OS10 Enterprise Edition User Guide Release 10.3.
Notes, cautions, and warnings NOTE: A NOTE indicates important information that helps you make better use of your product. CAUTION: A CAUTION indicates either potential damage to hardware or loss of data and tells you how to avoid the problem. WARNING: A WARNING indicates a potential for property damage, personal injury, or death. Copyright © 2017 Dell Inc. or its subsidiaries. All rights reserved. Dell, EMC, and other trademarks are trademarks of Dell Inc. or its subsidiaries.
Contents 1 Getting Started.............................................................................................................................................19 Download OS10 image and license................................................................................................................................ 20 Installation.......................................................................................................................................................................
do................................................................................................................................................................................. 46 feature config-os9-style............................................................................................................................................47 exit..............................................................................................................................................................
Configure interface ranges..............................................................................................................................................74 Energy-efficient Ethernet................................................................................................................................................75 Enable energy-efficient Ethernet.............................................................................................................................
F_Port commands..........................................................................................................................................................106 fc alias........................................................................................................................................................................ 106 fc zone.......................................................................................................................................................
Media endpoint discovery........................................................................................................................................144 Network connectivity device.................................................................................................................................. 144 LLDP-MED capabilities TLV.................................................................................................................................... 144 Network policies TLVs...
Spanning-tree extensions........................................................................................................................................201 RSTP commands..................................................................................................................................................... 202 Virtual LANs...................................................................................................................................................................
Local preference attribute....................................................................................................................................... 241 Weight attribute....................................................................................................................................................... 242 Enable multipath......................................................................................................................................................
Assign route-map to interface................................................................................................................................343 View PBR information............................................................................................................................................. 343 PBR commands.......................................................................................................................................................
Server host settings................................................................................................................................................ 388 System-defined user roles...................................................................................................................................... 388 Create user name and role......................................................................................................................................388 SSH Server......
deny ip.......................................................................................................................................................................420 deny ipv6................................................................................................................................................................... 421 deny tcp.....................................................................................................................................................
seq deny icmp (IPv6).............................................................................................................................................. 445 seq deny ip................................................................................................................................................................445 seq deny ipv6...........................................................................................................................................................
set metric-type........................................................................................................................................................ 469 set next-hop............................................................................................................................................................. 470 set origin............................................................................................................................................................
clear qos statistics type...........................................................................................................................................497 control-plane.............................................................................................................................................................497 flowcontrol...............................................................................................................................................................
trust dscp-map........................................................................................................................................................ 520 qos-map traffic-class.............................................................................................................................................. 520 trust-map..................................................................................................................................................................
DCBX commands.................................................................................................................................................... 555 Internet small computer system interface.................................................................................................................. 559 iSCSI configuration notes.......................................................................................................................................
System logging......................................................................................................................................................... 612 View system logs...................................................................................................................................................... 613 Environmental monitoring........................................................................................................................................
1 Getting Started Dell EMC Networking OS10 Enterprise Edition is a network operating system supporting multiple architectures and environments. The networking world is moving from a monolithic stack to a pick-your-own-world. The OS10 solution is designed to allow disaggregation of the network functionality.
Download OS10 image and license OS10 Enterprise Edition may come factory-loaded and is available for download from the Dell Digital Locker (DDL). A factory-loaded OS10 image has a perpetual license installed. An OS10 image that you download has a 120-day trial license and requires a perpetual license to run beyond the trial period. See the Quick Start Guide shipped with your device and My Account FAQs for more information.
Once you download the OS10 Enterprise Edition image, unzip the .tar file. Some Windows unzip applications insert extra carriage returns (CR) or line feeds (LF) when they extract the contents of a .tar file, which may corrupt the downloaded OS10 binary image. Turn off this option if you use a Windows-based tool to untar an OS10 binary file. Once you unzip the OS10 Enterprise Edition and download the license, see Installation and Install license for complete installation and license information.
Automatic installation You can automatically (zero-touch) install an OS10 image on a Dell ONIE-enabled device. Once the device successfully boots to ONIE: Install OS, auto-discovery obtains the hostname, domain name, Management interface IP address, as well as the IP address of the DNS name server(s) on your network from the DHCP server and DHCP options. The ONIE automatic-discovery process locates the stored software image, starts installation, then reboots the device with the new software image.
The ONIE auto-discovery process discovers the image file at the specified USB path, loads the software image, and reboots. Log into OS10 To log in to OS10 Enterprise Edition, power up the device and wait for the system to perform a power-on self test (POST). Enter admin for both the default user name and user password. For better security, change the default admin password during the first OS10 login. The system saves the new password for future logins.
Install license OS10# license install scp://user:userpwd@10.1.1.10/CFNNX42-NOSEnterprise-License.xml License installation success. Verify license installation OS10# show license status System Information -----------------------------------------Vendor Name : DELL Product Name : S4048-ON Hardware Version: A00 Platform Name : S4048-ON PPID : CN0M68YC2829855M0133 Service Tag : CFNNX42 License Details ---------------Software : OS10-Enterprise Version : 10.3.
Remote access Linux shell ssh linuxadmin@ip-address password: linuxadmin Configure Management IP address To remotely access OS10, assign an IP address to the Management port. 1 Configure the management interface from CONFIGURATION mode. interface mgmt node/slot/port 2 Configure an IPv4 or IPv6 address on the Management interface in INTERFACE mode. ip address A.B.C.D/mask ipv6 address A:B/prefix-length 3 Enable the Management interface in INTERFACE mode.
Configure user name and password To set up remote access to OS10, create a new user name and password after you configure the Management port and default route. • Create a user name and password in CONFIGURATION mode. username username [encryption-type] password password • username username — Enter a text string (up to 63 alphanumeric characters). • encryption-type — (Optional) Enter an encryption type for the password: • • 0 — Store the password as clear text (default).
Key CLI features Consistent command names Commands that provide the same type of function have the same name, regardless of the portion of the system on which they are operating. For example, all show commands display software information and statistics, and all clear commands erase various types of system information. Available commands Information about available commands is provided at each level of the CLI command hierarchy.
system command, and all commands that display information about the routing table are grouped under the show route-map command. CLI command categories There are several broad groups of CLI commands available: set Controls the CLI environment and configure the CLI screen. ssh Connects to other network systems or to open secure shell connections. copy Copies files from one location on a device to another, from a device to a remote system, or from a remote system to a device.
1 Enter ? to view the commands available in EXEC mode.
load-balancing logging mac management monitor no ntp policy-map qos-map radius-server pa rameters route-map router sflow snmp-server spanning-tree support-assist system track trust username vlt-domain vrrp Load balancing configurations Logging commands MAC Address Table Configuration Subcommands management interface commands Create a session for monitoring traffic To delete / disable commands in config mode Configure NTP Configure policy map Configure QoS map Specify radius server host and configure its co
network-policy ntp parser-tree policy-map port-channel processes qos queuing route-map running-configuration sessions sflow spanning-tree startup-configuration storm-control support-assist system tech-support terminal trace track uptime users the session id version vlan vlt vrrp Show network policy NTP associations Show parser tree Show policy-map information LAG status and configuration Show processes statistics Show ingress or egress QoS configuration Show egress QoS counters Show route map information C
-- Power Supplies -PSU-ID Status Type AirFlow Fan Speed(rpm) Status ---------------------------------------------------------------1 up DC REVERSE 1 7200 up 2 up DC REVERSE 1 7200 up -- Fan Status -FanTray Status AirFlow Fan Speed(rpm) Status ---------------------------------------------------------------1 up REVERSE 1 7000 up 2 7000 up 2 up REVERSE 1 2 7000 7000 up up 3 up REVERSE 1 2 7000 7000 up up Candidate configuration When you enter OS10 configuration commands in the transaction-ba
users vlt Current candidate users configuration Current candidate vlt domain configuration View compressed candidate configuration OS10# show candidate-configuration compressed interface breakout 1/1/1 map 40g-1x interface breakout 1/1/2 map 40g-1x interface breakout 1/1/3 map 40g-1x interface breakout 1/1/4 map 40g-1x interface breakout 1/1/5 map 40g-1x interface breakout 1/1/6 map 40g-1x interface breakout 1/1/7 map 40g-1x interface breakout 1/1/8 map 40g-1x interface breakout 1/1/9 map 40g-1x interface
interface breakout 1/1/2 map 40g-1x interface breakout 1/1/3 map 40g-1x interface breakout 1/1/4 map 40g-1x interface breakout 1/1/5 map 40g-1x interface breakout 1/1/6 map 40g-1x interface breakout 1/1/7 map 40g-1x interface breakout 1/1/8 map 40g-1x interface breakout 1/1/9 map 40g-1x interface breakout 1/1/10 map 40g-1x interface breakout 1/1/11 map 40g-1x interface breakout 1/1/12 map 40g-1x interface breakout 1/1/13 map 40g-1x interface breakout 1/1/14 map 40g-1x interface breakout 1/1/15 map 40g-1x in
Prevent configuration changes You can prevent configuration changes on sessions other than the current CLI session using the lock command. Use the lock and unlock commands in EXEC mode to respectively prevent and allow configuration changes on other sessions. When you enter the lock command on a CLI session, users cannot make configuration changes across any other active CLI sessions.
Date (modified) --------------------2017-04-26T15:23:46Z Size (bytes) -----------26704 Name ----------startup.xml Backup startup file OS10# copy config://startup.xml config://backup-9-28.xml Backup startup file to server OS10# copy config://startup.xml scp://userid:password@hostip/backup-9-28.xml Restore startup file from backup OS10# copy config://backup-9-28.xml config://startup.xml OS10# reload Restore startup file from server OS10# copy scp://admin:admin@hostip/backup-9-28.xml config://startup.
no-more Does not paginate output save Saves the output to a file Display all output OS10# show running-configuration | no-more Alias command The alias command allows you to create shortcuts for commonly used or long commands, and execute long commands along with the parameters. The alias supports the following modes: • Persistent mode — The alias is persistent and can be used in other sessions as well. The aliases created in the Configuration mode are persistent.
Eth 1/1/18 up 40G A 1 Eth 1/1/19 up 40G A 1 Eth 1/1/20 up 40G A 1 Eth 1/1/21 up 40G A 1 Eth 1/1/22 up 40G A 1 Eth 1/1/23 up 40G A 1 Eth 1/1/24 up 40G A 1 Eth 1/1/25 up 40G A 1 Eth 1/1/26 up 40G A 1 Eth 1/1/27 up 40G A 1 Eth 1/1/28 up 40G A 1 Eth 1/1/29 up 40G A 1 Eth 1/1/30 up 40G A 1 Eth 1/1/31 up 40G A 1 Eth 1/1/32 up 40G A 1 -------------------------------------------------------------------------------View alias output for goint OS10(config)# goint 1/1/1 OS10(conf-if-eth1/1/1)# View alias information OS
Batch mode commands You can create a batch file to simplify routine or repetitive tasks. A batch file is an unformatted text file that contains two or more commands and has a .cmd file name extension. You can use vi or any other editor to create the .cmd file, then use the batch command to execute the file. To execute a series of commands in a file in batch mode (non-interactive processing), use the batch command.
• Use the -B option along with a batch file to execute a series of commands. configure terminal router bgp 100 neighbor 100.1.1.1 remote-as 104 no shutdown Execute the batch file. admin@OS10:/opt/dell/os10/bin$ clish -B ~/batch_cfg.txt New user admin logged in at session 15 Verify the BGP configuration executed by the batch file. admin@OS10:/opt/dell/os10/bin$ clish -c "show running-configuration bgp" New user admin logged in at session 16 ! router bgp 100 ! neighbor 100.1.1.
• • • no channel-member Enable the feature to configure commands in an OS9 environment in CONFIGURATION mode. OS10(config)# feature config-os9-style OS10(config)# exit OS10# show running-configuration compressed interface breakout 1/1/28 map 10g-4x feature config-os9-style Once this feature is enabled, you cannot use the OS10 format of commands in the new session.
Eth 1/1/13 up 40G A 1 Eth 1/1/14 up 40G A 1 Eth 1/1/15 up 40G A 1 Eth 1/1/16 up 40G A 1 Eth 1/1/17 up 40G A 1 Eth 1/1/18 up 40G A 1 Eth 1/1/19 up 40G A 1 Eth 1/1/20 up 40G A 1 Eth 1/1/21 up 40G A 1 Eth 1/1/22 up 40G A 1 Eth 1/1/23 up 40G A 1 Eth 1/1/24 up 40G A 1 Eth 1/1/25 up 40G A 1 Eth 1/1/26 up 40G A 1 Eth 1/1/27 up 40G A 1 Eth 1/1/28 up 40G A 1 Eth 1/1/29 up 40G A 1 Eth 1/1/30 up 40G A 1 Eth 1/1/31 up 40G A 1 Eth 1/1/32 up 40G A 1 ------------------------------------------------------------------------
Parameters • active — Reset the running partition as the next boot partition. • standby — Set the standby partition as the next boot partition. Default Not configured Command Mode EXEC Usage Information Use this command to configure the location of the OS10 image used to reload the software at boot time. Use the show boot command to view the configured next boot image. This command is applied immediately. Example OS10# boot system standby Supported Releases 10.2.
copy Copies the current running configuration to the startup configuration and transfers files between an OS10 switch and a remote device.
Date (modified) --------------------… 2017-02-15T21:19:54Z config.xml … Size (bytes) ------------ Name ------------------------------------------ 54525 Example (replace startup configuration) OS10# home://config.xml config://startup.xml Supported Releases 10.2.0E or later delete Removes or deletes the startup configuration file.
• usb — (Optional) Folder containing files on USB drive. Default Not configured Command Mode EXEC Usage Information Use the dir config command to display configuration files.
no shutdown ! ... Supported Releases 10.2.0E or later feature config-os9-style Configure commands in OS9 environment. Syntax feature config-os9-style Parameters None Default Not configured Command Mode CONFIGURATION Usage Information Once you enable the feature to configure the commands in OS9 format, log out of the session. In the next session, you can configure the commands in OS9 format. The current release supports VLAN tagging and Port channel grouping commands.
license Installs a license file from a local or remote location. Syntax license install [ftp: | http: | localfs: | scp: | sftp: | tftp: | usb:] filepath Parameters • ftp: — (Optional) Install from remote file system (ftp://userid:passwd@hostip/filepath). • http[s]: — (Optional) Install from remote file system (http://hostip/filepath). • http[s]: — (Optional) Request from remote server (http://hostip). • localfs: — (Optional) Install from local file system (localfs://filepath).
management route Configures an IPv4/IPv6 static route used by the Management port. Repeat the command to configure multiple management routes. Syntax Parameters management route {ipv4-address/mask | ipv6-address/prefix-length} {forwardingrouter-address | managementethernet} • ipv4-address/mask — Enter an IPv4 network address in dotted-decimal format (A.B.C.D), then a subnet mask in /prefix-length format (/xx).
Directory contents for Date (modified) --------------------2017-04-26T15:23:46Z Supported Releases folder: config Size (bytes) Name ------------ ----------26704 startup.xml 10.2.0E or later no Disables or deletes commands in EXEC mode. Syntax no [alias | debug | support-assist-activity | terminal] Parameters • alias — Remove an alias definition. • debug — Disable debugging. • support-assist-activity — SupportAssist-related activity. • terminal — Reset terminal settings.
Parameters • brief — Displays brief information of aliases. • detail — Displays detailed information of aliases.
Example OS10# show boot Current system image information: =================================== Type Boot Type Active Standby Next-Boot -------------------------------------------------------------------Node-id 1 Flash Boot [A] 10.2.9999E [B] 10.2.9999E [A] active OS10# show boot detail Current system image information detail: ========================================== Type: Node-id 1 Boot Type: Flash Boot Active Partition: A Active SW Version: 10.2.9999E Active SW Build Version: 10.2.
• prefix-list — (Optional) Current candidate prefix-list configuration. • qos-map — (Optional) Current candidate qos-map configuration. • radius-server — (Optional) Current candidate RADIUS server configuration. • route-map — (Optional) Current candidate route-map configuration. • sflow — (Optional) Current candidate sFlow configuration. • snmp — (Optional) Current candidate SNMP configuration. • spanning-tree — (Optional) Current candidate spanning-tree configuration.
interface range ethernet 1/1/1-1/1/32 switchport access vlan 1 no shutdown ! interface vlan 1 no shutdown ! interface mgmt1/1/1 ip address 10.11.58.145/8 no shutdown ipv6 enable ipv6 address autoconfig ! support-assist ! policy-map type application policy-iscsi ! class-map type application class-iscsi ! class-map type qos class-trust Supported Releases 10.2.0E or later show environment Displays information about environmental system components, such as temperature, fan, and voltage.
Default Not configured Command Mode EXEC Usage Information None Example OS10# show inventory Product : S6000-ON Description : S6000-ON 32x40GbE QSFP+ Interface Module Software version : 10.2.
• summary — (Optional) Display the number of active and non-active management routes and their remote destinations. • static — (Optional) Display non-active management routes. Default Not configured Command Mode EXEC Usage Information Use this command to view the IPv6 static routes configured for the management port. Use the management route command to configure an IPv4 or IPv6 management route.
show running-configuration Displays the configuration currently running on the device.
Example OS10# show running-configuration ! Version 10.2.9999E ! Last configuration change at Apr 11 01:25:02 2017 ! username admin password $6$q9QBeYjZ$jfxzVqGhkxX3smxJSH9DDz7/3OJc6m5wjF8nnLD7/ VKx8SloIhp4NoGZs0I/UNwh8WVuxwfd9q4pWIgNs5BKH. aaa authentication local snmp-server contact http://www.dell.com/support snmp-server location "United States" logging monitor disable ip route 0.0.0.0/0 10.11.58.
Supported Releases 10.2.0E or later show startup-configuration Displays the contents of the startup configuration file. Syntax show startup-configuration [compressed] Parameters compressed — (Optional) View a compressed version of the startup configuration file. Default Not configured Command Mode EXEC Usage Information None Example OS10# show startup-configuration username admin password $6$q9QBeYjZ$jfxzVqGhkxX3smxJSH9DDz7/3OJc6m5wjF8nnLD7/ VKx8SloIhp4NoGZs0I/UNwh8WVuxwfd9q4pWIgNs5BKH.
ipv6 address autoconfig ! support-assist ! policy-map type application policy-iscsi ! class-map type application class-iscsi ! class-map type qos class-trust Supported Releases 10.2.0E or later show system Displays system information. Syntax show system [brief | node-id] Parameters • brief — View abbreviated list of system information. • node-id — Node ID number.
Example (node-id) 2 up NORMAL 1 2 6698 7168 up up 3 up NORMAL 1 2 7149 7104 up up OS10# show system node-id 1 fanout-configured Interface Breakout capable Breakout state ----------------------------------------------------Eth 1/1/1 Yes BREAKOUT_1x1 Eth 1/1/2 Yes BREAKOUT_1x1 Eth 1/1/3 Yes BREAKOUT_1x1 Eth 1/1/4 Yes BREAKOUT_1x1 Eth 1/1/5 Yes BREAKOUT_1x1 Eth 1/1/6 Yes BREAKOUT_1x1 Eth 1/1/7 Yes BREAKOUT_1x1 Eth 1/1/8 Yes BREAKOUT_1x1 Eth 1/1/9 Yes BREAKOUT_1x1 Eth 1/1/10 Yes BREAKOUT_1x1 Eth 1/
3 Supported Releases up NORMAL 1 2 6785 7040 up up 10.2.0E or later show version Displays software version information. Syntax show version Parameters None Default Not configured Command Mode EXEC Usage Information None Example OS10# show version Dell EMC Networking OS10-Enterprise Copyright (c) 1999-2017 by Dell EMC Inc. All Rights Reserved. OS Version: 10.2.9999E Build Version: 10.2.9999E(4265) Build Time: 2017-04-13T06:00:50.
Default Not configured Command Mode EXEC Usage Information None Example OS10# system bash admin@OS10:~$ pwd /config/home/admin admin@OS10:~$ exit OS10# Supported Releases 10.2.0E or later system identifier Sets a non-default unit ID in a non-stacking configuration.
traceroute Displays the routes that packets take to travel to an IP address. Syntax traceroute host [-46dFITnreAUDV] [-f first_ttl] [-g gate,...] [-i device] [-m max_ttl] [-N squeries] [-p port] [-t tos] [-l flow_label] [-w waittime] [-q nqueries] [-s src_addr] [-z sendwait] [--fwmark=num] host [packetlen] Parameters • host — Enter the host to trace packets from. • -i interface — (Optional) Enter the IP address of the interface through which traceroute sends packets.
6 3.GigabitEthernet3-3.GW3.SCL2.ALTER.NET (152.179.99.173) 4.428 ms 2.593 ms 3.243 ms 7 0.xe-7-0-1.XL3.SJC7.ALTER.NET (152.63.48.254) 3.915 ms 3.603 ms 3.790 ms 8 TenGigE0-4-0-5.GW6.SJC7.ALTER.NET (152.63.49.254) 11.781 ms 10.600 ms 9.402 ms 9 23.73.112.54 (23.73.112.54) 3.606 ms 3.542 ms 3.773 ms Example (IPv6) OS10# traceroute 20::1 traceroute to 20::1 (20::1), 30 hops max, 80 byte packets 1 20::1 (20::1) 2.622 ms 2.649 ms 2.964 ms Supported Releases 10.2.
2 Interfaces You can configure and monitor physical interfaces (Ethernet), port-channels, and VLANs in L2 or L3 modes. Table 1.
Figure 1. S4148U-ON unified port groups To enable Ethernet interfaces in a unified port group: 1 Configure a unified port group in CONFIGURATION mode. Enter 1/1 for node/slot. The port-group range is 1–10. port-group node/slot/port-group 2 Activate the unified port group for Ethernet operation in PORT-GROUP mode. mode Eth {100g-1x | 50g-2x | 40g-1x | 25g-4x | 10g-4x} • • • • • 10g-4x — Split a QSFP28 or QSFP+ port into four 10G interfaces. 25g-4x — Split a QSFP28 port into four 25G interfaces.
By default, a trunk interface carries only untagged traffic on the access VLAN — you must manually configure other VLANs for tagged traffic. 1 2 Select one of the two available options: • Configure L2 trunking in INTERFACE mode and the tagged VLAN traffic that the port can transmit. By default, a trunk port is not added to any tagged VLAN. You must create a VLAN before you can assign the interface to it.
Figure 2. S4148U-ON port groups On a S4148U-ON, the activated FC interfaces depend on the currently configured port profile. For more information, see S4148U-ON port profiles. To enable a fibre channel interface: 1 Configure a unified port group in CONFIGURATION mode. Enter 1/1 for node/slot. The port-group range is 1–10. port-group node/slot/port-group 2 Activate the unified port group for FC operation in PORT-GROUP mode.
Address is 14:18:77:20:8d:fc, Current address is 14:18:77:20:8d:fc Pluggable media present, QSFP-PLUS type is QSFPPLUS_4X16_16GBASE_FC_SW Wavelength is 850 Receive power reading is 0.
Configure VLAN OS10(config)# interface vlan 10 OS10(conf-if-vl-10)# ip address 1.1.1.2/24 You cannot simultaneously use egress rate shaping and ingress rate policing on the same VLAN. Loopback interfaces A loopback interface is a virtual interface in which the software emulates an interface. Because a loopback interface is not associated to physical hardware entities, the loopback interface status is not affected by hardware status changes.
Dynamic Port-channels are dynamically configured using link aggregation control protocol (LACP). Member ports of a LAG are added and programmed into the hardware in a predictable order based on the port ID, instead of in the order in which the ports come up. Load balancing yields predictable results across resets and reloads. Create port-channel You can create up to 128 port-channels, with up to 16 port members per group.
LACP enables ports to be dynamically bundled as members of a port-channel. To configure a port for LACP operation, use the channelgroup mode command. Active and passive modes allow LACP to negotiate between ports to determine if they can form a port -channel based on their configuration settings.
When you configure an IP and MAC hashing scheme at the same time, the MAC hashing scheme takes precedence over the IP hashing scheme. • Select one or more methods of load balancing and replace the default IP 4-tuple method of balancing traffic over a port-channel in CONFIGURATION mode.
Configure range of Ethernet addresses and enable them OS10(config)# interface range ethernet 1/1/1-1/1/5 OS10(conf-range-eth1/1/1-1/1/5)# no shutdown View the configuration OS10(conf-range-eth1/1/1-1/1/5)# show configuration ! interface ethernet1/1/1 no shutdown switchport access vlan 1 ! interface ethernet1/1/2 no shutdown switchport access vlan 1 ! interface ethernet1/1/3 no shutdown switchport access vlan 1 ! interface ethernet1/1/4 no shutdown switchport access vlan 1 ! interface ethernet1/1/5 no shutdo
Enable energy-efficient Ethernet To reduce power consumption, enable EEE. EEE is disabled by default. 1 Enter the physical Ethernet interface information in CONFIGURATION mode. interface ethernet node/slot/port[:subport] 2 Enable EEE in INTERFACE mode.
View EEE statistics for a specified interface OS10# show interface ethernet 1/1/48 eee statistics Eth 1/1/48 EEE : on TxIdleTime(us) : 2560 TxWakeTime(us) : 5 Last Clearing : 18:45:53 TxEventCount : 0 TxDuration(us) : 0 RxEventCount : 0 RxDuration(us) : 0 View EEE statistics on all interfaces OS10# show interface eee statistics Port EEE TxEventCount TxDuration(us) RxEventCount RxDuration(us) -----------------------------------------------------------------------------Eth 1/1/1 off 0 0 0 0 ...
Example OS10# clear counters interface 1/1/48 eee Clear eee counters on ethernet1/1/48 [confirm yes/no]:yes Supported Releases 10.3.0E or later eee Enables or disables energy-efficient Ethernet (EEE) on physical ports. Syntax eee Parameters None Default Enabled on Base-T devices and disabled on S3048-ON and S4048T-ON. Command Mode Interface Usage Information To disable EEE, use the no version of this command.
show interface eee statistics Displays EEE statistics for all interfaces. Syntax show interface eee statistics Parameters None Default Not configured Command Mode EXEC Example OS10# show interface eee statistics Port EEE TxEventCount TxDuration(us) RxEventCount RxDuration(us) -----------------------------------------------------------------------------Eth 1/1/1 off 0 0 0 0 ... Eth 1/1/47 on 0 0 0 0 Eth 1/1/48 on 0 0 0 0 Eth 1/1/49 n/a ... Eth 1/1/52 n/a Supported Releases 10.3.
EEE TxIdleTime(us) TxWakeTime(us) Last Clearing TxEventCount TxDuration(us) RxEventCount RxDuration(us) Supported Releases : : : : : : : : on 2560 5 18:45:53 0 0 0 0 10.3.0E or later Forward error correction Forward error correction (FEC) is a digital signal processing technique used to enhance data reliability. It does this by introducing redundant data, called error correcting code, prior to data transmission or storage.
1 Configure a platform-specific port profile in CONFIGURATION mode. For a standalone switch, enter 1/1 for node/unit. switch-port-profile node/unit profile 2 Save the port profile change to the startup configuration in EXEC mode. write memory 3 Reload the switch in EXEC mode.
QSFP+ ports. Similarly, profile-1 disables 40G speed on ports 25-30; profile-3 enables 40G on these ports. See switch-port-profile for a detailed description. 1GE mode: 1GE is supported only on SFP+ ports; 1GE is not supported on QSFP+ and QSFP28 ports 25-26. Breakout interfaces: Use the interface breakout command in Configuration mode to configure 4x10G, 4x25G, and 2x50G breakout interfaces.
*profile-1 and profile-2 activate the same port mode capability on unified and Ethernet ports. The difference is that in profile-1, by default SFP+ unified ports 1-24 come up in Fibre Channel mode with 2x16GFC breakouts per port group. In profile-2, by default SFP+ unified ports 1-24 come up in Ethernet 10GE mode. profile-1 allows you to connect FC devices for plug-and-play; profile-2 is designed for a standard Ethernet-based data network.
• vlan vlan-id — Display the VLAN interface information (1 to 4094). View interface information OS10# show interface Ethernet 1/1/1 is up, line protocol is up Hardware is Dell EMC Eth, address is 00:0c:29:98:1b:79 Current address is 00:0c:29:98:1b:79 Pluggable media present, QSFP-PLUS type is QSFP_40GBASE_CR4_1M Wavelength is 64 SFP receive power reading is 0.
! interface Ethernet 2/8 no ip address shutdown ! interface Ethernet 2/9 no ip address shutdown ... View L3 interfaces OS10# show ip interface brief Interface IP-Address TenGigabitEthernet 1/1/1 unassigned TenGigabitEthernet 1/2/1 unassigned TenGigabitEthernet 1/3/1 unassigned TenGigabitEthernet 1/4/1 unassigned TenGigabitEthernet 1/5/1 unassigned TenGigabitEthernet 1/6/1 10.10.10.
description (Interface) Configures a textual description of an interface. Syntax description string Parameters string — Enter a text string for the interface description (up to 240 characters). Default Not configured Command Mode INTERFACE Usage Information • To use special characters as a part of the description string, enclose the string in double quotes.
fec Configures Forward Error Correction on 25G, 50G, and 100G interfaces. Syntax Parameters Defaults fec {CL74-FC | CL91-RS | CL108-RS | off} • CL74-FC — Supports 25G and 50G • CL91-RS — Supports 100G • CL108-RS — Supports 25G and 50G • off — Disables FEC • For 25G and 50G interfaces: off • For 100G interfaces: CL91-RS Command Mode CONFIGURATION Usage Information The no version of this command resets the value to the default.
Supported Releases 10.2.2E or later interface ethernet Configures a physical Ethernet interface. Syntax interface ethernet node/slot/port:subport Parameters node/slot/port:subport — Enter the Ethernet interface information. Default Not configured Command Mode CONFIGURATION Usage Information The no version of this command deletes the interface. Example OS10(config)# interface ethernet 1/1/10:1 OS10(conf-if-eth1/1/10:1)# Supported Releases 10.2.
Supported Releases 10.2.0E or later interface null Configures a null interface on the switch. Syntax interface null number Parameters number — Enter the interface number to set as null (0). Default 0 Command Mode CONFIGURATION Usage Information You cannot delete the Null interface. The only configuration command possible in a Null interface is ip unreachables. Example OS10(config)# interface null 0 OS10(conf-if-nu-0)# Supported Releases 10.3.
Command Mode CONFIGURATION Usage Information Enter up to six comma-separated interface ranges without spaces between commas. When creating an interface range, interfaces are not sorted and appear in the order entered. You cannot mix interface configuration such as Ethernet ports with VLANs. • Bulk configuration is created if at least one interface is valid. • Non-existing interfaces are excluded from the bulk configuration with a warning message.
Example OS10(config)# link-bundle-utilization trigger-threshold 10 Supported Releases 10.2.0E or later mgmt Configures the specified VLAN as the management VLAN. Syntax mgmt Parameters None Default Not configured Command Mode VLAN INTERFACE Usage Information Use the no version of this command to remove the configuration. Example OS10(config)# interface vlan 11 OS10(conf-if-vl-11)# mgmt Supported Releases 10.3.
