PowerSwitch S4148U-ON

Dell PowerSwitch S4148U-ON Owner's manual

  • Hello! I am an AI chatbot trained to assist you with the Dell PowerSwitch S4148U-ON Owner's manual. I’ve already reviewed the document and can help you find the information you need or explain it in simple terms. Just ask your questions, and providing more details will help me assist you more effectively!
OS10 Enterprise Edition User Guide
Release 10.4.2.0
Notes, cautions, and warnings
NOTE: A NOTE indicates important information that helps you make better use of your product.
CAUTION: A CAUTION indicates either potential damage to hardware or loss of data and tells you how to avoid the problem.
WARNING: A WARNING indicates a potential for property damage, personal injury, or death.
© 2018 Dell Inc. or its subsidiaries. All rights reserved. Dell, EMC, and other trademarks are trademarks of Dell Inc. or its subsidiaries. Other trademarks
may be trademarks of their respective owners.
2018 - 12
Rev. A01
Contents
1 Getting Started............................................................................................................................................ 24
Supported Hardware....................................................................................................................................................... 24
Download OS10 image and license................................................................................................................................ 25
Installation using ONIE.....................................................................................................................................................26
Automatic installation.................................................................................................................................................27
Manual installation......................................................................................................................................................28
Log into OS10................................................................................................................................................................... 29
Install OS10 license.......................................................................................................................................................... 30
Zero-touch deployment....................................................................................................................................................31
ZTD DHCP server conguration.............................................................................................................................. 33
ZTD provisioning script..............................................................................................................................................33
ZTD CLI batch le......................................................................................................................................................34
Post-ZTD script..........................................................................................................................................................35
ZTD commands..........................................................................................................................................................35
Remote access.................................................................................................................................................................36
Congure Management IP address..........................................................................................................................37
Management Route Conguration...........................................................................................................................37
Congure user name and password........................................................................................................................ 38
Upgrade OS10.................................................................................................................................................................. 38
CLI Basics......................................................................................................................................................................... 39
User accounts............................................................................................................................................................ 39
Key CLI features.........................................................................................................................................................39
CLI command modes.................................................................................................................................................39
CLI command hierarchy............................................................................................................................................ 40
CLI command categories.......................................................................................................................................... 40
CONFIGURATION Mode.......................................................................................................................................... 40
Command help............................................................................................................................................................ 41
Check device status.................................................................................................................................................. 42
Candidate conguration............................................................................................................................................45
Change to transaction-based conguration mode................................................................................................ 48
Copy running conguration ..................................................................................................................................... 49
Restore startup conguration ................................................................................................................................. 49
Reload system image.................................................................................................................................................50
Filter show commands.............................................................................................................................................. 50
Alias command............................................................................................................................................................ 51
Batch mode................................................................................................................................................................ 54
Linux shell commands............................................................................................................................................... 55
SSH commands......................................................................................................................................................... 56
OS9 environment commands...................................................................................................................................56
Common commands....................................................................................................................................................... 56
alias.............................................................................................................................................................................. 57
Contents
3
alias (multi-line).......................................................................................................................................................... 58
batch............................................................................................................................................................................58
boot............................................................................................................................................................................. 59
commit........................................................................................................................................................................ 59
congure..................................................................................................................................................................... 60
copy.............................................................................................................................................................................60
default (alias)...............................................................................................................................................................61
delete...........................................................................................................................................................................62
description (alias).......................................................................................................................................................62
dir................................................................................................................................................................................. 63
discard......................................................................................................................................................................... 63
do................................................................................................................................................................................. 64
feature cong-os9-style............................................................................................................................................64
exit............................................................................................................................................................................... 64
license..........................................................................................................................................................................65
line (alias).................................................................................................................................................................... 65
lock.............................................................................................................................................................................. 66
management route.................................................................................................................................................... 66
move............................................................................................................................................................................ 67
no................................................................................................................................................................................. 67
reload...........................................................................................................................................................................68
show alias....................................................................................................................................................................68
show boot...................................................................................................................................................................69
show candidate-conguration..................................................................................................................................70
show environment......................................................................................................................................................72
show inventory........................................................................................................................................................... 72
show ip management-route......................................................................................................................................73
show ipv6 management-route..................................................................................................................................73
show license status....................................................................................................................................................74
show running-conguration...................................................................................................................................... 74
show startup-conguration...................................................................................................................................... 76
show system............................................................................................................................................................... 77
show version...............................................................................................................................................................79
start............................................................................................................................................................................. 80
system......................................................................................................................................................................... 80
system identier.........................................................................................................................................................80
terminal........................................................................................................................................................................ 81
traceroute.................................................................................................................................................................... 81
unlock.......................................................................................................................................................................... 82
write.............................................................................................................................................................................83
2 Interfaces.................................................................................................................................................... 84
Ethernet interfaces..........................................................................................................................................................84
Unied port groups..........................................................................................................................................................84
L2 mode conguration.................................................................................................................................................... 85
L3 mode conguration.................................................................................................................................................... 86
4
Contents
Fibre Channel interfaces................................................................................................................................................. 86
Management interface ...................................................................................................................................................88
VLAN interfaces...............................................................................................................................................................88
User-congured default VLAN.......................................................................................................................................89
VLAN scale prole........................................................................................................................................................... 89
Loopback interfaces........................................................................................................................................................ 90
Port-channel interfaces...................................................................................................................................................90
Create port-channel................................................................................................................................................... 91
