Dell Networking FTOS Command Line Reference Guide for the MXL 10/40GbE Switch IO Module Versions: 9.2(0.0) and 9.2(0.
Notes, Cautions, and Warnings NOTE: A NOTE indicates important information that helps you make better use of your computer. CAUTION: A CAUTION indicates either potential damage to hardware or loss of data and tells you how to avoid the problem. WARNING: A WARNING indicates a potential for property damage, personal injury, or death. Information in this publication is subject to change without notice. © 2013 Dell Inc. All rights reserved.
1 About this Guide . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11 Objectives . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11 Audience . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11 Conventions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
www.dell.com | support.dell.com 5 802.1X . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 85 Important Points to Remember . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .86 6 Access Control Lists (ACL) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 101 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
DCBX Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .254 12 Debugging and Diagnostics. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 287 Offline Diagnostic Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .287 Important Points to Remember . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .287 Buffer Tuning Commands . . . . . . . . . . . . .
www.dell.com | support.dell.com 20 Interfaces. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 375 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 375 Basic Interface Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .375 Port Channel Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
29 Link Layer Discovery Protocol (LLDP). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 575 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 575 Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 575 LLDP-MED Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
www.dell.com | support.dell.com 38 Per-VLAN Spanning Tree Plus (PVST+) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 741 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 741 Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 741 39 Quality of Service (QoS) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
46 Simple Network Management Protocol (SNMP) and Syslog. . . . . . . . . . . . . . . . 877 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 877 SNMP Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .877 Important Points to Remember . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .878 Syslog Commands . . . . . . . . . . . . . . . . . . .
www.dell.com | support.dell.com 56 Virtual Router Redundancy Protocol (VRRP) . . . . . . . . . . . . . . . . . . . . . . . . . . . 989 10 IPv4 VRRP Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .989 VRRP for IPv6 Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1001 57 Internet Control Message Protocol (ICMP) Message Types . . . . . . . . . . . . . . . 1005 58 SNMP Traps . . . . . . . . . . . . . . . .
1 About this Guide This book provides information about the Dell Networking operating software (FTOS) command line interface (CLI). It includes some information about the protocols and features found in FTOS and on the Dell Networking systems supported by FTOS.
www.dell.com | support.dell.com x|y Keywords and parameters separated by bar require you to choose one. x || y Keywords and parameters separated by a double bar enables you to choose any or all of them. Information Symbols Table 1-1 describes the symbols contained in this document. Table 1-1. Symbol Information Symbols Brief Description Note This symbol signals important operational information.
2 CLI Basics This chapter describes the command structure and command modes. The Dell Networking operating software (FTOS) commands are in a text-based interface that allows you to use launch commands, change the command modes, and configure interfaces and protocols.
www.dell.com | support.dell.com Multiple Configuration Users When a user enters CONFIGURATION mode and another user(s) is already in that configuration mode, FTOS generates an alert warning message similar to Figure 2-2: Figure 2-2. Configuration Mode User Alert FTOS#conf % Warning: The following users are currently configuring the system: User User User User "" on line "admin" on "admin" on "Irene" on console0 line vty0 ( 123.12.1.123 ) line vty1 ( 123.12.1.123 ) line vty3 ( 123.12.1.
Table 2-1.
www.dell.com | support.dell.com Figure 2-3 shows the results of entering ip ? at the prompt. Figure 2-3.
Use the left and right arrow keys to navigate left or right in the FTOS command line. Table 2-2 defines the key combinations valid at the FTOS command line. Table 2-2. Short-cut Keys and their Actions Key Combination Action CNTL-A Moves the cursor to the beginning of the command line. CNTL-B Moves the cursor back one character. CNTL-D Deletes character at cursor. CNTL-E Moves the cursor to the end of the line. CNTL-F Moves the cursor forward one character. CNTL-I Completes a keyword.
www.dell.com | support.dell.com • • no-more — do not paginate the display output save — copy output to a file for future use Note: FTOS accepts a space before or after the pipe, no space before or after the pipe, or any combination. For example: FTOS#command | grep tengigabit |except regular-expression | find regular-expression The grep command option has an ignore-case sub-option that makes the search case-insensitive.