Example • To configure oversubscription on a FC interface, use the speed command. • To configure breakout interfaces on an Ethernet port, use the interface breakout command. • To view the currently active ports and subports, use the show interfaces status command. OS10(conf-pg-1/1/2)# mode FC 16g-2x OS10(conf-pg-1/1/8)# mode Eth 10g-4x Example: Reset mode OS10(conf-pg-1/1/2)# mode FC 16g-2x OS10(conf-pg-1/1/2)# no mode OS10(conf-pg-1/1/2)# mode Eth 10g-4x Supported Releases 10.3.
Parameters • node/slot — Enter 1/1 for node/slot when you configure a port group. • port-group — Enter the port-group number (1 to 10). Default Not configured Command mode CONFIGURATION Usage information Enter PORT-GROUP mode to configure unified ports in Fibre Channel or Ethernet mode. To view the ports that belong to a port group, enter the show port-group command. Example OS10(config)# port-group 1/1/8 OS10(conf-pg-1/1/8)# Supported releases 10.3.
Queuing strategy: fifo Input statistics: 0 packets, 0 octets 0 64-byte pkts, 0 over 64-byte pkts, 0 over 127-byte pkts 0 over 255-byte pkts, 0 over 511-byte pkts, 0 over 1023-byte pkts 0 Multicasts, 0 Broadcasts, 0 Unicasts 0 runts, 0 giants, 0 throttles 0 CRC, 0 overrun, 0 discarded Output statistics: 0 packets, 0 octets 0 64-byte pkts, 0 over 64-byte pkts, 0 over 127-byte pkts 0 over 255-byte pkts, 0 over 511-byte pkts, 0 over 1023-byte pkts 0 Multicasts, 0 Broadcasts, 0 Unicasts 0 throttles, 0 discarded,
show port-channel summary Displays port-channel summary information.
Example OS10(config)# show port-group port-group mode ports 1/1/1 Eth 10g-4x 1 2 3 4 1/1/2 FC 16g-2x 5 6 7 8 1/1/3 FC 16g-2x 9 10 11 12 1/1/4 FC 16g-2x 13 14 15 16 1/1/5 FC 16g-2x 17 18 19 20 1/1/6 FC 16g-2x 21 22 23 24 1/1/7 Eth 100g-1x 25 1/1/8 Eth 40g-1x 26 1/1/9 Eth 100g-1x 29 1/1/10 Eth 40g-1x 30 Supported Releases 10.3.1E or later show switch-port-profile Displays the current and default port profile on a switch.
Usage Information None Example OS10# show vlan Codes: * - Default VLAN, M - Management VLAN, R - Remote Port Mirroring VLANs Q: A - Access (Untagged), T - Tagged NUM Status Description Q Ports 1 down M 4020 down A Mgmt1/1/1 Supported Releases 10.2.0E or later shutdown Disables an interface. Syntax shutdown Parameters None Default Disabled Command Mode INTERFACE Usage Information This command marks a physical interface as unavailable for traffic.
Usage Information The speed command is supported only on the Management and Fibre Channel interfaces. This command is not supported on Ethernet interfaces. • To configure oversubscription for bursty storage traffic on a FC interface, use the speed command. Oversubscription allows a port to operate faster, but may result in traffic loss. For example, QSFP28 port groups in 4x8GFC mode support 16GFC oversubscription on member interfaces.
Command Mode Usage Information CONFIGURATION • S4148-ON series port profiles: • profile-1 — SFP+ 10G ports (1-24 and 31-54) and QSFP28 100G ports (25-26 and 29-30) are enabled. QSFP28 ports support 100GE and 4x10G, 4x25G, and 2x50G breakouts. • profile-2 — SFP+ 10G ports (1-24 and 31-50), QSFP+ 40G ports (27-28), and QSFP28 ports in 40G mode (25-26 and 29-30) are enabled. QSFP+ and QSFP28 ports support 40GE and 4x10G breakouts.
• Usage Information • SFP+ unified ports operate in Ethernet 10GE mode by default. SFP+ unified port groups support 4x8GFC and 2x16GFC breakouts (ports 1 and 3) in FC mode. • QSFP28 unified ports operate in Ethernet 100GE mode by default and support 4x25G and 4x10G breakouts. QSFP28 ports support 2x16GFC and 4x16GFC breakouts in FC mode. • SFP+ Ethernet ports operate at 10GE. profile-4 — SFP+ unified ports (1-24), QSFP28 unified ports (25-26 and 29-30), and SFP+ Ethernet ports (31-54) are enabled.
before you can assign an access interface to it. The no version of this command resets access VLAN membership on a L2 access or trunk port to VLAN 1. Example OS10(conf-if-eth1/1/3)# switchport mode access OS10(conf-if-eth1/1/3)# switchport access vlan 100 Supported Releases 10.2.0E or later switchport mode Places an interface in L2 access or trunk mode. Syntax Parameters switchport mode {access | trunk} • access — Enables L2 switching of untagged frames on a single VLAN.
Example OS10(conf-if-ma-1/1/1)# switchport trunk allowed vlan 1000 OS10(conf-if-ma-1/1/1)# no switchport trunk allowed vlan 1000 Supported Releases 102 Interfaces 10.2.
3 Fibre channel Fibre channel fabric port (F_Port) is the switch port that connects the Fibre Channel (FC) fabric to a node. S4148U-ON switches support F_Port. Enable Fibre channel F_Port mode globally using the feature fc domain-ID domain-ID command in CONFIGURATION mode. Enable Fibre channel F_Port mode OS10(config)# feature fc domain-id 100 Virtual fabric Virtual fabrics (vfabric) divide a physical fabric into logical fabrics. Manage each vfabric independently. The fabric ID identifies each vfabric.
fcoe fcmap 0xEFC64 zoneset activate set zone default-zone permit OS10# show vfabric Fabric Name 100 Fabric Type FPORT Fabric Id 100 Vlan Id 1023 FC-MAP 0xEFC64 Config-State ACTIVE Oper-State UP ========================================== Switch Config Parameters ========================================== Domain ID 100 ========================================== Switch Zoning Parameters ========================================== Default Zone Mode: Allow Active ZoneSet: set =====================================
5 Create a zoneset using the fc zoneset zoneset-name command in CONFIGURATION mode. The switch enters Zoneset CONFIGURATION mode. 6 Add the existing zones to the zoneset with the member zone-name command in Zoneset CONFIGURATION mode. 7 Activate the zoneset using the zoneset activate zoneset-name command in vfabric CONFIGURATION mode. The members in the zoneset become active.
hba1 *10:00:00:90:fa:b8:22:19 *21:00:00:24:ff:7b:f5:c8 OS10# show fc zoneset set ZoneSetName ZoneName ZoneMember ========================================================== set hba1 21:00:00:24:ff:7b:f5:c8 10:00:00:90:fa:b8:22:19 21:00:00:24:ff:7f:ce:ee 21:00:00:24:ff:7f:ce:ef hba2 20:01:00:0e:1e:e8:e4:99 50:00:d3:10:00:ec:f9:1b 50:00:d3:10:00:ec:f9:05 50:00:d3:10:00:ec:f9:1f 20:35:78:2b:cb:6f:65:57 F_Port commands fc alias Creates an FC alias.
Supported Releases 10.3.1E or later fc zoneset Creates an FC zoneset and adds the existing FC zones to the zoneset. Syntax fc zoneset zoneset-name Parameters zoneset-name — Enter a name for the FC zoneset. The name must start with a letter and may contain characters: A-Z, a-z, 0-9, $, _, -, ^ Defaults Not configured Command Mode CONFIGURATION Usage Information The no version of this command removes the FC zoneset.
Usage Information The no version of this command disables the F_Port. You can disable the F_Port only when vfabric and zoning configurations are not available. Before disabling the F_Port, remove the vfabric and zoning configurations. Example OS10(config)# feature fc domain-id 100 Supported Releases 10.3.1E or later member (alias) Add members to existing FC aliases. Identify a member by an FC alias, a World Wide Name (WWN), or an FC ID.
member (zoneset) Adds zones to an existing zoneset. Syntax member zone-name Parameters zone-name — Enter an existing zone name. Defaults Not configured Command Mode Zoneset CONFIGURATION Usage Information The no version of this command removes the zone from the zoneset. Example OS10(config)# fc zoneset set OS10(conf-fc-zoneset-set)# member hba1 Supported Releases 10.3.1E or later name Configures a vfabric name. Syntax name vfabric-name Parameters vfabric-name — Enter a name for the vfabric.
test 21:00:00:24:ff:7b:f5:c9 20:25:78:2b:cb:6f:65:57 OS10# Supported Releases 10.3.1E or later show fc ns switch Displays the details of FC NS switch parameters.
show fc statistics Displays the FC statistics. Syntax Parameters show fc statistics {vfabric vfabric-ID | interface fibrechannel} • vfabric-ID — Enter the vfabric ID. • fibrechannel — Enter the fibre channel interface name.
show fc zone Displays the FC zones and the zone members. Syntax show fc zone [zone-name] Parameters zone-name — Enter the FC zone name.
hba2 20:01:00:0e:1e:e8:e4:99 50:00:d3:10:00:ec:f9:1b 50:00:d3:10:00:ec:f9:05 50:00:d3:10:00:ec:f9:1f 20:35:78:2b:cb:6f:65:57 vFabric id: 100 Active Zoneset: set ZoneName ZoneMember ============================================== hba2 20:01:00:0e:1e:e8:e4:99 20:35:78:2b:cb:6f:65:57 50:00:d3:10:00:ec:f9:05 50:00:d3:10:00:ec:f9:1b 50:00:d3:10:00:ec:f9:1f hba1 Example (active zoneset) *10:00:00:90:fa:b8:22:19 *21:00:00:24:ff:7b:f5:c8 21:00:00:24:ff:7f:ce:ee 21:00:00:24:ff:7f:ce:ef OS10# show fc zoneset acti
Command Mode EXEC Usage Information None Example OS10# show vfabric Fabric Name 100 Fabric Type FPORT Fabric Id 100 Vlan Id 1023 FC-MAP 0xEFC64 Config-State ACTIVE Oper-State UP ================================= Switch Config Parameters ================================= Domain ID 100 ================================= Switch Zoning Parameters ================================= Default Zone Mode: Allow Active ZoneSet: set ================================= Members fibrechannel1/1/1 fibrechannel1/1/2 fibrec
Usage Information The no version of this command removes the vfabric. You can remove a vfabric only when it is not applied on any interfaces. Example OS10(config)# vfabric 100 Supported Releases 10.3.1E or later vfabric (interface) Applies an existing vfabric to an FC interface. Syntax vfabric fabric-ID Parameters fabric-ID — Enter the fabric ID, from 1 to 255.
zone default-zone permit Enables access between all logged-in FC nodes of vfabric in the absence of an active zoneset configuration. A default zone advertises a maximum of 527 members in the registered state change notification (RSCN) message. Syntax zone default-zone permit Parameters None Defaults Not configured Command Mode Vfabric CONFIGURATION Usage Information The no version of this command disables access between FC nodes in the absence of an active zoneset.
4 Layer 2 802.1X Verifies device credentials prior to sending or receiving packets using the extensible authentication protocol (see 802.1X Commands). Link Aggregation Control Protocol (LACP) Exchanges information between two systems and automatically establishes a LAG between the systems (see LACP Commands). Link Layer Discovery Enables a LAN device to advertise its configuration and receive configuration information from adjacent LLDPProtocol (LLDP) enabled infrastructure devices (see LLDP Commands).
NOTE: OS10 supports only RADIUS as the back-end authentication server. The authentication process involves three devices: • Supplicant — The device attempting to access the network performs the role of supplicant. Regular traffic from this device does not reach the network until the port associated to the device is authorized. Prior to that, only the supplicant can exchange 802.1x messages (EAPOL frames) with the authenticator.
6 If the identity information the supplicant provides is valid, the authentication server sends an Access Accept frame in which network privileges are specified. The authenticator changes the port state to authorize and forwards an EAP Success frame. If the identity information is invalid, the server sends an Access Reject frame. If the port state remains unauthorized, the authenticator forwards an EAP Failure frame. EAP over RADIUS 802.
Enable 802.1X 1 Enable 802.1X globally in CONFIGURATION mode. dot1x system-auth-control 2 Enter an interface or a range of interfaces in INTERFACE mode. interface range 3 Enable 802.1X on the supplicant interface only in INTERFACE mode. dot1x port-control auto Configure and verify 802.
Identity retransmissions If the authenticator sends a Request Identity frame but the supplicant does not respond, the authenticator waits 30 seconds and then retransmits the frame. There are several reasons why the supplicant might fail to respond — the supplicant may have been booting when the request arrived, there may be a physical layer problem, and so on.
Failure quiet period If the supplicant fails the authentication process, the authenticator sends another Request Identity frame after 30 seconds by default. The quiet period is a transmit interval time after a failed authentication. The Request Identity Re-transmit interval is for an unresponsive supplicant. You can configure the interval for a maximum of 10 times for an unresponsive supplicant.
force-authorized (default) This is an authorized state. A device connected to this port does not use the authentication process but can communicate on the network. Placing the port in this state is same as disabling 802.1X on the port. forceauthorized is the default mode. force-unauthorized This is an unauthorized state. A device connected to a port does not use the authentication process but is not allowed to communicate on the network.
Configure and verify reauthentication time period OS10(config)# interface range ethernet 1/1/7-1/1/8 OS10(conf-range-eth1/1/7-1/1/8)# dot1x re-authentication OS10(conf-range-eth1/1/7-1/1/8)# dot1x timeout re-authperiod 3600 OS10(conf-range-eth1/1/7-1/1/8)# show dot1x interface ethernet 1/1/7 802.
Port Auth Status: Re-Authentication: Tx Period: Quiet Period: Supplicant Timeout: Server Timeout: Re-Auth Interval: Max-EAP-Req: Host Mode: Auth PAE State: Backend State: UNAUTHORIZED Enable 120 seconds 120 seconds 45 seconds 60 seconds 3600 seconds 5 MULTI_HOST Initialize Initialize View interface running configuration OS10(conf-range-eth1/1/7-1/1/8)# do show running-configuration interface ...
Supported Releases 10.2.0E or later dot1x max-req Changes the maximum number of requests that the device sends to a supplicant before restarting 802.1X authentication. Syntax dot1x max-req retry-count Parameters max-req retry-count — Enter the retry count for the request sent to the supplicant before restarting 802.1X reauthentication (1 to 10). Default 2 Command Mode INTERFACE Usage Information The no version of this command resets the value to the default.
Example OS10(conf-range-eth1/1/7-1/1/8)# dot1x re-authentication Supported Releases 10.2.0E or later dot1x timeout quiet-period Sets the number of seconds that the device remains in quiet state following a failed authentication exchange with a supplicant. Syntax dot1x timeout quiet-period seconds Parameters quiet period seconds — Enter the number of seconds for the 802.1X quiet period timeout (1 to 65535).
dot1x timeout supp-timeout Sets the number of seconds that the device waits for the supplicant to respond to an EAP request frame before the device retransmits the frame. Syntax dot1x timeout supp-timeout seconds Parameters supp-timeout seconds — Enter the number of seconds for the 802.1X supplicant timeout (1 to 65535). Default 30 seconds Command Mode INTERFACE Usage Information The no version of this command resets the value to the default.
show dot1x interface Displays 802.1X configuration information. Syntax show dot1x interface ethernet node/slot/port[:subport] Parameters ethernet node/slot/port[:subport] — Enter the Ethernet interface information. Command Mode EXEC Usage Information Use this command to view the dot1x interface configuration for a specific interface. Example OS10# show dot1x interface 802.1x information on ethernet1/1/1 ------------------------------------Dot1x Status: Enable 802.
Link aggregation control protocol Group Ethernet interfaces to form a single link layer interface called a LAG or port-channel. Aggregating multiple links between physical interfaces creates a single logical LAG, which balances traffic across the member links within an aggregated Ethernet bundle and increases the uplink bandwidth. If one member link fails, the LAG continues to carry traffic over the remaining links.
Configure LACP OS10(config)# lacp system-priority 65535 OS10(config)# interface range ethernet 1/1/7-1/1/8 OS10(conf-range-eth1/1/7-1/1/8)# lacp port-priority 4096 OS10(conf-range-eth1/1/7-1/1/8)# lacp rate fast Verify LACP configuration OS10(conf-range-eth1/1/7-1/1/8)# do show running-configuration ... ! interface ethernet1/1/7 lacp port-priority 4096 lacp rate fast no shutdown ! interface ethernet1/1/8 lacp port-priority 4096 lacp rate fast no shutdown ! ...
Configure LACP timeout OS10(conf-if-eth1/1/29)# lacp rate fast View port status OS10# show lacp port-channel Port-channel 20 admin up, oper up, mode lacp Actor System ID: Priority 32768, Address f8:b1:56:00:02:33 Partner System ID: Priority 4096, Address 10:11:22:22:33:33 Actor Admin Key 20, Oper Key 20, Partner Oper Key 10 LACP LAG ID 20 is an aggregatable link A - Active LACP, B - Passive LACP, C - Short Timeout, D - Long Timeout E - Aggregatable Link, F - Individual Link, G - IN_SYNC, H - OUT_OF_SYNC, I
Bravo LAG configuration summary OS10(config)# interface port-channel 1 OS10(conf-if-po-1)# exit OS10(config)# interface ethernet 1/1/49 OS10(conf-if-eth1/1/49)# no switchport OS10(conf-if-eth1/1/49)# channel-group 1 mode active OS10(conf-if-eth1/1/49)# interface ethernet 1/1/50 OS10(conf-if-eth1/1/50)# no switchport OS10(conf-if-eth1/1/50)# channel-group 1 mode active OS10(conf-if-eth1/1/50)# interface ethernet 1/1/51 OS10(conf-if-eth1/1/51)# no switchport OS10(conf-if-eth1/1/51)# channel-group 1 mode activ
0 runts, 0 giants, 0 throttles 0 CRC, 0 overrun, 465 discarded Output statistics: 7840 packets, 938965 octets 0 64-byte pkts,1396 over 64-byte pkts, 6444 over 127-byte pkts 0 over 255-byte pkts, 0 over 511-byte pkts, 0 over 1023-byte pkts 7840 Multicasts, 0 Broadcasts,0 Unicasts 0 throttles, 0 discarded, 0 Collisions, 0 wreddrops Rate Info(interval 299 seconds): Input 0 Mbits/sec, 0 packets/sec, 0% of line rate Output 0 Mbits/sec, 1 packets/sec, 0% of line rate Time since last interface status change : 01:2
Actor Admin: State Key 1 Priority 32768 Oper: State Key 1 Priority 32768 Partner Admin: State Key 0 Priority 0 Oper: State Key 1 Priority 32768 Port ethernet1/1/31 is Enabled, LACP is enabled and mode is lacp Actor Admin: State Key 1 Priority 32768 Oper: State Key 1 Priority 32768 Partner Admin: State Key 0 Priority 0 Oper: State Key 1 Priority 32768 Verify LAG membership OS10# show lacp interface ethernet 1/1/29 Interface ethernet1/1/29 is up Channel group is 1 port channel is po1 PDUS sent: 17 PDUS rcvd:
• active — Enter to enable the LACP interface. The interface is in the Active Negotiating state when the port starts negotiations with other ports by sending LACP packets. • on — Enter so that the interface is not part of a dynamic LAG but acts as a static LAG member. • passive — Enter to only enable LACP if it detects a device. The interface is in the Passive Negotiation state when the port responds to the LACP packets that it receives but does not initiate negotiation until it detects a device.
Default 32 Command Mode INTERFACE Usage Information The no version of this command resets the maximum bundle size to the default value. Example OS10(conf-if-po-10)# lacp max-bundle 10 Supported Releases 10.2.0E or later lacp port-priority Sets the priority for the physical interfaces for LACP. Syntax lacp port-priority priority Parameters priority — Enter the priority for the physical interfaces (0 to 65535).
lacp system-priority Sets the system priority of the device for LACP. Parameters priority — Enter the priority value for physical interfaces (0 to 65535). Default 32768 Command Mode CONFIGURATION Usage Information Each device that runs LACP has an LACP system priority value. LACP uses the system priority with the MAC address to form the system ID and also during negotiation with other systems. The system ID is unique for each device.
show lacp interface Displays information about specific LACP interfaces. Syntax show lacp interface ethernet node/slot/port Parameters node/slot/port — Enter the interface information. Default Not configured Command Mode EXEC Usage Information The LACP_activity field displays if you configure the link in Active or Passive port-channel mode. The Port Identifier field displays the port priority as part of the information including the port number.
Parameters • interface port-channel — (Optional) Enter the interface port-channel. • channel-number — (Optional) Enter the port-channel number for the LACP neighbor (1 to 128). Default Not configured Command Mode EXEC Usage Information All channel groups display if you do not enter the channel-number parameter.
show lacp system-identifier Displays the LACP system identifier for a device. Syntax show lacp system-identifier Parameters None Default Not configured Command Mode EXEC Usage Information The LACP system ID is a combination of the configurable LACP system priority value and the MAC address. Each system that runs LACP has an LACP system priority value. The default value is 32768 or configure a value between 1 and 65535.
LAN devices transmit LLDPDUs, which encapsulate TLVs, to neighboring LAN devices. LLDP is a one-way protocol and LAN devices (LLDP agents) transmit and/or receive advertisements but they cannot solicit and do not respond to advertisements. There are three mandatory TLVs followed by zero or more optional TLVs and the end of the LLDPDU TLV.
Organizationally-specific TLVs There are eight TLV types defined by the 802.1 and 802.3 working groups as a basic part of LLDP. Configure OS10 to advertise any or all of these TLVs. Optional TLVs 4 — Port description User-defined alphanumeric string that describes the port. 5 — System name User-defined alphanumeric string that identifies the system. 6 — System description Detailed description of all components of the system. 7 — System capabilities Determines the capabilities of the system.
Media endpoint discovery LLDP media endpoint discovery (LLDP-MED) provides additional organizationally-specific TLVs to allow endpoint devices and network connectivity devices to advertise their characteristics and configuration information. LLDP-MED endpoint devices are located at the IEEE 802 LAN network edge and participate in IP communication service using the LLDPMED framework, such as IP phones and conference bridges.
LLDP-MED capabilities Bit 0 LLDP-MED capabilities Bit 1 Network policy Bit 2 Location ID Bit 3 Extended power via MDI-PSE Bit 4 Extended power via MDI-PD Bit 5 Inventory Bits 6-15 Reserved LLDP-MED device types 0 Type not defined 1 Endpoint class 1 2 Endpoint class 2 3 Endpoint class 3 4 Network connectivity 5-255 Reserved Network policies TLVs A network policy in the context of LLDP-MED is a device’s VLAN configuration and associated Layer 2 and Layer 3 configurations.
0 — Reserved — 1 — Voice Used for dedicated IP telephony handsets and other appliances supporting interactive voice services. 2 — Voice signaling Used only if voice control packets use a separate network policy than voice data. 3 — Guest voice Used only for a separate limited voice service for guest users with their own IP telephony handsets and other appliances supporting interactive voice services.
2 Enter the multiplier value for the hold time in CONFIGURATION mode. lldp holdtime-multiplier 3 Enter the delay (in seconds) for LLDP initialization on any interface in CONFIGURATION mode.
Enable LLDP OS10(config)# interface ethernet 1/1/1 OS10(conf-if-eth1/1/1)# lldp transmit OS10(conf-if-eth1/1/1)# lldp receive Disable LLDP globally OS10(config)# no lldp enable Advertise TLVs Configure the system to advertise TLVs out of all interfaces or specific interfaces. If you configure an interface, only the interface sends LLDPDUs with the specified TLVs. 1 Enable basic TLVs attributes to transmit and receive LLDP packets in INTERFACE mode.
• add — Attach the network policy to an interface. • remove — Remove the network policy from an interface. • number — Enter a network policy index number (1 to 32). Configure advertise LLDP-MED network policies OS10(conf-if-eth1/1/5)# lldp-med network-policy add 1 Fast start repeat count Fast start repeat count enables a network connectivity device to advertise itself at a faster rate for a limited amount of time.
View LLDP global traffic OS10# show lldp traffic LLDP traffic statistics: Total Frames Out : 0 Total Entries Aged : 0 Total Frames In : 0 Total Frames Received In Error : 0 Total Frames Discarded : 0 Total TLVS Unrecognized : 0 Total TLVs Discarded : 0 View LLDP interface traffic OS10# show lldp traffic interface ethernet 1/1/1 LLDP Traffic Statistics: Total Frames Out : 0 Total Entries Aged : 0 Total Frames In : 0 Total Frames Received In Error : 0 Total Frames Discarded : 0 Total TLVS Unrecognized : 0 Tot
Remote Management Address (IPv4): 10.1.1.
1 Adjust the TTL value in CONFIGURATION mode. lldp holdtime-multiplier 2 Return to the default multiplier value in CONFIGURATION mode. no lldp holdtime-multiplier Configure TTL OS10(config)# lldp holdtime-multiplier 2 Return multiplier value OS10(config)# no lldp holdtime-multiplier LLDP commands clear lldp counters Clears LLDP and LLDP-MED transmit, receive, and discard statistics from all the physical interfaces.
Parameters None Default Enabled Command Mode CONFIGURATION Usage Information This command enables LLDP globally for all Ethernet (PHY) interfaces, except on those interfaces where LLDP is manually disabled. The no version of this command disables LLDP globally irrespective of whether LLDP is manually enabled on an interface. Example OS10(config)# lldp enable Supported Releases 10.3.1E or later lldp holdtime-multiplier Configures the multiplier value for the hold time (in seconds).
Parameters • enable — Enable LLDP-MED on the interface. • disable — Disable LLDP-MED on the interface. Default Enabled with network-policy TLV Command Mode INTERFACE Usage Information LLDP-MED communicates the types of TLVs that the endpoint device and the network connectivity device support. Use the no lldp med or lldp med disable command to disable LLDP-MED on a specific interface. Example OS10(conf-if-eth1/1/1)# lldp med disable Supported Releases 10.2.
lldp med network-policy (Interface) Attaches or removes an LLDP-MED network policy to or from an interface. Syntax Parameters lldp-med network-policy {add | remove} number • add — Attach the network policy to an interface. • remove — Remove the network policy from an interface. • number — Enter a network policy index number (1 to 32). Default Not configured Command Mode INTERFACE Usage Information Attach only one network policy for per interface.
Example OS10(conf-if-eth1/1/3)# lldp receive Supported Releases 10.2.0E or later lldp reinit Configures the delay time (in seconds) for LLDP to initialize on any interface. Syntax lldp reinit seconds Parameters seconds — Enter the delay timer value in seconds (1 to 10). Default 2 seconds Command Mode CONFIGURATION Usage Information The no version of this command resets the value to the default. Example OS10(config)# lldp reinit 5 Supported Releases 10.2.
Command Mode INTERFACE Usage Information None Example OS10(conf-if-eth1/1/3)# lldp tlv-select basic-tlv system-name Supported Releases 10.2.0E or later lldp tlv-select dot1tlv Enables or disables the dot.1 TLVs to transmit in LLDP packets. Syntax Parameters lldp tlv-select dot1tlv { port-vlan-id | link-aggregation} • port-vlan-id — Enter the port VLAN ID. • link-aggregation — Enable the link aggregation TLV.
lldp transmit Enables the transmission of LLDP packets on a specific interface. Syntax lldp transmit Parameters None Default Not configured Command Mode INTERFACE Usage Information The no version of this command disables the transmission of LLDP packets on a specific interface. Example OS10(conf-if-eth1/1/9)# lldp transmit Supported Releases 10.2.0E or later show lldp interface Displays the LLDP information advertised from a specific interface.
ethernet1/1/20:1| Network Polices : Supported Releases Yes| Yes| No| No| No 10.2.0E or later show lldp errors Displays the LLDP errors related to memory allocation failures, queue overflows, and table overflows. Syntax show lldp errors Parameters None Default Not configured Command Mode EXEC Usage Information None Example OS10# Total Total Total Supported Release 10.2.
ethernet1/1/19 ethernet1/1/20 ethernet1/1/21 ethernet1/1/22 ethernet1/1/23 ethernet1/1/24 ethernet1/1/25 ethernet1/1/26 ethernet1/1/27 ethernet1/1/28 ethernet1/1/29 ethernet1/1/30 ethernet1/1/31 ethernet1/1/32 Supported Releases | | | | | | | | | | | | | | Yes| Yes| Yes| Yes| Yes| Yes| Yes| Yes| Yes| Yes| Yes| Yes| Yes| Yes| Yes| Yes| Yes| Yes| Yes| Yes| Yes| Yes| Yes| Yes| Yes| Yes| Yes| Yes| No| No| No| No| No| No| No| No| No| No| No| No| No| No| No| No| No| No| No| No| No| No| No| No| No| No| No| No
MED Capabilities: Supported: LLDP-MED Capabilities, Network Policy, Location Identification, Extended Power via MDI - PSE, Extended Power via MDI - PD, Inventory Management Current: LLDP-MED Capabilities, Network Policy, Location Identification, Extended Power via MDI - PD, Inventory Management Device Class: Endpoint Class 3 Network Policy: Application: voice, Tag: Tagged, Vlan: 50, L2 Priority: 6, DSCP Value: 46 Inventory Management: H/W Revision : 12.1.1 F/W Revision : 10.1.9750B S/W Revision : 10.1.
Supported Releases 10.2.0E or later show lldp tlv-select interface Displays the TLVs enabled for an interface. Syntax show lldp tlv-select interface ethernet node/slot/port[:subport] Parameters ethernet node/slot/port[:subport] — Enter the Ethernet interface information (1 to 253).
Total TLVs Discarded : 0 LLDP MED Traffic Statistics: Total Med Frames Out : Total Med Frames In : Total Med Frames Discarded : Total Med TLVS Discarded : Total Med Capability TLVS Discarded: Total Med Policy TLVS Discarded : Total Med Inventory TLVS Discarded : Supported Releases 2 1 0 0 0 0 0 10.2.0E or later show nework-policy profile Displays the network policy profiles.
Static MAC Address A static MAC address entry is one that you manually configure. A static entry is not subject to aging. • Create a static MAC address entry in the MAC address table in CONFIGURATION mode.
• all — (Optional) Clear all dynamic entries. • address mac_address — (Optional) Clear a MAC address entry. • vlan vlan-id — (Optional) Clear a MAC address table entry from a VLAN number (1 to 4094). • ethernet node/slot/port[:subport] — (Optional) Clear an Ethernet interface entry. • port—channel number — (Optional) Clear a port-channel number (1 to 128).
Command Mode CONFIGURATION Usage Information Set the aging timer to zero (0) to disable MAC address aging for all dynamic entries. The aging time counts from the last time that the device detected the MAC address. Example OS10(config)# mac address-table aging-time 3600 Supported Releases 10.2.0E or later mac address-table static Configures a static entry for the L2 MAC address table.
• static — (Optional) Displays static MAC address table entries only. • vlan vlan-id — (Optional) Displays VLAN information only (1 to 4094). Default Not configured Command Mode EXEC Usage Information The network device maintains static MAC address entries saved in the startup configuration file, and reboots and flushes dynamic entries.
