PowerSwitch S4148U-ON

Dell PowerSwitch S4148U-ON Owner's manual

  • Hello, I'm your chat assistant. I have read the Dell EMC SmartFabric OS10 User Guide. This document provides detailed information regarding the OS10 software for network switches, covering topics from initial setup, CLI usage, advanced configuration options like zero-touch deployment and Ansible provisioning, to the SmartFabric services and advanced network management with the SmartFabric Director. I am ready to assist with your questions about specific features.
  • How can I check the OS10 version?
    How can I install a license?
    What type of deployment options does this switch support?
    How do I enable SmartFabric Services on the switch?
Dell EMC SmartFabric OS10 用户指南
版本 10.5.0
Identifier GUID-5B8DE7B7-879F-45A4-88E0-732155904029
Version 13
Status Translation Validated
注意、小心和警告
: “注意”表示帮助您更好地使用该产品的重要信息。
小心: “小心”表示可能会损坏硬件或导致数据丢失并告诉您如何避免此类问题。
警告: “警告”表示可能会导致财产损失、人身伤害甚至死亡。
© 2019 Dell Inc. 或其子公司。保留所有权利。DellEMC 和其他商标是 Dell Inc. 或其附属机构的商标。其他商标可能是其各自所有
者的商标。
2019 - 12
Rev. A03
1 更改历史记录...............................................................................................................................29
2 系统........................................................................................................................................... 31
出厂安装 OS10 的交换机.................................................................................................................................................. 32
登录.................................................................................................................................................................................32
检查 OS10 版本............................................................................................................................................................. 33
OS10 升级.......................................................................................................................................................................33
检查 OS10 许可证.........................................................................................................................................................40
重新安装许可证.............................................................................................................................................................41
未安装操作系统的交换机.................................................................................................................................................. 41
卸载现有操作系统........................................................................................................................................................42
下载 OS10 映像............................................................................................................................................................. 42
使用 ONIE 进行安装.....................................................................................................................................................43
登录.................................................................................................................................................................................46
安装 OS10 许可证.........................................................................................................................................................46
交换机部署选项..................................................................................................................................................................48
手动 CLI 配置.................................................................................................................................................................49
ZTD - 自动交换机部署.................................................................................................................................................49
Ansible 自动交换机调配...............................................................................................................................................49
远程访问.............................................................................................................................................................................. 49
配置管理 IP 地址...........................................................................................................................................................49
配置管理路由................................................................................................................................................................ 50
配置用户名和密码........................................................................................................................................................50
3 CLI 基本信息...............................................................................................................................52
CONFIGURATION 模式..................................................................................................................................................... 53
检查设备状态...................................................................................................................................................................... 53
命令帮助.............................................................................................................................................................................. 55
候选配置.............................................................................................................................................................................. 55
复制正在运行的配置..........................................................................................................................................................58
还原启动配置......................................................................................................................................................................58
重新加载系统映像..............................................................................................................................................................59
筛选 show 命令...................................................................................................................................................................59
常见 OS10 命令...................................................................................................................................................................60
boot................................................................................................................................................................................. 60
commit............................................................................................................................................................................ 60
configure..........................................................................................................................................................................61
copy..................................................................................................................................................................................61
delete...............................................................................................................................................................................62
dir.....................................................................................................................................................................................63
discard.............................................................................................................................................................................64
do.....................................................................................................................................................................................64
end...................................................................................................................................................................................65
exit...................................................................................................................................................................................65
目录
目录
3
hostname........................................................................................................................................................................65
license............................................................................................................................................................................. 66
lock.................................................................................................................................................................................. 66
management route........................................................................................................................................................ 67
move................................................................................................................................................................................67
no.....................................................................................................................................................................................68
ping..................................................................................................................................................................................68
ping6................................................................................................................................................................................70
reload................................................................................................................................................................................71
show boot....................................................................................................................................................................... 72
show candidate-configuration......................................................................................................................................72
show environment......................................................................................................................................................... 74
show inventory...............................................................................................................................................................75
show ip management-route......................................................................................................................................... 75
show ipv6 management-route.....................................................................................................................................76
show license status....................................................................................................................................................... 76
show running-configuration..........................................................................................................................................77
show startup-configuration..........................................................................................................................................79
show system.................................................................................................................................................................. 80
show version................................................................................................................................................................... 81
start................................................................................................................................................................................. 82
系统.................................................................................................................................................................................82
system-cli disable...........................................................................................................................................................83
system-user linuxadmin disable....................................................................................................................................83
system identifier.............................................................................................................................................................83
terminal........................................................................................................................................................................... 84
traceroute.......................................................................................................................................................................84
unlock..............................................................................................................................................................................85
username password role...............................................................................................................................................86
write................................................................................................................................................................................ 86
4 高级 CLI 任务..............................................................................................................................88
命令别名.............................................................................................................................................................................. 88
多行别名.........................................................................................................................................................................89
别名..................................................................................................................................................................................91
别名多行................................................................................................................................................................ 92
默认值别名............................................................................................................................................................ 93
说明别名................................................................................................................................................................ 93
别名.................................................................................................................................................................... 93
show alias........................................................................................................................................................................94
批处理模式.......................................................................................................................................................................... 95
batch............................................................................................................................................................................... 96
Linux shell 命令....................................................................................................................................................................96
使用 OS9 命令.....................................................................................................................................................................98
feature config-os9-style...............................................................................................................................................98
5 零接触部署................................................................................................................................. 99
ZTD DHCP 服务器配置....................................................................................................................................................100
ZTD 调配脚本..................................................................................................................................................................... 101
4
目录
ZTD CLI 批处理文件......................................................................................................................................................... 102
ZTD 后脚本.........................................................................................................................................................................102
ZTD 命令.............................................................................................................................................................................103
reload ztd...................................................................................................................................................................... 103
show ztd-status........................................................................................................................................................... 103
ztd cancel......................................................................................................................................................................104
6 OS10 调配.................................................................................................................................105
使用 Ansible........................................................................................................................................................................105
示例使用 Ansible 配置 OS10 交换机..........................................................................................................................106
7 SmartFabric 服务...................................................................................................................... 109
SmartFabric 服务特性...................................................................................................................................................... 109
