Dell EMC Networking MX9116n User guide

Dell EMC SmartFabric OS10 User Guide

Release 10.5.0

Notes, cautions, and warnings

NOTE: A NOTE indicates important information that helps you make better use of your product.

CAUTION: A CAUTION indicates either potential damage to hardware or loss of data and tells you how to avoid the

problem.

WARNING: A WARNING indicates a potential for property damage, personal injury, or death.

Other trademarks may be trademarks of their respective owners.

2019 - 12

Rev. A03

1 Change history........................................................................................................................... 28

2 Getting Started.......................................................................................................................... 31

Switch with factory-installed OS10....................................................................................................................................31

Log in ..............................................................................................................................................................................32

Check OS10 version...................................................................................................................................................... 32

OS10 upgrade.................................................................................................................................................................33

Check OS10 license.......................................................................................................................................................40

Re-install license ........................................................................................................................................................... 40

Switch without OS installed...............................................................................................................................................40

Uninstall existing OS.......................................................................................................................................................41

Download OS10 image................................................................................................................................................... 41

Installation using ONIE.................................................................................................................................................. 42

Log in ..............................................................................................................................................................................45

Install OS10 license........................................................................................................................................................ 46

Switch deployment options................................................................................................................................................48

Manual CLI configuration..............................................................................................................................................48

ZTD-automated switch deployment........................................................................................................................... 48

Ansible-automated switch provisioning...................................................................................................................... 48

Remote access.................................................................................................................................................................... 48

Configure Management IP address.............................................................................................................................48

Configure Management route .................................................................................................................................... 49

Configure user name and password............................................................................................................................49

3 CLI Basics.................................................................................................................................. 51

CONFIGURATION mode....................................................................................................................................................52

Check device status............................................................................................................................................................52

Command help.....................................................................................................................................................................54

Candidate configuration..................................................................................................................................................... 54

Copy running configuration ...............................................................................................................................................57

Restore startup configuration ...........................................................................................................................................57

Reload system image.......................................................................................................................................................... 58

Filter show commands........................................................................................................................................................58

Common OS10 commands.................................................................................................................................................59

boot................................................................................................................................................................................. 59

commit............................................................................................................................................................................ 59

configure.........................................................................................................................................................................59

copy.................................................................................................................................................................................60

delete............................................................................................................................................................................... 61

dir.....................................................................................................................................................................................62

discard.............................................................................................................................................................................63

do.....................................................................................................................................................................................63

end...................................................................................................................................................................................63

exit...................................................................................................................................................................................64

Contents

Contents 3

hostname........................................................................................................................................................................64

license..............................................................................................................................................................................64

lock.................................................................................................................................................................................. 65

management route........................................................................................................................................................65

move................................................................................................................................................................................66

no.....................................................................................................................................................................................66

ping.................................................................................................................................................................................. 67

ping6................................................................................................................................................................................68

reload...............................................................................................................................................................................70

show boot.......................................................................................................................................................................70

show candidate-configuration...................................................................................................................................... 71

show environment......................................................................................................................................................... 73

show inventory...............................................................................................................................................................73

show ip management-route......................................................................................................................................... 74

show ipv6 management-route.....................................................................................................................................74

show license status....................................................................................................................................................... 75

show running-configuration......................................................................................................................................... 75

show startup-configuration.......................................................................................................................................... 77

show system...................................................................................................................................................................78

show version.................................................................................................................................................................. 80

start.................................................................................................................................................................................80

system..............................................................................................................................................................................81

system-cli disable........................................................................................................................................................... 81

system-user linuxadmin disable.................................................................................................................................... 81

system identifier.............................................................................................................................................................82

terminal........................................................................................................................................................................... 82

traceroute.......................................................................................................................................................................82

unlock.............................................................................................................................................................................. 83

username password role...............................................................................................................................................84

write................................................................................................................................................................................ 85

4 Advanced CLI tasks.................................................................................................................... 86

Command alias.....................................................................................................................................................................86

Multi-line alias.................................................................................................................................................................87

alias..................................................................................................................................................................................89

alias (multi-line)..............................................................................................................................................................90

default (alias).................................................................................................................................................................. 91

description (alias)........................................................................................................................................................... 91

line (alias).........................................................................................................................................................................91

show alias........................................................................................................................................................................92

Batch mode..........................................................................................................................................................................93

batch............................................................................................................................................................................... 93

Linux shell commands......................................................................................................................................................... 94

Using OS9 commands........................................................................................................................................................ 95

feature config-os9-style...............................................................................................................................................96

5 Zero-touch deployment.............................................................................................................. 97

ZTD DHCP server configuration....................................................................................................................................... 99

ZTD provisioning script.......................................................................................................................................................99

4

Contents

ZTD CLI batch file..............................................................................................................................................................100

Post-ZTD script................................................................................................................................................................. 100

ZTD commands...................................................................................................................................................................101

reload ztd....................................................................................................................................................................... 101

show ztd-status............................................................................................................................................................101

ztd cancel......................................................................................................................................................................102

6 OS10 provisioning..................................................................................................................... 103

Using Ansible...................................................................................................................................................................... 103

Example: Configure an OS10 switch using Ansible........................................................................................................104

7 SmartFabric Services................................................................................................................ 107

SmartFabric Services personalities..................................................................................................................................107

SmartFabric Services for leaf and spine....................................................................................................................107

SmartFabric Services for PowerEdge MX................................................................................................................108

SmartFabric Services for leaf and spine......................................................................................................................... 109

SmartFabric Services Components .................................................................................................................................110

SmartFabric Services logical entities................................................................................................................................ 111

Uplinks............................................................................................................................................................................ 112

Uplink bonding options................................................................................................................................................. 112

Spanning tree considerations...................................................................................................................................... 113

