 •Deploying DiffServ on page 180 •Monitoring DiffServ on page 184 •Configuring Differentiated Services by Department on page 191 •Configuring Differentiated Services for Voice over IP on page 194 Using Differentiated Services (DiffServ) This section contains the following subsections: •...
Page 178 • Interior node: A switch in the core of the network is responsible for forwarding packets, rather than for classifying them. It will decode the DSCP in an incoming packet, and provide buffering and forwarding services using the appropriate queue management algorithms. To configure DiffServ on a particular S-Series router, you first determine the QoS (quality of service) requirements for the network as a whole.
Page 179 Packet processing begins by testing the match criteria for a packet. A policy is applied to a packet when a class match within that policy is found. Note that the type of class — all, any, or ACL — has a bearing on the validity of match criteria specified when defining the class.
Page 180: Deploying Diffserv
Deploying DiffServ The four basic steps necessary to deploy DiffServ are: 1. Create class-maps. (See Creating Class-maps/DiffServ Classes on page 180.) A class-map is used to differentiate between types of traffic based on a packet’s match to defined rules in the class-map.
Page 181 parameter is a case-sensitive alphanumeric string from 1 to 31 characters that you create to classname uniquely identify the class. Note: The word “default” is reserved and must not be used as a class name. For example, entering means “Create a class named Dallas that must class-map match-all Dallas match all statements in the policy.”...
Page 182: Creating A Policy-Map
Creating a Policy-Map The second step in deploying DiffServ is to create a policy-map. From the Global Config mode, use the command (Figure 12-139) to create or identify an existing policy-map. The policy-map policy-map defines: • Traffic Conditioning—Specify traffic conditioning actions (policing, marking, shaping) to apply to traffic classes •...
Page 183: Applying Policies
Figure 12-139. policy-map Command Example policy-map pm-1 in class cl-map-1 assign-queue 3 exit class cl-map-2 mark ip-precedence 1 exit In the above example, we have created a policy-map with the name of “pm-1”. This policy-map is meant to affect inbound traffic. Traffic that is part of the class cl-map-1 (created in the previous example) is affected. Traffic that falls into this class will be assigned to queue 3.
Page 184: Enabling Differentiated Services
Figure 12-141. service-policy Interface Command Example Force10 #config Force10 (Config)#interface 1/0/4 Force10 (Interface 1/0/4)#service-policy in pm-1 Force10 (Interface 1/0/4)# Note: When applied globally, a service-policy command appears under each interface, as if the command were applied one interface at a time. The commands then can be removed from individual interfaces, or from all interfaces simultaneously, using the no form of the command.
Page 185: Show Class-Map
Figure 12-142. show class-map Command Example Force10 #show class-map cm-3 Class Name........cm-3 Class Type........All Match Criteria Values ---------------------------- ------------------------------------- IP Precedence Reference Class cl-map-2 Force10 #show class-map cl-map-2 Class Name........cl-map-2 Class Type........All Match Criteria Values ---------------------------- ------------------------------------- Destination Layer 4 Port 7(echo) Force10 #...
Page 186: Using The Show Diffserv Command
Figure 12-143. show class-map Command Example Force10 #show class-map Class Class Name Type Reference Class Name ------------------------------- ----- ------------------------------- cl-map-1 cl-map-2 cm-3 cl-map-2 Force10 # is not specified, this command displays a list of all defined DiffServ classes. The following classname fields are displayed: Class Name—The name of this class.
Page 187: Using The "Show Policy-Map" Command
Policy Attribute Table Size—The current number of entries (rows) in the Policy Attribute Table. Policy Attribute Table Max—The maximum allowed entries (rows) for the Policy Attribute Table. Service Table Size—The current number of entries (rows) in the Service Table. Service Table Max—The maximum allowed entries (rows) for the Service Table. The following examples show sample output from the show diffserv show diffserv service brief...
Page 188 Drop—Drop a packet upon arrival. This is useful for emulating access control list operation using DiffServ, especially when DiffServ and ACL cannot co-exist on the same interface. Exceed CoS—The action to be taken on excess packets per the policing metrics. Exceed Secondary CoS—The action to be taken on excess packets conforming with the secondary class of service value per the policing metrics.
Page 189 Non-Conform IP Precedence Value—This field displays the IP Precedence mark value if this action is markprec. Bandwidth—This field displays the minimum amount of bandwidth reserved in either percent or kilobits-per-second. Expedite Burst Size (KBytes)—This field displays the maximum guaranteed amount of bandwidth reserved in either percent or kilobits-per-second format.
Page 190: Using The Show Service-Policy Command
Figure 12-147. show policy-map Command Example Force10 #show policy-map pm-1 Policy Name........pm-1 Policy Type........In Class Name........cl-map-1 Assign Queue........3 --More-- or (q)uit Class Name........cl-map-2 Mark IP Precedence......1 The following is sample output from show policy-map interface: Figure 12-148.
Page 191: Configuring Differentiated Services By Department
The following information is repeated for each interface and direction (only those interfaces configured with an attached policy are shown): Intf (Interface)—Valid unit, slot and port number separated by forward slashes. Oper Stat (Operational Status)—The current operational status of this DiffServ service interface. Offered Packets—A count of the total number of packets offered to all class instances in this service before their defined DiffServ treatment is applied.