Add port member....................................................................................................................................................... 91
Minimum links.............................................................................................................................................................92
Assign Port Channel IP Address...............................................................................................................................92
Remove or disable port-channel.............................................................................................................................. 92
Load balance trac................................................................................................................................................... 92
Change hash algorithm............................................................................................................................................. 93
Congure interface ranges............................................................................................................................................. 93
Switch-port proles.........................................................................................................................................................94
S4148-ON Series port proles................................................................................................................................. 95
S4148U-ON port proles.......................................................................................................................................... 96
Congure breakout mode................................................................................................................................................97
Breakout auto-conguration...........................................................................................................................................98
Forward error correction.................................................................................................................................................99
Energy-ecient Ethernet..............................................................................................................................................100
Enable energy-ecient Ethernet........................................................................................................................... 100
Clear EEE counters.................................................................................................................................................. 100
View EEE status/statistics.......................................................................................................................................101
EEE commands......................................................................................................................................................... 101
View interface conguration......................................................................................................................................... 104
Interface commands.......................................................................................................................................................107
channel-group........................................................................................................................................................... 107
default vlan-id........................................................................................................................................................... 108
description (Interface)............................................................................................................................................. 108
duplex.........................................................................................................................................................................109
feature auto-breakout..............................................................................................................................................109
fec............................................................................................................................................................................... 110
interface breakout.....................................................................................................................................................110
interface ethernet...................................................................................................................................................... 111
interface loopback......................................................................................................................................................111
interface mgmt...........................................................................................................................................................111
interface null...............................................................................................................................................................112
interface port-channel.............................................................................................................................................. 112
interface range...........................................................................................................................................................112
interface vlan............................................................................................................................................................. 113
link-bundle-utilization................................................................................................................................................ 113
mode........................................................................................................................................................................... 114
mode l3.......................................................................................................................................................................115
Contents
5
mtu..............................................................................................................................................................................115
port-group..................................................................................................................................................................116
scale-prole vlan........................................................................................................................................................116
show interface........................................................................................................................................................... 117
show inventory media...............................................................................................................................................118
show link-bundle-utilization......................................................................................................................................119
show port-channel summary................................................................................................................................... 119
show port-group.......................................................................................................................................................120
show switch-port-prole..........................................................................................................................................121
show vlan................................................................................................................................................................... 121
shutdown...................................................................................................................................................................122
speed (Fibre Channel)............................................................................................................................................. 122
speed (Management).............................................................................................................................................. 123
switch-port-prole....................................................................................................................................................123
switchport access vlan............................................................................................................................................ 125
switchport mode.......................................................................................................................................................126
switchport trunk allowed vlan.................................................................................................................................126
3 Fibre Channel............................................................................................................................................. 127
Terminology..................................................................................................................................................................... 128
Virtual fabric....................................................................................................................................................................128
Fibre Channel zoning.......................................................................................................................................................131
F_Port on Ethernet........................................................................................................................................................ 132
Pinning FCoE trac to a specic port of a port-channel..........................................................................................133
Sample FSB conguration on VLT network.......................................................................................................... 135
Sample FC Switch conguration on VLT network................................................................................................137
Sample FSB conguration on non-VLT network.................................................................................................. 138
Sample FC Switch conguration on non-VLT network....................................................................................... 140
Conguration guidelines................................................................................................................................................. 141
F_Port commands...........................................................................................................................................................141
fc alias.........................................................................................................................................................................141
fc zone....................................................................................................................................................................... 142
fc zoneset..................................................................................................................................................................142
feature fc................................................................................................................................................................... 142
member (alias).......................................................................................................................................................... 143
member (zone)......................................................................................................................................................... 143
member (zoneset)....................................................................................................................................................144
show fc alias..............................................................................................................................................................144
show fc interface-area-id mapping........................................................................................................................ 144
show fc ns switch.....................................................................................................................................................145
show fc zone.............................................................................................................................................................145
show fc zoneset....................................................................................................................................................... 146
zone default-zone permit.........................................................................................................................................147
zoneset activate....................................................................................................................................................... 148
NPG commands............................................................................................................................................................. 148
fc port-mode F..........................................................................................................................................................148
6
Contents
feature fc npg........................................................................................................................................................... 148
show npg devices.....................................................................................................................................................149
F_Port and NPG commands.........................................................................................................................................149
clear fc statistics.......................................................................................................................................................149
fcoe ...........................................................................................................................................................................150
name.......................................................................................................................................................................... 150
show fc statistics...................................................................................................................................................... 151
show fc switch...........................................................................................................................................................151
show running-cong vfabric................................................................................................................................... 152
show vfabric..............................................................................................................................................................152
vfabric........................................................................................................................................................................153
vfabric (interface).....................................................................................................................................................153
vlan.............................................................................................................................................................................154
FIP-snooping commands...............................................................................................................................................154
feature p-snooping.................................................................................................................................................154
p-snooping enable..................................................................................................................................................155
p-snooping fc-map................................................................................................................................................ 155
p-snooping port-mode fcf ................................................................................................................................... 155
FCoE commands............................................................................................................................................................ 156