EXEC Privilege Mode The enable command accesses EXEC Privilege mode. If an administrator has configured an Enable password, you are prompted to enter the password here. EXEC Privilege mode allows you to access all commands accessible in EXEC mode, plus other commands, such as to clear ARP entries and IP addresses. In addition, you can access CONFIGURATION mode to configure interfaces, routes, and protocols on the switch. While you are logged in to EXEC Privilege mode, the # prompt displays.
www.dell.com | support.dell.com LINE Mode Use LINE mode to configure console or virtual terminal parameters. To enter LINE mode: 1. 2. Verify that you are logged in to CONFIGURATION mode. Enter the line command. You must include the keywords console or vty and their line number available on the switch.The prompt changes to include (config-line-console) or (config-line-vty). You can exit this mode by using the exit command.
PREFIX-LIST Mode While in CONFIGURATION mode, use the ip prefix-list command to enter PREFIX-LIST mode and configure a prefix list. To enter PREFIX-LIST mode: 1. 2. Verify that you are logged in to CONFIGURATION mode. Enter the ip prefix-list command. You must include a name for the prefix list. The prompt changes to include (conf-nprefixl). You can return to CONFIGURATION mode by use the exit command.
www.dell.com | support.dell.com MULTIPLE SPANNING TREE Mode Use MULTIPLE SPANNING TREE mode to enable and configure the multiple spanning tree protocol (MSTP), as described in Multiple Spanning Tree Protocol (MSTP). To enter MULTIPLE SPANNING TREE mode: 1. 2. Verify that you are logged into CONFIGURATION mode. Enter the protocol spanning-tree mstp command. You can return to CONFIGURATION mode by using the exit command.
3 File Management Overview This chapter contains commands needed to manage the configuration files and includes other file management commands found in the Dell Networking operating software (FTOS).
www.dell.com | support.dell.com cd Change to a different working directory. Syntax Parameters cd directory directory (OPTONAL) Enter one of the following: • • Command Modes EXEC Privilege Command History Version 8.3.16.1 flash: (internal Flash) or any sub-directory usbflash: (external Flash) or any sub-directory Introduced on MXL 10/40GbE Switch IO Module copy Copy one file to another location. FTOS supports IPv4 addressing for FTP, TFTP, and SCP (in the hostip field).
FTOS supports copying the running-configuration to a TFTP server or to an FTP server: copy running-config tftp: copy running-config ftp: Example Figure 3-1. copy running-config scp: Command Example FTOS#copy running-config scp: Address or name of remote host []: 10.10.10.
www.dell.com | support.dell.com delete Delete a file from the flash. Once deleted, files cannot be restored. Syntax Parameters delete flash: ([flash://]filepath) usbflash ([usbflash://]filepath) flash-url Enter the following location and keywords: • • no-confirm For a file or directory on the internal Flash, enter flash:// followed by the filename or directory name. For a file or directory on the external Flash, enter usbflash:// followed by the filename or directory name.
format flash Erase all existing files and reformat the filesystem in the internal flash memory. After the filesystem is formatted, files cannot be restored. Syntax format {flash: | usbflash:} Default flash memory Command Modes EXEC Privilege Command History Version 8.3.16.1 Usage Information Introduced on MXL 10/40GbE Switch IO Module You must include the colon (:) when entering this command. Caution: This command deletes all files, including the startup configuration file.
www.dell.com | support.dell.com logging coredump server Designate a server to upload core dumps. Syntax Parameters logging coredump server {ipv4-address} username name password [type] password {ipv4-address} Enter the server IPv4 address (A.B.C.D) name Enter a username to access the target server. type Enter the password type: • • password Defaults Command Modes Command History Usage Information Enter 0 to enter an unencrypted password.