Page 192 Figure 12-150. DiffServ Internet Access Example Network Diagram 1. Ensure DiffServ operation is enabled for the switch. Force10 #config Force10 (Config)#diffserv 2. Create a DiffServ class of type for each of the departments, and name them. Define the match criteria—VLAN ID—for the new classes. Figure 12-151.
Page 193 each department's traffic on a different egress queue. This is how the DiffServ inbound policy connects to the CoS queue settings established below. Figure 12-152. Example of Using policy-map Command Force10 (Config)#policy-map internet_access in Force10 (Config-policy-map)#class finance_dept Force10 (Config-policy-classmap)#assign-queue 1 Force10 (Config-policy-classmap)#exit Force10 (Config-policy-map)#class marketing_dept Force10 (Config-policy-classmap)#assign-queue 2...
Page 194: Configuring Differentiated Services For Voice Over Ip
Configuring Differentiated Services for Voice over IP One of the most valuable uses of DiffServ is to support Voice over IP (VoIP). VoIP traffic is inherently time-sensitive. For a network to provide acceptable service, a guaranteed transmission rate is vital. This example shows one way to provide the necessary quality of service: how to set up a class for UDP traffic, have that traffic marked on the inbound side, and then expedite the traffic on the outbound side.
Page 195 1. Enter Global Config mode. Set queue 5 on all ports to use strict priority mode. This queue shall be used for all VoIP packets. Activate DiffServ for the switch. Force10 #config Force10 (Config)#cos-queue strict 5 Force10 (Config)#diffserv 2. Create a DiffServ classifier named “class_voip” and define a single match criterion to detect UDP packets.
Page 196 Quality of Service...
Page 197: Access Control
Access Control This chapter contains the following major sections: • SFTOS Support for Access Control Lists •Common ACL Commands on page 198 •Access Control List Configuration Example on page 202 •Applying an IP ACL to the Loopback Interface on page 203 •...
Page 198: Common Acl Commands
Note that the order of the rules is important: when a packet matches multiple rules in an ACL, the first rule created in the ACL takes precedence. Also, once you define an ACL for a given port, all traffic not specifically permitted by the ACL will be denied access.
Page 199 Each rule is appended to the list of configured rules for the list. Note that an implicit “deny all” MAC rule always terminates the access list. Note: You can add new deny/permit list items to an existing list, but you cannot remove previously configured deny/permit list items.
Page 200: Ip Acl Commands
IP ACL Commands IP ACLs ensure that only authorized users have access to specific resources and block any unwarranted attempts to reach network resources. The following rules apply to IP ACLs: • SFTOS does not support IP ACL configuration for IP packet fragments. •...
Page 201: Protecting The Management Interface With A Loopback Acl
• Attach a specified ACL to the selected interface — ip access-group ACLnumber 1-4294967295 The optional variable is an integer that indicates the order of application of 1-4294967295 this ACL relative to other ACLs assigned to this interface. Figure 13-160. Using the ip access-group Command Force10 (Config)#interface 1/0/21 Force10 (Interface 1/0/21)#ip access-group 100 1 in When the...
Page 202: Access Control List Configuration Example
2. Within that mode, use the command to assign the appropriate ACLs (see ip access-group ACLnumber Figure 13-160 on page 201). For a configuration example, see Applying an IP ACL to the Loopback Interface on page 203. Access Control List Configuration Example The following example shows how to set up an IP ACL with two rules—one for TCP traffic and one for UDP traffic.
Page 203: Applying An Ip Acl To The Loopback Interface
Figure 13-164. Example of Defining a Second IP ACL Rule Force10 #config Force10 (Config)#access-list 101 permit udp 192.168.77.0 0.0.0.255 192.178.77.0 0.0.0.255 Force10 (Config)# 3. Apply the ACL to inbound traffic on port 1/0/2. Only traffic matching the criteria will be accepted. Figure 13-165.
Page 204: Restrictions On The Usage Of Loopback Interface Acl
To apply an ACL (standard or extended) for loopback, use the following sequence: Command Step Command Syntax Mode Purpose • For a Standard IP ACL: Global Create an IP ACL. access-list {deny | permit} {every | } [log] 1-99 srcip srcmask Note: The mirror Config [assign-queue...
Page 205: Enabling Broadcast Storm Control
Figure 13-166. Loopback ACL Example Force10 (Config)#access-list 2 permit every Force10 (Config)#access-list 2 deny 10.240.4.113 255.255.255.0 Force10 (Config)#interface loopback 0 Force10 (Conf-if-lo-0)# ip access-group 2 in 10 10 is the priority, an optional parameter. Force10 (Conf-if-lo-0)# exit Force10 #show ip access-lists 2 ACL ID: 2 Interface :loopback Rule Number: 1...
Page 206 Figure 13-167. Using the show interface-ethernet Command Force10 #show interface ethernet 1/0/2 Type........... Normal Admin Mode........Enable Physical Mode........Auto Physical Status........ Down Speed.......... 0 - None Link Status........Detach MAC Address........0001.E8D5.A058 Total Packets Received (Octets)....0 Packets Received > 1522 Octets....0 Packets RX and TX 64 Octets....
Page 207: Vlans
VLANs This chapter describes the use of SFTOS to create IEEE 802.1Q Virtual LANs (VLANs); it contains the following major sections: • Introduction to VLAN Configuration on page 207 • Important Points to Remember on page 208 • Implementing VLANs on page 209 •...
Page 208: Important Points To Remember
A VLAN is a set of end stations and the switch ports that connect them. You may have many reasons for the logical division, such as department or project membership. The only physical requirement is that the end station and the port to which it is connected both belong to the same VLAN. Each VLAN in a network has a VLAN ID, which appears in the IEEE 802.1Q tag in the Layer 2 header of packets transmitted on a VLAN.
