Addendum for Dell Networking OS 9.3(0.
Notes, Cautions, and Warnings NOTE: A NOTE indicates important information that helps you make better use of your computer. CAUTION: A CAUTION indicates either potential damage to hardware or loss of data and tells you how to avoid the problem. WARNING: A WARNING indicates a potential for property damage, personal injury, or death. © 2013 Dell Inc. All Rights Reserved.
Contents 1 About this Document.............................................................................................23 Audience..............................................................................................................................................23 Conventions........................................................................................................................................ 23 Related Documents.................................................................
deny (for Standard MAC ACLs)............................................................................................................57 deny (for Extended MAC ACLs).......................................................................................................... 58 permit arp (for Extended MAC ACLs)................................................................................................. 59 permit ether-type (for Extended MAC ACLs)...........................................................
PFC Configuration Notes.............................................................................................................. 91 PFC Prerequisites and Restrictions............................................................................................... 92 ETS Configuration Notes.............................................................................................................. 92 ETS Prerequisites and Restrictions.......................................................................
Enabling and Disabling Management Egress Interface Selection................................................... 122 Handling of Management Route Configuration.............................................................................. 123 Handling of Switch-Initiated Traffic................................................................................................. 124 Handling of Switch-Destined Traffic................................................................................................
encapsulation dot1q..........................................................................................................................145 9 Interfaces................................................................................................................ 147 Enabling the Management Address TLV on All Interfaces of an Aggregator..................................147 Enhanced Validation of Interface Ranges........................................................................................
ip route bfd (for S6000).................................................................................................................... 174 S6000...........................................................................................................................................174 Configure BFD for Static Routes.......................................................................................................175 Related Configuration Tasks......................................................
S6000Z9000............................................................................................................................... 199 service-class wred...................................................................................................................... 200 service-class wred ecn..................................................................................................................... 201 Z9000 ...............................................................................
tacacs-server key.............................................................................................................................. 232 timeout login response.....................................................................................................................233 Understanding Banner Settings........................................................................................................233 AAA Authentication..................................................................
Scenarios for VLAN Membership and MAC Synchrnoization With VLT Nodes in PVLAN........265 Configuring a VLT VLAN or LAG in a PVLAN....................................................................................267 Creating a VLT LAG or a VLT VLAN............................................................................................ 267 Associating the VLT LAG or VLT VLAN in a PVLAN....................................................................268 show vlt private-vlan...........................
set-pgid............................................................................................................................................. 298 show dcb...........................................................................................................................................299 show interface dcbx detail............................................................................................................... 299 show interface ets...............................................
interface.............................................................................................................................................335 interface ManagementEthernet....................................................................................................... 336 interface range.................................................................................................................................. 337 interface vlan..........................................................
port-channel-protocol lacp.............................................................................................................369 Configuration Tasks for Port Channel Interfaces............................................................................369 Creating a Port Channel................................................................................................................... 370 Adding a Physical Interface to a Port Channel..........................................................
service-class dot1p-mapping...........................................................................................................392 Z9000 S4810 S4820T................................................................................................................. 392 service-class bandwidth-percentage.............................................................................................. 392 Policy-Based QoS Commands................................................................................
33 Storm Control..................................................................................................... 427 Important Points to Remember....................................................................................................... 427 show storm-control unknown-unicast........................................................................................... 427 Z-Series S4810 S4820TS6000..................................................................................................
Z-Series S4810 S4820T.............................................................................................................. 447 lacp ungroup member-independent...............................................................................................448 Z-Series S4810 S4820T.............................................................................................................. 448 peer-link port-channel........................................................................................
FC Flex IO Modules Overview.......................................................................................................... 477 FC Flex IO Module Capabilities and Operations..............................................................................478 Guidelines for Working with FC Flex IO Modules............................................................................479 Port Numbering for FC Flex IO Modules...................................................................................
priority-group bandwidth pfc.....................................................................................................507 priority-group qos-policy...........................................................................................................508 priority-list...................................................................................................................................509 qos-policy-output ets..........................................................................
Configure a DCBx Operation........................................................................................................... 544 DCBx Operation..........................................................................................................................544 DCBx Port Roles..........................................................................................................................544 DCB Configuration Exchange...................................................................
M I/O Aggregator and MXL 10/40GbE Switch with the FC Flex IO module.............................579 show fcoe-map.................................................................................................................................581 M I/O Aggregator and MXL 10/40GbE Switch with the FC Flex IO module.............................581 show npiv devices.............................................................................................................................
About this Document 1 This document describes the new functionalities and enhancements in the Dell Networking OS Release version 9.3.0.0. All of the behavioral-changes and new features are covered in this single, consolidated Addendum. Use this document in conjunction with the hardware and software manuals of Release 9.2.0.0, which contains comprehensive information on the working and usage of the different platforms and their associated functionalities.
x||y Keywords and parameters separated by a double bar allows you to choose any or all of the options.
802.1X on the MXL 10/40GbE Switch 2 In Dell Networking OS Release 9.3(0.0), the MXL 10/40GbE Switch supports 802.1X port authentication. 802.1X is a method of port security. A device connected to a port that is enabled with 802.1X is disallowed from sending or receiving packets on the network until its identity can be verified (through a username and password, for example). For details on the command syntaxes and the keywords, refer the 802.1X chapter of the MXL Command Reference Guide of Release 9.2(0.
ACL VLAN Groups and Content Addressable Memory (CAM) 3 This chapter describes the ACL VLAN group and CAM enhancements, and contains the following sections: • Optimizing CAM Utilization During the Attachment of ACLs to VLANs • Allocating FP Blocks for VLAN Processes Optimizing CAM Utilization During the Attachment of ACLs to VLANs This functionality is supported on the S4810, S4820T, Z9000, I/O Aggregator and MXL platforms.
the ACL VLAN groups present on the system, an appropriate error message is displayed.
counters, Open Flow, ACL optimization) can be allocated virtual flow processing slices at a point in time. • The maximum number of VLANs that you can configure as a member of ACL VLAN groups is limited to 512 on the S4180, Z9000, and MXL switches if two slices are allocated. If only one virtual flow processing slice is allocated, the maximum number of VLANs that you can configure as a member of an ACL VLAN group is 256 for the S4810, Z9000, and MXL switches.
3. Apply an egress IP ACL to the ACL VLAN group. CONFIGURATION (conf-acl-vl-grp) mode ip access-group {group name} out implicit-permit 4. Add VLAN member(s) to an ACL VLAN group. CONFIGURATION (conf-acl-vl-grp) mode member vlan {VLAN-range} 5. Display all the ACL VLAN Groups or display a specific ACL VLAN Group, identified by name.
4. View the number of flow processor (FP) blocks that is allocated for the different VLAN services.
The following sample output displays the CAM space utilization when Layer 2 and Layer 3 ACLs are configured: Dell#show cam-usage acl Linecard|Portpipe| CAM Partition | Total CAM | Used CAM |Available CAM ========|========|=================|=============|=============|============ 11 | 0 | IN-L2 ACL | 1008 | 0 | 1008 | | IN-L3 ACL | 12288 | 2 | 12286 | | OUT-L2 ACL | 1024 | 2 | 1022 | | OUT-L3 ACL | 1024 | 0 | 1024 The following sample output displays the CAM space utilization for Layer 2 ACLs: Dell#show cam
• To allocate the number of FP blocks for VLAN iSCSI counters , use the cam-acl-vlan vlaniscsi <0-2> command. • To allocate the number of FP blocks for ACL VLAN optimization feature, use the cam-acl-vlan vlanaclopt <0-2> command. You can use the no version of these commands to reset the number of FP blocks to default. By default, 0 groups are allocated for the ACL in VCAP. ACL VLAN groups or CAM optimization is not enabled by default, and you need to allocate the slices for CAM optimization.
ip access-group Apply an egress IP ACL to the ACL VLAN group. Syntax Parameters ip access-group {group name} out implicit-permit group-name Enter the name of the ACL VLAN group where you want the egress IP ACLs applied, up to 140 characters. out Enter the keyword out to apply the ACL to outgoing traffic.
Usage Information When an ACL-VLAN-Group name or the Access List Group Name contains more than 30 characters, the name is truncated in the show acl-vlan-group command output. Examples The following sample illustrates the output of the show acl-vlan-group command. NOTE: Some group names and some access list names are truncated.
Dell# show cam-acl-vlan Display the number of flow processor (FP) blocks that is allocated for the different VLAN services. Syntax show cam-acl-vlan Command Modes EXEC Privilege Command History Usage Information Version 9.3.0.0 Introduced on the S4810, S4820T, Z9000, I/O Aggregator and MXL platforms. After CAM configuration for ACL VLAN groups is performed, you must reboot the system to enable the settings to be stored in nonvolatile storage.
VlanOpenFlow VlanIscsi VlanHp VlanFcoe VlanAclOpt : : : : : 0 0 2 1 1 -- Stack unit 0 -Current Settings(in block sizes) VlanOpenFlow : 0 VlanIscsi : 2 VlanHp : 1 VlanFcoe : 1 VlanAclOpt : 0 cam-acl-vlan Allocate the number of flow processor (FP) blocks or entries for VLAN services and processes. Syntax Parameters cam-acl-vlan { default | vlanopenflow <0-2> | vlaniscsi <0-2> | vlanaclopt <0-2> default Reset the number of FP blocks to default. By default, 0 groups are allocated for the ACL in VCAP.
show cam-usage View the amount of CAM space available, used, and remaining in each partition (including IPv4Flow and Layer 2 ACL sub-partitions). Syntax Parameters Command Modes Command History Usage Information show cam-usage [acl | router | switch] acl (OPTIONAL) Enter the keyword acl to display Layer 2 and Layer 3 ACL CAM usage. router (OPTIONAL) Enter the keyword router to display Layer 3 CAM usage. switch (OPTIONAL) Enter the keyword switch to display Layer 2 CAM usage.
Example 1: Output of the show camusage Command Example 2: Output of the show camusage acl Command Dell#show cam-usage Linecard|Portpipe| CAM Partition | Total CAM | |Available CAM ========|========|=================|=============| =============|============== 1 | 0 | IN-L2 ACL | 1008 | | 688 | | IN-L2 FIB | 32768 | | 31636 | | IN-L3 ACL | 12288 | | 12286 | | IN-L3 FIB | 262141 | | 262127 | | IN-L3-SysFlow | 2878 | | 2833 | | IN-L3-TrcList | 1024 | | 1024 | | IN-L3-McastFib | 9215 | | 9215 | | IN-L3-Qos |
0 Example 3: Output of the show camusage router Command Example 4: Output of the show camusage switch Command 40 | | 1024 | OUT-L3 ACL | 1024 | Dell#show cam-usage router Linecard|Portpipe| CAM Partition | Total CAM | |Available CAM ========|========|=================|=============| =============|============== 11 | 0 | IN-L3 ACL | 8192 | | 8189 | | IN-L3 FIB | 196607 | | 196606 | | IN-L3-SysFlow | 2878 | | 2878 | | IN-L3-TrcList | 1024 | | 1024 | | IN-L3-McastFib | 9215 | | 9215 | | IN-L3-Qos | 8
show running config acl-vlan-group Display the running configuration of all or a given ACL VLAN group. Syntax Parameters show running config acl-vlan-group group name group-name Default None Command Modes EXEC Command History Examples Display only the ACL VLAN group that is specified. The maximum group name is 140 characters. EXEC Privilege Version 9.3.0.
Default No default behavior or values Command Modes CONFIGURATION Command History Usage Information Version 9.3.0.0 Introduced on the S4810, S4820T, Z9000, I/O Aggregator, and MXL platforms You can have up to eight different ACL VLAN groups at any given time. When you configure an ACL VLAN group, you enter the ACL VLAN Group Configuration mode.
Examples The following sample output shows the line-by-line style display when using the show acl-vlan-group detail option.
Access Control Lists 4 This chapter describes the access control list (ACL) enhancements and contains the following sections: • Logging of ACL Processes Logging of ACL Processes This functionality is supported on the S4810, S4820T, Z9000, I/O Aggregator and MXL platforms. To assist in streamlined, robust administration and management of traffic that traverses the device after being validated by the configured ACLs, you can enable the generation of logs for access control list (ACL) processes.
The ACL application sends the ACL logging configuration information and other details, such as the action, sequence number, and the ACL parameters that pertains to that ACL entry. The ACL service collects the ACL log records and records the following attributes per log message. • For non-IP packets, the ACL name, sequence number, ACL action (permit or deny), source and destination MAC addresses, EtherType, and ingress interface are the logged attributes.
• A timer control of 30 seconds is present in the ACL agent module, the expiry of which causes the log records that are collocted until that time are transmitted to the ACL manager for logging. An interprocess communication (IPC) message is sent to the ACL manager by the ACL agent when a maximum of 15 records are collected or the 30-second timer period is exceeded.
deny (for Standard IP ACLs) To drop packets with a certain IP address, configure a filter. NOTE: Only the options that have been newly introduced are described here. For a complete description on all of the keywords and variables that are available with this command, refer the respective Command Reference Guide of the applicable platform of the Release 9.2.0.0 documentation set.
and extended MAC ACLs. You can configure ACL logging only on ACLs that are applied to ingress interfaces; you cannot enable logging for ACLs that are associated with egress interfaces. Related Commands ip access-list standard — configures a standard ACL. permit — configures a permit filter. deny (for Extended IP ACLs) Configure a filter that drops IP packets meeting the filter criteria. NOTE: Only the options that have been newly introduced are described here.
Usage Information When the configured maximum threshold is exceeded, generation of logs is stopped. When the interval at which ACL logs are configured to be recorded expires, the subsequent, fresh interval timer is started and the packet count for that new interval commences from zero. If ACL logging was stopped previously because the configured threshold is exceeded, it is reenabled for this new interval.
Command History Usage Information Version 9.3.0.0 Added support for logging of ACLs on the S4810, S4820T, Z9000, M I/O Aggregator and MXL 10/40GbE Switch IO Module platforms. When the configured maximum threshold is exceeded, generation of logs is stopped. When the interval at which ACL logs are configured to be recorded expires, the subsequent, fresh interval timer is started and the packet count for that new interval commences from zero.
interval minutes Defaults (OPTIONAL) Enter the keyword interval followed by the time period in minutes at which ACL logs must be generated. You can enter an interval in the range of 1-10 minutes. By default, 10 ACL logs are generated if you do not specify the threshold explicitly. The default frequency at which ACL logs are generated is 5 minutes. Command Modes Command History Usage Information CONFIGURATION-EXTENDED-ACCESS-LIST Version 9.3.0.
Parameters Defaults log (OPTIONAL) Enter the keyword log to enable the triggering of ACL log messages. threshold-in msgs count (OPTIONAL) Enter the threshold-in-msgs keyword followed by a value to indicate the maximum number of ACL logs that can be generated, exceeding which the generation of ACL logs is terminated. with the seq, permit, or deny commands. You can enter a threshold in the range of 1-100.
To remove this filter, you have two choices: • • Parameters Defaults Use the no seq sequence-number command if you know the filter’s sequence number. Use the no deny arp {destination-mac-address mac-address-mask | any} vlan vlan-id {ip-address | any | opcode code-number} command. log (OPTIONAL) Enter the keyword log to enable the triggering of ACL log messages.
Syntax deny icmp {source mask | any | host ip-address} {destination mask | any | host ip-address} [dscp] [message-type] [count [byte]] [order] [fragments] [log [interval minutes] [thresholdin-msgs [count]] To remove this filter, you have two choices: Parameters Defaults • Use the no seq sequence-number command if you know the filter’s sequence number. • Use the no deny icmp {source mask | any | host ip-address} {destination mask | any | host ip-address} command.
deny ether-type (for Extended MAC ACLs) Configure an egress filter that drops specified types of Ethernet packets on egress ACL supported line cards. (For more information, refer to your line card documentation).
applied to ingress interfaces; you cannot enable logging for ACLs that are associated with egress interfaces. deny (for Standard MAC ACLs) To drop packets with a the MAC address specified, configure a filter. NOTE: Only the options that have been newly introduced are described here. For a complete description on all of the keywords and variables that are available with this command, refer the respective Command Reference Guide of the applicable platform of the Release 9.2.0.0 documentation set.
standard and extended IPv4 ACLs, standard and extended IPv6 ACLs, and standard and extended MAC ACLs. You can configure ACL logging only on ACLs that are applied to ingress interfaces; you cannot enable logging for ACLs that are associated with egress interfaces. Related Commands permit — configures a MAC address filter to pass packets. seq — configures a MAC address filter with a specified sequence number. deny (for Extended MAC ACLs) To drop packets that match the filter criteria, configure a filter.
Usage Information When the configured maximum threshold is exceeded, generation of logs is stopped. When the interval at which ACL logs are configured to be recorded expires, the subsequent, fresh interval timer is started and the packet count for that new interval commences from zero. If ACL logging was stopped previously because the configured threshold is exceeded, it is reenabled for this new interval.
Command Modes Command History Usage Information CONFIGURATION-EXTENDED-ACCESS-LIST Version 9.3.0.0 Added support for logging of ACLs on the S4810, S4820T, Z9000, M I/O Aggregator and MXL 10/40GbE Switch IO Module platforms. When the configured maximum threshold is exceeded, generation of logs is stopped. When the interval at which ACL logs are configured to be recorded expires, the subsequent, fresh interval timer is started and the packet count for that new interval commences from zero.
interval minutes Defaults (OPTIONAL) Enter the keyword interval followed by the time period in minutes at which ACL logs must be generated. You can enter an interval in the range of 1-10 minutes. By default, 10 ACL logs are generated if you do not specify the threshold explicitly. The default frequency at which ACL logs are generated is 5 minutes. Command Modes Command History Usage Information CONFIGURATION-EXTENDED-ACCESS-LIST Version 9.3.0.
Defaults threshold-in msgs count (OPTIONAL) Enter the threshold-in-msgs keyword followed by a value to indicate the maximum number of ACL logs that can be generated, exceeding which the generation of ACL logs is terminated. with the seq, permit, or deny commands. You can enter a threshold in the range of 1-100. interval minutes (OPTIONAL) Enter the keyword interval followed by the time period in minutes at which ACL logs must be generated. You can enter an interval in the range of 1-10 minutes.
Parameters Defaults log (OPTIONAL) Enter the keyword log to enable the triggering of ACL log messages. threshold-in msgs count (OPTIONAL) Enter the threshold-in-msgs keyword followed by a value to indicate the maximum number of ACL logs that can be generated, exceeding which the generation of ACL logs is terminated. with the seq, permit, or deny commands. You can enter a threshold in the range of 1-100.
Syntax permit {source mask | any | host ip-address} {destination mask | any | host ip-address} [count [bytes]] [dscp value] [order] [fragments] [log [interval minutes] [threshold-in-msgs [count]] To remove this filter, you have two choices: Parameters Defaults • Use the no seq sequence-number command if you know the filter’s sequence number. • Use the no deny {source mask | any | host ip-address} {destination mask | any | host ip-address} command.
permit (for Standard MAC ACLs) To forward packets from a specific source MAC address, configure a filter. NOTE: Only the options that have been newly introduced are described here. For a complete description on all of the keywords and variables that are available with this command, refer the respective Command Reference Guide of the applicable platform of the Release 9.2.0.0 documentation set.
and extended MAC ACLs. You can configure ACL logging only on ACLs that are applied to ingress interfaces; you cannot enable logging for ACLs that are associated with egress interfaces. Related Commands deny — configures a MAC ACL filter to drop packets. seq —configure a MAC ACL filter with a specified sequence number. seq (for Standard MAC ACLs) To a deny or permit filter in a MAC access list while creating the filter, assign a sequence number.
standard and extended IPv4 ACLs, standard and extended IPv6 ACLs, and standard and extended MAC ACLs. You can configure ACL logging only on ACLs that are applied to ingress interfaces; you cannot enable logging for ACLs that are associated with egress interfaces. Related Commands deny — configures a filter to drop packets. permit — configures a filter to forward packets. permit tcp (for Extended IP ACLs) To pass TCP packets meeting the filter criteria, configure a filter.
Usage Information When the configured maximum threshold is exceeded, generation of logs is stopped. When the interval at which ACL logs are configured to be recorded expires, the subsequent, fresh interval timer is started and the packet count for that new interval commences from zero. If ACL logging was stopped previously because the configured threshold is exceeded, it is reenabled for this new interval.
Command Modes Command History Usage Information CONFIGURATION-EXTENDED-ACCESS-LIST Version 9.3.0.0 Added support for logging of ACLs on the S4810, S4820T, Z9000, M I/O Aggregator and MXL 10/40GbE Switch IO Module platforms. When the configured maximum threshold is exceeded, generation of logs is stopped. When the interval at which ACL logs are configured to be recorded expires, the subsequent, fresh interval timer is started and the packet count for that new interval commences from zero.
Defaults By default, 10 ACL logs are generated if you do not specify the threshold explicitly. The default frequency at which ACL logs are generated is 5 minutes. Command Modes Command History Usage Information CONFIGURATION-EXTENDED-ACCESS-LIST Version 9.3.0.0 Added support for logging of ACLs on the S4810, S4820T, Z9000, M I/O Aggregator and MXL 10/40GbE Switch IO Module platforms. When the configured maximum threshold is exceeded, generation of logs is stopped.
Defaults By default, 10 ACL logs are generated if you do not specify the threshold explicitly. The default frequency at which ACL logs are generated is 5 minutes. Command Modes Command History Usage Information CONFIGURATION-EXTENDED-ACCESS-LIST Version 9.3.0.0 Added support for logging of ACLs on the S4810, S4820T, Z9000, M I/O Aggregator and MXL 10/40GbE Switch IO Module platforms. When the configured maximum threshold is exceeded, generation of logs is stopped.
interval minutes Defaults (OPTIONAL) Enter the keyword interval followed by the time period in minutes at which ACL logs must be generated. You can enter an interval in the range of 1-10 minutes. By default, 10 ACL logs are generated if you do not specify the threshold explicitly. The default frequency at which ACL logs are generated is 5 minutes. Command Modes Command History Usage Information ACCESS-LIST Version 9.3.0.
Parameters Defaults log (OPTIONAL) Enter the keyword log to enable the triggering of ACL log messages. threshold-in msgs count (OPTIONAL) Enter the threshold-in-msgs keyword followed by a value to indicate the maximum number of ACL logs that can be generated, exceeding which the generation of ACL logs is terminated. with the seq, permit, or deny commands. You can enter a threshold in the range of 1-100.
address} [bit] [operator port [port]] [count [byte]] [log [interval minutes] [threshold-in-msgs [count]] To remove this filter, you have two choices: Parameters Defaults • Use the no seq sequence-number command if you know the filter’s sequence number. • Use the no permit tcp {source address mask | any | host ipv6address} {destination address | any | host ipv6-address} command. log (OPTIONAL) Enter the keyword log to enable the triggering of ACL log messages.
permit icmp (for IPv6 ACLs) To allow all or specific internet control message protocol (ICMP) messages, configure a filter. NOTE: Only the options that have been newly introduced are described here. For a complete description on all of the keywords and variables that are available with this command, refer the respective Command Reference Guide of the applicable platform of the Release 9.2.0.0 documentation set.
standard and extended IPv4 ACLs, standard and extended IPv6 ACLs, and standard and extended MAC ACLs. You can configure ACL logging only on ACLs that are applied to ingress interfaces; you cannot enable logging for ACLs that are associated with egress interfaces. permit (for IPv6 ACLs) To configure a filter that matches the filter criteria, select an IPv6 protocol number, ICMP, IPv6, TCP, or UDP. NOTE: Only the options that have been newly introduced are described here.
new interval commences from zero. If ACL logging was stopped previously because the configured threshold is exceeded, it is reenabled for this new interval. If ACL logging is stopped because the configured threshold is exceeded, it is reenabled after the logging interval period elapses. ACL logging is supported for standard and extended IPv4 ACLs, standard and extended IPv6 ACLs, and standard and extended MAC ACLs.
Command History Usage Information Version 9.3.0.0 Added support for logging of ACLs on the S4810, S4820T, Z9000, M I/O Aggregator and MXL 10/40GbE Switch IO Module platforms. When the configured maximum threshold is exceeded, generation of logs is stopped. When the interval at which ACL logs are configured to be recorded expires, the subsequent, fresh interval timer is started and the packet count for that new interval commences from zero.
interval minutes Defaults (OPTIONAL) Enter the keyword interval followed by the time period in minutes at which ACL logs must be generated. You can enter an interval in the range of 1-10 minutes. By default, 10 ACL logs are generated if you do not specify the threshold explicitly. The default frequency at which ACL logs are generated is 5 minutes. Command Modes Command History Usage Information ACCESS-LIST Version 9.3.0.
Parameters Defaults log (OPTIONAL) Enter the keyword log to enable the triggering of ACL log messages. threshold-in msgs count (OPTIONAL) Enter the threshold-in-msgs keyword followed by a value to indicate the maximum number of ACL logs that can be generated, exceeding which the generation of ACL logs is terminated. with the seq, permit, or deny commands. You can enter a threshold in the range of 1-100.
• Parameters Defaults Use the no deny {ipv6-protocol-number | icmp | ipv6 | tcp | udp} command log (OPTIONAL) Enter the keyword log to enable the triggering of ACL log messages. threshold-in msgs count (OPTIONAL) Enter the threshold-in-msgs keyword followed by a value to indicate the maximum number of ACL logs that can be generated, exceeding which the generation of ACL logs is terminated. with the seq, permit, or deny commands. You can enter a threshold in the range of 1-100.
When a packet arrives at a port that is being monitored, the packet is validated against the configured ACL rules. If the packet matches an ACL rule, the system examines corresponding flow processor to perform the action specified for that port. If mirroring action is set in the flow processor entry, the destination port details, which indicates the port on the device to which the mirrored information must be sent, are sent to the destination port.
The show running-config monitor session displays whether flow-based monitoring is enabled for a particular session. Example Output of the show Command E1200-maa-01#show running-config monitor session ! monitor session 11 flow-based enable source GigabitEthernet 13/0 destination GigabitEthernet 13/1 direction both The show config command has been modified to display monitoring configuration in particular session.
Enabling Flow-Based Monitoring Flow-based monitoring is supported on the S4810, S4820T, S6000, Z9000, I/O Aggregator, and MXL platforms. Flow-based monitoring conserves bandwidth by monitoring only specified traffic instead all traffic on the interface. This feature is particularly useful when looking for malicious traffic. It is available for Layer 2 and Layer 3 ingress and egress traffic. You may specify traffic using standard or extended access-lists. 1.
Bare Metal Provisioning (BMP) 5 This chapter describes the Bare Metal Provisioning (BMP) enhancements that apply to the S4810, S4820T, S6000, Z9000, and MXL platforms Support for BMP on the S6000 Switch Starting with Dell Networking OS Release 9.3(0.0), BMP 3.1 is supported on the S6000 platform. For details about the commands and configuration procedures of BMP 3.1, refer the Open Automation Guide.
Replacement of stop jump-start Command With the stop bmp Command The deprecated stop jump-start command is replaced by the stop bmp from BMP 3.1 onwards. However, in BMP 1.5 and 2.0, you can use the stop jump-start command to stop the device from restarting in BMP mode.
