Download Print this page

Creating A Separate Vlan For File Downloads - Dell PowerConnect PC7024 Technical White Paper

Stacking gigabit ethernet switches

Hide thumbs Also See for PowerConnect PC7024:

Stacking instructions (37 pages)

,

Reference manual (1788 pages)

,

Configuration manual (1270 pages)

Table Of Contents

Table of Contents

Advertisement

Stacking Dell PowerConnect 7000 Series Switches

Mode........................................... FTP

FTP Server IP.................................. 10.27.64.141

FTP Path.......................................

FTP Filename................................... PC7000_4.0.0.6.stk

Data Type...................................... Code

Destination Filename........................... image

Creating a Separate VLAN for File Downloads

When updating the firmware, it is helpful to keep the in-band management port in a different VLAN

and configure the port VLAN ID (PVID) appropriately to avoid the possibility of network congestion or

flooding issues impacting the file download.

The CLI commands in the following example show how to configure port gi1/0/17 as an in-band

management port for firmware downloads or management access.

console#configure

console (config)#vlan database

console (vlan)#vlan 1000

console (vlan)#exit

console (config)#interface vlan 1000

console (config-if-vlan1000)#ip address 192.168.21.11 255.255.255.0

console (config-if-vlan1000)#exit

console (Config)#interface ethernet gi1/0/17

console (config-if-gi1/0/7)#switchport mode general

console (config-if-gi1/0/7)#switchport general pvid 1000

console (config-if-gi1/0/7)#switchport general allowed vlan add 1000

console (config-if-gi1/0/7)#switchport general allowed vlan remove 1

console (config-if-gi1/0/7)#exit

console (config-macal)#management access-list MGMT_VLAN

console (config-macal)#permit ip-source 192.168.21.0 mask /24 vlan 1000

console (config-macal)#service ssh

console (config-macal)#exit

console (config)#management access-class MGMT_VLAN

The switch now segregates traffic arriving on port gi1/0/17 onto VLAN 1000. All untagged packets that

enter the port are tagged with a VLAN ID of 1000. Additionally, only hosts with an IP address in the

192.168.21.XXX subnet are allowed access to the switch using SSH. The 192.168.XXX.XXX address block

is a private address space per RFC 1918. As an added security measure, network administrators can

configure their organization's edge routers to drop ingress and egress traffic destined to this address

block.

Page 11

Table of Contents

Advertisement

Table of Contents

This manual is also suitable for:

Powerconnect pc7048 Powerconnect pc7024p Powerconnect pc7048p Powerconnect pc7024f Powerconnect pc7048r Powerconnect pc7048r-ra ... Show all