Page 209: Implementing Vlans
• It is possible to set the management VLAN to a VLAN that does not exist. If you cannot reach anything from the management IP address (see Creating the Management IP Address on page 67), check the management VLAN using show interface managementethernet or show running-config Implementing VLANs Table 14-8.
Page 210: Vlan Mode Commands
VLAN Mode Commands The starting point for VLAN command syntax statements is the VLAN Commands chapter (Chapter 7) in the SFTOS Command Reference. Executing the command (Global Config mode) either creates a VLAN or selects a interface vlan 2-4094 previously created VLAN (or use [no] interface vlan to delete a VLAN) and then enters the Interface 2-4094...
Page 211: Configuration Task List For Vlans
Configuration Task List for VLANs • Creating a VLAN and Adding Ports • Clearing/Resetting a VLAN on page 214 • Adding a LAG to a VLAN on page 215 • Creating a Routed VLAN on page 217 • Enabling Dynamic VLANs with GVRP on page 220 •...
Page 212: Example Of Creating A Vlan And Assigning Interfaces
Example of creating a VLAN and assigning interfaces The diagram in this example shows four S-Series switches, R1, R2, R3, and R4, each configured with VLAN 2 to handle traffic destined for R1. This example creates VLAN 2 to connect four switches, with each switch having an interface that connects through VLAN 2 to switch R1.
Page 213: Assign An Interface To Multiple Vlans
6. Verify the configuration with the commands, or any of the other commands listed in show vlan Displaying VLAN Information on page 233. Notes: • Note that VLAN2 on R1 has some untagged ports and some tagged ports. The tagging type (either untagged or tagged) must match those of their directly connected ports on the other switches.
Page 214: Clearing/Resetting A Vlan
3. Create VLAN 4 on switch R3 and assign port 3. R3 #config R3 (Config)#interface vlan 4 R3 (Conf-if-vl-4)#tagged 1/0/3 4. Create VLAN 3 on switch R4 and assign port 4: R4 #config R4 (Config)#interface vlan 3 R4 (Conf-if-vl-3)#tagged 1/0/4 5.
Page 215: Adding A Lag To A Vlan
Note: Recovery of VLAN information from the startup configuration would then require reloading the switch. Adding a LAG to a VLAN To add a Link Aggregation Group (LAG) (also called a Port Channel) to a VLAN, you first create the LAG, as detailed in the LAG chapter (Configuring a LAG on page 170), and then add the LAG to the...
Page 216: Example Of Adding A Lag To A Vlan
Example of adding a LAG to a VLAN Figure 14-171. Adding a LAG to a VLAN 1. To create the topology shown in Figure 14-171, create the LAG on switch R1, giving it an integer ID (and, optionally, a description — the “admin1” shown here). Add ports to it, and enable it (use either no shutdown command inside the Interface Port Channel mode, or use the global mode shown here).
Page 217: Creating A Routed Vlan
Creating a Routed VLAN This section provides an example of how to configure an S-Series switch to enable VLAN routing. Your switch must be running a version of SFTOS that supports Layer 3 : Step Command Syntax Command Mode Usage ip routing Global Config Enable routing globally...
Page 218: Garp And Gvrp
Figure 14-176. Enabling Routing Globally on a Switch R5#configure R5 (Config)#ip routing 2. Enable ports: R5#configure R5 (Config)#interface 1/0/2 R5 (Interface 1/0/2)#no shutdown R5 (Interface 1/0/2)#exit R5 (Config)#interface 1/0/3 R5 (Interface 1/0/3)#no shutdown R5 (Interface 1/0/3)#exit 3. Create an IP VLAN (a routed VLAN) on switch R1and add port 2 to it: Figure 14-177.
Page 219: Garp Vlan Registration Protocol (Gvrp)
Generic Attribute Registration Protocol (GARP) provides a generic attribute dissemination protocol used to support other protocols such as GVRP (GARP VLAN Registration Protocol. GARP is used to register and deregister attribute values with other GARP participants within bridged LANs. When a GARP participant declares or withdraws a given attribute, the attribute value is recorded with the applicant state machine for the port from which the declaration or withdrawal was made.
Page 220: Garp Commands
GARP Commands Global Config mode, you can enable GVRP, or GMRP, or both for the switch: gvrp adminmode enable gmrp adminmode enable: enables GARP Multicast Registration Protocol (GMRP) on the system gmrp interfacemode enable all: enables GARP Multicast Registration Protocol on all interfaces In Interface Config mode, enable GVRP for a port: gvrp interfacemode enable...
Page 221: Example Of Creating A Dynamic Vlan Through Gvrp
Step Command Syntax Command Mode Usage show gvrp configuration all Privileged Exec Verify the GARP interface. show vlan brief Privileged Exec Verify the VLAN. Example of Creating a Dynamic VLAN through GVRP In this case, after enabling GVRP globally and on specific ports, and then creating a VLAN on R2 with one of those ports: •...
Page 222: Displaying Garp, Gvrp, Gmrp Properties
Figure 14-181. Using the show vlan id Command (R1) #show vlan id 3 Codes: * - Default VLAN, G - GVRP VLANs, E - Ethernet interface Vlan Id Status Ports ------- --------- -------- Active 1/0/2 Notes: • The ‘G’ indicates that this VLAN was dynamically created via GVRP on R1. •...
Page 223: Creating An Ip Subnet-Based Vlan
Creating an IP Subnet-based VLAN Note: IP Subnet-based VLAN functionality was not tested in SFTOS 2.5.2.0, so it is not supported. As shown in Figure 14-183, use the vlan association subnet command in Interface VLAN ipaddr netmask mode to configure an IP subnet-based VLAN by associating the VLAN with an IP address and subnet mask.
Page 224: Configuring A Native Vlan
The following sequence shows the steps for configuring a protected port group: Step Command Syntax Command Mode Usage Global Config Create a new (or specify an existing) protected port by switchport protected groupid group number, and then, optionally, assign a name to it. name name Global Config...