rename Rename a file in the local file system. Syntax Parameters rename url url url Enter the following keywords and a filename: • • Command Modes EXEC Privilege Command History Version 8.3.16.1 For a file on the internal Flash, enter flash:// followed by the filename. For a file on the external Flash, enter usbflash:// followed by the filename. Introduced on MXL 10/40GbE Switch IO Module show boot system Displays information about boot images currently configured on the system.
www.dell.com | support.dell.com show file Display contents of a text file in the local filesystem. Syntax Parameters show file url url Enter one of the following: • For a file on the internal Flash, enter flash:// followed by the filename. • For a file on the external Flash, enter usbflash:// followed by the filename. Command Modes EXEC Privilege Command History Version 8.3.16.1 Example Figure 3-6.
Example Figure 3-7. show file-system Command Example FTOS#show file-systems Size(b) 2143281152 15848660992 FTOS# Table 3-1. Free(b) 2000936960 831594496 - Feature Type FAT32 USERFLASH FAT32 USBFLASH network network network Flags rw rw rw rw rw Prefixes flash: usbflash: ftp: tftp: scp: show file-systems Command Output Fields Field Description Size(b) Lists the size in bytes of the storage location. If the location is remote, no size is listed.
www.dell.com | support.dell.com Command History Usage Information Example Version 8.3.16.1 Introduced on MXL 10/40GbE Switch IO Module Note: A filepath that contains a dot (.) is not supported. Figure 3-8.
show running-config Display the current configuration and display changes from the default values. Syntax Parameters show running-config [entity] [configured] [status] entity (OPTIONAL) Enter one of the keywords listed below to display that entity’s current (non-default) configuration.
www.dell.com | support.dell.
Example Figure 3-9. show running-config Command Example (Partial) FTOS#show running-config Current Configuration ... ! Version E8-3-16-29 ! Last configuration change at Thu Apr 26 19:19:21 2012 by admin ! Startup-config last updated at Thu Apr 26 19:19:04 2012 by default ! boot system stack-unit 0 primary system: A: boot system stack-unit 0 secondary tftp://10.11.200.241/dt-m1000e-5-c2 boot system gateway 10.11.209.
www.dell.com | support.dell.com Example Figure 3-11. show startup-config Command Example (Partial) FTOS#show startup-config ! Version E8-3-16-29 ! Last configuration change at Thu Apr 26 19:19:02 2012 by default ! Startup-config last updated at Thu Apr 26 19:19:04 2012 by default ! boot system stack-unit 0 primary system: A: boot system stack-unit 0 secondary tftp://10.11.200.241/ dt-m1000e-5-c2 boot system gateway 10.11.209.
Table 3-2. show version Command Fields Lines beginning with Description Dell Force10 Application... Software version Copyright (c)... Copyright information Build Time... Software build’s date stamp Build Path... Location of the software build files loaded on the system Dell Force10 uptime is... Amount of time the system has been up System image... Image file name Chassis Type: System type (MXL 10/40GbE) Control Processor:... Control processor information and amount of memory on processor.
www.dell.com | support.dell.com Defaults none Command Modes EXEC Privilege Command History Version 8.3.16.1 Usage Information Example Introduced on MXL 10/40GbE Switch IO Module You must reload FTOS after executing this command. Figure 3-13. upgrade boot Command Example FTOS#upgrade boot ? all bootflash-image bootselector-image FTOS# Upgrade both boot flash image and selector image Upgrade boot flash image Upgrade boot selector image upgrade system Upgrade the bootflash image or system image.
Usage Information Example You must reload FTOS after executing this command. Use the command upgrade system stack-unit to copy FTOS from the management unit to one or more stack members. Figure 3-14.
| File Management www.dell.com | support.dell.