clear fcoe database..................................................................................................................................................156
clear fcoe statistics.................................................................................................................................................. 156
fcoe-pinned-port ..................................................................................................................................................... 157
fcoe max-sessions-per-enodemac......................................................................................................................... 157
fcoe priority-bits....................................................................................................................................................... 157
lldp tlv-select dcbxp-appln fcoe............................................................................................................................. 158
show fcoe enode...................................................................................................................................................... 158
show fcoe fcf............................................................................................................................................................159
show fcoe pinned-port............................................................................................................................................ 159
show fcoe sessions.................................................................................................................................................. 159
show fcoe statistics................................................................................................................................................. 160
show fcoe system..................................................................................................................................................... 161
show fcoe vlan...........................................................................................................................................................161
4 Layer 2....................................................................................................................................................... 162
802.1X...............................................................................................................................................................................162
Port authentication.................................................................................................................................................. 163
EAP over RADIUS.................................................................................................................................................... 164
Congure 802.1X...................................................................................................................................................... 164
Enable 802.1X............................................................................................................................................................165
Identity retransmissions...........................................................................................................................................166
Failure quiet period................................................................................................................................................... 167
Port control mode.....................................................................................................................................................167
Reauthenticate port.................................................................................................................................................168
Congure timeouts...................................................................................................................................................169
802.1X commands.....................................................................................................................................................170
Link Aggregation Control Protocol................................................................................................................................174
Contents
7
Modes........................................................................................................................................................................ 175
Conguration.............................................................................................................................................................175
Interfaces...................................................................................................................................................................176
Rates.......................................................................................................................................................................... 176
Sample conguration................................................................................................................................................177
LACP fallback............................................................................................................................................................180
LACP commands......................................................................................................................................................183
Link Layer Discovery Protocol.......................................................................................................................................190
Protocol data units................................................................................................................................................... 190
Optional TLVs.............................................................................................................................................................191
Organizationally-specic TLVs................................................................................................................................ 192
Media endpoint discovery....................................................................................................................................... 194
Network connectivity device.................................................................................................................................. 194
LLDP-MED capabilities TLV.................................................................................................................................... 195
Network policies TLVs............................................................................................................................................. 195
Dene network policies............................................................................................................................................196
Packet timer values.................................................................................................................................................. 197
Disable and re-enable LLDP ................................................................................................................................... 197
Disable and re-enable LLDP on management ports.............................................................................................198
Advertise TLVs..........................................................................................................................................................199
Network policy advertisement................................................................................................................................199
Fast start repeat count...........................................................................................................................................200
View LLDP conguration........................................................................................................................................200
Adjacent agent advertisements..............................................................................................................................201
Time to live............................................................................................................................................................... 202
LLDP commands......................................................................................................................................................203
Media Access Control.................................................................................................................................................... 214
Static MAC Address.................................................................................................................................................215
MAC Address Table..................................................................................................................................................215
Clear MAC Address Table........................................................................................................................................215
MAC Commands...................................................................................................................................................... 216
Multiple Spanning-Tree.................................................................................................................................................. 218
Congure MSTP.......................................................................................................................................................219
Create instances...................................................................................................................................................... 220
Root selection........................................................................................................................................................... 221
Non-Dell EMC hardware.........................................................................................................................................222
Region name or revision..........................................................................................................................................222
Modify parameters...................................................................................................................................................222
Interface parameters............................................................................................................................................... 223
EdgePort Forward trac........................................................................................................................................ 224
Spanning-tree extensions....................................................................................................................................... 224
Recover BPDU guard error disabled ports........................................................................................................... 226
MST commands.......................................................................................................................................................227
Rapid per-VLAN spanning-tree plus............................................................................................................................238
Load balance and root selection............................................................................................................................ 239
8
Contents
Enable RPVST+........................................................................................................................................................240
Select root bridge.................................................................................................................................................... 240
Root assignment...................................................................................................................................................... 242
Loop guard................................................................................................................................................................242
Global parameters....................................................................................................................................................243
RPVST+ commands.................................................................................................................................................243
Rapid Spanning-Tree Protocol.......................................................................................................................................251
Enable globally...........................................................................................................................................................251
Global parameters....................................................................................................................................................252
Interface parameters............................................................................................................................................... 253
Root bridge selection.............................................................................................................................................. 254
EdgePort forward trac.........................................................................................................................................255
Spanning-tree extensions.......................................................................................................................................255
RSTP commands..................................................................................................................................................... 257
Virtual LANs................................................................................................................................................................... 263
Default VLAN........................................................................................................................................................... 263
Create or remove VLANs........................................................................................................................................264
Access mode............................................................................................................................................................265
Trunk mode...............................................................................................................................................................266
Assign IP address.....................................................................................................................................................266
View VLAN conguration........................................................................................................................................267
VLAN commands.....................................................................................................................................................269
Port monitoring.............................................................................................................................................................. 270
Local port monitoring...............................................................................................................................................270
Remote port monitoring...........................................................................................................................................271
Encapsulated remote port monitoring...................................................................................................................273
Flow-based monitoring............................................................................................................................................274
Remote port monitoring on VLT.............................................................................................................................275
Port monitoring commands.................................................................................................................................... 277
5 Layer 3.......................................................................................................................................................282
Virtual routing and forwarding......................................................................................................................................282