适用于分支和主干的 SmartFabric 服务.................................................................................................................. 109
适用于 PowerEdge MX SmartFabric 服务.......................................................................................................... 110
适用于分支和主干的 SmartFabric 服务..........................................................................................................................111
SmartFabric 服务组件....................................................................................................................................................... 112
SmartFabric 服务逻辑实体...............................................................................................................................................113
上行链路........................................................................................................................................................................114
上行链路绑定选项....................................................................................................................................................... 114
生成树注意事项........................................................................................................................................................... 115
集成设备的动态加入...................................................................................................................................................115
静态加入的服务器....................................................................................................................................................... 115
非集成设备的静态加入...............................................................................................................................................115
在交换机上启用 SmartFabric 服务................................................................................................................................. 115
使用 GUI 启用 SmartFabric 服务............................................................................................................................... 116
SmartFabric 服务图形用户界面.......................................................................................................................................116
配置 SmartFabric 服务初始设置................................................................................................................................117
更新默认结构、交换机名称和描述向导..................................................................................................................118
为外部网络连接向导创建上行链路.......................................................................................................................... 118
分解交换机端口向导.................................................................................................................................................. 120
配置跳转主机向导...................................................................................................................................................... 120
更新网络配置向导...................................................................................................................................................... 120
将服务器板载连接到结构向导...................................................................................................................................121
编辑默认结构设置向导...............................................................................................................................................121
结构操作和生命周期管理.................................................................................................................................................121
SmartFabric 命令...............................................................................................................................................................122
smartfabric l3fabric enable..........................................................................................................................................122
show smartfabric cluster.............................................................................................................................................122
show smartfabric cluster member............................................................................................................................. 123
show smartfabric details............................................................................................................................................. 124
show smartfabric networks........................................................................................................................................ 124
show smartfabric nodes..............................................................................................................................................125
show smartfabric personality......................................................................................................................................125
show smartfabric uplinks.............................................................................................................................................126
show smartfabric validation-error.............................................................................................................................. 127
8 SmartFabric Director.................................................................................................................128
在交换机上启用 SmartFabric Director 模式................................................................................................................. 128
目录
5
支持 SmartFabric Director................................................................................................................................................128
gRPC 网络管理接口代理.................................................................................................................................................128
使用 SmartFabric Director 的生命周期管理................................................................................................................. 130
SmartFabric Director 命令................................................................................................................................................ 131
switch-operating mode............................................................................................................................................... 132
gnmi-security-profile....................................................................................................................................................132
show switch-operating-mode.....................................................................................................................................132
show sfd status............................................................................................................................................................ 133
9 系统管理................................................................................................................................... 134
系统横标............................................................................................................................................................................. 134
登录横标....................................................................................................................................................................... 134
MOTD 横标...................................................................................................................................................................135
系统横标命令...............................................................................................................................................................135
用户会话管理.....................................................................................................................................................................136
用户会话管理命令.......................................................................................................................................................137
Telnet 服务器..................................................................................................................................................................... 138
Telnet 命令................................................................................................................................................................... 138
简单网络管理协议............................................................................................................................................................ 139
SNMP 安全模式和级别..............................................................................................................................................139
MIB.................................................................................................................................................................................140
SNMPv3.........................................................................................................................................................................141
配置 SNMP...................................................................................................................................................................142
SNMP 命令...................................................................................................................................................................146
示例配置 SNMP...................................................................................................................................................... 154
系统时钟.............................................................................................................................................................................155
时区和 UTC 偏离参考................................................................................................................................................ 156
系统时钟命令................................................................................................................................................................171
网络时间协议.....................................................................................................................................................................173
启用 NTP.......................................................................................................................................................................174
转播................................................................................................................................................................................174
IP 地址......................................................................................................................................................................175
身份验证....................................................................................................................................................................... 175
示例 NTP 配置............................................................................................................................................................. 176
NTP 命令.......................................................................................................................................................................179
动态主机配置协议............................................................................................................................................................ 184
数据包格式和选项...................................................................................................................................................... 185
DHCP 服务器............................................................................................................................................................... 186
自动地址分配...............................................................................................................................................................186
主机名称解析...............................................................................................................................................................187
手动绑定条目...............................................................................................................................................................188
DHCP 中继代理........................................................................................................................................................... 189
查看 DHCP 信息..........................................................................................................................................................190
系统域名和列表...........................................................................................................................................................190
DHCP 侦听.................................................................................................................................................................... 191
DHCP 命令...................................................................................................................................................................207
DHCP 侦听命令........................................................................................................................................................... 213
DNS 命令...................................................................................................................................................................... 219
IPv4 DHCP 限制...........................................................................................................................................................221
6
目录
10 接口....................................................................................................................................... 223
以太网接口........................................................................................................................................................................ 223
统一端口组........................................................................................................................................................................ 223
Z9264F-ON port-group profiles......................................................................................................................................225
S5200F-ON 交换机上的端口组.....................................................................................................................................226
L2 模式配置.......................................................................................................................................................................233
L3 模式配置.......................................................................................................................................................................234
光纤通道接口....................................................................................................................................................................234
配置波长...................................................................................................................................................................... 236
管理接口............................................................................................................................................................................ 236
管理接口.......................................................................................................................................................................237
VLAN 接口......................................................................................................................................................................... 237
用户配置的默认 VLAN.....................................................................................................................................................237
VLAN 扩展配置文件.........................................................................................................................................................238
环回接口............................................................................................................................................................................ 239
端口通道接口....................................................................................................................................................................239
创建端口通道..............................................................................................................................................................240
添加端口成员..............................................................................................................................................................240
最小链路数................................................................................................................................................................... 241
分配端口通道 IP 地址.................................................................................................................................................241
卸下或禁用端口通道.................................................................................................................................................. 241
负载均衡流量.............................................................................................................................................................. 242
更改哈希算法.............................................................................................................................................................. 242
配置接口范围....................................................................................................................................................................242
交换机端口配置文件........................................................................................................................................................243
S4148-ON 系列端口配置文件...................................................................................................................................244
S4148U-ON 端口配置文件........................................................................................................................................245