Configuring MST is a four-step process: 1 Enable MST, if the current running STP version is not MST. 2 (Optional) Map the VLANs to different instances to achieve load balancing. 3 Ensure the same region name is configured in all the bridges running MST. 4 (Optional) Configure the revision number. Configure MST protocol When you enable MST globally, all L2 physical, port-channel, and VLAN interfaces are automatically assigned to MST instance (MSTI) zero (0).
Create instances You can create multiple MSTP instances and map VLANs. A single MSTI provides no more benefit than RSTP. To take full advantage of the MST protocol, create multiple MSTIs and map VLANs to them. 1 Enter an instance number in CONFIGURATION mode. spanning tree mst configuration 2 Enter the MST instance number in MULTIPLE-SPANNING-TREE mode (0 to 63). instance instance-number 3 Enter the VLAN and IDs to participate in the MST instance in MULTIPLE-SPANNING-TREE mode (1 to 4096).
ethernet1/1/17 128.324 128 200000000 BLK 0 32768 90b1.1cf4.a523 128.324 ethernet1/1/18 128.328 128 200000000 BLK 0 32768 90b1.1cf4.a523 128.328 ethernet1/1/19 128.332 128 200000000 BLK 0 32768 90b1.1cf4.a523 128.332 ethernet1/1/20 128.336 128 200000000 BLK 0 32768 90b1.1cf4.a523 128.336 ethernet1/1/21 128.340 128 200000000 BLK 0 32768 90b1.1cf4.a523 128.340 ethernet1/1/22 128.344 128 200000000 BLK 0 32768 90b1.1cf4.a523 128.344 ethernet1/1/23 128.348 128 200000000 BLK 0 32768 90b1.1cf4.a523 128.
Non-Dell hardware OS10 supports only one MST region. For a bridge to be in the same MST region as another, the three unique attributes (name, revision, and VLAN-to-instance-mapping) must match. The default values for name and revision number match on all Dell hardware. If you have non-Dell hardware that participates in MST, ensure these values match on all devices. A region is a combination of three unique attributes: • Name — A mnemonic string you assign to the region (default is the system MAC address).
4 Change the max-hops parameter in CONFIGURATION mode (1 to 40, default 20).
Link type: point-to-point (auto) Boundary: Yes, Bpdu-filter: Disable, Bpdu-Guard: Disable, Shutdown-on-Bpdu-Guard-violation: No Root-Guard: Disable, Loop-Guard: Disable Bpdus (MRecords) Sent: 69, Received: 0 Interface Designated Name PortID Prio Cost Sts Cost Bridge ID PortID ---------------------------------------------------------------------ethernet1/1/7 0.284 0 1 FWD 0 32768 90b1.1cf4.9b8a 0.
Root guard Avoids bridging loops and preserves the root bridge position during network transitions. STP selects the root bridge with the lowest priority value. During network transitions, another bridge with a lower priority may attempt to become the root bridge and cause unpredictable network behavior. Configure the spanning-tree guard root command to avoid such an attempt and preserve the position of the root bridge. Root guard is enabled on ports that are designated ports.
Interface Designated Name PortID Prio Cost Sts Cost Bridge ID PortID -------------------------------------------------------------------------ethernet1/1/4 128.272 128 500 BLK 500 32769 90b1.1cf4.a911 128.
MST region name and revision The configured name and revisions must be identical among all devices. If the region name is blank, a name was configured on one device and was not configured or was configured differently on another — spelling and capitalization counts. MST instances Verify the VLAN to MST instance mapping using the show commands. If you see extra MST instances in the Sending or Received logs, an additional MST instance was configured on one router but not others.
Command Mode CONFIGURATION Usage Information The no version of this command resets the value to the default. Example OS10(config)# spanning-tree mst forward-time 16 Supported Releases 10.2.0E or later spanning-tree mst hello-time Sets the time interval between generation and transmission of MSTP BPDUs. Syntax spanning-tree mst hello-time seconds Parameters seconds — Enter a hello-time interval value in seconds (1 to 10).
Usage Information A device receiving BPDUs waits until the max-hops value expires before discarding it. When a device receives the BPDUs, it decrements the received value of the remaining hops and uses the resulting value as remaining-hops in the BPDUs. If the remaining MSTP 1333 hops reach zero, the device discards the BPDU and ages out any information that it holds for the port. The command configuration applies to all common IST (CIST) in the MST region.
spanning-tree mst configuration Enters MST mode to configure MSTP from Configuration mode. Syntax spanning-tree mst configuration Parameters None Default Disabled Command Mode CONFIGURATION Usage Information Use this command to enter STP MST configuration mode. Example OS10(config)# spanning-tree mst configuration OS10(conf-mst)# Supported Releases 10.2.0E or later revision Configures a revision number for the MSTP configuration.
3 4 5 Supported Releases 4 5 6 10.2.0E or later show spanning-tree msti Displays MST instance information. Syntax show spanning-tree msti [instance-number [brief | guard | interface interface]] Parameters • instance-number — (Optional) Displays MST instance information (0 to 63). • brief — (Optional) Displays MST instance summary information. • guard — (Optional) Displays which guard is enabled and current port state.
Edge port:no (default) port guard :none (default) Link type is point-to-point (auto) Boundary :internal bpdu filter : bpdu guard : bpduguard shutdown-onviolation :disable RootGuard: disable LoopGuard disable Bpdus (MRecords) sent 3779, received 7 Interface Designated Name PortID Prio Cost Sts Cost Bridge ID PortID -----------------------------------------------------------ethernet1/1/1 128.132 128 20000 FWD 0 32768 74e6.e2f5.dd80 128.
Usage Information BPDU guard prevents a port from receiving BPDUs. If the port receives a BPDU, it is placed in the Error-Disabled state as a protective measure. Example OS10(conf-if-eth1/1/4)# spanning-tree bpduguard enable Supported Releases 10.2.0E or later spanning-tree guard Enables or disables loop guard or root guard on an interface. Syntax spanning-tree guard {loop | root | none} Parameters • loop — Enables loop guard on an interface. • root — Enables root guard on an interface.
spanning-tree mst Configures an MST instance and determines root and bridge priorities. Syntax Parameters spanning-tree mst instance number priority | root {primary | secondary} • instance number — Enter an MST instance number (0 to 63). • priority priority value — Set a bridge priority value in increments of 4096 (0 to 61440). Valid priority values are: 0, 4096, 8192, 12288, 16384, 20480, 24576, 28672, 32768, 36864, 40960, 45056, 49152, 53248, 57344, and 61440. All other values are rejected.
Parameters • msti instance — Enter the MST instance number (0 to 63). • cost cost — (Optional) Enter a port cost value (1 to 200000000).
3 Enable Rapid-PVST+ (only required if another variation of STP is present). 4 (Optional) Select a non-default bridge-priority for the VLAN for load balancing. By default, each VLAN instance is assigned default bridge priority 32768. For example, all three instances have the same forwarding topology. Traffic load balancing is not achievable with this kind of priority assignment. You must assign each instance a different priority to achieve load balancing, as shown in Load Balancing with RPVST+.
Enable RPVST+ By default, RPVST+ is enabled and creates an instance only after you add the first member port to a VLAN. Port-channel or physical interfaces must be a member of a VLAN to participate in RPVST+. Add all physical and port-channel interfaces to the default VLAN (VLAN1). • Enable the Rapid-PVST+ mode in CONFIGURATION mode.
We are the root of VLAN 1 Configured hello time 2, max age 20, forward delay 15 Interface Designated Name PortID Prio Cost Sts Cost Bridge ID PortID --------------------------------------------------------------------ethernet1/1/5 128.276 128 500 FWD 0 4097 90b1.1cf4.a523 128.276 ethernet1/1/6 128.280 128 500 FWD 0 4097 90b1.1cf4.a523 128.280 Interface Name Role PortID Prio Cost Sts Cost Link-type Edge -------------------------------------------------------------ethernet1/1/5 Desg 128.
ethernet1/1/8 ethernet1/1/9 ethernet1/1/10 ethernet1/1/11 Disb Disb Disb Disb 128.288 128.292 128.296 128.300 128 128 128 128 200000000 200000000 200000000 200000000 FWD FWD FWD FWD 0 0 0 0 AUTO AUTO AUTO AUTO No No No No Root assignment RPVST+ assigns the root bridge according to the lowest bridge ID. Assign one bridge as root bridge and the other as a secondary root bridge. • Configure the device as the root or secondary root in CONFIGURATION mode.
Port enabled with loop guard conditions • Loop guard is supported on any STP-enabled port or port-channel interface in RPVST+ mode. • You cannot enable root guard and loop guard at the same time on an STP port — the loop guard configuration overwrites an existing root guard configuration and vice versa. • Enabling BPDU guard and loop guard at the same time on a port results in a port that remains in a Blocking state and prevents traffic from flowing through it.
Parameters • interface — Enter the interface type: • ethernet node/slot/port[:subport] — Deletes the spanning-tree counters from a physical port. • port-channel number — Deletes the spanning-tree counters for a port-channel interface (1 to 128). Default Not configured Command Mode EXEC Usage Information Clear all STP counters on the device per Ethernet interface or port-channel. Example OS10# clear spanning-tree counters interface port-channel 10 Supported Releases 10.2.
Example OS10# debug spanning-tree bpdu rx Supported Releases 10.2.0E or later show spanning-tree vlan Displays RPVST+ status and configuration information by VLAN ID.
Example OS10(conf-if-eth1/1/4)# spanning-tree bpdufilter enable Supported Releases 10.2.0E or later spanning-tree bpduguard Enables or disables BPDU guard on an interface. Syntax spanning-tree bpduguard {enable | disable} Parameters • enable — Enables the BPDU guard filter on an interface. • disable — Disables the BPDU guard filter on an interface. Default Disabled Command Mode INTERFACE Usage Information BPDU guard prevents a port from receiving BPDUs.
• mst — Sets the STP mode to MST. • rapid-pvst — Sets the STP mode to RPVST+. Default RPVST+ Command Mode CONFIGURATION Usage Information All STP instances are stopped in the previous STP mode, and are restarted in the new mode. You can also change to RSTP/MST mode. Example (RSTP) OS10(config)# spanning-tree mode rstp Example (MST) OS10(config)# spanning-tree mode mst Supported Releases 10.2.0E or later spanning-tree port Sets the port type as the EdgePort.
Usage Information The media speed of a LAN interface determines the STP port path cost default value. Example OS10(conf-if-eth1/1/4)# spanning-tree vlan 10 cost 1000 Supported Releases 10.2.0E or later spanning-tree vlan forward-time Configures a time interval for the interface to wait in Blocking state or Learning state before moving to Forwarding state. Syntax spanning-tree vlan vlan-id forward-time seconds Parameters • vlan-id— Enter a VLAN ID number (1 to 4094).
Default 2 seconds Command Mode CONFIGURATION Usage Information Dell EMC recommends increasing the hello-time for large configurations — especially configurations with multiple ports. Example OS10(config)# spanning-tree vlan 10 hello-time 5 Supported Releases 10.2.0E or later spanning-tree vlan max-age Configures the time period the bridge maintains configuration information before refreshing the information by recomputing RPVST.
Default 128 Command Mode INTERFACE Usage Information Breaks the tie between the two bridges which compete for root bridge. Example OS10(conf-if-eth1/1/4)# spanning-tree vlan 10 priority 16 Supported Releases 10.2.0E or later spanning-tree vlan root Designates a device as primary or secondary root bridge. Syntax spanning-tree vlan vlan-id root {primary | secondary} Parameters • vlan-id — Enter a VLAN ID number (1 to 4094). • root — Designate the bridge as primary or secondary root.
• • Re-enable an interface in INTERFACE mode. no spanning-tree disable Re-enable RSTP globally for all L2 interfaces in CONFIGURATION mode. no spanning-tree disable View all port participating in RSTP OS10# show spanning-tree Spanning tree enabled protocol rstp with force-version rstp Executing IEEE compatible Spanning Tree Protocol Root ID Priority 32768, Address 3417.4455.667f Root Bridge hello time 2, max age 20, forward delay 15 Bridge ID Priority 32768, Address 90b1.1cf4.
ethernet1/1/23 128.348 128 200000000 BLK 0 0 0000.0000.0000 ethernet1/1/24 128.352 128 200000000 BLK 0 0 0000.0000.0000 ethernet1/1/25 128.356 128 200000000 BLK 0 0 0000.0000.0000 ethernet1/1/26 128.360 128 200000000 BLK 0 0 0000.0000.0000 ethernet1/1/27 128.364 128 200000000 BLK 0 0 0000.0000.0000 ethernet1/1/28 128.368 128 200000000 BLK 0 0 0000.0000.0000 ethernet1/1/29 128.372 128 200000000 BLK 0 0 0000.0000.0000 ethernet1/1/30 128.376 128 200000000 BLK 0 0 0000.0000.0000 ethernet1/1/31 128.
Root ID Priority 32768, Address 90b1.1cf4.9b8a Root Bridge hello time 2, max age 20, forward delay 15 Bridge ID Priority 32768, Address 90b1.1cf4.9b8a We are the root Configured hello time 2, max age 20, forward delay 15 Interface Designated Name PortID Prio Cost Sts Cost Bridge ID PortID ------------------------------------------------------------------ethernet3/1/1 244.128 128 500 BLK 0 32768 90b1.1cf4.9b8a 128.244 ethernet3/1/2 248.128 128 500 BLK 0 32768 90b1.1cf4.9b8a 128.248 ethernet3/1/3 252.
Root bridge selection RSTP determines the root bridge. Assign one bridge a lower priority to increase the likelihood that it is selected as the root bridge. • Assign a number as the bridge priority or designate it as the primary or secondary root in CONFIGURATION mode. Configure the priority value range (0 to 65535 in multiples of 4096, default 32768). The lower the number assigned, the more likely this bridge becomes the root bridge.
Spanning-tree extensions STP extensions ensure efficient network convergence by securely enforcing the active network topology. OS10 supports BPDU filtering, BPDU guard, loop guard, and root guard STP extensions. BPDU filtering Protects the network from unexpected flooding of BPDUs from an erroneous device. Enabling BPDU Filtering instructs the hardware to drop BPDUs and prevents flooding from reaching the CPU. BPDU filtering is enabled by default on Edge ports.
violation :disable RootGuard: enable LoopGuard disable Bpdus (MRecords) sent 134, received 138 Interface Designated Name PortID Prio Cost Sts Cost Bridge ID PortID -------------------------------------------------------------------------ethernet1/1/4 128.272 128 500 BLK 500 32769 90b1.1cf4.a911 128.
clear spanning-tree counters Clears the counters for STP. Syntax Parameters clear spanning-tree counters [interface {ethernet node/slot/port[:subport] | port—channel number}}] • interface — Enter the interface type: • ethernet node/slot/port[:subport] — Deletes the spanning-tree counters from a physical port. • port-channel number — Deletes the spanning-tree counters for a port-channel interface (1 to 128).
Supported Releases 10.2.0E or later show spanning-tree interface Displays spanning-tree interface information for Ethernet and port-channels. Syntax show spanning-tree interface {ethernet node/slot/port [:subport] | port-channel port-id} [detail] Parameters • ethernet node/slot/port[:subport] — Displays spanning-tree information for a physical interface. • port-channel port-id — Displays spanning-tree information for a port-channel number (1 to 128).
spanning-tree bpduguard Enables or disables BPDU guard on an interface. Syntax Parameters spanning-tree bpduguard {enable | disable} • enable — Enables the BPDU guard filter on an interface. • disable — Disables the BPDU guard filter on an interface. Default Disabled Command Mode INTERFACE Usage Information BPDU guard prevents a port from receiving BPDUs. If the port receives a BPDU, it is placed in the Error-Disabled state as a protective measure.
Command Mode CONFIGURATION Usage Information All STP instances are stopped in the previous STP mode, and are restarted in the new mode. You can also change to RSTP/MST mode. Example (RSTP) OS10(config)# spanning-tree mode rstp Example (MST) OS10(config)# spanning-tree mode mst Supported Releases 10.2.0E or later spanning-tree port Sets the port type as the EdgePort.
Default 15 seconds Command Mode CONFIGURATION Usage Information None Example OS10(config)# spanning-tree rstp forward-time 16 Supported Releases 10.2.0E or later spanning-tree rstp hello-time Sets the time interval between generation and transmission of RSTP BPDUs. Syntax spanning-tree rstp hello-time seconds Parameters seconds — Enter a hello-time interval value in seconds (1 to 10).
Command Mode CONFIGURATION Usage Information RSTP determines the root bridge but you can assign one bridge a lower priority to increase the probability it being the root bridge. A lower priority value increases the probability of the bridge becoming a root bridge. Example OS10(config)# spanning-tree rstp priority 200 Supported Releases 10.2.0E or later Virtual LANs VLAN segments a single flat L2 broadcast domain into multiple logical L2 networks.
Create or remove VLANs You can create VLANs and add physical interfaces or port-channel (LAG) interfaces to the VLAN as tagged or untagged members. You can add an Ethernet interface as a trunk port or as an access port, but it cannot be added as both at the same time.
ARP type: ARPA, ARP Timeout: 240 Last clearing of "show interface" counters Queueing strategy: fifo Time since last interface status change: Vlan 200 is up, line protocol is up Address is , Current address is Interface index is 69209064 Internet address is not set MTU 1532 bytes LineSpeed auto Flowcontrol rx off tx off ARP type: ARPA, ARP Timeout: 240 Last clearing of "show interface" counters Queueing strategy: fifo Time since last interface status change: Vlan 320 is up, line protocol is up Address is , C
Trunk mode A trunk port can be a member of multiple VLANs set up on an interface. A trunk port can transmit traffic for all VLANs. To transmit traffic on a trunk port with multiple VLANs, OS10 uses tagging or the 802.1q encapsulation method. 1 Configure a port in INTERFACE mode. interface ethernet node/slot/port[:subport] 2 Change the Switchport mode to Trunk mode in INTERFACE mode. switchport mode trunk 3 Enter the allowed VLANs on the trunk port in INTERFACE mode.
View VLAN configuration OS10(conf-if-vl-200)# do show interface vlan Vlan 1 is up, line protocol is up Address is , Current address is Interface index is 69208865 Internet address is not set MTU 1532 bytes LineSpeed auto Flowcontrol rx off tx off ARP type: ARPA, ARP Timeout: 240 Last clearing of "show interface" counters Queueing strategy: fifo Time since last interface status change: Vlan 200 is up, line protocol is up Address is , Current address is Interface index is 69209064 Internet address is not set
320 T A T T A up Po40 Eth1/1/31 Eth1/1/25:4 1/1/32 Po40 Eth1/1/3:1 View interface VLAN configuration OS10# show interface vlan Vlan 1 is up, line protocol is up Address is , Current address is Interface index is 69208865 Internet address is not set MTU 1532 bytes LineSpeed auto Flowcontrol rx off tx off ARP type: ARPA, ARP Timeout: 240 Last clearing of "show interface" counters Queueing strategy: fifo Time since last interface status change: Vlan 200 is up, line protocol is up Address is , Current addre
Parameters description — Enter a text string to identify the VLAN (up to 80 characters). Default Not configured Command Mode INTERFACE-VLAN Usage Information None Example OS10(conf-if-vlan)# description vlan3 Supported Releases 10.2.0E or later interface vlan Creates a VLAN interface. Syntax interface vlan vlan-id Parameters vlan-id — Enter the VLAN ID number (1 to 4094).
T Po40 A Eth1/1/3:1 Supported Releases 10.2.0E or later Port monitoring Port monitoring enables mirroring of ingress or egress traffic of one port to another for analysis. A mirroring port (MG) or destination port, is the port where the mirrored traffic is sent for analysis. A monitored port (MD) is the source interface which is monitored for traffic analysis, also called source port.
2 Return to CONFIGURATION mode. exit 3 Create an access list in CONFIGURATION mode. ip access-list access-list-name 4 Define access-list rules using seq, permit, and deny statements in CONFIG-ACL mode. The ACL rules describe the traffic you want to monitor. Flow monitoring is supported for IPv4 ACLs, IPv6 ACLs, and MAC ACLs.
Session and VLAN requirements Remote port mirroring requires a source session (monitored ports on different source devices), a reserved tagged VLAN for transporting mirrored traffic (configured on source, intermediate, and destination devices), and a destination session (destination ports connected to analyzers on destination devices).
• You cannot configure the dedicated VLAN used to transport mirrored traffic as a source VLAN. Restrictions • When you use a source VLAN, enable flow-based monitoring (flow-based enable). • In a source VLAN, only received (rx) traffic is monitored. • You cannot configure a source port-channel or source VLAN in a source session if the port-channel or VLAN has a member port configured as a destination port in a remote port mirroring session.
Parameters string — Enter a description of the monitoring session (up to 255 characters). Default Not configured Command Mode MONITOR-SESSION Usage Information The no version of this command removes the description text. Example OS10(conf-mon-local-1)# description remote OS10(conf-mon-rspan-source-5)# description "RSPAN Sesssion" Supported Releases 10.2.0E or later destination (Port Monitoring) Sets the destination where monitored traffic is sent to. The monitoring session can be local or RPM.
monitor session Creates a session for monitoring traffic with port monitoring. Syntax monitor session session-id type [local | rspan-source] Parameters • session-id — Enter a monitor session ID (1 to 18). • local — (Optional) Enter a local monitoring session. • rspan-source — (Optional) Enter a remote monitoring session. Default local Command Mode CONFIGURATION Usage Information The no version of this command removes the monitor session.
Default Disabled Command Mode MONITOR-SESSION Usage Information The no version of this command enables the monitoring session. Example OS10(config)# monitor session 1 OS10(conf-mon-local-1)# no shut OS10(config)# monitor session 5 type rspan-source OS10(conf-mon-rspan-source-5)# no shut Supported Releases 10.2.0E or later source (Port Monitoring) Configures a source for port monitoring. The monitoring session can be one of the following: local, RPM.
5 Layer 3 Border Gateway Protocol (BGP) Provides an external gateway protocol that transmits inter-domain routing information within and between autonomous systems (see BGP Commands). Equal Cost MultiPath (ECMP) Provides next-hop packet forwarding to a single destination over multiple best paths (see ECMP Commands). IPv4 Routing Provides forwarding of packets to a destination IP address, based on a routing table.
path to reach a router external to the AS. EBGP routers exchange information with other EBGP routers and IBGP routers to maintain connectivity and accessibility. Classless interdomain routing BGPv4 supports classless interdomain routing (CIDR) with aggregate routes and AS paths. CIDR defines a network using a prefix consisting of an IP address and mask, resulting in efficient use of the IPv4 address space. Using aggregate routes reduces the size of routing tables.
Established Keepalive messages exchange, and after a successful receipt, the router is in the Established state. Keepalive messages continue to send at regular periods. The keepalive timer establishes the state to verify connections. After the connection is established, the router sends and receives keepalive, update, and notification messages to and from its peer. Peer templates Peer templates allow BGP neighbors to inherit the same outbound policies.
Multiprotocol BGP Multiprotocol BGP (MBGP) is an extension to BGP that supports multiple address families—IPv4 and IPv6. MBGP carries multiple sets of unicast and multicast routes depending on the address family. You can enable the MBGP feature on a per router, per template, and/or a per peer basis. The default is the IPv4 unicast routes.
• A path with no AS_PATH configured has a path length of 0 • AS_CONFED_SET is not included in the AS_PATH length • AS_CONFED_SEQUENCE has a path length of 1 no matter how many ASs are in the AS_CONFED_SEQUENCE 4 Prefer the path with the lowest ORIGIN type—IGP is lower than EGP and EGP is lower than INCOMPLETE. 5 Prefer the path with the lowest multiexit discriminator (MED) attribute: • This comparison is only done if the first neighboring AS is the same in the two paths.
Multiexit discriminators If two autonomous systems connect in more than one place, use a multiexit discriminator (MED) to assign a preference to a preferred path. MED is one of the criteria used to determine best path—other criteria may also impact selection. One AS assigns the MED a value. Other AS uses that value to decide the preferred path. Assume that the MED is the only attribute applied and there are two connections between AS 100 and AS 200. Each connection is a BGP session.
The question mark (?) indicates an origin code of INCOMPLETE, and the lower case letter (i) indicates an origin code of IGP. Origin configuration OS10# show ip bgp BGP local RIB : Routes to be Added , Replaced , Withdrawn BGP local router ID is 30.1.1.
If you configure the bgp bestpath as-path ignore command and the bestpath as-path multipath-relax command at the same time, an error message displays—only enable one command at a time. More path support More path (Add-Path) reduces convergence times by advertising multiple paths to its peers for the same address prefix without replacing existing paths with new ones. By default, a BGP speaker advertises only the best path to its peers for a given address prefix.
4-Byte AS numbers OS10 supports 4-byte AS number configurations by default. The 4-byte support is advertised as a new BGP capability - 4-BYTE-AS, in the OPEN message. A BGP speaker that advertises 4-Byte-AS capability to a peer, and receives the same from that peer must encode AS numbers as 4-octet entities in all messages. If the AS number of the peer is different, the 4-byte speaker brings up the neighbor session using a reserved 2-byte ASN,23456 called AS_TRANS.
The Local-AS does not prepend the updates with the AS number received from the EBGP peer if you use the no prepend command. If you do not select no prepend, the default, the Local-AS adds to the first AS segment in the AS-PATH. If you use an inbound route-map to prepend the AS-PATH to the update from the peer, the Local-AS adds first. If Router B has an inbound route-map applied on Router C to prepend 65001 65002 to the AS-PATH, these events take place on Router B: • • • Receive and validate the update.
connected to the router. The BGP process first determines if all internal BGP peers are reachable, then it determines which peers outside the AS are reachable. 1 Assign an AS number, and enter ROUTER-BGP mode from CONFIGURATION mode (1 to 65535 for 2-byte, 1 to 4294967295 for 4byte). Only one AS number is supported per system. If you enter a 4-byte AS number, 4-byte AS support is enabled automatically. router bgp as-number 2 Enter a neighbor in ROUTER-BGP mode.
Prefixes accepted 3, Prefixes advertised 0 Connections established 3; dropped 2 Closed by neighbor sent 00:03:26 ago Local host: 5.1.1.2, Local port: 43115 Foreign host: 5.1.1.1, Foreign port: 179 View BGP running configuration OS10# show running-configuration router bgp 65123 router-id 192.168.10.2 ! address-family ipv4 unicast ! neighbor 10.10.21.1 remote-as 65123 no shutdown ! neighbor 10.10.32.3 remote-as 65123 no shutdown ! neighbor 100.10.92.9 remote-as 65192 no shutdown ! neighbor 192.168.10.
peer template and assign a name to it before adding members to the peer template. Create a peer template before configuring any route policies for the template. NOTE: An outbound filter policy, distribute list or route map, is not supported on a peer group member. 1 Enable BGP, and assign the AS number to the local BGP speaker in CONFIGURATION mode, from 1 to 65535 for 2 byte, 1 to 4294967295 | 0.1 to 65535.65535 for 4 byte, or 0.1 to 65535.65535 in dotted format.
Minimum time between advertisement runs is 30 seconds For address family: Unicast BGP neighbor is ebgppg, peer-group external Update packing has 4_OCTET_AS support enabled Number of peers in this group 1 Peer-group members: View running configuration OS10(config-router-neighbor)# do show running-configuration bgp ! router bgp 300 ! neighbor 3.1.1.
Received 23 messages 1 opens, 0 notifications, 1 updates 21 keepalives, 0 route refresh requests Sent 21 messages 1 opens, 0 notifications, 0 updates 20 keepalives, 0 route refresh requests Minimum time between advertisement runs is 30 seconds Minimum time before advertisements start is 0 seconds Capabilities received from neighbor for IPv4 Unicast: MULTIPROTO_EXT(1) ROUTE_REFRESH(2) CISCO_ROUTE_REFRESH(128) 4_OCTET_AS(65) Capabilities advertised to neighbor for IPv4 Unicast: MULTIPROTO_EXT(1) ROUTE_REFRESH
Fast external fallover is enabled by default. To disable or re-enable it, use the [no] fast-external-fallover command. For the fast-external-fallover command to take effect on an established BGP session, you must reset the session using the clear ip bgp {* | peer-ipv4-address | peer-ipv6-address} command. View fast external fallover configuration OS10(config)# do show running-configuration bgp ! router bgp 300 ! neighbor 3.1.1.
BGP router identifier 11.11.11.11 local AS number 300 Neighbor AS MsgRcvd MsgSent Up/Down State/Pfx ----------------------------------------------------------------3.1.1.1 100 7 4 00:00:29 3 3::1 100 9 5 00:00:29 4 OS10(conf-if-eth1/1/1)# OS10(config-router-bgp-neighbor-af)# Apr 27 01:39:03 OS10 dn_sm[2065]: Node.1-Unit.1:PRI:alert [os10:event], %Dell EMC (OS10) %BGP_NBR_BKWD_STATE_CHG: Backward state change occurred Hold Time expired for Nbr:3.1.1.3 VRF:default Apr 27 01:39:03 OS10 dn_sm[2065]: Node.
2 Enter a local-as number for the peer, and the AS values not prepended to announcements from the neighbors in ROUTERNEIGHBOR mode (1 to 4294967295). local-as as number [no prepend] 3 Return to ROUTER-BGP mode. exit 4 Enter a template name to assign to the peer-groups in ROUTER-BGP mode (up to 16 characters). template template-name 5 Enter a local-as number for the peer in ROUTER-TEMPLATE mode.
neighbor 17.1.1.
1 Assign an AS number in CONFIGURATION mode. router bgp as-number 2 Enter a neighbor and IP address (A.B.C.D) in ROUTER-BGP mode. neighbor ip-address 3 Enter Address Family mode in ROUTER-NEIGHBOR mode. address-family {[ipv4 | ipv6] [unicast]) 4 Allow the specified neighbor to send or receive multiple path advertisements in ROUTER-BGP mode. The count parameter controls the number of paths that are advertised — not the number of paths received.
4 Enter the neighbor to apply the route map configuration in ROUTER-BGP mode. neighbor {ip-address} 5 Apply the route map to the neighbor’s incoming or outgoing routes in ROUTER-BGP-NEIGHBOR-AF mode. route-map map-name {in | out) 6 Enter the peer group to apply the route map configuration in ROUTER-BGP mode. template template-name 7 Apply the route map to the peer group’s incoming or outgoing routes in CONFIG-ROUTER-TEMPLATE-AF mode.
OS10(config-router-bgp-10)# template zanzibar OS10(config-router-template)# weight 200 Enable multipath You can have one path to a destination by default, and enable multipath to allow up to 64 parallel paths to a destination. The show ip bgp network command includes multipath information for that network. • Enable multiple parallel paths in ROUTER-BGP mode.
Configure clusters of routers where one router is a concentration router and the others are clients who receive their updates from the concentration router. 1 Assign an ID to a router reflector cluster in ROUTER-BGP mode. You can have multiple clusters in an AS. cluster-id cluster-id 2 Assign a neighbor to the router reflector cluster in ROUTER-BGP mode. neighbor {ip-address} 3 Configure the neighbor as a route-reflector client in ROUTER-NEIGHBOR mode, then return to ROUTER-BGP mode.