Congure management VRF..................................................................................................................................282
Congure non-default VRF instances...................................................................................................................284
VRF conguration.................................................................................................................................................... 287
View VRF instance information.............................................................................................................................. 291
Static route leaking..................................................................................................................................................292
VRF commands........................................................................................................................................................294
Bidirectional Forwarding Detection............................................................................................................................. 300
BFD session states...................................................................................................................................................301
BFD three-way handshake..................................................................................................................................... 302
BFD conguration....................................................................................................................................................302
Congure BFD globally............................................................................................................................................303
BFD for BGP............................................................................................................................................................ 303
BFD for OSPF.......................................................................................................................................................... 307
BFD for Static route................................................................................................................................................. 312
Contents
9
BFD commands........................................................................................................................................................ 315
Border Gateway Protocol.............................................................................................................................................. 321
Sessions and peers.................................................................................................................................................. 322
Route reectors....................................................................................................................................................... 323
Multiprotocol BGP................................................................................................................................................... 324
Attributes.................................................................................................................................................................. 324
Selection criteria...................................................................................................................................................... 324
Weight and local preference...................................................................................................................................325
Multiexit discriminators........................................................................................................................................... 326
Origin.........................................................................................................................................................................326
AS path and next-hop............................................................................................................................................. 327
Best path selection.................................................................................................................................................. 327
More path support...................................................................................................................................................328
Advertise cost.......................................................................................................................................................... 328
4-Byte AS numbers................................................................................................................................................. 329
AS number migration...............................................................................................................................................329
Congure Border Gateway Protocol..................................................................................................................... 330
Enable BGP.............................................................................................................................................................. 330
Congure Dual Stack...............................................................................................................................................333
Congure administrative distance......................................................................................................................... 333
Peer templates......................................................................................................................................................... 334
Neighbor fall-over.................................................................................................................................................... 337
Congure password.................................................................................................................................................339
Fast external fallover...............................................................................................................................................340
Passive peering........................................................................................................................................................ 342
Local AS.................................................................................................................................................................... 342
AS number limit........................................................................................................................................................343
Redistribute routes.................................................................................................................................................. 344
Additional paths........................................................................................................................................................344
MED attributes.........................................................................................................................................................345
Local preference attribute...................................................................................................................................... 345
Weight attribute.......................................................................................................................................................346
Enable multipath.......................................................................................................................................................347
Route-map lters..................................................................................................................................................... 347
Route reector clusters...........................................................................................................................................347
Aggregate routes..................................................................................................................................................... 348
Confederations.........................................................................................................................................................349
Route dampening.....................................................................................................................................................350
Timers........................................................................................................................................................................ 351
Neighbor soft-reconguration................................................................................................................................ 351
BGP commands....................................................................................................................................................... 352
Equal cost multi-path....................................................................................................................................................385
Load balancing......................................................................................................................................................... 385
ECMP commands....................................................................................................................................................386
IPv4 routing.................................................................................................................................................................... 388
10
Contents
Assign interface IP address.................................................................................................................................... 388
Congure static routing.......................................................................................................................................... 389
Address Resolution Protocol.................................................................................................................................. 390
IPv4 routing commands..........................................................................................................................................390
IPv6 routing....................................................................................................................................................................395
Enable or disable IPv6.............................................................................................................................................395
IPv6 addresses.........................................................................................................................................................396
Stateless autoconguration.................................................................................................................................... 397
Neighbor Discovery.................................................................................................................................................398
Duplicate address discovery...................................................................................................................................399
Static IPv6 routing...................................................................................................................................................400
IPv6 destination unreachable.................................................................................................................................400
IPv6 hop-by-hop options........................................................................................................................................400
View IPv6 information..............................................................................................................................................401
IPv6 commands........................................................................................................................................................401
Internet Group Management Protocol.........................................................................................................................413
IGMP snooping......................................................................................................................................................... 413
IGMP snooping commands..................................................................................................................................... 415
Multicast Listener Discovery Protocol........................................................................................................................ 422
MLD snooping.......................................................................................................................................................... 422
MLD snooping commands......................................................................................................................................423
Open shortest path rst............................................................................................................................................... 430
Autonomous system areas......................................................................................................................................430
Areas, networks, and neighbors.............................................................................................................................430
Router types..............................................................................................................................................................431
Designated and backup designated routers......................................................................................................... 432
Link-state advertisements...................................................................................................................................... 432
Router priority.......................................................................................................................................................... 433
Shortest path rst throttling.................................................................................................................................. 434
OSPFv2.....................................................................................................................................................................435
OSPFv3.....................................................................................................................................................................468
Object tracking manager.............................................................................................................................................. 488
Interface tracking.....................................................................................................................................................489
Host tracking............................................................................................................................................................490
Set tracking delays................................................................................................................................................... 491
Object tracking......................................................................................................................................................... 491
View tracked objects................................................................................................................................................491
OTM commands...................................................................................................................................................... 492
Policy-based routing......................................................................................................................................................495
Policy-based route-maps........................................................................................................................................495
Access-list to match route-map............................................................................................................................ 495
Set address to match route-map...........................................................................................................................495
Assign route-map to interface............................................................................................................................... 496