4 Control and Monitoring This chapter describes control and monitoring for the MXL 10/40GbE Switch IO Module.
www.dell.com | support.dell.com asset-tag Assign and store a unique asset-tag to the stack member. Syntax asset-tag stack-unit unit id Asset-tag ID To remove the asset tag, use no stack-unit unit-id Asset-tag ID command. Parameters Defaults Command Modes Command History Related Commands stack-unit unit-id Enter the keyword stack-unit followed by the unit-id to assign a tag to the specific member. The range is from 0 to 5. Asset-tag ID Enter a unique asset-tag ID to assign to the stack member.
banner exec Configure a message that is displayed when a user enters EXEC mode. Syntax Parameters Defaults Command Modes banner exec c line c c Enter the keywords banner exec, and then enter a character delineator, represented here by the letter c, and press ENTER. line Enter a text string for your banner message ending the message with your delineator. In the example below, the delineator is a percent character (%); the banner message is “testing, testing”. No banner is displayed.
www.dell.com | support.dell.com Syntax Parameters banner login {keyboard-interactive | no keyboard-interactive} [c line c] keyboard-interactive Enter this keyword to require a carriage return (CR) to get the message banner prompt. c Enter a delineator character to specify the limits of the text banner. In Figure 4-2, the % character is the delineator character. line Enter a text string for your text banner message ending the message with your delineator.
Parameters Defaults Command Modes Enter a delineator character to specify the limits of the text banner. In the above figures, the % character is the delineator character. line Enter a text string for your message of the day banner message ending the message with your delineator. In the example figures above, the delineator is a percent character (%). No banner is configured. CONFIGURATION Command History Usage Information c Version 8.3.16.1 Introduced on the MXL 10/40GbE Switch IO Module.
www.dell.com | support.dell.com clear line Reset a terminal line. Syntax Parameters clear line {line-number | console 0 | vty number} line-number Enter a number for one of the 12 terminal lines on the system. Range: 0 to 11. console 0 Enter the keyword console 0 to reset the Console port. vty number Enter the keyword vty followed by a number to clear a Terminal line. Range: 0 to 9 Command Modes EXEC Privilege Command History Version 8.3.16.1 Introduced on the MXL 10/40GbE Switch IO Module.
Usage Information This command enables (and disables) the collection of CPU traffic statistics from the time this command is executed (not from system boot). However, excessive traffic received by a CPU automatically triggers (turns on) the collection of CPU traffic statistics. Use the show cpu-traffic-stats to view the traffic statistics.
www.dell.com | support.dell.com Defaults Command Modes none CONFIGURATION INTERFACE Command History Usage Information Example Version 8.3.16.1 Introduced on the MXL 10/40GbE Switch IO Module. The following commands are not supported by the do command: • • • • enable disable exit config Figure 4-4.
enable optic-info-update interval Enable polling intervals of optical information updates for SNMP. Syntax enable optical-info-update interval seconds To disable optical power information updates, use the no enable optical-info-update interval command. Parameters Defaults Command Modes Disabled CONFIGURATION Command History Usage Information Enter the keyword interval followed by the polling interval in seconds. Range: 120 to 6000 seconds Default: 300 seconds (5 minutes) interval seconds Version 8.
www.dell.com | support.dell.com exec-banner Enable the display of a text string when the user enters EXEC mode. Syntax Defaults Command Modes Command History Usage Related Commands exec-banner Enabled on all lines (if configured, the banner appears). LINE Version 8.3.16.1 Introduced on the MXL 10/40GbE Switch IO Module. Optionally, use the banner exec command to create a text string that is displayed when the user accesses EXEC mode. This command toggles that display.
exit Return to the lower command mode. Syntax Command Modes Command History Related Commands exit • • • • • • • • • • • • EXEC Privilege CONFIGURATION LINE INTERFACE PROTOCOL GVRP SPANNING TREE MULTIPLE SPANNING TREE MAC ACCESS LIST ACCESS-LIST PREFIX-LIST ROUTER OSPF ROUTER RIP Version 8.3.16.1 end Introduced on the MXL 10/40GbE Switch IO Module. Returns to EXEC Privilege command mode. ftp-server enable Enable FTP server functions on the system.