! neighbor 32.1.1.2 remote-as 104 no shutdown ! address-family ipv4 unicast Confederations Another way to organize routers within an AS and reduce the mesh for IBGP peers is to configure BGP confederations. As with route reflectors, Dell EMC recommends BGP confederations only for IBGP peering involving many IBGP peering sessions per router. When you configure BGP confederations, you break the AS into smaller sub-ASs. To devices outside your network, the confederations appear as one AS.
Route dampening When EBGP routes become unavailable, they “flap” and the router issues both WITHDRAWN and UPDATE notices. A flap occurs when a route is withdrawn, readvertised after being withdrawn, or has an attribute change. The constant router reaction to the WITHDRAWN and UPDATE notices causes instability in the BGP process. To minimize this instability, configure penalties (a numeric value) for routes that flap.
View dampened paths OS10# show ip bgp dampened-paths BGP local router ID is 80.1.1.1 Status codes: s suppressed, S stale, d dampened, h history, * valid, > best Origin codes: i - IGP, e - EGP, ? - incomplete Network From Reuse Path d* 3.1.2.0/24 80.1.1.2 00:00:12 800 9 8 i d* 3.1.3.0/24 80.1.1.2 00:00:12 800 9 8 i d* 3.1.4.0/24 80.1.1.2 00:00:12 800 9 8 i d* 3.1.5.0/24 80.1.1.2 00:00:12 800 9 8 i d* 3.1.6.0/24 80.1.1.
1 Enable soft-reconfiguration for the BGP neighbor and BGP template in ROUTER-BGP mode. BGP stores all the updates that the neighbor receives but does not reset the peer-session. Entering this command starts the storage of updates, which is required to do inbound soft reconfiguration. neighbor {ip-address} soft-reconfiguration inbound 2 Enter Address Family mode in ROUTER-NEIGHBOR mode. address-family {[ipv4 | ipv6] [unicast]} 3 Configure soft-configuration for the neighbors belonging to the template.
• receive — Receive multiple paths from the peer. • send path count — Enter the number of multiple paths to send multiple to the peer, from 2 to 64. Default Not configured Command Mode ROUTER-BGP-NEIGHBOR-AF Usage Information Advertising multiple paths to peers for the same address prefix without replacing the existing path with a new one reduces convergence times. The no version of this command disables the multiple path advertisements for the same destination.
Usage Information The time interval applies to all peer group members of the template in ROUTER-TEMPLATE mode. The no version of this command resets the advertisement-interval value to the default. Example OS10(conf-router-neighbor)# advertisement-interval 50 Supported Releases 10.3.0E or later advertisement-start Delays initiating the OPEN message for the specified time.
allowas-in Sets the number of times a local AS number appears in the AS path. Syntax allowas-in as-number Parameters as-number—Enter the number of occurrences for a local AS number, from 1 to 10. Default Disabled Command Mode ROUTER-BPG-TEMPLATE-AF Usage Information Use this command to enable the BGP speaker to allow the AS number to be present for the specified number of times in updates received from the peer. You cannot set this configuration for a peer associated with a peer group.
Command Mode ROUTER-BGP Usage Information To enable load-balancing across different EBGP peers, configure the mutlipath-relax option. If you configure both ignore or multipath-relax options at the same time, a system-generated error message appears. The no version of this command disables configuration. Example OS10(conf-router-bgp-10)# bestpath as-path multipath-relax Supported Releases 10.3.0E or later bestpath med Changes the best path MED attributes during MED comparison for path selection.
Parameters • IPv4–address — Enter an IPv4 address to clear a BGP neighbor configuration. • IPv6–address — Enter an IPv6 address to clear a BGP neighbor configuration. • * — Clears all BGP sessions. Default Not configured Command Mode EXEC Usage Information To reset BGP IPv4 or IPv6 neighbor sessions, use this command. Example OS10# clear ip bgp 1.1.15.4 Supported Releases 10.3.0E or later clear ip bgp * Resets BGP sessions.
Usage Information Configure your system to accept 4-byte formats before entering a 4-byte AS number. All routers in the Confederation must be 4-byte or 2-byte identified routers. You cannot have a mix of 2-byte and 4-byte identified routers. The autonomous system number you configure in this command is visible to the EBGP neighbors. Each autonomous system is fully meshed and contains a few connections to other autonomous systems.
cluster-id Assigns a cluster ID to a BGP cluster with multiple route reflectors. Syntax Parameters cluster-id {number | ip-address} • number—Enter a route reflector cluster ID as a 32-bit number, from 1 to 4294967295. • ip-address—Enter an IP address as the route-reflector cluster ID. Default Router ID Command Mode ROUTER-BGP Usage Information If a cluster contains only one route reflector, the cluster ID is the route reflector’s router ID.
Supported Releases 10.3.0E or later default-metric Assigns a default-metric of redistributed routes to locally originated routes. Syntax default-metric number Parameters number — Enter a number as the metric to assign to routes from other protocols, from 1 to 4294967295. Default Disabled Command Mode ROUTER-BGP Usage Information Assigns a metric for locally-originated routes such as redistributed routes.
Command Mode ROUTER-NEIGHBOR Usage Information This command avoids installation of default multihop peer routes to prevent loops and creates neighbor relationships between peers. Networks indirectly connected are not valid for best path selection. The no version of this command removes multihop session. Example OS10(conf-router-neighbor)# ebgp-multihop 2 Supported Releases 10.3.
fast-external-fallover Resets BGP sessions immediately when a link to a directly connected external peer fails. Syntax fast-external-fallover Parameters None Default Not configured Command Mode ROUTER-BGP Usage Information Fast external fall-over terminates the EBGP session immediately after the IP unreachability or link failure is detected. This only applies after you manually reset all existing BGP sessions. For the configuration to take effect, use the clear ip bgp command.
Supported Releases 10.2.0E or later local-as Configures a local AS number for a peer. Syntax Parameters local-as as-number [no-prepend] • as-number—Enter the local AS number, from 1 to 4294967295. • no-prepend—(Optional) Enter so that local AS values are not prepended to announcements from the neighbor. Default Disabled Command Mode ROUTER-NEIGHBOR or ROUTER-TEMPLATE Usage Information Facilitates the BGP network migration operation and allows you to maintain existing AS numbers.
• number—Enter the number of parallel paths, from 1 to 64. Default 64 paths Command Mode ROUTER-BGP Usage Information Dell EMC recommends not using multipath and add path simultaneously in a route reflector. To recompute the best path, use the clear ip bgp * command. The no version of this command resets the value to the default. Example (EBGP) OS10(conf-router-bgp-2)# maximum-paths ebgp 2 maxpaths Example (IBGP) OS10(conf-router-bgp-2)# maximum-paths ibgp 4 maxpaths Supported Releases 10.3.
Example OS10(conf-router-bgp-2)# neighbor 32.1.0.0 OS10(conf-router-neighbor)# Supported Releases 10.3.0E or later next-hop-self Disables the next-hop calculation for a neighbor. Syntax next-hop-self Parameters None Default Enabled Command Mode ROUTER-NEIGHBOR-AF Usage Information Influences next-hop processing of EBGP routes to IBGP peers. The no version of this command disables the nexthop calculation. Example OS10(conf-router-neighbor-af)# next-hop-self Supported Releases 10.3.
Usage Information Enable or disable outbound optimization dynamically to reset all neighbor sessions. When you enable outbound optimization, all peers receive the same update packets. The next-hop address chosen as one of the addresses of neighbor’s reachable interfaces is also the same for the peers. The no version of this command disables outbound optimization. Example OS10(conf-router-bgp-10)# outbound-optimization Supported Releases 10.3.
Example (Static — IPv6) OS10(conf-router-bgp-102)# address-family ipv6 unicast OS10(conf-router-bgpv6-af)# redistribute static Example (OSPF — IPv4) OS10(conf-router-bgp-102)# address-family ipv4 unicast OS10(conf-router-bgpv4-af)# redistribute ospf 1 Example (OSPF — IPv6) OS10(conf-router-bgp-102)# address-family ipv6 unicast OS10(conf-router-bgpv6-af)# redistribute ospf 1 Supported Releases 10.2.0E or later route-reflector-client Configures a neighbor as a member of a route-reflector cluster.
router-id Assigns a user-given ID to a BGP router. Syntax router-id ip-address Parameters ip-address — Enter an IP address in dotted decimal format. Default First configured IP address or random number Command Mode ROUTER-BGP Usage Information Change the router ID of a BGP router to reset peer-sessions. The no version of this command resets the value to the default. Example OS10(conf-router-bgp-10)# router-id 10.10.10.40 Supported Releases 10.3.
Example (IPv4) OS10(conf-router-bgp-102)# neighbor 3.3.3.1 OS10(conf-router-neighbor)# address-family ipv4 unicast OS10(conf-router-bgp-neighbor-af)# sender-side-loop-detection Example (IPv6) OS10(conf-router-bgp-102)# neighbor 32::1 OS10(conf-router-neighbor)# address-family ipv6 unicast OS10(conf-router-bgp-neighbor-af)# no sender-side-loop-detection Supported Releases 10.3.0E or later show ip bgp Displays information that BGP neighbors exchange.
Status codes: s suppressed, S stale, d dampened, h history, * valid, > best Origin codes: i - IGP, e - EGP, ? - incomplete Network From Reuse Path d* 3.1.2.0/24 80.1.1.2 00:00:12 800 9 8 i d* 3.1.3.0/24 80.1.1.2 00:00:12 800 9 8 i d* 3.1.4.0/24 80.1.1.2 00:00:12 800 9 8 i d* 3.1.5.0/24 80.1.1.2 00:00:12 800 9 8 i d* 3.1.6.0/24 80.1.1.2 00:00:12 800 9 8 i Total number of prefixes: 5 Supported Releases 10.3.0E or later show ip bgp flap-statistics Displays BGP flap statistics on BGP routes.
Command Mode EXEC Usage Information This command provides output which displays locally advertised BGPv4 routes configured using the network command. These routes show as r for redistributed/network-learned routes. Example OS10# show ip bgp ipv4 unicast summary BGP router identifier 80.1.1.1 local AS number 102 Neighbor AS MsgRcvd MsgSent Up/Down State/Pfx 80.1.1.2 800 8 4 00:01:10 5 Supported Releases 10.3.0E or later show ip bgp ipv6 unicast Displays route information for BGP IPv6 routes.
Command Mode Usage Information EXEC • BGP neighbor — Displays the BGP neighbor address and its AS number. The last phrase in the line indicates whether the link between the BGP router and its neighbor is an external or internal one. If they are located in the same AS, the link is internal; otherwise the link is external. • BGP version — Displays the BGP version (always version 4) and the remote router ID.
Example advertised- OS10# show ip bgp ipv6 unicast neighbors 192:168:1::2 advertised-routes BGP local router ID is 100.1.1.
Total number of prefixes: 10 OS10# Supported Releases 10.3.0E or later show ip bgp peer-group Displays information on BGP peers in a peer-group. Syntax show ip bgp peer-group peer-group-name Parameters peer-group-name — (Optional) Enter the peer group name to view information about that peer-group only. Default Not configured Command Mode EXEC Usage Information Example • Peer-group — Displays the peer group name. Minimum time displays the time interval between BGP advertisements.
• AS—Displays the AS number of the neighbor • MsgRcvd—Displays the number of BGP messages that the neighbor received. • MsgSent—Displays the number of BGP messages that the neighbor sent. • Up/Down—Displays the amount of time that the neighbor is in the Established stage. If the neighbor has never moved into the Established stage, the word never displays.
Command Mode CONFIG-ROUTER-BGP Usage Information Members of a peer-group template inherit the configuration properties of the template and share the same update policy. The no version of this command removes a peer-template configuration. Example OS10(conf-router-bgp-10)# template solar OS10(conf-router-bgp-template)# Supported Releases 10.3.0E or later timers Adjusts BGP keepalive and holdtime timers.
Equal cost multi-path ECMP is a routing technique where next-hop packet forwarding to a single destination occurs over multiple best paths. OS10 uses a hashing algorithm to determine the next-hop when you enable ECMP. The hashing algorithm makes hashing decisions based on values in various packet fields as well as some internal values. • Configure the hash algorithm in CONFIGURATION mode.
hash-algorithm Changes the hash algorithm that distributes traffic flows across ECMP paths and the LAG. Syntax hash-algorithm {ecmp | lag} [crc | xor | random] Parameters • ecmp — Enables ECMP hash configuration. • lag — Enables LAG hash configuration for L2 only. • crc — (Optional) Enables CRC polynomial for hash computation. • xor — (Optional) Enables upper 8 bits of CRC and lower 8 bits of XOR value for computation.
source-ip | protocol | vlan-id | l4–destination-port | l4–source-port] | [macselection destination-mac | source-mac | ethertype | vlan-id]} Parameters Default Command Mode Usage Information • ingress-port enable — Enables load-balancing on ingress ports. • tcp-udp-selection — Enables the TCP UDP port for load-balancing configuration. • ip-selection — Enables IPv4 key parameters to use in the hash computation. • ipv6-selection — Enables IPV6 key parameters to use in hash computation.
Default Not configured Command Mode EXEC Usage Information None Example OS10# show hash-algorithm EcmpAlgo - crc LabAlgo - xor Supported Releases 10.3.0E or later IPv4 routing OS10 supports IPv4 addressing including variable-length subnetting mask (VLSM), address resolution protocol (ARP), static routing, and routing protocols. With VLSM, you can configure one network with different masks. You can also use supernetting, which increases the number of subnets.
Wavelength is 64 SFP receive power reading is 0.
ethernet 1/1/5 has IP address on subnet 100.0.0.0/8, and if 10.1.1.0/24 recursively resolves to 100.1.1.1, the system installs the static route: • When the interface goes down, OS10 withdraws the route. • When the interface comes up, OS10 reinstalls the route. • When the recursive resolution is broken, OS10 withdraws the route. • When the recursive resolution is satisfied, OS10 reinstalls the route.
• A.B.C.D/mask —Specify the IP route to be removed from the IP routing table. This option refreshes all the routes in the routing table, but the traffic flow is affected only for the specified route in the switch. Default Not configured Command Mode EXEC Usage Information This command does not remove the static routes from the routing table. Example OS10# clear ipv6 Supported Releases 10.3.0E or later route 10.1.1.0/24 ip address Configures IP address to an interface.
Default Not configured Command Mode INTERFACE Usage Information Do not use Class D (multicast) or Class E (reserved) IP addresses. Zero MAC addresses (00:00:00:00:00:00) are also invalid. The no version of this command disables IP ARP configuration. Example OS10(conf-if-eth1/1/6)# ip arp 10.1.1.5 08:00:20:b7:bd:32 Supported Releases 10.2.0E or later ip route Assigns a static route on the network device.
Command Mode EXEC Usage Information This command shows both static and dynamic ARP entries. Example (IP Address) OS10# show ip arp ip 192.168.2.2 Example (Static) OS10# show ip arp summary Protocol Address Age(min) Hardware Address Interface VLAN CPU ---------------------------------------------------------Internet 192.168.2.
-----------------------------------------------------------------C 10.1.1.0/24 via 10.1.1.1 vlan100 0/0 01:16:56 B EX 10.1.2.0/24 via 10.1.2.1 vlan101 20/0 01:16:56 O 10.1.3.0/24 via 10.1.3.1 vlan102 110/2 01:16:56 B IN 10.1.4.0/24 via 10.1.4.1 vlan103 200/0 01:16:56 Supported Releases 10.2.0E or later IPv6 routing OS10 supports IPv6 routing and addressing, including the Neighbor Discovery protocol, stateless IPv6 address autoconfiguration, and stateful IPv6 address configuration.
The router redirect functionality in the Neighbor Discovery protocol (NDP) is similar to IPv4 router redirect messages. NDP uses ICMPv6 redirect messages (Type 137) to inform nodes that a better router exists on the link. IPv6 addresses An IPv6 address consists of a 48-bit global routing prefix, optional 16-bit subnet ID (referred to as the site-level aggregator or SLA), and a 64-bit interface identifier in the extended universal identifier (EUI)-64 format.
You can also manually configure an IPv6 address by assigning: • A network prefix and the 64-bit interface ID in EUI-64 format (ipv6 address eui64 command) • A link-local address to be used instead of the link-local address that is automatically configured when IPv6 is enabled (ipv6 address link-local command) To remove all IPv6 addresses from an interface, enter the no ipv6 address autoconfig command.
View IPv6 information Use the show ipv6 route command to view configuration information specific to IPv6, or use the show address ipv6 command to view the IPv6 address information View IPv6 connected information OS10# show ipv6 route connected Codes: C - connected S - static B - BGP, IN - internal BGP, EX - external BGP O - OSPF,IA - OSPF inter area, N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2, E1 - OSPF external type 1, E2 - OSPF external type 2, > - non-active route Gateway of last reso
ipv6 address Configures an IPv6 address on an interface. Syntax ipv6 address ipv6–address/prefix-length Parameters ipv6-address/prefix-length — Enter an IPv6 address with the network prefix length. Defaults None Command Mode INTERFACE Usage Information • An interface can have multiple IPv6 addresses. To configure an IPv6 address in addition to the link-local address, enter the ipv6 address ipv6-address/mask command.
Defaults None Command Mode INTERFACE Usage Information The no version of this command disables the DHCP operations on the interface. Example OS10(config)# interface mgmt 1/1/1 OS10(conf-if-ma-1/1/1)# ipv6 address dhcp Supported Releases 10.3.0E or later ipv6 route Configures a static IPv6 static route. Syntax Parameters ipv6 route ipv6–prefix mask {next-hop | interface interface [route-preference]} • ipv6-prefix—Enter the IPv6 address in X:X:.X:X.
Usage Information None Example (All) OS10# show ipv6 route all Codes: C - connected S - static B - BGP, IN - internal BGP, EX - external BGP O - OSPF,IA - OSPF inter area, N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2, E1 - OSPF external type 1, E2 - OSPF external type 2, > - non-active route Gateway of last resort is not set Destination Gateway Dist/Metric Last Change --------------------------------------------------------- Example (Connected) OS10# show ipv6 route connected Codes: C
Areas allow you to further organize routers within the AS with one or more areas within the AS. Areas are valuable in that they allow subnetworks to hide within the AS—minimizing the size of the routing tables on all routers. An area within the AS may not see the details of another area’s topology. An area number or the router’s IP address identifies AS areas. Areas, networks, and neighbors The backbone of the network is Area 0, also called Area 0.0.0.0, the core of any AS.
Router types Router types are attributes of the OSPF process—multiple OSPF processes may run on the same router. A router connected to more than one area, receiving routing from a BGP process connected to another AS, acts as both an area border router and an autonomous system border router. Each router has a unique ID, written in decimal format—A.B.C.D. You do not have to associate the router ID with a valid IP address.
Designated and backup designated routers OSPF elects a designated router (DR) and a backup designated router (BDR). The DR is responsible for generating LSAs for the entire multiaccess network. Designated routers allow a reduction in network traffic and in the size of the topological database. Designated router Maintains a complete topology table of the network and sends updates to the other routers via multicast. All routers in an area form a slave/master relationship with the DR.
(OSPFv2), IntraArea Prefix LSA (OSPFv3) Type 11—Grace LSA Link-local opaque LSA for OSPFv3 only is sent during a graceful restart by an OSPFv3 router. (OSPFv3) The LSA header is common to LSA types. Its size is 20 bytes. One of the fields of the LSA header is the link-state ID. Each router link is defined as one of four types—type 1, 2, 3, or 4. The LSA includes a link ID field that identifies the object this link connects to, by the network number and mask.
OSPFv2 OSPFv2 supports IPv4 address families. OSPFv2 routers initially exchange hello messages to set up adjacencies with neighbor routers. The hello process establishes adjacencies between routers of the AS. It is not required that every router within the AS areas establish adjacencies. If two routers on the same subnet agree to become neighbors through this process, they begin to exchange network topology information in the form of LSAs.
Assign router identifier For managing and troubleshooting purposes, you can assign a router ID for the OSPFv2 process. Use the router’s IP address as the router ID. • Assign the router ID for the OSPFv2 process in ROUTER-OSPF mode router-id ip-address Assign router ID OS10(config)# router ospf 10 OS10(conf-router-ospf-10)# router-id 10.10.1.5 View OSPFv2 status OS10# show ip ospf 10 Routing Process ospf 10 with ID 10.10.1.
Network (Area 0.0.0.0) Link ID 110.1.1.2 111.1.1.1 111.2.1.1 112.1.1.1 112.2.1.1 ADV Router 112.2.1.1 111.2.1.1 111.2.1.1 112.2.1.1 112.2.1.1 Age 1287 1458 1458 1372 1372 Seq# 0x80000008 0x80000008 0x80000008 0x80000008 0x80000008 Checksum 0xd2b1 0x1b8f 0x198f 0x287c 0x267c Summary Network (Area 0.0.0.0) Passive interfaces A passive interface does not send or receive routing information. Configuring an interface as a passive interface suppresses both receiving and sending routing updates.
When you disable fast-convergence, origination and arrival LSA parameters are set to 0 msec and 1000 msec, respectively. Setting the convergence parameter from 1 to 4 indicates the actual convergence level. Each convergence setting adjusts the LSA parameters to zero, but the convergence-level parameter changes the convergence speed. The higher the number, the faster the convergence. • Enable OSPFv2 fast-convergence and enter the convergence level in ROUTER-OSPF mode from 1 to 4.
5 Change the priority of the interface, which determines the DR for the OSPF broadcast network in INTERFACE mode, from 0 to 255. The default priority of the interface is 1. ip ospf priority number 6 Change the retransmission interval time, in seconds, between LSAs in INTERFACE mode, from 1 to 3600. The default retransmission interval time is 5. The retransmit interval must be the same on all routers in the OSPF network.
Default route You can generate an external default route and distribute the default information to the OSPFv2 routing domain. • To generate the default route, use the default-information originate [always] command in ROUTER-OSPF mode.
OSPFv2 authentication You can enable OSPF authentication either with clear text or with MD5. • • Set a clear text authentication scheme on the interface in INTERFACE mode. ip ospf authentication-key key Set MD5 authentication in INTERFACE mode.
• View summary information for the OSPF database in EXEC mode. show ip ospf database • View the configuration of OSPF neighbors connected to the local router in EXEC mode. show ip ospf neighbor • View routes that OSPF calculates in EXEC mode. show ip ospf routes prefix View OSPF configuration OS10# show running-configuration ospf ! interface ethernet1/1/1 ip ospf 100 area 0.0.0.
Usage Information The no version of this command deletes an NSSA. Example OS10(conf-router-ospf-10)# area 10.10.1.5 nssa Supported Releases 10.2.0E or later area range Summarizes routes matching an address/mask at an area in ABRs. Syntax Parameters area area-id range ip-address [no-advertise] • area-id — Set the OSPF area ID as an IP address (A.B.C.D) or number (1 to 65535). • ip-address — (Optional) Enter an IP address/mask in dotted decimal format.
Default 100000 Command Mode ROUTER-OSPF Usage Information The value set by the ipv6 ospf cost command in INTERFACE mode overrides the cost resulting from the auto-cost command. The no version of this command resets the value to the default. Example OS10(config)# router ospf 10 OS10(conf-router-ospf-10)# auto-cost reference-bandwidth 150 Supported Releases 10.2.0E or later clear ip ospf process Clears all OSPF routing tables.
Example OS10(conf-router-ospf-10)# default-metric 2000 Supported Releases 10.2.0E or later fast-converge Sets the minimum LSA origination and arrival times to zero (0) allowing more rapid route computation so that convergence takes less time. Syntax fast-converge convergence-level Parameters convergence-level — Enter a desired convergence level value (1 to 4). Default Not configured Command Mode ROUTER-OSPF Usage Information Convergence level 1 (optimal) meets most convergence requirements.
Example OS10(conf-if-vl-10)# ip ospf 10 area 5 Supported Releases 10.2.0E or later ip ospf authentication-key Configures a text authentication key to enable OSPF traffic on an interface. Syntax ip ospf authentication-key key Parameters key — Enter an eight-character string for the authentication key. Defaults Not configured Command Mode INTERFACE Usage Information To exchange OSPF information, all neighboring routers in the same network must use the same authentication key.
Example OS10(conf-if-vl-10)# ip ospf dead-interval 10 Supported Releases 10.2.0E or later ip ospf hello-interval Sets the time interval between the hello packets sent on the interface. Syntax ip ospf hello-interval seconds Parameters seconds — Enter the hello-interval value in seconds (1 to 65535). Default 10 seconds Command Mode INTERFACE Usage Information All routers in a network must have the same hello time interval between the hello packets.
interface, OSPF adjacency does not establish. The no version of this command enables the IP OSPF mtu-ignore configuration. Example OS10(conf-if-vl-10)# ip ospf mtu-ignore Supported Releases 10.2.0E or later ip ospf network Sets the network type for the interface. Syntax ip ospf network {point-to-point | broadcast} Parameters • point-to-point — Sets the interface as part of a point-to-point network. • broadcast — Sets the interface as part of a broadcast network.
Example OS10(conf-if-eth1/1/6)# ip ospf priority 4 Supported Releases 10.2.0E or later ip ospf retransmit-interval Sets the retransmission time between lost LSAs for adjacencies belonging to the interface. Syntax ip ospf retransmit-interval seconds Parameters seconds — Enter a value in seconds as the interval between retransmission (1 to 3600). Default 5 seconds Command Mode INTERFACE Usage Information Set the time interval to a number large enough to avoid unnecessary retransmission.
max-metric router-lsa Configures OSPF to advertise a maximum metric on a router so that it is not desired as an intermediate hop from other routers. Syntax max-metric router-lsa Parameters None Default Not configured Command Mode ROUTER-OSPF Usage Information Routers in the network do not prefer other routers as the next intermediate hop after they calculate the shortest path. The no version of this command disables maximum metric advertisement configuration.
Example (Connected) OS10(config)# router ospf 10 OS10(conf-router-ospf-10)# redistribute connected route-map dell2 Supported Releases 10.2.0E or later router-id Configures a fixed router ID for the OSPF process. Syntax router-id ip-address Parameters ip-address — Enter the IP address of the router as the router ID. Default Not configured Command Mode ROUTER-OSPF Usage Information Configure an arbitrary value in the IP address format for each router. Each router ID must be unique.
Supports only single TOS (TOS0) routes It is an Autonomous System Boundary Router It is Flooding according to RFC 2328 Convergence Level 0 Min LSA origination 0 msec, Min LSA arrival 1000 msec Min LSA hold time 5000 msec, Max LSA wait time 5000 msec Number of area in this router is 1, normal 1 stub 0 nssa 0 Area (0.0.0.0) Number of interface in this area is 3 SPF algorithm executed 38 times Area ranges are Supported Releases 10.2.0E or later show ip ospf asbr Displays all the ASBR visible to OSPF.
Example OS10# show ip ospf 10 database OSPF Router with ID (111.2.1.1) (Process ID 10) Router (Area 0.0.0.0) Link ID 111.2.1.1 111.111.111.1 111.111.111.2 112.2.1.1 112.112.112.1 112.112.112.2 ADV Router 111.2.1.1 111.111.111.1 111.111.111.2 112.2.1.1 112.112.112.1 112.112.112.
LS type: Summary Asbr Link State ID: 8.1.1.1 Advertising Router: 2.2.2.2 LS Seq Number: 0x80000001 Checksum: 0xB595 Length: 28 Network Mask: /0 TOS: 0 Metric: 0 Supported Releases 10.2.0E or later show ip ospf database external Displays information about the AS external (Type 5) LSAs. Syntax show ip ospf [process-id] database external Parameters process-id—(Optional) Displays AS external (Type 5) LSA information for a specified OSPF Process ID.
show ip ospf database network Displays information about network (Type 2) LSA information. Syntax show ip ospf [process-id] database network Parameters process-id — (Optional) Displays network (Type2) LSA information for a specified OSPF Process ID. If you do not enter a Process ID, this command applies only to the first OSPF process. Default Not configured Command Mode EXEC Usage Information Example • LS Age—Displays the LS age. • Options—Displays optional capabilities.
Usage Information Example • LS Age — Displays the LS age. • Options — Displays the optional capabilities available on the router. • LS Type — Displays the Link State type. • Link State ID — Identifies the router ID. • Advertising Router — Identifies the advertising router’s ID. • LS Seq Number — Identifies the LS sequence number (identifies old or duplicate LSAs). • Checksum — Displays the Fletcher checksum of an LSA’s complete contents. • Length — Displays the LSA length in bytes.
Link State ID: 13.1.1.0 Advertising Router: 2.2.2.2 LS Seq Number: 0x80000001 Checksum: 0xB0F6 Length: 36 Network Mask: /24 Metric Type: 2 TOS: 0 Metric: 20 Forward Address: 0.0.0.0 External Route Tag: 0 LS age: 65 Options: (No TOS-Capability, No DC, No Type 7/5 translation) LS type: NSSA External Link State ID: 14.1.1.0 Advertising Router: 2.2.2.2 LS Seq Number: 0x80000001 Checksum: 0xA303 Length: 36 Network Mask: /24 Metric Type: 2 TOS: 0 Metric: 20 Forward Address: 0.0.0.
Link State ID: 8.1.1.2 Advertising Router: 2.2.2.2 LS Seq Number: 0x80000008 Checksum: 0x83B8 Length: 28 Opaque Type: 8 Opaque ID: 65794 !! ! Supported Releases 10.2.0E or later show ip ospf database opaque-as Displays information about the opaque-as (Type 11) LSAs. Syntax show ip ospf [process-id] opaque—as Parameters process-id — (Optional) Displays opaque-as (Type 11) LSA information for a specified OSPF Process ID.
show ip ospf database opaque-link Displays information about the opaque-link (Type 9) LSA. Syntax show ip ospf [process-id] database opaque-link Parameters process-id — (Optional) Displays the opaque-link (Type 9) LSA information for an OSPF Process ID. If you do not enter a Process ID, this command applies only to the first OSPF process. Default Not configured Command Mode EXEC Usage Information Example • LS Age — Displays the LS age.
Example • Options—Displays optional capabilities. • LS Type—Displays the Link State type. • Link State ID—Identifies the router ID. • Advertising Router—Identifies the advertising router’s ID. • LS Seq Number—Identifies the LS sequence number (identifies old or duplicate LSAs). • Checksum—Displays the Fletcher checksum of an LSA’s complete contents. • Length—Displays the LSA length in bytes. • TOS—Displays the ToS options. Option 0 is the only option. • Metric—Displays the LSA metric.
Example • Options—Displays the optional capabilities available on the router. • LS Type—Displays the Link State type. • Link State ID—Identifies the router ID. • Advertising Router—Identifies the advertising router’s ID. • LS Seq Number—Identifies the LS sequence number (identifies old or duplicate LSAs). • Checksum—Displays the Fletcher checksum of an LSA’s complete contents. • Length—Displays the LSA length in bytes. • Network Mask—Identifies the network mask implemented on the area.