在接口上配置协商模式................................................................................................................................................... 246
配置分解模式.................................................................................................................................................................... 247
分解自动配置....................................................................................................................................................................248
重置默认配置....................................................................................................................................................................249
转发纠错............................................................................................................................................................................ 250
节能以太网.........................................................................................................................................................................251
启用节能以太网...........................................................................................................................................................251
清除 EEE 计数器.........................................................................................................................................................252
查看 EEE 状态/统计信息.......................................................................................................................................... 252
EEE 命令...................................................................................................................................................................... 253
查看接口配置....................................................................................................................................................................256
数字光学监控....................................................................................................................................................................259
启用 DOM DOM 陷阱........................................................................................................................................... 259
接口命令.............................................................................................................................................................................261
channel-group...............................................................................................................................................................261
default interface........................................................................................................................................................... 261
default vlan-id.............................................................................................................................................................. 263
description (Interface)................................................................................................................................................264
duplex............................................................................................................................................................................264
enable dom...................................................................................................................................................................265
enable dom traps.........................................................................................................................................................265
目录
7
feature auto-breakout................................................................................................................................................ 266
fec................................................................................................................................................................................. 266
interface breakout....................................................................................................................................................... 267
interface ethernet........................................................................................................................................................267
interface loopback....................................................................................................................................................... 267
interface mgmt............................................................................................................................................................ 268
interface null.................................................................................................................................................................268
interface port-channel................................................................................................................................................269
interface range.............................................................................................................................................................269
interface vlan................................................................................................................................................................270
link-bundle-utilization.................................................................................................................................................. 270
mode............................................................................................................................................................................. 270
mode l3.......................................................................................................................................................................... 271
mtu................................................................................................................................................................................ 272
negotiation....................................................................................................................................................................272
port mode Eth..............................................................................................................................................................274
port-group.................................................................................................................................................................... 274
profile............................................................................................................................................................................ 275
scale-profile vlan..........................................................................................................................................................275
show discovered-expanders...................................................................................................................................... 276
show interface............................................................................................................................................................. 276
show interface transceiver Tunable wavelength............................................................................................ 278
show inventory media................................................................................................................................................. 278
show link-bundle-utilization........................................................................................................................................279
show port-channel summary..................................................................................................................................... 280
show port-group.......................................................................................................................................................... 281
show switch-port-profile............................................................................................................................................282
show system................................................................................................................................................................ 282
show unit-provision.....................................................................................................................................................283
show vlan......................................................................................................................................................................283
shutdown......................................................................................................................................................................284
speed光纤通道....................................................................................................................................................284
speed管理............................................................................................................................................................285
switch-port-profile...................................................................................................................................................... 285
switchport access vlan............................................................................................................................................... 287
switchport mode..........................................................................................................................................................287
switchport trunk allowed vlan....................................................................................................................................288
unit-provision............................................................................................................................................................... 288
wavelength...................................................................................................................................................................289
11 PowerEdge MX 以太网 I/O 模块.................................................................................................290
运行模式............................................................................................................................................................................ 290
更改操作模式....................................................................................................................................................................292
限制.....................................................................................................................................................................................292
I/O 模块上的端口组.........................................................................................................................................................292
双密度 QSFP28 接口....................................................................................................................................................... 292
虚拟端口............................................................................................................................................................................ 295
单密度 QSFP28 接口....................................................................................................................................................... 297
面向服务器的接口............................................................................................................................................................299
8
目录
更换 SmartFabric 中的 MX 以太网 IO 模块................................................................................................................. 300
部署说明...................................................................................................................................................................... 300
更换 SmartFabric 中的 IOM......................................................................................................................................300
12 光纤通道................................................................................................................................. 304
以太网光纤通道................................................................................................................................................................305
配置 FIP 侦听.............................................................................................................................................................. 305
术语.....................................................................................................................................................................................307
虚拟结构............................................................................................................................................................................ 307
光纤通道分区....................................................................................................................................................................309
以太网上的 F_Port............................................................................................................................................................ 311
FCoE 流量固定到端口通道的特定端口.................................................................................................................... 311
VLT 网络上的 FSB 配置示例.....................................................................................................................................313
VLT 网络上的 FC 交换机配置示例.......................................................................................................................... 316
VLT 网络上的 FSB 配置示例................................................................................................................................317
VLT 网络上的 FC 交换机配置示例..................................................................................................................... 319
多跳 FIP 侦听桥................................................................................................................................................................ 320
配置说明....................................................................................................................................................................... 321
配置多跳 FSB...............................................................................................................................................................321
验证多跳 FSB 配置.....................................................................................................................................................327
多跳 FSB 配置示例.....................................................................................................................................................328
配置指导准则....................................................................................................................................................................342
NPIV 代理网关级联..........................................................................................................................................................342
FCoE 中支持未标记的 VLAN.................................................................................................................................... 345
F_Port 命令....................................................................................................................................................................... 345
fc alias........................................................................................................................................................................... 345
fc zone..........................................................................................................................................................................345
fc zoneset.....................................................................................................................................................................346
feature fc......................................................................................................................................................................346
member别名........................................................................................................................................................ 347
member (zone)............................................................................................................................................................ 347
成员分区集.......................................................................................................................................................... 347
show fc alias.................................................................................................................................................................348
show fc interface-area-id mapping...........................................................................................................................348
show fc ns switch....................................................................................................................................................... 349
show fc zone................................................................................................................................................................349
show fc zoneset..........................................................................................................................................................350
zone default-zone permit............................................................................................................................................351
zoneset activate..........................................................................................................................................................352