Page 225 6. The default acceptframe type for all ports is “Untagged”. An interface can have only one native VLAN. It can be untagged or tagged. Untagged VLANs on an interface are native VLANs by default. On an interface where there is an untagged VLAN, there can be tagged VLANs, but not tagged native VLANs.
Page 226 Figure 14-186. Validating an Untagged Interface untagged 1/0/2 Is port 1/0/2 tagged as native Reject command for any other VLAN? Is port 1/0/2 untagged for any Reject command other non-default VLAN? Apply command; remove VLAN 1 as native VLAN. Is interface 1/0/2 tagged in Set frametype to admitall some other VLAN? Set frametype to UntaggedOnly...
Page 227: Example Of Configuring A Native Vlan
Figure 14-187. Validating a Tagged Interface tagged 1/0/3 Is 1/0/3 untagged in Reject command the same VLAN? Apply command; set Is 1/0/3 tagged native in the acceptframe to admitall same VLAN? No action required. If the interface is already tagged native, then acceptframe is already set to vlanonly, and tagging properties are correct.
Page 228 Figure 14-190. Using show vlan Command to Display Native VLAN Members Force10 #show vlan Codes: * - Default VLAN, G - GVRP VLANs, E - Ethernet interface, ^ - Native VLAN Vlan Id Status Ports ------- --------- -------- Inactive ^1/0/1 , ^1/0/2 ,1/0/3 ,1/0/4 ,1/0/5 ,1/0/6 ,1/0/7 1/0/8 ,1/0/9 ,1/0/10,1/0/11,1/0/12,1/0/13,1/0/14 1/0/15,1/0/16,1/0/17,1/0/18,1/0/19,1/0/20,1/0/21...
Page 229: Configuring A Vlan Tunnel (Dvlan Or Vlan-Stack)
Configuring a VLAN Tunnel (DVLAN or VLAN-Stack) Note: VLAN stacking functionality existed in SFTOS prior to SFTOS 2.5.2.0, but it was not tested in SFTOS 2.5.2.0, so it is not supported in versions after SFTOS 2.5.1.13. VLAN stacking, also called Double VLAN (DVLAN) and QinQ, support VLAN tunneling. In more detail, with the VLAN-Stack feature, you can “stack”...
Page 230 Step Command Syntax Command Mode Purpose mode dvlan-tunnel Interface Config Enable DVLAN tagging for the port. (same as mode dot1q-tunnel) show dvlan-tunnel Privileged Exec Display DVLAN-enabled VLAN tagging. (same as show dot1q-tunnel) show dvlan-tunnel interface { Privileged Exec Display detailed information for a specific unit/slot/ | all} interface.
Page 231: Dvlan Configuration Example
DVLAN configuration example The example here shows how to configure VLANs so that VLAN traffic from switches R4 and R5 is encapsulated in frames tagged with VLAN 3 going through switch R7. Figure 14-194. DVLAN Example Topology Configure switch R4: Figure 14-195.
Page 232 Note: The first command in Figure 14-195 and in Figure 14-196 configures a dvlan-tunnel ethertype of vman, but you can assign a custom ethertype, which controls the encapsulation of the tunneled traffic, as long as the ethertype matches on both end switches (R4 and R5 here). Note: If you are sending large frames, make sure you configure the MTU appropriately.
Page 233: Displaying Vlan Information
Displaying VLAN Information show port show running-config (see Figure 14-198, below), and show vlan commands provide most of the information about the VLAN configuration. The command has the following options: show vlan • (no option entered) Display summary information for all configured VLANs. See Figure 14-199, below.
Page 234 Figure 14-198. Using the show running-config and show vlan brief Commands Force10 #show running-config !Current Configuration: ![excerpt showing just the vlan elements in the report]! interface vlan exit interface vlan 2 exit interface vlan 3 exit Force10 #show vlan brief VLAN Name MAC AgingIP Address...
Page 235 Figure 14-200. Example Output from show vlan id Command Force10#show vlan id 1 Codes: * - Default VLAN, G - GVRP VLANs, E - Ethernet interface, ^ - Native VLAN Vlan Id Status Q Ports --------- ---------- - ------ Inactive T E ^1/0/3 R2 #show vlan id 300 Codes: * - Default VLAN, G - GVRP VLANs, E - Ethernet interface...
Page 236 VLANs...
Page 237: Igmp Snooping
IGMP Snooping This chapter discusses the use of IGMP (Internet Group Management Protocol) commands for IGMP Snooping, in the following major sections: • Enabling IGMP Snooping on page 237 • Monitoring IGMP Snooping on page 238 See also IGMP Proxy on page 251 in the Routing chapter of this guide.
Page 238: Monitoring Igmp Snooping
set igmp maxresponse 1–3599 (typically, 1 less than group membership interval) — Default 10 seconds — sets the maximum response time on all interfaces set igmp maxresponse all 1–3599 — Both commands are issued from the Global Config mode. set igmp mcrtexpiretime all 0-3600 —...
Page 239 Figure 15-203. Report from show igmp interface Command Force10 #show igmp interface ? <unit/slot/port>Enter interface in unit/slot/port format. membershipDisplay interfaces subscribed to the multicast group. stats Display IGMP statistical information. Force10 #show igmp interface 1/0/10 Slot/Port........1/0/10 IGMP Admin Mode........Enable Interface Mode.........Disable IGMP Version........3 Query Interval (secs)......125 Query Max Response Time (1/10 of a second..100...
Page 240 Figure 15-205. Report from show ip igmp interface Command Force10 #show ip igmp ? <cr> Press Enter to execute the command. groups Display the subscribed multicast groups. interface Display IGMP configuration information. Force10 #show ip igmp interface 1/0/2 Slot/Port........1/0/2 IGMP Admin Mode.........Enable Interface Mode........Disable IGMP Version........3 Query Interval (secs)......125...
Page 241: Port Mirroring
Port Mirroring This chapter contains the following sections: • Port Mirroring Features • Port Mirroring Commands on page 242 • Port Mirroring Configuration Examples on page 242 • Verifying Port Mirroring on page 244 Port Mirroring Features • Enables you to monitor network traffic with an external network analyzer •...
Page 242: Port Mirroring Commands
Port Mirroring Commands The following are common port mirroring commands using Figure 16-208 as a model: • Enable port mirroring session (default is disable): monitor session 1 mode • Configure mirrored port: monitor session 1 source interface 1/0/2 • Configure destination port/probe port: monitor session 1 destination interface 1/0/3 (Remove an existing destination port before replacing it with another.) •...