6 Data Center Bridging (DCB) This chapter describes the DCB enhancements and contains the following sections: • Managing Hardware Buffer Statistics • Configuring WRED and ECN Attributes • Enabling Buffer Statistics Tracking • Configuring DCB Maps and its Attributes • Data Center Bridging: Default Configuration • Configuring the Dynamic Buffer Method • Priority-Based Flow Control Using Dynamic Buffer Method Configuring DCB Maps and its Attributes This topic contains the following sections that
Step Task Command Command Mode priority-pgid dot1p0_group_num dot1p1_group_num dot1p2_group_num dot1p3_group_num dot1p4_group_num dot1p5_group_num dot1p6_group_num dot1p7_group_num DCB MAP priority-group 2 bandwidth 20 pfc on priority-group 4 strict-priority pfc off Repeat this step to configure PFC and ETS traffic handling for each priority group. Specify the dot1p priority-to-priority group mapping for each priority. Priority-group range: 0 to 7.
Step Task Command Command Mode FTOS(config-if-te-0/0)# dcb-map SAN_A_dcb_map1 Repeat Steps 1 and 2 to apply a DCB map to more than one port. You cannot apply a DCB map on an interface which has been already configured for PFC using the pfc priority command or which is already configured for lossless queues (pfc nodrop queues command).
Step Task Command Command Mode 1 Enter INTERFACE Configuration mode. interface {tengigabitEthernet slot/port | fortygigabitEthernet slot/port} CONFIGURATION 2 Open a DCB map and enter DCB map configuration mode. dcb-map name INTERFACE 3 Disable PFC. no pfc mode on DCB MAP 4 Return to interface configuration mode.
Configuring PFC and ETS in a DCB Map An S6000 switch supports the use of a DCB map in which you configure priority-based flow control and enhanced transmission selection settings. To configure PFC and ETS parameters, you must apply a DCB map on an S6000 interface. This functionality is supported on the S6000 platform. PFC Configuration Notes Priority-based flow control (PFC) provides a flow control mechanism based on the 802.
• When you apply a DCB map, an error message displays if: • Link-level flow control is already enabled on an interface. You cannot enable PFC and link-level flow control at the same time on an interface. • In a switch stack, configure all stacked ports with the same PFC configuration. • FTOS allows you to change the default dot1p priority-queue assignments only if the change satisfies the following requirements in DCB maps already applied to S6000 interfaces: • All 802.
• The configuration of bandwidth allocation and strict-queue scheduling is not supported at the same time for a priority group. • Bandwidth assignment: By default, equal bandwidth is assigned to each dot1p priority in a priority group. To configure the bandwidth assigned to the port queues associated with dot1p priorities in a priority group, use the bandwidth percentage parameter. The sum of the bandwidth allocated to all priority groups in a DCB map must be 100% of the bandwidth on the link.
• If you configure more than one priority group as strict priority, the higher numbered priority queue is given preference when scheduling data traffic. dcb-map Create a DCB map to configure priority flow control (PFC) and enhanced transmission selection (ETS) on Ethernet ports that support converged Ethernet traffic. Apply the DCB map to an Ethernet interface. S4810, S6000, and FC Flex IO Modules with MXL and I/O Aggregator Syntax Parameters dcb-map map-name map-name Enter a DCB map name.
priority-pgid Assign 802.1p priority traffic to a priority group in a DCB map. S4810, S6000, and FC Flex IO Modules with MXL and I/O Aggregator Syntax Parameters priority-pgid dot1p0_group-num dot1p1_group-num dot1p2_groupnum dot1p3_group-num dot1p4_group-num dot1p5_group-num dot1p6_group-num dot1p7_group-num dot1p0_groupnum Enter the priority group number for each 802.1p class of traffic in a DCB map.
• Priority group 0 contains traffic with dot1p priorities 0, 1, and 2. • Priority group 1 contains traffic with dot1p priority 3. • Priority group 2 contains traffic with dot1p priority 4. • Priority group 4 contains traffic with dot1p priority 5, 6, and 7. To remove a priority-pgid configuration from a DCB map, enter the no priority-pgid command. Related Commands dcb-map — creates a DCB map to configure PFC and ETS parameters and applies the PFC and ETS settings on Ethernet ports.
priority-group bandwidth pfc Configure the ETS bandwidth allocation and PFC mode used to manage port traffic in an 802.1p priority group. S4810, S6000, and FC Flex IO Modules with MXL and I/O Aggregator Syntax Parameters priority-group group-num {bandwidth percentage| strictpriority} pfc {on | off} priority-group group-num Enter the keyword priority-group followed by the number of an 802.1p priority group. Use the prioritypgid command to create the priority groups in a DCB map.
If a priority group does not use its allocated bandwidth, the unused bandwidth is made available to other priority groups. To remove a priority-group configuration in a DCB map, enter the no prioritygroup bandwidth pfc command. By default, equal bandwidth is assigned to each dot1p priority in a priority group. Use the bandwidth parameter to configure the bandwidth percentage assigned to a priority group.
show qos dcb-map Display the DCB parameters configured in a specified DCB map. S4810, S6000, and FC Flex IO Modules with MXL and I/O Aggregator Syntax Parameters Command Modes Command History Usage Information show qos dcb-map map-name map-name • EXEC • EXEC Privilege Displays the PFC and ETS parameters configured in the specified map. Version 9.3.0.0 Introduced on the S4810 and S6000 platforms. Version 9.3.0.
PG:1 TSA:ETS Priorities:3 Related Commands BW:50 PFC:ON dcb-map — creates a DCB map to configure PFC and ETS parameters and applies the PFC and ETS settings on Ethernet ports. Priority-Based Flow Control Using Dynamic Buffer Method Priority-based flow control using dynamic buffer spaces is supported on the S4810, S4820T, S6000, and MXL platforms.
guaranteed buffer reduces the total available shared buffer to 7,787 KB. This shared buffer can be used for lossy and lossless traffic. The default behavior causes up to a maximum of 6.6 MB to be used for PFC-related traffic. The remaining approximate space of 1 MB can be used by lossy traffic. You can allocate all the remaining 1 MB to lossless PFC queues. If you allocate in such a way, the performance of lossy traffic is reduced and degraded.
Total buffer (lossy + lossless)(in KB): 7787--Total buffer space for lossy and lossless queues PFC total buffer (in KB): 6526 --Indicates the total buffer (configured or default) PFC shared buffer (in KB): 832--Indicates the shared buffer (Configured or default) PFC available buffer ( in KB): 5694--Indicates remaining available buffers for PFC that are free to be allocated Configuring the Dynamic Buffer Method Priority-based flow control using dynamic buffer spaces is supported on the S4810, S4820T, S6000,
8. Create a QoS policy buffer and enter the QoS Policy Buffer Configuration mode to configure the nodrop queues, ingress buffer size, buffer limit for pausing, and buffer offset limit for resuming.
Usage Information Configure the maximum shared buffer available for PFC traffic. You can choose to increase or decrease the shared buffer that is currently allocated in the system by default. You must configure the shared buffer size to be less than the total PFC buffer size.
priority Configure the priority for the PFC threshold to be allocated to the buffer space parameters. This utility is supported on the S4810, S4820T, S6000, and MXL platforms.
Usage Information For each priority, you can specify the shared buffer threshold limit, the ingress buffer size, buffer limit for pausing the acceptance of packets, and the buffer offset limit for resuming the acceptance of received packets. When PFC detects congestion on a queue for a specified priority, it sends a pause frame for the 802.1p priority traffic to the transmitting device. You can use the priority command to set up both the administrative and peerrelated PFC priorities.
buffer-size Ingress buffer size size Size of the ingress buffer in KB. Enter a number in the range of 0 to 7787. The default is 45 KB. pausethreshold Buffer limit for pause frames to be sent thresholdvalue Buffer limit at which the port sends the pause to peer in KB. Enter a number in the range of 0 to 7787. The default is 10 KB. resume-offset Buffer offset limit for resuming in KB thresholdvalue Buffer offset limit at which the port resumes the peer in KB.
Example S4810-YU-MR-FTOS(conf)# qos-policy-buffer test S4810-YU-MR-FTOS (conf-qos-policy-buffer)#queue 0 pause no-drop buffer-size 128000 pause-threshold 103360 resume-threshold 83520 S4810-YU-MR-FTOS (conf-qos-policy-buffer)# queue 4 pause nodrop buffer-size 128000 pause-threshold 103360 resume-threshold 83520 dcb-policy buffer-threshold (Interface Configuration) Assign the DCB policy to the DCB buffer threshold profile on interfaces.
dcb-policy dcb-buffer-threshold (Global Configuration) Assign the DCB policy to the DCB buffer threshold profile on stack ports that applies globally throughout the system. This utility is supported on the S4810, S4820T, and MXL platforms. This command is not supported on the S6000 platform because it does not contain stack ports.
Command Modes Command History Usage Information Example EXEC EXEC Privilege Version 9.3.0.0 Introduced on the S6000 platform.
history Y Command Modes Command History Usage Information • Port {id |all} queue {all} - egress queue-level snapshot for both unicast and multicast packets • Port {id |all} queue ucast {id | all} - egress queue-level snapshot for unicast packets only • Port {id |all} queue mcast {id | all} - egress queue-level snapshot for multicast packets only • Port {id |all} prio-group {id | all} - ingress priority-group level snapshot Historical snapshot details of buffer space statistics, where Y can be one
If you configured the maximum number of instances as 5 and attempt to view the buffer statistics tracking details for the instance ID of 6, the aforementioned error is shown.
7 0 0 0 0 0 0 0 0 0 1 In the following example, the Headroom Cells field indicates the amount of shared buffer area that is allocated to store packets that are received after the pause frame is received or a priority-based flow control pause frame is enabled. When an inbound interface halts the sending of traffic, it must have the buffer space to save all of the packets currently in the buffer, and also all of the packets that were received before the device stops the sending of packets.
--------------------------------------0 0 0 1 0 0 2 0 0 3 0 0 4 0 0 5 0 0 6 0 0 7 0 0 --------------------------------------Q# TYPE Q# TOTAL BUFFERED CELLS --------------------------------------UCAST 0 0 UCAST 1 0 UCAST 2 0 UCAST 3 0 UCAST 4 0 UCAST 5 0 UCAST 6 0 UCAST 7 0 UCAST 8 0 UCAST 9 0 UCAST 10 0 UCAST 11 0 MCAST 0 0 MCAST 1 0 MCAST 2 0 MCAST 3 0 MCAST 4 0 MCAST 5 0 MCAST 6 0 MCAST 7 0 MCAST 8 0 <… snip …> Stack-unit: 0 unit: 0 port: 104 (interface Te 0/124) --------------------------------------PG#
MCAST MCAST MCAST MCAST MCAST MCAST MCAST MCAST 1 2 3 4 5 6 7 8 0 0 0 0 0 0 0 0 To determine the port that is congested and monitor all queues (including multicast and unicast queues] only on that port: FTOS#$show hardware stack-unit 0 buffer-stats-snapshot unit 0 resource port 1 queue all Stack-unit: 0 unit: 0 port: 1 (interface Fo 0/0) --------------------------------------Q# TYPE Q# TOTAL BUFFERED CELLS --------------------------------------UCAST 0 0 UCAST 1 0 UCAST 2 0 UCAST 3 0 UCAST 4 0 UCAST 5 0 U
To determine the port that is congested and monitor all the unicast Queues on that port: FTOS#show hardware stack-unit 0 buffer-stats-snapshot unit 0 resource port 1 queue ucast all Stack-unit: 0 unit: 0 port: 1 (interface Fo 0/0) --------------------------------------Q# TYPE Q# TOTAL BUFFERED CELLS --------------------------------------UCAST 0 0 UCAST 1 0 UCAST 2 0 UCAST 3 0 UCAST 4 0 UCAST 5 0 UCAST 6 0 UCAST 7 0 UCAST 8 0 UCAST 9 0 UCAST 10 0 UCAST 11 0 FTOS# To identify the port that is congested and mo
dcb pfc-total-buffer-size Configure the total buffer size for PFC in kilobytes. This utility is supported on the S6000 platform. S6000 Syntax Parameters dcb pfc-total—buffer—size KB KB Enter a number in the range of 0 to 7787. Default The default is 1 KB for S6000 platforms. Command Modes CONFIGURATION mode Command History Usage Information Version 9.3.0.0 Introduced on the S6000 platform Configure the maximum buffer available for PFC traffic.
Command History Usage Information Example Version 9.3.0.0 Introduced on the S6000 platform. The following table describes the output fields displayed for the show runningconfig dcb-buffer-threshold command: Field Description Profile name Name of the DCB buffer threshold profile Priority The priority of the queue for which the buffer space settings apply buffer-size Ingress buffer size pause-threshold-value Buffer limit at which the port sends the pause to peer in KB.
- Denotes dynamic buffering is enabled in respective queues On interface in which PFC is not enabled: FTOS#show interface tengigabitethernet 0/20 pfc bufferthreshold The following table describes the output fields displayed for the show interface pfc buffer-threshold command: Field Description queue Number of the queue lossless Whether the queue is a lossy or lossless queue for which buffer threshold is configured buffer-size Ingress buffer size pause-threshold-value Buffer limit at which the por
This method of configuration enables you to effectively manage and administer the behavior of lossless queues.
Egress Interface Selection (EIS) for HTTP and IGMP Applications 7 The functionality to configure the egress interface selection (EIS) mechanism is supported on the S4810, S4820T, S6000, and Z9000 platforms. You can now use EIS to isolate the management and front-end port domains for HTTP and IGMP traffic.
Table 1.
• In this mode, you can run the “application” and “no application” commands • Applications can be configured/unconfigured as management applications using the “application”/ “no application” Cli. All configured applications is considered as management applications and the rest of them as non-management applications. • All the management routes (connected, static and default) are duplicated and added to the management EIS routing table.
• In the netstat output, the prefix “mgmt” is added to routes in the EIS table so that the user can distinguish between routes in the EIS Routing table and default routing table. • If the management port IP address is removed, the corresponding connected route is removed from both the EIS routing table and default routing table. • If a management route is deleted, then the route is removed from both the EIS routing table and default routing table.
Handling of Switch-Destined Traffic • All traffic received on the management port destined to the management port IP address or received on the front end port destined to the front end IP address is processed by the switch • If source TCP/UDP port number matches a configured EIS or non-EIS management application and source IP address is Management Port IP address then EIS route lookup is done for the response traffic and hence will be sent out of the management port In this case, source IP address will b
Mapping of Management Applications and Traffic Type The following table summarizes the behavior of applications for various types of traffic when the management egress interface selection feature is enabled. Table 2. Mapping of Management Applications and Traffic Type Traffic type / Application type Switch initiated traffic Switch destined traffic Transit Traffic EIS Management Application Management is the preferred egress port selected based on route lookup in EIS table .
The management port will be egress port for management applications as defined in this feature. If the management port is down or the destination is not reachable through the management port (Next hop ARP is not resolved etc.) and if the destination is reachable through data port, then the management application traffic is sent out through the front end data port. This is a fallback mechanism that is required. 2.
Behavior of Various Applications for Switch-Destined Traffic This section describes the different system behaviors that occur when when traffic is terminated on the switch. Traffic has not originated from the switch and is not transiting the switch. Switch destined traffic is applicable only for applications which acts as server for the TCP session and also for ICMP based applications like ping and traceroute. FTP, SSH, and Telnet are the applications that can function as servers for the TCP session.
• If management EIS is enabled, this default route is added to the management EIS routing table and the default routing table. ARP learn enable • When ARP learn enable is enabled the switch shall learn ARP entries for ARP Request packets even if the packet is not destined to an IP configured in the box. • ARP learn enable feature shallnot be applicable to the EIS routing table. It is applicable to the default routing table only.
Flex Hash and Optimized Boot-Up 8 This chapter describes the Flex Hash and fast-boot enhancements and contains the following sections: • Optimizing the Boot Time • Flex Hash Capability Overview • Preserving 802.1Q VLAN Tag Value for Lite Subinterfaces Flex Hash Capability Overview This functionality is supported on the S6000 platform.
condition occurs owing to hardware limitations in the S6000 platform, in which the RTAG7 hash selection bitmap overlay bits 2 and 3 need to be enabled for the Flex Hash algorithm and to be disabled for IP and Layer 2 trace flow feature. IP and Layer 2 trace flow feature is useful in identifying the egress interface that the packet uses to pass through or traverse for port-channel and ECMP links.
Parameters ipv4 Denotes whether Flex Hash needs to be enabled for IPv4 packets. ipv6 Denotes whether Flex Hash needs to be enabled for IPv6 packets. protocol number Represents the Outer IPv4 protocol field in case of IPv4 packets, and the Outer IPv6 next header field in case of IPv6 packets. The ipv4/ipv6 keyword and the IP protocol value are used as keys to identify if a duplicate flex hash configuration is already present. Duplicate flex hash configuration is not possible.
You can cause the system to include the fields present at the offsets that you define (from the start of the L4 header) as a part of LAG and ECMP computation. Also, you can specify whether the IPv4 or IPv6 packets must be operated with the Flex Hash mechanism. Example S4810-YU-MR-FTOS(conf)# load-balance flexhash ipv4 ip-proto 1 desc offset1 1 offset2 2 Configuring the Flex Hash Mechanism This configuration is supported on the S6000 platform.
Configuring Fast Boot and LACP Fast Switchover To configure the optimized booting time functionality, and quicker aggregation and convergence of member ports of a port- channel bundle, perform the following steps. This procedure is supported on the S6000 platform. 1. Enable the system to be restarted during the next reboot of the device with optimized booting-time functionality enabled.
Related Commands • • show reload-type — displays the current reload mode (BMP or Normal mode). stop bmp — stops the BMP process and prevents a loop if the DHCP server is not found. lacp fast-switchover Cause the physical ports to be aggregated faster by configuring this capability in a port-channel on both the nodes that are members of a port-channel.
exists between the ToR and leaf switch units, and between the leaf and spine units or nodes. For example, you can enable the optimized booting method in a deployment in which Micrsoft Bing and Microsoft Azure applications are installed, although different QoS configurations might be needed because of Bing being a search utility and Azure being a service provider that hosts a public cloud.
3. Before performing the planned reload, we recommend that the IPv6 Neighbor Discovery (ND) reachable timer (amount of time that a switch can connect to a remote node after a reachability confirmation event has taken place) is increased to a value of 300 seconds or longer on the adjacent devices to prevent the ND cache entries from becoming stale and being removed while the ToR goes through a CPU reset. This timer can be restored to its prior value after the ToR has completed its planned reload. 4.
image, after the kernel initialization is complete. Therefore, the forwarding plane match occurs at a later time than the stage at which the match occurs when fast boot capability is not configured.
BGP Graceful Restart The fast boot functionality operates in the following manner when the system contains one or more BGP peerings configured for BGP graceful restart, apart from performing the other generic system-wide tasks: When you reload the device using the fast boot capability enables, a closure of the TCP sessions is performed on all sockets corresponding to BGP sessions on which Graceful Restart has been negotiated.
LACP Fast Switchover For the fastboot functionality, the operation of LACP has been optimized. These LACP optimizations are applicable even when fast boot mechanism is not activated when a system reload is performed. These enhancements are controlled using the fast-switchover option that is available with the lacp command in Port Channel Interface Configuration mode.
BGP as quickly as possible and then advertised to peers as soon as the peering is established. This rapidness in the transmission of routes is essential when BGP GR is not used because the peers will not have the routes from the restarting ToR. The following design modifications have been performed: Poll for routes corresponding to “networks” every 3 seconds for the first 20 seconds after BGP starts. After that, revert to the usual FTOS behavior of checking every 30 seconds.
1. The ‘wait-while’ timer is not started in the ‘waiting’ state of the MUX state machine. The standard recommends waiting for some time for additional ports to try to join the aggregator as that may potentially cause the original port to be unselected or be placed in a ‘standby’ state. However, FTOS does not support the concept of a ‘standby’ state and all ports that are operational can be attached to the aggregator.
At the egress interface, the VLAN ID is appended to the packet and transmitted out of the interface as a tagged packet with the dot1Q value preserved. RDMA is a technology using which a virtual machine (VM) can directly transfer information the memory of another VM, thereby enabling VMs to be connected to storage networks. With RoCE, RDMA enables data to be forwarded without passing through the CPU and the main memory path of TCP/IP.
VLAN ID to be preserved (in the hardware or the OS application) when a VLAN ID used for encapsulation is associated with a physical/Port-channel interface. Normal VLANs and VLAN encapsulation can exist simultaneously and any non-unicast traffic received on a normal vlan is not flooded using litesubinterfaces whose encapsulation VLAN ID matches with that of the normal VLAN ID. You can use the encapsulation dot1q vlan-id command in INTERFACE mode to configure litesub-interfaces.
Interfaces 9 This chapter describes the interfaces-related enhancements and contains the following sections: • Enabling the Management Address TLV on All Interfaces of an Aggregator • Enhanced Validation of Interface Ranges Enabling the Management Address TLV on All Interfaces of an Aggregator The management address TLV, which is an optional TLV and is of type 8, that denotes the network address of the management interface, is supported by the Dell Networking OS and it is advertised on all of the inte
IPv4 Routing 10 This chapter describes the IPv4 routing-related enhancements and contains the following sections: • IPv4 Path MTU Discovery Overview • Configuring the Duration to Establish a TCP Connection • Using Loopback Address in ICMP Unreachable Messages IPv4 Path MTU Discovery Overview In common network topologies, hosts send large large volumes of data to other neighboring devices using IP packets.
Using the Configured Source IP Address in ICMP Messages This functionality to enable ICMP messages, such as ICMP unreachable or ICMP error messages, to be sent with the configured ICMP source interface IP address address instead of the front-end port IP address for traceroute command output listing is supported on the S4810, S4820T, Z9000, S6000, and MXL platforms.
Traceroute works by sending packets with gradually increasing TTL value, starting with TTL value = 1. The first router receives the packet, decrements the TTL value and drops the packet because it then has a TTL value of zero. The router sends an ICMP Time Exceeded message back to the source. The next set of packets are given a TTL value of 2; therefore, the first router forwards the packets, but the second router drops them and replies with ICMP Time Exceeded.
Command Modes Command History Usage Information CONFIGURATION Version 9.3.0.0 Introduced on the S4810, S4820T, S6000, Z9000, and MXL platforms. You can enable the mechanism to configure the source or the originating interface from which the packet (the device that generates the ICMP error messages) is received by the switch to send the loopback address instead of its source IP address to be used in the ICMP unreachable messages and in the traceroute command output.
NOTE: When you configure the capability to enable the loopback IP address to be sent for easy debugging and diagnosis (IP addresses of the devices for which the ICMP source interface is configured), the source IP address of the outgoing ICMP error message is modified, although the packets are not sent out using the configured interface.
Example FTOS(conf)#ipv6 icmp source-interface tengigabitethernet 0/0 FTOS(conf)# Configuring the Duration to Establish a TCP Connection This procedure is supported on the S4810, S4820T, S6000, Z9000, I/O Aggregator, and MXL platforms. You can configure the amount of time for which the device must wait before it attempts to establish a TCP connection. Using this capability, you can limit the wait times for TCP connection requests.
Usage Information You can configure the amount of time for which the device must wait before it attempts to establish a TCP connection. Using this capability, you can limit the wait times for TCP connection requests. Upon responding to the initial SYN packet that requests a connection to the router for a specific service (such as SSH or BGP) with a SYN ACK, the router waits for a period of time for the ACK packet to be sent from the requesting host that will establish the TCP connection.
Link Aggregation Groups (LAGs) 11 This chapter describes the link aggregation control protocol (LACP) and link aggregation group (LAG) enhancements and contains the following sections: • Configuring the Uplink Speed of Interfaces as 40 Gigabit Ethernet • Configuring the Minimum Number of Links to be Up for Uplink LAGs to be Active • Optimizing Traffic Disruption Over LAG Interfaces On IOA Switches in VLT Mode • Preserving LAG and Port Channel Settings in Nonvolatile Storage • Setting Up a Thresho
Optimizing Traffic Disruption Over LAG Interfaces On IOA Switches in VLT Mode When an Aggregator operates in VLT mode, the VLT LAG configurations are saved in nonvolatile storage (NVS) when you enter the write memory command. This method of saving the VLT settings in NVS and restoring the saved settings when the Aggregator restarts reduces the disruption of traffic that is handled during the restart of the primary and secondary VLT peer nodes.
Enabling the Verification of Member Links Utilization in a LAG Bundle To examine the working efficiency of the LAG bundle interfaces, do the following 1. The functionality to detect the working efficiency of the LAG bundle interfaces is automatically activated on all the port channels, except the port channel that is configured as a VLT interconnect link, during the booting of the switch. 2.
Field Description Interface Slot and port number, and the type of the member interface of the port channel Line Protocol Indicates whether the interface is administratively up or down Utilization (In Percent) Traffic usage in percentage of the packets processed by the particular member interface You can also use the show running-configuration interface port-channel command in EXEC Privilege mode to view whether the mechanism to evaluate the utilization of the member interfaces of the LAG bundle is e
Example Field Description Alarm State Indicates whether an alarm is generated if overutilization of the port channel occurred.
You can use this optimal, cohesive capability in your network environment to detect whether the configured applications or utilities are causing traffic to be unevenly distributed on a higig link bundle for best performance. This capability to monitor the port channel bundles is applicable for any platform that contains backplane high-Gigabit Ethernet links.
alarms only when the utilization levels are high. At low utilization levels, it is possible that there are only one or two significant flows can cause unevenness. Such an imbalanced traffic flow is not critical or indicative of a problem. The higig link bundle trigger threshold is a system-wide or a global setting for the device. • If you enabled the generation of SNMP traps, syslogs and traps are transmitted when an uneven distribution is observed.
3. Specify the interval in seconds for higig link bundle monitoring. CONFIGURATION mode Dell(conf)#hg-link-bundle-monitor rate-interval 10 4. Enable the generation of traps for higig link-bundle monitoring. CONFIGURATION mode Dell(conf)#snmp-server enable traps hg-lbm 5. Use the show hg-link-bundle-distribution command to display the traffic-handling and utilization of the member interfaces of the port channel. The following table describes the output fields of this show command.
traps. Also, when the traffic is resumed to be handled in an equalized, proper manner, a notification using alarms and SNMP traps is generated. hg-link-bundle-monitor trigger-threshold Specify the threshold value for high-Gigabit Ethernet port channels or trunk groups, which is a checkpoint exceeding which the link bundle is marked as being overutilized and alarm is generated. This command is supported on the Z9000 platform.
Defaults The default hiGig stats polling interval is 15 seconds. Usage Information This interval cannot be configured per high-Gigabit port channel and is applicable for all of the high-Gigabit port channels on the system. show hg-link-bundle-distribution Display the traffic-handling and utilization of the member interfaces of the high-Gigabit port channel or trunk group. This command is supported on the Z9000 platform.
Field Description port channel occurred.