Dynamic onboarding for integrated devices..............................................................................................................113

Statically onboarded server......................................................................................................................................... 113

Static onboarding for nonintegrated devices............................................................................................................113

Enable SmartFabric Services on the switches................................................................................................................113

Enable SmartFabric Services using GUI.....................................................................................................................114

SmartFabric Services Graphical User Interface..............................................................................................................114

Configure SmartFabric Services initial setup............................................................................................................ 115

Update Default Fabric, Switch Names, and Descriptions wizard...........................................................................115

Create Uplink for External Network Connectivity wizard....................................................................................... 116

Breakout Switch Ports wizard.....................................................................................................................................117

Configure Jump Host wizard.......................................................................................................................................118

Update Network Configuration wizard...................................................................................................................... 118

Onboard a Server onto the Fabric wizard................................................................................................................. 118

Edit Default Fabric Settings wizard............................................................................................................................118

Fabric operations and life cycle management.................................................................................................................119

SmartFabric commands.....................................................................................................................................................119

smartfabric l3fabric enable.......................................................................................................................................... 119

show smartfabric cluster.............................................................................................................................................120

show smartfabric cluster member............................................................................................................................. 120

show smartfabric details.............................................................................................................................................. 121

show smartfabric networks.........................................................................................................................................121

show smartfabric nodes..............................................................................................................................................122

show smartfabric personality......................................................................................................................................123

show smartfabric uplinks.............................................................................................................................................123

show smartfabric validation-error..............................................................................................................................124

8 SmartFabric Director.................................................................................................................125

Enable SmartFabric Director mode on a switch............................................................................................................ 125

Contents

5

Support for SmartFabric Director....................................................................................................................................125

gRPC Network Management Interface agent...............................................................................................................125

Lifecycle Management using SmartFabric Director...................................................................................................... 127

SmartFabric Director commands.....................................................................................................................................128

switch-operating mode............................................................................................................................................... 128

gnmi-security-profile....................................................................................................................................................129

show switch-operating-mode.................................................................................................................................... 129

show sfd status............................................................................................................................................................129

9 System management................................................................................................................. 131

System banners.................................................................................................................................................................. 131

Login banner.................................................................................................................................................................. 131

MOTD banner...............................................................................................................................................................132

System banner commands..........................................................................................................................................132

User session management................................................................................................................................................133

User session management commands......................................................................................................................134

Telnet server.......................................................................................................................................................................135

Telnet commands.........................................................................................................................................................135

Simple Network Management Protocol..........................................................................................................................136

SNMP security models and levels..............................................................................................................................136

MIBs...............................................................................................................................................................................136

SNMPv3........................................................................................................................................................................ 137

Configure SNMP..........................................................................................................................................................138

SNMP commands........................................................................................................................................................ 142

Example: Configure SNMP.........................................................................................................................................150

System clock....................................................................................................................................................................... 151

Time zones and UTC offset reference......................................................................................................................152

System Clock commands............................................................................................................................................167

Network Time Protocol.....................................................................................................................................................168

Enable NTP................................................................................................................................................................... 169

Broadcasts.................................................................................................................................................................... 170

Source IP address........................................................................................................................................................ 170

Authentication............................................................................................................................................................... 171

Sample NTP configuration...........................................................................................................................................171

NTP commands............................................................................................................................................................174

Dynamic Host Configuration Protocol.............................................................................................................................179

Packet format and options......................................................................................................................................... 180

DHCP server..................................................................................................................................................................181

Automatic address allocation.......................................................................................................................................181

Hostname resolution....................................................................................................................................................182

Manual binding entries.................................................................................................................................................183

DHCP relay agent.........................................................................................................................................................184

View DHCP Information..............................................................................................................................................185

System domain name and list.....................................................................................................................................185

DHCP snooping............................................................................................................................................................ 186

DHCP commands........................................................................................................................................................202

DHCP snooping commands....................................................................................................................................... 208

DNS commands............................................................................................................................................................213

IPv4 DHCP limitations................................................................................................................................................. 215

6

Contents

10 Interfaces............................................................................................................................... 216

Ethernet interfaces............................................................................................................................................................216

Unified port groups............................................................................................................................................................216

Z9264F-ON port-group profiles.......................................................................................................................................218

Port-groups on S5200F-ON switches............................................................................................................................219

L2 mode configuration......................................................................................................................................................226

L3 mode configuration......................................................................................................................................................226

Fibre Channel interfaces...................................................................................................................................................227

Configuring wavelength..............................................................................................................................................229

Management interface .................................................................................................................................................... 229

Management interface .............................................................................................................................................. 230

VLAN interfaces................................................................................................................................................................ 230

User-configured default VLAN........................................................................................................................................230

VLAN scale profile..............................................................................................................................................................231

Loopback interfaces.......................................................................................................................................................... 231

Port-channel interfaces....................................................................................................................................................232

Create port-channel....................................................................................................................................................232

Add port member........................................................................................................................................................ 232

Minimum links...............................................................................................................................................................233

Assign Port Channel IP Address................................................................................................................................233

Remove or disable port-channel................................................................................................................................234

Load balance traffic.....................................................................................................................................................234

Change hash algorithm...............................................................................................................................................235

Configure interface ranges.............................................................................................................................................. 235

Switch-port profiles.......................................................................................................................................................... 236

S4148-ON Series port profiles................................................................................................................................... 237

S4148U-ON port profiles............................................................................................................................................ 237

Configure negotiation modes on interfaces...................................................................................................................238

Configure breakout mode................................................................................................................................................ 239

Breakout auto-configuration............................................................................................................................................240

Reset default configuration.............................................................................................................................................. 241

Forward error correction..................................................................................................................................................242

Energy-efficient Ethernet................................................................................................................................................ 243

