PowerSwitch S5232F-ON

Dell PowerSwitch S5232F-ON User guide

  • Hello! I am an AI chatbot trained to assist you with the Dell PowerSwitch S5232F-ON User guide. I’ve already reviewed the document and can help you find the information you need or explain it in simple terms. Just ask your questions, and providing more details will help me assist you more effectively!
Dell EMC SmartFabric OS10 User Guide
Release 10.5.1
09 2020
Rev. A00
Notes, cautions, and warnings
NOTE: A NOTE indicates important information that helps you make better use of your product.
CAUTION: A CAUTION indicates either potential damage to hardware or loss of data and tells you how to avoid
the problem.
WARNING: A WARNING indicates a potential for property damage, personal injury, or death.
© 2020 Dell Inc. or its subsidiaries. All rights reserved. Dell, EMC, and other trademarks are trademarks of Dell Inc. or its subsidiaries. Other
trademarks may be trademarks of their respective owners.
Chapter 1: About this guide......................................................................................................... 27
Conventions........................................................................................................................................................................27
Related Documents...........................................................................................................................................................27
Documentation Feedback................................................................................................................................................27
Chapter 2: Change history...........................................................................................................28
Chapter 3: Getting Started with Dell EMC SmartFabric OS10...................................................... 30
Switch with factory-installed OS10............................................................................................................................... 31
Log in ..............................................................................................................................................................................31
Check OS10 version....................................................................................................................................................32
OS10 upgrade............................................................................................................................................................... 32
Check OS10 license.....................................................................................................................................................40
Re-install license ..........................................................................................................................................................41
Switch without OS installed............................................................................................................................................ 41
Uninstall existing OS....................................................................................................................................................41
Download OS10 image................................................................................................................................................42
Installation using ONIE............................................................................................................................................... 43
Log in .............................................................................................................................................................................45
Install OS10 license......................................................................................................................................................46
Downgrade to Release 10.5.0.0 or earlier releases................................................................................................... 48
Roll back from 10.5.1.0 or later release to 10.5.0.0 or earlier release............................................................. 50
Switch deployment options............................................................................................................................................ 50
Manual CLI configuration.......................................................................................................................................... 50
ZTD-automated switch deployment....................................................................................................................... 50
Ansible-automated switch provisioning.................................................................................................................. 51
Feature limitation on the Z9100-ON and S5200-ON series switches.............................................................51
Feature limitations on Z9332F-ON switch.............................................................................................................51
Remote access................................................................................................................................................................... 51
Configure Management IP address......................................................................................................................... 51
Configure Management route ................................................................................................................................. 52
Configure username and password.........................................................................................................................52
Chapter 4: CLI Basics.................................................................................................................. 54
CONFIGURATION mode..................................................................................................................................................55
Check device status......................................................................................................................................................... 56
Related Videos..............................................................................................................................................................57
Command help................................................................................................................................................................... 57
Candidate configuration.................................................................................................................................................. 58
Copy running configuration ............................................................................................................................................ 61
Restore startup configuration .......................................................................................................................................62
Reload system image........................................................................................................................................................63
Filter show commands..................................................................................................................................................... 63
Common OS10 commands.............................................................................................................................................. 64
Contents
Contents 3
boot.................................................................................................................................................................................64
commit........................................................................................................................................................................... 64
configure........................................................................................................................................................................64
copy................................................................................................................................................................................ 65
delete..............................................................................................................................................................................66
dir.....................................................................................................................................................................................67
discard............................................................................................................................................................................68
do.....................................................................................................................................................................................68
end.................................................................................................................................................................................. 69
exit.................................................................................................................................................................................. 69
hostname.......................................................................................................................................................................69
license.............................................................................................................................................................................70
lock..................................................................................................................................................................................70
management route....................................................................................................................................................... 71
move................................................................................................................................................................................ 71
no.....................................................................................................................................................................................72
ping..................................................................................................................................................................................72
ping6............................................................................................................................................................................... 74
reload.............................................................................................................................................................................. 75
show boot......................................................................................................................................................................76
show candidate-configuration..................................................................................................................................76
show environment....................................................................................................................................................... 79
show inventory.............................................................................................................................................................79
show ip management-route......................................................................................................................................80
show ipv6 management-route................................................................................................................................. 80
show license status......................................................................................................................................................81
show running-configuration.......................................................................................................................................81
show startup-configuration...................................................................................................................................... 84
show system.................................................................................................................................................................85
show version.................................................................................................................................................................87
start.................................................................................................................................................................................87
system............................................................................................................................................................................ 87
system-cli disable........................................................................................................................................................ 88
system-user linuxadmin disable................................................................................................................................88
system identifier.......................................................................................................................................................... 88
terminal.......................................................................................................................................................................... 89
traceroute......................................................................................................................................................................89
unlock............................................................................................................................................................................. 90
username password role.............................................................................................................................................91
write................................................................................................................................................................................92
Chapter 5: Advanced CLI tasks....................................................................................................93
Command alias................................................................................................................................................................... 93
Multi-line alias...............................................................................................................................................................94
alias................................................................................................................................................................................. 96
alias (multi-line)............................................................................................................................................................97
default (alias)............................................................................................................................................................... 98
description (alias)........................................................................................................................................................98
line (alias)...................................................................................................................................................................... 98
show alias...................................................................................................................................................................... 99
4
Contents
Batch mode.......................................................................................................................................................................100
batch.............................................................................................................................................................................100
Linux shell commands......................................................................................................................................................101
Using OS9 commands.................................................................................................................................................... 103
feature config-os9-style.......................................................................................................................................... 103
Chapter 6: Dell EMC SmartFabric OS10 zero-touch deployment.................................................104
ZTD DHCP server configuration.................................................................................................................................. 106
ZTD provisioning script.................................................................................................................................................. 106
ZTD CLI batch file............................................................................................................................................................107
Post-ZTD script............................................................................................................................................................... 108
ZTD commands................................................................................................................................................................ 108
reload ztd.....................................................................................................................................................................108