Page 243: Configuring The Mirrored Port And Destination Port
Configuring the mirrored port and destination port When enabled, the probe port monitors all traffic received and transmitted on the monitored port. A session is operationally active if and only if both a destination port and at least one source port is configured.
Page 244: Stopping The Mirroring Session And Removing Probe And Mirrored Ports
Stopping the mirroring session and removing probe and mirrored ports Figure 16-213. Command Examples: Removing port mirroring configuration Force10 (Config)#no monitor session 1 mode Force10 (Config)#no monitor session source Force10 (Config)#no monitor session destination Force10 (Config)#no monitor Note: Alternatively, you can use the no monitor command to disable port mirroring, which automatically removes the mirror and probe configuration from the source and destination ports.
Page 245: Using Other Commands That Show Port Mirroring Status
Using other commands that show port mirroring status You can use the command to show all existing probe ports and mirrored ports, along with show port all their operational status: Figure 16-215. Example of show port all Showing Port Mirroring Force10 S50 #show port all Admin Physical...
Page 246 Port Mirroring...
Page 247: Layer 3 Routing
Layer 3 Routing This chapter contains these major sections: • Enabling Routing on page 248 • IGMP Proxy on page 251 • RIP Configuration on page 255 • OSPF Configuration on page 257 • VLAN Routing on page 262 • Link Aggregation on page 269 •...
Page 248: Enabling Routing
Enabling Routing The S-Series always provides Layer 2 bridging, while Layer 3 routing must be explicitly enabled, first for the S-Series router as a whole, and then for each port that is to participate in the routed network. As introduced in the Getting Started chapter, use the command (see show version Figure 3-8 on page...
Page 249 Then invoke the following commands, assuming that you are still in Interface Config mode after completing the Layer 2 procedure (see Configuring Physical Interfaces on page 117): Step Command Syntax Command Mode Purpose ip routing Config Enable routing on the switch. interface Config To access the INTERFACE mode for the selected port, enter...
Page 250: Port Routing Configuration Example
Port Routing Configuration Example The diagram in this section shows a Layer 3 switch configured for port routing. It connects three different subnets, each connected to a different port. The example shows the commands you would use to configure the S-Series to provide the port routing support shown in the diagram. Figure 17-219.
Page 251: Igmp Proxy
Figure 17-220. Using the routing and ip address Commands to Enable Routing Force10 #config Force10 (Config)#interface 1/0/2 Force10 (Interface 1/0/2)#routing Force10 (Interface 1/0/2)#ip address 192.150.2.1 255.255.255.0 Force10 (Interface 1/0/2)#exit Force10 (Config)#interface 1/0/5 Force10 (Interface 1/0/5)#routing Force10 (Interface 1/0/5)#ip address 192.150.5.1 255.255.255.0 Force10 (Interface 1/0/5)#exit Force10 (Config)#exit IGMP Proxy...
Page 252: Igmp Proxy Configuration
IGMP Proxy Configuration The following procedure shows the basic steps for creation and configuring of an IGMP Proxy router. Step Command Syntax Command Mode Purpose ip routing Global Config Enable routing on the switch. ip multicast Global Config Enable multicast forwarding on the router. Note: No multicast routing protocols can be enabled on the router.
Page 253 Figure 17-221. IGMP Proxy Topology Figure 17-222. Configuring an Interface to Enable IGMP Proxy Force10 #config Force10 (Config)#ip routing Force10 (Config)#ip multicast Force10 (Config)#ip igmp Force10 (Config)#interface 1/0/48 Force10 (Interface 1/0/48)# no shutdown Force10 (Interface 1/0/48)#routing Force10 (Interface 1/0/48)#ip address 4.4.4.4 255.255.255.0 Force10 (Interface 1/0/48)#ip igmp-proxy Force10 (Interface 1/0/48)#exit Force10 (Config)#interface vlan 2...
Page 254: Verifying The Configuration
Verifying the configuration Verify the configuration with these show commands, in Privileged Exec or User Exec modes: Use the show ip igmp-proxy command to display host interface status parameters. It displays operational parameters only when IGMP Proxy is enabled, as shown in Figure 17-225 Figure 17-224.
Page 255: Rip Configuration
Figure 17-227. Using the show ip igmp-proxy interface Command Force10-S50V#show ip igmp-proxy interface VLAN .......... 2 Query Rcvd Report Rcvd Report Sent Leave Rcvd Leave Sent ----------------------------------------------------------------- ----- ----- ----- ----- For more IGMP information, see the IGMP Commands section of the IP Multicast Commands chapter in the SFTOS Command Reference.
Page 256: Rip Configuration Example
RIP Configuration Example The configuration commands used in the following example enable RIP on ports 1/0/2 and 1/0/3: 1. Enable routing for the switch. Figure 17-228. Using the ip routing Command to Enable Routing Force10 #config Force10 (Config)#ip routing 2. Enable routing and assign the IP for ports 1/0/2 and 1/0/3. Figure 17-229.
Page 257: Ospf Configuration
OSPF Configuration For larger networks, Open Shortest Path First (OSPF) is generally used in preference to RIP. OSPF offers several benefits to the administrator of a large and/or complex network: • Less network traffic: • Routing table updates are sent only when a change has occurred. •...
Page 258 Figure 17-232. OSPF Example Network Diagram: Inter-area Router 1. Enable routing for the switch. Figure 17-233. Enabling Routing for the Switch Force10 #config Force10 (Config)#ip routing 2. For ports 0/2 and 0/3, enable routing, and assign the IP: Figure 17-234. Enabling Routing for Ports Force10 #config Force10 (Config)#interface 1/0/2 Force10 (Interface 1/0/2)#routing...