Enable energy-efficient Ethernet.............................................................................................................................. 243

Clear EEE counters..................................................................................................................................................... 244

View EEE status/statistics.........................................................................................................................................244

EEE commands............................................................................................................................................................245

View interface configuration............................................................................................................................................247

Digital optical monitoring..................................................................................................................................................250

Enable DOM and DOM traps......................................................................................................................................251

Interface commands.........................................................................................................................................................252

channel-group..............................................................................................................................................................252

default interface.......................................................................................................................................................... 252

default vlan-id.............................................................................................................................................................. 254

description (Interface)................................................................................................................................................255

duplex............................................................................................................................................................................256

enable dom...................................................................................................................................................................256

enable dom traps.........................................................................................................................................................256

feature auto-breakout.................................................................................................................................................257

Contents

7

fec..................................................................................................................................................................................257

interface breakout.......................................................................................................................................................258

interface ethernet....................................................................................................................................................... 258

interface loopback.......................................................................................................................................................258

interface mgmt............................................................................................................................................................259

interface null.................................................................................................................................................................259

interface port-channel................................................................................................................................................259

interface range............................................................................................................................................................ 260

interface vlan............................................................................................................................................................... 260

link-bundle-utilization...................................................................................................................................................261

mode.............................................................................................................................................................................. 261

mode l3......................................................................................................................................................................... 262

mtu................................................................................................................................................................................ 262

negotiation....................................................................................................................................................................263

port mode Eth..............................................................................................................................................................264

port-group....................................................................................................................................................................265

profile............................................................................................................................................................................ 265

scale-profile vlan..........................................................................................................................................................266

show discovered-expanders......................................................................................................................................266

show interface.............................................................................................................................................................266

show interface transceiver “Tunable wavelength”.................................................................................................268

show inventory media.................................................................................................................................................268

show link-bundle-utilization........................................................................................................................................270

show port-channel summary..................................................................................................................................... 270

show port-group...........................................................................................................................................................271

show switch-port-profile............................................................................................................................................272

show system................................................................................................................................................................ 272

show unit-provision..................................................................................................................................................... 273

show vlan......................................................................................................................................................................273

shutdown......................................................................................................................................................................274

speed (Fibre Channel).................................................................................................................................................274

speed (Management)................................................................................................................................................. 275

switch-port-profile...................................................................................................................................................... 275

switchport access vlan................................................................................................................................................277

switchport mode..........................................................................................................................................................277

switchport trunk allowed vlan....................................................................................................................................278

unit-provision................................................................................................................................................................278

wavelength...................................................................................................................................................................279

11 PowerEdge MX Ethernet I/O modules....................................................................................... 280

Operating modes...............................................................................................................................................................280

Changing operating modes.............................................................................................................................................. 282

Restrictions........................................................................................................................................................................ 282

Port groups on I/O modules............................................................................................................................................ 282

Double-density QSFP28 interfaces................................................................................................................................ 282

Virtual ports........................................................................................................................................................................284

Single-density QSFP28 interfaces.................................................................................................................................. 287

Server-facing interfaces...................................................................................................................................................289

Replace MX Ethernet IO modules in SmartFabric .......................................................................................................290

Deployment instructions.............................................................................................................................................290

8

Contents

Replace an IOM in SmartFabric.................................................................................................................................290

12 Fibre Channel..........................................................................................................................294

Fibre Channel over Ethernet........................................................................................................................................... 295

Configure FIP snooping.............................................................................................................................................. 295

Terminology........................................................................................................................................................................297

Virtual fabric.......................................................................................................................................................................297

Fibre Channel zoning........................................................................................................................................................ 299

F_Port on Ethernet........................................................................................................................................................... 301

Pinning FCoE traffic to a specific port of a port-channel.............................................................................................301

Sample FSB configuration on VLT network.............................................................................................................303

Sample FC Switch configuration on VLT network..................................................................................................305

Sample FSB configuration on non-VLT network.....................................................................................................307

Sample FC Switch configuration on non-VLT network......................................................................................... 309

Multi-hop FIP-snooping bridge.........................................................................................................................................310

Configuration notes..................................................................................................................................................... 310

Configure multi-hop FSB............................................................................................................................................. 311

Verify multi-hop FSB configuration............................................................................................................................317

Sample Multi-hop FSB configuration.........................................................................................................................318

Configuration guidelines....................................................................................................................................................331

NPIV Proxy Gateway cascading...................................................................................................................................... 331

Support for untagged VLAN in FCoE............................................................................................................................. 334

F_Port commands.............................................................................................................................................................334

fc alias........................................................................................................................................................................... 334

fc zone.......................................................................................................................................................................... 334

fc zoneset.....................................................................................................................................................................335

feature fc......................................................................................................................................................................335

member (alias).............................................................................................................................................................335

member (zone)............................................................................................................................................................336

member (zoneset).......................................................................................................................................................336

show fc alias.................................................................................................................................................................337

show fc interface-area-id mapping........................................................................................................................... 337

show fc ns switch........................................................................................................................................................337

show fc zone................................................................................................................................................................338

show fc zoneset.......................................................................................................................................................... 339

zone default-zone permit...........................................................................................................................................340

zoneset activate..........................................................................................................................................................340

NPG commands................................................................................................................................................................ 340

fc port-mode F............................................................................................................................................................. 341

feature fc npg...............................................................................................................................................................341

show npg devices.........................................................................................................................................................341

F_Port and NPG commands............................................................................................................................................342

clear fc statistics..........................................................................................................................................................342

fcoe .............................................................................................................................................................................. 342

name..............................................................................................................................................................................343

show fc statistics.........................................................................................................................................................343

show fc switch.............................................................................................................................................................344

show running-config vfabric...................................................................................................................................... 344

show vfabric.................................................................................................................................................................344

vfabric...........................................................................................................................................................................345