show ztd-status......................................................................................................................................................... 108
ztd cancel.................................................................................................................................................................... 109
Chapter 7: Dell EMC SmartFabric OS10 provisioning.................................................................. 110
Using Ansible..................................................................................................................................................................... 110
Example: Configure an OS10 switch using Ansible................................................................................................... 111
Chapter 8: System management................................................................................................. 114
System banners................................................................................................................................................................ 114
Login banner................................................................................................................................................................ 114
Message of the day banner......................................................................................................................................115
System banner commands....................................................................................................................................... 115
User session management..............................................................................................................................................116
User session management commands...................................................................................................................117
Telnet server......................................................................................................................................................................118
Telnet commands....................................................................................................................................................... 119
Simple Network Management Protocol......................................................................................................................119
SNMP security models and levels..........................................................................................................................120
MIBs.............................................................................................................................................................................. 120
SNMPv3........................................................................................................................................................................121
Configure SNMP........................................................................................................................................................ 122
SNMP commands...................................................................................................................................................... 126
Example: Configure SNMP...................................................................................................................................... 135
System clock.....................................................................................................................................................................136
Time zones and UTC offset reference................................................................................................................. 137
System Clock commands.........................................................................................................................................153
Network Time Protocol..................................................................................................................................................155
Enable NTP..................................................................................................................................................................155
Broadcasts...................................................................................................................................................................156
Source IP address......................................................................................................................................................156
Authentication............................................................................................................................................................ 157
Sample NTP configuration.......................................................................................................................................158
NTP commands...........................................................................................................................................................161
Precision Time Protocol................................................................................................................................................. 166
Supported platforms................................................................................................................................................. 169
PTP installation scale and limits............................................................................................................................. 169
Contents
5
Configuration notes...................................................................................................................................................169
Configure Precision Time Protocol........................................................................................................................170
View PTP information............................................................................................................................................... 173
Example: Configure boundary clock with L2 transport method..................................................................... 175
Example: Configure boundary clock with IPv4 multicast transport method............................................... 176
Example: Configure boundary clock with IPv4 unicast transport method...................................................176
Example: Configure end-to-end transparent clock............................................................................................177
Example: Configure boundary clock with IPv4 unicast transport method and L3 VLAN......................... 178
Example: Configure PTP in a multinode setup....................................................................................................179
PTP commands.......................................................................................................................................................... 186
Dynamic Host Configuration Protocol........................................................................................................................201
Packet format and options..................................................................................................................................... 202
DHCP server.............................................................................................................................................................. 204
Automatic address allocation................................................................................................................................. 204
Hostname resolution................................................................................................................................................ 205
Manual binding entries.............................................................................................................................................206
View DHCP Information...........................................................................................................................................207
DHCP relay agent..................................................................................................................................................... 208
DHCP snooping......................................................................................................................................................... 208
System domain name and list.................................................................................................................................224
DHCP commands...................................................................................................................................................... 225
DNS commands..........................................................................................................................................................241
Containers.........................................................................................................................................................................243
Chapter 9: Interfaces................................................................................................................ 246
Ethernet interfaces........................................................................................................................................................ 246
Unified port groups.........................................................................................................................................................247
Z9264F-ON port-group profiles..................................................................................................................................248
Port-groups on S5200F-ON switches.......................................................................................................................249
L2 mode configuration...................................................................................................................................................256
L3 mode configuration...................................................................................................................................................257
Fibre Channel interfaces............................................................................................................................................... 257
Configuring wavelength.......................................................................................................................................... 259
Management interface ................................................................................................................................................. 259
Management interface ........................................................................................................................................... 260
VLAN interfaces..............................................................................................................................................................260
User-configured default VLAN....................................................................................................................................260
VLAN scale profile........................................................................................................................................................... 261
Loopback interfaces.......................................................................................................................................................262
Port-channel interfaces.................................................................................................................................................262
Create port-channel................................................................................................................................................. 263
Add port member...................................................................................................................................................... 263
Minimum links.............................................................................................................................................................264
Assign Port Channel IP Address............................................................................................................................264
Remove or disable port-channel............................................................................................................................264
Load balance traffic..................................................................................................................................................265
Change hash algorithm............................................................................................................................................265
Configure interface ranges...........................................................................................................................................265
Switch-port profiles....................................................................................................................................................... 266
S4148-ON Series port profiles............................................................................................................................... 267
6
Contents
S4148U-ON port profiles.........................................................................................................................................268
Configure negotiation modes on interfaces............................................................................................................. 269
Configure breakout mode............................................................................................................................................. 270
Breakout auto-configuration......................................................................................................................................... 271
Reset default configuration.......................................................................................................................................... 272
Forward error correction...............................................................................................................................................273
Energy-efficient Ethernet............................................................................................................................................. 274
Enable energy-efficient Ethernet..........................................................................................................................275
Clear EEE counters...................................................................................................................................................275
View EEE status/statistics..................................................................................................................................... 275
EEE commands.......................................................................................................................................................... 276
View interface configuration........................................................................................................................................ 279
Digital optical monitoring...............................................................................................................................................282
Enable DOM and DOM traps..................................................................................................................................283
Default MTU Configuration.......................................................................................................................................... 284
Interface commands.......................................................................................................................................................285
channel-group............................................................................................................................................................285
default interface........................................................................................................................................................285
default vlan-id............................................................................................................................................................ 287
description (Interface).............................................................................................................................................288
duplex...........................................................................................................................................................................288
enable dom..................................................................................................................................................................289
enable dom traps.......................................................................................................................................................289
feature auto-breakout............................................................................................................................................. 290
fec.................................................................................................................................................................................290
interface breakout.................................................................................................................................................... 290
interface ethernet......................................................................................................................................................291
interface loopback..................................................................................................................................................... 291