Page 259 4. Enable OSPF for the ports and set the OSPF priority and cost for the ports. Figure 17-236. Using the ospf priority Command Force10 (Config)#interface 1/0/2 Force10 (Interface 1/0/2)#ip ospf Force10 (Interface 1/0/2)#ip ospf areaid 0.0.0.2 Force10 (Interface 1/0/2)#ip ospf priority 128 Force10 (Interface 1/0/2)#ip ospf cost 32 Force10 (Interface 1/0/2)#exit Force10 (Config)#interface 1/0/3...
Page 260: Configuring Ospf On An S-Series Operating As A Border Router
Configuring OSPF on an S-Series operating as a border router The next diagram shows the same network segment with the S-Series operating as the border router in area 0.0.0.2. The example shows the commands used to configure the switch with OSPF enabled on port 0/2 for communication with the inter-area router in the OSPF backbone, and on ports 0/3 and 0/4 for communication with subnets within area 0.0.0.2.
Page 261 3. Specify the router ID and enable OSPF for the switch. Set disable 1583compatibility to prevent the routing loop. Force10 (Config)#router ospf Force10 (Config router)#enable Force10 (Config router)#router-id 192.130.1.1 Force10 (Config router)#no 1583compatibility Force10 (Config router)#exit Force10 (Config)# 4. Enable OSPF for the ports and set the OSPF priority and cost for the ports. Force10 (Config)#interface 1/0/2 Force10 (Interface 1/0/2)#ip ospf Force10 (Interface 1/0/2)#ip ospf areaid 0.0.0.2...
Page 262: Vlan Routing
VLAN Routing This section introduces the basic commands for enabling VLAN routing and then provides examples for enabling VLAN routing over the OSPF and RIP protocols, in the following sections: • VLAN Routing Configuration on page 263 • VLAN Routing OSPF Configuration on page 264 •...
Page 263: Vlan Routing Configuration
VLAN Routing Configuration The VLAN chapter in this guide (VLANs on page 207) contains a detailed explanation of enabling an IP VLAN (routed VLAN) on one S-Series switch. See Creating a Routed VLAN on page 217. The example Figure 17-238 is a quick refresher on the sequence of commands that you execute on each switch participating in an IP VLAN: Figure 17-238.
Page 264: Vlan Routing Ospf Configuration
4. As above, create VLAN 200 on switch R2, add an IP address, subnet mask, and port 2 to it: R1 (Config)#interface vlan 200 R1 (Conf-if-vl-200)#ip address 10.11.12.144 255.255.255.0 R1 (Conf-if-vl-200)#tagged 1/0/2 5. Verify configurations with the show vlan id command on each switch.
Page 265 Figure 17-244. Configuring VLANs for OSPF Force10 #config Force10 (Config)#interface vlan 10 Force10 (Conf-if-vl-10)#tagged 1/0/01 Force10 (Conf-if-vl-10)#tagged 1/0/02 Force10 (Conf-if-vl-10)#ip address 10.1.1.1 255.255.255.0 Force10 (Conf-if-vl-10)#ip ospf Force10 (Conf-if-vl-10)#ip ospf areaid 2 Force10 (Conf-if-vl-10)#exit Force10 (Config)#interface vlan 20 Force10 (Conf-if-vl-20)#tagged 1/0/03 Force10 (Conf-if-vl-20)#ip address 10.10.1.2 255.255.255.0 Force10 (Conf-if-vl-10)#ip ospf Force10 (Conf-if-vl-10)#ip ospf areaid 2...
Page 266 Figure 17-247. Output of the show ip ospf Command after Enabling OSPF Force10#show ip ospf Router ID........1.1.1.1 OSPF Admin Mode........ Enable ASBR Mode........Disable RFC 1583 Compatibility......Enable ABR Status........Disable Exit Overflow Interval......0 External LSA Count......0 External LSA Checksum......
Page 267: Vlan Routing Rip Configuration
Figure 17-249. Output of the show ip ospf interface vlan Command Force10 #show ip ospf interface vlan 10 IP Address........10.1.1.1 Subnet Mask........255.255.255.0 OSPF Admin Mode........ Enable OSPF Area ID........0.0.0.2 Router Priority........ 1 Retransmit Interval......5 Hello Interval......... 10 Dead Interval........
Page 268 1. As done previously, create the VLANs and enable VLAN routing. In this example, commands in the Interface Config mode are used, an alternative to using the Interface VLAN mode commands shown in the previous example. Force10 #config Force10 (Config)#interface vlan 10 Force10 (Conf-if-vl-10)#tagged 1/0/2 Force10 (Conf-if-vl-10)#ip address 192.150.3.1 255.255.255.0 Force10 (Conf-if-vl-10)#exit...
Page 269: Link Aggregation
Link Aggregation A Link Aggregation Group (LAG) (also called a port channel) allows multiple physical links between two end-points to be treated as a single logical link. All of the physical links in a given LAG must operate in full-duplex mode at the same speed. A LAG will be treated by management functions as if it were a single physical port.
Page 270 Figure 17-253. Inspecting a Layer 3 LAG Configuration R1 (Config)#exit R1 #show interfaces port-channel brief LAG Status Ports --- ------ ------- 10 Down 1/0/10 (Down) 1/0/11 (Down) R1 #show ip interface ? <unit/slot/port> Enter interface in unit/slot/port format. vlan Display information about IP configuration settings for a Vlan. brief Display summary information about IP configuration settings for all ports.
Page 271: Virtual Router Redundancy Protocol
Virtual Router Redundancy Protocol In a static default routed environment, all hosts are configured with a single default gateway. The router that owns this gateway IP address takes care of forwarding traffic from the LAN to the other networks. When an end station is statically configured with the address of the router that will handle its routed traffic, a single point of failure is introduced into the network.
Page 272: Configuring Vrrp: Master Router (Router 1)
Figure 17-254. VRRP Example Network Configuration Layer 3 Switch acting as Router 2 Layer 3 Switch acting Port 0/4 as Router 1 192.150.2.4/24 Virtual Router ID 20 Virtual Addr. 192.150.2.1 Port 0/2 192.150.2.1 Virtual Router ID 20 Virtual Addr. 192.150.2.1 Layer 2 Switch Hosts Configuring VRRP: Master Router (Router 1)
Page 273: Configuring Vrrp: Backup Router (Router 2)
Figure 17-257. Configuring a port for a VRRP Group Force10 #config Force10 (Config)#interface 1/0/2 Force10 (Interface 1/0/2)no shutdown Force10 (Interface 1/0/2)#routing Force10 (Interface 1/0/2)#ip address 192.150.2.1 255.255.255.0 Force10 (Interface 1/0/2) 4. Assign a virtual router ID (VRID) (a VRRP group ID) to the port: Figure 17-258.