Contents

9

vfabric (interface)....................................................................................................................................................... 345

vlan................................................................................................................................................................................346

FIP-snooping commands..................................................................................................................................................346

feature fip-snooping....................................................................................................................................................346

fip-snooping enable..................................................................................................................................................... 347

fip-snooping fc-map....................................................................................................................................................347

fip-snooping port-mode..............................................................................................................................................347

FCoE commands............................................................................................................................................................... 348

clear fcoe database.....................................................................................................................................................348

clear fcoe statistics..................................................................................................................................................... 348

fcoe-pinned-port ........................................................................................................................................................ 349

fcoe max-sessions-per-enodemac............................................................................................................................349

fcoe priority-bits.......................................................................................................................................................... 349

lldp tlv-select dcbxp-appln fcoe................................................................................................................................350

show fcoe enode.........................................................................................................................................................350

show fcoe fcf................................................................................................................................................................351

show fcoe pinned-port................................................................................................................................................351

show fcoe sessions......................................................................................................................................................351

show fcoe statistics.................................................................................................................................................... 352

show fcoe system....................................................................................................................................................... 352

show fcoe vlan.............................................................................................................................................................353

13 Layer 2................................................................................................................................... 354

802.1X.................................................................................................................................................................................354

Port authentication..................................................................................................................................................... 355

EAP over RADIUS....................................................................................................................................................... 356

Configure 802.1X.........................................................................................................................................................356

Enable 802.1X...............................................................................................................................................................357

Identity retransmissions..............................................................................................................................................358

Failure quiet period......................................................................................................................................................358

Port control mode....................................................................................................................................................... 359

Reauthenticate port....................................................................................................................................................360

Configure timeouts...................................................................................................................................................... 361

802.1X commands....................................................................................................................................................... 362

Far-end failure detection..................................................................................................................................................366

Enable FEFD globally...................................................................................................................................................368

Enable FEFD on interface...........................................................................................................................................368

Reset FEFD err-disabled interface............................................................................................................................368

Display FEFD information........................................................................................................................................... 368

FEFD Commands........................................................................................................................................................ 369

Link Aggregation Control Protocol..................................................................................................................................372

Modes........................................................................................................................................................................... 372

Configuration................................................................................................................................................................372

Interfaces......................................................................................................................................................................373

Rates............................................................................................................................................................................. 373

Sample configuration...................................................................................................................................................374

LACP fallback............................................................................................................................................................... 377

LACP commands.........................................................................................................................................................380

Link Layer Discovery Protocol.........................................................................................................................................386

Optional TLVs.............................................................................................................................................................. 388

10

Contents

Basic TLVs....................................................................................................................................................................388

Organizationally specific TLVs...................................................................................................................................388

Media endpoint discovery.......................................................................................................................................... 390

Network connectivity device.....................................................................................................................................390

LLDP-MED capabilities TLV........................................................................................................................................391

Network policies TLVs.................................................................................................................................................391

Define network policies...............................................................................................................................................392

Packet timer values.....................................................................................................................................................393

Disable and enable LLDP ........................................................................................................................................... 393

Disable and enable LLDP on management ports.....................................................................................................394

Advertise TLVs............................................................................................................................................................ 395

Network policy advertisement...................................................................................................................................398

Fast start repeat count...............................................................................................................................................398

View LLDP configuration............................................................................................................................................398

Adjacent agent advertisements.................................................................................................................................400

Time to live....................................................................................................................................................................401

Advertise management address TLVs in a VLT domain..........................................................................................401

LLDP commands......................................................................................................................................................... 402

Media Access Control........................................................................................................................................................414

Static MAC Address.................................................................................................................................................... 414

MAC Address Table..................................................................................................................................................... 414

Clear MAC Address Table...........................................................................................................................................415

MAC Commands..........................................................................................................................................................415

Spanning-tree protocol......................................................................................................................................................417

EdgePort....................................................................................................................................................................... 418

Spanning-tree extensions........................................................................................................................................... 418

Recover from BPDU guard violations.......................................................................................................................420

MAC flush optimization............................................................................................................................................... 421

Debug configurations..................................................................................................................................................422

Setting spanning-tree link type for rapid state transitions.....................................................................................422

Common STP commands...........................................................................................................................................423

Rapid per-VLAN spanning-tree plus......................................................................................................................... 429

Rapid Spanning-Tree Protocol...................................................................................................................................437

Multiple Spanning-Tree...............................................................................................................................................444

Virtual LANs.......................................................................................................................................................................455

Default VLAN...............................................................................................................................................................456

Create or remove VLANs...........................................................................................................................................456

Access mode................................................................................................................................................................458

Trunk mode.................................................................................................................................................................. 458

Assign IP address........................................................................................................................................................ 459

View VLAN configuration...........................................................................................................................................460

VLAN commands......................................................................................................................................................... 461

Port monitoring..................................................................................................................................................................462

Local port monitoring..................................................................................................................................................462

Remote port monitoring............................................................................................................................................. 463

Encapsulated remote port monitoring......................................................................................................................465

Flow-based monitoring...............................................................................................................................................466

Remote port monitoring on VLT................................................................................................................................467

Port monitoring commands........................................................................................................................................469

Contents

11

14 Layer 3................................................................................................................................... 474

Virtual routing and forwarding......................................................................................................................................... 474

Configure management VRF......................................................................................................................................474

Configure non-default VRF instances.......................................................................................................................476

VRF configuration........................................................................................................................................................478

View VRF instance information................................................................................................................................. 482

Static route leaking..................................................................................................................................................... 482

VRF commands........................................................................................................................................................... 486

Bidirectional Forwarding Detection.................................................................................................................................493

BFD session states......................................................................................................................................................493