interface mgmt.......................................................................................................................................................... 292
interface null...............................................................................................................................................................292
interface port-channel............................................................................................................................................. 292
interface range.......................................................................................................................................................... 293
interface vlan............................................................................................................................................................. 293
link-bundle-utilization...............................................................................................................................................294
mode.............................................................................................................................................................................294
mode l3........................................................................................................................................................................ 295
mtu............................................................................................................................................................................... 295
negotiation..................................................................................................................................................................296
port mode Eth............................................................................................................................................................ 297
port-group...................................................................................................................................................................298
profile........................................................................................................................................................................... 298
scale-profile vlan....................................................................................................................................................... 299
show discovered-expanders...................................................................................................................................299
show interface...........................................................................................................................................................300
show interface transceiver Tunable wavelength”............................................................................................301
show inventory media.............................................................................................................................................. 302
show link-bundle-utilization....................................................................................................................................303
show port-channel summary..................................................................................................................................303
show port-group....................................................................................................................................................... 304
show switch-port-profile........................................................................................................................................ 305
Contents
7
show system.............................................................................................................................................................. 306
show unit-provision.................................................................................................................................................. 306
show vlan.................................................................................................................................................................... 307
shutdown.....................................................................................................................................................................307
speed (Fibre Channel)............................................................................................................................................. 308
speed (Management)...............................................................................................................................................308
switch-port-profile....................................................................................................................................................308
switchport access vlan.............................................................................................................................................310
switchport mode.........................................................................................................................................................311
switchport trunk allowed vlan................................................................................................................................. 311
unit-provision...............................................................................................................................................................311
wavelength.................................................................................................................................................................. 312
default mtu.................................................................................................................................................................. 312
show default mtu....................................................................................................................................................... 313
Chapter 10: PowerEdge MX Ethernet I/O modules..................................................................... 314
Operating modes..............................................................................................................................................................314
Changing operating modes............................................................................................................................................316
Restrictions....................................................................................................................................................................... 316
Port groups on I/O modules......................................................................................................................................... 316
Double-density QSFP28 interfaces.............................................................................................................................316
Virtual ports...................................................................................................................................................................... 319
Single-density QSFP28 interfaces...............................................................................................................................321
Server-facing interfaces............................................................................................................................................... 323
Replace MX Ethernet I/O modules.............................................................................................................................324
Deployment instructions..........................................................................................................................................324
Replace an IOM in Full-Switch VLT...................................................................................................................... 324
Replace an IOM in SmartFabric.............................................................................................................................325
MX-IOM Hardware Replacement................................................................................................................................328
View SmartFabric Services configuration.................................................................................................................328
Chapter 11: Fibre Channel.......................................................................................................... 329
Fibre Channel over Ethernet........................................................................................................................................330
Configure FIP snooping............................................................................................................................................ 331
Terminology...................................................................................................................................................................... 332
Virtual fabric.....................................................................................................................................................................332
Fibre Channel zoning......................................................................................................................................................335
F_Port on Ethernet........................................................................................................................................................ 336
Pinning FCoE traffic to a specific port of a port-channel.....................................................................................337
Sample FSB configuration on VLT network........................................................................................................339
Sample FC Switch configuration on VLT network.............................................................................................341
Sample FSB configuration on non-VLT network...............................................................................................343
Sample FC Switch configuration on non-VLT network................................................................................... 344
Multiswitch fabric (E Port)...........................................................................................................................................346
Configure multiswitch fabric (E Port)..................................................................................................................348
Verify multiswitch fabric (E Port) configuration...............................................................................................350
Multiswitch fabric (E Port) CLI commands........................................................................................................355
Multi-hop FIP-snooping bridge.................................................................................................................................... 370
Configuration notes................................................................................................................................................... 371
8
Contents
Configure multi-hop FSB..........................................................................................................................................371
Verify multi-hop FSB configuration.......................................................................................................................377
Sample Multi-hop FSB configuration....................................................................................................................378
Configuration guidelines.................................................................................................................................................391
NPIV Proxy Gateway cascading..................................................................................................................................392
Support for untagged VLAN in FCoE.........................................................................................................................394
Rebalance FC sessions (NPG).....................................................................................................................................394
Load balancing after system reboot...........................................................................................................................395
NPG rebalance topology......................................................................................................................................... 395
NPG switch configurations.....................................................................................................................................395
Example: Manual rebalance trigger.......................................................................................................................397
Equivalent RESTCONF request for the rebalancing CLIs...............................................................................399
F_Port commands.......................................................................................................................................................... 399
fc alias..........................................................................................................................................................................400
fc zone.........................................................................................................................................................................400
fc zoneset...................................................................................................................................................................400
feature fc..................................................................................................................................................................... 401
member (alias)............................................................................................................................................................401
member (zone).......................................................................................................................................................... 402
member (zoneset).................................................................................................................................................... 402
show fc alias...............................................................................................................................................................402
show fc interface-area-id mapping...................................................................................................................... 403
show fc ns switch..................................................................................................................................................... 403
show fc zone..............................................................................................................................................................404
show fc zoneset........................................................................................................................................................ 404
zone default-zone permit........................................................................................................................................406
zoneset activate........................................................................................................................................................406
NPG commands.............................................................................................................................................................. 406
fc port-mode F.......................................................................................................................................................... 406
feature fc npg............................................................................................................................................................ 407
show npg devices......................................................................................................................................................407
show npg uplink-interface...................................................................................................................................... 408
F_Port and NPG commands........................................................................................................................................ 409
clear fc statistics........................................................................................................................................................410
fcoe .............................................................................................................................................................................. 410
fcoe delay fcf-adv..................................................................................................................................................... 410
name.............................................................................................................................................................................. 411
Re-balance the FC sessions.....................................................................................................................................411
show npg uplink-interface....................................................................................................................................... 413
show npg node-interface.........................................................................................................................................415