NPG 命令...........................................................................................................................................................................352
fc port-mode F............................................................................................................................................................ 352
feature fc npg.............................................................................................................................................................. 352
show npg devices........................................................................................................................................................353
F_Port NPG 命令........................................................................................................................................................ 353
clear fc statistics......................................................................................................................................................... 354
fcoe .............................................................................................................................................................................. 354
name............................................................................................................................................................................. 355
show fc statistics........................................................................................................................................................ 355
show fc switch............................................................................................................................................................ 356
目录
9
show running-config vfabric......................................................................................................................................356
show vfabric.................................................................................................................................................................356
vfabric........................................................................................................................................................................... 357
vfabric (interface)....................................................................................................................................................... 357
vlan................................................................................................................................................................................358
FIP 侦听命令..................................................................................................................................................................... 358
feature fip-snooping....................................................................................................................................................358
fip-snooping enable.....................................................................................................................................................359
fip-snooping fc-map....................................................................................................................................................359
fip-snooping port-mode..............................................................................................................................................360
FCoE 命令..........................................................................................................................................................................360
clear fcoe database.....................................................................................................................................................360
clear fcoe statistics......................................................................................................................................................361
fcoe-pinned-port..........................................................................................................................................................361
fcoe max-sessions-per-enodemac.............................................................................................................................361
fcoe priority-bits.......................................................................................................................................................... 362
lldp tlv-select dcbxp-appln fcoe................................................................................................................................ 362
show fcoe enode......................................................................................................................................................... 363
show fcoe fcf...............................................................................................................................................................363
show fcoe pinned-port............................................................................................................................................... 363
show fcoe sessions..................................................................................................................................................... 364
show fcoe statistics.................................................................................................................................................... 364
show fcoe system....................................................................................................................................................... 365
show fcoe vlan.............................................................................................................................................................365
13 2 .................................................................................................................................... 367
802.1X................................................................................................................................................................................. 367
端口身份验证..............................................................................................................................................................368
EAP over RADIUS....................................................................................................................................................... 369
配置 802.1X..................................................................................................................................................................369
启用 802.1X..................................................................................................................................................................370
身份重新传输............................................................................................................................................................... 371
故障静默期...................................................................................................................................................................372
端口控制模式.............................................................................................................................................................. 372
重新验证端口.............................................................................................................................................................. 373
配置超时.......................................................................................................................................................................374
802.1X 命令..................................................................................................................................................................375
远端故障检测.................................................................................................................................................................... 379
全局启用 FEFD............................................................................................................................................................ 381
启用接口上的 FEFD................................................................................................................................................... 382
Reset FEFD err-disabled interface............................................................................................................................382
显示 FEFD 信息...........................................................................................................................................................382
FEFD 命令....................................................................................................................................................................383
链路聚合控制协议............................................................................................................................................................386
模式...............................................................................................................................................................................386
配置...............................................................................................................................................................................386
接口...............................................................................................................................................................................387
速率...............................................................................................................................................................................388
配置示例...................................................................................................................................................................... 388
10
目录
LACP 回退.................................................................................................................................................................... 391
LACP 命令....................................................................................................................................................................394
链路层发现协议................................................................................................................................................................ 401
可选的 TLV.................................................................................................................................................................. 402
基本 TLV...................................................................................................................................................................... 402
组织特定的 TLV..........................................................................................................................................................403
介质端点查找..............................................................................................................................................................404
网络连接设备..............................................................................................................................................................405
LLDP-MED 功能 TLV................................................................................................................................................. 405
网络策略 TLV..............................................................................................................................................................406
定义网络策略.............................................................................................................................................................. 407
数据包计时器值..........................................................................................................................................................407
禁用和启用 LLDP....................................................................................................................................................... 408
在管理端口上禁用和启用 LLDP.............................................................................................................................. 408
通告 TLV...................................................................................................................................................................... 409
网络策略通告...............................................................................................................................................................413
快速启动重复计数.......................................................................................................................................................413
查看 LLDP 配置........................................................................................................................................................... 413
相邻代理通告...............................................................................................................................................................414
生存时间....................................................................................................................................................................... 416
VLT 域中的通告管理地址 TLV..................................................................................................................................416
LLDP 命令.....................................................................................................................................................................417
介质访问控制....................................................................................................................................................................430
静态 MAC 地址........................................................................................................................................................... 430
MAC 地址表.................................................................................................................................................................430
清除 MAC 地址表........................................................................................................................................................431
MAC 命令......................................................................................................................................................................431
生成树协议........................................................................................................................................................................ 434
EdgePort.......................................................................................................................................................................434
生成树扩展.................................................................................................................................................................. 434
BPDU 防护违规中恢复.........................................................................................................................................436
MAC 刷新优化.............................................................................................................................................................437
调试配置...................................................................................................................................................................... 438
为快速状态转移设置生成树链接类型.................................................................................................................... 438
常见的 STP 命令.........................................................................................................................................................439
Rapid per-VLAN spanning-tree plus......................................................................................................................... 445
快速生成树协议..........................................................................................................................................................454
多个生成树...................................................................................................................................................................461
虚拟 LAN............................................................................................................................................................................ 474
默认 VLAN....................................................................................................................................................................474
创建或移除 VLAN....................................................................................................................................................... 474
访问模式.......................................................................................................................................................................476
中继模式.......................................................................................................................................................................476
分配 IP 地址................................................................................................................................................................. 477
查看 VLAN 配置.......................................................................................................................................................... 478
VLAN 命令................................................................................................................................................................... 480
端口监控.............................................................................................................................................................................481
本地端口监控...............................................................................................................................................................481
远程端口监控.............................................................................................................................................................. 482
目录
11
封装的远程端口监控..................................................................................................................................................484