www.dell.com | support.dell.com Example Figure 4-6. Logging on to an FTP Server Example morpheus% ftp 10.31.1.111 Connected to 10.31.1.111. 220Dell Networking (1.0) FTP server ready Name (10.31.1.
ftp-server username Create a user name and associated password for incoming FTP server sessions. Syntax Parameters ftp-server username username password [encryption-type] password username Enter a text string up to 40 characters long as the user name. password password Enter the keyword password followed by a string up to 40 characters long as the password. Without specifying an encryption type, the password is unencrypted.
www.dell.com | support.dell.com ip ftp password Specify a password for outgoing FTP connections. Syntax Parameters ip ftp password [encryption-type] password encryption-type (OPTIONAL) Enter one of the following numbers: • • password Defaults Command Modes Command History Usage Information 0 (zero) for an unecrypted (clear text) password 7 (seven) for hidden text password Enter a string up to 40 characters as the password. Not configured. CONFIGURATION Version 8.3.16.
Related Commands copy Copies files from and to the switch. ip ftp username Assign a user name for outgoing FTP connection requests. Syntax Parameters Defaults Command Modes Command History Usage Information Related Commands ip ftp username username username Enter a text string as the user name up to 40 characters long. No user name is configured. CONFIGURATION Version 8.3.16.1 Introduced on the MXL 10/40GbE Switch IO Module. You must also configure a password with the ip ftp password command.
www.dell.com | support.dell.com ip telnet source-interface Set an interface’s IP address as the source address in outgoing packets for Telnet sessions. Syntax Parameters ip telnet source-interface interface interface Enter the following keywords and slot/port or number information: • • • • • Defaults Command Modes Command History Related Commands For Loopback interfaces, enter the keyword loopback followed by a number from zero (0) to 16383.
line Enable and configure console and virtual terminal lines to the system. This command accesses LINE mode, where you can set the access conditions for the designated line. Syntax Parameters Defaults Command Modes Command History Usage Information Related Commands line {console 0 | vty number [end-number]} console 0 Enter the keyword console 0 to configure the console port. The console option is <0-0>.
www.dell.com | support.dell.com Parameter host (OPTIONAL) Enter the host name of the devices to which you are testing connectivity. ip-address (OPTIONAL) Enter the IPv4 address of the device to which you are testing connectivity. The address must be in the dotted decimal format. count Enter the number of echo packets to be sent. number: 1- 2147483647 Continuous: transmit echo request continuously Default: 5 datagram size Enter the ICMP datagram size.
sweep-interval Enter the incremental value for sweep size. 1-15308 seconds ointerface Enter the outgoing interface for multicast packets. • • • • • Defaults Command Modes Enter the IP address in A.B.C.D format For a Port Channel, enter the keyword port-channel followed by a number: 1-128 For a 10-Gigabit Ethernet interface, enter the keyword TenGigabitEthernet followed by the slot/port information. For a 40-Gigabit Ethernet interface, enter the keyword fortyGigE followed by the slot/port information.
www.dell.com | support.dell.com Usage Information Related Commands If there is a change in the configuration, FTOS prompts you to save the new configuration. Or you can save your running configuration with the copy running-config command. redundancy disable-auto-reboot Resets any designated stack member except the management unit. send Send messages to one or all terminal line users.