show fc statistics.......................................................................................................................................................416
show fc switch............................................................................................................................................................417
show running-config vfabric................................................................................................................................... 417
show vfabric................................................................................................................................................................417
vfabric...........................................................................................................................................................................418
vfabric (interface)..................................................................................................................................................... 418
vlan................................................................................................................................................................................ 419
FIP-snooping commands................................................................................................................................................419
feature fip-snooping..................................................................................................................................................419
fip-snooping enable.................................................................................................................................................. 420
Contents
9
fip-snooping fc-map................................................................................................................................................. 420
fip-snooping port-mode...........................................................................................................................................420
FCoE commands.............................................................................................................................................................. 421
clear fcoe database................................................................................................................................................... 421
clear fcoe statistics................................................................................................................................................... 421
fcoe delay fcf-adv.....................................................................................................................................................422
fcoe-pinned-port ......................................................................................................................................................422
fcoe max-sessions-per-enodemac........................................................................................................................422
fcoe priority-bits........................................................................................................................................................423
lldp tlv-select dcbxp-appln fcoe............................................................................................................................ 423
re-balance fc npg sessions vfabric....................................................................................................................... 424
show fcoe enode.......................................................................................................................................................425
show fcoe fcf.............................................................................................................................................................426
show fcoe pinned-port.............................................................................................................................................427
show fcoe sessions................................................................................................................................................... 427
show fcoe statistics..................................................................................................................................................427
show fcoe system..................................................................................................................................................... 428
show fcoe vlan...........................................................................................................................................................429
Chapter 12: Layer 2................................................................................................................... 430
802.1X................................................................................................................................................................................ 430
Port authentication....................................................................................................................................................431
EAP over RADIUS..................................................................................................................................................... 432
Configure 802.1X.......................................................................................................................................................432
Enable 802.1X.............................................................................................................................................................433
Identity retransmissions...........................................................................................................................................434
Failure quiet period................................................................................................................................................... 434
Port control mode.....................................................................................................................................................435
Reauthenticate a port.............................................................................................................................................. 436
Configure timeouts................................................................................................................................................... 437
Configure RADIUS server........................................................................................................................................438
802.1X commands..................................................................................................................................................... 438
RADIUS server commands......................................................................................................................................443
Far-end failure detection.............................................................................................................................................. 445
Enable FEFD globally................................................................................................................................................ 447
Enable FEFD on interface....................................................................................................................................... 448
Reset FEFD err-disabled interface........................................................................................................................448
Display FEFD information........................................................................................................................................ 448
FEFD Commands.......................................................................................................................................................449
Link Aggregation Control Protocol............................................................................................................................. 452
Modes.......................................................................................................................................................................... 452
Configuration..............................................................................................................................................................452
Interfaces.................................................................................................................................................................... 453
Rates............................................................................................................................................................................ 454
Sample configuration............................................................................................................................................... 454
LACP fallback.............................................................................................................................................................458
LACP commands.......................................................................................................................................................460
Link Layer Discovery Protocol..................................................................................................................................... 467
Mandatory TLVs........................................................................................................................................................468
Optional TLVs.............................................................................................................................................................468
10
Contents
Configure LLDP.......................................................................................................................................................... 471
Example: Advertise TLVs configuration...............................................................................................................478
View LLDP configuration.........................................................................................................................................478
View LLDP neighbor advertisements................................................................................................................... 479
LLDP-MED..................................................................................................................................................................480
LLDP commands........................................................................................................................................................484
Media Access Control.................................................................................................................................................... 497
Static MAC Address................................................................................................................................................. 497
MAC Address Table.................................................................................................................................................. 497
Clear MAC Address Table....................................................................................................................................... 498
MAC Commands........................................................................................................................................................498
Spanning-tree protocol................................................................................................................................................. 500
Introduction to STP...................................................................................................................................................501
Common STP commands........................................................................................................................................507
Rapid per-VLAN spanning-tree.............................................................................................................................. 514
Rapid Spanning-Tree Protocol...............................................................................................................................524
Multiple Spanning-Tree............................................................................................................................................ 531
Virtual LANs..................................................................................................................................................................... 545
Default VLAN............................................................................................................................................................. 545
Create or remove VLANs........................................................................................................................................ 546
Access mode.............................................................................................................................................................. 547
Trunk mode.................................................................................................................................................................548
Assign IP address...................................................................................................................................................... 548
View VLAN configuration........................................................................................................................................549
VLAN Scaling.............................................................................................................................................................. 551
VLAN commands....................................................................................................................................................... 551
Port monitoring............................................................................................................................................................... 553
Local port monitoring...............................................................................................................................................553
Remote port monitoring.......................................................................................................................................... 554
Encapsulated remote port monitoring................................................................................................................. 556
Flow-based monitoring............................................................................................................................................ 557
Remote port monitoring on VLT........................................................................................................................... 558
Port monitoring commands.................................................................................................................................... 560
Chapter 13: Layer 3................................................................................................................... 565
Virtual routing and forwarding.....................................................................................................................................565
Configure management VRF..................................................................................................................................565
Configure non-default VRF instances..................................................................................................................568
VRF configuration..................................................................................................................................................... 570
View VRF instance information..............................................................................................................................574
Static route leaking...................................................................................................................................................575
VRF commands..........................................................................................................................................................582
Bidirectional Forwarding Detection............................................................................................................................ 589
BFD session states................................................................................................................................................... 590
BFD three-way handshake..................................................................................................................................... 590
BFD configuration......................................................................................................................................................591
Configure BFD globally............................................................................................................................................ 592
BFD for BGP.............................................................................................................................................................. 592
BFD for OSPF............................................................................................................................................................ 596
BFD for Static routes...............................................................................................................................................600
Contents
11
BFD commands..........................................................................................................................................................603
Border Gateway Protocol..............................................................................................................................................610