Z9000 Syntax Parameters show hardware stack-unit stack-unit {buffer unit {0–5} [port port-number]| cpu data-plane statistics | cpu i2c statistics | cpu party-bus statistics | cpu sata-interface statistics | drops [unit number [port port-number]] | hg-stats [unit number [port port-number]] | ipmc-replication | stack-port port-number | table-dump| unit unit-number {counters | details | port-stats [detail] | register}} hg-stats [unit unit-number [port portnumber | no]] Enter the keyword hg-stats to display
Related Commands clear hardware system-flow — clears the statistics from selected hardware components. show interfaces stack-unit — displays information on all interfaces on a specific SSeries stack member. show processes cpu (S-Series) — displays the CPU usage information based on the processes running in an S-Series. show system (S-Series and Z-Series) — displays the current status of all the stack members or a specific member.
Viewing Buffer Utilization and Queue Statistics on HighGigabit Ethernet Backplane Ports You can view the buffer utilization and queue statistical counters for high-Gigabit Ethernet ports or trunk groups that operate as backplane ports. This functionality is supported on the Z9000 platform. You can now view the queue statistics and buffer utilization counters for the internal leaf port and spine port queues on a Z9000 platform using the appropriate show commands.
• show hardware stack-unit 0 buffer unit {0-5} port {1-41} queue all bufferinfo—Supports backplane high-Gigabit port for switch fabric or spine units for a specific port and all queues. • show hardware stack-unit 0 drops unit {0-5} port {1-41}—Supports drop counters for non-fanout high-Gigabit ports (backplane ports).
12 Miscellaneous Settings This chapter contains several, diversified behavioral-changes and enhancements that apply to this release. • Default Host Name Change • hostname (for Changes to Default) Setting a Threshold for Switching to the SPT The functionality to specify a threshold for switchover to the shortest path trees (SPTs) is available on SSeries platforms. After a receiver receives traffic from the RP, PM-SM switches to SPT to forward multicast traffic.
Parameters value (OPTIONAL) Enter the traffic value in kilobits per second. The default is 10 packets per second. A value of zero (0) causes a switchover on the first packet. infinity (OPTIONAL) Enter the keyword infinity to never switch to the source-tree. Defaults Not configured. Command Modes CONFIGURATION Command History Usage Information Version 9.3.0.0 Introduced on the S6000. This command is applicable to last hop routers on the shared tree towards the rendezvous point (RP).
Defaults See Parameters Command Modes CONFIGURATION Command History Related Commands Version 9.3. (0.0) Introduced on S6000. show bfd neighbors – displays the BFD neighbor information on all interfaces or a specified interface. Configure BFD for Static Routes Configuring BFD for static routes is supported on Z9000 S4810 S4820T S6000. BFD offers systems a link state detection mechanism for static routes.
Establishing Sessions for Static Routes Sessions are established for all neighbors that are the next hop of a static route. Figure 1. Establishing Sessions for Static Routes To establish a BFD session, use the following command. • Establish BFD sessions for all neighbors that are the next hop of a static route. CONFIGURATION mode ip route bfd To verify that sessions have been created for static routes, use the show bfd neighbors command.
• Disable BFD for static routes. CONFIGURATION mode no ip route bfd source (port monitoring for 40-Gigabit Ethernet) Configure a port monitor source and destination. Starting with Dell Networking OS Release 9.3(0.0), you can also configure a 40-Gigabit Ethernet interface as the destination interface or port to which the monitored traffic is sent .
Microsoft Network Load Balancing 13 This functionality is supported on the S4810, S4820T, S6000, Z9000, and MXL platforms. Network Load Balancing (NLB) is a clustering mechanism that is implemented by Microsoft on Windows 2000 Server and Windows Server 2003 operating systems. NLB uses a distributed methodology or pattern to equally split and balance the network traffic load across a set of servers that are part of the cluster or group.
With NLB, the data frame is forwarded to all the servers for them to perform load-balancing. NLB Multicast Mode Scenario Consider a sample topology in which four servers, namely S1 through S4, are configured as a cluster or a farm. This set of servers is connected to a Layer 3 switch, which in turn is connected to the end-clients. They contain a single multicast MAC address (MAC-Cluster: 03-00-5E-11-11-11).
• When a port is added to the VLAN, the port automatically receives traffic if the feature is enabled. Old ARP entries are not deleted or updated. • When a member port is deleted, its ARP entries are also deleted from the CAM. • Port channels in the VLAN also receive traffic. • There is no impact on the configuration from saving the configuration. • The feature if enabled is displayed in the show running-config command output that displays ip vlan-flooding CLI configuration.
multicast-macaddress Enter a 48-bit hexadecimal address in nn:nn:nn:nn:nn:nn format for the static MAC address to be used to switch multicast traffic. interface Enter any of the following keywords and slot/port or number information: Defaults Not configured. Command Modes CONFIGURATION Command History Usage Information Related Commands Version 9.3.0.0 • For a Port Channel interface, enter the keywords portchannel then a number. The range is from 1 to 128.
Parameters multicast-macaddress Enter the 48-bit hexadecimal address in nn:nn:nn:nn:nn:nn format. multicast Enter a vlan port to where L2 multicast MAC traffic is forwarded. NOTE: Use this option if you want multicast functionality in an L2 VLAN without IGMP protocols.
Example (Multicast) mac-address-table static 01:00:5E:01:00:01 {multicast vlan 2 output—range Te 0/2,Te 0/3} ip vlan-flooding Enable unicast data traffic flooding on VLAN member ports. Syntax ip vlan-flooding To disable, use the no ip vlan-flooding command. Command Modes Command History CONFIGURATION Version 9.3.0.0 Introduced on the S4810, S4820T, S6000, Z9000, and MXL platforms Default Disabled Usage Information By default this command is disabled.
Quality of Service (QoS) 14 This chapter describes the QoS enhancements and contains the following sections: • Classifying Packets Based on a Combination of DSCP Code Points and VLAN IDs • Specifying Policy-Based Rate Shaping in Packets Per Second • Managing Hardware Buffer Statistics • Classifying Layer 2 Traffic on Layer 3 Interfaces • RRoCE Overview Specifying Policy-Based Rate Shaping in Packets Per Second The capability to configure rate shaping for QoS output policies in packets per second
rate in pps, the peak burst size must also be configured as a measure of number of packets. Similarly, if you configure the peak rate in Kbps, the peak burst size must also be configured as a measure of bytes. Configuring Policy-Based Rate Shaping The capability to configure rate shaping for QoS output policies in packets per second (pps) is supported on the S6000 platform. You can explicitly specify the rate shaping functionality for QoS output policies as peak rate and committed rate attributes.
such cases, you can use ECN in conjunction with WRED to resolve this problem of dropping of packets under congested conditions. Using ECN, instead of entirely dropping the packets when the network experiences excessive traffic, the packets are marked for transmission at a later time after the network recovers from the heavy traffic state to optimal load. In this manner, enhanced performance and throughput is achieved.
• When WRED is configured on the global service-pool (regardless of whether ECN on global servicepool is configured), and one or more queues have WRED enabled and ECN disabled, WRED is effective for the minimum of the thresholds between the queue thresholed and the service pool threshold. • When WRED is configured on the global service-pool (regardless of whether ECN on global servicepool is configured), and one or more queues are enabled with both WRED and ECN, ECN marking takes effect.
To configure the weight factor for WRED and ECN capabilities, global buffer pools for multiple queues, and associating a service class with ECN marking, perform the following: 1. Configure the weight factor for computation of average-queue size. This weight value applies to front-end ports. QOS-POLICY-OUT mode Dell(conf-qos-policy-out)#wred weight number 2.
You can use the service-policy input policy-name layer 2 command in Interface Configuration mode to apply an input policy map to Layer 3 physical interfaces. To apply a Layer 2 policy on Layer 3 interfaces, perform the following: 1. Configure an interface with an IP address or a VLAN subinterface CONFIGURATION mode Dell(conf)# int fo 0/0 INTERFACE mode Dell(conf-if-fo-0/0)# ip address 90.1.1.1/16 2. Configure Layer2 policy with Layer 2 (Dot1p or source MAC-based) classification rules.
2. Configure the threshold weight of the shared buffer for the queues you want. In this example, this setting is configured for queues 5 and 7. Dell(conf-if-te-0/8)#Service-class buffer shared-threshold-weight queue5 4 queue7 6 Enabling Buffer Statistics Tracking This functionality is supported on the S6000 platform. You can enable the tracking mechanism for statistical values of buffer spaces at a global level to be applicable throughout the system.
To create IP VLAN and DSCP values as match criteria in a Layer 3 class map, and to associate the class map with a policy map that is linked to a service queue, perform the following: 1. Create a match-any or a match-all Layer 3 class map, depending on whether you want the packets to meet all or any of the match criteria to be a member of the class. By default, a Layer 3 class map is created if you do not enter the layer2 option with the class-map command.
Default Quality of Service (QoS) committedrate Define the committed rate, which is the guaranteed or minimum confirmed rate for the packets. Specify this value as a multiple of 64 if you specify the committed rate in Kbps. The range is from 0 to 40000000 for Kbps. The range is from 1 to 268000000 for pps. The range is from 0 to 40000 for Mbps (which is the default measure for rate limits if you do not explicitly configure Kbps or pps) burst-KB (OPTIONAL) Enter the committed burst size in KB.
Command Modes Command History Usage Information CONFIGURATION Version 9.3.0.0 Added support for committed rate and committed burst size, and for configuration of rate limits on the S6000 platform. If you specify the pps keyword after the rate-shape command, the peak rate, peak burst, committed rate and committed burst are all considered to be values as a measure of packets. If you do not specify the pps or kbps keyword, the peak and committed rate settings are considered to be values in Mbps.
Default By default, buffer statistics tracking is disabled. Command Modes CONFIGURATION mode Command History Version 9.3.0.0 Introduced on the S6000 platform Usage Information Only the software-based trigger for retrieving and calculating the snapshots of the statistical counters of the buffer space is supported.
number Enter a weight for the queue on the shared buffer as a number in the range of 1 to 11. Default The default threshold weight on the shared buffer for each queue is 9. Therefore, each queue can consume up to 66.67 percent of available shared buffer by default. Command Modes INTERFACE mode Command History Usage Information Example 196 Version 9.3.0.0 Introduced on the S6000 platform You can configure all the data queues. For S6000, you can configure queues 0-7.
wred weight Configure the weight factor for computation of average-queue size. This weight value applies to frontend ports. This mechanism to configure a weight for WRED and ECN functionality for front-end ports is supported on the S6000 and Z9000 platforms.
string] || [queue3 number/string] || [queue4 number/string] || [queue5 number/string] || [queue6 number/string] || [queue7 number/string]}{backplane} Parameters service-class Define the mapping between the service class and policybased QoS or routing wred Specify WRED curve parameters for a queue green Specify green (low) drop precedence to a queue weight Specify a weight factor to a queue yellow Specify yellow (medium) drop precedence to a queue queue 0 to queue 7 Specify the queue number to wh
Dell(conf) #service-class wred weight queue0 11 queue6 4 queue7 9 backplane service-pool wred A global buffer pool that is a shared buffer pool accessed by multiple queues when the minimum guaranteed buffers for the queue are consumed can be configured on the S6000 and Z9000 platforms. Create a global buffer pool that is a shared buffer pool accessed by multiple queues when the minimum guaranteed buffers for the queue are consumed.
Usage Information You can configure only service pools 0 and 1 because the Dell Networking OS uses only these two service pools. The pool, service0, is used for lossy queues and the pool, service1, is used for lossless (PFC) queues in all the platforms. You can configure the weight for the WRED average queue size for service1 on the S6000 Switch, which is the only platform in which PFC is supported for this service pool. On the Z9000 Switch, only service0 can be configured because it does not support PFC.
Command Modes Command History Usage Information Example CONFIGURATION mode Version 9.3.0.0 Introduced on the S6000 and Z9000 platforms You can add or remove ECN marking configuration on a list of queues on all backplane ports. All of the configured attributes apply to all the backplane ports and are for each queue. You can configure all the data queues. For Z9000, you can configure queues 0-3. By default, ECN marking is disabled on all queues.
separating the starting and ending queue numbers with a hyphen backplane Specify that the ECN marking configured for each queue applies to backplane ports Default By default, ECN marking is disabled on all queues. Command Modes CONFIGURATION mode Command History Usage Information Example Version 9.3.0.0 Introduced on the Z9000 platform You can add or remove ECN marking configuration on a list of queues on all backplane ports.
Command Modes Command History Usage Information Example buffer unit <0– 5> Enter the keyword buffer. To display the total buffer statistics for the stack unit, enter the keyword total-buffer. To display the buffer statistics for a specific unit, enter the keyword unit and a unit number 0 . port To display the buffer statistics for a specific port, enter the keyword port and a port number from 1 to 64.
show hardware stack-unit buffer-stats-snapshot View the buffer statistics tracking resource information without polling details and historical snapshots. This command is supported on the S6000 platform.
When the buffer-stats-snapshot is disabled, an informational message is dispayed to this effect when you attempt to view the buffer statistics tracking resource information without polling details and historical snapshots.
-------------------------------------------------------------------------------------------------------------PG# SHARED CELLS HEADROOM CELLS -------------------------------------------------------------------------------------------------------------6 1000 5 7 3 0 show hardware stack-unit buffer-stats-snapshot (Total Buffer Information) View the buffer statistics tracking resource information depending on the type of buffer information, such as device-level details, port-level counters, queue-based snapsho
Command Modes Command History Usage Information EXEC EXEC Privilege Version 9.3.0.0 Introduced on the S6000 platform. The following information is displayed based on the buffer-info type, such as device-level details, port-level counters, queue-based snapshots, or priority grouplevel snapshot in the egress and ingress direction of traffic: • Device-ingress – Displays total buffer accounting usage for the unit.
Management Port Media Converter 15 The capability to configure management media port converter is supported on the S6000 platform. Starting with Dell Networking OS Release 9.3.0.0, copper Ethernet network management connectivity for power distribution units (PDUs) is supported, without the need to provision an additional network switch. A unique, dedicated special media converter is provided and it can be inserted in to any front-panel 40G interface. This converter supports 10M, 100M, 1G Ethernet speeds.
Working of the Management Port Media Converter QSFP EEPROM content is accessed to detect this special media converter and based on this identification performed, a new optic type is used to differentiate this optic type from the other optics. This new optic type is displayed in the appropriate show commands and for enabling other functionalities. EEPROM contents are displayed in the output of the ‘show interface transceiver’ command.
00:00:40: %S6000:0 %IFAGT-5-INSERT_OPTICS_QSFP: Optics QSFP inserted in slot 0 port 3 On Optic Removal: 00:04:41: port 0 00:04:41: port 1 00:04:41: port 2 00:04:41: port 3 %S6000:0 %IFAGT-5-REMOVE_OPTICS_QSFP: Optics QSFP inserted in slot 0 %S6000:0 %IFAGT-5-REMOVE_OPTICS_QSFP: Optics QSFP inserted in slot 0 %S6000:0 %IFAGT-5-REMOVE_OPTICS_QSFP: Optics QSFP inserted in slot 0 %S6000:0 %IFAGT-5-REMOVE_OPTICS_QSFP: Optics QSFP inserted in slot 0 The following is the sample output of the show interface media
Online Insertion and Removal (OIR) of the Management Optic The following table illustrates the system operations during various system states when the management optic is inserted and removed. It also describes the functioning of the system before the introduction of the management optic and the current working with the management optic type supported. Table 6. Online Insertion and Removal (OIR) of the Management Optic 1.a Runtime No Optic present. Insert MGMT optic Speed CLI will be enabled.
CASE NO Speed S6k T2 AN SP Bcm 54616s FD HD AN SP S50 FD Remarks HD AN SP FD HD Speed/Duplex change in peer side: Autoneg ON both sides, with config change in peer side 2.a 100M FD Off 100M O N - On Defaul Def Def on t ault ault 100M Y/ Defa ult Y/ Defa ult Works 2.b 100M HD Off 100M O N - on 100M Off Y Works 2.c 10M FD Off 10M O N - On Defaul Def Def on t ault ault 10M Y/ Defa ult Y/ Defa ult Works 2.
CASE NO Speed S6k T2 AN SP Bcm 54616s FD HD AN SP S50 FD Remarks HD AN SP FD HD an=on side, as AN fail 5.d 10M HD Off 10M ON - Off 10M off Y ON 10M Off Y Autoneg off on both sides, with manual config 6.a 100M FD Off 100M ON - Off 100M Y Off off 100M Y Off Works 6.b 100M HD Off 100M ON - Off 100M off Y 100M Off Y Works 6.c 10M FD Off 10M ON - Off 10M Y Off off 10M Y Off Works 6.
Security for M I/O Aggregator 16 Security features are supported on the M I/O Aggregator. This chapter describes several ways to provide access security to the Dell Networking system. For details about all the commands described in this chapter, refer to the Security chapter in the Dell Networking OS Command Reference Guide. aaa authentication enable Configure AAA Authentication method lists for user access to EXEC privilege mode (the “Enable” access).
Usage Information By default, the Enable password is used. If you configure aaa authentication enable default, FTOS uses the methods defined for Enable access instead. Methods configured with the aaa authentication enable command are evaluated in the order they are configured. If authentication fails using the primary method, FTOS employs the second method (or third method, if necessary) automatically.
Defaults Not configured (that is, no authentication is performed). Command Modes CONFIGURATION Command History Usage Information Version 9.3.0.0 Introduced on the M I/O Aggregator. By default, the locally configured username password is used. If you configure aaa authentication login default, FTOS uses the methods this command defines for login instead. Methods configured with the aaa authentication login command are evaluated in the order they are configured.
Command History Related Commands Version 9.3.0.0 Introduced on the M I/O Aggregator. line — applies an authentication method list to the designated terminal lines. ip access-list standard — names (or selects) a standard access list to filter based on the IP address. ip access-list extended — names (or selects) an extended access list based on the IP addresses or protocols. Authorization and Privilege Commands To set command line authorization and privilege levels, use the following commands.
This is the banner FTOS con0 now available Press RETURN to get started. 4d21h6m: %RPM0-P:CP %SEC-5-LOGIN_SUCCESS: Login successful for user on line console This is the banner FTOS> Related Commands banner login — sets a banner for login connections to the system. banner motd — sets a Message of the Day banner. exec-banner — Enables the display of a text string when you enter EXEC mode. line — enables and configures the console and virtual terminal lines to the system.
FTOS(conf)#banner login keyboard-interactive Enter TEXT message. End with the character '%'. This is the banner% FTOS(conf)#end FTOS#exit 13d21h9m: %RPM0-P:CP %SEC-5-LOGOUT: Exec session is terminated for user on line console This is the banner FTOS con0 now available Press RETURN to get started. 13d21h10m: %RPM0-P:CP %SEC-5-LOGIN_SUCCESS: Login successful for user on line console This is the banner FTOS> Related Commands banner motd — sets a Message of the Day banner.
debug radius View RADIUS transactions to assist with troubleshooting. Syntax debug radius To disable debugging of RADIUS, use the no debug radius command. Defaults Disabled. Command Modes EXEC Privilege Command History Version 9.3.0.0 Introduced on the M I/O Aggregator. debug tacacs+ To assist with troubleshooting, view TACACS+ transactions. Syntax debug tacacs+ To disable debugging of TACACS+, use the no debug tacacs+ command. Defaults Disabled.
password Enter a text string, up to 32 characters long, as the clear text password. Defaults No password is configured. level = 15. Command Modes CONFIGURATION Command History Usage Information Version 9.3.0.0 Introduced on the M I/O Aggregator. To control access to command modes, use this command to define a password for a level and use the privilege level (CONFIGURATION mode) command. Passwords must meet the following criteria: • Start with a letter, not a number.
ip radius source-interface Specify an interface’s IP address as the source IP address for RADIUS connections. Syntax ip radius source-interface interface To delete a source interface, use the no ip radius source-interface command. Parameters interface Defaults Not configured. Command Modes CONFIGURATION Command History Version 9.3.0.
Defaults Not configured. Command Modes CONFIGURATION Command History Version 9.3.0.0 • For a Gigabit Ethernet interface, enter the keyword GigabitEthernet then the slot/port information. • For Loopback interfaces, enter the keyword loopback then a number from zero (0) to 16838. • For the Null interface, enter the keywords null 0. • For a Port Channel interface, enter the keywords portchannel then a number. The range is from 1 to 128.
Related Commands aaa authentication login — selects the login authentication methods. motd-banner Enable a message of the day (MOTD) banner to appear when you log in to the system. Syntax motd-banner To disable the MOTD banner, use the no motd-banner command. Defaults Enabled on all lines. Command Modes LINE Command History Version 9.3.0.0 Introduced on the M I/O Aggregator. password-attributes Configure the password attributes (strong password).
Defaults none Command Modes CONFIGURATION Command History Related Commands Version 9.3.0.0 Introduced on the M I/O Aggregator. password — specifies a password for users on terminal lines. privilege level (CONFIGURATION mode) Change the access or privilege level of one or more commands. Syntax privilege mode {level level command | reset command} To delete access to a level and command, use the no privilege mode level level command command.
Usage Information To define a password for the level to which you are assigning privilege or access, use the enable password command. privilege level (LINE mode) Change the access level for users on the terminal lines. Syntax privilege level level To delete access to a terminal line, use the no privilege level level command. Parameters level level Enter the keyword level then a number for the access level. The range is from 0 to 15. Level 1 is EXEC mode and Level 15 allows access to all CLI modes.
radius-server host Configure a RADIUS server host. Syntax Parameters radius-server host {hostname | ipv4-address | ipv6-address} [auth-port port-number] [retransmit retries] [timeout seconds] [key [encryption-type] key] hostname Enter the name of the RADIUS server host. ipv4-address | ipv6-address Enter the IPv4 address (A.B.C.D) or IPv6 address (X:X:X:X::X) of the RADIUS server host. auth-port portnumber (OPTIONAL) Enter the keywords auth-port then a number as the port number.
Usage Information To configure any number of RADIUS server hosts for each server host that is configured, use this command. FTOS searches for the RADIUS hosts in the order they are configured in the software. The global default values for the timeout, retransmit, and key optional parameters are applied, unless those values are specified in the radius-server host or other commands.
Parameters seconds Defaults 5 seconds Command Modes CONFIGURATION Command History Related Commands Version 9.3.0.0 Enter the number of seconds between an unsuccessful attempt and the FTOS times out. The range is from zero (0) to 1000 seconds. The default is 5 seconds. Introduced on the M I/O Aggregator. radius-server host — configures a RADIUS host. radius-server key Configure a key for all RADIUS communications between the switch and the RADIUS host server.
show privilege View your access level. Syntax Command Modes Command History show privilege • • EXEC EXEC Privilege Version 9.3.0.0 Introduced on the M I/O Aggregator. Example FTOS#show privilege Current privilege level is 15 FTOS# Related Commands privilege level (CONFIGURATION mode) — assigns access control to different command modes.
timeout seconds (OPTIONAL) Enter the keyword timeout then the number of seconds the switch waits for a reply from the TACACS+ server. The range is from 0 to 1000. The default is 10 seconds. key key (OPTIONAL) Enter the keyword key then a string up to 42 characters long as the authentication key. This authentication key must match the key specified in the tacacs-server key for the TACACS+ daemon. Defaults Not configured. Command Modes CONFIGURATION Command History Usage Information Version 9.3.0.
Command History Usage Information Version 9.3.0.0 Introduced on the M I/O Aggregator. The key configured with this command must match the key configured on the TACACS+ daemon. timeout login response Specify how long the software waits for the login input (for example, the user name and password) before timing out. Syntax timeout login response seconds To return to the default values, use the no timeout login response command.
You can use the MOTD banner to indicate to users of critical upcoming events such as a lab shutdown of devices or of any circuit-level maintenance or downtime that is upcoming so that they can plan and schedule their accessibility to the device , based on the network outages and system reboots. You can modify the banner messages depending on the requirements or conditions.
and password credentials cannot be verified. Only the console port behaves this way, and does so to ensure that users are not locked out of the system if network-wide issue prevents access to these servers. 1. Define an authentication method-list (method-list-name) or specify the default. CONFIGURATION mode aaa authentication login {method-list-name | default} method1 [... method4] The default method-list is applied to all terminal lines.
Enabling AAA Authentication — RADIUS To enable authentication from the RADIUS server, and use TACACS as a backup, use the following commands. 1. Enable RADIUS and set up TACACS as backup. CONFIGURATION mode aaa authentication enable default radius tacacs 2. Establish a host address and password. CONFIGURATION mode radius-server host x.x.x.x key some-password 3. Establish a host address and password. CONFIGURATION mode tacacs-server host x.x.x.
• Access-Reject — the RADIUS server does not authenticate the user. If an error occurs in the transmission or reception of RADIUS packets, you can view the error by enabling the debug radius command. Transactions between the RADIUS server and the client are encrypted (the users’ passwords are not sent in plain text). RADIUS uses UDP as the transport protocol between the RADIUS server host and the client. For more information about RADIUS, refer to RFC 2865, Remote Authentication Dial-in User Service.
Auto-Command You can configure the system through the RADIUS server to automatically execute a command when you connect to a specific line. The auto-command command is executed when the user is authenticated and before the prompt appears to the user. • Automatically execute a command. auto-command Privilege Levels Through the RADIUS server, you can configure a privilege level for the user to enter into when they connect to a session. This value is configured on the client system. • Set a privilege level.
• Create a method list with RADIUS and TACACS+ as authorization methods. CONFIGURATION mode aaa authorization exec {method-list-name | default} radius tacacs+ Typical order of methods: RADIUS, TACACS+, Local, None. If RADIUS denies authorization, the session ends (RADIUS must not be the last method specified). Applying the Method List to Terminal Lines To enable RADIUS AAA login authentication for a method list, apply it to a terminal line.
If you want to change an optional parameter setting for a specific host, use the radius-server host command. To change the global communication settings to all RADIUS server hosts, refer to Setting Global Communication Parameters for all RADIUS Server Hosts. To view the RADIUS configuration, use the show running-config radius command in EXEC Privilege mode. To delete a RADIUS server host, use the no radius-server host {hostname | ip-address} command.
TACACS+ FTOS supports terminal access controller access control system (TACACS+ client, including support for login authentication. Configuration Task List for TACACS+ The following list includes the configuration task for TACACS+ functions.
First bold line: Server key purposely changed to incorrect value. Second bold line: User authenticated using the secondary method.
When configuring a TACACS+ server host, you can set different communication parameters, such as the key password. Example of Specifying a TACACS+ Server Host FTOS# FTOS(conf)# FTOS(conf)#ip access-list standard deny10 FTOS(conf-std-nacl)#permit 10.0.0.0/8 FTOS(conf-std-nacl)#deny any FTOS(conf)# FTOS(conf)#aaa authentication login tacacsmethod tacacs+ FTOS(conf)#aaa authentication exec tacacsauthorization tacacs+ FTOS(conf)#tacacs-server host 25.1.1.
Command Authorization The AAA command authorization feature configures FTOS to send each configuration command to a TACACS server for authorization before it is added to the running configuration. By default, the AAA authorization commands configure the system to check both EXEC mode and CONFIGURATION mode commands. Use the no aaa authorization config-commands command to enable only EXEC mode command checking.
show ip ssh The following example shows using the ip ssh server version 2 command to enable SSH version 2 and the show ip ssh command to confirm the setting. Specifying an SSH Version FTOS(conf)#ip ssh server version 2 FTOS(conf)#do show ip ssh SSH server : disabled. SSH server version : v2. Password Authentication : enabled. Hostbased Authentication : disabled. RSA Authentication : disabled. To disable SSH server functions, use the no ip ssh server enable command.