BFD three-way handshake.........................................................................................................................................494

BFD configuration....................................................................................................................................................... 495

Configure BFD globally............................................................................................................................................... 495

BFD for BGP................................................................................................................................................................ 496

BFD for OSPF..............................................................................................................................................................500

BFD for Static routes..................................................................................................................................................504

BFD commands........................................................................................................................................................... 506

Border Gateway Protocol..................................................................................................................................................511

Sessions and peers.......................................................................................................................................................512

Route reflectors........................................................................................................................................................... 513

Multiprotocol BGP....................................................................................................................................................... 513

Attributes...................................................................................................................................................................... 514

Selection criteria...........................................................................................................................................................514

Weight and local preference.......................................................................................................................................515

Multiexit discriminators............................................................................................................................................... 515

Origin............................................................................................................................................................................. 516

AS path and next-hop................................................................................................................................................. 516

Best path selection...................................................................................................................................................... 516

More path support....................................................................................................................................................... 517

Advertise cost...............................................................................................................................................................517

4-Byte AS numbers......................................................................................................................................................517

AS number migration...................................................................................................................................................518

Graceful restart............................................................................................................................................................ 518

Configure Border Gateway Protocol.........................................................................................................................519

Enable BGP...................................................................................................................................................................519

Disable announcements of ASN values....................................................................................................................522

Configure Dual Stack.................................................................................................................................................. 522

Configure administrative distance.............................................................................................................................522

Peer templates.............................................................................................................................................................523

Neighbor fall-over........................................................................................................................................................526

Configure password....................................................................................................................................................528

Fast external fallover.................................................................................................................................................. 529

Passive peering.............................................................................................................................................................531

Local AS.........................................................................................................................................................................531

AS number limit............................................................................................................................................................532

Redistribute routes......................................................................................................................................................533

Additional paths........................................................................................................................................................... 533

MED attributes............................................................................................................................................................ 534

Local preference attribute..........................................................................................................................................534

12

Contents

Weight attribute.......................................................................................................................................................... 535

Enable multipath..........................................................................................................................................................536

Route-map filters........................................................................................................................................................ 536

Route reflector clusters..............................................................................................................................................537

Aggregate routes.........................................................................................................................................................537

Confederations............................................................................................................................................................ 538

Route dampening........................................................................................................................................................ 539

Timers........................................................................................................................................................................... 540

Neighbor soft-reconfiguration...................................................................................................................................540

Redistribute iBGP route to OSPF.............................................................................................................................. 541

Debug BGP...................................................................................................................................................................543

BGP commands...........................................................................................................................................................544

Equal cost multi-path........................................................................................................................................................576

Load balancing............................................................................................................................................................. 576

Maximum ECMP groups and paths.......................................................................................................................... 579

ECMP commands....................................................................................................................................................... 580

IPv4 routing........................................................................................................................................................................584

Assign interface IP address........................................................................................................................................584

Configure static routing..............................................................................................................................................585

Address Resolution Protocol......................................................................................................................................586

IPv4 routing commands..............................................................................................................................................586

IPv6 routing........................................................................................................................................................................ 591

Enable or disable IPv6..................................................................................................................................................591

IPv6 addresses............................................................................................................................................................ 592

Stateless autoconfiguration....................................................................................................................................... 593

Neighbor Discovery.....................................................................................................................................................594

Duplicate address discovery...................................................................................................................................... 595

Static IPv6 routing...................................................................................................................................................... 595

IPv6 destination unreachable.....................................................................................................................................596

IPv6 hop-by-hop options........................................................................................................................................... 596

View IPv6 information................................................................................................................................................ 596

IPv6 commands........................................................................................................................................................... 597

Open shortest path first...................................................................................................................................................608

Autonomous system areas.........................................................................................................................................608

Areas, networks, and neighbors................................................................................................................................ 608

Router types................................................................................................................................................................ 609

Designated and backup designated routers............................................................................................................. 610

Link-state advertisements.......................................................................................................................................... 610

Router priority............................................................................................................................................................... 611

Shortest path first throttling....................................................................................................................................... 611

OSPFv2......................................................................................................................................................................... 612

OSPFv3........................................................................................................................................................................ 644

Object tracking manager..................................................................................................................................................663

Interface tracking........................................................................................................................................................ 664

Host tracking............................................................................................................................................................... 665

Set tracking delays......................................................................................................................................................666

Object tracking............................................................................................................................................................ 666

View tracked objects.................................................................................................................................................. 666

OTM commands..........................................................................................................................................................667

Policy-based routing......................................................................................................................................................... 669

Contents

13

Access-list to match route-map................................................................................................................................669

Set address to match route-map..............................................................................................................................670

Assign route-map to interface...................................................................................................................................670

View PBR information.................................................................................................................................................670

Policy-based routing per VRF.....................................................................................................................................671

Configuring PBR per VRF........................................................................................................................................... 671

PBR and VLT................................................................................................................................................................672

Sample configuration.................................................................................................................................................. 675

Track route reachability.............................................................................................................................................. 676

Use PBR to permit and block specific traffic...........................................................................................................677

View PBR configuration..............................................................................................................................................678

PBR commands........................................................................................................................................................... 678

Virtual Router Redundancy Protocol...............................................................................................................................681

Configuration................................................................................................................................................................ 681

Create virtual router....................................................................................................................................................682

Group version...............................................................................................................................................................683

Virtual IP addresses.....................................................................................................................................................683

Configure virtual IP address.......................................................................................................................................683

Configure virtual IP address in a VRF.......................................................................................................................685

Set group priority........................................................................................................................................................ 685

Authentication............................................................................................................................................................. 686

Disable preempt...........................................................................................................................................................686

Advertisement interval................................................................................................................................................687

Interface/object tracking........................................................................................................................................... 688