基于流的监控..............................................................................................................................................................485
VLT 上的远程端口监控............................................................................................................................................. 486
端口监控命令.............................................................................................................................................................. 488
14 3 .................................................................................................................................... 493
虚拟路由和转发................................................................................................................................................................493
配置管理 VRF..............................................................................................................................................................493
配置非默认 VRF 实例................................................................................................................................................495
VRF 配置......................................................................................................................................................................498
查看 VRF 实例信息.....................................................................................................................................................501
静态路由泄漏..............................................................................................................................................................502
VRF 命令......................................................................................................................................................................505
双向转发检测.....................................................................................................................................................................512
BFD 会话状态.............................................................................................................................................................. 513
BFD 三向握手.............................................................................................................................................................. 514
BFD 配置.......................................................................................................................................................................515
全局配置 BFD.............................................................................................................................................................. 515
BFD for BGP.................................................................................................................................................................516
BFD for OSPF..............................................................................................................................................................520
适用于静态路由的 BFD.............................................................................................................................................524
BFD 命令...................................................................................................................................................................... 527
边界网关协议....................................................................................................................................................................533
会话和对等.................................................................................................................................................................. 534
路由反射器.................................................................................................................................................................. 535
多协议 BGP................................................................................................................................................................. 535
属性...............................................................................................................................................................................536
选择条件...................................................................................................................................................................... 536
权重和本地首选项......................................................................................................................................................537
复合鉴别器.................................................................................................................................................................. 537
来源...............................................................................................................................................................................538
AS 路径和下一跳........................................................................................................................................................538
最佳路径选择..............................................................................................................................................................538
更多路径支持..............................................................................................................................................................539
通告成本...................................................................................................................................................................... 539
4 字节 AS 编号............................................................................................................................................................540
AS 编号迁移................................................................................................................................................................ 540
正常重新启动...............................................................................................................................................................541
配置边界网关协议...................................................................................................................................................... 541
启用 BGP...................................................................................................................................................................... 541
禁用 ASN 值的通知....................................................................................................................................................544
配置双堆栈.................................................................................................................................................................. 544
配置管理距离..............................................................................................................................................................544
对等模板...................................................................................................................................................................... 545
邻居故障切换..............................................................................................................................................................548
配置密码...................................................................................................................................................................... 550
快速外部故障切换......................................................................................................................................................552
被动对等...................................................................................................................................................................... 553
本地 AS.........................................................................................................................................................................554
12
目录
AS 编号限制................................................................................................................................................................ 554
重新分发路由..............................................................................................................................................................555
其他路径...................................................................................................................................................................... 556
MED 属性.....................................................................................................................................................................556
本地首选项属性..........................................................................................................................................................557
权重属性...................................................................................................................................................................... 558
启用多路径..................................................................................................................................................................558
路由映射筛选器..........................................................................................................................................................559
路由反射器群集..........................................................................................................................................................559
聚合路由...................................................................................................................................................................... 560
联盟............................................................................................................................................................................... 561
路由抑制.......................................................................................................................................................................561
计时器.......................................................................................................................................................................... 563
邻居软重新配置..........................................................................................................................................................563
重新分发 iBGP 路由到 OSPF................................................................................................................................... 564
调试 BGP..................................................................................................................................................................... 566
BGP 命令..................................................................................................................................................................... 566
同等成本多路径................................................................................................................................................................599
负载均衡...................................................................................................................................................................... 599
最大 ECMP 组和路径................................................................................................................................................ 603
ECMP 命令.................................................................................................................................................................. 603
IPv4 路由............................................................................................................................................................................608
分配接口 IP 地址........................................................................................................................................................ 608
配置静态路由..............................................................................................................................................................609
地址解析协议...............................................................................................................................................................610
IPv4 路由命令.............................................................................................................................................................. 610
IPv6 路由............................................................................................................................................................................ 615
启用或禁用 IPv6..........................................................................................................................................................615
IPv6 地址...................................................................................................................................................................... 616
无状态自动配置...........................................................................................................................................................617
邻居查找....................................................................................................................................................................... 618
重复地址查找...............................................................................................................................................................619
静态 IPv6 路由............................................................................................................................................................ 620
IPv6 目标无法访问.....................................................................................................................................................620
IPv6 逐跳选项............................................................................................................................................................. 620
查看 IPv6 信息............................................................................................................................................................. 621
IPv6 命令.......................................................................................................................................................................621
首先打开最短路径............................................................................................................................................................633
自治系统区域.............................................................................................................................................................. 633
区域、网络和邻居......................................................................................................................................................633
路由器类型.................................................................................................................................................................. 634
指定和备份指定的路由器......................................................................................................................................... 635
链路状态通告..............................................................................................................................................................635
路由器优先级..............................................................................................................................................................636
最短路径优先限制......................................................................................................................................................636
OSPFv2.........................................................................................................................................................................637
OSPFv3........................................................................................................................................................................ 670
对象跟踪管理器................................................................................................................................................................ 691
接口跟踪...................................................................................................................................................................... 692
目录
13
主机跟踪...................................................................................................................................................................... 693
设置跟踪延迟..............................................................................................................................................................694
对象跟踪...................................................................................................................................................................... 694
查看跟踪对象..............................................................................................................................................................694
OTM 命令.................................................................................................................................................................... 695
基于策略的路由................................................................................................................................................................698
用于匹配路由映射的访问列表.................................................................................................................................698
设置地址以匹配路由映射......................................................................................................................................... 698
将路由映射分配给接口............................................................................................................................................. 699
查看 PBR 信息............................................................................................................................................................ 699
基于策略的按 VRF 的路由........................................................................................................................................700
VRF 配置 PBR........................................................................................................................................................700