• ip ssh rsa-authentication: add keys for the RSA authentication. • show crypto: display the public part of the SSH host-keys. • show ip ssh client-pub-keys: display the client public keys used in host-based authentication. • show ip ssh rsa-authentication: display the authorized-keys for the RSA authentication. • ssh-peer-rpm: open an SSH connection to the peer RPM.
Hostbased Authentication : disabled. RSA Authentication : disabled. Using RSA Authentication of SSH The following procedure authenticates an SSH client based on an RSA key using RSA authentication. This method uses SSH version 2. 1. On the SSH client (Unix machine), generate an RSA key, as shown in the following example. 2. Copy the public key id_rsa.pub to the Dell Networking system. 3. Disable password authentication if enabled. CONFIGURATION mode no ip ssh password-authentication enable 4.
7. Bind shosts and rhosts to host-based authentication. CONFIGURATION mode ip ssh pub-key-file flash://filename or ip ssh rhostsfile flash://filename Example of Creating shosts admin@Unix_client# cd /etc/ssh admin@Unix_client# ls moduli sshd_config ssh_host_dsa_key.pub ssh_host_key.pub ssh_host_rsa_key.pub ssh_config ssh_host_dsa_key ssh_host_key ssh_host_rsa_key admin@Unix_client# cat ssh_host_rsa_key.
In this case, verify that host-based authentication is set to “Yes” in the file ssh_config (root permission is required to edit this file): permission denied (host based). If the IP address in the RSA key does not match the IP address from which you attempt to log in, the following message appears. In this case, verify that the name and IP address of the client is contained in the file /etc/hosts: RSA Authentication Error. Telnet To use Telnet with SSH, first enable SSH, as previously described.
Configure local authentication globally and configure access classes on a per-user basis. FTOS can assign different access classes to different users by username. Until users attempt to log in, FTOS does not know if they will be assigned a VTY line. This means that incoming users always see a login prompt even if you have excluded them from the VTY line with a deny-all access class. After users identify themselves, FTOS retrieves the access class from the local database and applies it.
VTY MAC-SA Filter Support FTOS supports MAC access lists which permit or deny users based on their source MAC address. With this approach, you can implement a security policy based on the source MAC address. To apply a MAC ACL on a VTY line, use the same access-class command as IP ACLs. The following example shows how to deny incoming connections from subnet 10.0.0.0 without displaying a login prompt.
17 Simple Network Management Protocol (SNMP) This chapter describes the SNMP enhancements and contains the following sections: • FIPS Compatibility Support for SNMPv3 SNMPv3 Compliance With FIPS This functionality is supported on the S4810, S4820T, S6000, Z9000, I/O Aggregator, and MXL platforms. SNMPv3 is compliant with the Federal information processing standard (FIPS) cryptography standard.
SHA authentication needs to be used with the AES-CFB128 privacy algorithm only when FIPS is enabled because SHA is then the only available authentication level. If FIPS is disabled, you can use MD5 authentication in addition to SHA authentication with the AES-CFB128 privacy algorithm You cannot modify the FIPS mode if SNMPv3 users are already configured and present in the system.
host and to send packets to the host. Minimum: eight characters long. aes128 (OPTIONAL) Enter the keyword aes128 to initiate the AES128-CFB encryption algorithm for transmission of SNMP packets. priv-password (OPTIONAL) Enter a text string (up to 20 characters long) password that enables the host to encrypt the contents of the message it sends to the agent and to decrypt the contents of the message it receives from the agent. Minimum: eight characters long.
18 Stacking This chapter describes the stacking enhancements and contains the following sections: • Configuring the Uplink Speed of Interfaces as 40 Gigabit Ethernet Configuring the Uplink Speed of Interfaces as 40 Gigabit Ethernet You can configure the I/O Aggregator switch in standalone, VLT, and stack modes to operate with an uplink speed of 40 Gigabit Ethernet per second.
Module Type Standalone 10G mode Standalone 40G Mode Stacking 10G Stacking Mode 40G mode VLT 10G Mode (HiGig) VLT 40G Mode (Native) Optional module (2 40GbE) 10G 40G 10G 40G 10G 40G Optional modules (4 10GbE) 10G Error 10G Error 10G Error FC module 10G 10G 10G 10G 10G 10G To configure the uplink speed of the member interfaces in a LAG bundle for the Aggregator that operates in standalone, stacking, or VLT mode to be 40 Gigabit Ethernet per second, perform the following: Specify the
Command Modes Command History Usage Information iom-mode Denotes the operating mode of the I/O Aggregator.
Usage Information The value under the Boot-speed field in the output of the show command indicates the uplink speed that is currently effective on the LAG bundles, whereas the value under the Next-Boot field indicates the uplink speed that is applicable for the LAG bundle after the next reboot of the switch.
Command Modes Command History Usage Information EXEC Privilege Version 9.3.0.0 Introduced on the M I/O Aggregator You can renumber any switch, including the management unit or a stand-alone unit. You cannot renumber a unit to a number of an active member in the stack. When executing this command on the master, the stack reloads. When the members are renumbered, only that specific unit is reset and comes up with the new unit number. Example FTOS#stack-unit 5 renumber 6 Renumbering will reset the unit.
Virtual Link Trunking (VLT) 19 This chapter describes the VLT enhancements and contains the following sections: • VLT Nodes as Rendezvous Points for Multicast Resiliency • Specifying VLT Nodes in a PVLAN • Proxy ARP Capability on VLT Peer Nodes Specifying VLT Nodes in a PVLAN You can configure VLT peer nodes in a private VLAN (PVLAN) on the S4810, S4820T, Z9000, and MXL platforms.
• You can configure a VLT LAG or port channel to be in trunk, access, or promiscuous port modes when you include the VLT LAG in a PVLAN. The VLT LAG settings must be the same on both the peers. If you configure a VLT LAG as a trunk port, you can associate that LAG to be a member of a normal VLAN or a PVLAN. If you configure a VLT LAG to be a promiscuous port, you can configure that LAG to be a member of PVLAN only.
Whenever a change occurs in the VLAN mode of one of the peers, this modification in setting is synchronized with the other peers and depending on the validation mechanism that is initiated for MAC synchronization of VLT peers, MAC addresses learned on a particular VLAN are synchronized and made consistent to the other peers or MAC addresses synchronized from the other peers on the same VLAN are deleted. This method of processing occurs when the PVLAN mode of VLT LAGs is modified.
Table 10.
VLT LAG Mode PVLAN Mode of VLT VLAN Peer1 Peer2 Peer1 Peer2 Trunk Access Primary/Normal Secondary ICL VLAN Membership Mac Synchronization No No Configuring a VLT VLAN or LAG in a PVLAN You can configure the VLT peers or nodes in a private VLAN (PVLAN). Because the VLT LAG interfaces are terminated on two different nodes, PVLAN configuration of VLT VLANs and VLT LAGs are symmetrical and identical on both the VLT peers. PVLANs provide Layer 2 isolation between ports within the same VLAN.
7. Enter the port-channel number that acts as the interconnect trunk. VLT DOMAIN CONFIGURATION mode peer-link port-channel id-number The range is from 1 to 128. 8. (Optional) To configure a VLT LAG Enter the VLAN ID number of the VLAN where the VLT forwards packets received on the VLTi from an adjacent peer that is down. VLT DOMAIN CONFIGURATION mode peer-link port-channel id-number peer-down-vlan vlan interface number The range is from 1 to 4094. Associating the VLT LAG or VLT VLAN in a PVLAN 1.
8. Map secondary VLANs to the selected primary VLAN. INTERFACE VLAN mode private-vlan mapping secondary-vlan vlan-list The list of secondary VLANs can be: – Specified in comma-delimited (VLAN-ID,VLAN-ID) or hyphenated-range format (VLAN-IDVLAN-ID). – Specified with this command even before they have been created. – Amended by specifying the new secondary VLAN to be added to the list. show vlt private-vlan Display the association of private VLAN (PVLAN) with the VLT LAG.
Proxy ARP Capability on VLT Peer Nodes The proxy ARP functionality on VLT peer nodes is supported on the S4810, S4820T, Z9000, I/O Aggregator, and MXL platforms. Proxy ARP enables hosts with knowledge of the network to accept and forward packets from hosts that contain no knowledge of the network. Proxy ARP makes it possible for hosts to be ignorant of the network, including subnetting.
hardware address in the ARP response contains the VLT peer MAC address. Proxy ARP is supported for both unicast and broadcast ARP requests. Control packets other than ARP requests destined to the VLT peers that reach the undesired and incorrect VLT node are dropped if the ICL link is down. Further processing is not done on these control packets. VLT node does not perform any action if it receives gratuitous ARP requests for the VLT peer IP address. Proxy ARP is also supported on secondary VLANs.
You can configure VLT nodes that function as RP as Multicast Source Discovery Protocol (MSDP) peers in different domains. However, you cannot configure the VLT peers as MSDP peers in the same VLT domain. In such a case, RP functionality is not supported by the VLT peer. If the same source or RP is can be accessed over both a VLT and a non-VLT VLAN, you must configure better metrics for the VLT VLANs.
Documentation Updates 20 Because the entire hardware and software documentation set is not being published for Release 9.3.0.0, similar to the earlier major releases, this section has been organized to present behavioral-changes and enhancements to commands and configuration settings that have been implemented in Release 9.3.0.0. We recommend that you read this section in conjunction with the full-blown documentation set of Release 9.2.0.0 of the different platforms.
applied on the egress interface, which must not cause the IGMP queries to be transmitted out of the interface. • The following note applies to the Configuring a VLT VLAN or LAG in a PVLAN section of this Addendum document: When you configure VLT nodes in a PVLAN, you must create the PVLAN after you configure a VLT domain. If you configure the PVLAN before you set up the VLT domain, you must delete and reconfigure the VLANs to enable the VLT interconnect (VLTi) or ICL membership to be correctly added.
• The following note applies to the Marking Egress Packets with a DEI Value section of the S4810, S4820T, S6000, Z9000, and MXL Switch Configuration Guides: You cannot set the Canonical Format Identifier (CFI) bit alone in an outgoing packet because it will cause the IEEE 802.1ad drop eligible indicator (DEI) bit in the outgoing dot1p packet to also be reset.
does not occur if there is no Ethernet traffic and only FCoE traffic is present, or if DCB remains disabled on the ToR switch. • The following note applies to the Protocol Separation section of the EIS chapter of the addendum document: If you configure a source interface is for any EIS management application, EIS might not coexist with that interface and the behavior is undefined in such a case.
Configuring the Commands Without a Separate User Account for the PMUX Mode of the I/O Aggregator Starting with Dell Networking OS Release 9.3.0.0, you can configure and specify the commands that were available in the programmable MUX mode of the I/O Aggregator until Release 9.2.0.0 without having to configure a user profile to access the PMUX mode. As a result, you do not need to define separate user accounts with permissions to access the PMUX mode on the switch.
Data Center Bridging (DCB) 21 Data center bridging (DCB) refers to a set of IEEE Ethernet enhancements that provide data centers with a single, robust, converged network to support multiple traffic types, including local area network (LAN), server, and storage traffic. The Dell Networking operating software (Dell) commands for data center bridging features include 802.1Qbb priority-based flow control (PFC), 802.
Parameters {ets-conf | etsreco | pfc} Enter the PFC and ETS TLVs advertised, where: • ets-conf: enables the advertisement of ETS configuration TLVs. • ets-reco: enables the advertisement of ETS recommend TLVs. • pfc: enables the advertisement of PFC TLVs. Defaults All PFC and ETS TLVs are advertised. Command Modes PROTOCOL LLDP Command History Usage Information Version 9.2(0.0) Introduced on the M I/O Aggregator. This command is supported in Programmable-Mux (PMUX) mode only. Version 8.3.16.
Usage Information By default, equal bandwidth is assigned to each port queue and each dot1p priority in a priority group. To configure bandwidth amounts in associated dot1p queues, use the bandwidth-percentage command. When specified bandwidth is assigned to some port queues and not to others, the remaining bandwidth (100% minus assigned bandwidth amount) is equally distributed to unassigned nonstrict priority queues in the priority group.
dcb-input To apply pause or flow control for specified priorities using a configure delay time, create a DCB input policy. Syntax dcb-input policy-name To delete the DCB input policy, use the no dcb-input command. Parameters policy-name Defaults none Command Modes CONFIGURATION Command History Usage Information Maximum: 32 alphanumeric characters. Version 9.2(0.0) Introduced on the M I/O Aggregator. This command is supported in Programmable-Mux (PMUX) mode only. Version 8.3.16.
Command Modes Command History Usage Information CONFIGURATION Version 8.3.16.1 Introduced on the MXL 10/40GbE Switch IO Module. To associate a priority group with an ETS output policy with scheduling and bandwidth configuration, create a DCB output policy. You can apply a DCB output policy on multiple egress ports. When you apply an ETS output policy on an interface, ETS-configured scheduling and bandwidth allocation take precedence over any configured settings in QoS output policies.
A DCB input policy for PFC applied to an interface may become invalid if you reconfigure the dot1p-queue mapping. This situation occurs when the new dot1pqueue assignment exceeds the maximum number (2) of lossless queues supported globally on the switch. In this case, all PFC configurations received from PFCenabled peers are removed and resynchronized with the peer devices. Traffic may be interrupted when you reconfigure PFC no-drop priorities in an input policy or reapply the policy to an interface.
Parameters policy-name Defaults none Command Modes INTERFACE Command History Usage Information Enter the output policy name. Version 9.2(0.0) Introduced on the M I/O Aggregator. This command is supported in Programmable-Mux (PMUX) mode only. Version 8.3.16.1 Introduced on the MXL 10/40GbE Switch IO Module. When you apply an ETS output policy to on interface, ETS-configured scheduling and bandwidth allocation take precedence over any configured settings in QoS output policies.
Usage Information The dcb-policy output stack-unit all command overwrites any previous dcb-policy output stack-unit stack-unit-id configurations. Similarly, a dcb-policy output stack-unit stack-unit-id command overwrites any previous dcb-policy output stack-unit all configuration. You can apply a DCB output policy with ETS configuration to all stacked ports in a switch stack or an individual stacked switch. You can apply different DCB output policies to different stack units.
dcb stack-unit pfc-buffering pfc-port-count pfc-queues Configure the PFC buffer for all port pipes in a specified stack unit by specifying the port-pipe number, number of PFC-enabled ports, and number of configured lossless queues.
Parameters config-source | autodownstream | auto-upstream | manual Enter the DCBX port role, where: • config-source: configures the port to serve as the configuration source on the switch. • auto-upstream: configures the port to receive a peer configuration. The configuration source is elected from auto-upstream ports. • auto-downstream: configures the port to accept the internally propagated DCB configuration from a configuration source.
Defaults Auto Command Modes INTERFACE PROTOCOL LLDP Command History Usage Information Version 9.2(0.0) Introduced on the M I/O Aggregator. This command is supported in Programmable-Mux (PMUX) mode only. Version 8.3.16.1 Introduced on the MXL 10/40GbE Switch IO Module. DCBX requires that you enable LLDP to advertise DCBX TLVs to peers. Configure DCBX operation at the INTERFACE level on a switch or globally on the switch.
description Enter a text description of the DCB policy (PFC input or ETS output). Syntax description text To remove the text description, use the no description command. Parameters text Enter the description of the output policy. The maximum is 32 characters. Defaults none Command Modes • DCB INPUT POLICY • DCB OUTPUT POLICY Command History Related Commands Version 9.2(0.0) Introduced on the M I/O Aggregator. This command is supported in Programmable-Mux (PMUX) mode only. Version 8.3.16.
level and in an output policy map (the service-policy output command), the QoS configuration in the output policy takes precedence. Related Commands • dcb-output — creates a DCB output policy. • dcb-policy output — applies the output policy. fcoe priority-bits Configure the FCoE priority advertised for the FCoE protocol in application priority TLVs. Syntax fcoe priority-bits priority-bitmap To remove the configured FCoE priority, use the no fcoe priority-bits command.
Usage Information This command is available at the global level only. pfc link-delay Configure the link delay used to pause specified priority traffic. Syntax pfc link-delay value To remove the link delay, use the no pfc link-delay command. Parameters value Defaults 45556 quantum Command Modes DCB INPUT POLICY Command History The range is (in quanta) from 712 to 65535. One quantum is equal to a 512-bit transmission. Version 9.2(0.0) Introduced on the M I/O Aggregator.
PFC on all DCB egress ports or configure the dot1p priority-queue assignment of PFC priorities to lossless queues (refer to pfc no-drop queues). To disable PFC operation on an interface, enter the no pfc mode on command in DCB Input Policy Configuration mode. PFC is enabled and disabled as global DCB operation is enabled (dcb-enable) or disabled (no dcb-enable). You cannot enable PFC and link-level flow control at the same time on an interface. Related Commands dcb-input — creates a DCB input policy.
dot1p Value in the Incoming Frame Description heading 6 3 7 3 pfc priority Configure the CoS traffic to be stopped for the specified delay. Syntax pfc priority priority-range To delete the pfc priority configuration, use the no pfc priority command. Parameters priority-range Defaults none Command Modes DCB INPUT POLICY Command History Usage Information Enter the 802.1p values of the frames to be paused.
Parameters group-name Defaults none Command Modes CONFIGURATION Command History Usage Information Enter the name of the ETS priority group. The maximum is 32 characters. Version 9.2(0.0) Introduced on the M I/O Aggregator. This command is supported in Programmable-Mux (PMUX) mode only. Version 8.3.16.1 Introduced on the MXL 10/40GbE Switch IO Module. A priority group consists of 802.
Command History Usage Information Version 9.2(0.0) Introduced on the M I/O Aggregator. This command is supported in Programmable-Mux (PMUX) mode only. Version 8.3.16.1 Introduced on the MXL 10/40GbE Switch IO Module. The ETS configuration associated with 802.1p priority traffic in a DCB output policy is used in DCBX negotiation with ETS peers.
• set-pgid — configures the priority-group. qos-policy-output ets To configure the ETS bandwidth allocation and scheduling for priority traffic, create a QoS output policy. Syntax qos-policy-output policy-name ets To remove the QoS output policy, use the no qos-policy-output ets command. Parameters Command Modes Command History Usage Information policy-name Enter the policy name. The maximum is 32 characters. CONFIGURATION Version 9.2(0.0) Introduced on the M I/O Aggregator.
Defaults Weighted elastic round robin (WERR) scheduling is used to queue priority traffic. Command Modes POLICY-MAP-OUT-ETS Command History Usage Information Version 9.2(0.0) Introduced on the M I/O Aggregator. This command is supported in Programmable-Mux (PMUX) mode only. Version 8.3.16.1 Introduced on the MXL 10/40GbE Switch IO Module. dot1p priority traffic on the switch is scheduled to the current queue mapping.
show dcb Displays the data center bridging status, the number of PFC-enabled ports, and the number of PFCenabled queues. Syntax Parameters Command Modes Command History show dcb [stack-unit unit-number] unit number Enter the DCB unit number. The range is from 0 to 5. EXEC Privilege Version 9.2(0.0) Introduced on the M I/O Aggregator. This command is supported in Programmable-Mux (PMUX) mode only. Version 8.3.16.1 Introduced on the MXL 10/40GbE Switch IO Module.
Field Description Interface Interface type with chassis slot and port number. Port-Role Configured the DCBX port role: auto-upstream, autodownstream, config-source, or manual. DCBX Operational Status Operational status (enabled or disabled) used to elect a configuration source and internally propagate a DCB configuration. The DCBX operational status is the combination of PFC and ETS operational status.
Example Field Description Peer DCBX Status: DCBX Max Version Supported Highest DCBX version supported in Control TLVs received from the peer device. Peer DCBX Status: Sequence Number Sequence number transmitted in Control TLVs received from the peer device. Peer DCBX Status: Acknowledgment Number Acknowledgement number transmitted in Control TLVs received from the peer device. Total DCBX Frames transmitted Number of DCBX frames sent from the local port.
Protocol State: In-Sync Peer DCBX Status: ---------------DCBX Operational Version is 0 DCBX Max Version Supported is 255 Sequence Number: 2 Acknowledgment Number: 2 Total DCBX Frames transmitted 27 Total DCBX Frames received 6 Total DCBX Frame errors 0 Total DCBX Frames unrecognized 0 show interface ets Displays the ETS configuration applied to egress traffic on an interface, including priority groups with priorities and bandwidth allocation.
Example (Summary) Field Description Admin Parameters ETS configuration on local port, including priority groups, assigned dot1p priorities, and bandwidth allocation. Remote Parameters ETS configuration on remote peer port, including admin mode (enabled if a valid TLV was received or disabled), priority groups, assigned dot1p priorities, and bandwidth allocation. If ETS admin mode is enabled on the remote port for DCBX exchange, the Willing bit received in ETS TLVs from the remote peer is included.
0 0,1,2,3,4,5,6,7 100% ETS 1 0% ETS 2 0% ETS 3 0% ETS 4 0% ETS 5 0% ETS 6 0% ETS 7 0% ETS Priority# Bandwidth TSA 0 13% ETS 1 13% ETS 2 13% ETS 3 13% ETS 4 12% ETS 5 12% ETS 6 12% ETS 7 12% ETS Remote Parameters: ------------------Remote is disabled Local Parameters: -----------------Local is enabled TC-grp Priority# Bandwidth TSA 0 0,1,2,3,4,5,6,7 100% ETS 1 0% ETS 2 0% ETS 3 0% ETS 4 0% ETS 5 0% ETS 6 0% ETS 7 0% ETS Priority# Bandwidth TSA 0 13% ETS 1 13% ETS 2 13% ETS 3 13% ETS 4 12% ETS 5 12% ETS 6 12%
Priority# 0 1 2 3 4 5 6 7 Remote Parameters: ------------------Remote is disabled Local Parameters : -----------------Local is enabled TC-grp Priority# 0 0,1,2,3,4,5,6,7 1 2 3 4 5 6 7 Bandwidth 13% 13% 13% 13% 12% 12% 12% 12% TSA ETS ETS ETS ETS ETS ETS ETS ETS Bandwidth 100% 0% 0% 0% 0% 0% 0% 0% TSA ETS ETS ETS ETS ETS ETS ETS ETS Priority# Bandwidth TSA 0 13% ETS 1 13% ETS 2 13% ETS 3 13% ETS 4 12% ETS 5 12% ETS 6 12% ETS 7 12% ETS Oper status is init Conf TLV Tx Status is disabled Traffic Class TLV
Command History Usage Information Version 9.2(0.0) Introduced on the M I/O Aggregator. This command is supported in Programmable-Mux (PMUX) mode only. Version 8.3.16.1 Introduced on the MXL 10/40GbE Switch IO Module. To clear the PFC TLV counters, use the clear pfc counters interface port-type slot/port command. The following describes the show interface pfc summary command shown in the following example. 306 Field Description Interface Interface type with stack-unit and port number.
Example (Summary) Field Description Application Priority TLV: FCOE TLV Tx Status Status of FCoE advertisements in application priority TLVs from the local DCBX port: enabled or disabled. Application Priority TLV: SCSI TLV Tx Status Status of ISCSI advertisements in application priority TLVs from the local DCBX port: enabled or disabled. Application Priority TLV: Local FCOE Priority Map Priority bitmap the local DCBX port uses in FCoE advertisements in application priority TLVs.
Local FCOE PriorityMap is 0x8 Local ISCSI PriorityMap is 0x10 Remote FCOE PriorityMap is 0x8 Remote ISCSI PriorityMap is 0x8 Dell# show interfaces tengigabitethernet 0/49 pfc detail Interface TenGigabitEthernet 0/49 Admin mode is on Admin is enabled Remote is enabled Remote Willing Status is enabled Local is enabled Oper status is recommended PFC DCBX Oper status is Up State Machine Type is Feature TLV Tx Status is enabled PFC Link Delay 45556 pause quanta Application Priority TLV Parameters : -------------
6 7 0 0 0 0 0 0 show qos dcb-input Displays the PFC configuration in a DCB input policy. Syntax Parameters Command Modes Command History Example show qos dcb-input [pfc-profile] pfc-profile Enter the PFC profile. CONFIGURATION Version 9.2(0.0) Introduced on the M I/O Aggregator. This command is supported in Programmable-Mux (PMUX) mode only. Version 8.3.16.1 Introduced on the MXL 10/40GbE Switch IO Module.
show qos priority-groups Displays the ETS priority groups configured on the switch, including the 802.1p priority classes and ID of each group. Syntax show qos priority-groups Command Modes EXEC Privilege Command History Example Version 9.2(0.0) Introduced on the M I/O Aggregator. This command is supported in Programmable-Mux (PMUX) mode only. Version 8.3.16.1 Introduced on the MXL 10/40GbE Switch IO Module.
0 1 2 3 4 5 6 7 8 0,1,2,3,4,5,6,7 100% - - - - - - - - - ETS Stack unit 1 stack port all Max Supported TC Groups is 4 Number of Traffic Classes is 1 Admin mode is on Admin Parameters: -------------------Admin is enabled TC-grp Priority# Bandwidth TSA -----------------------------------------------0 0,1,2,3,4,5,6,7 100% ETS 1 2 3 4 5 6 7 8 - show stack-unit stack-ports pfc details Displays the PFC configuration applied to ingress traffic on stacked ports, including PFC Operational mode on each unit with
stack unit 1 stack-port all Admin mode is On Admin is enabled, Priority list is 4-5 Local is enabled, Priority list is 4-5 Link Delay 45556 pause quantum 0 Pause Tx pkts, 0 Pause Rx pkts 312 Data Center Bridging (DCB)
22 FIP Snooping In a converged Ethernet network, an MXL Switch can operate as an intermediate Ethernet bridge to snoop on Fibre Channel over Ethernet initialization protocol (FIP) packets during the login process on Fibre Channel over Ethernet (FCoE) forwarders (FCFs). Acting as a transit FIP snooping bridge, the switch uses dynamically-created ACLs to permit only authorized FCoE traffic to be transmitted between an FCoE end-device and an FCF.
Command Modes Command History port-type port/ slot Enter the port-type and slot number of the FIP packet statistics to be cleared. port-channelnumber Enter the port channel number of the FIP packet statistics to be cleared. EXEC Privilege Version 9.2(0.0) Introduced on the M I/O Aggregator. This command is supported in Programmable-Mux (PMUX) mode only. Version 8.3.16.1 Introduced on the MXL 10/40GbE Switch IO Module. feature fip-snooping Enable FCoE transit and FIP snooping on a switch.
Version 8.3.16.1 Usage Information Introduced on the MXL 10/40GbE Switch IO Module. The maximum number of FCFs supported per FIP snooping-enabled VLAN is four. The maximum number of FIP snooping sessions supported per ENode server is 16. fip-snooping fc-map Configure the FC-MAP value FIP snooping uses on all VLANs. Syntax fip-snooping fc-map fc-map-value To return the configured FM-MAP value to the default value, use the no fipsnooping fc-map command.
High Availability (HA) 23 High availability (HA) in the Dell Networking operating software (FTOS) is configuration synchronization to minimize recovery time in the event of a route processor module (RPM) failure. The feature is available on the S4810 S4820T platform. In general, a protocol is defined as “hitless” in the context of an RPM failure/failover and not failures of a line card, SFM, or power module. A protocol is defined as hitless if an RPM failover has no impact on the protocol.