View PBR information.............................................................................................................................................496
PBR commands........................................................................................................................................................497
Contents
11
Virtual Router Redundancy Protocol...........................................................................................................................499
Conguration........................................................................................................................................................... 500
Create virtual router.................................................................................................................................................501
Group version............................................................................................................................................................501
Virtual IP addresses.................................................................................................................................................502
Congure virtual IP address................................................................................................................................... 502
Congure virtual IP address in a VRF....................................................................................................................503
Set group priority.....................................................................................................................................................504
Authentication..........................................................................................................................................................505
Disable preempt.......................................................................................................................................................505
Advertisement interval............................................................................................................................................506
Interface/object tracking........................................................................................................................................ 507
Congure tracking................................................................................................................................................... 507
VRRP commands.................................................................................................................................................... 508
6 VXLAN ...................................................................................................................................................... 514
VXLAN concepts............................................................................................................................................................514
VXLAN as NVO solution................................................................................................................................................515
Congure VXLAN...........................................................................................................................................................516
Monitor VXLAN....................................................................................................................................................... 520
VXLAN MAC addresses..........................................................................................................................................522
VXLAN commands........................................................................................................................................................ 524
member-interface.................................................................................................................................................... 524
nve.............................................................................................................................................................................525
remote-vtep..............................................................................................................................................................525
show nve remote-vtep............................................................................................................................................526
show nve remote-vtep counters............................................................................................................................526
show nve vxlan-vni.................................................................................................................................................. 527
show virtual-network...............................................................................................................................................527
show virtual-network counters..............................................................................................................................528
show virtual-network interface counters..............................................................................................................528
show virtual-network interface..............................................................................................................................529
show virtual-network vlan...................................................................................................................................... 529
show vlan (virtual network)....................................................................................................................................530
source-interface loopback......................................................................................................................................530
virtual-network......................................................................................................................................................... 531
virtual-network untagged-vlan............................................................................................................................... 531
vxlan-vni.................................................................................................................................................................... 531
VXLAN MAC commands.............................................................................................................................................. 532
clear mac address-table dynamic nve remote-vtep............................................................................................ 532
clear mac address-table dynamic virtual-network...............................................................................................532
show mac address-table count extended.............................................................................................................533
show mac address-table count nve...................................................................................................................... 534
show mac address-table count virtual-network.................................................................................................. 534
show mac address-table extended........................................................................................................................535
show mac address-table nve................................................................................................................................. 536
12
Contents
show mac address-table virtual-network.............................................................................................................536
Example: VXLAN with static VTEP............................................................................................................................. 537
VTEP 1 Leaf Switch.................................................................................................................................................538
VTEP 2 Leaf Switch.................................................................................................................................................541
VTEP 3 Leaf Switch................................................................................................................................................ 543
VTEP 4 Leaf Switch................................................................................................................................................546
Spine Switch 1..........................................................................................................................................................548
Spine Switch 2......................................................................................................................................................... 549
BGP EVPN for VXLAN................................................................................................................................................. 549
BGP EVPN compared to static VXLAN............................................................................................................... 550
VXLAN BGP EVPN operation................................................................................................................................550
Congure BGP EVPN for VXLAN......................................................................................................................... 553
VXLAN BGP commands.........................................................................................................................................556
VXLAN EVPN commands...................................................................................................................................... 559
Example: VXLAN with BGP EVPN........................................................................................................................564
7 UFT modes................................................................................................................................................ 576
Congure UFT modes................................................................................................................................................... 577
IPv6 extended prex routes....................................................................................................................................578
UFT commands..............................................................................................................................................................579
hardware forwarding-table mode...........................................................................................................................579
hardware l3 ipv6-extended-prex .........................................................................................................................579
show hardware forwarding-table mode................................................................................................................580
show hardware forwarding-table mode all........................................................................................................... 580
show hardware l3.................................................................................................................................................... 580
8 System management................................................................................................................................. 582
Dynamic Host Conguration Protocol.........................................................................................................................582
Packet format and options..................................................................................................................................... 582
DHCP server............................................................................................................................................................ 584
Automatic address allocation................................................................................................................................. 584
Hostname resolution............................................................................................................................................... 585
Manual binding entries............................................................................................................................................586
DHCP relay agent.................................................................................................................................................... 587
View DHCP Information..........................................................................................................................................588
System domain name and list................................................................................................................................ 588
DHCP commands....................................................................................................................................................589
DNS commands.......................................................................................................................................................595
IPv4 DHCP limitations............................................................................................................................................. 597
Network Time Protocol.................................................................................................................................................598
Enable NTP.............................................................................................................................................................. 599
Broadcasts................................................................................................................................................................599
Source IP address....................................................................................................................................................600
Authentication..........................................................................................................................................................600
NTP commands........................................................................................................................................................601
System clock..................................................................................................................................................................606
Contents
13
System Clock commands....................................................................................................................................... 607
System banners............................................................................................................................................................. 608
Login banner.............................................................................................................................................................608
MOTD banner.......................................................................................................................................................... 608
System banner commands.....................................................................................................................................609
User session management............................................................................................................................................ 610
User session management commands...................................................................................................................611
Telnet server....................................................................................................................................................................612
Telnet commands..................................................................................................................................................... 612
Security............................................................................................................................................................................613
User re-authentication.............................................................................................................................................614
Password strength................................................................................................................................................... 614
Role-based access control...................................................................................................................................... 615