PBR VLT...................................................................................................................................................................701
配置示例.......................................................................................................................................................................704
跟踪路由可访问性......................................................................................................................................................705
使用 PBR 允许和阻止特定流量............................................................................................................................... 705
查看 PBR 配置............................................................................................................................................................ 706
PBR 命令...................................................................................................................................................................... 707
虚拟路由器冗余协议........................................................................................................................................................ 710
配置................................................................................................................................................................................710
创建虚拟路由器............................................................................................................................................................711
组版本............................................................................................................................................................................712
虚拟 IP 地址..................................................................................................................................................................712
配置虚拟 IP 地址......................................................................................................................................................... 713
VRF 中配置虚拟 IP 地址....................................................................................................................................... 714
设置组优先级............................................................................................................................................................... 714
身份验证....................................................................................................................................................................... 715
禁用抢占....................................................................................................................................................................... 716
通告间隔....................................................................................................................................................................... 716
接口/对象跟踪............................................................................................................................................................. 717
配置跟踪........................................................................................................................................................................717
VRRP 命令....................................................................................................................................................................719
15 多播........................................................................................................................................724
重要事项.............................................................................................................................................................................724
配置多播路由.................................................................................................................................................................... 724
未知的多播泛洪控制........................................................................................................................................................725
启用多播泛洪控制......................................................................................................................................................726
多播命令............................................................................................................................................................................ 726
多播侦听泛洪限制......................................................................................................................................................726
互联网组管理协议............................................................................................................................................................727
标准合规性...................................................................................................................................................................727
重要事项.......................................................................................................................................................................728
支持的 IGMP 版本...................................................................................................................................................... 728
查询间隔.......................................................................................................................................................................728
最后成员查询间隔......................................................................................................................................................728
最长响应时间.............................................................................................................................................................. 728
IGMP 即时离开........................................................................................................................................................... 729
选择 IGMP 版本.......................................................................................................................................................... 729
14
目录
查看已启用 IGMP 的接口和组................................................................................................................................. 729
IGMP 侦听....................................................................................................................................................................730
IGMP 命令....................................................................................................................................................................732
多播侦听器发现协议........................................................................................................................................................743
MLD 侦听..................................................................................................................................................................... 743
MLD 侦听命令.............................................................................................................................................................745
协议独立多播.....................................................................................................................................................................751
PIM 术语....................................................................................................................................................................... 751
标准合规性.................................................................................................................................................................. 752
PIM-SM........................................................................................................................................................................ 752
PIM-SSM......................................................................................................................................................................753
SG 条目配置到期计时器..................................................................................................................................753
Configure static rendezvous point............................................................................................................................ 754
使用 BSR 机制配置动态 RP......................................................................................................................................755
配置指定的路由器优先级..........................................................................................................................................757
PIM 命令.......................................................................................................................................................................757
PIM-SM 示例配置.......................................................................................................................................................769
PIM-SSM 示例配置.................................................................................................................................................... 773
多播 VRF 配置示例...........................................................................................................................................................777
VLT 多播路由....................................................................................................................................................................785
多播路由表同步..........................................................................................................................................................785
IGMP 消息同步........................................................................................................................................................... 786
出口掩码.......................................................................................................................................................................786
跨区 VLAN....................................................................................................................................................................786
部署注意事项.............................................................................................................................................................. 786
示例跨区 L3 VLAN IIF.............................................................................................................................................787
示例方形 VLT 拓扑中的主动-主动 PIM..............................................................................................................794
VLT 多播路由显示命令..............................................................................................................................................824
16 VXLAN................................................................................................................................... 826
VXLAN 概念.......................................................................................................................................................................826
VXLAN NVO 解决方案................................................................................................................................................827
配置 VXLAN.......................................................................................................................................................................827
VTEP 上配置源 IP 地址........................................................................................................................................828
配置 VXLAN 虚拟网络...............................................................................................................................................828
配置 VLAN 标记的访问端口..................................................................................................................................... 829
配置未标记的访问端口............................................................................................................................................. 830
在虚拟网络之间启用覆盖路由.................................................................................................................................830
通告 VXLAN IP 地址..............................................................................................................................................832
配置 VLT.......................................................................................................................................................................833
L3 VXLAN 路由扩展.........................................................................................................................................................833
VTEP 上的 DHCP 中继....................................................................................................................................................835
查看 VXLAN 配置............................................................................................................................................................. 835
VXLAN MAC 地址.............................................................................................................................................................837
VXLAN 命令.......................................................................................................................................................................839
hardware overlay-routing-profile...............................................................................................................................839
interface virtual-network............................................................................................................................................840
ip virtual-router address............................................................................................................................................. 840
ip virtual-router mac-address..................................................................................................................................... 841
目录
15
member-interface........................................................................................................................................................ 841
nve.................................................................................................................................................................................842
remote-vtep.................................................................................................................................................................842
show hardware overlay-routing-profile mode......................................................................................................... 842
show interface virtual-network................................................................................................................................. 843
show nve remote-vtep............................................................................................................................................... 844
show nve remote-vtep counters...............................................................................................................................844
show nve vxlan-vni..................................................................................................................................................... 845
show virtual-network..................................................................................................................................................845
show virtual-network counters................................................................................................................................. 846
show virtual-network interface counters.................................................................................................................846
show virtual-network interface..................................................................................................................................847
show virtual-network vlan..........................................................................................................................................847
show vlan (virtual network)....................................................................................................................................... 847
source-interface loopback..........................................................................................................................................848
virtual-network............................................................................................................................................................ 848
virtual-network untagged-vlan.................................................................................................................................. 849
vxlan-vni....................................................................................................................................................................... 849
VXLAN MAC 命令............................................................................................................................................................ 850
clear mac address-table dynamic nve remote-vtep............................................................................................... 850
clear mac address-table dynamic virtual-network..................................................................................................850
show mac address-table count extended.................................................................................................................851
show mac address-table count nve...........................................................................................................................851
show mac address-table count virtual-network..................................................................................................... 852
show mac address-table extended...........................................................................................................................853
show mac address-table nve.....................................................................................................................................853