Version 7.6.1.0 Usage Information Introduced on the E-Series. To provide a hitless or warm upgrade, use this command. A hitless upgrade means that a software upgrade does not require a reboot of the line cards. A warm upgrade means that a software upgrade requires a reset of the line cards. A warm upgrade is possible for major releases and lower, while a hitless upgrade can only support patch releases. show redundancy Display the current redundancy configuration.
Field Description • Whether the link to the second RPM is up or down. PEER RPM Status Displays the state of the second RPM, if present RPM Redundancy Configuration Displays the following information: • which RPM is the preferred Primary on next boot (the redundancy primary command) • the data sync method configured (the redundancy synchronize command) • the failover type (you cannot change this type; it is software-dependent).
-- Stack-unit Redundancy Configuration ------------------------------------------------Primary Stack-unit: mgmt-id 0 Auto Data Sync: Full Failover Type: Hot Failover Auto reboot Stack-unit: Disabled Auto failover limit: 3 times in 60 minutes -- Stack-unit Failover Record ------------------------------------------------Failover Count: 0 Last failover timestamp: None Last failover Reason: None Last failover type: None -- Last Data Block Sync Record: ------------------------------------------------Stack Unit C
Runtime Event Log: succeeded Jul 13 2007 21:28:53 Running Config: succeeded Jul 13 2007 21:28:53 FTOS# High Availability (HA) 321
iSCSI Optimization 24 Internet small computer system interface (iSCSI) optimization enables quality-of-service (QoS) treatment for iSCSI storage traffic. To configure and verify the iSCSI optimization feature, use the following Dell Networking operating software commands. advertise dcbx-app-tlv Configure DCBX to send iSCSI TLV advertisements. Syntax advertise dcbx-app-tlv iscsi To disable DCBX iSCSI TLV advertisements, use the no advertise dcbx-apptlv iscsi command. Defaults Disabled.
Command History Version 9.2(0.0) Introduced on the M I/O Aggregator. This command is supported in Programmable-Mux (PMUX) mode only. Version 8.3.16.1 Introduced on the MXL 10/40GbE Switch IO Module. iscsi cos Set the QoS policy that is applied to the iSCSI flows. Syntax iscsi cos {enable | disable | dot1p vlan-priority-value [remark] | dscp dscp-value [remark]} To disable the QoS policy, use the no iscsi cos dscp command.
iscsi enable Globally enable iSCSI optimization. Syntax iscsi enable To disable iSCSI optimization, use the no iscsi enable command. Parameters enable Defaults Disabled. Command Modes CONFIGURATION Command History Usage Information Enter the keyword enable to enable the iSCSI optimization feature. Version 9.2(0.0) Introduced on the M I/O Aggregator. This command is supported in Programmable-Mux (PMUX) mode only. Version 8.3.16.1 Introduced on the MXL 10/40GbE Switch IO Module.
Command Modes Command History INTERFACE Version 9.2(0.0) Introduced on the M I/O Aggregator. This command is supported in Programmable-Mux (PMUX) mode only. Version 8.3.16.1 Introduced on the MXL 10/40GbE Switch IO Module. iscsi target port Configure the iSCSI target ports and optionally, the IP addresses on which iSCSI communication is monitored. Syntax iscsi target port [tcp-port-2...
• iSCSI optimization requires configuring two ingress ACL groups The ACL groups are allocated after iSCSI Optimization is configured. (refer to When to Use CAM Profiling). Configuring iSCSI Optimization To configure iSCSI optimization, use the following commands. 1. For a non-DCB environment: Enable session monitoring. CONFIGURATION mode cam-acl l2acl 4 ipv4acl 4 ipv6acl 0 ipv4qos 2 l2qos 1 l2pt 0 ipmacacl 0 vman-qos 0 ecfmacl 0 fcoeacl 0 iscsioptacl 2 NOTE: In FTOS Version 9.2.(0.
6. (Optional) Configure the iSCSI target ports and optionally the IP addresses on which iSCSI communication is monitored. CONFIGURATION mode [no] iscsi target port tcp-port-1 [tcp-port-2...tcp-port-16] [ip-address address] – tcp-port-n is the TCP port number or a list of TCP port numbers on which the iSCSI target listens to requests. You can configure up to 16 target TCP ports on the switch in one command or multiple commands. The default is 860, 3260. Separate port numbers with a comma.
10. (Optional) Configures the advertised priority bitmap in iSCSI application TLVs. LLDP CONFIGURATION mode [no] iscsi priority-bits. The default is 4 (0x10 in the bitmap). 11. (Optional) Configures the auto-detection of Compellent arrays on a port. INTERFACE mode [no] iscsi profile-compellent. The default is: Compellent disk arrays are not detected.
25 Interfaces The commands in this chapter are supported by Dell Networking operating software (Dell). This chapter contains the following sections: • Basic Interface Commands • Port Channel Commands • Time Domain Reflectometer (TDR) • UDP Broadcast Basic Interface Commands The following commands are for Physical, Loopback, and Null interfaces.
vrrp [vrf instance] (OPTIONAL) Enter the keyword vrrp to clear the counters of all VRRP groups. To clear the counters of VRRP groups in a specified VRF instance, enter the name of the instance (32 characters maximum). learning-limit (OPTIONAL) Enter the keywords learning-limit to clear unknown source address (SA) drop counters when MAC learning limit is configured on the interface. Defaults Without an interface specified, the command clears all interface counters.
Usage Information Related Commands Important Points to Remember: • Spaces between characters are not preserved after entering this command unless you enclose the entire description in quotation marks (“desc_text”). • Entering a text string after the description command overwrites any previous text string that you previously configured as the description. • The shutdown and description commands are the only commands that you can configure on an interface that is a member of a port-channel.
The pause: • • Starts when either the packet pointer or the buffer threshold is met (whichever is met first). When the discard threshold is met, packets are dropped. Ends when both the packet pointer and the buffer threshold fall below 50% of the threshold settings. The discard threshold defines when the interface starts dropping the packet on the interface. This may be necessary when a connected device does not honor the flow control frame sent by the switch.
Related Commands off on off off on on off on off on on off off off on on off on off on on on off off on on off on off on LocNegRx off off off off LocNegTx RemNegRx RemNegTx off off off off off off off off off off off off off off off off off off on off off off on off off off off off off on on on off off on on off off on on off on on on off off on on off off on on off off on on off off on on show running-config — displays the flow configuration parameters (non-default values only).
Defaults Not configured. Command Modes CONFIGURATION Command History Version 9.2(0.0) Introduced on the M I/O Aggregator. This command is supported in Programmable-Mux (PMUX) mode only. Version 8.3.16.1 Introduced on the MXL 10/40GbE Switch IO Module. Usage Information You cannot delete a physical interface. Example Dell(conf)#interface tengig 0/0 Dell(conf-if-tengig-0/0)#exit# Related Commands interface loopback — configures a Loopback interface.
Example Dell(conf)#interface managementethernet 0/0 Dell(conf-if-ma-0/0)# Related Commands management route — configures a static route that points to the Management interface or a forwarding router. duplex (1000/10000 Interfaces)— configure duplex mode on any physical interfaces where the speed is set to 1000/10000. interface range This command permits configuration of a range of interfaces to which subsequent commands are applied (bulk configuration).
Important Points to Remember: • Bulk configuration is created if at least one interface is valid. • Non-existing interfaces are excluded from the bulk configuration with a warning message. • The interface range prompt includes interface types with slot/port information for valid interfaces. The prompt allows for a maximum of 32 characters. If the bulk configuration exceeds 32 characters, it is represented by an ellipsis ( ... ).
Example (Multiple Range) This example shows how to use commas to add SONET, VLAN, and port-channel interfaces to the range. Related Commands interface port-channel — configures a port channel group. Dell(config-if)# interface range gigabitethernet5/1-23, tengigabitethernet1/1–2, Vlan 2–100, Port 1–25 Dell(config-if-range)# no shutdown Dell(config-if-range)# interface vlan — configures a VLAN interface. show config (from INTERFACE RANGE mode) — shows the bulk configuration interfaces.
show vlan — displays the current VLAN configuration on the switch. shutdown — disables/enables the VLAN. tagged — adds a Layer 2 interface to a VLAN as a tagged interface. untagged — adds a Layer 2 interface to a VLAN as an untagged interface. keepalive Send keepalive packets periodically to keep an interface alive when it is not transmitting data. Syntax keepalive [seconds] To stop sending keepalive packets, use the no keepalive command. Parameters seconds Defaults Enabled.
Usage Information If the packet includes a Layer 2 header, the difference between the link MTU and IP MTU (ip mtu command) must be enough bytes to include the Layer 2 header. • The IP MTU is adjusted automatically when you configure the Layer 2 MTU with the mtu command. When you enter the no mtu command, The Dell Networking OS reduces the IP MTU value to 1536 bytes. Link MTU and IP MTU considerations for port channels and VLANs are as follows.
Command Modes Command History Usage Information INTERFACE Version 9.2(0.0) Introduced on the M I/O Aggregator. This command is supported in Programmable-Mux (PMUX) mode only. Version 8.3.16.1 Introduced on the MXL 10/40GbE Switch IO Module. The no negotiation auto command is only available if you first manually set the speed of a port to 10Mbits or 100Mbits.
Input Statistics: ... User Information Both sides of the link must have auto-negotiation enabled or disabled for the link to come up. The following details the possible speed and auto-negotiation combinations for a line between two 10/100/1000 Base-T Ethernet interfaces.
Command History Usage Information Version 9.2(0.0) Introduced on the M I/O Aggregator. This command is supported in Programmable-Mux (PMUX) mode only. Version 8.3.16.1 Introduced on the MXL 10/40GbE Switch IO Module. The following describes the interface command shown in the following example. This example sets a port as hybrid, makes the port a tagged member of VLAN 20, and an untagged member of VLAN 10, which becomes the native VLAN of the port.
V - VLT tagged Name: TenGigabitEthernet 3/20 802.1QTagged: Hybrid Vlan membership: Q Vlans U 20 T 10 Native VlanId: 20.
Version 8.3.16.1 Usage Information Introduced on the MXL 10/40GbE Switch IO Module. Splitting a 40G port into 4x10G port is supported on standalone and stacked units. • You cannot use split ports as stack-link to stack an MXL Switch. • The split ports MXL switch unit cannot be a part of any stacked system. • The unit number with the split ports must be the default (stack-unit 0). • This set up can be verified using show system brief command.
Defaults Not configured. Command Modes INTERFACE PORTCHANNEL Command History Usage Information Version 9.2(0.0) Introduced on the M I/O Aggregator. This command is supported in Programmable-Mux (PMUX) mode only. Version 8.3.16.1 Introduced on the MXL 10/40GbE Switch IO Module. Use the interface port-channel command to access this command. You cannot add an interface to a Port Channel if the interface contains an IP address in its configuration.
interface port-channel Create a Port Channel interface, which is a link aggregation group (LAG) containing 16 physical interfaces on the XML switch. Syntax interface port-channel channel-number To delete a Port Channel, use the no interface port-channel channelnumber command. Parameters channelnumber Defaults Not configured. Command Modes CONFIGURATION Command History Usage Information For a Port Channel interface, enter the keywords portchannel then a number. The range is from 1 to 128.
minimum-links Configure the minimum number of links in a LAG (Port Channel) that must be in “oper up” status for the LAG to be also in “oper up” status. Syntax Parameters minimum-links number number Defaults 1 Command Modes INTERFACE Command History Usage Information Interfaces Enter the number of links in a LAG that must be in “oper up” status. The range is from 1 to 16. The default is 1. Version 9.2(0.0) Introduced on the M I/O Aggregator.
Internet Group Management Protocol (IGMP) 26 The IGMP commands are supported by the Dell Networking operating software (FTOS) on the Z9000 S4810 S4820T platform. This chapter contains the following sections: • IGMP Commands • IGMP Snooping Commands IGMP Commands FTOS supports IGMPv1/v2/v3 and is compliant with RFC-3376. Important Points to Remember • FTOS supports protocol-independent multicast-sparse (PIM-SM) and protocol-independent sourcespecific multicast (PIM-SSM) include and exclude modes.
Command History This guide is platform-specific. For command information about other platforms, refer to the relevant Dell Networking OS Command Line Reference Guide. The following is a list of the Dell Networking OS version history for this command. Version 9.2(0.0) Introduced on the M I/O Aggregator. This command is supported in Programmable-Mux (PMUX) mode only. Version 9.0.2.0 Introduced on the S6000. Version 8.3.19.0 Introduced on the S4820T. Version 8.3.11.1 Introduced on the Z9000.
Version 7.8.1.0 Introduced on the S-Series. Version 7.7.1.0 Introduced on the C-Series. E-Series legacy command ip igmp querier-timeout Change the interval that must pass before a multicast router decides that there is no longer another multicast router that should be the querier. Z9000 S4810 S4820TS6000 Syntax ip igmp querier-timeout seconds To return to the default value, use the no ip igmp querier-timeout command.
ip igmp query-interval Change the transmission frequency of IGMP general queries the Querier sends. Z9000 S4810 S4820TS6000 Syntax ip igmp query-interval seconds To return to the default values, use the no ip igmp query-interval command. Parameters seconds Enter the number of seconds between queries sent out. The range is from 1 to 18000. The default is 60 seconds. Defaults 60 seconds Command Modes INTERFACE Command History This guide is platform-specific.
To return to the default values, use the no ip igmp query-max-resp-time command. Parameters seconds Enter the number of seconds for the maximum response time. The range is from 1 to 25. The default is 10 seconds. Defaults 10 seconds Command Modes INTERFACE Command History This guide is platform-specific. For command information about other platforms, refer to the relevant Dell Networking OS Command Line Reference Guide.
Command Modes INTERFACE Command History This guide is platform-specific. For command information about other platforms, refer to the relevant Dell Networking OS Command Line Reference Guide. The following is a list of the Dell Networking OS version history for this command. Version 9.0.2.0 Introduced on the S6000. Version 9.2(0.0) Introduced on the M I/O Aggregator. This command is supported in Programmable-Mux (PMUX) mode only. Version 8.3.19.0 Introduced on the S4820T. Version 8.3.11.
• When enabled, IGMP snooping Querier does not start if there is a statically configured multicast router interface in the VLAN. • When enabled, IGMP snooping Querier starts after one query interval in case no IGMP general query (with IP SA lower than its VLAN IP address) is received on any of its VLAN members. • When enabled, IGMP snooping Querier periodically sends general queries with an IP source address of the VLAN interface.
NOTE: Execute the no shutdown command on the VLAN interface for IGMP Snooping to function. Related Commands shutdown — (no shutdown) activates an interface. ip igmp snooping fast-leave Enable IGMP snooping fast-leave for this VLAN. Z9000 S4810 S4820TS6000 Syntax ip igmp snooping fast-leave To disable IGMP snooping fast leave, use the no igmp snooping fast-leave command. Defaults Not configured. Command Modes INTERFACE VLAN — (conf-if-vl-n) Command History This guide is platform-specific.
ip igmp snooping last-member-query-interval The last member query interval is the maximum response time inserted into Group-Specific queries sent in response to Group-Leave messages. Z9000 S4810 S4820TS6000 Syntax ip igmp snooping last-member-query-interval milliseconds To return to the default value, use the no ip igmp snooping last-memberquery-interval command. Parameters milliseconds Enter the interval in milliseconds. The range is from 100 to 65535. The default is 1000 milliseconds.
Parameters interface interface Enter the following keywords and slot/port or number information: • For a 100/1000 Ethernet interface, enter the keyword gigabitethernet followed by the slot/port information. • For a 1-Gigabit Ethernet interface, enter the keyword gigabitethernet followed by the slot/port information. • For a 10-Gigabit Ethernet interface, enter the keyword TenGigabitEthernet then the slot/port information.
ip igmp snooping querier Enable IGMP querier processing for the VLAN interface. Z9000 S4810 S4820TS6000 Syntax ip igmp snooping querier To disable IGMP querier processing for the VLAN interface, use the no ip igmp snooping querier command. Defaults Not configured. Command Modes INTERFACE VLAN — (conf-if-vl-n) Command History This guide is platform-specific. For command information about other platforms, refer to the relevant Dell Networking OS Command Line Reference Guide.
27 Layer 2 This chapter describes commands to configure Layer 2 features. This chapter contains the following sections: • MAC Addressing Commands • Virtual LAN (VLAN) Commands MAC Addressing Commands The following commands are related to configuring, managing, and viewing MAC addresses. mac-address-table aging-time Specify an aging time for MAC addresses to remove from the MAC address table.
mac-address-table static Associate specific MAC or hardware addresses to an interface and virtual local area networks (VLANs). Syntax mac-address-table static mac-address output interface vlan vlan-id To remove a MAC address, use the no mac-address-table static macaddress output interface vlan vlan-id command. Parameters mac-address Enter the 48-bit hexadecimal address in nn:nn:nn:nn:nn:nn format.
Command History Usage Information Layer 2 Version 9.2(0.0) Introduced on the M I/O Aggregator. This command is supported in Programmable-Mux (PMUX) mode only. Version 8.3.16.1 Introduced on the MXL 10/40GbE Switch IO Module. For details about using this command, refer to the “NIC Teaming” section of the Layer 2 chapter in the Dell Networking OS Configuration Guide.
28 Link Aggregation Control Protocol (LACP) This chapter contains commands for Dell Networks’s implementation of the link aggregation control protocol (LACP) for creating dynamic link aggregation groups (LAGs) — known as “port-channels” in the Dell Networking operating software. NOTE: For static LAG commands, refer to Port Channel Commands in the Interfaces chapter), based on the standards specified in the IEEE 802.
Defaults 32768 Command Modes INTERFACE Command History Version 9.2(0.0) Introduced on the M I/O Aggregator. This command is supported in Programmable-Mux (PMUX) mode only. Version 8.3.16.1 Introduced on the MXL 10/40GbE Switch IO Module. port-channel mode Configure the LACP port channel mode. Syntax Parameters port-channel number mode [active] [passive] [off] number Enter the keywords number then a number. active Enter the keyword active to set the mode to the active state.
Mode Function passive An interface is not in an active negotiating state in this mode. LACP runs on any link configured in the passive state. Ports in a passive state respond to negotiation requests from other ports that are in active states. Ports in a passive state respond to LACP packets off An interface cannot be part of a dynamic port channel in off mode. LACP does not run on a port configured in off mode. port-channel-protocol lacp Enable LACP on any LAN port.
• Configuring the Minimum Oper Up Links in a Port Channel (optional) • Adding or Removing a Port Channel from a VLAN (optional) • Assigning an IP Address to a Port Channel (optional) • Deleting or Disabling a Port Channel (optional) • Load Balancing Through Port Channels (optional) Creating a Port Channel You can create up to 128 port channels with eight port members per group on the Z9000 S4810 S4820T. To configure a port channel, use the following commands. 1. Create a port channel.
To view the interface’s configuration, enter INTERFACE mode for that interface and use the show config command or from EXEC Privilege mode, use the show running-config interface interface command. When an interface is added to a port channel, FTOS recalculates the hash algorithm. To add a physical interface to a port, use the following commands. 1. Add the interface to a port channel.
Output 81.60Mbits/sec, 133658 packets/sec Time since last interface status change: 04:31:57 FTOS> When more than one interface is added to a Layer 2-port channel, FTOS selects one of the active interfaces in the port channel to be the primary port. The primary port replies to flooding and sends protocol data units (PDUs). An asterisk in the show interfaces port-channel brief command indicates the primary port.
no ip address channel-member GigabitEthernet 1/8 no shutdown FTOS(conf-if-portch)#no chann gi 1/8 FTOS(conf-if-portch)#int port 5 FTOS(conf-if-portch)#channel gi 1/8 FTOS(conf-if-portch)#sho conf ! interface Port-channel 5 no ip address channel-member GigabitEthernet 1/8 shutdown FTOS(conf-if-portch)# Configuring the Minimum Oper Up Links in a Port Channel You can configure the minimum links in a port channel (LAG) that must be in “oper up” status to consider the port channel to be in “oper up” status.
• no untagged port-channel id number Identify which port channels are members of VLANs. EXEC Privilege mode show vlan Configuring VLAN Tags for Member Interfaces To configure and verify VLAN tags for individual members of a port channel, perform the following: 1. Configure VLAN membership on individual ports INTERFACE mode FTOS(conf-if-te-0/2)#vlan tagged 2,3-4 2.
Link Layer Discovery Protocol (LLDP) 29 Link layer discovery protocol (LLDP) advertises connectivity and management from the local station to the adjacent stations on an IEEE 802 LAN. LLDP facilitates multi-vendor interoperability by using standard management tools to discover and make available a physical topology for network management. The Dell Networking operating software implementation of LLDP is based on IEEE standard 801.1ab.
Related Commands protocol lldp (Configuration) — enables LLDP globally. debug lldp interface — debugs LLDP. show lldp neighbors — displays the LLDP neighbors. show running-config lldp — displays the LLDP running configuration. advertise dot3-tlv Advertise dot3 TLVs (Type, Length, Value). Syntax advertise dot3-tlv {max-frame-size} To remove advertised dot3-tlv, use the no advertise dot3-tlv {max-framesize} command.
Command Modes Command History Usage Information CONFIGURATION (conf-lldp) Version 9.2(0.0) Introduced on the M I/O Aggregator. This command is supported in Programmable-Mux (PMUX) mode only. Version 8.3.16.1 Introduced on the MXL 10/40GbE Switch IO Module. The command options system-capabilities, system-description, and system-name can be invoked individually or together, in any sequence.
Defaults none Command Modes EXEC Privilege Command History Version 9.2(0.0) Introduced on the M I/O Aggregator. This command is supported in Programmable-Mux (PMUX) mode only. Version 8.3.16.1 Introduced on the MXL 10/40GbE Switch IO Module. debug lldp interface To display timer events, neighbor additions or deletions, and other information about incoming and outgoing packets, enable LLDP debugging.
Defaults none Command Modes EXEC Privilege Command History Version 9.2(0.0) Introduced on the M I/O Aggregator. This command is supported in Programmable-Mux (PMUX) mode only. Version 8.3.16.1 Introduced on the MXL 10/40GbE Switch IO Module. disable Enable or disable LLDP. Syntax disable To enable LLDP, use the no disable command. Defaults Enabled, that is no disable. Command Modes CONFIGURATION (conf-lldp) and INTERFACE (conf-if-interface-lldp) Command History Related Commands Version 9.
Command History Version 9.2(0.0) Introduced on the M I/O Aggregator. This command is supported in Programmable-Mux (PMUX) mode only. Version 8.3.16.1 Introduced on the MXL 10/40GbE Switch IO Module. mode To receive or transmit, set LLDP. Syntax mode {tx | rx} To return to the default, use the no mode {tx | rx} command. Parameters tx Enter the keyword tx to set the mode to transmit. rx Enter the keyword rx to set the mode to receive. Defaults Both transmit and receive.
Version 8.3.16.1 Introduced on the MXL 10/40GbE Switch IO Module. Configure LLDP Configuring LLDP is a two-step process. 1. Enable LLDP globally. 2. Advertise TLVs out of an interface. Related Configuration Tasks • Viewing the LLDP Configuration • Viewing Information Advertised by Adjacent LLDP Agents • Configuring LLDPDU Intervals • Configuring Transmit and Receive Mode • Configuring a Time to Live • Debugging LLDP Important Points to Remember • LLDP is enabled by default.
multiplier no show LLDP multiplier configuration Negate a command or set its defaults Show LLDP configuration R1(conf-lldp)#exit R1(conf)#interface gigabitethernet 1/31 R1(conf-if-gi-1/31)#protocol lldp R1(conf-if-gi-1/31-lldp)#? advertise Advertise TLVs disable Disable LLDP protocol on this interface end Exit from configuration mode exit Exit from LLDP configuration mode hello LLDP hello configuration mode LLDP mode configuration (default = rx and tx) multiplier LLDP multiplier configuration no Negate a
Enabling LLDP on Management Ports LLDP on management ports is enabled by default. To enable LLDP on management ports, use the following command. 1. Enter Protocol LLDP mode. CONFIGURATION mode protocol lldp 2. Enable LLDP. PROTOCOL LLDP mode no disable Disabling and Undoing LLDP on Management Ports To disable or undo LLDP on management ports, use the following command. 1. Enter Protocol LLDP mode. CONFIGURATION mode. protocol lldp 2. Enter LLDP management-interface mode.
To advertise TLVs, use the following commands. 1. Enter LLDP mode. CONFIGURATION or INTERFACE mode protocol lldp 2. Advertise one or more TLVs. PROTOCOL LLDP mode advertise {management-tlv | dot1-tlv | dot3-tlv | med} Include the keyword for each TLV you want to advertise. – For management TLVs: system-capabilities, system-description. – For 802.1 TLVs: port-protocol-vlan-id, port-vlan-id vlan-name. – For 802.3 TLVs: max-frame-size.
Viewing the LLDP Configuration To view the LLDP configuration, use the following command. • Display the LLDP configuration.
Example of Viewing Details Advertised by Neighbors R1#show lldp neighbors detail ======================================================================== Local Interface Gi 1/21 has 1 neighbor Total Frames Out: 6547 Total Frames In: 4136 Total Neighbor information Age outs: 0 Total Frames Discarded: 0 Total In Error Frames: 0 Total Unrecognized TLVs: 0 Total TLVs Discarded: 0 Next packet will be sent after 7 seconds The neighbors are given below: -------------------------------------------------------------
R1(conf-lldp)#show config ! protocol lldp advertise dot1-tlv port-protocol-vlan-id port-vlan-id advertise dot3-tlv max-frame-size advertise management-tlv system-capabilities system-description mode tx no disable R1(conf-lldp)#no mode R1(conf-lldp)#show config ! protocol lldp advertise dot1-tlv port-protocol-vlan-id port-vlan-id advertise dot3-tlv max-frame-size advertise management-tlv system-capabilities system-description no disable R1(conf-lldp)# Configuring Transmit and Receive Mode After you enable L
! protocol lldp advertise dot1-tlv port-protocol-vlan-id port-vlan-id advertise dot3-tlv max-frame-size advertise management-tlv system-capabilities system-description no disable R1(conf-lldp)# Configuring a Time to Live The information received from a neighbor expires after a specific amount of time (measured in seconds) called a time to live (TTL). The TTL is the product of the LLDPDU transmit interval (hello) and an integer called a multiplier.
30 Quality of Service (QoS) The Dell Networking operating software (FTOS) commands for quality of service (QoS) include traffic conditioning and congestion control. QoS commands are supported on the I/O Aggregator Z-Series S4810 S4820T platform. This chapter contains the following sections: • Global Configuration Commands • Per-Port QoS Commands • Policy-Based QoS Commands Per-Port QoS Commands Per-port QoS (port-based QoS) allows you to define the QoS configuration on a per-physical-port basis.
Command History Usage Information Version 9.2(0.0) Introduced on the M I/O Aggregator. This command is supported in Programmable-Mux (PMUX) mode only. Version 8.3.16.1 Introduced on the MXL 10/40GbE Switch IO Module. The dot1p-priority command changes the priority of incoming traffic on the interface. The system places traffic marked with a priority in the correct queue and processes that traffic according to its queue.