Sessions and peers.....................................................................................................................................................611
Martian addresses..................................................................................................................................................... 612
Route reflectors......................................................................................................................................................... 612
Multiprotocol BGP..................................................................................................................................................... 612
Attributes.....................................................................................................................................................................613
Disable announcement of ASN values.................................................................................................................. 613
Selection criteria........................................................................................................................................................ 613
Weight and local preference................................................................................................................................... 614
Multiexit discriminators............................................................................................................................................ 615
Origin............................................................................................................................................................................ 615
AS path and next-hop...............................................................................................................................................615
Best path selection....................................................................................................................................................616
More path support.....................................................................................................................................................616
Advertise cost.............................................................................................................................................................617
4-Byte AS numbers................................................................................................................................................... 617
AS number migration.................................................................................................................................................617
Graceful restart..........................................................................................................................................................618
Configure Border Gateway Protocol.....................................................................................................................618
Enable BGP................................................................................................................................................................. 619
BGP over unnumbered interfaces......................................................................................................................... 621
Configure Dual Stack............................................................................................................................................... 623
Configure administrative distance........................................................................................................................ 623
Peer templates...........................................................................................................................................................624
Neighbor fall-over..................................................................................................................................................... 628
Configure password................................................................................................................................................. 629
Fast external fallover................................................................................................................................................ 631
Passive peering..........................................................................................................................................................632
Local AS.......................................................................................................................................................................633
AS number limit......................................................................................................................................................... 634
Redistribute routes................................................................................................................................................... 635
Additional paths.........................................................................................................................................................635
MED attributes.......................................................................................................................................................... 636
Local preference attribute......................................................................................................................................636
Weight attribute........................................................................................................................................................ 637
Enable multipath........................................................................................................................................................637
Route-map filters...................................................................................................................................................... 638
Route reflector clusters...........................................................................................................................................638
Aggregate routes...................................................................................................................................................... 639
Confederations.......................................................................................................................................................... 640
Route dampening....................................................................................................................................................... 641
Timers.......................................................................................................................................................................... 642
Neighbor soft-reconfiguration............................................................................................................................... 642
Redistribute iBGP route to OSPF......................................................................................................................... 643
Example - BGP in a VLT topology.........................................................................................................................646
Example - Three-tier CLOS topology with eBGP.............................................................................................. 651
Debug BGP................................................................................................................................................................. 656
BGP commands.........................................................................................................................................................656
Equal cost multi-path.....................................................................................................................................................697
12
Contents
Load balancing........................................................................................................................................................... 697
Maximum ECMP groups and paths....................................................................................................................... 701
ECMP commands.......................................................................................................................................................701
IPv4 routing......................................................................................................................................................................705
Assign interface IP address.................................................................................................................................... 705
Configure static routing...........................................................................................................................................707
Address Resolution Protocol.................................................................................................................................. 707
IPv4 routing commands...........................................................................................................................................708
IPv6 routing.......................................................................................................................................................................713
Enable or disable IPv6...............................................................................................................................................713
IPv6 addresses............................................................................................................................................................714
Stateless autoconfiguration.....................................................................................................................................716
Neighbor Discovery................................................................................................................................................... 716
Duplicate address discovery....................................................................................................................................718
Static IPv6 routing.....................................................................................................................................................718
IPv6 destination unreachable..................................................................................................................................719
IPv6 hop-by-hop options......................................................................................................................................... 719
View IPv6 information...............................................................................................................................................719
IPv6 commands......................................................................................................................................................... 720
Open shortest path first.................................................................................................................................................731
Autonomous system areas.......................................................................................................................................731
Areas, networks, and neighbors.............................................................................................................................732
Router types...............................................................................................................................................................732
Designated and backup designated routers........................................................................................................733
Link-state advertisements...................................................................................................................................... 734
Router priority............................................................................................................................................................ 734
Shortest path first throttling..................................................................................................................................735
OSPFv2........................................................................................................................................................................736
OSPFv3........................................................................................................................................................................769
Object tracking manager...............................................................................................................................................790
Interface tracking.......................................................................................................................................................791
Host tracking..............................................................................................................................................................792
Set tracking delays....................................................................................................................................................793
Object tracking.......................................................................................................................................................... 793
View tracked objects................................................................................................................................................793
OTM commands........................................................................................................................................................ 794
Policy-based routing.......................................................................................................................................................797
Access-list to match route-map............................................................................................................................ 797
Set address to match route-map.......................................................................................................................... 797
Assign route-map to interface............................................................................................................................... 798
View PBR information.............................................................................................................................................. 798
Policy-based routing per VRF................................................................................................................................ 799
Configuring PBR per VRF....................................................................................................................................... 799
PBR and VLT..............................................................................................................................................................799
Sample configuration............................................................................................................................................... 802
Track route reachability...........................................................................................................................................803
Use PBR to permit and block specific traffic.....................................................................................................804
View PBR configuration.......................................................................................................................................... 805
PBR commands......................................................................................................................................................... 806
Virtual Router Redundancy Protocol......................................................................................................................... 808
Contents
13
Configuration............................................................................................................................................................. 809
Create virtual router................................................................................................................................................. 810
Group version............................................................................................................................................................. 810
Virtual IP addresses....................................................................................................................................................811
Configure virtual IP address.....................................................................................................................................811
Configure virtual IP address in a VRF................................................................................................................... 812
Set group priority.......................................................................................................................................................813
Authentication............................................................................................................................................................ 814
Disable preempt..........................................................................................................................................................814
Advertisement interval............................................................................................................................................. 815
Interface/object tracking.........................................................................................................................................816