show mac address-table virtual-network.................................................................................................................854
示例VXLAN 和静态 VTEP...........................................................................................................................................855
BGP EVPN for VXLAN.....................................................................................................................................................868
BGP EVPN 与静态 VXLAN 比较.............................................................................................................................. 868
VXLAN BGP EVPN 操作............................................................................................................................................869
VXLAN 配置 BGP EVPN........................................................................................................................................871
VXLAN BGP EVPN 路由............................................................................................................................................875
BGP EVPN VLT......................................................................................................................................................875
VXLAN BGP 命令........................................................................................................................................................877
VXLAN EVPN 命令.....................................................................................................................................................880
示例VXLAN BGP EVPN................................................................................................................................... 885
示例VXLAN BGP EVPN AS 拓扑.............................................................................................................. 906
示例VXLAN BGP EVPN 集中化 L3 网关.......................................................................................................927
示例VXLAN BGP EVPN 带有非对称 IRB 的边界分支网关........................................................................929
控制器调配的 VXLAN......................................................................................................................................................932
配置控制器调配的 VXLAN........................................................................................................................................933
VMware vCenter 配置和控制 VXLAN................................................................................................................936
示例具有控制器配置的 VXLAN........................................................................................................................... 939
VXLAN 控制器命令.................................................................................................................................................... 943
17 UFT 模式.................................................................................................................................949
配置 UFT 模式.................................................................................................................................................................. 950
IPv6 扩展前缀路由......................................................................................................................................................951
16
目录
UFT 命令............................................................................................................................................................................952
hardware forwarding-table mode..............................................................................................................................952
hardware l3 ipv6-extended-prefix.............................................................................................................................952
show hardware forwarding-table mode................................................................................................................... 953
show hardware forwarding-table mode all...............................................................................................................953
show hardware l3........................................................................................................................................................953
18 安全性.................................................................................................................................... 955
AAA 身份验证................................................................................................................................................................... 955
用户重新身份验证........................................................................................................................................................... 956
密码强度............................................................................................................................................................................956
简单密码检查....................................................................................................................................................................957
隐匿密码............................................................................................................................................................................ 957
基于角色的访问控制....................................................................................................................................................... 958
分配用户角色....................................................................................................................................................................958
引导加载程序保护........................................................................................................................................................... 959
Linux 管理员用户配置..................................................................................................................................................... 959
AAA 身份验证................................................................................................................................................................... 960
RADIUS 身份验证..............................................................................................................................................................961
RADIUS over TLS 身份验证............................................................................................................................................962
TACACS+ 身份验证......................................................................................................................................................... 963
未知用户角色....................................................................................................................................................................964
SSH 服务器....................................................................................................................................................................... 964
虚拟终端行 ACL............................................................................................................................................................... 965
限制 SNMP 访问.............................................................................................................................................................. 966
启用 AAA 核算.................................................................................................................................................................. 966
启用用户锁定....................................................................................................................................................................967
限制并发登录会话............................................................................................................................................................967
启用登录统计信息........................................................................................................................................................... 968
权限级别............................................................................................................................................................................ 968
配置权限级别..............................................................................................................................................................969
配置启用密码.............................................................................................................................................................. 970
审核日志............................................................................................................................................................................ 970
安全命令............................................................................................................................................................................. 971
aaa accounting..............................................................................................................................................................971
aaa authentication login..............................................................................................................................................972
aaa re-authenticate enable.........................................................................................................................................973
boot protect disable username.................................................................................................................................. 973
boot protect enable username password.................................................................................................................973
clear logging audit........................................................................................................................................................974
crypto ssh-key generate.............................................................................................................................................974
disable........................................................................................................................................................................... 975
enable............................................................................................................................................................................975
enable password priv-lvl............................................................................................................................................. 975
ip access-class............................................................................................................................................................. 976
ip radius source-interface...........................................................................................................................................976
ip tacacs source-interface..........................................................................................................................................977
ipv6 access-class.........................................................................................................................................................977
ip ssh server challenge-response-authentication....................................................................................................978
目录
17
ip ssh server cipher..................................................................................................................................................... 978
ip ssh server enable.....................................................................................................................................................979
ip ssh server hostbased-authentication................................................................................................................... 979
ip ssh server kex..........................................................................................................................................................980
ip ssh server mac.........................................................................................................................................................980
ip ssh server password-authentication..................................................................................................................... 981
ip ssh server port.........................................................................................................................................................982
ip ssh server pubkey-authentication.........................................................................................................................982
ip ssh server vrf...........................................................................................................................................................982
line vty...........................................................................................................................................................................983
logging audit enable.....................................................................................................................................................983
login concurrent-session limit.................................................................................................................................... 983
login-statistics enable................................................................................................................................................. 984
mac address-table static............................................................................................................................................ 984
password-attributes....................................................................................................................................................985
password-attributes max-retry lockout-period.......................................................................................................985
privilege.........................................................................................................................................................................986
radius-server host....................................................................................................................................................... 986
radius-server host tls.................................................................................................................................................. 987
radius-server retransmit.............................................................................................................................................988
radius-server timeout..................................................................................................................................................988
radius-server vrf..........................................................................................................................................................989
service obscure-password......................................................................................................................................... 989
service simple-password............................................................................................................................................ 989
show boot protect...................................................................................................................................................... 990
show crypto ssh-key...................................................................................................................................................990
show ip ssh................................................................................................................................................................... 991
show mac address-table count..................................................................................................................................991
show logging audit...................................................................................................................................................... 992
show login-statistics................................................................................................................................................... 993
show privilege.............................................................................................................................................................. 993
show running-configuration privilege........................................................................................................................994
show users................................................................................................................................................................... 994
system-user linuxadmin disable................................................................................................................................. 994
system-user linuxadmin password............................................................................................................................ 995
tacacs-server host......................................................................................................................................................995
tacacs-server timeout................................................................................................................................................ 996
tacacs-server vrf.........................................................................................................................................................996
username password role.............................................................................................................................................997
username sshkey......................................................................................................................................................... 997