To return to the default setting, use the no service-class dynamic dot1p command. Defaults Command Modes Command History Usage Information All dot1p traffic is mapped to Queue 0 unless you enable the service-class dynamic dot1p command. The default mapping is as follows: dot1p Queue ID 0 0 1 0 2 0 3 1 4 2 5 3 6 3 7 3 • INTERFACE • CONFIGURATION Version 9.2(0.0) Introduced on the M I/O Aggregator. This command is supported in Programmable-Mux (PMUX) mode only. Version 8.3.16.
service-class dot1p-mapping Configure a service-class criterion based on a dot1p value. Z9000 S4810 S4820T Syntax Parameters Defaults service-class dot1p-mapping {dot1p0 value | dot1p1 value | dot1p2 value | dot1p3 value | dot1p4 value| dot1p5 value | dot1p6 value | dot1p7 value} dot1p0 value ... dot1p7 value Enter a dot1p list number and value. The list number range is from 0 to 7. The range is from 0 to 3.
Parameters number Defaults none Command Modes CONFIGURATION Command History Usage Information Enter the bandwidth-weight, as a percentage. The value must be a power of 2. The range is from 1 to 100. Version 9.2(0.0) Introduced on the M I/O Aggregator. This command is supported in Programmable-Mux (PMUX) mode only. Version 8.3.16.1 Introduced on the MXL 10/40GbE Switch IO Module.
Command History Version 9.2(0.0) Introduced on the M I/O Aggregator. This command is supported in Programmable-Mux (PMUX) mode only. Version 8.3.16.1 Introduced on the MXL 10/40GbE Switch IO Module. Usage Information The unit of bandwidth percentage is 1%. A bandwidth percentage of 0 is allowed and disables the scheduling of that class. If the sum of the bandwidth percentages given to all eight classes exceeds 100%, the bandwidth percentage automatically scales down to 100%.
description Add a description to the selected policy map or QoS policy. Syntax description {description} To remove the description, use the no description {description} command. Parameters description Enter a description to identify the policies (80 characters maximum). Defaults none Command Modes CONFIGURATION (policy-map-input and policy-map-output; conf-qos-policy-in and conf-qos-policy-out; wred) Command History Related Commands Version 9.2(0.0) Introduced on the M I/O Aggregator.
Version 8.3.16.1 Usage Information Related Commands Introduced on the MXL 10/40GbE Switch IO Module. Aggregate input/output QoS policy applies to all the port ingoing/outgoing traffic. Aggregate input/output QoS policy can coexist with per queue input/output QoS policies. 1. If only aggregate input QoS policy exists, input traffic conditioning configurations (rate-police) apply. Any marking configurations in aggregate input QoS policy are ignored. 2.
qos-policy-output Create a QoS output policy. Syntax qos-policy-output qos-policy-name To remove an existing output QoS policy, use the no qos-policy-output qospolicy-name command. Parameters qos-policyname Defaults none Command Modes CONFIGURATION Command History Usage Information Enter your output QoS policy name in character format (32 characters maximum). Version 9.2(0.0) Introduced on the M I/O Aggregator. This command is supported in Programmable-Mux (PMUX) mode only. Version 8.3.16.
burst-KB (OPTIONAL) Enter the burst size in KB. The range is from 16 to 200000. The default is 100. peak peak-rate (OPTIONAL) Enter the keyword peak then a number to specify the peak rate in Mbps. The range is from 0 to 10000. The default is the same as designated for committed-rate. Defaults Burst size is 100 KB. peak-rate is the same as committed-rate. Granularity for committed-rate and peak-rate is Mbps unless you use the kbps option.
Related Commands rate shape — shapes traffic output as part of the designated policy. service-policy output Apply an output policy map to the selected interface. Syntax service-policy output policy-map-name To remove the output policy map from the interface, use the no servicepolicy output policy-map-name command. Parameters policy-mapname Defaults none Command Modes INTERFACE Command History Enter the name for the policy map in character format (16 characters maximum).
NOTE: This option is available under policy-mapinput only. qos-policy qos-policyname (OPTIONAL) Enter the keywords qos-policy then the QoS policy name assigned to the queue in text format (32 characters maximum). This specifies the input QoS policy assigned to the queue under policy-map-input and output QoS policy under policy-map-output context. Defaults none Command Modes CONFIGURATION (conf-policy-map-in and conf-policy-map-out) Command History Version 9.2(0.0) Introduced on the M I/O Aggregator.
show qos policy-map View the QoS policy map information.
Example (Summary IPv4) Dell#sho qos policy-map summary Interface policy-map-input policy-map-output Gi 4/1 PM1 Gi 4/2 PM2 PMOut Dell# show qos policy-map-output View the output QoS policy map details. Syntax Parameters show qos policy-map-output [policy-map-name] [qos-policy-output qos-policy-name] policy-mapname Enter the policy map name. qos-policyoutput qospolicy-name Enter the keyword qos-policy-output then the QoS policy name.
Command History Example Version 8.3.16.1 Introduced on the MXL 10/40GbE Switch IO Module. Dell#show qos qos-policy-output Dell#show qos qos-policy-output Qos-policy-output qmap_out Bandwidth-percentage 10 Qos-policy-output qmap_wg Rate-shape 100 50 Wred yellow wy Wred green wg Dell# show qos statistics View QoS statistics.
Usage Information The following describes the show qos statistics command in the following example. Field (ED and EE) Description Queue # Queue Number Matched Pkts The number of packets that matched the class-map criteria. NOTE: When you configure trust, matched packet counters are not incremented in this field.
Example Dell#show qos wred-profile Wred-profile-name wred_drop wred_ge_y wred_ge_g wred_teng_y wred_teng_g WRED1 min-threshold 0 1024 2048 4096 8192 2000 max-threshold 0 2048 4096 8192 16384 7000 wred Designate the WRED profile to yellow or green traffic. Syntax wred [[{yellow | green} profile-name] ecn] To remove the WRED drop precedence, use the no wred {yellow | green} [profile-name] command. Parameters yellow | green Enter the keyword yellow for yellow traffic.
wred-profile Create a WRED profile and name the profile. Syntax wred-profile wred-profile-name To remove an existing WRED profile, use the no wred-profile command. Parameters wred-profilename Enter your WRED profile name in character format (16 character maximum). Or use one of the pre-defined WRED profile names. You can configure up to 26 WRED profiles plus the five pre-defined profiles, for a total of 31 WRED profiles. Pre-defined Profiles: wred_drop, wred-ge_y, wred_ge_g, wred_teng_y, wred_teng_g.
31 reload-type Configure a switch to reload as a DHCP client in BMP mode with all ports configured for Layer 3 traffic or in Normal mode. Z9000 S4810 S4820TS6000 Syntax reload-type [bmp | normal—reload {[auto—save {enable | disable}] | [config-scr-download {enable | disable}] | [dhcptimeout minutes]| retry-count number | vendor-class-identifier description] Use the disable bmp command to stop the BMP process. Parameters bmp (Default) Enable the BMP reload type.
retry-count number Configure the number of times to retry loading the FTOS image and configuration download. The retry limit is 0–6. If the retry limit is 0, no retry is performed. The default is 0. vendor-classidentifier description (Optional) Enter a brief description for DHCP Option 60. Maximum is 64 characters long. NOTE: This parameter replaces the deprecated parameter userdefined-string. Defaults BMP Switches running BMP 3.
mode, enter the stop bmp command. The startup configuration is then loaded from the local flash on the switch. To toggle between Normal and BMP Auto Configuration modes, use the reloadtype command in BMP 3.0. Reload settings for Auto Configuration mode that you configure are stored in memory and retained for future reboots and BMP software upgrades. To reload the switch in the last configured mode: Normal reload or BMP mode, you can enter the reload command at any time.
32 Simple Network Management Protocol (SNMP) and Syslog This chapter contains commands to configure and monitor the simple network management protocol (SNMP) v1/v2/v3 and Syslog. Both features are supported on the Z-Series S4810 S4820T platform. The chapter contains the following sections: • SNMP Commands • Syslog Commands SNMP Commands The following SNMP commands are available in the Dell Networking operating software (FTOS).
To disable traps, use the no snmp-server enable traps [notificationtype] [notification-option] command. Parameters notificationtype notificationoption Enter the type of notification from the following list: • bgp — Notification of changes in the BGP process. • config — Notification of changes to the startup or running configuration. • ecfm — Notification of changes to ECFM. • ecmp — Enable an ECMP trap to notify of ECMP or link bundle traffic imbalances.
Version 9.2(0.0) Introduced on the M I/O Aggregator. This command is supported in Programmable-Mux (PMUX) mode only. Version 9.1(0.0) Added support for copy-config and ecmp traps. Version 8.3.19.0 Introduced on the S4820T. Version 8.3.11.1 Introduced on the Z9000. Version 8.3.7.0 Introduced on the S4810. Version 8.4.1.0 Added support for VRRP traps. Version 7.6.1.0 Added support for STP and xSTP traps. Introduced on the SSeries. Version 7.5.1.0 Introduced on the C-Series.
NOTE: The :: notation specifies successive hexadecimal fields of zero. traps (OPTIONAL) Enter the keyword traps to send trap notifications to the specified host. The default is traps. informs (OPTIONAL) Enter the keyword informs to send inform notifications to the specified host. The default is traps. version 1 | 2c | 3 (OPTIONAL) Enter the keyword version to specify the security model then the security model version number 1, 2c, or 3: • Version 1 is the least secure version.
• vrrp — State change in a VRRP group. • xstp — State change in MSTP (802.1s), RSTP (802.1w), and PVST+. The default is all trap types are sent to host. Defaults As above. Command Modes CONFIGURATION Command History This guide is platform-specific. For command information about other platforms, refer to the relevant FTOS Command Line Reference Guide. The following is a list of the FTOS version history for this command. Version 9.2(0.0) Introduced on the M I/O Aggregator.
snmp-server enable command and the snmp-server host command for that host must be enabled. NOTE: For v1 / v2c trap configuration, if the community-string is not defined using the snmp-server community command prior to using this command, the default form of the snmp-server community command automatically is configured with the community-name the same as specified in the snmpserver host command. Configuring Informs To send an inform, use the following steps: Related Commands 1.
Version 7.5.1.0 Introduced on the C-Series. E-Series legacy command Related Commands show logging — displays logging settings and system messages in the internal buffer. logging Configure an IP address or host name of a Syslog server where logging messages are sent. Multiple logging servers of both IPv4 and/or IPv6 can be configured. Z-Series S4810 S4820T Syntax logging {ip-address | ipv6-address | hostname} To disable logging, use the no logging command.
Usage Information Multiple logging servers of both IPv4 and/or IPv6 can be configured. Related Commands logging on — enables the logging asynchronously to logging buffer, console, Syslog server, and terminal lines. logging trap — enables logging to the Syslog server based on severity. logging buffered Enable logging and specify which messages are logged to an internal buffer. By default, all messages are logged to the internal buffer.
E-Series legacy command Usage Information When you decrease the buffer size, all messages stored in the buffer are lost. Increasing the buffer size does not affect messages stored in the buffer. Related Commands clear logging — clears the logging buffer. default logging buffered — returns the logging buffered parameters to the default setting. show logging — displays the logging setting and system messages in the internal buffer. logging console Specify which messages are logged to the console.
Related Commands clear logging — clears the logging buffer. default logging console — returns the logging console parameters to the default setting. show logging — displays the logging setting and system messages in the internal buffer. logging monitor Specify which messages are logged to Telnet applications. Z-Series S4810 S4820T Syntax logging monitor [level] To disable logging to terminal connections, use the no logging monitor command.
logging source-interface Specify that the IP address of an interface is the source IP address of Syslog packets sent to the Syslog server. Z9000 S4810 S4820T Syntax logging source-interface interface To disable this command and return to the default setting, use the no logging source-interface command. Parameters interface Enter the following keywords and slot/port or number information: • For Loopback interfaces, enter the keyword loopback then a number from zero (0) to 16383.
E-Series legacy command Usage Information Syslog messages contain the IP address of the interface used to egress the router. By configuring the logging source-interface command, the Syslog packets contain the IP address of the interface configured. Related Commands logging — enables logging to the Syslog server. show logging Display the logging settings and system messages logged to the internal buffer of the switch.
E-Series legacy command Example (Partial) FTOS#show logging Syslog logging: enabled Console logging: level debugging Monitor logging: level debugging Buffer logging: level debugging, 5604 Messages Logged, Size (524288 bytes) Trap logging: level informational Oct 8 09:25:37: %RPM1:RP1 %BGP-5-ADJCHANGE: Connection with neighbor 223.80.255.254 closed. Hold time expired Oct 8 09:25:38: %RPM1:RP1 %BGP-5-ADJCHANGE: Neighbor 192.200.13.2 Up Oct 8 09:25:38: %RPM1:RP1 %BGP-5-ADJCHANGE: Neighbor 192.1.1.
show logging driverlog stack-unit Display the driver log for the specified stack member. S4810 S4820T Z9000 Syntax Parameters show logging driverlog stack-unit unit# stack-unit unit# Enter the keywords stack-unit followed by the stack member ID of the switch for which you want to display the driver log. The range is from 0 to 1. defaults none Command Modes • EXEC • EXEC Privilege Command History This guide is platform-specific.
Command History This guide is platform-specific. For command information about other platforms, refer to the relevant FTOS Command Line Reference Guide. The following is a list of the FTOS version history for this command. Version 9.2(0.0) Introduced on the M I/O Aggregator. This command is supported in Programmable-Mux (PMUX) mode only. Version 8.3.19.0 Introduced on the S4820T. Version 8.3.11.1 Introduced on the Z9000. Version 8.3.7.0 Introduced on the S4810. Version 7.6.1.
33 Storm Control The Dell Networking operating software (FTOS) storm control feature allows you to limit or suppress traffic during a traffic storm (Broadcast/Unknown Unicast Rate Limiting or Multicast on the C-Series and S-Series). Storm control is supported on the Dell Networking Z-Series S4810 S4820T platforms.
• Defaults none Command Modes • EXEC • EXEC Privilege Command History For a 40-Gigabit Ethernet interface, enter the keyword fortyGigE then the slot/ port information. This guide is platform-specific. For command information about other platforms, refer to the relevant Dell Networking OS Command Line Reference Guide. The following is a list of the Dell Networking OS version history for this command. Version 9.0.2.0 Introduced on the S6000. Version 9.2(0.0) Introduced on the M I/O Aggregator.
wred-profile name Enter the keyword wred-profile followed by the profile name to designate a wred-profile. packets_per_se cond in Enter the packets per second of broadcast traffic allowed into the network. The range is from 0 to 33554368. Defaults none Command Modes CONFIGURATION (conf) Command History This guide is platform-specific. For command information about other platforms, refer to the relevant Dell Networking OS Command Line Reference Guide.
Command Modes CONFIGURATION (conf) Command History This guide is platform-specific. For command information about other platforms, refer to the relevant Dell Networking OS Command Line Reference Guide. The following is a list of the Dell Networking OS version history for this command. Usage Information Version 9.0.2.0 Introduced on the S6000. Version 9.2(0.0) Introduced on the M I/O Aggregator. This command is supported in Programmable-Mux (PMUX) mode only. Version 8.3.19.
Storm Control Version 8.3.19.0 Introduced on the S4820T. Version 8.3.11.1 Introduced on the Z9000. Version 8.3.7.0 Introduced on the S4810. Version 7.6.1.0 Introduced on the S-Series. Version 7.5.1.0 Introduced on the C-Series. Version 7.4.1.0 E-Series Only: Added the percentage decimal value option. Version 6.5.1.0 Introduced on the E-Series.
Uplink Failure Detection (UFD) 34 Uplink failure detection (UFD) provides detection of the loss of upstream connectivity and, if you use this with NIC teaming, automatic recovery from a failed link. UFD is supported on the S4810 S4820T Dell Networking platform. clear ufd-disable Re-enable one or more downstream interfaces on the switch/router that are in a UFD-Disabled Error state so that an interface can send and receive traffic.
Command History This guide is platform-specific. For command information about other platforms, refer to the relevant FTOS Command Line Reference Guide. The following is a list of the FTOS version history for this command. Related Commands Version 9.2(0.0) Introduced on the M I/O Aggregator. This command is supported in Programmable-Mux (PMUX) mode only. Version 8.3.19.0 Introduced on the S4820T. Version 8.3.12.0 Introduced on the S4810. Version 8.4.2.3 Introduced on the S-Series S50.
Related Commands Version 8.3.12.0 Introduced on the S4810. Version 8.4.2.3 Introduced on the S-Series S50. clear ufd-disable — re-enables downstream interfaces that are in a UFD-Disabled Error state. description Enter a text description of an uplink-state group. S4810 S4820T Syntax Parameters description text text Text description of the uplink-state group. The maximum length is 80 alphanumeric characters.
downstream Assign a port or port-channel to the uplink-state group as a downstream interface. S4810 S4820T Syntax downstream interface To delete an uplink-state group, enter the no downstream interface command.
You can assign an interface to only one uplink-state group. Configure each interface assigned to an uplink-state group as either an upstream or downstream interface, but not both. You can assign individual member ports of a port channel to the group. An uplinkstate group can contain either the member ports of a port channel or the port channel itself, but not both. Related Commands • upstream — assigns a port or port-channel to the uplink-state group as an upstream interface.
downstream disable links Configure the number of downstream links in the uplink-state group that are disabled if one upstream link in an uplink-state group goes down. S4810 S4820T Syntax downstream disable links {number |all} To revert to the default setting, use the no downstream disable links command. Parameters number Enter the number of downstream links to be brought down by UFD. The range is from 1 to 1024. all Brings down all downstream links in the group.
enable Enable uplink state group tracking for a specific UFD group. S4810 S4820T Syntax enable To disable upstream-link tracking without deleting the uplink-state group, use the no enable command. Defaults Upstream-link tracking is automatically enabled in an uplink-state group. Command Modes UPLINK-STATE-GROUP Command History This guide is platform-specific. For command information about other platforms, refer to the relevant FTOS Command Line Reference Guide.
• Command History EXEC Privilege This guide is platform-specific. For command information about other platforms, refer to the relevant FTOS Command Line Reference Guide. The following is a list of the FTOS version history for this command. Example Related Commands Version 9.2(0.0) Introduced on the M I/O Aggregator. This command is supported in Programmable-Mux (PMUX) mode only. Version 8.3.19.0 Introduced on the S4820T. Version 8.3.12.0 Introduced on the S4810. Version 8.4.2.
Command Modes Command History • • EXEC EXEC Privilege This guide is platform-specific. For command information about other platforms, refer to the relevant FTOS Command Line Reference Guide. The following is a list of the FTOS version history for this command. Example Version 9.2(0.0) Introduced on the M I/O Aggregator. This command is supported in Programmable-Mux (PMUX) mode only. Version 8.3.19.0 Introduced on the S4820T. Version 8.3.12.0 Introduced on the S4810. Version 8.4.2.
Related Commands • show running-config uplink-state-group — displays the current configuration of one or more uplink-state groups. • uplink-state-group — create an uplink-state group and enables the tracking of upstream links. uplink-state-group Create an uplink-state group and enable the tracking of upstream links on a switch/ router. S4810 S4820T Syntax uplink-state-group group-id To delete an uplink-state group, enter the no uplink-state-group group-id command.
Example Related Commands FTOS(conf)#uplink-state-group 16 FTOS(conf)# 02:23:17: %RPM0-P:CP %IFMGR-5-ASTATE_UP: Changed uplink state group Admin state to up: Group 16 • show running-config uplink-state-group — displays the current configuration of one or more uplink-state groups. • show uplink-state-group — displays the status information on a specified uplink-state group or all groups. upstream Assign a port or port-channel to the uplink-state group as an upstream interface.
Usage Information Version 8.3.19.0 Introduced on the S4820T. Version 8.3.12.0 Introduced on the S4810. Version 8.4.2.3 Introduced on the S-Series S50. You can assign physical port or port-channel interfaces to an uplink-state group. You can assign an interface to only one uplink-state group. Configure each interface assigned to an uplink-state group as either an upstream or downstream interface, but not both. You can assign individual member ports of a port channel to the group.
Virtual Link Trunking (VLT) 35 Virtual link trunking (VLT) is supported on the Z-Series S4810S4820T platform. VLT allows physical links between two chassis to appear as a single virtual link to the network core. VLT eliminates the requirement for Spanning Tree protocols by allowing link aggregation group (LAG) terminations on two separate distribution or core switches, and by supporting a loop-free topology.
interval seconds Enter the keyword interval to specify the time interval to send hello messages. The range is from 1 to 5 seconds. The default is 1 second. Defaults 1 second Command Modes VLT DOMAIN Command History This guide is platform-specific. For command information about other platforms, refer to the relevant FTOS Command Line Reference Guide. The following is a list of the FTOS version history for this command. Version 9.2(0.0) Introduced on the M I/O Aggregator.
Version 9.2(0.0) Introduced on the M I/O Aggregator. This command is supported in Programmable-Mux (PMUX) mode only. Version 9.2(0.2) Added multicast and ndp parameters. Version 9.0.0.0 Introduced on the Z9000. Version 8.3.19.0 Introduced on the S4820T. Version 8.3.12.0 Introduced on the S4810.
Usage Information Related Commands Version 8.3.19.0 Introduced on the S8420T. Version 8.3.12.0 Introduced on the S4810. To delay the system from bringing up the VLT port for a brief period to allow IGMP Snooping and Layer 3 routing protocols to converge, use the delay-restore parameter. Use this feature: • after a VLT device is reloaded. • if the Peer VLT device was up at the time the VLTi link failed to the time when it was restored. show vlt statistics — displays statistics on VLT operations.
Usage Information LACP on the VLT ports (on a VLT switch or access device), which are members of the virtual link trunk, is not brought up until the VLT domain is recognized on the access device. On the S4810, during boot-up in a stacking configuration, the system must be able to reach the DHCP server with the boot image and configuration image. During boot-up, only untagged DHCP requests are sent to the DHCP server to receive an offer on static LAGs between switches.
Usage Information Version 9.0.0.0 Introduced on the Z9000. Version 8.3.19.0 Introduced on the S4820T. Version 8.3.12.0 Added support for the peer-down-vlan parameter. Version 8.3.8.0 Introduced on the S4810. To configure the VLAN from where the VLT peer forwards packets received over the VLTi from an adjacent VLT peer that is down, use the peer-down-vlan parameter. When a VLT peer with bare metal provisioning (BMP) is booting up, it sends untagged DHCP discover packets to its peer over the VLTi.
show vlt mismatch Display mismatches in VLT parameters. Z9000 S4810 S4820TS6000 Syntax show vlt mismatch Command Modes EXEC Command History This guide is platform-specific. For command information about other platforms, refer to the relevant Dell Networking OS Command Line Reference Guide. The following is a list of the Dell Networking OS version history for this command. Example Version 9.0.2.0 Introduced on the S6000. Version 9.2(0.0) Introduced on the M I/O Aggregator.
Parameters mac-address Enter the system MAC address for the VLT domain. Defaults Not configured. Command Modes VLT DOMAIN Command History This guide is platform-specific. For command information about other platforms, refer to the relevant Dell Networking OS Command Line Reference Guide. The following is a list of the Dell Networking OS version history for this command. Usage Information Version 9.2(0.0) Introduced on the M I/O Aggregator.
Usage Information Version 9.0.0.0 Introduced on the Z9000. Version 8.3.19.0 Introduced on the S4820T. Version 8.3.8.0 Introduced on the S4810. When you create a VLT domain on a switch, FTOS automatically assigns a unique unit ID (0 or 1) to each peer switch. The unit IDs are used for internal system operations. Use the unit-id command to explicitly configure the unit ID of a VLT peer. Configure a different unit ID (0 or 1) on each peer switch.
vlt-peer-lag port-channel Associate the port channel to the corresponding port channel in the VLT peer for the VLT connection to an attached device. Z-Series S4810 S4820T Syntax Parameters vlt-peer-lag port-channel id-number id-number Enter the respective vlt port-channel number of the peer device. Defaults Not configured. Command Modes INTERFACE PORT-CHANNEL Command History This guide is platform-specific.
• • • • Provides fast convergence if either the link or a device fails. Optimized forwarding with virtual router redundancy protocol (VRRP). Provides link-level resiliency. Assures high availability. CAUTION: Dell Networking does not recommend enabling Stacking and VLT simultaneously. If you enable both features at the same time, unexpected behavior occurs.
aggregation are in Active-Active Load Sharing mode. This example provides the highest form of resiliency, scaling, and load balancing in data center switching networks. The following example shows stacking at the access, VLT in aggregation, and Layer 3 at the core. The aggregation layer is mostly in the L2/L3 switching/routing layer.
• VLT domain — This domain includes both the VLT peer devices, VLT interconnect, and all of the port channels in the VLT connected to the attached devices. It is also associated to the configuration mode that you must use to assign VLT global parameters. • VLT peer device — One of a pair of devices that are connected with the special port channel known as the VLT interconnect (VLTi). VLT peer switches have independent management planes.
• Bulk Sync happens only for Global IPv6 Neighbors; Link-local neighbor entries are not synced. • If all of the following conditions are true, MAC addresses may not be synced correctly: – VLT peers use VLT interconnect (VLTi) – Sticky MAC is enabled on an orphan port in the primary or secondary peer – MACs are currently inactive If this scenario occurs, use the clear mac-address-table sticky all command on the primary or secondary peer to correctly sync the MAC addresses.
– Port-channel link aggregation (LAG) across the ports in the VLT interconnect is required; individual ports are not supported. Dell Networking strongly recommends configuring a static LAG for VLTi. – The VLT interconnect synchronizes L2 and L3 control-plane information across the two chassis. – The VLT interconnect is used for data traffic only when there is a link failure that requires using VLTi in order for data packets to reach their final destination.
properties to identify connectivity to a common client device and automatically generates a VLT number for port channels on VLT peers that connects to the device. The discovery protocol requires that an attached device always runs LACP over the port-channel interface. – VLT provides a loop-free topology for port channels with endpoints on different chassis in the VLT domain.
• VLT and VRRP interoperability – In a VLT domain, VRRP interoperates with virtual link trunks that carry traffic to and from access devices (refer to Overview). The VLT peers belong to the same VRRP group and are assigned master and backup roles. Each peer actively forwards L3 traffic, reducing the traffic flow over the VLT interconnect. – VRRP elects the router with the highest priority as the master in the VRRP group.
traffic assumes the role of the Primary Peer. If the original Primary Peer is restored, the VLT peer reassigned as the Primary Peer retains this role and the other peer must be reassigned as a Secondary Peer. Peer role changes are reported as SNMP traps. VLT Bandwidth Monitoring When bandwidth usage of the VLTi (ICL) exceeds 80%, a syslog error message (shown in the following message) and an SNMP trap are generated.
VLT Port Delayed Restoration With FTOS version 8.3.12.0 8.3.12.0 8.3.19.0, when a VLT node boots up, if the VLT ports have been previously saved in the start-up configuration, they are not immediately enabled. To ensure MAC and ARP entries from the VLT per node are downloaded to the newly enabled VLT node, the system allows time for the VLT ports on the new node to be enabled and begin receiving traffic.