Configure tracking.......................................................................................................................................................688

VRRP commands........................................................................................................................................................ 689

15 Multicast................................................................................................................................695

Important notes.................................................................................................................................................................695

Configure multicast routing............................................................................................................................................. 695

Unknown multicast flood control.................................................................................................................................... 696

Enable multicast flood control................................................................................................................................... 697

Multicast Commands........................................................................................................................................................697

multicast snooping flood-restrict...............................................................................................................................697

Internet Group Management Protocol...........................................................................................................................698

Standards compliance.................................................................................................................................................698

Important notes...........................................................................................................................................................698

Supported IGMP versions..........................................................................................................................................699

Query interval.............................................................................................................................................................. 699

Last member query interval....................................................................................................................................... 699

Maximum response time............................................................................................................................................ 699

IGMP immediate leave................................................................................................................................................699

Select an IGMP version.............................................................................................................................................. 700

View IGMP-enabled interfaces and groups............................................................................................................. 700

IGMP snooping............................................................................................................................................................. 701

IGMP commands.........................................................................................................................................................702

Multicast Listener Discovery Protocol.............................................................................................................................712

MLD snooping...............................................................................................................................................................713

MLD snooping commands...........................................................................................................................................714

Protocol Independent Multicast...................................................................................................................................... 720

14

Contents

PIM terminology........................................................................................................................................................... 721

Standards compliance..................................................................................................................................................721

PIM-SM......................................................................................................................................................................... 721

PIM-SSM......................................................................................................................................................................722

Configure expiry timers for S, G entries................................................................................................................... 722

Configure static rendezvous point............................................................................................................................ 723

Configure dynamic RP using the BSR mechanism..................................................................................................723

Configure designated router priority.........................................................................................................................726

PIM commands............................................................................................................................................................726

PIM-SM sample configuration................................................................................................................................... 737

PIM-SSM sample configuration..................................................................................................................................741

Multicast VRF sample configuration...............................................................................................................................745

VLT multicast routing........................................................................................................................................................754

Multicast routing table synchronization....................................................................................................................754

IGMP message synchronization................................................................................................................................ 754

Egress mask................................................................................................................................................................. 754

Spanned VLAN.............................................................................................................................................................754

Deployment considerations........................................................................................................................................ 754

Example: Spanned L3 VLAN IIF.................................................................................................................................755

Example: Active-active PIM in a square VLT topology...........................................................................................762

VLT multicast routing show commands................................................................................................................... 792

16 VXLAN ...................................................................................................................................794

VXLAN concepts...............................................................................................................................................................794

VXLAN as NVO solution...................................................................................................................................................795

Configure VXLAN..............................................................................................................................................................795

Configure source IP address on VTEP..................................................................................................................... 796

Configure a VXLAN virtual network..........................................................................................................................796

Configure VLAN-tagged access ports......................................................................................................................797

Configure untagged access ports............................................................................................................................. 798

Enable overlay routing between virtual networks................................................................................................... 798

Advertise VXLAN source IP address ....................................................................................................................... 800

Configure VLT.............................................................................................................................................................. 801

L3 VXLAN route scaling ...................................................................................................................................................801

DHCP relay on VTEPs ..................................................................................................................................................... 803

View VXLAN configuration.............................................................................................................................................. 803

VXLAN MAC addresses................................................................................................................................................... 805

VXLAN commands............................................................................................................................................................807

hardware overlay-routing-profile...............................................................................................................................807

interface virtual-network............................................................................................................................................808

ip virtual-router address............................................................................................................................................. 808

ip virtual-router mac-address.................................................................................................................................... 809

member-interface....................................................................................................................................................... 809

nve................................................................................................................................................................................. 810

remote-vtep..................................................................................................................................................................810

show hardware overlay-routing-profile mode..........................................................................................................810

show interface virtual-network...................................................................................................................................811

show nve remote-vtep.................................................................................................................................................811

show nve remote-vtep counters............................................................................................................................... 812

show nve vxlan-vni...................................................................................................................................................... 812

Contents

15

show virtual-network...................................................................................................................................................813

show virtual-network counters.................................................................................................................................. 813

show virtual-network interface counters..................................................................................................................814

show virtual-network interface.................................................................................................................................. 814

show virtual-network vlan...........................................................................................................................................815

show vlan (virtual network)........................................................................................................................................815

source-interface loopback.......................................................................................................................................... 815

virtual-network............................................................................................................................................................. 816

virtual-network untagged-vlan...................................................................................................................................816

vxlan-vni........................................................................................................................................................................ 817

VXLAN MAC commands...................................................................................................................................................817

clear mac address-table dynamic nve remote-vtep................................................................................................ 817

clear mac address-table dynamic virtual-network................................................................................................... 817

show mac address-table count extended.................................................................................................................818

show mac address-table count nve...........................................................................................................................818

show mac address-table count virtual-network...................................................................................................... 819

show mac address-table extended...........................................................................................................................820

show mac address-table nve.....................................................................................................................................820

show mac address-table virtual-network................................................................................................................. 821

Example: VXLAN with static VTEP.................................................................................................................................822

BGP EVPN for VXLAN.....................................................................................................................................................835

BGP EVPN compared to static VXLAN................................................................................................................... 835

VXLAN BGP EVPN operation....................................................................................................................................835

Configure BGP EVPN for VXLAN............................................................................................................................. 837

VXLAN BGP EVPN routing.........................................................................................................................................841

BGP EVPN with VLT.................................................................................................................................................. 842

VXLAN BGP commands.............................................................................................................................................843

VXLAN EVPN commands.......................................................................................................................................... 846

Example: VXLAN with BGP EVPN............................................................................................................................852

Example: VXLAN BGP EVPN — Multiple AS topology .........................................................................................873