Configure tracking.....................................................................................................................................................816
VRRP commands........................................................................................................................................................817
Chapter 14: Multicast................................................................................................................ 823
Important notes...............................................................................................................................................................823
Configure multicast routing..........................................................................................................................................824
Unknown multicast flood control................................................................................................................................ 824
Enable multicast flood control............................................................................................................................... 826
Multicast Commands..................................................................................................................................................... 826
multicast snooping flood-restrict.......................................................................................................................... 826
Internet Group Management Protocol.......................................................................................................................826
Standards compliance.............................................................................................................................................. 827
Important notes......................................................................................................................................................... 827
Supported IGMP versions....................................................................................................................................... 827
Query interval.............................................................................................................................................................827
Last member query interval.................................................................................................................................... 827
Maximum response time..........................................................................................................................................828
IGMP immediate leave............................................................................................................................................. 828
Select an IGMP version........................................................................................................................................... 828
View IGMP-enabled interfaces and groups........................................................................................................ 828
IGMP snooping.......................................................................................................................................................... 829
IGMP commands........................................................................................................................................................831
Multicast Listener Discovery Protocol.......................................................................................................................842
MLD snooping............................................................................................................................................................ 842
MLD snooping commands.......................................................................................................................................844
Protocol Independent Multicast..................................................................................................................................850
PIM terminology.........................................................................................................................................................851
Standards compliance...............................................................................................................................................851
PIM-SM........................................................................................................................................................................851
PIM-SSM.....................................................................................................................................................................852
Configure expiry timers for S, G entries..............................................................................................................853
Configure static rendezvous point........................................................................................................................853
Configure dynamic RP using the BSR mechanism............................................................................................854
Configure designated router priority....................................................................................................................856
PIM commands..........................................................................................................................................................856
PIM-SM sample configuration............................................................................................................................... 868
PIM-SSM sample configuration.............................................................................................................................872
Multicast VRF sample configuration...........................................................................................................................877
VLT multicast routing.................................................................................................................................................... 885
14
Contents
Multicast routing table synchronization.............................................................................................................. 885
IGMP message synchronization............................................................................................................................ 886
Egress mask............................................................................................................................................................... 886
Spanned VLAN...........................................................................................................................................................886
Deployment considerations.....................................................................................................................................886
Example: Spanned L3 VLAN IIF............................................................................................................................. 886
Example: Active-active PIM in a square VLT topology....................................................................................894
VLT multicast routing commands......................................................................................................................... 925
Chapter 15: VXLAN ................................................................................................................... 927
VXLAN concepts.............................................................................................................................................................928
VXLAN as NVO solution................................................................................................................................................929
Configure VXLAN............................................................................................................................................................929
Configure source IP address on VTEP.................................................................................................................929
Configure a VXLAN virtual network..................................................................................................................... 930
Configure VLAN-tagged access ports.................................................................................................................930
Configure untagged access ports..........................................................................................................................931
Enable overlay routing between virtual networks............................................................................................. 932
Advertise VXLAN source IP address ...................................................................................................................934
Configure VLT............................................................................................................................................................934
L3 VXLAN route scaling ............................................................................................................................................... 936
DHCP relay on VTEPs ...................................................................................................................................................937
View VXLAN configuration........................................................................................................................................... 937
VXLAN MAC addresses.................................................................................................................................................940
VXLAN commands..........................................................................................................................................................942
hardware overlay-routing-profile.......................................................................................................................... 942
interface virtual-network........................................................................................................................................ 942
ip virtual-router address..........................................................................................................................................943
ip virtual-router mac-address.................................................................................................................................943
member-interface..................................................................................................................................................... 943
nve................................................................................................................................................................................ 944
remote-vtep............................................................................................................................................................... 944
show hardware overlay-routing-profile mode....................................................................................................945
show interface virtual-network............................................................................................................................. 945
show nve remote-vtep............................................................................................................................................ 946
show nve remote-vtep counters...........................................................................................................................946
show nve vxlan-vni................................................................................................................................................... 947
show virtual-network............................................................................................................................................... 947
show virtual-network counters..............................................................................................................................948
show virtual-network interface counters............................................................................................................948
show virtual-network interface............................................................................................................................. 949
show virtual-network vlan...................................................................................................................................... 949
show vlan (virtual network)................................................................................................................................... 950
source-interface loopback...................................................................................................................................... 950
virtual-network...........................................................................................................................................................951
virtual-network untagged-vlan...............................................................................................................................951
vxlan-vni.......................................................................................................................................................................951
VXLAN MAC commands............................................................................................................................................... 952
clear mac address-table dynamic nve remote-vtep......................................................................................... 952
clear mac address-table dynamic virtual-network............................................................................................952
Contents
15
show mac address-table count extended...........................................................................................................953
show mac address-table count nve......................................................................................................................953
show mac address-table count virtual-network................................................................................................954
show mac address-table extended.......................................................................................................................954
show mac address-table nve................................................................................................................................. 955
show mac address-table virtual-network........................................................................................................... 956
Example: VXLAN with static VTEP.............................................................................................................................957
BGP EVPN for VXLAN.................................................................................................................................................. 969
BGP EVPN compared to static VXLAN...............................................................................................................969
VXLAN BGP EVPN operation.................................................................................................................................970
Configure BGP EVPN for VXLAN......................................................................................................................... 972
VXLAN BGP EVPN routing..................................................................................................................................... 976
BGP EVPN with VLT................................................................................................................................................980
VXLAN BGP commands........................................................................................................................................... 981
VXLAN EVPN commands........................................................................................................................................986
Example: VXLAN with BGP EVPN........................................................................................................................ 995
Example: VXLAN BGP EVPN Multiple AS topology ................................................................................. 1016
Example: VXLAN BGP EVPN Centralized L3 gateway.............................................................................1037
Example: VXLAN BGP EVPN Border leaf gateway with asymmetric IRB........................................... 1039
Example: VXLAN BGP EVPNSymmetric IRB............................................................................................... 1043
Example - VXLAN BGP EVPN symmetric IRB with unnumbered BGP peering....................................... 1066
Example: Migrating from Asymmetric IRB to Symmetric IRB...................................................................... 1080
Controller-provisioned VXLAN...................................................................................................................................1083
Configure controller-provisioned VXLAN.......................................................................................................... 1084
Configure and control VXLAN from VMware vCenter...................................................................................1087
Example: VXLAN with a controller configuration............................................................................................ 1090
VXLAN Controller commands...............................................................................................................................1094
Chapter 16: UFT modes............................................................................................................ 1100