Simple password authentication enabled Neighbor Count is 0, Adjacent neighbor count is 0 Supported Releases 10.2.0E or later show ip ospf routes Displays OSPF routes received from neighbors along with parameters like cost, next-hop, area, interface, and type of route. Syntax show ip ospf [process-id] routes [prefix IP-prefix] Parameters • process-id — (Optional) Enter OSPFv2 Process ID to view information specific to the ID.
rx-ls-upd rx-ls-ack Transmit Statistics tx-failed tx-hello tx-db-des tx-ls-req tx-ls-upd tx-ls-ack Error packets (Receive bad-src mtu-mismatch resource-err lsa-bad-len netmask-mismatch options-mismatch self-orig version-mismatch Supported Releases 0 0 rx-ls-upd-bytes rx-ls-ack-bytes 0 tx-failed-bytes 0 tx-hello-bytes 0 tx-db-des-bytes 0 tx-ls-req-bytes 0 tx-ls-upd-bytes 0 tx-ls-ack-bytes statistics) 0 dupe-id 0 nbr-ignored 0 bad-lsa-len 0 lsa-bad-cksum 0 hello-tmr-mismatch 0 nbr-admin-down 0 wrong-length
Command Mode ROUTER-OSPF Usage Information The no version of this command disables the summary address. Example OS10(config)# router ospf 100 OS10(config-router-ospf-100)# summary-address 10.0.0.0/8 not-advertise Supported Releases 10.3.0E or later timers lsa arrival Configures the LSA acceptance intervals. Syntax timers lsa arrival arrival-time Parameters arrival-time — Set the interval between receiving the LSA in milliseconds (0 to 600,000).
OSPFv3 OSPFv3 is an IPv6 link-state routing protocol that supports IPv6 unicast address families (AFs). OSPFv3 is disabled by default. You must configure at least one interface, either physical or loopback. The OSPF process automatically starts when OSPFv3 is enabled for one or more interfaces. Any area besides area 0 can have any number ID assigned to it. Enable OSPFv3 1 Enable OSPFv3 globally and configure an OSPFv3 instance in CONFIGURATION mode.
Min LSA hold time 0 msec, Max Number of area in this router Area (0.0.0.0) Number of interface in SPF algorithm executed Area (0.0.0.1) Number of interface in SPF algorithm executed LSA wait time 0 msec is 2, normal 2 stub 0 nssa this area is 1 42 times this area is 1 42 times Configure Stub Areas The Type 5 LSAs are not flooded into stub areas. The ABR advertises a default route into the stub area to which it is attached. Stub area routers use the default route to reach external destinations.
Link (Type-8) Link States (Area 0.0.0.2) ADV Router Age Seq# Link ID Interface -------------------------------------------------------------199.205.134.103 42 0x80000001 12 ethernet1/1/3 202.254.156.15 54 0x80000001 12 ethernet1/1/3 Enable Passive Interfaces A passive interface is one that does not send or receive routing information. Configuring an interface as a passive interface suppresses routing updates (both receiving and sending).
5 Change the priority of the interface, which determines the DR for the OSPFv3 broadcast network in INTERFACE mode (0 to 255, default 1).
• View the configuration of OSPF neighbors connected to the local router in EXEC mode. show ipv6 ospf neighbor • View routes that OSPF calculates in EXEC mode. show ipv6 ospf routes View OSPF Configuration OS10# show running-configuration ospfv3 ! interface ethernet1/1/1 ip ospf 100 area 0.0.0.0 ! router ospf 100 log-adjacency-changes OSPFv3 Commands area stub Defines an area as the OSPF stub area. Syntax Parameters area area-id stub [no-summary] • area-id—Set the OSPFv3 area ID as an IP address (A.
clear ipv6 ospf process Clears all OSPFv3 routing tables. Syntax clear ipv6 ospf {instance-number} process Parameters instance-number — Enter an OSPFv3 instance number (1 to 65535). Default Not configured Command Mode EXEC Usage Information None Example OS10# clear ipv6 ospf 3 process Supported Releases 10.3.0E or later default-information originate Generates and distributes a default external route information to the OSPFv3 routing domain.
ipv6 ospf cost Changes the cost associated with the OSPFv3 traffic on an interface Syntax ipv6 ospf cost cost Parameters cost — Enter a value as the OSPFv3 cost for the interface (1 to 65335). Default Based on bandwidth reference Command Mode INTERFACE Usage Information If not configured, the interface cost is based on the auto-cost command. This command configures OSPFv3 over multiple vendors to ensure that all routers use the same cost value.
ipv6 ospf network Sets the network type for the interface. Syntax ipv6 ospf network {point-to-point | broadcast} Parameters • point-to-point — Sets the interface as part of a point-to-point network. • broadcast — Sets the interface as part of a broadcast network. Default Broadcast Command Mode INTERFACE Usage Information The no version of this command resets the value to the default.
log-adjacency-changes Enables logging of syslog messages about changes in the OSPFv3 adjacency state. Syntax log-adjacency-changes Parameters None Default Disabled Command Mode ROUTER-OSPFv3 Usage Information The no version of this command resets the value to the default. Example OS10(config)# router ospfv3 100 OS10(config-router-ospfv3-100)# log-adjacency-changes Supported Releases 10.3.0E or later maximum-paths Enables forwarding of packets over multiple paths.
Example (Connected) OS10((config-router-ospfv3-100)# redistribute connected route-map dell2 Supported Releases 10.3.0E or later router-id Configures a fixed router ID for the OSPFv3 process. Syntax router-id ip-address Parameters ip-address — Enter the IP address of the router as the router ID. Default Not configured Command Mode ROUTER-OSPFv3 Usage Information Configure an arbitrary value in the IP address format for each router. Each router ID must be unique.
Min LSA hold time 0 msec, Max LSA wait time 0 msec Number of area in this router is 2, normal 2 stub 0 nssa Area (0.0.0.0) Number of interface in this area is 1 SPF algorithm executed 42 times Area (0.0.0.1) Number of interface in this area is 1 SPF algorithm executed 42 times OS10# show ipv6 ospf 200 Routing Process ospfv3 200 with ID 10.0.0.
-------------------------------------------------------------------------3.3.3.3 3116 0x80000126 400::/64 3.3.3.3 3116 0x80000124 34::/64 Supported Releases 10.3.0E or later show ipv6 ospf interface Displays the configured OSPFv3 interfaces. You must enable OSPFv3 to display the output. Syntax show ipv6 ospf interface interface Parameters interface — (Optional) Enter the interface information: • ethernet — Physical interface (1 to 48) • port-channel — Port-channel interface (1 to 128).
------------------------------------------------------------------2.2.2.2 1 Full/DR 00:00:30 5 ethernet1/1/1 Supported Releases 10.3.0E or later Object tracking manager Object tracking manager (OTM) allows you to track the link status of Layer 2 interfaces, and the reachability of IP and IPv6 hosts. You can increase the availability of the network and shorten recovery time if an object state goes Down.
Figure 3. Object tracking Interface tracking You can create an object that tracks the line-protocol state of a Layer 2 interface, and monitors its operational status (Up or Down). You can configure up to 500 objects. Each object is assigned a unique ID. The no version of this command deletes the tracked object from an interface. When the link-level status goes down, the tracked resource status is also considered Down. If the link-level status goes up, the tracked resource status is also considered Up.
• Loopback — Loopback interface identifier • mgmt — Management interface 1 Configure object tracking in CONFIGURATION mode from 1 to 500. track object-id 2 (Optional) Enter the interface object tracking on the line-protocol state of a Layer 2 interface in OBJECT TRACKING mode. interface interface line-protocol 3 (Optional) Configure the time delay used before communicating a change to the status of a tracked interface in OBJECT TRACKING mode from 0 to 80 seconds; default 0.
Reachability is DOWN 1 changes, Last change 2017-04-26T06:45:31Z OS10 (conf-track-2)# Configure IPv6 host tracking OS10 (conf-track-2)# track 3 OS10 (conf-track-3)# ipv6 20::20 reachability OS10 (conf-track-3)# delay up 20 OS10 (conf-track-3)# do show track 3 IP Host 20::20 reachability Reachability is DOWN 1 changes, Last change 2017-04-26T06:47:04Z OS10 (conf-track-3)# Set tracking delays You can configure an optional Up and/or Down timer for each tracked object.
View interface object tracking information OS10# show track interface TrackID Resource Parameter Status LastChange --------------------------------------------------------------------------------1 line-protocol ethernet1/1/1 DOWN 2017-02-03T08:41:25Z1 OS10# show track ip TrackID Resource Parameter Status LastChange --------------------------------------------------------------------------------2 ipv4-reachablity 1.1.1.
• mgmt — Enter the Management interface. Defaults Not configured Command Mode CONFIGURATION Usage Information None Example OS10(conf-track-100)# interface ethernet line-protocol Supported Releases 10.3.0E or later ip reachability Configures an object to track a specific next-hop host's reachability. Syntax ip host-ip-address reachability Parameters host-ip-address — Enter the IPv4 host address.
Command Mode CONFIGURATION Usage Information Set the interval to 0 to disable the refresh. Example OS10(conf-track-100)# reachability-refresh 600 Supported Releases 10.3.0E or later show track Displays tracked object information. Syntax Parameters show track [brief] [object-id] [interface] [ip | ipv6] • brief — (Optional) Displays brief tracked object information. • object-id — (Optional) Displays the tracked object information for a specific object ID.
Policy-based routing Policy-based routing (PBR) provides a mechanism to redirect IPv4 and IPv6 data packets based on the policies defined to override the switch’s forwarding decisions based on the routing table. Policy-based route-maps A route-map is an ordered set of rules that control the redistribution of IP routes into a protocol domain. When you enable PBR on an interface, all IPv4 or IPv6 data packets received are processed based on the policies that you define in the route-maps.
Apply match parameters to IPv4 route-map OS10(conf-route-map)# route-map map1 OS10(conf-route-map)# match ip address acl5 Apply match and set parameters to IPv6 route-map OS10(conf-route-map)# route-map map1 OS10(conf-route-map)# match ipv6 address acl8 OS10(conf-route-map)# set ipv6 next-hop 20::20 Assign route-map to interface You can assign a route-map to an interface for IPv4 or IPv6 policy-based routing to an interface.
PBR commands clear route-map pbr-statistics Clears all PBR counters. Syntax clear route-map [map-name] pbr-statistics Parameters map-name—Enter the name of a configured route-map (up to 140 characters). Defaults None Command Mode EXEC Usage Information Use the clear route-map pbr-statistics command to clear all PBR counters. Example OS10# clear route-map map1 pbr-statistics Supported Releases 10.3.0E or later match address Matches the access-list to the route-map.
route-map pbr-statistics Enables counters for PBR statistics. Syntax route-map [map-name] pbr-statistics Parameters map-name—Enter the name of a configured route-map (up to 140 characters). Defaults Not configured Command Mode CONFIGURATION Usage Information None Example OS10(config)# route-map map1 pbr-statistics Supported Releases 10.3.0E or later set next-hop Sets an IPv4 or IPv6 next-hop address for policy-based routing.
show policy Displays policy information. Syntax show {ip | ipv6} policy [map-name] Parameters map-name — (Optional) Enter the name of a configured route map (up to 140 characters). Defaults None Command Mode EXEC Usage Information None Example OS10# show ip policy map-name Supported Releases 10.3.0E or later show route-map pbr-statistics Displays the current PBR statistics.
Configuration VRRP specifies a master (active) router that owns the next hop IP and MAC address for end stations on a LAN. The master router is chosen from the virtual routers by an election process and forwards packets sent to the next hop IP address. If the master router fails, VRRP begins the election process to choose a new master router which continues routing traffic. VRRP packets are transmitted with the virtual router MAC address as the source MAC address.
Create virtual router VRRP uses the VRID to identify each virtual router configured. Before using VRRP, you must configure the interface with the primary IP address and enable it. • Create a virtual router for the interface with the VRRP identifier in INTERFACE mode (1 to 255). vrrp-group vrrp-id • Delete a VRRP group in INTERFACE mode.
Set backup switches to VRRPv3 OS10_backup_switch1(config)# version 3 OS10_backup_switch2(config)# version 3 Virtual IP addresses Virtual routers contain virtual IP addresses configured for that VRRP group (VRID). A VRRP group does not transmit VRRP packets until you assign the virtual IP address to the VRRP group. To activate a VRRP group on an interface, configure at least one virtual IP address for a VRRP group.
interface ethernet1/1/2 switchport access vlan 1 no shutdown ! interface ethernet1/1/3 switchport access vlan 1 no shutdown ! interface ethernet1/1/4 switchport access vlan 1 --more-View VRRP information When the VRRP process completes initialization, the State field contains either master or backup. OS10# show vrrp brief Interface Group Priority Preemption State Master-addr Virtual addr(s) ---------------------------------------------------------------------------ethernet1/1/1 IPv4 10 100 true master 10.1.
Virtual IP address : 10.1.1.1 master-transitions : 1 advertise-rcvd : 0 advertise-interval-errors : 0 ip-ttl-errors : 0 priority-zero-pkts-rcvd : 0 priority-zero-pkts-sent : 0 invalid-type-pkts-rcvd : 0 address-list-errors : 0 pkt-length-errors : 0 Authentication Simple authentication of VRRP packets ensures that only trusted routers participate in VRRP processes. When you enable authentication, OS10 includes the password in its VRRP transmission.
! Last configuration change at Sep 24 07:17:45 2016 ! debug radius false snmp-server contact http://www.dell.com/support/softwarecontacts snmp-server location "United States" username admin password $6$q9QBeYjZ$jfxzVqGhkxX3smxJSH9DDz7/3OJc6m5wjF8nnLD7/VKx8SloIhp4NoGZs0I/ UNwh8WVuxwfd9q4pWIgNs5BKH. aaa authentication system:local ! interface ethernet1/1/5 ip address 1.1.1.1/16 no switchport no shutdown ! vrrp-group 254 priority 125 virtual-address 1.1.1.
advertisment-interval centisecs 200 priority 200 virtual-address 10.1.1.1 ! interface ethernet1/1/2 switchport access vlan 1 no shutdown Interface/object tracking You can monitor the state of any interface according to the virtual group. OS10 supports a maximum of 10 track groups and each track group can track a maximum of five interfaces. If the tracked interface goes down, the VRRP group’s priority decreases by a default value of 10 — also known as cost.
ip address 10.1.1.1/16 no switchport no shutdown ! vrrp-group 1 priority 200 virtual-address 10.1.1.1 ! interface ethernet1/1/2 switchport access vlan 1 no shutdown ! interface ethernet1/1/3 switchport access vlan 1 no shutdown ! interface ethernet1/1/4 switchport access vlan 1 no shutdown ! interface ethernet1/1/5 switchport access vlan 1 no shutdown ! interface ethernet1/1/6 switchport access vlan 1 no shutdown ! ..... .....
Example OS10(conf-eth1/1/6-vrid-250)# advertise-interval 120 centisecs 100 Supported Releases 10.2.0E or later authentication-type Enables authentication of VRRP data exchanges. Syntax Parameters authentication-type simple-text password [auth-text] • simple-text password — Enter a simple text password. • auth-text — (Optional) Enter a character string up to eight characters long as a password.
Usage Information To guarantee that a VRRP group becomes master, configure the VRRP group’s virtual address with same IP address as the interface’s primary IP address, and change the priority of the VRRP group to 255. If you set this command to 255 and the virtual-address is not equal to the interface’s primary IP address, the system displays an error message. The no version of this command resets the value to the default (100). Example OS10(conf-eth1/1/5-vrid-254)# priority 200 Supported Releases 10.
• priority cost value — (Optional) Enter a cost value to subtract from the priority value (1 to 254) Default 10 Command Mode INTERFACE-VRRP Usage Information If the interface is disabled, the cost value subtracts from the priority value and forces a new Master election. This election process is applicable when the priority value is lower than the priority value in the Backup virtual router. The no version of this command resets the value to the default.
enter or delete the virtual-address command. To guarantee that a VRRP group becomes Master, configure the VRRP group’s virtual address with the same IP address as the interface’s primary IP address and change the priority of the VRRP group to 255. You can ping the virtual addresses configured in all VRRP groups. The no version of this command deletes one or more virtual-addresses configured in the system. Example OS10(conf-eth1/1/5-vrid-254)# virtual address 10.1.1.15 Supported Releases 10.2.
Parameters • 2 — Set to VRRP version 2. • both — Allows in-service migration from VRRP version 2 to VRRP version 3. • 3 — Set to VRRP version 3. Default Not configured Command Mode CONFIGURATION Usage Information Use the both parameter to migrate from VRRPv2 to VRRPv3. When you set the VRRP protocol version to both, the device sends only VRRPv3 advertisements but can receive either VRRPv2 or VRRPv3 packets. The no version of this command disables the VRRP protocol version for the IPv4 group.
6 System management Dynamic host configuration protocol Provides information to dynamically assign IP addresses and other configuration parameters to network hosts based on policies (see DHCP commands). Network time protocol Provides information about how to synchronize timekeeping between time servers and clients (see NTP commands). Security Provides information about role-based access control, RADIUS server, user roles, and user names (see Security eommands).
The table shows common options using DHCP packet formats.
DHCP automates network-parameter assignment to network devices. Even in small networks, DHCP is useful because it makes it easier to add new devices to the network. The DHCP access service minimizes the overhead required to add clients to the network by providing a centralized, server-based setup. This setup means you do not have to manually create and maintain IP address assignments for clients.
Address lease time Use the lease {days [hours] [minutes] | infinite} command to configure an address lease time (default 24 hours). OS10(config)# ip dhcp server OS10(conf-dhcp)# pool Dell OS10(conf-dhcp-Dell)# lease 36 Default gateway Ensure the IP address of the default router is on the same subnet as the client. 1 Enable DHCP server-assigned dynamic addresses on an interface in CONFIGURATION mode. ip dhcp server 2 Create an IP address pool and provide a name in DHCP mode.
NetBIOS WINS address resolution DHCP clients can be one of four types of NetBIOS nodes — broadcast, peer-to-peer, mixed, or hybrid. Dell EMC recommends using hybrid as the NetBIOS node type. 1 Enable DHCP server-assigned dynamic addresses on an interface in DHCP mode. ip dhcp server 2 Create an IP address pool and enter the pool name in DHCP mode. pool name 3 Enter the NetBIOS WINS name servers in order of preference that are available to DHCP clients in DHCP mode.
View DHCP Information Use the show ip dhcp binding command to view the DHCP binding table entries. View DHCP Binding Table OS10# show ip dhcp binding IP Address Hardware address Lease expiration Hostname +-------------------------------------------------------------------------11.1.1.
DHCP commands default-router address Assigns a default gateway to clients based on the IP address pool. Syntax default-router address [address2...address8] Parameters • address — Enter an IPv4 or IPv6 address to use as the default gateway for clients on the subnet in A.B.C.D or A::B format. • address2...address8 — (Optional) Enter up to eight IP addresses, in order of preference.
Command Mode DHCP-POOL Usage Information None Example OS10(conf-dhcp-Dell)# dns-server 192.168.1.1 Supported Releases 10.2.0E or later domain-name Configures the name of the domain where the device is located. Syntax domain-name domain-name Parameters domain-name — Enter the name of the domain (up to 32 characters). Default Not configured Command Mode DHCP-POOL Usage Information This is the default domain name that appends to hostnames that are not fully qualified.
Example OS10(conf-dhcp-Dell)# host 20.1.1.100 Supported Releases 10.2.0E or later ip dhcp server Enters DHCP mode. Syntax ip dhcp server Parameters None Default Not configured Command Mode CONFIGURATION Usage Information This command is used to enter DHCP mode. Example OS10(config)# ip dhcp server OS10(conf-dhcp)# Supported Releases 10.2.0E or later ip helper-address Forwards UDP broadcasts received on an interface to the DHCP server.
Default 24 hours Command Mode DHCP-POOL Usage Information The no version of this command removes the lease configuration. Example OS10(conf-dhcp-Dell)# lease 2 5 10 Example (Infinite) OS10(conf-dhcp-Dell)# lease infinite Supported Releases 10.2.0E or later netbios-name-server address Configures a NetBIOS WINS server which is available to DHCP clients. Syntax netbios-name-server ip-address [address2...address8] Parameters ip-address — Enter the address of the NetBIOS WINS server. address2...
network Configures a range of IPv4 or IPv6 addresses in the address pool. Syntax network address/mask Parameters address/mask — Enter a range of IP addresses and subnet mask in A.B.C.D/x or A::B/x format. Default Not configured Command Mode DHCP-POOL Usage Information Use this command to configure a range of IPv4 or IPv6 addresses. Example OS10(config-dhcp-Dell)# network 20.1.1.1/24 Supported Releases 10.2.0E or later pool Creates an IP address pool name.
DNS commands OS10 supports the configuration of a DNS host and domain parameters. ip domain-list Adds a domain name to the DNS list. This domain name appends to incomplete hostnames in DNS requests. Syntax Parameters ip domain-list [server-name] name • server-name — (Optional) Enter the server name to add a domain name to the DNS list. • name — Enter the name of the domain to append to the DNS list.
Default Not configured Command Mode CONFIGURATION Usage Information The name-to-IP address table uses this mapping information to resolve host names. The no version of this command disables the mapping. Example OS10(config)# ip host dell 1.1.1.1 Supported Releases 10.2.0E or later ip name-server Configures up to a three IPv4 or IPv6 addresses used for network name servers.
--------------------------------------------dell-pc1 20.1.1.1 Supported Releases 10.2.0E or later Network time protocol NTP synchronizes timekeeping among a set of distributed time servers and clients. The protocol coordinates time distribution in a large, diverse network. NTP clients synchronize with NTP servers that provide accurate time measurement. NTP clients choose from several NTP servers to determine which offers the best available source of time and the most reliable transmission of information.
View system clock state OS10(config)# do show system peer: system peer mode: leap indicator: stratum: precision: root distance: root dispersion: reference ID: reference time: system flags: jitter: stability: broadcastdelay: authdelay: ntp status 0.0.0.0 unspec 11 16 -22 0.00000 s 1.28647 s [73.78.73.84] 00000000.00000000 Mon, Jan monitor ntp kernel stats 0.000000 s 0.000 ppm 0.000000 s 0.000000 s 1 1900 0:00:00.
• vlan — Enter the keyword and VLAN number (1 to 4094). • loopback — Enter the keyword and number (0 to 16383). • mgmt — Enter the keyword and node/slot/port information (default 1/1/1). Configure source IP address OS10(config)# ntp source ethernet 1/1/10 View source IP configuration OS10(config)# do show running-configuration | grep source ntp source ethernet1/1/1 Authentication NTP authentication and the corresponding trusted key provide a reliable exchange of NTP packets with trusted time sources.
NTP commands ntp authenticate Enables authentication of NTP traffic between the device and the NTP time serving hosts. Syntax ntp authenticate Parameters None Default Not configured Command Mode CONFIGURATION Usage Information You must also configure an authentication key for NTP traffic using the ntp authentication-key command. The no version of this command disables NTP authentication. Example OS10(config)# ntp authenticate Supported Releases 10.2.
Default Not configured Command Mode INTERFACE Usage Information The no version of this command disables broadcast. Example OS10(conf-if-eth1/1/1)# ntp broadcast client Supported Releases 10.2.0E or later ntp disable By default, NTP is enabled on all interfaces. Prevents an interface from receiving NTP packets.
• prefer — (Optional) Configures this peer to have priority over other servers. Default Not configured Command Mode CONFIGURATION Usage Information You can configure multiple time-serving hosts. From these time-serving hosts, the system chooses one NTP host to synchronize with. To determine which server to select, use the show ntp associations command. Dell EMC recommends limiting the number of hosts you configure, as many polls to the NTP hosts can impact network performance.
Supported Releases 10.2.0E or later show ntp associations Displays the NTP master and peers. Syntax show ntp associations Parameters None Default Not configured Command Mode EXEC Usage Information Example • (none) — One or more of the following symbols displays: • * — Synchronized to this peer. • # — Almost synchronized to this peer. • + — Peer was selected for possible synchronization. • - — Peer is a candidate for selection. • ~ — Peer is statically configured.
Command Mode EXEC Usage Information Use this command to view NTP status information. Example (Status) OS10# show ntp status system peer: 0.0.0.0 system peer mode: unspec leap indicator: 11 stratum: 16 precision: -22 root distance: 0.00000 s root dispersion: 1.28647 s reference ID: [73.78.73.84] reference time: 00000000.00000000 Mon, Jan 1 1900 0:00:00.000 system flags: monitor ntp kernel stats jitter: 0.000000 s stability: 0.000 ppm broadcastdelay: 0.000000 s authdelay: 0.
Parameters time Enter time in the format hour:minute:second, where hour is 1 to 24; minute is 1 to 60; second is 1 to 60. For example, enter 5:15 PM as 17:15:00. year-month-day Enter year-month-day in the format YYYY-MM-DD, where YYYY is a four-digit year, such as 2016; MM is a month from 1 to 12; DD is a day from 1 to 31. Default Not configured Command Mode EXEC Usage Information Use this command to reset the system time if the system clock is out of synch with the NTP time.
Session-ID User In-rpcs In-bad-rpcs Out-rpc-err Out-notify Login-time Lock ------------------------------------------------------------------------------------------3 snmp_user 114 0 0 0 2017-07-10T23:58:39Z 4 snmp_user 57 0 0 0 2017-07-10T23:58:40Z 6 admin 17 0 0 4 2017-07-12T03:55:18Z *7 admin 10 0 0 0 2017-07-12T04:42:55Z OS10# User session management commands exec-timeout Configure timeout in seconds for all the user sessions.
Usage Information Use this command to view information about the active user management sessions.
Example OS10(config)# ip telnet server enable Example (disable) OS10(config)# no ip telnet server enable Supported Releases 10.3.1E or later UFT modes Unified Forwarding Table (UFT) gives the flexibility to configure the sizes of internal L2/L3 forwarding tables of a switch to match the needs of particular network environment. A switch in a Layer 2 network may require a larger MAC address table size, while a switch in a Layer 3 network may require a larger routing table size.
Configure UFT modes Available UFT modes include L2 MAC table, L3 host table, or L3 route table sizes. • Select a mode to initialize the maximum table size in CONFIGURATION mode. hardware forwarding-table mode [scaled-l2 | scaled-l3-routes | scaled-l3-hosts] • Disable UFT mode in CONFIGURATION mode.
Supported Releases 10.3.0E or later show hardware forwarding-table mode Displays the current hardware forwarding table mode, and the mode after the next boot. Syntax show hardware forwarding-table mode Parameters None Defaults None Command Mode EXEC Usage Information Use this command to view the current hardware forwarding table mode and the mode after the next boot.
The authentication methods in the method list are executed in the order in which they are configured. You can re-enter the methods to change the order. If a console user logs in with RADIUS authentication, the privilege-level applies from the RADIUS server if you configured the privilege-level for that user in RADIUS. NOTE: You must configure the group name (level) on the RADIUS server using the vendor-specific attribute or the authentication fails.
View RADIUS server host configuration OS10# show running-configuration ... radius-server host 1.2.4.5 key mysecret ... Delete RADIUS server host OS10# no radius server host 1.2.4.5 Server host settings Configure global communication parameters and specific host parameters for the RADIUS server. If you configure both global and specific host parameters, the specific host parameters override the global parameters for that RADIUS server host.
• name — Text string for the user name (up to 63 characters). • encryption-type — Type of encryption to use. SHA512 (default), SHA256, or MD5. • password — Clear-text or hashed password string (up to 32 characters). • role — Use netoperator (default) or sysadmin for the role type.
Example OS10(config)# aaa authentication radius Supported Releases 10.2.0E or later ip ssh server challenge-response-authentication Enable challenge response authentication in an SSH server. Syntax ip ssh server challenge-response-authentication Parameters None Default Disabled Command Mode CONFIGURATION Usage Information The no version of this command disables the challenge response authentication. Example OS10(config)# ip ssh server challenge-response-authentication Supported Releases 10.
Usage Information The no version of this command removes the configuration. Example OS10(config)# ip ssh server cipher 3des-cbc aes128-cbc Supported Releases 10.3.0E or later ip ssh server enable Enable the SSH server. Syntax ip ssh server enable Parameters None Default Enabled Command Mode CONFIGURATION Usage Information The no version of this command disables the SSH server. Example OS10(config)# ip ssh server enable Supported Releases 10.3.
Default • ecdh-sha2-nistp384 • ecdh-sha2-nistp521 • curve25519-sha256 • diffie-hellman-group14-sha1 • diffie-hellman-group-exchange-sha256 • ecdh-sha2-nistp256 • ecdh-sha2-nistp384 • ecdh-sha2-nistp521 Command Mode CONFIGURATION Usage Information The no version of this command removes the configuration. Example OS10(config)# ip ssh server kex curve25519-sha256 diffie-hellman-group1-sha1 Supported Releases 10.3.
• umac-64@openssh.com • umac-128@openssh.com • hmac-sha1-etm@openssh.com • hmac-sha2-256-etm@openssh.com • hmac-sha2-512-etm@openssh.com • umac-64-etm@openssh.com • umac-128-etm@openssh.com Command Mode CONFIGURATION Usage Information The no version of this command removes the configuration. Example OS10(config)# ip ssh server mac hmac-md5 hmac-md5-96 hmac-ripemd160 Supported Releases 10.3.
ip ssh server pubkey-authentication Enable public key authentication in an SSH server. Syntax ip ssh server pubkey-authentication Parameters None Default Enabled Command Mode CONFIGURATION Usage Information The no version of this command disables the public key authentication. Example OS10(config)# ip ssh server pubkey-authentication Supported Releases 10.3.0E or later radius-server host Configures the RADIUS server hostname.
Parameters value — Enter the authentication key value known both to the RADIUS client and server. Default Not configured Command Mode CONFIGURATION Usage Information The no version of this command resets the value to the default. Example OS10(config)# radius-server key md5 Supported Releases 10.2.0E or later radius-server retransmit Configures the number of attempts to retry the RADIUS server.
Usage Information Use this command to view information about the established SSH sessions. Example OS10# show ip ssh SSH Server: Enabled -------------------------------------------------SSH Server Ciphers: chacha20-poly1305@openssh.com,aes128-ctr, aes192-ctr,aes256-ctr, aes128-gcm@openssh.com,aes256-gcm@openssh.com SSH Server MACs: umac-64-etm@openssh.com,umac-128-etm@openssh.com, hmac-sha2-256-etm@openssh.com,hmac-sha2-512etm@openssh.com, hmac-sha1-etm@openssh.com,umac-64@openssh.com, umac-128@openssh.
• password — (Optional) Enter a password string (up to 32 characters). • role — (Optional) Enter sysadmin or netoperator (default). Default Clear-text Command Mode CONFIGURATION Usage Information You can only use the encryption-type parameter with the password parameter. The no version of this command deletes authentication for a user. Example OS10(config)# username smith password MD5 newuser sysadmin Supported Releases 10.2.
Default Not configured Command Mode CONFIGURATION Usage Information The no version of this command deletes the SNMP server contact information. Example OS10(config)# snmp-server contact administrator Supported Releases 10.2.0E or later snmp-server location Configures the location of the SNMP server. Syntax snmp-server location text Parameters text — Enter an alphanumeric string (up to 55 characters).
Image download OS10# image download ftp://userid:passwd@hostip/filepath Image install OS10# image install image://filename.bin Image upgrade OS10# image upgrade ftp://userid:passwd@hostip/filepath Show version OS10# show version Dell EMC Networking OS10 Enterprise Copyright (c) 1999-2017 by Dell Inc. All Rights Reserved. OS Version: 10.3.1E Build Version: 10.3.