Page 274 4. Assign the same virtual router ID to the port as defined for Router 1. Force10 (Config)#interface 1/0/4 Force10 (Interface 1/0/4)#ip vrrp 20 5. Specify the virtual IP address that the VRRP function will recognize. Since the virtual IP address on port 1/0/4 is the same as Router 1’s port 1/0/2 actual IP address, this router will be the VRRP backup while Router 1 is active.
Page 275: Troubleshooting
Troubleshooting This chapter describes how to identify and resolve software problems related to SFTOS on an S-Series switch. Unless otherwise noted, the term refers to a standalone switch and to a switch stack. switch Additional troubleshooting information, such as LED descriptions, is provided in the hardware installation guide.
Page 276: Recovering From A Software Upgrade Failure
Note: In SFTOS 2.3.1.9, these messages also appear when moving from the routing image to the switching image without resetting the configuration to factory defaults from the Boot Menu. This issue results from the use of unique flash file formats. Use one of the following procedures to resolve this condition: •...
Page 277: Recovering From A Lost Password
Recovering from a Lost Password The default CLI user, , has read/write access, with no password until you create one. Once created, admin the only way to recover from a lost admin password is to reload the switch using factory defaults. See Restoring the System to the Factory Default Configuration on page Alternatively, if the user is not admin, then you can assign a new password to the user.
Page 278: Preventing Auto-Negotiation Mismatches
In addition to issuing the commands, use the show switch show stack show stack-port diag command to display communication statistics for the stacking ports: Figure 18-263. Using the show stack-port diag command Force10 S50 #show stack-port diag 1 - Stack Port A: RBYT:5fdd RPKT:53 TBYT:adf13 TPKT:8f2 RFCS:0 RFRG:0 RJBR:0 RUND:0 ROVR:0 TAGE:0 TABRT:0...
Page 279 When a local port connects to a remote port that does not support a speed of 1 Gbps, the speed on the local port may be shown as 100 full. The speed cannot be changed on the port if auto-negotiation is enabled, and the following error message will be reported (Note also that the following two figures display certain syslog messages because logging console 7...
Page 280: Monitoring Sfps
Cleaning and Inspecting Optical Fibers (http:// www.pxit.com/pdf/whitepapers/Cleaning&Inspecting.pdf). Note: The Dell Force10 quality assurance team has verified cases in which a fully functional port appears to be a bad port due to dirty optical connectors. The port fails loop testing with acceptable power measurement levels.
Page 281: Monitoring 10 Ge Interfaces
Monitoring 10 GE Interfaces If a 10-Gigabit Ethernet (10-GE) interface does not reach a link up state, use the following steps: 1. Verify that you are using the correct XFP type. Optical specifications are available on the Dell Force10 website: http://www.force10networks.com/products/specifications.asp...
Page 282: Troubleshooting No Output On The Console
The routing software first looks for the destination MAC address in the ARP table, which it maintains. If it finds the address in the ARP table, it sends the packet to the Layer 2 application, which resolves it and finds the egress port from which to send it. If the software cannot find the destination in the ARP table, it sends an ARP request.
Page 283 Flow Control........Disable Stop Bits........1 Parity......... none 3. If you contact the Dell Force10 Technical Assistance Center, please have the following information: • How long did it take for the switch to show a response to a keystroke? Troubleshooting | 283...
Page 284 • Was the switch able to pass user traffic while the issue was occurring? • What was the LED status? (If the switch remains able to pass traffic, the port LEDs should continue to blink. In particular, during a broadcast storm, all of the port LEDs should be blinking.) •...
Page 285: A Rfcs, Mibs, And Traps
RFCs, MIBs, and Traps This appendix contains these sections: • IEEE Compliance • RFC Compliance on page 286 • SNMP-related RFCs on page 289 • Industry MIBs Supported by SFTOS on page 290 • Force 10 MIBs on page 291 •...
Page 286: Rfc Compliance
• GMRP — Dynamic L2 Multicast Registration • GVRP — Dynamic VLAN Registration RFC Compliance The following is a list of the RFCs supported by FTOS, listed by related protocol. The RFC categories under headings that include the parenthetical phrase “in Layer 3 Package only” are supported only in the Layer 3 Package (Routing) of SFTOS 2.5.1.
Page 287: Management
• Draft-ietf-magma-igmp-proxy-06.txt — IGMP/MLD-based Multicast Forwarding (IGMP/MLD Proxying) • Draft-ietf-ssm-arch-05.txt — Source-Specific Multicast for IP • draft-ietf-magma-igmpv3-and-routing-05.txt — IGMPv3 and Multicast Routing Protocol Interaction Management • HTML 4.0 Specification — December, 1997 (also HTML 4.01 Specification - December, 1999) • Java and JavaScript 1.3 •...
Page 288: Qos
• RFC 2474 — Definition of the Differentiated Services Field (DS Field) in IPv4 Headers • RFC 2475 — An Architecture for Differentiated Services • RFC 2597 — Assured Forwarding PHB Group • RFC 3246 — An Expedited Forwarding PHB (Per-Hop Behavior) •...
Page 289: Security
• RFC 2233 — The Interfaces Group MIB using SMI v2 • RFC 2787 — VRRP MIB Security • RFC 1492 — TACACS+ • RFC 2865 — RADIUS • RFC 2866 — RADIUS Accounting • RFC 2868 — RADIUS Attributes for Tunnel Protocol Support •...
Page 290: Mibs
• RFC 2096: IP forwarding table MIB • RFC 2233: The Interfaces Group MIB using SMI v2 • RFC 2570: SNMP v3 • RFC 2571: An Architecture for Describing SNMP Management Frameworks • RFC 2665: Ethernet-like interfaces • RFC 2674: VLAN MIB •...
Page 291: Force 10 Mibs
Used as a reference MIB for IANAipRouteProtocol, IANAipMRouteProtocol Textual Conventions. RFC 2271 — SNMP Framework power_ethernet.my Power over Ethernet Force 10 MIBs You can see this list of Dell Force10-specific MIBs in the report: show sysinfo Table A-10. Dell Force10-specific MIBs Description FORCE10-REF-MIB...