Configure UFT modes....................................................................................................................................................1101
IPv6 extended prefix routes.................................................................................................................................. 1102
UFT commands...............................................................................................................................................................1102
hardware forwarding-table mode.........................................................................................................................1102
hardware l3 ipv6-extended-prefix ...................................................................................................................... 1103
show hardware forwarding-table mode..............................................................................................................1103
show hardware forwarding-table mode all.........................................................................................................1104
show hardware l3..................................................................................................................................................... 1104
Chapter 17: Security................................................................................................................. 1105
Switch security...............................................................................................................................................................1105
User management....................................................................................................................................................1105
AAA...............................................................................................................................................................................1119
Boot security............................................................................................................................................................. 1133
Switch management access.................................................................................................................................. 1144
Switch management statistics..............................................................................................................................1156
X.509v3 certificates................................................................................................................................................1160
Network security............................................................................................................................................................1184
Access control lists.................................................................................................................................................. 1184
DHCP snooping.........................................................................................................................................................1184
16
Contents
802.1X port access control ...................................................................................................................................1185
Port security..............................................................................................................................................................1185
Chapter 18: OpenFlow.............................................................................................................. 1201
OpenFlow logical switch instance............................................................................................................................. 1202
OpenFlow controller..................................................................................................................................................... 1202
OpenFlow version 1.3................................................................................................................................................... 1202
Ports........................................................................................................................................................................... 1202
Flow table.................................................................................................................................................................. 1203
Group table............................................................................................................................................................... 1203
Meter table................................................................................................................................................................1203
Instructions............................................................................................................................................................... 1203
Action set.................................................................................................................................................................. 1203
Action types..............................................................................................................................................................1204
Counters.................................................................................................................................................................... 1204
OpenFlow protocol..................................................................................................................................................1206
OpenFlow use cases......................................................................................................................................................1218
Configure OpenFlow......................................................................................................................................................1219
Establish TLS connection...................................................................................................................................... 1220
OpenFlow commands....................................................................................................................................................1221
controller.................................................................................................................................................................... 1221
dpid-mac-address....................................................................................................................................................1222
in-band-mgmt...........................................................................................................................................................1222
max-backoff..............................................................................................................................................................1223
mode openflow-only............................................................................................................................................... 1223
openflow.................................................................................................................................................................... 1224
probe-interval........................................................................................................................................................... 1224
protocol-version.......................................................................................................................................................1224
rate-limit packet_in.................................................................................................................................................1225
show openflow......................................................................................................................................................... 1226
show openflow flows..............................................................................................................................................1226
show openflow ports.............................................................................................................................................. 1227
show openflow switch............................................................................................................................................1228
show openflow switch controllers.......................................................................................................................1229
switch......................................................................................................................................................................... 1230
OpenFlow-only mode commands.............................................................................................................................. 1230
Chapter 19: Access Control Lists..............................................................................................1233
IP ACLs............................................................................................................................................................................ 1233
MAC ACLs.......................................................................................................................................................................1233
Control-plane ACLs.......................................................................................................................................................1234
Control-plane ACL qualifiers................................................................................................................................. 1234
IP fragment handling.................................................................................................................................................... 1235
L3 ACL rules................................................................................................................................................................... 1235
Assign sequence number to filter..............................................................................................................................1236
Delete ACL rule.............................................................................................................................................................. 1237
L2 and L3 ACLs..............................................................................................................................................................1237
Assign and apply ACL filters....................................................................................................................................... 1238
Ingress ACL filters.........................................................................................................................................................1239
Contents
17
Egress ACL filters..........................................................................................................................................................1239
VTY ACLs........................................................................................................................................................................ 1240
SNMP ACLs....................................................................................................................................................................1240
Clear access-list counters............................................................................................................................................1241
IP prefix-lists................................................................................................................................................................... 1241
Route-maps..................................................................................................................................................................... 1241
Match routes.................................................................................................................................................................. 1243
Set conditions.................................................................................................................................................................1243
Continue clause..............................................................................................................................................................1244
ACL flow-based monitoring........................................................................................................................................ 1244
Enable flow-based monitoring....................................................................................................................................1245
View ACL table utilization report...............................................................................................................................1246
Known behavior........................................................................................................................................................1247
ACL logging.....................................................................................................................................................................1248
Important notes....................................................................................................................................................... 1248
ACL commands.............................................................................................................................................................. 1248
clear ip access-list counters................................................................................................................................. 1248
clear ipv6 access-list counters.............................................................................................................................1249
clear mac access-list counters.............................................................................................................................1249
deny............................................................................................................................................................................ 1249
deny (IPv6)............................................................................................................................................................... 1250
deny (MAC)............................................................................................................................................................... 1251
deny icmp................................................................................................................................................................... 1251
deny icmp (IPv6)..................................................................................................................................................... 1252
deny ip........................................................................................................................................................................1252
deny ipv6................................................................................................................................................................... 1253
deny tcp..................................................................................................................................................................... 1253
deny tcp (IPv6)........................................................................................................................................................1254
deny udp.................................................................................................................................................................... 1255
deny udp (IPv6).......................................................................................................................................................1256
description.................................................................................................................................................................1256
ip access-group........................................................................................................................................................1257
ip access-list............................................................................................................................................................. 1257
ip as-path access-list..............................................................................................................................................1257
ip community-list standard deny..........................................................................................................................1258
ip communitylist standard permit......................................................................................................................1258
ip extcommunity-list standard deny....................................................................................................................1259
ip extcommunity-list standard permit.................................................................................................................1259
ip prefix-list description......................................................................................................................................... 1260
ip prefix-list deny.....................................................................................................................................................1260
ip prefix-list permit..................................................................................................................................................1260
ip prefix-list seq deny..............................................................................................................................................1261