Upgrade commands boot system Sets the boot partition to use during the next reboot. Syntax boot system {active | standby} Parameters • active — Reset the running partition as the next boot partition. • standby — Set the standby partition as the next boot partition. Default Active Command Mode EXEC Usage Information Use this command to configure the location of the OS10 image used to reload the software at boot time. Use the show boot command to view the configured next boot image.
Usage Information Duplicate the active, running software image to the standby image location. Example OS10# image copy active-to-standby Supported Releases 10.2.0E or later image download Downloads a new software image to the local file system. Syntax image download file-url Parameters file-url — Set the path to the image file: • ftp://userid:passwd@hostip/filepath — Enter the path to copy from the remote FTP server.
Usage Information Use the show image status command to view the installation progress. Example OS10# image install ftp://10.206.28.174/PKGS_OS10-Enterprise-10.2.0E.190installer-x86_64.bin Supported Releases 10.2.0E or later image upgrade Upgrades to software image. Syntax image upgrade file-url Parameters • file-url — Location of the image file: • ftp://userid:passwd@hostip/filepath — Enter the path to upgrade from a remote FTP server.
--------------------------------------------------------Node-id 1 Flash Boot [B] 10.2.0E [A] 10.2.0E [B] active Example (Detail) OS10# show boot detail Current system image information detail: ========================================== Type: Node-id 1 Boot Type: Flash Boot Active Partition: B Active SW Version: 10.2.0E Active Kernel Version: Linux 3.16.7-ckt25 Active Build Date/Time: 2016-10-03T23:11:14Z Standby Partition: A Standby SW Version: 10.2.
Default Not configured Command Mode EXEC Usage Information None Example OS10# show version Dell EMC Networking OS10-Enterprise Copyright (c) 1999-2017 by Dell EMC Inc. All Rights Reserved. OS Version: 10.2.9999E Build Version: 10.2.9999E(4265) Build Time: 2017-04-13T06:00:50.738-07:00 System Type: S6000-ON Architecture: x86_64 Up Time: 2 weeks 1 day 10:27:15 Supported Releases 10.2.
7 Access Control Lists OS10 uses two types of access policies — hardware-based ACLs and software-based route-maps. Use an ACL to filter traffic and drop or forward matching packets. To redistribute routes that match configured criteria, use a route-map. ACLs ACLs are a filter containing criterion to match; for example, examine IP, TCP, or UDP packets, and an action to take such as forwarding or dropping packets at the NPU. ACLs permit or deny traffic based on MAC and/or IP addresses.
Ingress and egress hot-lock ACLs allow you to append or delete new rules into an existing ACL without disrupting traffic flow. Existing entries in the CAM shuffle to accommodate the new entries. Hot-lock ACLs are enabled by default and support ACLs on all platforms. NOTE: Hot-lock ACLs support ingress ACLs only. MAC ACLs MAC ACLs filter traffic on the Layer 2 (L2) header of a packet.
Permit all packets on interface OS10(config)# ip access-list ABC OS10(conf-ipv4-acl)# permit ip any 10.1.1.1/32 OS10(conf-ipv4-acl)# deny ip any 10.1.1.1/32 fragments L3 ACL rules Use ACL commands for L3 packet filtering. TCP packets from host 10.1.1.1 with the TCP destination port equal to 24 are permitted, and all others are denied. TCP packets that are first fragments or non-fragmented from host 10.1.1.
Assign sequence number to filter IP ACLs filter on source and destination IP addresses, IP host addresses, TCP addresses, TCP host addresses, UDP addresses, and UDP host addresses. Traffic passes through the filter by filter sequence. Configure the IP ACL by first entering IP ACCESS-LIST mode and then assigning a sequence number to the filter. User-provided sequence number • Enter IP ACCESS LIST mode by creating an IP ACL in CONFIGURATION mode.
• Egress L2 ACL Table 5. L2 and L3 targeted traffic L2 ACL / L3 ACL Targeted traffic Deny / Deny L3 ACL denies Deny / Permit L3 ACL permits Permit / Deny L3 ACL denies Permit / Permit L3 ACL permits Assign and apply ACL filters To filter an Ethernet interface, a port-channel interface, or a VLAN, assign an IP ACL filter to a physical interface. The IP ACL applies to all traffic entering a physical or port-channel interface.
• Apply the ACL as an inbound or outbound ACL on an interface in CONFIGURATION mode, and view the number of packets matching the ACL. show ip access-list {in | out} Ingress ACL filters To create an ingress ACL filter, use the ip access-group command in EXEC mode. To configure ingress, use the in keyword. Apply rules to the ACL with the ip access-list acl-name command. To view the access-list, use the show access-lists command.
ethernet1/1/29 seq 10 deny ip any any fragment count (100 packets) Clear access-list counters Clear IPv4, IPv6, or MAC access-list counters for a specific access-list or all lists. The counter counts the number of packets that match each permit or deny statement in an access-list. To get a more recent count of packets matching an access-list, clear the counters to start at zero. If you do not configure an access-list name, all IP access-list counters clear.
Route-maps Route-maps a series of commands that contain a matching criterion and action. They change the packets meeting the matching criterion. ACLs and prefix-lists can only drop or forward the packet or traffic while route-maps process routes for route redistribution. For example, use a route-map to filter only specific routes and to add a metric. • Route-maps also have an implicit deny.
View route-map configuration OS10(conf-router-bgp-neighbor-af)# do show route-map route-map test1, deny, sequence 10 Match clauses: ip address prefix-list p1 Set clauses: route-map test2, permit, sequence 10 Match clauses: ip address prefix-list p1 Set clauses: route-map test3, deny, sequence 10 Match clauses: ip address prefix-list p2 Set clauses: route-map test4, permit, sequence 10 Match clauses: ip address prefix-list p2 Set clauses: Match routes Configure match criterion for a route-map.
• Enter an ORIGIN attribute in ROUTE-MAP mode. set origin {egp | igp | incomplete} • Enter a tag value for the redistributed routes in ROUTE-MAP mode, from 0 to 4294967295. set tag tag-value • Enter a value as the route’s weight in ROUTE-MAP mode, from 0 to 65535. set weight value Check set conditions OS10(config)# route-map ip permit 1 OS10(conf-route-map)# match metric 2567 continue Clause Only BGP route-maps support the continue clause.
If you configure the flow-based enable command and do not apply an ACL on the source port or the monitored port, both flow-based monitoring and port mirroring do not function. Flow-based monitoring is supported only for ingress traffic. The show monitor session session-id command displays output which indicates if a particular session is enabled for flowmonitoring. View flow-based monitoring OS10# show monitor session 1 S.
View monitor sessions OS10(conf-if-eth1/1/1)# show monitor session all S.Id Source Destination Dir SrcIP DstIP DSCP TTL State Reason ---------------------------------------------------------------------------1 ethernet1/1/1 ethernet1/1/4 both N/A N/A N/A N/A true Is UP ACL commands clear ip access-list counters Clears ACL counters for a specific access-list.
clear mac access-list counters Clears counters for a specific or all MAC access lists. Syntax clear mac access-list counters [access-list-name] Parameters access-list-name — (Optional) Enter the name of the MAC access list to clear counters. A maximum of 140 characters. Default Not configured Command Mode EXEC Usage Information If you do not enter an access-list name, all MAC access-list counters clear.
Example OS10(config)# ip access-list testflow OS10(conf-ipv4-acl)# deny udp any any capture session 1 count Supported Releases 10.2.0E or later deny (IPv6) Configures a filter to drop packets with a specific IPv6 address.
• any — (Optional) Set routes which are subject to the filter. • protocol-number — (Optional) MAC protocol number identified in the header, from 600 to ffff. • capture — (Optional) Capture packets the filter processes. • cos — (Optional) CoS value, from 0 to 7. • count — (Optional) Count packets the filter processes. • vlan — (Optional) VLAN number, from 1 to 4094.
deny icmp (IPv6) Configures a filter to drop all or specific ICMP messages. Syntax deny icmp [A::B | A::B/x | any | host ipv6-address] [A::B | A::B/x | any | host ipv6-address] [capture | count [byte] | dscp value | fragment] Parameters • A::B — Enter the IPv6 address in hexadecimal format separated by colons. • A::B/x — Enter the number of bits to match to the IPv6 address.
Usage Information OS10 cannot count both packets and bytes; when you use the count byte options, only bytes increment. The no version of this command removes the filter. Example OS10(config)# ip access-list testflow OS10(conf-ipv4-acl)# deny ip any any capture session 1 count Supported Releases 10.2.0E or later deny ipv6 Configures a filter to drop all or specific packets from an IPv6 address.
• • byte — (Optional) Count bytes the filter processes. • dscp value — (Optional) Deny a packet based on the DSCP values, from 0 to 63. • fragment — (Optional) Use ACLs to control packet fragments. • eq — (Optional) Deny packets which are equal to. • ack — (Optional) Set the bit as acknowledgement. • fin — (Optional) Set the bit as finish—no more data from sender. • psh — (Optional) Set the bit as push. • rst — (Optional) Set the bit as reset. • syn — (Optional) Set the bit as synchronize.
Supported Releases 10.2.0E or later deny udp Configures a filter to drop user datagram protocol (UDP) packets meeting the filter criteria. Syntax Parameters deny udp [A.B.C.D | A.B.C.D/x | any | host ip-address [eq]] [A.B.C.D | A.B.C.D/x | any | host ip-address [eq]] [ack | fin | psh | rst | syn | urg] [capture |count [byte] | dscp value | fragment] • A.B.C.D — Enter the IP address in dotted decimal format. • A.B.C.D/x — Enter the number of bits to match to the dotted decimal address.
• • any — (Optional) Enter for all routes to be subject to the filter: • capture — (Optional) Capture packets the filter processes. • count — (Optional) Count packets the filter processes. • byte — (Optional) Count bytes the filter processes. • dscp value — (Optional) Deny a packet based on the DSCP values, from 0 to 63. • fragment — (Optional) Use ACLs to control packet fragments. • eq — (Optional) Deny packets which are equal to. • ack — (Optional) Set the bit as acknowledgement.
• in — Apply the ACL to incoming traffic. • out — Apply the ACL to outgoing traffic. Default Not configured Command Mode INTERFACE Usage Information The no version of this command deletes an IP ACL configuration. Example OS10(conf-if-eth1/1/8)# ip access-group testgroup in Supported Releases 10.2.0E or later ip access-list Creates an IP access list to filter based on an IP address. Syntax ip access-list access-list-name Parameters access-list-name — Enter the name of an IPv4 access list.
ip as-path permit Defines a BGP access-list. Syntax ip as-path access-list name permit ASNumber Parameters • name — Enter an access-list name, from 1 to 140. • ASNumber — Enter the AS number. Defaults Not configured Command Mode CONFIGURATION Usage Information The no version of this command removes the access-list. Example OS10(config)# ip as-path access-list abc permit 200 Supported Release 10.3.
ip community–list standard permit Creates a standard community list for BGP to permit access. Syntax Parameters ip community-list standard name permit {aa:nn | no-advertise | local-as | noexport | internet} • name — Enter the name of the standard community list used to identify one more deny groups of communities.
ip extcommunity-list standard permit Creates an extended community list for BGP to permit access. Syntax ip extcommunity-list standard name permit {4byteas-generic | rt | soo} Parameters • name — Enter the name of the community list used to identify one or more permit groups of extended communities. • rt — Enter the route target. • soo — Enter the route origin or site-of-origin.
• le — Enter to indicate the network address is less than or equal to the range specified. • prefix-len — Enter the prefix length. Defaults Not configured Command Mode CONFIGURATION Usage Information The no version of this command removes the specified prefix-list. Example OS10(config)# ip prefix-list denyprefix deny 10.10.10.2/16 le 30 Supported Release 10.3.0E or later ip prefix-list permit Creates a prefix-list to permit route filtering from a specified network address.
Usage Information The no version of this command removes the specified prefix list. Example OS10(config)# ip prefix-list seqprefix seq 65535 deny 10.10.10.1/16 ge 10 Supported Release 10.3.0E or later ip prefix-list seq permit Configures a filter to permit route filtering from a specified prefix list. Syntax ipv6 prefix-list [name] seq num permit A::B/x [ge | le} prefix-len Parameters • name — Enter the name of the prefix list. • num — Enter the sequence list number. • A.B.C.
ipv6 access-list Creates an IP access list to filter based on an IPv6 address. Syntax ipv6 access-list access-list-name Parameters access-list-name — Enter the name of an IPv6 access list. A maximum of 140 characters. Default Not configured Command Mode CONFIGURATION Usage Information None Example OS10(config)# ipv6 access-list acl6 Supported Release 10.2.0E or later ipv6 prefix-list deny Creates a prefix list to deny route filtering from a specified IPv6 network address.
Usage Information The no version of this command removes the specified prefix list. Example OS10(config)# ipv6 prefix-list TEST description TEST_LIST Supported Release 10.3.0E or later ipv6 prefix-list permit Creates a prefix-list to permit route filtering from a specified IPv6 network address. Syntax ipv6 prefix-list prefix-list-name permit {A::B/x [ge | le] prefix-len} Parameters • prefix-list-name — Enter the IPv6 prefix-list name. • A::B/x — Enter the IPv6 address to permit.
ipv6 prefix-list seq permit Configures a filter to permit route filtering from a specified prefix-list. Syntax Parameters ipv6 prefix-list [name] seq num permit A::B/x [ge | le} prefix-len • name — (Optional) Enter the name of the IPv6 prefix-list. • num — Enter the sequence number of the specified IPv6 prefix list. • A::B/x — Enter the IPv6 address and mask in /prefix format (/x). • ge — Enter to indicate the network address is greater than or equal to the range specified.
Default Not configured Command Mode CONFIGURATION Usage Information None Example OS10(config)# mac access-list maclist Supported Releases 10.2.0E or later permit Configures a filter to allow packets with a specific IP address. Syntax permit [protocol-number | icmp | ip | tcp | udp] [A.B.C.D | A.B.C.D/x | any | host ip-address] [A.B.C.D | A.B.C.
permit (IPv6) Configures a filter to allow packets with a specific IPv6 address. Syntax Parameters permit [protocol-number | icmp | ipv6 | tcp | udp] [A::B | A::B/x | any | host ipv6-address] [A::B | A:B/x | any | host ipv6-address] [capture | count [byte] | dscp value | fragment] • protocol-number — (Optional) Enter the protocol number identified in the IPv6 header, from 0 to 255. • icmp — (Optional) Enter the ICMP address to permit. • ipv6 — (Optional) Enter the IPv6 address to permit.
• count — (Optional) Enter the count packets the filter processes. • byte — (Optional) Enter the count bytes the filter processes. • cos — (Optional) Enter the CoS value, from 0 to 7. • vlan — (Optional) Enter the VLAN number, from 1 to 4094. Default Not configured Command Mode MAC-ACL Usage Information OS10 cannot count both packets and bytes; when you enter the count byte options, only bytes increment. The no version of this command removes the filter.
permit icmp (IPv6) Configures a filter to permit all or specific ICMP messages. Syntax Parameters permit icmp [A::B | A::B/x | any | host ipv6-address] [A::B | A:B/x | any | host ipv6-address] [capture | count [byte] | dscp value | fragment] • A::B — Enter the IPv6 address in hexadecimal format separated by colons. • A::B/x — Enter the number of bits that must match the IPv6 address.
Usage Information OS10 cannot count both packets and bytes; when you enter the count byte options, only bytes increment. The no version of this command removes the filter. Example OS10(conf-ipv4-acl)# permit ip any any capture session 1 count Supported Releases 10.2.0E or later permit ipv6 Configures a filter to permit all or specific packets from an IPv6 address.
• • dscp value — (Optional) Permit a packet based on the DSCP values, 0 to 63. • fragment — (Optional) Use ACLs to control packet fragments. • eq — (Optional) Permit packets which are equal to. • ack — (Optional) Set the bit as acknowledgement. • fin — (Optional) Set the bit as finish—no more data from sender. • psh — (Optional) Set the bit as push. • rst — (Optional) Set the bit as reset. • syn — (Optional) Set the bit as synchronize. • urg — (Optional) Set the bit set as urgent.
permit udp Configures a filter that allows UDP packets meeting the filter criteria. Syntax permit udp [A.B.C.D | A.B.C.D/x | any | host ip-address [eq | lt | gt | neq | range]] [[A.B.C.D | A.B.C.D/x | any | host ip-address [eq | lt | gt | neq | range] ] [ack | fin | psh | rst | syn | urg] [capture |count [byte] | dscp value | fragment] Parameters • A.B.C.D — Enter the IP address in dotted decimal format. • A.B.C.D/x — Enter the number of bits that must match the dotted decimal address.
permit udp (IPv6) Configures a filter to permit UDP packets meeting the filter criteria. Syntax Parameters permit udp [A::B | A::B/x | any | host ipv6-address [eq]] [A::B | A:B/x | any | host ipv6-address [eq]] [ack | fin | psh | rst | syn | urg] [capture | count bytes | dscp value | fragment] • A::B — Enter the IPv6 address in hexadecimal format separated by colons. • A::B/x — Enter the number of bits that must match the IPv6 address.
Usage Information Use different sequence numbers for the remark and the ACL rule. Configure up to 2147483647 remarks for a given IPv4, IPv6, or MAC. Example OS10(conf-ipv4-acl)# remark 10 Deny rest of the traffic OS10(conf-ipv4-acl)# remark 5 Permit traffic from XYZ Inc. Supported Releases 10.2.0E or later seq deny Assigns a sequence number to deny IP addresses while creating the filter. Syntax seq sequence-number deny [protocol-number | icmp | ip | tcp | udp] [A.B.C.D | A.B.C.
seq deny (IPv6) Assigns a sequence number to deny IPv6 addresses while creating the filter. Syntax Parameters seq sequence-number deny [protocol-number icmp | ip | tcp | udp] [A::B | A::B/x | any | host ipv6-address] [A::B | A::B/x | any | host ipv6-address] [capture | count [byte] | dscp value | fragment] • sequence-number — Enter the sequence number to identify the route-map for editing and sequencing number, from 0 to 2147483647.
• 00:00:00:00:00:00 — (Optional) Enter which bits in the MAC address must match. If you do not enter a mask, a mask of 00:00:00:00:00:00 applies. • any — (Optional) Set all routes which are subject to the filter: • protocol-number — Protocol number identified in the MAC header, from 600 to ffff. • capture — (Optional) Capture packets the filter processes. • cos — (Optional) CoS value, from 0 to 7. • count — (Optional) Count packets the filter processes.
Example OS10(config)# ip access-list egress OS10(conf-ipv4-acl)# seq 5 deny icmp any any capture session 1 count Supported Releases 10.2.0E or later seq deny icmp (IPv6) Assigns a sequence number to deny ICMP messages while creating the filter.
• • capture — (Optional) Capture packets the filter processes. • count — (Optional) Count packets the filter processes. • byte — (Optional) Count bytes the filter processes. • dscp value — (Optional) Deny a packet based on the DSCP values, from 0 to 63. • fragment — (Optional) Use ACLs to control packet fragments. host ip-address — (Optional) Enter the IP address to use a host address only.
seq deny tcp Assigns a filter to deny TCP packets while creating the filter. Syntax Parameters seq sequence-number deny tcp [A.B.C.D | A.B.C.D/x | any | host ip-address [eq]] [[A.B.C.D | A.B.C.D/x | any | host ip-address [eq] ] [ack | fin | psh | rst | syn | urg] [capture |count [byte] | dscp value | fragment] • sequence-number — Enter the sequence number to identify the route-map for editing and sequencing number, from 0 to 2147483647. • A.B.C.D — Enter the IP address in dotted decimal format. • A.
Parameters • sequence-number — Enter the sequence number to identify the route-map for editing and sequencing number, from 0 to 2147483647. • A::B — Enter the IPv6 address in hexadecimal format separated by colons. • A::B/x — Enter the number of bits that must match the IPv6 address. • any — (Optional) Set all routes which are subject to the filter: • • capture — (Optional) Capture packets the filter processes. • count — (Optional) Count packets the filter processes.
• • fragment — (Optional) Use ACLs to control packet fragments. • eq — (Optional) Deny packets which are equal to. • ack — (Optional) Set the bit as acknowledgment. • fin — (Optional) Set the bit as finish—no more data from sender. • psh — (Optional) Set the bit as push. • rst — (Optional) Set the bit as reset. • syn — (Optional) Set the bit as synchronize. • urg — (Optional) Set the bit set as urgent. host ip-address — (Optional) Enter the IP address to use a host address only.
Default Not configured Command Mode IPV6-ACL Usage Information OS10 cannot count both packets and bytes; when you enter the count byte options, only bytes increment. The no version of this command removes the filter, or use the no seq sequence-number command if you know the filter’s sequence number. Example OS10(config)# ipv6 access-list ipv6test OS10(conf-ipv6-acl)# seq 10 deny udp any any capture session 1 count Supported Releases 10.2.
Parameters • sequence-number — Enter the sequence number to identify the route-map for editing and sequencing number, from 0 to 2147483647. • protocol-number — (Optional) Enter the protocol number, from 0 to 255. • A::B — Enter the IPv6 address in hexadecimal format separated by colons. • A::B/x — Enter the number of bits that must match the IPv6 address. • any — (Optional) Set all routes which are subject to the filter: • • capture — (Optional) Enter to capture packets the filter processes.
Command Mode MAC-ACL Usage Information OS10 cannot count both packets and bytes; when you enter the count byte options, only bytes increment. The no version of this command removes the filter, or use the no seq sequence-number command if you know the filter’s sequence number. Example OS10(config)# mac access-list macacl OS10(conf-mac-acl)# seq 10 permit 00:00:00:00:11:11 00:00:11:11:11:11 any cos 7 OS10(conf-mac-acl)# seq 20 permit 00:00:00:00:11:11 00:00:11:11:11:11 any vlan 2 Supported Releases 10.
seq permit icmp (IPv6) Assigns a sequence number to allow ICMP messages while creating the filter. Syntax Parameters seq sequence-number permit icmp [A::B | A::B/x | any | host ipv6-address] [A::B | A:B/x | any | host ipv6-address] [capture | count [byte] | dscp value | fragment] • sequence-number — Enter the sequence number to identify the route-map for editing and sequencing number, from 0 to 2147483647. • A::B — Enter the IPv6 address in hexadecimal format separated by colons.
• • dscp value — (Optional) Permit a packet based on the DSCP values, from 0 to 63. • fragment — (Optional) Use ACLs to control packet fragments. host ip-address — (Optional) Enter the IP address to use a host address only. Default Not configured Command Mode IPV4-ACL Usage Information OS10 cannot count both packets and bytes; when you enter the count byte options, only bytes increment.
seq permit tcp Assigns a sequence number to allow TCP packets while creating the filter. Syntax Parameters seq sequence-number permit tcp [A.B.C.D | A.B.C.D/x | any | host ip-address [eq]] [[A.B.C.D | A.B.C.D/x | any | host ip-address [eq] ] [ack | fin | psh | rst | syn | urg] [capture |count [byte] | dscp value | fragment] • sequence-number — Enter the sequence number to identify the route-map for editing and sequencing number, from 0 to 2147483647. • A.B.C.
Parameters • sequence-number — Enter the sequence number to identify the route-map for editing and sequencing number, from 0 to 2147483647. • A::B — Enter the IPv6 address in hexadecimal format separated by colons. • A::B/x — Enter the number of bits that must match the IPv6 address. • any — (Optional) Set all routes which are subject to the filter: • • capture — (Optional) Capture packets the filter processes. • count — (Optional) Count packets the filter processes.
• • ack — (Optional) Set the bit as acknowledgment. • fin — (Optional) Set the bit as finish—no more data from sender. • psh — (Optional) Set the bit as push. • rst — (Optional) Set the bit as reset. • syn — (Optional) Set the bit as synchronize. • urg — (Optional) Set the bit set as urgent. host ip-address — (Optional) Enter the IP address to use a host address only.
Command Mode IPV6-ACL Usage Information OS10 cannot count both packets and bytes; when you enter the count byte options, only bytes increment. The no version of this command removes the filter, or use the no seq sequence-number command if you know the filter’s sequence number. Example OS10(config)# ipv6 access-list egress OS10(conf-ipv6-acl)# seq 5 permit udp any any capture session 1 count Supported Releases 10.2.0E or later show access-group Displays IP, MAC, or IPv6 access-group information.
• access-lists in | out — Enter either access lists in or access lists out. • access-list—name — Enter the name of the access-list.
ethernet 3/0 seq 5 permit ipv6 11::/32 any count (0 packets) Supported Releases 10.2.0E or later show ip as-path-access-list Displays the configured AS path access lists. Syntax show ip as-path-access-list [name] Parameters name — (Optional) Specify the name of the AS path access list. Defaults None Command Mode EXEC Usage Information None Example OS10# show ip as-path-access-list ip as-path access-list hello permit 123 deny 35 Supported Releases 10.3.
Command Mode EXEC Usage Information None Example OS10# show ip extcommunity-list Standard Extended Community List hello permit RT:1:1 deny SOO:1:4 Supported Releases 10.3.0E or later show ip prefix-list Displays configured IPv4 or IPv6 prefix list information. Syntax Parameters show {ip | ipv6} prefix-list [prefix-name] • ip | ipv6—(Optional) Displays information related to IPv4 or IPv6. • prefix-name — Enter a text string for the prefix list name. A maximum of 140 characters.
Example OS10(config)# route-map bgp OS10(conf-route-map)# continue 65535 Supported Releases 10.3.0E or later match as-path Configures a filter to match routes that have a certain AS path in their BGP paths. Syntax match as-path as-path-name Parameters as-path-name — Enter the name of an established AS-PATH ACL. A maximum of 140 characters. Default Not configured Command Mode ROUTE-MAP Usage Information The no version of this command deletes a match AS path filter.
Default Not configured Command Mode ROUTE-MAP Usage Information The no version of this command deletes the extcommunity match filter. Example OS10(config)# route-map bgp OS10(conf-route-map)# match extcommunity extcommlist1 exact-match Supported Releases 10.3.0E or later match interface Configures a filter to match routes whose next-hop is the configured interface.
match ip next-hop Configures a filter to match based on the next-hop IP addresses specified in IP prefix lists. Syntax match ip next-hop prefix-list prefix-list Parameters prefix-list — Enter the name of the configured prefix list. A maximum of 140 characters. Default Not configured Command Mode ROUTE-MAP Usage Information The no version of this command deletes the match. Example OS10(config)# route-map bgp OS10(conf-route-map)# match ip next-hop Supported Releases prefix-list test100 10.3.
Supported Releases 10.3.0E or later match metric Configures a filter to match on a specific value. Syntax match metric metric-value Parameters metric-value — Enter a value to match the route metric against, from 0 to 4294967295. Default Not configured Command Mode ROUTE-MAP Usage Information The no version of this command deletes the match. Example OS10(conf-route-map)# match metric 429132 Supported Releases 10.2.
• local — Match only on routes generated locally. Default Not configured Command Mode ROUTE-MAP Usage Information The no version of this command deletes the match. Example OS10(config)# route-map bgp OS10(conf-route-map)# match route-type external type-1 Supported Releases 10.3.0E or later match tag Configures a filter to redistribute only routes that match a specific tag value.
set comm-list delete Remove communities in the specified list from the COMMUNITY attribute in a matching inbound or outbound BGP route. Syntax set comm-list {community-list-name} delete Parameters community-list-name — Enter the name of an established community list. A maximum of 140 characters. Defaults None‘ Command Mode ROUTE-MAP Usage Information The community list you use in the set comm-list delete command must be configured so that each filter contains only one community.
Parameter extcommunity-list-name — Enter the name of an established extcommunity list. A maximum of 140 characters. Defaults None Command Mode ROUTE-MAP Usage Information To add communities in an extcommunity list to the EXT COMMUNITY attribute in a BGP route, use the set extcomm-list add command. Example OS10(config)# route-map bgp OS10(conf-route-map)# set extcomm-list TestList delete Supported Releases 10.3.
set metric Set a metric value for a routing protocol. Syntax Parameters set metric [+ | -] metric-value • + — (Optional) Add a metric value to the redistributed routes. • - — (Optional) Subtract a metric value from the redistributed routes. • metric-value — Enter a new metric value, from 0 to 4294967295. Default Not configured Command Mode ROUTE-MAP Usage Information To establish an absolute metric, do not enter a plus or minus sign before the metric value.
• external — Sets the cost of the external routes so that it is equal to the sum of all internal costs and the external cost. • internal — Sets the cost of the external routes so that it is equal to the external cost alone, the default. The no version of this command removes the set clause from a route map. Example OS10(conf-route-map)# set metric-type internal Supported Releases 10.2.0E or later set next-hop Sets an IPv4 or IPv6 address as the next-hop.
set tag Sets a tag for redistributed routes. Syntax set tag tag-value Parameters tag-value — Enter a tag number for the route to redistribute, from 0 to 4294967295. Default Not configured Command Mode CONFIGURATION Usage Information The no version of this command deletes the set clause from a route map. Example OS10(conf-route-map)# set tag 23 Supported Releases 10.2.0E or later set weight Set the BGP weight for the routing table.
route-type external type-1 tag 10 Set clauses: metric-type type-1 origin igp tag 100 Supported Releases 472 10.3.
8 Quality of service Quality of service (QoS) manages the delay, jitter, bandwidth, and packet loss parameters on a network. OS10 devices examine each received packet and place the packet into different classes of service (CoS) by assigning a traffic class ID depending on the packet QoS parameters. QoS allows you to assign different behaviors to different traffic classes.
ingress policy actions include 802.1p or DSCP marking, rate-limiting (policing), enable honoring of 802.1p (CoS), or honoring of DSCP field of incoming packets. The policy actions executed for egress traffic are called egress policy actions. Allowed egress policy actions include scheduling, rateshaping, and WRED. You can define policies for a set of traffic classes with actions to be taken for each class. QoS-type policy-maps define policies for traffic classes created by the QoS-type class-maps.
If you apply a policy-map with L2 parameters (match criteria or marking is only for L2 header fields) only, and both L2 and L3 interfaces are configured on that system, OS10 displays an error message. If you apply an L2 policy-map on an L3 configured interface, OS10 also displays an error message. Class-map configuration You can implement classification or filtering packets into various traffic classes based on a packet match criteria using class-maps.
Create policy-map P1 for class C1 OS10(config)# policy-map p1 OS10(conf-pmap-qos)# class c1 OS10(conf-pmap-c-qos)# set qos-group 1 Show policy-map OS10(conf-pmap-c-qos)# do show policy-map Service-policy(qos) input: p1 Class-map (qos): c1 set qos-group 1 Interface policy-map You can apply policy-maps directly to interfaces. 1 To attach a policy-map to in CONFIGURATION mode, enter interface mode. interface ethernet node/slot/port:[subport] 2 Configure an input or output service-policy in INTERFACE mode.
Control-plane policy-map You can apply the policies created to the control-plane. 1 Enter CONTROL-PLANE configuration mode from CONFIGURATION mode. control-plane 2 Apply the service policy, and create a name for the policy-map in CONTROL-PLANE mode.
• dot1p —Sets the dynamic classification to trust dot1p. • fallback—(Optional) Honor trusting 802.1p (dot1p) only if other match criteria in this policy-map fails to qualify for a packet. Honor 802.