Page 292 F10OS-QOS-DIFFSERV-PRIVATE-MIB F10OS Flex QOS DiffServ Private MIBs' definitions sftos_power_ethernet.my Power over Ethernet Dell Force10 MIBs not listed in the output of the show sysinfo command: F10OS-DHCPSERVER-PRIVATE-MIB The Dell Force10 Private MIB for S-Series DHCP Server F10OS-OUTBOUNDTELNET-PRIVATE-M The Dell Force10 Private MIB for SFTOS Outbound Telnet...
Page 293: Snmp Traps
SNMP Traps SNMP traps are the messages that are sent to designated trap receivers; they also appear in the report generated by the command, an abbreviated sample of which appears in show logging traplogs Figure A-269. A replication of the trap also appears in the System log, as described in Displaying the SNMP Trap Log on page 106.
Page 294 RFCs, MIBs, and Traps...
Page 295: Index
Index Symbols boot sequence, system boot system command .opr extension BootP {deny|permit} BootP/DHCP relay agent Numerics bootpdhcprelay command bootpdhcprelay enable command 10 GE module bootpdhcprelay maxhopcount command 10 GigE bootpdhcprelay minwaittime command 10/100/1000 Base-T Ethernet line card, auto negotiation bootpdhcprelay serverip command 1000 Base-T (IEEE 802.3ab) border router 1583compatibility...
Page 296 VLAN delete (image) command delete configuration file delete interface ECMP deleteport edge port enabling Dell Force10 MIBs edge port feature Dell Force10 SFTOS-POWER-ETHERNET-MIB EF (expedited forwarding) Dell Force10-specific MIBs Egress Rules, VLAN deny permit, QoS enable CLI command mode...
Page 297 Enabling Differentiated Services GARP Timers Enabling IGMP Snooping gateway, default Enabling Secure Management with SSH or SSL generate-keys.sh Enabling Traps Generic Attribute Registration Protocol (GARP) encapsulation command (VLAN) Global Config CLI command mode encapsulation, link-level Global Config Mode (SNMP traps) end station GMRP (GARP Multicast Registration Protocol) ENTITY-MIB...
Page 298 IGMP (Internet Group Management Protocol) Interface VLAN CLI command mode commands interface vlan command igmp command (VLAN) interfaces igmp enable command clearing counters igmp interfacemode enable all command Intra-area IGMP Proxy ip access-group IGMP Snooping ip access-group command image1 ip address image2 ip address command Independent VLAN Learning (IVL)
Page 299 ip vrrp command (VLAN) Link Down messages IPv4 (RFC 1812) Link Layer Discovery Protocol (LLDP) IPv4 Router Discovery (RFC 1256) Link Up messages iSupport List of logging hosts iSupport (SNMP information) LLDP IVL (Independent VLAN Learning) lldp command lldp mode command load balancing with VRRP load-balancing algorithm, traffic Jumbo Frame Support...
Page 300 1 source interface command MIB, Power-Ethernet no port-channel MIBs no shutdown command MIBs, counter no spanning-tree edgeport MIBs, Dell Force10-specific non-paged option MIBs, supported industry null interface mirrored port (source port) mode dot1q-tunnel command mode keyword modes, Global Config (SNMP traps)
Page 301 Privileged Exec CLI command mode Privileged Exec Mode (SNMP traps) packet-forwarding distribution algorithm probe port pagination, controlling CLI protected port group, configuring partitions protocol group command (VLAN) password recovery Protocol Independent Multicast—Dense Mode patents (PIM-DM) P-BRIDGE-MIB Protocol Independent Multicast—Sparse Mode Persistent log (PIM-SM) persistent log...
Page 302 Remote Authentication Dial-In User Service RFC 783 (RADIUS) RFC 791 resetting the stack RFC 792 restore configuration to factory defaults RFC 793 Restoring the Configuration to Factory Defaults RFC 854 RFC 1058 RFC Compliance RFC 1112 RFC list RFC 1122 RFC list, supported RFC 1157 RFC1213-MIB...
Page 303 Running Configuration, Clearing show diffserv command output running-config and system-config files, managing show diffserv service brief command output show dot1q-tunnel command show dvlan-tunnel command show dvlan-tunnel l2pdu-forwarding command S2410 documentation show eventlog command interface managementethernet command show eventlog example snmp-server community command show garp command S50V switch show gmrp configuration command...
Page 304 show ip ssh command show slot command show lldp interface command show slot sample output show lldp local-device command show sntp client command show lldp neighbors command show sntp command show lldp remote-device command show sntp server command show logging buffered command show spanning-tree brief command show logging command show spanning-tree command...
Page 305 SNMP-COMMUNITY-MIB SSH keys SNMP-FRAMEWORK-MIB SSH2 Server Support SNMP-MPD-MIB SSHv2 SNMP-NOTIFICATION-MIB stack command snmp-server community command (S50) stack maximum snmp-server enable traps bcaststorm command stack member communication snmp-server enable traps linkmode command stack size limits snmp-server enable traps multiusers command stack VLANs snmp-server enable traps stpmode command Stackability Commands snmp-server traps enable command...
Page 306 TACACS+ server connection options tacacs-server host command Verifying Management Port Connectivity tagged command (VLAN) Verifying Management Port Network Tech Tips and FAQ, S-Series Verifying Switch Numbers and OS Version Telnet Viewing Software Version Telnet (RFC 854) Virtual LAN (VLAN) terminal emulation virtual router ID (VRID) terminal length command Virtual Router Redundancy Protocol (VRRP)

This manual is also suitable for:

Force10

Dell Force10 S2410-01-10GE-24P Configuration Manual

1 About this Guide

2 SFTOS Features

3 Getting Started

4 Management

5 Stacking S-Series Switches

6 System Logs

7 Configuring Interfaces

8 Dhcp

9 Providing User Access Security

10 Spanning Tree

11 Link Aggregation

12 Quality of Service

13 Access Control

14 Vlans

15 IGMP Snooping

Quick Links

Troubleshooting

Related Manuals for Dell Force10 S2410-01-10GE-24P

Summary of Contents for Dell Force10 S2410-01-10GE-24P