Example: VXLAN BGP EVPN — Centralized L3 gateway.................................................................................... 894

Example: VXLAN BGP EVPN — Border leaf gateway with asymmetric IRB..................................................... 896

Controller-provisioned VXLAN........................................................................................................................................ 899

Configure controller-provisioned VXLAN.................................................................................................................900

Configure and control VXLAN from VMware vCenter.......................................................................................... 903

Example: VXLAN with a controller configuration....................................................................................................906

VXLAN Controller commands.................................................................................................................................... 910

17 UFT modes..............................................................................................................................916

Configure UFT modes....................................................................................................................................................... 917

IPv6 extended prefix routes....................................................................................................................................... 918

UFT commands..................................................................................................................................................................918

hardware forwarding-table mode.............................................................................................................................. 918

hardware l3 ipv6-extended-prefix ............................................................................................................................ 919

show hardware forwarding-table mode....................................................................................................................919

show hardware forwarding-table mode all...............................................................................................................920

show hardware l3........................................................................................................................................................920

18 Security..................................................................................................................................921

16

Contents

AAA authentication............................................................................................................................................................921

User re-authentication......................................................................................................................................................922

Password strength............................................................................................................................................................922

Simple password check....................................................................................................................................................923

Obscure passwords.......................................................................................................................................................... 923

Role-based access control...............................................................................................................................................924

Assign user role..................................................................................................................................................................924

Bootloader protection.......................................................................................................................................................925

Linuxadmin user configuration.........................................................................................................................................925

AAA authentication........................................................................................................................................................... 926

RADIUS authentication.....................................................................................................................................................927

RADIUS over TLS authentication....................................................................................................................................928

TACACS+ authentication.................................................................................................................................................929

Unknown user role............................................................................................................................................................ 930

SSH server.........................................................................................................................................................................930

Virtual terminal line ACLs.................................................................................................................................................. 931

Restrict SNMP access..................................................................................................................................................... 932

Enable AAA accounting.................................................................................................................................................... 932

Enable user lockout...........................................................................................................................................................932

Limit concurrent login sessions....................................................................................................................................... 933

Enable login statistics........................................................................................................................................................933

Privilege levels .................................................................................................................................................................. 934

Configure privilege levels............................................................................................................................................934

Configure enable password........................................................................................................................................935

Audit log..............................................................................................................................................................................936

Security commands...........................................................................................................................................................937

aaa accounting.............................................................................................................................................................937

aaa authentication login..............................................................................................................................................937

aaa re-authenticate enable........................................................................................................................................ 938

boot protect disable username..................................................................................................................................938

boot protect enable username password.................................................................................................................939

clear logging audit....................................................................................................................................................... 939

crypto ssh-key generate............................................................................................................................................ 939

disable........................................................................................................................................................................... 940

enable............................................................................................................................................................................940

enable password priv-lvl..............................................................................................................................................941

ip access-class..............................................................................................................................................................941

ip radius source-interface...........................................................................................................................................942

ip tacacs source-interface..........................................................................................................................................942

ipv6 access-class.........................................................................................................................................................942

ip ssh server challenge-response-authentication....................................................................................................943

ip ssh server cipher..................................................................................................................................................... 943

ip ssh server enable.....................................................................................................................................................944

ip ssh server hostbased-authentication................................................................................................................... 944

ip ssh server kex..........................................................................................................................................................944

ip ssh server mac.........................................................................................................................................................945

ip ssh server password-authentication.....................................................................................................................946

ip ssh server port.........................................................................................................................................................946

ip ssh server pubkey-authentication.........................................................................................................................947

ip ssh server vrf........................................................................................................................................................... 947

Contents

17

line vty...........................................................................................................................................................................947

logging audit enable.....................................................................................................................................................948

login concurrent-session limit.................................................................................................................................... 948

login-statistics enable................................................................................................................................................. 948

mac address-table static............................................................................................................................................949

password-attributes....................................................................................................................................................949

password-attributes max-retry lockout-period.......................................................................................................950

privilege........................................................................................................................................................................ 950

radius-server host........................................................................................................................................................951

radius-server host tls.................................................................................................................................................. 952

radius-server retransmit.............................................................................................................................................952

radius-server timeout..................................................................................................................................................953

radius-server vrf..........................................................................................................................................................953

service obscure-password......................................................................................................................................... 953

service simple-password............................................................................................................................................ 954

show boot protect...................................................................................................................................................... 954

show crypto ssh-key...................................................................................................................................................955

show ip ssh...................................................................................................................................................................955

show mac address-table count................................................................................................................................. 956

show logging audit...................................................................................................................................................... 956

show login-statistics................................................................................................................................................... 957

show privilege.............................................................................................................................................................. 957

show running-configuration privilege....................................................................................................................... 958

show users................................................................................................................................................................... 958

system-user linuxadmin disable................................................................................................................................. 958

system-user linuxadmin password............................................................................................................................ 959

tacacs-server host......................................................................................................................................................959

tacacs-server timeout................................................................................................................................................ 960

tacacs-server vrf.........................................................................................................................................................960

username password role............................................................................................................................................. 961

username sshkey..........................................................................................................................................................961

username sshkey filename......................................................................................................................................... 962

userrole inherit............................................................................................................................................................. 963

X.509v3 certificates......................................................................................................................................................... 964

X.509v3 concepts.......................................................................................................................................................964

Public key infrastructure............................................................................................................................................ 964

Manage CA certificates..............................................................................................................................................965

Certificate revocation................................................................................................................................................. 967

Request and install host certificates.........................................................................................................................968

Self-signed certificates ...............................................................................................................................................971

Security profiles........................................................................................................................................................... 973

Cluster security............................................................................................................................................................974

X.509v3 commands.................................................................................................................................................... 976