Assign user role.........................................................................................................................................................615
RADIUS authentication............................................................................................................................................616
TACACS+ authentication.........................................................................................................................................617
TACACS+ unknown or missing user role............................................................................................................... 617
SSH server................................................................................................................................................................ 618
Virtual terminal line...................................................................................................................................................619
Enable AAA accounting.......................................................................................................................................... 620
Enable user lockout................................................................................................................................................. 620
Limit concurrent login sessions..............................................................................................................................620
Enable login statistics...............................................................................................................................................621
Security commands..................................................................................................................................................621
Simple Network Management Protocol......................................................................................................................639
SNMP security models and levels......................................................................................................................... 639
SNMPv3................................................................................................................................................................... 640
SNMP engine ID...................................................................................................................................................... 640
SNMP groups and users.........................................................................................................................................640
SNMP views.............................................................................................................................................................640
Congure SNMP...................................................................................................................................................... 641
SNMP commands....................................................................................................................................................643
OS10 image upgrade..................................................................................................................................................... 653
Boot system partition..............................................................................................................................................654
Upgrade commands................................................................................................................................................ 654
9 OpenFlow.................................................................................................................................................. 659
OpenFlow logical switch instance............................................................................................................................... 660
OpenFlow controller......................................................................................................................................................660
OpenFlow version 1.3.................................................................................................................................................... 660
Ports..........................................................................................................................................................................660
Flow table..................................................................................................................................................................661
Group table................................................................................................................................................................661
Meter table................................................................................................................................................................661
Instructions................................................................................................................................................................661
Action set..................................................................................................................................................................662
14
Contents
Action types............................................................................................................................................................. 662
Counters................................................................................................................................................................... 663
OpenFlow protocol.................................................................................................................................................. 664
OpenFlow use cases......................................................................................................................................................678
Congure OpenFlow......................................................................................................................................................678
Establish TLS connection........................................................................................................................................679
OpenFlow commands................................................................................................................................................... 680
controller...................................................................................................................................................................680
dpid-mac-address.....................................................................................................................................................681
in-band-mgmt...........................................................................................................................................................681
max-backo..............................................................................................................................................................682
mode openow-only................................................................................................................................................682
openow................................................................................................................................................................... 683
probe-interval...........................................................................................................................................................683
protocol-version....................................................................................................................................................... 683
rate-limit packet_in..................................................................................................................................................684
show openow.........................................................................................................................................................685
show openow ows.............................................................................................................................................. 686
show openow ports...............................................................................................................................................686
show openow switch............................................................................................................................................ 688
show openow switch controllers......................................................................................................................... 688
switch........................................................................................................................................................................689
OpenFlow-only mode commands................................................................................................................................689
10 Access Control Lists.................................................................................................................................692
IP ACLs........................................................................................................................................................................... 692
MAC ACLs......................................................................................................................................................................693
Control-plane ACLs....................................................................................................................................................... 693
Control-plane ACL qualiers...................................................................................................................................694
IP fragment handling..................................................................................................................................................... 694
IP fragments ACL.................................................................................................................................................... 695
L3 ACL rules...................................................................................................................................................................695
Permit ACL with L3 information only....................................................................................................................695
Deny ACL with L3 information only.......................................................................................................................695
Permit all packets from host.................................................................................................................................. 696
Permit only rst fragments and non-fragmented packets from host...............................................................696
Assign sequence number to lter................................................................................................................................696
User-provided sequence number.......................................................................................................................... 696
Auto-generated sequence number........................................................................................................................696
Delete ACL rule.............................................................................................................................................................. 697
L2 and L3 ACLs..............................................................................................................................................................697
Assign and apply ACL lters.........................................................................................................................................698
Ingress ACL lters..........................................................................................................................................................699
Egress ACL lters.......................................................................................................................................................... 699
Clear access-list counters.............................................................................................................................................700
IP prex-lists...................................................................................................................................................................700
Contents
15
Route-maps.....................................................................................................................................................................701
Match routes.................................................................................................................................................................. 702
Set conditions.................................................................................................................................................................702
Continue clause..............................................................................................................................................................703
ACL ow-based monitoring.......................................................................................................................................... 703
Flow-based mirroring...............................................................................................................................................703
Enable ow-based monitoring......................................................................................................................................704
ACL table proles...........................................................................................................................................................705
Congure ACL table prole.....................................................................................................................................706
View ACL table utilization report..................................................................................................................................707
Known behavior....................................................................................................................................................... 708
ACL commands..............................................................................................................................................................709
acl-table-prole........................................................................................................................................................ 709
clear ip access-list counters....................................................................................................................................710
clear ipv6 access-list counters................................................................................................................................710
clear mac access-list counters................................................................................................................................710
deny.............................................................................................................................................................................711
deny (IPv6)................................................................................................................................................................ 711
deny (MAC)...............................................................................................................................................................712
deny icmp.................................................................................................................................................................. 713
deny icmp (IPv6)...................................................................................................................................................... 713
deny ip........................................................................................................................................................................714
deny ipv6................................................................................................................................................................... 714
deny tcp.....................................................................................................................................................................715