Figure 5. PIM-Sparse Mode Support on VLT On each VLAN where the VLT peer nodes act as the first hop or last hop routers, one of the VLT peer nodes is elected as the PIM designated router. If you configured IGMP snooping along with PIM on the VLT VLANs, you must configure VLTi as the static multicast router port on both VLT peer switches. This ensures that for first hop routers, the packets from the source are redirected to the designated router (DR) if they are incorrectly hashed.
To route traffic to and from the multicast source and receiver, enable PIM on the L3 side connected to the PIM router using the ip pim sparse-mode command. Each VLT peer runs its own PIM protocol independently of other VLT peers. To ensure the PIM protocol states or multicast routing information base (MRIB) on the VLT peers are synced, if the incoming interface (IIF) and outgoing interface (OIF) are Spanned, the multicast route table is synced between the VLT peers.
• L3 routing is enabled on any VLAN with an admin state of up. NOTE: If the CAM is full, do not enable peer-routing. Configuring VLT Unicast To enable and configure VLT unicast, follow these steps. 1. Enable VLT on a switch, then configure a VLT domain and enter VLT-domain configuration mode. CONFIGURATION mode vlt domain domain-id 2. Enable peer-routing. VLT DOMAIN mode peer-routing 3. Configure the peer-routing timeout.
• • When using factory default settings on a new switch deployed as a VLT node, packet loss may occur due to the requirement that all ports must be open. ECMP is not compatible on VLT nodes using VLT multicast. You must use a single VLAN. Configuring VLT Multicast To enable and configure VLT multicast, follow these steps. 1. Enable VLT on a switch, then configure a VLT domain and enter VLT-domain configuration mode. CONFIGURATION mode vlt domain domain-id 2. Enable peer-routing.
• Display the VLT peer status, role of the local VLT switch, VLT system MAC address and system priority, and the MAC address and priority of the locally-attached VLT device. EXEC mode • show vlt role Display the current configuration of all VLT domains or a specified group on the switch. EXEC mode • show running-config vlt Display statistics on VLT operation.
Domain ID: Role: Role Priority: ICL Link Status: HeartBeat Status: VLT Peer Status: Local Unit Id: Version: Local System MAC address: Remote System MAC address: Configured System MAC address: Remote system version: Delay-Restore timer: 1000 Secondary 32768 Up Up Up 0 5(1) 00:01:e8:8a:e9:70 00:01:e8:8a:e7:e7 00:0a:0a:01:01:0a 5(1) 90 seconds FTOS_VLTpeer2# show vlt brief VLT Domain Brief -----------------Domain ID: Role: Role Priority: ICL Link Status: HeartBeat Status: VLT Peer Status: Local Unit Id: Vers
System Role Priority: 32768 Local System MAC address: 00:01:e8:8a:df:e6 Local System Role Priority: 32768 Example of the show running-config vlt Command FTOS_VLTpeer1# show running-config vlt ! vlt domain 30 peer-link port-channel 60 back-up destination 10.11.200.18 FTOS_VLTpeer2# show running-config vlt ! vlt domain 30 peer-link port-channel 60 back-up destination 10.11.200.
Executing IEEE compatible Spanning Tree Protocol Root ID Priority 0, Address 0001.e88a.dff8 Root Bridge hello time 2, max age 20, forward delay 15 Bridge ID Priority 0, Address 0001.e88a.dff8 We are the root Configured hello time 2, max age 20, forward delay 15 Interface Designated Name PortID Prio Cost Sts Cost Bridge ID PortID ---------- -------- ---- ------- -------- - ------- ------------Po 1 128.2 128 200000 DIS 0 0 0001.e88a.dff8 128.2 Po 3 128.4 128 200000 DIS 0 0 0001.e88a.dff8 128.4 Po 4 128.
Isolated Q: U - Untagged, T - Tagged x - Dot1x untagged, X - Dot1x tagged G - GVRP tagged, M - Vlan-stack, H - Hyperpull tagged NUM Status Description Q Ports 10 Active U Po110(Fo 0/52) T Po100(Fo 0/56,60) Configuring Virtual Link Trunking (VLT Peer 2) Enable VLT and create a VLT domain with a backup-link VLT interconnect (VLTi). FTOS_VLTpeer2(conf)#vlt domain 999 FTOS_VLTpeer2(conf-vlt-domain)#peer-link port-channel 100 FTOS_VLTpeer2(conf-vlt-domain)#back-up destination 10.11.206.
interface Port-channel 11 no ip address switchport channel-member fortyGigE 1/18,22 no shutdown Troubleshooting VLT To help troubleshoot different VLT issues that may occur, use the following information. NOTE: For information on VLT Failure mode timing and its impact, contact your Dell Networking representative. Table 11.
Description Behavior at Peer Up Behavior During Run Time Action to Take System MAC mismatch A syslog error message and an SNMP trap are generated. A syslog error message and an SNMP trap are generated. Verify that the unit ID of VLT peers is not the same on both units and that the MAC address is the same on both units. Unit ID mismatch The VLT peer does not boot up. The VLTi is forced to a down state. A syslog error message is generated. The VLT peer does not boot up.
FC Flex IO Modules This part provides a generic, broad-level description of the operations, capabilities, and configuration commands of the Fiber Channel (FC) Flex IO module.
Understanding and Working of the FC Flex IO Modules 36 This chapter provides a generic, broad-level description of the operations and functionality of the Fiber Channel (FC) Flex IO module, and contains the following sections: • FC Flex IO Modules Overview • FC Flex IO Module Capabilities and Operations • Guidelines for Working with FC Flex IO Modules • Processing of Data Traffic • Installing and Configuring the Switch • Interconnectivity of FC Flex IO Modules with Cisco MDS Switches FC Flex I
In a typical Fibre Channel storage network topology, separate network interface cards (NICs) and host bus adapters (HBAs) on each server (two each for redundancy purposes) are connected to LAN and SAN networks respectively. These deployments typically include a ToR SAN switch in addition to a ToR LAN switch. By employing converged network adapters (CNAs) that the FC Flex IO module supports, CNAs are used to transmit FCoE traffic from the server instead of separate NIC and HBA devices.
• A distance of up to 300 meters is supported at 8 Gbps for Fibre Channel traffic. • Multiple domains are supported in an NPIV proxy gateway (NPG). • You cannot configure the MXL and Aggregator switches in Stacking mode if the switches contain the FC Flex IO module. Similarly, FC Flex IO modules do not function when you insert them in to a stack of MXL/Aggregrator switches.
• When the Dell Networking OS sends FC frames (the initial FLOGI or FLOGO messages), or converts FLOGI to FDISC messages or processes any internally generated FC frames, the software computes and verifies the FC cyclic redundancy check (CRC) value before sending the frame to FC ports. • Fabric worldwide name (WWN) verification is available for eight FC ports. Single-switching WWN capability is provided when the switch operates in NPIV mode.
Installing the Optics The following optical ports are supported on the FC Flex IO module using one of the supported breakout cables: • 4G or 8G Fibre Channel small form-factor pluggable plus (SFP+) optics module and LC connectors over a distance of 150 meters. • 4G or 8G Fibre Channel SFP+ optics module and LC connectors over a distance of 4 km. CAUTION: Electrostatic discharge (ESD) damage can occur if the components are mishandled.
If FC Flex IO modules are installed, the I/O Aggregator does not perform FIP snooping because the FIP frames are terminated on the switch for NPIV operations. However, on MXL Switches, you can configure the switch to operate in FIP Snooping or NPIV mode. If the MXL 10/40GbE Switch functions in the NPIV mode and you attempt to set the uplink port to be a FCF or a bridge port, a warning message displays and the setting is not saved.
Installing and Configuring Flowchart for FC Flex IO Modules Understanding and Working of the FC Flex IO Modules 483
To see if a switch is running the latest Dell Networking OS version, use the show version command. To download a Dell Networking OS version, go to http://support.dell.com. Installation Site Preparation Before installing the switch or switches, make sure that the chosen installation location meets the following site requirements: • Clearance — There is adequate front and rear clearance for operator access. Allow clearance for cabling, power connections, and ventilation.
Interconnectivity of FC Flex IO Modules with Cisco MDS Switches In a network topology that contains Cisco MDS switches, FC Flex IO modules that are plugged into the MXL and I/O Aggregator switches enable interoperation for a robust, effective deployment of the NPIV proxy gateway and FCoE-FC bridging behavior.
Figure 6. Case 1: Deployment Scenario of Configuring FC Flex IO Modules Figure 7.
37 Data Center Bridging (DCB) for FC Flex IO Modules Data center bridging (DCB) refers to a set of IEEE Ethernet enhancements that provide data centers with a single, robust, converged network to support multiple traffic types, including local area network (LAN), server, and storage traffic. The Fibre Channel (FC) Flex IO module is supported on Dell Networking MXL 10/40GbE Switch and Dell PowerEdge IO Aggregator (IOA).
You must not modify the service-class dot1p mappings when any buffer-threshold-policy is configured on the system. S4810-1(conf)#service-class dot1p-mapping dot1p0 3 % Error: PFC buffer-threshold policies conflict with dot1p mappings. Please remove all dcb-buffer-threshold policies to change mappings.
To remove a DCB map from an interface, enter the no dcb-map map-name command in Interface configuration mode. Related Commands show qos dcb-map– displays the dcb-map profiles configured on the system. dcb-map stack-unit all stack-ports all– applies a DCB map on all ports of a switch stack. priority-pgid Assign 802.1p priority traffic to a priority group in a DCB map.
Using the priority-pgid command, you assign each 802.1p priority to one priority group. A priority group consists of 802.1p priority values that are grouped together for similar bandwidth allocation and scheduling, and that share latency and loss requirements. All 802.1p priorities mapped to the same queue must be in the same priority group. For example, the priority-pgid 0 0 0 1 2 4 4 4 command creates the following groups of 802.
Command History Usage Information Version 9.3.0.0 Introduced on the S4810 and S6000 platforms. Version 9.3.0.0 Introduced on the FC Flex IO module installed in the M I/O Aggregator and MXL 10/40GbE Switch. Use the dcb-map command to configure priority groups with PFC and/or ETS settings and apply them to Ethernet interfaces. Use the priority-pgid command to map 802.1p priorities to a priority group. You can assign each 802.1p priority to only one priority group. A priority group consists of 802.
Command Modes Command History CONFIGURATION Version 9.3.0.0 Introduced on the S4810 and S6000 platforms. Version 9.3.0.0 Introduced on the FC Flex IO module installed in the M I/O Aggregator and MXL 10/40GbE Switch. Usage Information The dcb-map stack-unit all stack-ports all command overwrites any previous DCB maps applied to stack ports. Related Commands dcb-map – creates a DCB map to configure PFC and ETS parameters and applies the PFC and ETS settings on Ethernet ports.
Example Field Description TSA Transmission scheduling algorithm used by the priority group: Enhanced Transmission Selection (ETS). BW Percentage of bandwidth allocated to the priority group. PFC PFC setting for the priority group: On (enabled) or Off. Priorities 802.1p priorities configured in the priority group.
advertise dcbx-appln-tlv On a DCBX port with a manual role, configure the application priority TLVs advertised on the interface to DCBX peers. Syntax advertise dcbx-appln-tlv {fcoe | iscsi} To remove the application priority TLVs, use the no advertise dcbx-applntlv {fcoe | iscsi} command. Parameters {fcoe | iscsi} Enter the application priority TLVs, where: • fcoe: enables the advertisement of FCoE in application priority TLVs. • iscsi: enables the advertisement of iSCSI in application priority TLVs.
Command History Usage Information Version 9.3.0.0 Introduced on the FC Flex IO module installed in the M I/O Aggregator and MXL 10/40GbE Switch You can configure the transmission of more than one TLV type at a time; for example: advertise dcbx-tlv ets-conf ets-reco. You can enable ETS recommend TLVs (ets-reco) only if you enable ETS configuration TLVs (ets-conf). To disable TLV transmission, use the no form of the command; for example, no advertise dcbx-tlv pfc ets-reco.
Configure DCBX operation at the INTERFACE level on a switch or globally on the switch. To verify the DCBX configuration on a port, use the show interface dcbx detail command. dcbx version Configure the DCBX version used on the interface. Syntax dcbx version {auto | cee | cin | ieee-v2.5} To remove the DCBX version, use the dcbx version {auto | cee | cin | ieee-v2.5} command. Parameters auto | cee | cin | ieee-v2.
Parameters {all | autodetect-timer | config-exchng | fail | mgmt | resource | sem | tlv} Defaults none Command Modes EXEC Privilege Command History Version 9.3.0.0 Enter the type of debugging, where: • all: enables all DCBX debugging operations. • auto-detect-timer: enables traces for DCBX autodetect timers. • config-exchng: enables traces for DCBX configuration exchanges. • fail: enables traces for DCBX failures. • mgmt: enables traces for DCBX management frames.
iscsi priority-bits Configure the iSCSI priority advertised for the iSCSI protocol in application priority TLVs. Syntax iscsi priority-bits priority-bitmap To remove the configured iSCSI priority, use the no iscsi priority-bits command. Parameters priority-bitmap Defaults 0x10 Command Modes PROTOCOL LLDP Command History Usage Information Version 9.3.0.0 Enter the priority-bitmap range. The range is from 1 to FF.
Field Description DCBX Operational Status Operational status (enabled or disabled) used to elect a configuration source and internally propagate a DCB configuration. The DCBX operational status is the combination of PFC and ETS operational status. Configuration Source Specifies whether the port serves as the DCBX configuration source on the switch: true (yes) or false (no). Local DCBX Compatibility mode DCBX version accepted in a DCB configuration as compatible.
Example Field Description Peer DCBX Status: Sequence Number Sequence number transmitted in Control TLVs received from the peer device. Peer DCBX Status: Acknowledgment Number Acknowledgement number transmitted in Control TLVs received from the peer device. Total DCBX Frames transmitted Number of DCBX frames sent from the local port. Total DCBX Frames received Number of DCBX frames received from the remote peer port. Total DCBX Frame errors Number of DCBX frames with errors received.
DCBX Max Version Supported is 255 Sequence Number: 2 Acknowledgment Number: 2 Total DCBX Frames transmitted 27 Total DCBX Frames received 6 Total DCBX Frame errors 0 Total DCBX Frames unrecognized 0 ETS Commands The following ETS commands are supported on the FC Flex IO module installed in the M I/O Aggregator and MXL 10/40GbE Switch, and S4810 and S6000 platforms. bandwidth-percentage Configure the bandwidth percentage allocated to priority traffic in port queues.
equally distributed to nonstrict-priority groups which have no configured scheduler. Related Commands • qos-policy-output ets — creates a QoS output policy. • scheduler — schedules priority traffic in port queues. clear ets counters Clear all ETS TLV counters on an interface. Syntax Parameters clear ets counters port-type slot/port port-type Defaults none Command Modes EXEC Privilege Command History Version 9.3.0.0 Enter the keywords port-type then the slot/port information.
To display the PFC and ETS settings in DCB maps, enter the show qos dcb-map command. Use the dcb-map command to create a DCB map to specify PFC and ETS settings and apply it on Ethernet ports. After you apply a DCB map to an interface, the PFC and ETS settings in the map are applied when the Ethernet port is enabled. DCBx is enabled on Ethernet ports by default. The dcb-map command is supported only on physical Ethernet interfaces.
dcb-policy output Apply the output policy with the ETS configuration to an egress interface. Syntax dcb-policy output policy-name To delete the output policy, use the no dcb-policy output command. Parameters policy-name Defaults none Command Modes INTERFACE Command History Usage Information Version 9.3.0.0 Enter the output policy name.
Command History Usage Information Version 9.3.0.0 Introduced on the FC Flex IO module installed in the M I/O Aggregator and MXL 10/40GbE Switch The dcb-policy output stack-unit all command overwrites any previous dcb-policy output stack-unit stack-unit-id configurations. Similarly, a dcb-policy output stack-unit stack-unit-id command overwrites any previous dcb-policy output stack-unit all configuration.
Defaults ETS mode is on. Command Modes DCB OUTPUT POLICY Command History Usage Information Related Commands Version 9.3.0.0 Introduced on the FC Flex IO module installed in the M I/O Aggregator and MXL 10/40GbE Switch If you disable ETS in an output policy applied to an interface using the no ets mode on command, any previously configured QoS settings at the interface or global level takes effect.
Related Commands • priority-list — configures the 802.1p priorities for an ETS output policy. • set-pgid — configures the priority-group. priority-group bandwidth pfc Configure the ETS bandwidth allocation and PFC mode used to manage port traffic in an 802.1p priority group.
If a priority group does not use its allocated bandwidth, the unused bandwidth is made available to other priority groups. To remove a priority-group configuration in a DCB map, enter the no prioritygroup bandwidth pfc command. By default, equal bandwidth is assigned to each dot1p priority in a priority group. Use the bandwidth parameter to configure the bandwidth percentage assigned to a priority group.
priority-list Configure the 802.1p priorities for the traffic on which you want to apply an ETS output policy. Syntax priority-list value To remove the priority list, use the no priority-list command. Parameters value Defaults none Command Modes PRIORITY-GROUP Command History Usage Information Related Commands Version 9.3.0.0 Enter the priority list value. Separate priority values with a comma; specify a priority range with a dash; for example, priority-list 3,5-7. The range is from 0 to 7.
Usage Information If an error occurs in an ETS output-policy configuration, the configuration is ignored and the scheduler and bandwidth allocation settings are reset to the ETS default values (all priorities are in the same ETS priority group and bandwidth is allocated equally to each priority). If an error occurs when a port receives a peer’s ETS configuration, the port’s configuration is reset to the previously configured ETS output policy.
• bandwidth-percentage — bandwidth percentage allocated to priority traffic in port queues. set-pgid Configure the priority-group identifier. Syntax set-pgid value To remove the priority group, use the no set-pgid command. Parameters value Defaults none Command Modes PRIORITY-GROUP Command History Related Commands Version 9.3.0.0 Enter the priority group identification. The range is from 0 to 7. Introduced on the FC Flex IO module installed in the M I/O Aggregator and MXL 10/40GbE Switch.
Field Description Interface Interface type with stack-unit and port number. Max Supported TC Group Maximum number of priority groups supported. Number of Traffic Classes Number of 802.1p priorities currently configured. Admin mode ETS mode: on or off. When on, the scheduling and bandwidth allocation configured in an ETS output policy or received in a DCBX TLV from a peer can take effect on an interface.
Example (Summary) Field Description Error Conf TLV pkts Number of ETS Error Configuration TLVs received. Input Reco TLV pkts Number of ETS Recommendation TLVs received. Output Reco TLV pkts Number of ETS Recommendation TLVs transmitted. Error Reco TLV pkts Number of ETS Error Recommendation TLVs received.
5 12% ETS 6 12% ETS 7 12% ETS Oper status is init Conf TLV Tx Status is disabled Traffic Class TLV Tx Status is disabled Example (Detail) Dell(conf)# show interfaces tengigabitethernet 0/0 ets detail Interface TenGigabitEthernet 0/0 Max Supported TC Groups is 4 Number of Traffic Classes is 8 Admin mode is on Admin Parameters : -----------------Admin is enabled TC-grp Priority# Bandwidth TSA 0 0,1,2,3,4,5,6,7 100% ETS 1 0% ETS 2 0% ETS 3 0% ETS 4 0% ETS 5 0% ETS 6 0% ETS 7 0% ETS Priority# 0 1 2 3 4 5 6 7 R
0 Input Conf TLV Pkts, 0 Output Conf TLV Pkts, 0 Error Conf TLV Pkts 0 Input Traffic Class TLV Pkts, 0 Output Traffic Class TLV Pkts, 0 Error Traffic Class TLV Pkts show qos dcb-output Displays the ETS configuration in a DCB output policy. Syntax Parameters Command Modes Command History Example show qos dcb-output [ets-profile] [ets-profile] Enter the ETS profile. EXEC Privilege Version 9.3.0.0 Introduced on the FC Flex IO module installed in the M I/O Aggregator and MXL 10/40GbE Switch.
show stack-unit stack-ports ets details Displays the ETS configuration applied to egress traffic on stacked ports, including ETS Operational mode on each unit and the configurated priority groups with dot1p priorities, bandwidth allocation, and scheduler type. Syntax Parameters Command Modes Command History Example show stack-unit {all | stack-unit} stack-ports {all | portnumber} ets details stack-unit Enter the stack unit identification. port-number Enter the port number. CONFIGURATION Version 9.3.
7 8 - - PFC Commands The following PFC commands are supported on the FC Flex IO module installed in the M I/O Aggregator and MXL 10/40GbE Switch, and S4810 and S6000 platforms. clear pfc counters Clear the PFC TLV counters and PFC statistics on an interface or stack unit. Syntax Parameters clear pfc counters [port-type slot/port | stack-unit {unit number | all } all stack-ports all}] | interface {statistics}] port-type Enter the keywords port-type then the slot/port information.
Command Modes Command History Usage Information port-set Enter the port-set identification. The only valid port-set ID (port-pipe number) on an MXL Switch is 0. pfc-ports {1-56} Enter the pfc-ports. The range is from 1 to 56. pfc-queues {1-2} Enter the pfc-queue number. The range is from 1 to 2. CONFIGURATION Version 9.3.0.
PFC on all DCB egress ports or configure the dot1p priority-queue assignment of PFC priorities to lossless queues (refer to pfc no-drop queues). To remove a DCB input policy, including the PFC configuration it contains, enter the no dcb-input policy-name command in Interface Configuration mode. Related Commands dcb-policy input — applies the input policy with the PFC configuration. dcb-policy input Apply the input policy with the PFC configuration to an ingress interface.
Related Commands dcb-input — creates a DCB input policy. dcb-policy input stack-unit stack-ports all Apply the specified DCB input policy on all ports of the switch stack or a single stacked switch. Syntax dcb-policy input stack-unit {all | stack-unit-id} stack-ports all dcb-input-policy-name To remove all DCB input policies applied to the stacked ports and rest the PFC to its default settings, use the no dcb-policy input stack-unit all command.
Command History Related Commands Version 9.3.0.0 Introduced on the FC Flex IO module installed in the M I/O Aggregator and MXL 10/40GbE Switch • dcb-input — creates a DCB PFC input policy. • dcb-policy input — applies the output policy. • dcb-output — creates a DCBETS output policy. • dcb-policy output — applies the output policy. pfc link-delay Configure the link delay used to pause specified priority traffic.
Usage Information By applying a DCB input policy with PFC enabled, you enable PFC operation on ingress port traffic. To achieve complete lossless handling of traffic, also enable PFC on all DCB egress ports or configure the dot1p priority-queue assignment of PFC priorities to lossless queues (refer to pfc no-drop queues). To disable PFC operation on an interface, enter the no pfc mode on command in DCB Input Policy Configuration mode.
dot1p Value in the Incoming Frame Description heading 6 3 7 3 pfc priority Configure the CoS traffic to be stopped for the specified delay. Syntax pfc priority priority-range To delete the pfc priority configuration, use the no pfc priority command. Parameters priority-range Defaults none Command Modes DCB INPUT POLICY Command History Usage Information Version 9.3.0.0 Enter the 802.1p values of the frames to be paused.
Command Modes Command History EXEC Privilege Version 9.3.0.0 Introduced on the FC Flex IO module installed in the M I/O Aggregator and MXL 10/40GbE Switch. Usage Information Specify a stack-unit number on the Master switch in a stack.
Field Description Willing Status is enabled DCBX exchange (Willing bit received in PFC TLV): enabled or disable. Local is enabled DCBX operational status (enabled or disabled) with a list of the configured PFC priorities. Operational status (local port) Port state for current operational PFC configuration: • Init: Local PFC configuration parameters were exchanged with the peer. • Recommend: Remote PFC configuration parameters were received from the peer.
Example (Summary) Field Description PFC TLV Statistics: Input TLV pkts Number of PFC TLVs received. PFC TLV Statistics: Output TLV pkts Number of PFC TLVs transmitted. PFC TLV Statistics: Error pkts Number of PFC error packets received. PFC TLV Statistics: Pause Tx pkts Number of PFC pause frames transmitted. PFC TLV Statistics: Pause Rx pkts Number of PFC pause frames received.
show interface pfc statistics Displays counters for the PFC frames received and transmitted (by dot1p priority class) on an interface. Syntax Parameters Command Modes Command History Example (Summary) show interface port-type slot/port pfc statistics port-type Enter the port type. slot/port Enter the slot/port number. INTERFACE Version 9.3.0.0 Introduced on the FC Flex IO module installed in the M I/O Aggregator and MXL 10/40GbE Switch.
show stack-unit stack-ports pfc details Displays the PFC configuration applied to ingress traffic on stacked ports, including PFC Operational mode on each unit with the configured priorities, link delay, and number of pause packets sent and received. Syntax Parameters Command Modes Command History Example show stack-unit {all | stack-unit} stack-ports {all | portnumber} pfc details stack-unit Enter the stack unit. port-number Enter the port number. CONFIGURATION Version 9.3.0.
Data Center Bridging (DCB) 38 Data center bridging (DCB) is supported on the S4810 S4820T platform. NOTE: DCB is not supported when you use 10GBaseT ports for stacking. Ethernet Enhancements in Data Center Bridging The following section describes DCB. In the Dell Networking operating system (FTOS) version 8.3.12.0, the S4810 S4820T system supports loading two DCB_Config files: FCoE_DCB_Config and iSCSI_DCB_Config. These files are located in the root directory flash:/CONFIG_TEMPLATE.
bytes that cannot recover from frame loss. To successfully transport storage traffic, data center Ethernet must provide no-drop service with lossless links. InterProcess Communicatio n (IPC) traffic InterProcess Communication (IPC) traffic within high-performance computing clusters to share information. Server traffic is extremely sensitive to latency requirements.
• PFC supports buffering to receive data that continues to arrive on an interface while the remote system reacts to the PFC operation. • PFC uses DCB MIB IEEE 802.1azd2.5 and PFC MIB IEEE 802.1bb-d2.2. • PFC is supported on specified 802.1p priority traffic (dot1p 0 to 7) and is configured per interface.
Table 12. ETS Traffic Groupings Traffic Groupings Description Priority group A group of 802.1p priorities used for bandwidth allocation and queue scheduling. All 802.1p priority traffic in a group must have the same traffic handling requirements for latency and frame loss. Group ID A 4-bit identifier assigned to each priority group. The range is from 0 to 7. Group bandwidth Percentage of available bandwidth allocated to a priority group.
Configuring DCB Maps and its Attributes This topic contains the following sections that describe how to configure a DCB map, apply the configured DCB map to a port, configure PFC without a DCB map, and configure lossless queues. This functionality is supported S4810, S4820T, S6000, I/O Aggregator, and MXL platforms. DCB Map: Configuration Procedure A DCB map consists of PFC and ETS parameters. By default, PFC is not enabled on any 802.1p priority and ETS allocates equal bandwidth to each priority.
DCB map is applied. By default, PFC is not applied on specific 802.1p priorities; ETS assigns equal bandwidth to each 802.1p priority. As a result, PFC and lossless port queues are disabled on 802.1p priorities, and all priorities are mapped to the same priority queue and equally share port bandwidth. • To change the ETS bandwidth allocation configured for a priority group in a DCB map, do not modify the existing DCB map configuration.