username sshkey filename......................................................................................................................................... 998
userrole inherit............................................................................................................................................................. 999
X.509v3 证书...................................................................................................................................................................1000
X.509v3 概念.............................................................................................................................................................1000
公钥基础设施............................................................................................................................................................ 1000
管理 CA 证书..............................................................................................................................................................1001
证书吊销.....................................................................................................................................................................1003
请求并安装主机证书................................................................................................................................................1004
自签名证书.................................................................................................................................................................1007
安全配置文件............................................................................................................................................................ 1009
18
目录
群集安全......................................................................................................................................................................1010
X.509v3 命令..............................................................................................................................................................1012
示例使用 X.509v3 证书配置 RADIUS over TLS...............................................................................................1023
19 OpenFlow..............................................................................................................................1025
OpenFlow 逻辑交换机实例........................................................................................................................................... 1026
OpenFlow 控制器............................................................................................................................................................1026
OpenFlow 版本 1.3.......................................................................................................................................................... 1026
端口............................................................................................................................................................................. 1026
流表............................................................................................................................................................................. 1027
组表............................................................................................................................................................................. 1027
计量表......................................................................................................................................................................... 1027
指令............................................................................................................................................................................. 1027
操作集.........................................................................................................................................................................1028
操作类型.....................................................................................................................................................................1028
计数器.........................................................................................................................................................................1028
OpenFlow 协议.......................................................................................................................................................... 1030
OpenFlow 使用案例........................................................................................................................................................1042
配置 OpenFlow................................................................................................................................................................ 1043
建立 TLS 连接............................................................................................................................................................1044
OpenFlow 命令................................................................................................................................................................ 1045
controller.....................................................................................................................................................................1045
dpid-mac-address......................................................................................................................................................1046
in-band-mgmt............................................................................................................................................................ 1046
max-backoff................................................................................................................................................................1047
mode openflow-only.................................................................................................................................................. 1047
openflow......................................................................................................................................................................1047
probe-interval.............................................................................................................................................................1048
protocol-version.........................................................................................................................................................1048
rate-limit packet_in....................................................................................................................................................1049
show openflow...........................................................................................................................................................1050
show openflow flows................................................................................................................................................ 1050
show openflow ports................................................................................................................................................. 1051
show openflow switch.............................................................................................................................................. 1052
show openflow switch controllers...........................................................................................................................1053
switch..........................................................................................................................................................................1054
仅限 OpenFlow 模式的命令.......................................................................................................................................... 1054
20 访问控制列表......................................................................................................................... 1057
IP ACL............................................................................................................................................................................... 1057
MAC ACL..........................................................................................................................................................................1057
控制平面 ACL..................................................................................................................................................................1058
控制平面 ACL 限定符...............................................................................................................................................1058
IP 片段处理......................................................................................................................................................................1059
L3 ACL 规则.....................................................................................................................................................................1060
为筛选器分配序列号......................................................................................................................................................1060
删除 ACL 规则..................................................................................................................................................................1061
L2 L3 ACL....................................................................................................................................................................1062
分配和应用 ACL 筛选器................................................................................................................................................ 1062
目录
19
入口 ACL 筛选器.............................................................................................................................................................1063
出口 ACL 筛选器.............................................................................................................................................................1063
VTY ACL........................................................................................................................................................................... 1064
SNMP ACL....................................................................................................................................................................... 1064
清除访问列表计数器......................................................................................................................................................1064
IP 前缀列表......................................................................................................................................................................1065
路由映射...........................................................................................................................................................................1065
匹配路由...........................................................................................................................................................................1066
设置条件...........................................................................................................................................................................1067
Continue 子句.................................................................................................................................................................. 1068
基于 ACL 流的监控.........................................................................................................................................................1068
启用基于流的监控..........................................................................................................................................................1069
查看 ACL 表利用率报告................................................................................................................................................ 1070
已知行为......................................................................................................................................................................1071
ACL 日志记录................................................................................................................................................................... 1071
重要事项..................................................................................................................................................................... 1072
ACL 命令...........................................................................................................................................................................1072
clear ip access-list counters..................................................................................................................................... 1072
clear ipv6 access-list counters.................................................................................................................................1072
clear mac access-list counters.................................................................................................................................1073
deny............................................................................................................................................................................. 1073
deny (IPv6)................................................................................................................................................................. 1074
deny (MAC)................................................................................................................................................................1075
deny icmp....................................................................................................................................................................1075
deny icmp (IPv6)........................................................................................................................................................1076
deny ip......................................................................................................................................................................... 1076
deny ipv6.....................................................................................................................................................................1077
deny tcp.......................................................................................................................................................................1077
deny tcp (IPv6).......................................................................................................................................................... 1078
deny udp......................................................................................................................................................................1079
deny udp (IPv6)......................................................................................................................................................... 1080
description.................................................................................................................................................................. 1080
ip access-group...........................................................................................................................................................1081
ip access-list................................................................................................................................................................1081
ip as-path access-list.................................................................................................................................................1082
ip community-list standard deny..............................................................................................................................1082
ip communitylist standard permit.......................................................................................................................... 1083
ip extcommunity-list standard deny........................................................................................................................ 1083
ip extcommunity-list standard permit..................................................................................................................... 1083
ip prefix-list description.............................................................................................................................................1084
ip prefix-list deny........................................................................................................................................................1084
ip prefix-list permit.....................................................................................................................................................1085
ip prefix-list seq deny................................................................................................................................................ 1085
ip prefix-list seq permit..............................................................................................................................................1085
ipv6 access-group..................................................................................................................................................... 1086
ipv6 access-list...........................................................................................................................................................1086
ipv6 prefix-list deny................................................................................................................................................... 1087
ipv6 prefix-list description.........................................................................................................................................1087
ipv6 prefix-list permit.................................................................................................................................................1087
20
目录
/