deny tcp (IPv6).........................................................................................................................................................715
deny udp.................................................................................................................................................................... 716
deny udp (IPv6)........................................................................................................................................................ 717
description.................................................................................................................................................................718
hardware acl-table-prole........................................................................................................................................718
ingress app-group.....................................................................................................................................................719
ip access-group.........................................................................................................................................................721
ip access-list..............................................................................................................................................................721
ip as-path access-list...............................................................................................................................................722
ip community-list standard deny............................................................................................................................ 722
ip community–list standard permit........................................................................................................................ 723
ip extcommunity-list standard deny.......................................................................................................................723
ip extcommunity-list standard permit....................................................................................................................724
ip prex-list description........................................................................................................................................... 724
ip prex-list deny......................................................................................................................................................724
ip prex-list permit...................................................................................................................................................725
ip prex-list seq deny...............................................................................................................................................725
ip prex-list seq permit............................................................................................................................................726
ipv6 access-group....................................................................................................................................................726
ipv6 access-list.........................................................................................................................................................727
ipv6 prex-list deny..................................................................................................................................................727
16
Contents
ipv6 prex-list description.......................................................................................................................................727
ipv6 prex-list permit...............................................................................................................................................728
ipv6 prex-list seq deny.......................................................................................................................................... 728
ipv6 prex-list seq permit....................................................................................................................................... 729
mac access-group................................................................................................................................................... 729
mac access-list.........................................................................................................................................................730
permit........................................................................................................................................................................ 730
permit (IPv6).............................................................................................................................................................731
permit (MAC)............................................................................................................................................................731
permit icmp...............................................................................................................................................................732
permit icmp (IPv6)...................................................................................................................................................732
permit ip.................................................................................................................................................................... 733
permit ipv6................................................................................................................................................................733
permit tcp................................................................................................................................................................. 734
permit tcp (IPv6)..................................................................................................................................................... 735
permit udp.................................................................................................................................................................735
permit udp (IPv6).................................................................................................................................................... 736
remark........................................................................................................................................................................737
seq deny.................................................................................................................................................................... 737
seq deny (IPv6)........................................................................................................................................................738
seq deny (MAC).......................................................................................................................................................739
seq deny icmp.......................................................................................................................................................... 739
seq deny icmp (IPv6).............................................................................................................................................. 740
seq deny ip................................................................................................................................................................740
seq deny ipv6............................................................................................................................................................ 741
seq deny tcp............................................................................................................................................................. 742
seq deny tcp (IPv6)................................................................................................................................................. 743
seq deny udp............................................................................................................................................................ 744
seq deny udp (IPv6)................................................................................................................................................ 745
seq permit................................................................................................................................................................. 746
seq permit (IPv6).....................................................................................................................................................746
seq permit (MAC).................................................................................................................................................... 747
seq permit icmp........................................................................................................................................................747
seq permit icmp (IPv6)............................................................................................................................................748
seq permit ip............................................................................................................................................................. 749
seq permit ipv6.........................................................................................................................................................749
seq permit tcp..........................................................................................................................................................750
seq permit tcp (IPv6)...............................................................................................................................................751
seq permit udp......................................................................................................................................................... 752
seq permit udp (IPv6)............................................................................................................................................. 753
show access-group................................................................................................................................................. 753
show access-lists.....................................................................................................................................................754
show acl-table-prole..............................................................................................................................................756
show acl-table-usage detail.................................................................................................................................... 757
show ip as-path-access-list ...................................................................................................................................760
Contents
17
show ip community-list........................................................................................................................................... 760
show ip extcommunity-list.......................................................................................................................................761
show ip prex-list......................................................................................................................................................761
Route-map commands...................................................................................................................................................761
continue.................................................................................................................................................................... 762
match as-path.......................................................................................................................................................... 762
match community.................................................................................................................................................... 762
match extcommunity...............................................................................................................................................763
match interface........................................................................................................................................................ 763
match ip address......................................................................................................................................................763
match ip next-hop....................................................................................................................................................764
match ipv6 address..................................................................................................................................................764
match ipv6 next-hop............................................................................................................................................... 765
match metric............................................................................................................................................................ 765
match origin..............................................................................................................................................................765
match route-type.....................................................................................................................................................766
match tag..................................................................................................................................................................766
route-map................................................................................................................................................................. 766
set comm-list add.................................................................................................................................................... 767
set comm-list delete................................................................................................................................................ 767
set community..........................................................................................................................................................768
set extcomm-list add...............................................................................................................................................768
set extcomm-list delete...........................................................................................................................................769
set extcommunity.................................................................................................................................................... 769
set local-preference.................................................................................................................................................769
set metric..................................................................................................................................................................770
set metric-type.........................................................................................................................................................770
set next-hop.............................................................................................................................................................. 771
set origin.................................................................................................................................................................... 771
set tag........................................................................................................................................................................772
set weight................................................................................................................................................................. 772
show route-map.......................................................................................................................................................772
11 Quality of service.......................................................................................................................................774
Congure quality of service.......................................................................................................................................... 774