Step Task Command Command Mode Maximum number of loss less queues supported on an Ethernet port: 2. Separate priority values with a comma. Specify a priority range with a dash, for example: pfc priority 3,5-7 1. You cannot configure PFC using the pfc priority command on an interface on which a DCB map has been applied or which is already configured for lossless queues (pfc no-drop queues command).
Step Task Command Command Mode already configured for PFC using the pfc priority command. Range: 0-3. Separate queue values with a comma; specify a priority range with a dash; for example: pfc no-drop queues 1,3 or pfc no-drop queues 2-3 Default: No lossless queues are configured. Data Center Bridging: Default Configuration This functionality is supported on the S6000 platform.
NOTE: DCB maps are supported only on physical Ethernet interfaces. When you configure PFC in a DCB map: • As soon as you apply a DCB map with PFC enabled on an interface, DCBx starts exchanging information with a peer. The IEEE802.1Qbb, CEE and CIN versions of PFC TLV are supported. DCBx also validates PFC configurations that are received in TLVs from peer devices. By applying a DCB map with PFC enabled, you enable PFC operation on ingress port traffic.
• You cannot enable PFC and link-level flow control at the same time on an interface. ETS Configuration Notes ETS provides a way to optimize bandwidth allocation to outbound 802.1p classes of converged Ethernet traffic. Different traffic types have different service needs. Using ETS, you can create groups within an 802.1p priority class to configure different treatment for traffic with different bandwidth, latency, and best-effort needs.
The following prerequisites and restrictions apply when you configure ETS bandwidth allocation or strictpriority queuing in a DCB map: • When allocating bandwidth or configuring strict-priority queuing for dot1p priorities in a priority group on a DCBx CIN interface, take into account the CIN bandwidth allocation (see Configuring Bandwidth Allocation for DCBx CIN) and dot1p-queue mapping.
• Configuration of a peer device over a DCB link. DCBx requires the link layer discovery protocol (LLDP) to provide the path to exchange DCB parameters with peer devices. Exchanged parameters are sent in organizationally specific TLVs in LLDP data units. For more information, refer to Link Layer Discovery Protocol (LLDP). The following LLDP TLVs are supported for DCB parameter exchange: PFC parameters PFC Configuration TLV and Application Priority Configuration TLV.
For DCB to operate effectively, you can classify ingress traffic according to its dot1p priority so that it maps to different data queues. The dot1p-queue assignments used are shown in the following table. To enable DCB, enable either the iSCSI optimization configuration or the FCoE configuration. For information to configure iSCSI optimization, refer to Enable and Disable iSCSI Optimization. For information to configure FCoE, refer to Step 1 in Configuring FIP Snooping.
dot1p Value in the Incoming Frame Egress Queue Assignment 1 0 2 0 3 1 4 2 5 3 6 3 7 3 Configure Enhanced Transmission Selection ETS provides a way to optimize bandwidth allocation to outbound 802.1p classes of converged Ethernet traffic. Different traffic types have different service needs. Using ETS, you can create groups within an 802.1p priority class to configure different treatment for traffic with different bandwidth, latency, and best-effort needs.
• ETS operates with legacy DCBx versions as follows: – In the CEE version, the priority group/traffic class group (TCG) ID 15 represents a non-ETS priority group. Any priority group configured with a scheduler type is treated as a strict-priority group and is given the priority-group (TCG) ID 15.
6. Apply the QoS output policy with the bandwidth percentage for specified priority queues to an egress interface. INTERFACE mode service-policy output output-policy-name Configure a DCBx Operation DCB devices use data center bridging exchange protocol (DCBx) to exchange configuration information with directly connected peers using the link layer discovery protocol (LLDP) protocol.
(besides the configuration source) receives and overwrites its configuration with internally propagated information, one of the following actions is taken: • If the peer configuration received is compatible with the internally propagated port configuration, the link with the DCBx peer is enabled.
configured ports, the configuration of DCBx ports in Manual mode is saved in the running configuration. On a DCBx port in a manual role, all PFC, application priority, ETS recommend, and ETS configuration TLVs are enabled. When making a configuration change to a DCBx port in a Manual role, Dell Networking recommends shutting down the interface using the shutdown command, change the configuration, then re-activate the interface using the no shutdown command. The default for the DCBx port role is manual.
keeps the peer link up and continues to exchange DCBx packets. If a compatible peer configuration is later received, DCBx is enabled on the port. • If there is no configuration source, a port may elect itself as the configuration source. A port may become the configuration source if the following conditions exist: – No other port is the configuration source. – The port role is auto-upstream. – The port is enabled with link up and DCBx enabled. – The port has performed a DCBx exchange with a DCBx peer.
configured version, including fast and slow transmit timers and message formats. If a DCBx frame with a different version is received, a syslog message is generated and the peer version is recorded in the peer status table. If the frame cannot be processed, it is discarded and the discard counter is incremented. NOTE: Because DCBx TLV processing is best effort, it is possible that CIN frames may be processed when DCBx is configured to operate in CEE mode and vice versa.
• The CIN version of DCBx supports only PFC, ETS, and FCOE; it does not support iSCSI, backward congestion management (BCN), logical link down (LLDF), and network interface virtualization (NIV). Configuring DCBx To configure DCBx, follow these steps. For DCBx, to advertise DCBx TLVs to peers, enable LLDP. For more information, refer to Link Layer Discovery Protocol (LLDP). Configure DCBx operation at the interface level on a switch or globally on the switch.
5. On manual ports only: Configure the PFC and ETS TLVs advertised to DCBx peers. PROTOCOL LLDP mode [no] advertise DCBx-tlv {ets-conf | ets-reco | pfc} [ets-conf | ets-reco | pfc] [ets-conf | ets-reco | pfc] – ets-conf: enables the advertisement of ETS Configuration TLVs. – ets-reco: enables the advertisement of ETS Recommend TLVs. – pfc enables: the advertisement of PFC TLVs. The default is All PFC and ETS TLVs are advertised.
3. Configure the DCBx version used on all interfaces not already configured to exchange DCB information. PROTOCL LLDP mode [no] DCBx version {auto | cee | cin | ieee-v2.5} – auto: configures all ports to operate using the DCBx version received from a peer. – cee: configures a port to use CEE (Intel 1.01). cin configures a port to use Cisco-Intel-Nuova (DCBx 1.0). – ieee-v2.5: configures a port to use IEEE 802.1Qaz (Draft 2.5). The default is Auto.
7. Configure the iSCSI priority advertised for the iSCSI protocol in Application Priority TLVs. PROTOCOL LLDP mode [no] iscsi priority-bits priority-bitmap The priority-bitmap range is from 1 to FF. The default is 0x10. DCBx Error Messages The following syslog messages appear when an error in DCBx operation occurs. LLDP_MULTIPLE_PEER_DETECTED: DCBx is operationally disabled after detecting more than one DCBx peer on the port interface.
Verifying the DCB Configuration To display DCB configurations, use the following show commands. Table 13. Displaying DCB Configurations Command Output show dot1p-queue mapping Displays the current 802.1p priority-queue mapping. show dcb [stack-unit unit-number] Displays the data center bridging status, number of PFC-enabled ports, and number of PFC-enabled queues. On the master switch in a stack, you can specify a stack-unit number. The range is from 0 to 5.
Example of the show dot1p-queue mapping Command FTOS(conf)# show dot1p-queue-mapping Dot1p Priority: 0 1 2 3 4 5 6 7 Queue : 0 0 0 1 2 3 3 3 Example of the show dcb Command FTOS# show dcb stack-unit 0 port-set 0 DCB Status : Enabled PFC Port Count : 56 (current), 56 (configured) PFC Queue Count : 2 (current), 2 (configured) Example of the show qos dcb-input Command FTOS(conf)# show qos dcb-input dcb-input pfc-profile pfc link-delay 32 pfc priority 0-1 dcb-input pfc-profile1 no pfc mode on pfc priority 6-7 E
Admin is enabled Remote is enabled Remote Willing Status is enabled Local is enabled Oper status is recommended PFC DCBx Oper status is Up State Machine Type is Feature TLV Tx Status is enabled PFC Link Delay 45556 pause quanta Application Priority TLV Parameters : -------------------------------------FCOE TLV Tx Status is disabled ISCSI TLV Tx Status is disabled Local FCOE PriorityMap is 0x8 Local ISCSI PriorityMap is 0x10 Remote FCOE PriorityMap is 0x8 Remote ISCSI PriorityMap is 0x8 0 Input TLV pkts, 1 O
Fields Description PFC DCBx Oper status Operational status for exchange of PFC configuration on local port: match (up) or mismatch (down). State Machine Type Type of state machine used for DCBx exchanges of PFC parameters: • • Feature: for legacy DCBx versions Symmetric: for an IEEE version TLV Tx Status Status of PFC TLV advertisements: enabled or disabled. PFC Link Delay Link delay (in quanta) used to pause specified priority traffic.
5 6 7 0 0 0 0 0 0 Example of the show interface ets summary Command FTOS(conf-qos-policy-out-ets)#do sho int te 0/3 ets su Interface TenGigabitEthernet 0/3 Max Supported TC Groups is 4 Number of Traffic Classes is 8 Admin mode is on Admin Parameters : -----------------Admin is enabled TC-grp Priority# Bandwidth TSA -----------------------------------------------0 1 0,1,2 100% ETS 2 3 0 % SP 3 4,5,6,7 0 % SP 4 5 6 7 Remote Parameters : ------------------Remote is disabled Local Parameters : --------------
0 0,1,2,3,4,5,6,7 100% ETS 1 0% ETS 2 0% ETS 3 0% ETS 4 0% ETS 5 0% ETS 6 0% ETS 7 0% ETS Priority# Bandwidth TSA 0 13% ETS 1 13% ETS 2 13% ETS 3 13% ETS 4 12% ETS 5 12% ETS 6 12% ETS 7 12% ETS Remote Parameters: ------------------Remote is disabled Local Parameters : -----------------Local is enabled TC-grp Priority# Bandwidth TSA 0 0,1,2,3,4,5,6,7 100% ETS 1 0% ETS 2 0% ETS 3 0% ETS 4 0% ETS 5 0% ETS 6 0% ETS 7 0% ETS Priority# Bandwidth TSA 0 13% ETS 1 13% ETS 2 13% ETS 3 13% ETS 4 12% ETS 5 12% ETS 6 12
4 5 6 7 Priority# Bandwidth TSA 0 1 2 3 4 5 6 7 Remote Parameters: ------------------Remote is disabled Local Parameters : -----------------Local is enabled TC-grp Priority# 0 0,1,2,3,4,5,6,7 1 2 3 4 5 6 7 0% 0% 0% 0% ETS ETS ETS ETS 13% 13% 13% 13% 12% 12% 12% 12% ETS ETS ETS ETS ETS ETS ETS ETS Bandwidth 100% 0% 0% 0% 0% 0% 0% 0% TSA ETS ETS ETS ETS ETS ETS ETS ETS Priority# Bandwidth 0 13% 1 13% 2 13% 3 13% 4 12% 5 12% 6 12% 7 12% Oper status is init Conf TLV Tx Status is disabled Traffic Class TL
Field Description DCBx TLV from a peer can take effect on an interface. Admin Parameters ETS configuration on local port, including priority groups, assigned dot1p priorities, and bandwidth allocation. Remote Parameters ETS configuration on remote peer port, including Admin mode (enabled if a valid TLV was received or disabled), priority groups, assigned dot1p priorities, and bandwidth allocation.
Link Delay 45556 pause quantum 0 Pause Tx pkts, 0 Pause Rx pkts stack unit 1 stack-port all Admin mode is On Admin is enabled, Priority list is 4-5 Local is enabled, Priority list is 4-5 Link Delay 45556 pause quantum 0 Pause Tx pkts, 0 Pause Rx pkts Example of the show stack-unit all stack-ports all ets details Command FTOS(conf)# show stack-unit all stack-ports all ets details Stack unit 0 stack port all Max Supported TC Groups is 4 Number of Traffic Classes is 1 Admin mode is on Admin Parameters: -------
---------Interface TenGigabitEthernet 2/12 Remote Mac Address 00:01:e8:8a:df:a0 Port Role is Manual DCBx Operational Status is Enabled Is Configuration Source? FALSE Local DCBx Compatibility mode is IEEEv2.5 Local DCBx Configured mode is IEEEv2.5 Peer Operating version is IEEEv2.
Table 16. show interface DCBx detail Command Description Field Description Interface Interface type with chassis slot and port number. Port-Role Configured DCBx port role: auto-upstream, autodownstream, config-source, or manual. DCBx Operational Status Operational status (enabled or disabled) used to elect a configuration source and internally propagate a DCB configuration. The DCBx operational status is the combination of PFC and ETS operational status.
Field Description Total DCBx Frames received Number of DCBx frames received from remote peer port. Total DCBx Frame errors Number of DCBx frames with errors received. Total DCBx Frames unrecognized Number of unrecognizable DCBx frames received. PFC and ETS Configuration Examples This section contains examples of how to configure and apply DCB input and output policies on an interface.
Figure 12. PFC and ETS Applied to LAN, IPC, and SAN Priority Traffic QoS Traffic Classification: The service-class dynamic dot1p command has been used in Global Configuration mode to map ingress dot1p frames to the queues shown in the following table. For more information, refer to QoS dot1p Traffic Classification and Queue Assignment.
dot1p Value in the Incoming Frame Priority Group Assignment 4 IPC 5 LAN 6 LAN 7 LAN The following describes the priority group-bandwidth assignment. Priority Group Bandwidth Assignment IPC 5% SAN 50% LAN 45% PFC and ETS Configuration Command Examples The following examples show PFC and ETS configuration commands to manage your data center traffic.
FTOS(conf-qos-policy-out)# bandwidth-percentage 5 FTOS(conf-qos-policy-out)# exit Example of Configuring a DCB Output Policy to Apply ETS (Bandwidth Allocation and Scheduling) to IPC, SAN, and LAN Priority Traffic FTOS(conf)# dcb-output ets FTOS(conf-dcb-out)# priority-group san qos-policy san FTOS(conf-dcb-out)# priority-group lan qos-policy lan FTOS(conf-dcb-out)# priority-group ipc qos-policy ipc Example of Applying DCB Input and Output Policies to an Interface FTOS(conf)# interface tengigabitethernet 0/
In this example, the configured ETS bandwidth allocation and scheduler behavior is as follows: Unused bandwidth usage: Strict-priority groups: Normally, if there is no traffic or unused bandwidth for a priority group, the bandwidth allocated to the group is distributed to the other priority groups according to the bandwidth percentage allocated to each group.
39 Fibre Channel over Ethernet for FC Flex IO Modules FCoE provides a converged Ethernet network that allows the combination of storage-area network (SAN) and LAN traffic on a Layer 2 link by encapsulating Fibre Channel data into Ethernet frames. The Fibre Channel (FC) Flex IO module is supported on Dell Networking MXL 10/40GbE Switch and Dell PowerEdge IO Aggregator (IOA).
NPIV Proxy Gateway for FC Flex IO Modules 40 The N-port identifier virtualization (NPIV) Proxy Gateway (NPG) feature provides FCoE-FC bridging capability on the M I/O Aggregator and MXL 10/40GbE Switch with the FC Flex IO module switch, allowing server CNAs to communicate with SAN fabrics over the M I/O Aggregator and MXL 10/40GbE Switch with the FC Flex IO module.
To remove a DCB map from an interface, enter the no dcb-map map-name command in Interface configuration mode. Related Commands show qos dcb-map– displays the dcb-map profiles configured on the system. dcb-map stack-unit all stack-ports all– applies a DCB map on all ports of a switch stack.
Command Modes Command History Usage Information INTERFACE FIBRE_CHANNEL Version 9.3.0.0 Introduced on the M I/O Aggregator and MXL 10/40GbE Switch with the FC Flex IO module. An FCoE map is a template used to map FCoE and FC parameters in a converged fabric. An FCoE map is used to virtualize upstream FC ports on an M I/O Aggregator and MXL 10/40GbE Switch with the FC Flex IO module NPIV proxy gateway so that they appear to downstream server CNA ports as FCoE forwarder (FCF) ports on an FCoE network.
Defaults None Command Modes FCOE MAP Command History Usage Information Version 9.3.0.0 Introduced on the M I/O Aggregator and MXL 10/40GbE Switch with the FC Flex IO module. In the fabric-id vlan command, the fabric and VLAN ID numbers must be the same. In each FCoE map, the fabric ID, FC-MAP value, and FCoE VLAN parameters must be unique. To remove a fabric-VLAN association from an FCoE map, enter the no fabric-id vlan command.
To remove a configured FCF priority from an FCoE map, enter the no fcfpriority command. Related Commands fcoe-map — creates an FCoE map which contains the parameters used in the communication between servers and a SAN fabric. show fcoe-map— displays the Fibre Channel and FCoE configuration parameters in FCoE maps. fc-map In an FCoE map, configure the FCoE mapped address prefix (FC-MAP) value which is used to identify FCoE traffic transmitted on the FCoE VLAN for the specified fabric.
fcoe priority-bits Configure the FCoE priority advertised for the FCoE protocol in application priority TLVs. Syntax fcoe priority-bits priority-bitmap To remove the configured FCoE priority, use the no fcoe priority-bits command. Parameters priority-bitmap Defaults 0x8 Command Modes PROTOCOL LLDP Command History Usage Information Version 9.3.0.0 Enter the priority-bitmap range. The range is from 1 to FF.
Command Modes Command History Usage Information CONFIGURATION INTERFACE Version 9.3.0.0 Introduced on the M I/O Aggregator and MXL 10/40GbE Switch with the FC Flex IO module. An FCoE map is a template used to map FCoE and FC parameters in a converged fabric. An FCoE map is used to virtualize upstream FC ports on an M I/O Aggregator and MXL 10/40GbE Switch with the FC Flex IO module NPIV proxy gateway so that they appear to downstream server CNA ports as FCoE forwarder (FCF) ports on an FCoE network.
Command History Version 9.3.0.0 Introduced on the M I/O Aggregator and MXL 10/40GbE Switch with the FC Flex IO module. Usage Information To delete the FIP keepalive time period from an FCoE map, enter the no fkaadv-erpiod command. Related Commands fcoe-map — creates an FCoE map which contains the parameters used in the communication between servers and a SAN fabric. show fcoe-map— displays the Fibre Channel and FCoE configuration parameters in FCoE maps.
Example (Single Range) FTOS(conf)#interface vlan 10 FTOS(conf-if-vl-3)# Related Commands fcoe-map — creates an FCoE map which contains the parameters used in the communication between servers and a SAN fabric. show fcoe-map— displays the Fibre Channel and FCoE configuration parameters in FCoE maps. keepalive In an FCoE map, enable the monitoring of FIP keepalive messages (if it is disabled).
bandwidth percentage Enter the keyword bandwidth followed by a bandwidth percentage allocated to the priority group. The range of valid values is 1 to 100. The sum of all allocated bandwidth percentages in priority groups in a DCB map must be 100%. strict-priority Configure the priority-group traffic to be handled with strict priority scheduling. Strict-priority traffic is serviced first, before bandwidth allocated to other priority groups is made available.
show fcoe-map Display the Fibre Channel and FCoE configuration parameters in FCoE maps. M I/O Aggregator and MXL 10/40GbE Switch with the FC Flex IO module Syntax Parameters Command Modes Command History Usage Information show fcoe-map [brief | map-name] brief Displays an overview of currently configured FCoE maps. map-name Displays the FC and FCoE configuration parameters in a specified FCoE map.
Field Description FC-MAP FCoE MAC address-prefix value - The unique 24-bit MAC address prefix that identifies a fabric. FCF Priority The priority used by a server to select an upstream FCoE forwarder. Config-State Indicates whether the configured FCoE and FC parameters in the FCoE map are valid: Active (all mandatory FCoE and FC parameters are correctly configured) or Incomplete (either the FC-MAP value, fabric ID, or VLAN ID are not correctly configured).
Field Description FLOGI to complete on peer FC port), or Removed (port has been shut down). Members Example M I/O Aggregator and MXL 10/40GbE Switch with the FC Flex IO module Ethernet and FC ports that are members of the dedicated FCoE VLAN that carries storage traffic to the specified fabric.
Command History Usage Information Version 9.3.0.0 Introduced on the M I/O Aggregator and MXL 10/40GbE Switch with the FC Flex IO module. Use the show npiv devices command to display information on the server CNA, server-facing Ethernet and fabric-facing FC ports, and the SAN fabric in each server-fabric connection over an M I/O Aggregator and MXL 10/40GbE Switch with the FC Flex IO module NPIV proxy gateway. The following table describes the show npiv devices brief output shown in the example below.
Usage Information Example The following table describes the show npiv devices output shown in the example below. Field Description ENode [number] A server CNA that has successfully logged in to a fabric over an M I/O Aggregator and MXL 10/40GbE Switch with the FC Flex IO module Ethernet port in ENode mode. Enode MAC MAC address of a server CNA port. Enode Intf Port number of a server-facing Ethernet port operating in ENode mode.
Related Commands LoginMethod Secs Status : : : FLOGI 5593 LOGGED_IN ENode[1]: ENode MAC ENode Intf FCF MAC Fabric Intf FCoE Vlan Fabric Map ENode WWPN ENode WWNN FCoE MAC FC-ID LoginMethod Secs Status : : : : : : : : : : : : : 00:10:18:f1:94:22 Te 0/13 5c:f9:dd:ef:10:c9 Fc 0/0 1003 fid_1003 10:00:00:00:c9:d9:9c:cb 10:00:00:00:c9:d9:9c:cd 0e:fc:03:01:02:02 01:02:01 FDISC 5593 LOGGED_IN dcb-map — creates a DCB map to configure DCB parameters on Ethernet ports that support converged Ethernet traffic.
require an efficient and scalable bridging feature in order to access FC storage arrays, which an NPG provides. NPIV Proxy Gateway Operation Consider a sample scenario of NPG operation. An M1000e chassis configured as an NPG does not join a SAN fabric, but functions as an FCoE-FC bridge that forwards storage traffic between servers and core SAN switches. The core switches forward SAN traffic to and from FC storage arrays.
over MXL 10/40GbE Switch and M I/O Aggregator with the FC Flex IO module ENode ports, are converted into FDISCs addressed to the upstream F ports on core switches. NPIV Proxy Gateway Functionality An MXL 10/40GbE Switch and M I/O Aggregator with the FC Flex IO module NPG provides the following functionality in a storage area network: • FIP Snooping bridge that provides security for FCoE traffic using ACLs (see FCoE Transit chapter). • FCoE gateway that provides FCoE-to-FC bridging.
Term Description FC-MAP FCoE MAC-address prefix - The unique 24-bit MAC address prefix in FCoE packets used to generate a fabric-provided MAC address (FPMA). The FPMA is required to send FCoE packets from a server to a SAN fabric. FCoE map Template used to configure FCoE and FC parameters on Ethernet and FC ports in a converged fabric. FCoE VLAN VLAN dedicated to carrying only FCoE traffic between server CNA ports and a SAN fabric. (FCoE traffic must travel in a VLAN.
NOTE: In each FCoE map, the fabric ID, FC-MAP value, and FCoE VLAN must be unique. Use one FCoE map to access one SAN fabric. You cannot use the same FCoE map to access different fabrics. When you configure an MXL 10/40GbE Switch and M I/O Aggregator with the FC Flex IO module as an NPG, FCoE transit with FIP snooping is automatically enabled and configured using the parameters in the FCoE map applied to server-facing Ethernet and fabric-facing FC interfaces (see FIP Snooping on an NPIV Proxy Gateway).
Step Task Command Command Mode 1 Create a DCB map to specify PFC and ETS settings for groups of dot1p priorities. dcb-map name CONFIGURATION 2 Configure the PFC setting (on or off) and the ETS bandwidth percentage allocated to traffic in each priority group or whether priority group traffic should be handled with strict priority scheduling. The sum of all allocated bandwidth percentages must be 100%. Strictpriority traffic is serviced first.
Applying a DCB map on server-facing Ethernet ports You can apply a DCB map only on a physical Ethernet interface and can apply only one DCB map per interface. Step Task Command Command Mode 1 Enter interface configuration mode on a server-facing port or port channel to apply a DCB map. You cannot apply a DCB map on a port channel. However, you can apply a DCB map on the ports that are members of the port channel.
The values for the FCoE VLAN, fabric ID and FC-MAP must be unique. Apply an FCoE map on downstream server-facing Ethernet ports and upstream fabric-facing Fibre Channel ports. Step Task Command Command Mode 1 Create an FCoE map which contains parameters used in the communication between servers and a SAN fabric. fcoe-map map-name CONFIGURATION 2 Configure the association between the dedicated VLAN (configured in Creating an FCoE VLAN) and the fabric where the desired storage arrays are installed.
Step Task Command Command Mode slot/port | port-channel num} 2 Apply the FCoE/FC configuration in an FCoE map on the Ethernet port.
FTOS(config)# interface range fibrechannel 0/0 - 3 , fibrechannel 0/8 - 11 Enter the keywords interface range followed by an interface type and port range. A port range must contain spaces before and after the dash. Separate each interface type and port range with a space, comma, and space as shown in the above examples. Sample Configuration 1.
Table 18. Displaying NPIV Proxy Gateway Information Command Description show interfaces status Displays the operational status of Ethernet and Fibre Channel interfaces on an MXL 10/40GbE Switch and M I/O Aggregator with the FC Flex IO module NPG. show fcoe-map [brief | map-name] Displays the Fibre Channel and FCoE configuration parameters in FCoE maps. Enter the brief keyword to display an overview of currently configured FCoE maps.
Ethernet ports - up (transmitting FCoE and LAN storage traffic) or down (not transmitting traffic). Fibre Channel ports - up (link is up and transmitting FC traffic) or down (link is down and not transmitting FC traffic), link-wait (link is up and waiting for FLOGI to complete on peer SW port), or removed (port has been shut down). Speed Transmission speed (in Megabits per second) of Ethernet and FC iports, including auto-negotiated speed (Auto).
Config-State Indicates whether the configured FCoE and FC parameters in the FCoE map are valid: Active (all mandatory FCoE and FC parameters are correctly configured) or Incomplete (either the FC-MAP value, fabric ID, or VLAN ID are not correctly configured).
Te 0/13 fid_1003 10:00:00:00:c9:d9:9c:cb 1003 FDISC LOGGED_IN Fc 0/0 Table 22. show npiv devices brief Field Descriptions Field Description Total NPIV Devices Number of downstream ENodes connected to a fabric over the MXL 10/40GbE Switch and M I/O Aggregator with the FC Flex IO module NPIV proxy gateway. ENode-Intf MXL 10/40GbE Switch and M I/O Aggregator with the FC Flex IO module Ethernet interface (slot/port) to which a server CNA is connected.
Status : LOGGED_IN Table 23. show npiv devices Field Descriptions Field Description ENode [number] Server CNA that has successfully logged in to a fabric over an MXL 10/40GbE Switch and M I/O Aggregator with the FC Flex IO module Ethernet port in ENode mode. Enode MAC MAC address of a server CNA port. Enode Intf Port number of a server-facing Ethernet port operating in ENode mode.
Field Description 10/40GbE Switch and M I/O Aggregator with the FC Flex IO module WWN name is not user-configurable.