Class-map (qos): class-trust trust diffserv Strict priority queuing OS10 uses queues for egress QoS policy-types. You can enable priorities to dequeue all packets from the assigned queue before servicing any other queues. When more than one queue is assigned strict priority, the highest number queue receives the highest priority. You can configure strict priority to any number of queues. By default, all queues schedule traffic per WDRR.
View policy-map OS10(conf-if-eth1/1/5)# do show policy-map Service-policy(queuing) output: solar Class-map (queuing): magnum priority Class of service or dot1p classification Classification allows you to manage network traffic by separating it into different categories. Packets are identified and categorized into traffic classes. You can use the match command to apply a match to place network traffic into specific traffic classes. You can classify the QoS traffic based on class of service (CoS) or 802.
• match ip dscp [dscp-value | dscp-list | dscp-range]—IPv4 protocol use • match ipv6 dscp [dscp-value | dscp-list | dscp-range]—IPv6 protocol use • match ip-any dscp [dscp-value | dscp-list | dscp-range]—IPv4 and IPv6 protocol use 3 Return to CONFIGURATION mode. exit 4 Enter a policy-map name and type as qos in CONFIGURATION mode. policy-map type qos policy—map-name 5 In POLICY-MAP mode, associate a policy-map with a class-map.
View policy-map OS10(conf-pmap-c-qos)# do show policy-map Service-policy(qos) input: redacl Class-map (qos): blueacl set cos 6 VLAN classification Classify traffic based on the VLAN ID to apply a specific QoS behavior. 1 Create a class-map of type qos and configure the class-map name in CONFIGURATION mode. class—map type qos class—map name 2 Apply the match criteria as the VLAN ID in CLASS-MAP mode (1 to 4094). match vlan vlan-id 3 Return to CONFIGURATION mode.
5 In POLICY-MAP mode, associate a policy-map with a class-map. class class-map-name 6 Enter a queue number for the matched flow as qos-group ID in POLICY-MAP-CLASS-MAP mode-0 to 7.
OS10(conf-pmap-qos)# class bluedscp OS10(conf-pmap-c-qos)# set qos-group 6 View policy-map OS10(conf-pmap-c-qos)# do show policy-map Service-policy(qos) input: reddscp Class-map (qos): bluedscp set qos-group 6 OS10(conf-pmap-c-qos)# do show policy-map Service-policy(qos) input: pmap1 Class-map (qos): class-trust trust dot1p Mark traffic Marking allows you to add or set the 802.1p priorities to a L2 header, or set the DSCP value to L3 header.
DSCP marking To tag an incoming packet with a DSCP value, or modify incoming packets, you can configure marking for DSCP. The set dscp command is only supported under the ingress QoS policy type qos. 1 Create a policy-map of type qos and configure a name for the policy-map in CONFIGURATION mode. policy-map type qos policy-map-name 2 Configure a QoS class for classified traffic in POLICY-MAP mode (up to 32 characters). class class-name 3 Configure marking for DSCP in POLICY-MAP mode (0 to 63).
Mark control-plane OS10(config)# class-map type control-plane copp OS10(conf-cmap-control-plane)# exit OS10(config)# policy-map type control-plane copp1 OS10(conf-pmap-control-plane)# class copp OS10(conf-pmap-c)# set qos-group 2 OS10(conf-pmap-c)# police cir 100 pir 100 View control-plane policy-map OS10(conf-pmap-c)# do show policy-map Service-policy(control-plane) input: copp1 Class-map (control-plane): copp set qos-group 2 police cir 100 bc 100 pir 100 be 100 Traffic metering Metering applies to shapin
6 Assign a bandwidth percent (1 to 100) to nonpriority queues in POLICY-MAP-CLASS-MAP mode.
Policy-based rate-policing You can configure traffic rate-limiting in packets per second (pps) for a QoS input policy, and a rate policing value in kilobits per second (kbps) or pps. Committed rate guarantees bandwidth for traffic entering or leaving the interface under normal network conditions. When traffic propagates at an average rate that is greater than or equal to the committed rate and less than peak-rate, it is green colored or coded.
Control-plane policing Control-plane policing (CoPP) increases security on the system by protecting the route processor from unnecessary traffic and giving priority to important control plane and management traffic. CoPP uses a dedicated control plane configuration through the QoS CLIs to provide filtering and rate-limiting capabilities for the control plane packets.
OS10(conf-pmap-c)# set qos-group 2 OS10(conf-pmap-c)# police cir 100 pir 100 View policy-map OS10(conf-pmap-c)# do show policy-map Service-policy(control-plane) input: copp1 Class-map (control-plane): copp set qos-group 2 police cir 100 bc 100 pir 100 be 100 Assign service-policy Controlling traffic and rate the protocol CPU queues requires configuring QoS policies. To enable CoPP, you need to apply the defined policy-map to CONTROL-PLANE mode. 1 Enter CONTROL-PLANE mode from CONFIGURATION mode.
4 5 6 7 8 9 10 11 2000 400 400 400 600 600 600 300 VLT NDS ARP_REQ IPV6_ICMP_REQ ARP_RESP IPV6_ICMP IPV6_ICMP_RESP IPV4_ICMP SSH TELNET TACACS NTP FTP RSTP PVST MSTP LACP DOT1X LLDP IPV6_OSPF IPV4_BGP IPV4_OSPF IPV6_DHCP IPV4_DHCP SERVICEABILITY OPEN_FLOW View CoPP statistics OS10# show control-plane Queue Packets Bytes 0 0 0 1 0 0 2 0 0 3 0 0 4 0 0 5 2 172 6 0 0 7 32048 2180484 8 14140 2569184 9 0 0 10 0 0 11 0 0 statistics Dropped Packets 0 0 0 0 0 0 0 0 0 0 0 0 Dropped Bytes 0 0 0 0 0 0 0 0 0 0 0 0
Explicit congestion notification When you use explicit congestion notification (ECN) in conjunction with WRED, packets are marked instead of dropping them. Devices on a network respond to congestion before a queue overflows and packets drop, enabling improved queue management. You can configure ECN using the ecn command. When a packet reaches the device with ECN enabled for WRED, the average queue size is computed. To measure the average queue size, a user-configurable weight factor is used.
View configured WRED profile OS10# show policy-map interface Service-policy (qos) input: p1 Class (qos): c1 set qos-group 1 Class (qos): c2 set qos-group 4 Class (qos): c3 set qos-group 7 View statistics You can display egress-queue statistics of both transmitted and dropped packets and bytes. If the Packets counter is non-zero, the corresponding Drop Bytes counters display as “NA”.
• • qos—Displays all policy-maps in the qos type. • queuing—Displays all policy-maps in the queuing type. • control-plane—Displays all policy-maps in the control-plane type. • class-map-name—Enter the QoS class-map name to display the details of a specific policy-map. Display information on all existing policy-maps in EXEC mode. show policy-map type {control-plane | qos | queuing}[policy-map-name] • type—Enter the policy-map type (qos, queuing, or control-plane).
Green Drop Yellow Drop Red Drop 0 0 0 0 0 0 View packets and bytes on specific queue OS10# show queuing statistics interface ethernet 1/1/1 queue 3 Interface ethernet 1/1/1 Queue 3 Description Packets Bytes Output 0 0 Dropped 0 0 QoS commands bandwidth Assigns a percentage of weight to the queue. Syntax bandwidth percent value Parameters percent value — Enter the percentage assignment of bandwidth to the queue (1 to 100).
class-map Creates a QoS class-map which filters traffic to match packets to the corresponding policy created for your network. Syntax class-map [type {qos | queuing | control-plane}] [{match-any | match-all}] class-map-name Parameters Defaults • type — Enter a class-map type. • qos — Enter a qos type class-map. • queuing — Enter a queueing type class-map. • control-plane — Enter a control-plane type class-map.
clear qos statistics Clears all QoS related statistics, including PFC counters. Syntax clear qos statistics Parameters None Default Not configured Command Mode EXEC Usage Information None Example OS10# clear qos statistics Supported Releases 10.2.0E or later clear qos statistics type Clears all queue counters, including PFC, for the control-plane, qos, and queueing.
Default Not configured Command Mode CONTROL-PLANE Usage Information If you attach an access-list to the class-map type of control-plane, the access-list ignores the permit and deny keywords. Example (class-map) OS10(config)# class-map type control-plane match-any c1 OS10(conf-cmap-control-plane)# Example (policymap) OS10(config)# policy-map type control-plane p1 OS10(conf-pmap-control-plane)# Supported Releases 10.2.
• mac access-group name name — Enter an access-group name for the MAC access-list match criteria (up to 140 characters). • set dscp dscp-value — Enter a DSCP value for marking the DSCP packets (0 to 63). • not — Enter the IP or CoS to negate the match criteria. • vlan vlan-id — Enter a VLAN number for VLAN match criteria (1 to 4094). Default Not configured Command Mode CLASS-MAP Usage Information In a match-any class, you can enter multiple match criteria.
Command Mode CLASS-MAP Usage Information You cannot enter two match statements with the same filter-type. If you enter two match statements with the same filter-type, the second statement overwrites the first statement. The match-all option in a class-map does not support ip-any. Select either ip or IPv6 for the match-all criteria. If you select ip-any, you cannot select ip or ipv6 for the same filter type. Example OS10(conf-cmap-qos)# match ip-any dscp 17-20 Supported Releases 10.2.
match vlan Configures a match criteria based on the VLAN ID number. Syntax match vlan vlan-id Parameters vlan-id — Enter a VLAN ID number (1 to 4094). Default Not configured Command Mode CLASS-MAP Usage Information You cannot enter two match statements with the same filter-type. If you enter two match statements with the same filter-type, the second statement overwrites the first statement. Example OS10(conf-cmap-qos)# match vlan 100 Supported Releases 10.2.
Usage Information This command can only be used under network-qos policy type. Buffer-size, pause-thresholds, and resumethresholds vary based on platform. The no version of this command returns the value to the default. Add the policy-map with pause to system-qos to service an input to enable pause on all ports, based on a per-port linklevel flow-control or priority flow-control enable mode. The xoff and xon threshold settings for link-level flowcontrol must map to traffic classes mapped to a single PG.
pfc-shared-buffer-size Changes the shared buffers size limit for priority flow-control enabled flows. Syntax pfc-shared-buffer-size buffer-size Parameters buffer-size — Enter the size of the priority flow-control buffer in Kb (0 to 8911). Default 832 Kb Command Mode SYSTEM-QOS Usage Information The no version of this command returns the value to the default. Example OS10(conf-sys-qos)# pfc-shared-buffer-size 2000 Supported Releases 10.3.
• type — Enter the policy-map type. • qos — Create a qos policy-map type. • queuing — Create a queueing policy-map type. • control-plane — Create a control-plane policy-map type. Defaults qos = class-map type and match-any = class-map filter Command Mode CONFIGURATION Usage Information The no version of this command deletes a policy-map. Example OS10(config)# policy-map p1 Example (Queuing) OS10(config)# policy-map type queuing p1 Supported Releases 10.2.
qos-group dot1p Configures a dot1p trust map to the traffic class. Syntax Parameters qos-group tc-list [dot1p values] • qos-group tc-list — Enter the traffic single value class ID (0 to 7). • dot1p values — (Optional) Enter either single, comma-delimited, or a hyphenated range of dot1p values (0 to 7). Default 0 Command Mode TRUST-MAP Usage Information If the trust map does not define dot1p values to any traffic class, those flows are mapped to the default traffic class (0).
Parameters • queue-len value — Enter the guaranteed size for this queue (0 to 8911). Defaults: • 45 Kb (10G)/111 Kb (40G) if queue is priority flow control enabled • 2 Kb (10G)/8 Kb (40G) if queue is lossy/link-level flow control • If this is a priority flow-control queue, this configuration is invalid • Only supported for POLICY-MAP-CLASS-MAP (pmap-c-queue) mode • thresh-mode — (Optional) Buffer threshold mode.
Default 0 Command Mode TRUST-MAP Usage Information If the trust map does not define traffic class values to a queue, those flows are mapped to the default queue (0). If some of the traffic class values are already mapped to an existing queue, you will receive an error. The no version of this command returns the value to the default. Example OS10(conf-tmap-tc-queue-qos)# queue 2 qos-group 5 Supported Releases 10.3.0E or later random-detect Configures WRED parameters for the queue.
Default Not configured Command Mode INTERFACE Usage Information Attach only one policy-map to the interface input and output for each qos and queuing policy-map type. You can attach four service-policies to the system QoS — one each for qos and queueing type policy-maps. When you configure service policies at the interface-level and system-level, the interface-level policy takes precedence over the system-level policy.
Supported Releases 10.2.0E or later set qos-group Configures marking for the QoS-group queues. Syntax set qos-group queue-number Parameters queue-number — Enter a queue number (0 to 7). Default Not configured Command Mode POLICY-MAP-CLASS-MAP Usage Information The qos or control-plane ingress QoS policy type only supports this command.
show class-map Displays configuration details of all existing class-maps. Syntax show class-map [type {control-plane | qos | queuing} class-map-name] Parameters • type — Enter the policy-map type (qos, queuing, or control-plane). • qos — Displays all policy-maps of qos type. • queuing — Displays all policy-maps of queuing type. • control-plane — Displays all policy-maps of control-plane type. • class-map-name — Displays the QoS class-map name.
show control-plane statistics Displays counters of all the CPU queue statistics. Syntax show control-plane info Parameters None Default Not configured Command Mode EXEC Usage Information None Example OS10# Queue 0 1 2 3 4 5 6 7 8 9 10 11 Supported Releases 10.2.
6 7 Supported Releases 0 0 0 0 10.3.0E or later show qos interface Displays the QoS configuration applied to a specific interface. Syntax show qos interface ethernet node/slot/port[:subport] Parameters node/slot/port[:subport] — Enter the Ethernet interface information.
show qos control-plane Displays the QoS configuration applied to the control-plane. Syntax show qos control-plane Parameters None Default Not configured Command Mode EXEC Usage Information Monitors statistics for the control-plane and troubleshoots CoPP. Example OS10# show qos control-plane Service-policy (Input): p1 Supported Releases 10.2.0E or later show qos egress bufffers interface Displays egress buffer configurations.
Parameters • interface — (Optional) Enter the interface type. • node/slot/port[:subport] — (Optional) Enter the port information.
7 OS10# Supported Releases 9360 static 12479488 - 10.3.0E or later show ingress buffer-stats interface Displays the buffers statistics for the ingress interface. Syntax Parameters show ingress buffer-stats interface [interface node/slot/port[:subport]] • interface — (Optional) Enter the interface type. • node/slot/port[:subport] — (Optional) Enter the port information.
Example OS10# show queuing statistics interface ethernet 1/1/1 Interface ethernet1/1/1 (All queues) Description Packets Bytes Output 0 0 Dropped 0 0 Green Drop 0 0 Yellow Drop 0 0 Red drop 0 0 Example (Queue) OS10# show queuing statistics interface ethernet 1/1/1 queue 3 Interface ethernet1/1/1 Queue 3 Description Packets Bytes Output 0 0 Dropped 0 0 Supported Releases 10.2.0E or later show qos system Displays the QoS configuration applied to the system.
Total shared lossy buffers Total used shared lossy buffers - 7684 - 0 OS10# show qos system egress buffer All values are in kb Total buffers - 12187 Total PFC buffers - 4008 Total shared PFC buffers - 4008 Total used shared PFC buffers - 896 Total lossy buffers - 8178 Total shared lossy buffers - 5938 Total used shared lossy buffers - 0 Supported Releases 10.3.0E or later show qos maps Displays the active system trust map.
3 7 DOT1P Priority to Traffic-Class Map : map1 Traffic-Class DOT1P Priority ------------------------------DOT1P Priority to Traffic-Class Map : dot1p-trustmap1 Traffic-Class DOT1P Priority ------------------------------0 2 1 3 2 4 3 5 4 6 5 7 6 1 DSCP Priority to Traffic-Class Map : dscp-trustmap1 Traffic-Class DSCP Priority ------------------------------0 8-15 2 16-23 1 0-7 Default Dot1p Priority to Traffic-Class Map Traffic-Class DOT1P Priority ------------------------------0 1 1 0 2 2 3 3 4 4 5 5 6 6 7 7
6 7 Supported Releases 48-55 56-63 10.3.0E or later system qos Enters SYSTEM-QOS mode to configure system-level service policies. Syntax system qos Parameters None Default Not configured Command Mode SYSTEM-QOS Usage Information None Example OS10(config)# system qos OS10(config-sys-qos)# Supported Releases 10.2.0E or later trust Sets the dynamic classification to trust. Syntax Parameters trust {dot1p | diffserv} [fallback] • diffserv — Set the dynamic classification to trust DSCP.
Command Mode CONFIGURATION Usage Information If trust is enabled, traffic obeys the dot1p map. default-dot1p-trust is a reserved trust-map name. The no version of this command returns the value to the default. Example OS10(config)# trust dot1p-map map1 OS10(config-tmap-dot1p-map)# qos-group 4 dot1p 5 Supported Releases 10.3.0E or later trust dscp-map Creates user-defined trust map for dscp flows.
Parameters • dot1p— Applies a dot1p trust map. • dscp—Applies a dscp trust map. Default Disabled Command Mode SYSTEM-QOS INTERFACE Usage Information Use the show qos maps type [tc-queue | trust-map-dot1p | trust-map-dscp] [string] command to view the current trust mapping. You should change the trust map only during no traffic flow, and verify the correct policy maps are applied. The no version of this command returns the value to the default.
9 Virtual link trunking Virtual link trunking (VLT) is a Layer 2 (L2) aggregate protocol between end devices (servers) connected to different network devices. VLT reduces the role of spanning tree protocols (STPs) by allowing link aggregation group (LAG) terminations on two separate distribution or core switches and supporting a loop-free topology.
VLT physical ports 802.1p, 802.1q, LLDP, flow control, port monitoring, and jumbo frames are supported on VLT physical ports. System management protocols All system management protocols are supported on VLT ports — SNMP, RMON, AAA, ACL, DNS, FTP, SSH, syslog, NTP, RADIUS, SCP, and LLDP. L3 VLAN connectivity Enable L3 VLAN connectivity (VLANs assigned with an IP address) on VLT peers by configuring a VLAN interface for the same VLAN on both devices.
• In a VLT domain, the peer network devices must run the same OS10 software version. • Configure the same VLT domain ID on peer devices. If a VLT domain ID mismatch occurs on VLT peers, the VLTi does not activate. • In a VLT domain, VLT peers support connections to network devices that connect to only one peer. VLT interconnect A VLTi is the link that synchronizes states between VLT peers. OS10 automatically adds VLTi ports to VLANs spanned across VLT peers.
RSTP configuration Only RSTP mode is supported on VLT ports. Before you configure VLT on peer switches, configure RSTP in the network. RSTP prevents loops during the VLT startup phase. • Enable RSTP on each peer node in CONFIGURATION mode.
Create VLT domain A VLT domain requires an ID number. Configure the same VLT domain ID on both peers, see VLT domain. The no vlt-domain command disables VLT. 1 Configure a VLT domain and enter VLT-DOMAIN mode. Configure the same VLT domain ID on each peer, from 1 to 255. vlt-domain domain-id 2 Repeat the steps on the VLT peer to create the VLT domain.
Configure VLT port-channel A VLT port-channel links an attached device and VLT peer switches, also known as a virtual link trunk. 1 Enter the port-channel ID number on the VLT peer in INTERFACE mode, from 1 to 1024. interface port-channel id-number 2 Assign the same ID to a VLT port-channel on each VLT peer — peers are seen as a single VLT LAG to downstream devices. vlt-port-channel vlt-lag-id 3 Repeat the steps on the VLT peer.
VRRP Optimized Forwarding To enable optimized L3 forwarding over VLT, use VRRP Active-Active mode. By default, VRRP Active-Active mode is enabled in the VLAN interfaces. In Active-Sctive mode, each peer locally forwards L3 traffic, resulting in reduced traffic flow over the VLTi. Configure the same L3 static and dynamic routing on each peer so that the L3 reachability and routing tables are the same on both peers. 1 Enable VRRP Active-Active mode in VLAN-INTERFACE mode.
VLT Peer Unit ID System MAC Address Status IP Address Version -------------------------------------------------------------------------2 90:b1:1c:f4:bc:0a up fda5:74c8:b79e:1::2 1.
VLT Unit ID Port-Channel Status Configured ports Active ports ---------------------------------------------------------------------* 1 port-channel1 down 2 0 2 port-channel1 down 2 0 VLT port channel ID : 2 VLT Unit ID Port-Channel Status Configured ports Active ports ---------------------------------------------------------------------* 1 port-channel2 down 1 0 2 port-channel2 down 1 0 VLT port channel ID : 3 VLT Unit ID Port-Channel Status Configured ports Active ports ------------------------------------
delay-restore Configures a time interval to delay the bringing up of VLT ports after reload or peer-link restoration between the VLT peer switches. Syntax delay-restore seconds Parameters seconds — Enter a delay time, in seconds, to delay bringing up VLT ports after the VLTi device is reloaded, from 1 to 1200. Default 90 seconds Command Mode VLT-DOMAIN Usage Information Use this command to delay the system from bringing up the VLT port for a brief period to allow L3 routing protocols to converge.
Usage Information The no version of this command disables L3 routing. Example OS10(conf-vlt-1)# peer-routing Supported Releases 10.2.0E or later peer-routing-timeout Configures the delay after which peer routing is disabled when the peer is not available. This command is applicable for both IPv6 and IPv4. Syntax peer-routing-timeout value Parameters value — Enter the timeout value in seconds, from 0 to 65535.
Link Type: Point-to-Point BPDU Sent: 15, Received: 5 Supported Releases 10.3.0E or later show vlt Displays information on a VLT domain. Syntax show vlt id Parameter id — Enter a VLT domain ID, from 1 to 255.
show vlt mac-inconsistency Displays inconsistencies in dynamic MAC addresses learnt between VLT peers. Syntax show vlt mac-inconsistency Parameters None Default Not configured Command Mode EXEC Usage Information Use this command to check mismatch of MAC address table entries between VLT peers. To verify VLT configuration mismatch issues on peer switches, use the show vlt domain-name mismatch command. Example OS10# show vlt-mac-inconsistency Checking Vlan 228 .. Found 7 inconsistencies ..
Example (no mismatch) OS10# show vlt 1 mismatch Peer-routing mismatch: No mismatch VLAN mismatch: No mismatch VLT VLAN mismatch: No mismatch Example (mismatch) OS10# show vlt 1 mismatch Peer-routing mismatch: VLT Unit ID Peer-routing ----------------------------------* 1 Enabled 2 Disabled VLAN mismatch: No mismatch VLT VLAN mismatch: VLT ID : 1 VLT Unit ID Mismatch VLAN List ---------------------------------* 1 1 2 2 VLT ID : 2 VLT Unit ID Mismatch VLAN List ----------------------------------* 1 1 2 2 Ex
show vlt role Displays the VLT role of the local peer. Syntax show vlt id role Parameters id — Enter the VLT domain ID, from 1 to 255. Default Not configured Command Mode EXEC Usage Information The * in the mismatch output indicates a local node entry. Example OS10# show vlt 1 role VLT Unit ID Role -----------------------* 1 primary 2 secondary Supported Releases 10.2.0E or later show vlt vlt-port-detail Displays detailed status information about VLT ports.
vlt-domain Creates a VLT domain. Syntax vlt-domain domain-id Parameter domain-id — Enter a VLT domain ID on each peer, from 1 to 255. Default None Command Mode CONFIGURATION Usage Information Configure the same VLT domain ID on each peer. If a VLT domain ID mismatch occurs on VLT peers, the VLTi link between peers does not activate. The no version of this command disables VLT. Example OS10(config)# vlt-domain 1 Supported Releases 10.2.
Example OS10(conf-vlt-1)# vlt-mac 00:00:00:00:00:02 Supported Releases 10.2.0E or later vrrp mode active-active Enables the VRRP peers to locally forward L3 traffic in a VLAN interface. Syntax vrrp mode active-active Parameters None Default Enabled Command Mode VLAN INTERFACE Usage Information The no version of this command disables the configuration. This command is applicable only for VLAN interfaces. Example OS10(conf-if-vl-10)# vrrp mode active-active Supported Releases 10.2.
10 Converged data center services OS10 supports converged data center services, including IEEE 802.1 data center bridging (DCB) extensions to classic Ethernet. DCB provides I/O consolidation in a data center network. Each network device carries multiple traffic classes while ensuring lossless delivery of storage traffic with best-effort for LAN traffic and latency-sensitive scheduling of service traffic. • 802.1Qbb — Priority flow control • 802.1Qaz — Enhanced transmission selection • 802.
PFC configuration notes • PFC is supported for 802.1p priority traffic (dot1p 0 to 7). FCoE traffic traditionally uses dot1p priority 3 — iSCSI storage traffic uses dot1p priority 4. • Configure PFC for ingress traffic by using network-qos class and policy maps (see Quality of Service). The queues used for PFCenabled traffic are treated as lossless queues. Configure the same network-qos policy map on all PFC-enabled ports.
trust dot1p exit 2 Apply the qos trust policy to ingress traffic in SYSTEM-QOS or INTERFACE mode. service-policy input type qos trust-policy—map-name Configure a non-default dot1p-priority-to-traffic class mapping 1 Configure a trust map of dot1p traffic classes in CONFIGURATION mode. A trust map does not modify ingress dot1p values in output flows. Assign a qos-group to trusted dot1p values in TRUST mode using 1-to-1 mappings. Dot1p priorities are 0-7.
1 Create a network-qos class map to classify PFC traffic classes in CONFIGURATION mode (0 to 7). Specify the traffic classes using the match qos-group command. Qos-groups map 1:1 to traffic classes 0 to 7 (qos-group 1 corresponds to traffic class 1). Enter a single value, a hyphen-separated range, or multiple qos-group values separated by commas in CLASS-MAP mode.
OS10(config)# system qos OS10(config-sys-qos)# service-policy input type qos pclass1 OS10(config-sys-qos)# exit OS10(config)# class-map type network-qos cc1 OS10(config-cmap-nqos)# match qos-group 3 OS10(config-cmap-nqos)# exit OS10(config)# class-map type network-qos cc2 OS10(config-cmap-nqos)# match qos-group 4 OS10(config-cmap-nqos)# exit OS10(config)# policy-map type network-qos pp1 OS10(config-pmap-network-qos)# class cc1 OS10(config-pmap-c-nqos)# pause buffer-size 30 pause-threshold 20 resume-threshol
View PFC system buffer configuration OS10(config)# show qos system ingress buffer All values are in kb Total buffers - 12187 Total PFC buffers - 877 Total shared PFC buffers - 832 Total used shared PFC buffers - 665 Total lossy buffers - 11309 Total shared lossy buffers - 10816 Total used shared lossy buffers - 1534 OS10(config)# show qos system egress buffer All values are in kb Total buffers - 12187 Total PFC buffers - 877 Total shared PFC buffers - 877 Total used shared PFC buffers - 0 Total lossy buffer
Table 7. 10G and 25G port defaults Port Speed 10G Port 25G Port PFC reserved ingress buffer 45 KB 54 KB PFC pause threshold 9 KB 9 KB PFC resume threshold 9 KB 9 KB Port Speed 40G Port 50G Port PFC reserved ingress buffer 93 KB 111 KB PFC pause threshold 18 KB 18 KB PFC resume threshold 9 KB 9 KB Table 8. 40G and 50G port defaults Table 9.
Configure PFC Example). A qos-group number is used only internally to classify ingress traffic classes. See PFC configuration notes for the default dot1p-priority-to-traffic-class mapping and how to configure a non-default mapping. A PFC traffic class requires a 1-to-1 mapping — only one dot1p value is mapped to a qos-group number.
Supported Releases 10.3.0E or later queue-limit Sets the static and dynamic thresholds used to limit the shared-buffer size of PFC traffic-class queues. Syntax Parameters queue-limit {thresh-mode [static kilobytes | dynamic weight]} • thresh-mode — Buffer threshold mode. • static kilobytes — Enter the fixed shared-buffer limit available for PFC traffic-class queues in kilobytes (0 to 7787; maximum amount tuned by the pfc-shared-buffer-size command).
Total Rx PFC Frames: 0 Total Tx PFC frames: 587236 Cos Rx Tx ----------------------0 0 0 1 0 0 2 0 0 3 0 587236 4 0 0 5 0 0 6 0 0 7 0 0 Supported Releases 10.3.0E or later Enhanced transmission selection Enhanced transmission selection (ETS) provides customized bandwidth allocation to 802.1p classes of traffic. Assign different amounts of bandwidth to traffic classes (Ethernet, FCoE, or iSCSI) that require different bandwidth, latency, and best-effort treatment during network congestion.
• Egress queuing policy — Configure ETS for egress traffic by assigning bandwidth to matching lossless queues in queuing class and policy maps. • Apply both PFC network-qos (input) and ETS queuing (output) policies on an interface to ensure lossless transmission. • An ETS-enabled interface operates with dynamic weighted round robin (DWRR) or strict priority scheduling. • OS10 control traffic is sent to control queues, which have a strict priority that is higher than data traffic queues.
(Optional) To configure a queue as strict priority, use the priority command. Packets scheduled to a strict priority queue are transmitted before packets in non-priority queues. policy—map type queuing policy—map-name class class—map-name priority 6 Apply the trust maps for dot1p and DSCP values, and the traffic class-queue mapping globally on the switch in SYSTEM-QOS mode or on an interface or interface range in INTERFACE mode.
OS10(config)# system qos OS10(config-sys-qos)# trust-map dot1p dot1p_map1 OS10(config-sys-qos)# trust-map dscp dscp_map1 OS10(config-sys-qos)# qos-map traffic-class tc-q-map1 OS10(config-sys-qos)# ets mode on OS10(config-sys-qos)# service-policy input type qos pclass1 OS10(config-sys-qos)# service-policy output type queuing p1 View ETS configuration OS10# show qos interface ethernet 1/1/1 Interface unknown-unicast-storm-control : Disabled multicast-storm-control : Disabled broadcast-storm-control : Disabled
DCBX uses LLDP to mediate the automatic negotiation and exchange of device settings, such as PFC and ETS. DCBX uses LLDP TLVs to perform DCB parameter exchange: • PFC configuration and application priority configuration • ETS configuration and ETS recommendation This sample DCBX topology shows two 40GbE ports on a switch that are configured as DCBX auto-upstream ports and used as uplinks to top-of-rack (ToR) switches. The top-of-rack (ToR) switches are part of a fibre channel storage network.
Configure DCBX DCBX allows data center devices to advertise and exchange configuration settings with directly connected peers using LLDP. LLDP is enabled by default. To ensure the consistent and efficient operation of a converged data center network, DCBX detects peer misconfiguration. DCBX is disabled at a global level and enabled at an interface level by default. For DCBX to be operational, DCBX must be enabled at both the global and interface levels.