ip prefix-list seq permit........................................................................................................................................... 1261
ipv6 access-group................................................................................................................................................... 1262
ipv6 access-list........................................................................................................................................................ 1262
ipv6 prefix-list deny................................................................................................................................................ 1262
ipv6 prefix-list description.....................................................................................................................................1263
ipv6 prefix-list permit............................................................................................................................................. 1263
ipv6 prefix-list seq deny.........................................................................................................................................1264
ipv6 prefix-list seq permit......................................................................................................................................1264
18
Contents
mac access-group................................................................................................................................................... 1264
mac access-list........................................................................................................................................................ 1265
permit......................................................................................................................................................................... 1265
permit (IPv6)............................................................................................................................................................ 1266
permit (MAC)........................................................................................................................................................... 1267
permit icmp............................................................................................................................................................... 1267
permit icmp (IPv6).................................................................................................................................................. 1268
permit ip.....................................................................................................................................................................1268
permit ipv6................................................................................................................................................................ 1269
permit tcp..................................................................................................................................................................1269
permit tcp (IPv6).....................................................................................................................................................1270
permit udp.................................................................................................................................................................. 1271
permit udp (IPv6)..................................................................................................................................................... 1271
remark.........................................................................................................................................................................1272
seq deny.....................................................................................................................................................................1273
seq deny (IPv6)........................................................................................................................................................1273
seq deny (MAC).......................................................................................................................................................1274
seq deny icmp...........................................................................................................................................................1275
seq deny icmp (IPv6)..............................................................................................................................................1275
seq deny ip................................................................................................................................................................ 1276
seq deny ipv6............................................................................................................................................................1276
seq deny tcp..............................................................................................................................................................1277
seq deny tcp (IPv6)................................................................................................................................................ 1278
seq deny udp.............................................................................................................................................................1279
seq deny udp (IPv6)............................................................................................................................................... 1280
seq permit................................................................................................................................................................. 1280
seq permit (IPv6)..................................................................................................................................................... 1281
seq permit (MAC)....................................................................................................................................................1282
seq permit icmp........................................................................................................................................................1282
seq permit icmp (IPv6).......................................................................................................................................... 1283
seq permit ip............................................................................................................................................................. 1283
seq permit ipv6.........................................................................................................................................................1284
seq permit tcp.......................................................................................................................................................... 1285
seq permit tcp (IPv6)............................................................................................................................................. 1286
seq permit udp......................................................................................................................................................... 1286
seq permit udp (IPv6).............................................................................................................................................1287
show access-group................................................................................................................................................. 1288
show access-lists.................................................................................................................................................... 1289
show acl-table-usage detail.................................................................................................................................. 1290
show ip as-path-access-list .................................................................................................................................1293
show ip community-list.......................................................................................................................................... 1294
show ip extcommunity-list.................................................................................................................................... 1294
show ip prefix-list.................................................................................................................................................... 1295
show logging access-list........................................................................................................................................1295
Route-map commands.................................................................................................................................................1295
continue..................................................................................................................................................................... 1295
match as-path.......................................................................................................................................................... 1296
match community....................................................................................................................................................1296
match extcommunity..............................................................................................................................................1296
match interface........................................................................................................................................................1297
Contents
19
match ip address......................................................................................................................................................1297
match ip next-hop...................................................................................................................................................1298
match ipv6 address.................................................................................................................................................1298
match ipv6 next-hop.............................................................................................................................................. 1298
match metric............................................................................................................................................................ 1299
match origin.............................................................................................................................................................. 1299
match route-type.................................................................................................................................................... 1299
match tag.................................................................................................................................................................. 1300
route-map..................................................................................................................................................................1300
set comm-list add....................................................................................................................................................1300
set comm-list delete................................................................................................................................................1301
set community...........................................................................................................................................................1301
set extcomm-list add..............................................................................................................................................1302
set extcomm-list delete......................................................................................................................................... 1302
set extcommunity....................................................................................................................................................1302
set local-preference................................................................................................................................................1303
set metric.................................................................................................................................................................. 1303
set metric-type........................................................................................................................................................ 1303
set next-hop............................................................................................................................................................. 1304
set origin....................................................................................................................................................................1305
set tag........................................................................................................................................................................ 1305
set weight................................................................................................................................................................. 1305
show route-map.......................................................................................................................................................1306
Chapter 20: Quality of service.................................................................................................. 1307
Configure quality of service........................................................................................................................................ 1307
Ingress traffic classification........................................................................................................................................1309
Data traffic classification.......................................................................................................................................1309
Control-plane policing............................................................................................................................................. 1313
Egress traffic classification.........................................................................................................................................1320
Policing traffic.................................................................................................................................................................1321
Mark Traffic.................................................................................................................................................................... 1322
Color traffic.....................................................................................................................................................................1322
Modify packet fields..................................................................................................................................................... 1322
Shaping traffic................................................................................................................................................................1323
Bandwidth allocation.....................................................................................................................................................1323
Strict priority queuing...................................................................................................................................................1324
Rate adjustment............................................................................................................................................................ 1325
Buffer management......................................................................................................................................................1326
Configure ingress buffer........................................................................................................................................ 1327
Configure egress buffer.........................................................................................................................................1328
Deep Buffer mode................................................................................................................................................... 1329
Congestion avoidance.................................................................................................................................................. 1330
Storm control................................................................................................................................................................. 1332
RoCE for faster access and lossless connectivity.................................................................................................1332
Configure RoCE on the switch.............................................................................................................................1332
RoCE for VXLAN over VLT................................................................................................................................... 1336
Buffer statistics tracking....................................................................................................................................... 1344
Port to port-pipe and MMU mapping.......................................................................................................................1345
QoS commands..............................................................................................................................................................1350
20
Contents
/