Ingress trac classication...........................................................................................................................................776
Data trac classication.........................................................................................................................................776
Control-plane policing...............................................................................................................................................781
Egress trac classication........................................................................................................................................... 785
Policing trac.................................................................................................................................................................786
Mark Trac.....................................................................................................................................................................787
Color trac..................................................................................................................................................................... 787
Modify packet elds...................................................................................................................................................... 788
Shaping trac................................................................................................................................................................ 788
Bandwidth allocation..................................................................................................................................................... 788
Strict priority queuing....................................................................................................................................................789
18
Contents
Buer management.......................................................................................................................................................790
Congure ingress buer.......................................................................................................................................... 791
Congure egress buer...........................................................................................................................................792
Congestion avoidance................................................................................................................................................... 792
Storm control..................................................................................................................................................................794
RoCE for faster access and lossless connectivity..................................................................................................... 794
Congure RoCE on the switch...............................................................................................................................794
QoS commands..............................................................................................................................................................795
bandwidth.................................................................................................................................................................796
class...........................................................................................................................................................................796
class-map..................................................................................................................................................................796
clear interface ..........................................................................................................................................................797
clear qos statistics....................................................................................................................................................797
clear qos statistics type.......................................................................................................................................... 798
control-plane............................................................................................................................................................ 798
control-plane-buer-size........................................................................................................................................ 799
owcontrol................................................................................................................................................................799
match........................................................................................................................................................................ 800
match cos.................................................................................................................................................................800
match dscp................................................................................................................................................................801
match precedence....................................................................................................................................................801
match queue.............................................................................................................................................................802
match vlan................................................................................................................................................................ 802
mtu............................................................................................................................................................................ 802
pause.........................................................................................................................................................................803
pfc-cos......................................................................................................................................................................803
pfc-max-buer-size.................................................................................................................................................804
pfc-shared-buer-size............................................................................................................................................ 804
pfc-shared-headroom-buer-size.........................................................................................................................805
police.........................................................................................................................................................................805
policy-map................................................................................................................................................................ 806
priority.......................................................................................................................................................................806
priority-ow-control mode......................................................................................................................................807
qos-group dot1p.......................................................................................................................................................807
qos-group dscp........................................................................................................................................................ 807
queue-limit................................................................................................................................................................808
queue bandwidth.....................................................................................................................................................809
queue qos-group......................................................................................................................................................809
random-detect (interface)...................................................................................................................................... 810
random-detect (queue)........................................................................................................................................... 810
random-detect color................................................................................................................................................ 810
random-detect ecn................................................................................................................................................... 811
random-detect ecn................................................................................................................................................... 811
random-detect pool.................................................................................................................................................. 811
random-detect weight............................................................................................................................................. 812
Contents
19
service-policy............................................................................................................................................................ 812
set cos........................................................................................................................................................................813
set dscp..................................................................................................................................................................... 813
set qos-group............................................................................................................................................................813
shape..........................................................................................................................................................................814
show class-map........................................................................................................................................................ 814
show control-plane buers..................................................................................................................................... 815
show control-plane buer-stats............................................................................................................................. 815
show control-plane info........................................................................................................................................... 816
show control-plane statistics.................................................................................................................................. 817
show interface priority-ow-control.......................................................................................................................817
show qos interface...................................................................................................................................................818
show policy-map.......................................................................................................................................................818
show qos control-plane........................................................................................................................................... 819
show qos egress bufers interface........................................................................................................................819
show egress buer-stats interface........................................................................................................................820
show qos ingress buers interface........................................................................................................................820
show ingress buer-stats interface........................................................................................................................821
show queuing statistics........................................................................................................................................... 821
show qos system..................................................................................................................................................... 822
show qos system buers........................................................................................................................................822
show qos maps........................................................................................................................................................ 824
show qos wred-prole.............................................................................................................................................826
system qos................................................................................................................................................................826
trust-map.................................................................................................................................................................. 827
trust dot1p-map........................................................................................................................................................827
trust dscp-map........................................................................................................................................................ 828
qos-map trac-class...............................................................................................................................................828
trust-map..................................................................................................................................................................828
wred...........................................................................................................................................................................829
12 Virtual Link Trunking.................................................................................................................................830
Terminology..................................................................................................................................................................... 831
VLT domain......................................................................................................................................................................831
VLT interconnect............................................................................................................................................................832
Congure VLT................................................................................................................................................................ 832
RSTP conguration................................................................................................................................................. 833
RPVST+ conguration.............................................................................................................................................833
Create VLT domain.................................................................................................................................................. 834
VLTi conguration....................................................................................................................................................835
Congure VLT MAC address..................................................................................................................................835
Delay restore timer.................................................................................................................................................. 836
VLT backup...............................................................................................................................................................836
Congure VLT port-channel...................................................................................................................................839
VLT unicast routing..................................................................................................................................................840
VRRP Optimized Forwarding....................................................................................................................................... 840
20
Contents
/