Peer DCBX Status ----------------DCBX Operational Version is 0 DCBX Max Version Supported is 255 Sequence Number: 5 Acknowledgment Number: 14 220 Input PFC TLV pkts, 350 Output PFC TLV pkts, 0 Error PFC pkts 220 Input PG TLV Pkts, 396 Output PG TLV Pkts, 0 Error PG TLV Pkts 71 Input Appln Priority TLV pkts, 80 Output Appln Priority TLV pkts, 0 Error Appln Priority TLV Pkts Total Total Total Total DCBX DCBX DCBX DCBX Frames transmitted 538 Frames received 220 Frame errors 0 Frames unrecognized 0 View DCBX
PG-grp Priority# Bandwidth TSA -----------------------------------------------0 0,1,2,3 70% ETS 1 4,5,6,7 30% ETS 2 0% SP 3 0% SP 4 0% SP 5 0% SP 6 0% SP 7 0% SP 15 0% SP Remote Willing Status is disabled Local Parameters : ------------------Local is enabled PG-grp Priority# Bandwidth TSA -----------------------------------------------0 0,1,2,3 70% ETS 1 4,5,6,7 30% ETS 2 0% SP 3 0% SP 4 0% SP 5 0% SP 6 0% SP 7 0% SP 15 0% SP Oper status is init ETS DCBX Oper status is Up State Machine Type is Feature Conf
Supported Releases 10.3.0E or later dcbx tlv-select Configures the DCB TLVs advertised by a DCBX-enabled port. Syntax dcbx tlv-select {[ets-conf] [ets-reco] [pfc]} Parameters • ets-conf — Advertise ETS configuration TLVs. • ets-reco — Advertise ETS recommendation TLVs. • pfc — Advertise PFC TLVs. Default DCBX advertises PFC, ETS Recommendation, and ETS Configuration TLVs. Command Mode INTERFACE Usage Information A DCBX-enabled port advertises all TLVs to DCBX peers by default.
Command Mode INTERFACE Usage Information DCBX must be enabled at both the global and interface levels. Enable DCBX globally with the dcbx enable command to activate the exchange of DCBX TLV messages with PFC, ETS, and iSCSI configurations. Use DCBX interface-level commands to configure the TLVs advertised by a DCBX-enabled port, change the DCBX version, or disable DCBX on an interface. The no version of this command disables DCBX on an interface.
Max Supported PG is 8 Number of Traffic Classes is 8 Admin mode is on Admin Parameters : -----------------Admin is enabled PG-grp Priority# Bandwidth TSA -----------------------------------------------0 0,1,2,3 70% ETS 1 4,5,6,7 30% ETS 2 0% SP 3 0% SP 4 0% SP 5 0% SP 6 0% SP 7 0% SP Remote Parameters : ------------------Remote is enabled PG-grp Priority# Bandwidth TSA -----------------------------------------------0 0,1,2,3 70% ETS 1 4,5,6,7 30% ETS 2 0% SP 3 0% SP 4 0% SP 5 0% SP 6 0% SP 7 0% SP Remote Wi
PFC TLV Tx Status is enabled Application Priority TLV Parameters : -------------------------------------ISCSI TLV Tx Status is enabled Local ISCSI PriorityMap is 0x10 Remote ISCSI PriorityMap is 0x10 5 Input TLV pkts, 2 Output TLV pkts, 0 Error pkts 5 Input Appln Priority TLV pkts, 2 Output Appln Priority TLV pkts, 0 Error Appln Priority TLV Pkts Supported Releases 10.3.
In an iSCSI session, a switch connects CNA servers (iSCSI initiators) to a storage array (iSCSI targets) in a storage area network (SAN) or TCP/IP network. iSCSI optimization running on the switch uses dot1p priority-queue assignments to ensure that iSCSI traffic receives priority treatment. iSCSI configuration notes • • • • When you enable iSCSI optimization, the switch auto-detects and auto-configures for Dell EqualLogic storage arrays directly connected to an interface.
1 Configure an interface or interface range to detect a connected storage device. interface ethernet node/slot/port:[subport] 2 Enable the interface to support a storage device that is directly connected to the port and not automatically detected by iSCSI. Use this command for storage devices that do not support LLDP. In this release, the only valid storage-device-name value is Compellant.
OS10(config-sys-qos)# exit OS10(config)# OS10(config)# OS10(config)# OS10(config)# iscsi iscsi iscsi iscsi session-monitoring enable aging time 15 priority-bits 0x20 enable View iSCSI optimization OS10# show iscsi iSCSI Auto configuration is Enabled iSCSI session monitoring is Enabled iSCSI COS qos-group 4 remark dot1p 4 Session aging time 15 Maximum number of connections is 256 Port IP Address -----------------------3260 860 3261 10.1.1.
Usage Information Configure the aging time allowed for monitored iSCSI sessions on TCP ports before the session closes. The no version of this command disables the aging time. Example OS10(config)# iscsi aging time 30 Supported Releases 10.3.0E or later iscsi enable Enables iSCSI auto-detection of attached storage arrays and switch auto-configuration.
Default Not configured Command Mode INTERFACE Usage Information The only valid value is Compellant in this release. Configure directly attached storage arrays to be supported by iSCSI if they are not automatically detected. This command is required for storage devices that do not support LLDP. The no version of this command disables the connection. Example OS10(conf-if-eth1/1/2)# iscsi profile-storage compellant Supported Releases 10.3.
lldp tlv-select dcbxp-appln iscsi Enables a port to advertise iSCSI application TLVs to DCBX peers. Syntax lldp tlv-select dcbxp-appln iscsi Parameter None Default iSCSI application TLVs are advertised to DCBX peers. Command Mode INTERFACE Usage Information DCB devices use DCBX to exchange iSCSI configuration information with peers and self-configure. iSCSI parameters are exchanged in time, length, and value (TLV) messages. DCBX requires LLDP enabled to advertise iSCSI application TLVs.
Command Mode EXEC Usage Information In an iSCSI session, Target is the storage device, and Initiator is the server connected to the storage device. Example OS10# show iscsi session Example (detailed) OS10# show iscsi session detailed Session 1 -----------------------------------------------Target:iqn.2001-05.com.equallogic:0-8a0906-00851a00c-98326939fba510a1-517 Initiator:iqn.1991-05.com.
DCB provides lossless transmission of FCoE and iSCSI storage traffic using: • Separate traffic classes for the different service needs of network applications. • PFC flow control to pause data transmission and avoid dropping packets during congestion. • ETS bandwidth allocation to guarantee a percentage of shared bandwidth to bursty traffic, while allowing each traffic class to exceed its allocated bandwidth if another traffic class is not using its share.
OS10(config)# policy-map pclass OS10(config-pmap-qos)# class class-trust OS10(config-pmap-c-qos)# trust dot1p OS10(config-pmap-c-qos)# end 3. PFC configuration (interface) Apply the service policies with dot1p trust and PFC configurations to an interface.
OS10(conf-if-eth1/1/53)# ets mode on OS10(conf-if-eth1/1/53)# end OS10(config)# system qos OS10(config-sys-qos)# trust-map dot1p tmap1 OS10(config-sys-qos)# qos-map traffic-class tmap2 OS10(config-sys-qos)# service-policy input type qos pclass OS10(config-sys-qos)# service-policy output type queuing pmap1 OS10(config-sys-qos)# ets mode on 6.
Local ISCSI PriorityMap is 0x10 Remote ISCSI PriorityMap is 0x10 4 Input TLV pkts, 3 Output TLV pkts, 0 Error pkts 4 Input Appln Priority TLV pkts, 3 Output Appln Priority TLV pkts, 0 Error Appln Priority TLV Pkts 9.
10. iSCSI optimization configuration (global) This example accepts the default settings for aging time and TCP ports used in monitored iSCSi sessions. A Compellant storage array is connected to the port. The policy-iscsi policy map sets the CoS dot1p priority used for iSCSI traffic to 6 globally on the switch. By default, iSCSI traffic uses priority 4. The iscsi priority-bits 0x40 command sets the advertised dot1p priority used by iSCSI traffic in application TLVs to 6.
service-policy output type queuing pmap1 ets mode on qos-map traffic-class tmap2 trust-map dot1p tmap1 priority-flow-control mode on OS10(conf-if-eth1/1/53)# do show lldp dcbx interface ethernet 1/1/53 E-ETS Configuration TLV enabled e-ETS Configuration TLV disabled R-ETS Recommendation TLV enabled r-ETS Recommendation TLV disabled P-PFC Configuration TLV enabled p-PFC Configuration TLV disabled F-Application priority for FCOE enabled f-Application Priority for FCOE disabled I-Application priority for iSCSI
I-Application priority for iSCSI enabled i-Application Priority for iSCSI disabled ----------------------------------------------------------------------------------Interface ethernet1/1/53 Port Role is Manual DCBX Operational Status is Enabled Is Configuration Source? FALSE Local DCBX Compatibility mode is IEEEv2.5 Local DCBX Configured mode is IEEEv2.5 Peer Operating version is IEEEv2.
11 sFlow sFlow is a standard-based sampling technology embedded within switches and routers that monitors network traffic. It provides traffic monitoring for high-speed networks with many switches and routers.
Enable or disable sFlow on a specific interface • Enable sFlow in CONFIGURATION mode. sflow enable • Disable sFlow in CONFIGURATION mode.
sflow enable ! Collector configuration Configure the IPv4 or IPv6 address for the sFlow collector. You can configure a maximum of two sFlow collectors. If you specify two collectors, the samples are sent to both. The agent IP address must be the same for both the collectors. • Enter an IPv4 or IPv6 address for the sFlow collector, IPv4 or IPv6 address for the agent, UDP collector port number (default 6343), maximum datagram size (up to 1400), and the VRF instance number in CONFIGURATION mode.
interface ethernet1/1/1 sflow enable ! Sample-rate configuration Sampling rate is the number of packets skipped before the sample is taken. If the sampling rate is 4096, one sample generates for every 4096 packets observed. • Set the sampling rate in CONFIGURATION mode, from 4096 to 65535. The default is 32768. sflow sample-rate sampling-size • Disable packet sampling in CONFIGURATION mode. no sflow sample-rate • View the sampling rate in EXEC mode.
0 UDP packets dropped 34026 sFlow samples collected • View sFlow configuration details on a specific interface in EXEC mode. OS10# show sflow interface port-channel 1 port-channel1 sFlow is enabled on port-channel1 Samples rcvd from h/w: 0 • View the sFlow running configuration in EXEC mode. OS10# show running-configuration sflow sflow enable sflow max-header-size 80 sflow polling-interval 30 sflow sample-rate 4096 sflow collector 10.16.150.1 agent-addr 10.16.132.
sflow enable Enables sFlow on a specific interface or globally on all interfaces. Syntax sflow enable [all-interfaces] Parameters all-interfaces — (Optional) Enter to enable sFlow globally. Default Disabled Command Mode CONFIGURATION Usage Information The no version of this command to disables sFlow.
Defaults 30 Command Mode CONFIGURATION Usage Information The polling interval for an interface is the number of seconds between successive samples of counters sent to the collector. You can configure the duration for polled interface statistics. The no version of the command resets the interval time to the default value. Example OS10(conf)# sflow polling-interval 200 Supported Releases 10.3.0E or later sflow sample-rate Configures the sampling rate.
0 UDP packets dropped 34026 sFlow samples collected Example (portchannel) OS10# show sflow interface port-channel 1 port-channel1 sFlow is enabled on port-channel1 Samples rcvd from h/w: 0 Supported Releases 10.3.
12 Troubleshoot OS10 Critical workloads and applications require constant availability. Dell EMC Networking offers tools to help you monitor and troubleshoot problems before they happen.
* 1 1 1 1 1 1 S4048T-ON S4048T-ON-PWR-1-UNKNOW S4048T-ON-FANTRAY-1 S4048T-ON-FANTRAY-2 S4048T-ON-FANTRAY-3 S4048T-ON-FANTRAY-4 0YVCK0 X01 061DJT 061DJT 061DJT 061DJT X01 X01 X01 X01 TW-0YVCK0-28298-615-0023 ---TW-061DJT-28298-615-0089 TW-061DJT-28298-615-0090 TW-061DJT-28298-615-0091 TW-061DJT-28298-615-0092 Boot partition and image Display system boot partition–related and image-related information. • View all boot information in EXEC mode. show boot • View boot details in EXEC mode.
1 root 2 root 3 root 5 root 7 root 8 root 10 root 11 root 12 root 13 root 14 root 15 root 16 root 17 root 19 root 20 root 21 root 22 root 23 root 24 root 25 root --more-- 20 20 20 0 20 20 20 20 20 rt rt rt rt 20 0 0 20 0 20 0 25 0 0 0 -20 0 0 0 0 0 0 0 0 0 0 -20 -20 0 -20 0 -20 5 112100 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 5840 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 3032 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 S S S S R S S S S S S S S S S S S S S S S 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.
Capture packets from Ethernet interface $ tcpdump -i e101-003-0 tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on e101-003-0, link-type EN10MB (Ethernet), capture size 262144 bytes 01:39:22.457185 IP 3.3.3.1 > 3.3.3.4: ICMP echo request, id 5320, seq 26, length 64 01:39:22.457281 IP 3.3.3.1 > 3.3.3.
When you execute traceroute, the output shows the path a packet takes from your device to the destination IP address. It also lists all intermediate hops (routers) that the packet traverses to reach its destination, including the total number of hops traversed. Check IPv4 connectivity OS10# ping 172.31.1.255 Type Ctrl-C to abort. Sending 5, 100-byte ICMP Echos to 172.31.1.255, timeout is 2 seconds: Reply to request 1 from 172.31.1.208 0 ms Reply to request 1 from 172.31.1.
1 3ffe:501:ffff:100:201:e8ff:fe00:4c8b 000.000 ms 000.000 ms 000.000 ms View diagnostics View system diagnostic information using show commands. The show hash-algorithm command is used to view the current hash algorithms configured for LAG and ECMP.
View system information OS10# show system System Information -------------------------------------------Node Id: 1 MAC: ec:f4:bb:fc:66:a3 Number of MACs: 129 Vendor: DELL Product: S6000-ON -- Stack -Unit Status Up time Down Reason -------------------------------------------1 up -- Power Supplies -PSU-ID Status PowerType AirFlow Fan Speed(rpm) Status ----------------------------------------------------1 up AC NORMAL 1 19872 fail 2 up AC NORMAL 1 19552 up -- Fan Status -FanTray Status AirFlow Fan Speed(rpm) S
location-led system Changes the location LED of the system. Syntax Parameters location-led system {node-id | node-id/unit-id} {on | off} • node-id | node-id/unit-id — Enter the system ID. • on | off — Set the system LED to be on or off. Default Not configured Command Mode EXEC Usage Information Use the location-led system command to change the location LED for the specified system ID. Example OS10# location-led system 1 on OS10# location-led system 1 off Supported Releases 10.3.
• -l preload — (Optional) Enter the number of packets that ping sends before waiting for a reply. Only a super-user may preload more than 3. • -L — (Optional) Suppress the loopback of multicast packets for a multicast target address. • -m mark — (Optional) Tags the packets sent to ping a remote device (use with policy routing). • -M pmtudisc_option — (Optional) Enter the path MTU (PMTU) discovery strategy: • do prevents fragmentation, including local.
ping6 Tests network connectivity to an IPv6 device. Syntax Parameters ping6 [-aAbBdDfhLnOqrRUvV] [-c count] [-i interval] [-I interface] [-l preload] [-m mark] [-M pmtudisc_option] [-N nodeinfo_option] [-p pattern] [-Q tclass] [s packetsize] [-S sndbuf] [-t ttl] [-T timestamp_option] [-w deadline] [-W timeout] destination • -a — (Optional) Audible ping. • -A — (Optional) Adaptive ping.
• -T timestamp option — (Optional) Set special IP timestamp options. Valid values for timestamp option — tsonly (only timestamps), tsandaddr (timestamps and addresses) or tsprespec host1 [host2 [host3 [host4]]] (timestamp pre-specified hops). • -v — (Optional) Verbose output. • -V — (Optional) Display version and exit. • -w deadline — (Optional) Enter the time-out value, in seconds, before the ping exits regardless of how many packets are sent or received.
Active Partition: Active SW Version: Active Kernel Version: Active Build Date/Time: Standby Partition: Standby SW Version: Standby Build Date/Time: Next-Boot: Supported Releases B 10.2.0E Linux 3.16.7-ckt25 2016-10-03T23:11:14Z A 10.2.0E 2016-10-03T23:11:14Z active[B] 10.2.0E or later show diag Displays diagnostic information for port adapters and modules. Syntax show diag Parameters None Default Not configured Command Mode EXEC Usage Information None Example OS10# show diag 00:00.
Parameters None Default Not configured Command Mode EXEC Usage Information None Example OS10# show environment Unit State Temperature ------------------------------------1 up 43 Thermal sensors Unit Sensor-Id Sensor-name Temperature ---------------------------------------------------------1 1 T2 temp sensor 31 1 2 system-NIC temp sensor 21 1 3 Ambient temp sensor 24 1 4 NPU temp sensor 43 Supported Releases 10.2.0E or later show hash-algorithm Displays hash algorithm information.
---------------------------------------------------------------------------------------* 1 S6000-ON 07VJDK A02 CN-07VJDK-28298-52R-0032 5XYK0Z1 129 373 368 1 S6000-ON-PWR-1-AC 0T9FNW A00 CN-0T9FNW-28298-52R-0263 AEIOU## 226 457 410 1 S6000-ON-FANTRAY-1 0MGDH8 A00 CN-0MGDH8-28298-52R-0394 AEIOU## 226 457 410 1 S6000-ON-FANTRAY-2 0MGDH8 A00 CN-0MGDH8-28298-52R-0394 AEIOU## 226 457 410 1 S6000-ON-FANTRAY-3 0MGDH8 A00 CN-0MGDH8-28298-52R-0392 AEIOU## 226 457 410 Supported Releases 10.2.
1019 root OS10# Supported Releases 20 0 1829416 256080 73508 S 6.6 6.4 1212:36 base_nas 10.3.0E or later show system Displays system information. Syntax show system [brief | node-id] Parameters • brief — View abbreviated list of system information. • node-id — Node ID number.
Interface Breakout capable Breakout state ----------------------------------------------------Eth 1/1/1 Yes BREAKOUT_1x1 Eth 1/1/2 Yes BREAKOUT_1x1 Eth 1/1/3 Yes BREAKOUT_1x1 Eth 1/1/4 Yes BREAKOUT_1x1 Eth 1/1/5 Yes BREAKOUT_1x1 Eth 1/1/6 Yes BREAKOUT_1x1 Eth 1/1/7 Yes BREAKOUT_1x1 Eth 1/1/8 Yes BREAKOUT_1x1 Eth 1/1/9 Yes BREAKOUT_1x1 Eth 1/1/10 Yes BREAKOUT_1x1 Eth 1/1/11 Yes BREAKOUT_1x1 Eth 1/1/12 Yes BREAKOUT_1x1 Eth 1/1/13 No BREAKOUT_1x1 Eth 1/1/14 No BREAKOUT_1x1 Eth 1/1/15 No BREAKOUT_1x1 Eth 1/1/16
traceroute Displays the routes that packets take to travel to an IP address. Syntax traceroute host [-46dFITnreAUDV] [-f first_ttl] [-g gate,...] [-i device] [-m max_ttl] [-N squeries] [-p port] [-t tos] [-l flow_label] [-w waittime] [-q nqueries] [-s src_addr] [-z sendwait] [--fwmark=num] host [packetlen] Parameters • host — Enter the host to trace packets from. • -i interface — (Optional) Enter the IP address of the interface through which traceroute sends packets.
ms 3.243 ms 7 0.xe-7-0-1.XL3.SJC7.ALTER.NET (152.63.48.254) 3.915 ms 3.603 ms 3.790 ms 8 TenGigE0-4-0-5.GW6.SJC7.ALTER.NET (152.63.49.254) 11.781 ms 10.600 ms 9.402 ms 9 23.73.112.54 (23.73.112.54) 3.606 ms 3.542 ms 3.773 ms Example (IPv6) OS10# traceroute 20::1 traceroute to 20::1 (20::1), 30 hops max, 80 byte packets 1 20::1 (20::1) 2.622 ms 2.649 ms 2.964 ms Supported Releases 10.2.0E or later Password recovery You may need to recovery your lost password. 1 Connect to the serial console port.
ONIE Rescue bypasses the installed operating system and boots the system into ONIE until you reboot the system. After ONIE Rescue completes, the system resets and boots to the ONIE console. 1 Use the up and down arrows to select the ONIE: Rescue, then press Enter. The highlight entry (*) runs automatically in the operating system.
2 (Optional) Configure the SupportAssist server URL or IP address in SUPPORT-ASSIST mode. server url server-url 3 (Optional) Configure the contact information for your company in SUPPORT-ASSIST mode. contact-company name {company-name} 4 (Optional) Configure a proxy to reach the SupportAssist server in SUPPORT-ASSIST mode.
2 (Optional) Configure address information in SUPPORT-ASSIST mode. Use the no address command to remove the configuration. address city name state name country name zipcode number 3 (Optional) Configure street address information in SUPPORT-ASSIST mode. Use double quotes to add spaces within an address. Use the no street-address command to remove the configuration.
Configure activity schedule for full transfer OS10# OS10# OS10# OS10# support-assist-activity support-assist-activity support-assist-activity support-assist-activity full-transfer full-transfer full-transfer full-transfer schedule schedule schedule schedule daily hour 22 min 50 weekly day-of-week 6 hour 22 min 30 monthly day 15 hour 12 min 30 yearly month 6 day 12 hour 6 min 30 Set default activity schedule OS10(conf-support-assist)# no support-assist-activity full-transfer schedule View status Displa
View EULA license OS10# show support-assist eula I accept the terms of the license agreement. You can reject the license agreement by configuring this command 'eula-consent support-assist reject.' By installing SupportAssist, you allow Dell to save your contact information (e.g. name, phone number and/or email address) which would be used to provide technical support for your Dell products and services. Dell may use the information for providing recommendations to improve your IT infrastructure.
contact-company Configures the company contact information. Syntax contact-company name Parameters name — Enter the contact company name (up to 140 characters). Default Not configured Command Mode SUPPORT-ASSIST Usage Information You can enter only one contact-company, and use double quotes to enclose additional contact information. The no version of this command removes the configuration.
Supported Releases 10.2.0E or later eula-consent Accepts or rejects the SupportAssist end-user license agreement (EULA). Syntax eula—consent {support-assist} {accept | reject} Parameters • support-assist — Enter to accept or reject the EULA for the service. • accept — Enter to accept the EULA-consent. • reject — Enter to reject EULA-consent. Default Not configured Command Mode CONFIGURATION Usage Information If you reject the end-user license agreement, you cannot access Configuration mode.
Parameters • ipv4-address— Enter the IPv4 address of the proxy server in a dotted decimal format (A.B.C.D). • number — Enter the port number (0 to 65535). Default Not configured Command Mode SUPPORT-ASSIST Usage Information You cannot use an IPv6 address with this command. Example OS10(conf-support-assist)# proxy-server ip 10.1.1.5 port 701 Supported Releases 10.2.0E or later server url Configures the domain or IP address of the remote SupportAssist server.
information, host/server configuration & performance information and related data ("Collected Data") and transmits this information to Dell, Inc. By downloading SupportAssist and agreeing to be bound by these terms and the Dell, Inc. end user license agreement, available at: www.dell.com/aeula, you agree to allow Dell, Inc. to provide remote monitoring services of your IT environment and you give Dell, Inc. the right to collect the Collected Data in accordance with Dell, Inc.
Scheduled Activity List : Activity Schedule Schedule created on ------------------------------------------------------------full-transfer weekly: on sun at 00:00 Sep 12,2016 18:57:40 Activity Status : Activity Status last start last success ------------------------------------------------------------------------coredump-transfer success Sep 12,2016 20:48:41 Sep 12,2016 20:48:42 event-notification success Sep 12,2016 20:51:51 Sep 12,2016 20:51:51 full-transfer success Sep 12,2016 20:30:28 Sep 12,2016 20:30:5
• month number — Enter the keyword and number of the month to schedule the yearly task (1 to 12). • day number — Enter the keyword and the number of the day to schedule the monthly task (1 to 31). Default Weekly on Sunday at midnight (hour 0 minute 0) Command Mode EXEC Usage Information The no version of this command removes the schedule activity. Example OS10# support-assist-activity full-transfer schedule daily hour 22 min 50 Supported Releases 10.2.
Support bundle generation start event Apr 19 bundle Apr 19 bundle 16:57:55: execution 16:57:55: execution %Node.1-Unit.1:PRI:OS10 %log-notice:SUPPORT_BUNDLE_STARTED: generate supporthas started successfully:All Plugin options disabled %Node.1-Unit.1:PRI:OS10 %log-notice:SUPPORT_BUNDLE_STARTED: generate supporthas started successfully:All Plugin options enabled sosreport generation start event May 11 22:9:43: collection task May 11 22:9:43: collection task %Node.1-Unit.
• Major — A major error occurred and requires escalation or notification. For example, a major alarm may trigger if an interface failure occurs, such as a port-channel being down. • Minor — A minor error or non-critical condition occurred that, if left unchecked, might cause system service interruption or performance degradation. A minor alarm requires monitoring or maintenance. • Informational — An informational error occurred but does not impact performance.
Enable server logging for log notice OS10(config)# logging server dell.com severity log-notice View system logs The system log-file contains system event and alarm logs. Use the show trace command to view the current syslog file. All event and alarm information is sent to the syslog server, if one is configured. The show logging command accepts the following parameters: • • log-file — Provides a detailed log including both software and hardware saved to a file.
dn_issu dn_l2_services dn_l2_services_ dn_l2_services_ dn_l2_services_ dn_l2_services_ dn_l3_core_serv dn_l3_service dn_lacp dn_lldp dn_mgmt_entity_ --More-- Environmental monitoring Monitors the hardware environment to detect temperature, CPU, and memory utilization.
Alarm commands alarm clear Clears the alarm based on the alarm index for a user-clearable alarm (a transient alarm). Syntax alarm clear alarm-index Parameters clear alarm-index — Enter the alarm ID to clear the alarm. Default Not configured Command Mode EXEC Usage Information Use the show alarm index command to view a list of alarm IDs. Example OS10# alarm clear 200 Supported Releases 10.2.0E or later show alarms Displays all current active system alarms.
Example OS10# show alarms details Active-alarm details - 0 ------------------------------------------Index: 0 Sequence Number: 1 Severity: critical Type: 1081367 Source: Node.1-Unit.1 Name: EQM_THERMAL_CRIT_CROSSED Description: Raise-time: Sep 20 0:1:5 Clear-time: New: true State: raised ------------------------------------------Active-alarm details - 1 ------------------------------------------Index: 1 Sequence Number: 5 Severity: warning Type: 1081364 Source: Node.1-Unit.
Supported Releases 10.2.0E or later show alarms index Displays information about a specific alarm using the alarm ID. Syntax show alarms index alarm-id Parameters index alarm-id — Enter the keyword and the alarm ID to view specific information. Default Not configured Command Mode EXEC Usage Information Use the alarm-id to clear and view alarm details.
Source: Name: Description: Raise-time: Clear-time: New: State: Example (Critical) Node.1-Unit.1 EQM_THERMAL_WARN_CROSSED Sep 20 0:16:52 true raised OS10# show alarms severity critical Active-alarm details - 0 ------------------------------------------Index: 0 Sequence Number: 1 Severity: critical Type: 1081367 Source: Node.1-Unit.1 Name: EQM_THERMAL_CRIT_CROSSED Description: Raise-time: Sep 20 0:1:5 Clear-time: New: true State: raised Supported Releases 10.2.
clear logging Clears messages in the logging buffer. Syntax clear logging log-file Parameters None Default Not configured Command Mode EXEC Usage Information None Example OS10# clear logging log-file Proceed to clear the log file [confirm yes/no(default)]: Supported Releases 10.2.0E or later logging console Disables, enables, or configures the minimum severity level for logging to the console.
logging enable Enables system logging. Syntax logging enable To disable the logging capability, use the no logging enable command. Parameters None Default Enabled Command Mode CONFIGURATION Usage Information The no version of this command disables all logging. Example OS10(config)# logging enable Supported Releases 10.2.0E or later logging log-file Disables, enables, or sets the minimum severity level for logging to the logfile.
logging monitor Set the minimum severity level for logging to the terminal lines. Syntax logging monitor severity severity-level To reset the monitor severity to the default level, use the no logging monitor severity command. The default severity level is log-notice. Parameters severity-level — Set the minimum logging severity level: • log-emerg — Set the system as unusable. • log-alert — Set to immediate action is needed. • log-crit — Set to critical conditions.
Defaults Log-notice Command Mode CONFIGURATION Usage Information Starting from 10.3.0E or later, this command supports IPv6 addresses. The previous versions support only IPv4 addresses. The no version of this command deletes the syslog server. Example OS10(config)# logging server dell.com severity log-info OS10(config)# logging server fda8:6c3:ce53:a890::2 Supported Releases 10.2.0E or later show logging Displays system logging messages by log-file, process-names, or summary.
show trace Displays trace messages. Syntax show trace [number-lines] Parameters number-lines — (Optional) Enter the number of lines to include in log messages (1 to 65535). Default Enabled Command Mode EXEC Usage Information The output from this command is the /var/log/syslog file. Example OS10# show trace May 23 17:10:03 OS10 base_nas: [NETLINK:NHEVENT]:ds_api_linux_neigh.
CAUTION: Changing the system state from the Linux shell can result in undesired and unpredictable system behavior. Only use Linux shell commands to display system state and variables, or as instructed by Dell Support. OS10 login: linuxadmin Password: linuxadmin >> only for first-time login You are required to change your password immediately (root enforced) Changing password for linuxadmin.
Installation How do I configure a default management route? Although the default management route was configured during installation, you can use the route add default gw command from the Linux shell to configure the default management IP address for routing. SupportAssist requires the default management route is configured to work properly, as well as DNS configured and a route to a proxy server (see Configure SupportAssist and proxy-server).
Security How do I add new users? Use the username commands to add new users. Use the show users command to view a list of current users. How do I view RADIUS transactions to troubleshoot problems? Use the debug radius command. How do I view the current DHCP binding information? Use the show ip dhcp binding command. Layer 2 How do I view the VLAN running configuration? Use the show vlan command to view all configured VLANs.
Use the show version command to view the currently running software version. How can I troubleshoot SNMP operation? Use the show ip traffic command to view IP and ICMP statistics. Access control lists How do I setup filters to deny or permit packets from on IPv4 or IPv6 address? Use the deny or permit commands to create ACL filters. How do I clear access-list counters? Use the clear ip access-list counters, clear ipv6 access-list counters, or clear mac access-list counters commands.
• % Warning: Not enough buffers are available, for lossy traffic. Expect lossy traffic drops, else reconfigure the pause buffers Monitoring How can I check if SupportAssist is enabled? Use the show support-assist status command to view current configuration information. How can I view a list of alarms? Use the show alarms details to view a list of all system alarms. How do I enable or disable system logging? Use the logging enable command or the logging disable command.
13 Support resources The Dell EMC Support site provides a range of documents and tools to assist you with effectively using Dell EMC devices. Through the support site you can obtain technical information regarding Dell EMC products, access software upgrades and patches, download available management software, and manage your open cases. The Dell EMC support site provides integrated, secure access to these services. To access the Dell EMC Support site, go to www.dell.com/support/.