Example: Configure RADIUS over TLS with X.509v3 certificates........................................................................986

19 OpenFlow............................................................................................................................... 988

OpenFlow logical switch instance...................................................................................................................................989

OpenFlow controller......................................................................................................................................................... 989

OpenFlow version 1.3........................................................................................................................................................989

Ports............................................................................................................................................................................. 989

18

Contents

Flow table.....................................................................................................................................................................989

Group table.................................................................................................................................................................. 990

Meter table...................................................................................................................................................................990

Instructions.................................................................................................................................................................. 990

Action set..................................................................................................................................................................... 990

Action types..................................................................................................................................................................991

Counters........................................................................................................................................................................991

OpenFlow protocol......................................................................................................................................................992

OpenFlow use cases....................................................................................................................................................... 1004

Configure OpenFlow....................................................................................................................................................... 1004

Establish TLS connection......................................................................................................................................... 1006

OpenFlow commands..................................................................................................................................................... 1006

controller.....................................................................................................................................................................1006

dpid-mac-address......................................................................................................................................................1007

in-band-mgmt............................................................................................................................................................ 1008

max-backoff............................................................................................................................................................... 1008

mode openflow-only..................................................................................................................................................1009

openflow..................................................................................................................................................................... 1009

probe-interval..............................................................................................................................................................1010

protocol-version..........................................................................................................................................................1010

rate-limit packet_in..................................................................................................................................................... 1011

show openflow.............................................................................................................................................................1011

show openflow flows................................................................................................................................................. 1012

show openflow ports..................................................................................................................................................1013

show openflow switch............................................................................................................................................... 1014

show openflow switch controllers............................................................................................................................1015

switch...........................................................................................................................................................................1015

OpenFlow-only mode commands...................................................................................................................................1016

20 Access Control Lists.............................................................................................................. 1018

IP ACLs.............................................................................................................................................................................. 1018

MAC ACLs.........................................................................................................................................................................1018

Control-plane ACLs..........................................................................................................................................................1019

Control-plane ACL qualifiers..................................................................................................................................... 1019

IP fragment handling.......................................................................................................................................................1020

L3 ACL rules.....................................................................................................................................................................1020

Assign sequence number to filter...................................................................................................................................1021

Delete ACL rule................................................................................................................................................................ 1022

L2 and L3 ACLs................................................................................................................................................................1022

Assign and apply ACL filters...........................................................................................................................................1023

Ingress ACL filters............................................................................................................................................................1024

Egress ACL filters............................................................................................................................................................ 1024

VTY ACLs..........................................................................................................................................................................1025

SNMP ACLs..................................................................................................................................................................... 1025

Clear access-list counters.............................................................................................................................................. 1025

IP prefix-lists.....................................................................................................................................................................1025

Route-maps......................................................................................................................................................................1026

Match routes....................................................................................................................................................................1027

Set conditions...................................................................................................................................................................1027

Continue clause................................................................................................................................................................1028

Contents

19

ACL flow-based monitoring............................................................................................................................................1028

Enable flow-based monitoring........................................................................................................................................1029

View ACL table utilization report...................................................................................................................................1030

Known behavior.......................................................................................................................................................... 1031

ACL logging....................................................................................................................................................................... 1031

Important notes..........................................................................................................................................................1032

ACL commands................................................................................................................................................................1032

clear ip access-list counters..................................................................................................................................... 1032

clear ipv6 access-list counters.................................................................................................................................1032

clear mac access-list counters.................................................................................................................................1033

deny............................................................................................................................................................................. 1033

deny (IPv6).................................................................................................................................................................1034

deny (MAC)................................................................................................................................................................1034

deny icmp....................................................................................................................................................................1035

deny icmp (IPv6)....................................................................................................................................................... 1036

deny ip.........................................................................................................................................................................1036

deny ipv6.....................................................................................................................................................................1037

deny tcp...................................................................................................................................................................... 1037

deny tcp (IPv6)..........................................................................................................................................................1038

deny udp..................................................................................................................................................................... 1039

deny udp (IPv6)......................................................................................................................................................... 1039

description.................................................................................................................................................................. 1040

ip access-group..........................................................................................................................................................1040

ip access-list................................................................................................................................................................1041

ip as-path access-list................................................................................................................................................. 1041

ip community-list standard deny..............................................................................................................................1042

ip community–list standard permit..........................................................................................................................1042

ip extcommunity-list standard deny........................................................................................................................ 1043

ip extcommunity-list standard permit..................................................................................................................... 1043

ip prefix-list description.............................................................................................................................................1043

ip prefix-list deny........................................................................................................................................................1044

ip prefix-list permit.....................................................................................................................................................1044

ip prefix-list seq deny.................................................................................................................................................1044

ip prefix-list seq permit..............................................................................................................................................1045

ipv6 access-group..................................................................................................................................................... 1045

ipv6 access-list...........................................................................................................................................................1046

ipv6 prefix-list deny................................................................................................................................................... 1046

ipv6 prefix-list description........................................................................................................................................ 1046

ipv6 prefix-list permit.................................................................................................................................................1047

ipv6 prefix-list seq deny............................................................................................................................................ 1047

ipv6 prefix-list seq permit......................................................................................................................................... 1047

mac access-group..................................................................................................................................................... 1048

mac access-list...........................................................................................................................................................1048

permit.......................................................................................................................................................................... 1049

permit (IPv6)..............................................................................................................................................................1049

permit (MAC).............................................................................................................................................................1050

permit icmp..................................................................................................................................................................1051

permit icmp (IPv6)..................................................................................................................................................... 1051

permit ip...................................................................................................................................................................... 1052

permit ipv6..................................................................................................................................................................1052

20

Contents

Dell EMC Networking MX9116n User guide

Related papers

Other documents