Defaults Command Modes Not configured. CONFIGURATION Command History Usage Information Version 8.3.16.1 Introduced on the MXL 10/40GbE Switch IO Module. If you do not specify parameters and enter service timestamps, it appears as service timestamps debug uptime in the running-configuration. Use the show running-config command to view the current options set for the service timestamps command. show alarms View alarms.
www.dell.com | support.dell.com Usage Information Example One trace log message is generated for each command. No password information is saved to this file. Figure 4-9. show command-history Command Example FTOS#show command-history [4/20 10:27:23]: CMD-(CLI):[enable]by default from console [4/20 10:27:23]: CMD-(CLI):[configure terminal]by default from console - Repeated 1 time. [4/20 10:27:23]: CMD-(CLI):[snmp-server community public ro]by default from console [4/20 10:27:23]: CMD-(CLI):[logging 172.
Usage Information Example Reload the system to reset the command-tree counters. Figure 4-10. show command-tree Command Example FTOS#show command-tree count ! Enable privilege mode: calendar set hh:mm:ss <1-31> <1993-2035> <1-31> <1993-2035> command usage:5 option usage: option usage: option usage: option usage: option usage: option usage: option usage: option usage: clear arp-cache command usage:2 clear ip dhcp binding A.B.C.
www.dell.com | support.dell.com Command History Example Version 8.3.16.1 Figure 4-11. Introduced on the MXL 10/40GbE Switch IO Module.
Parameters Command Modes all Enter the keyword all to view all components. stack-unit unit-id Enter the keyword stack-unit followed by the unit-id to display information on a specific stack member. Range: 0 to 5. thermal sensor Enter the keyword thermal-sensor to view all components. EXEC EXEC Privilege Command History Usage Information Example Version 8.3.16.1 Introduced on the MXL 10/40GbE Switch IO Module.
www.dell.com | support.dell.com show inventory Displays the switch type, components (including media), FTOS version including hardware identification numbers and configured protocols. Syntax Parameters Defaults Command Modes Command History Usage Example 1 show inventory [media slot] media slot (OPTIONAL) Enter the keyword media followed by the stack ID of the stack member for which you want to display pluggable media inventory. none EXEC Version 8.3.16.
Related Commands show interfaces Display information on a specific physical interface or virtual interface. show interfaces transceiver Displays the physical status and operational status of an installed transceiver. The output also displays the transceiver’s serial number. show memory View current memory usage on the MXL switch.
www.dell.com | support.dell.com Command Modes summary (OPTIONAL) Enter the keyword summary to view a summary view of CPU usage for all members of the stack. See Example 1. ipc (OPTIONAL) Enter the keyword ipc to display inter-process communication statistics. memory (OPTIONAL) Enter the keyword memory to display memory statistics. See Example 4. EXEC EXEC Privilege Command History Example 1 Version 8.3.16.1 Figure 4-19. Introduced on the MXL 10/40GbE Switch IO Module.
Example 3 Figure 4-21. show processes cpu stack-unit Command Example FTOS#show process cpu stack-unit 0 CPU utilization for five seconds: 4%/0%; one minute: 3%; five minutes: 2% PID Runtime(ms) Invoked uSecs 5Sec 1Min 5Min TTY Process 0x763a7000 96806080 9680608 10000 3.00% 3.25% 2.93% 0 KP 0x760d5000 26384050 2638405 10000 1.00% 0.50% 0.32% 0 frrpagt 0x762da000 491370 49137 10000 0.00% 0.00% 0.00% 0 F10StkMgr 0x762f9000 665580 66558 10000 0.00% 0.00% 0.00% 0 lcMgr 0x7631d000 37580 3758 10000 0.00% 0.
www.dell.com | support.dell.com Example 4 Figure 4-22.
show interfaces stack-unit Displays information on all interfaces on a specific stack member. show processes memory Displays CPU usage information based on running processes show processes ipc flow-control Display the Single window protocol queue (SWPQ) statistics. Syntax Parameters Defaults Command Modes show processes ipc flow-control [cp] cp (OPTIONAL) Enter the keyword cp to view the Control Processor’s SWPQ statistics. none EXEC EXEC Privilege Command History Example 1 Version 8.3.16.
www.dell.com | support.dell.com Table 4-1. Usage Information Description of the show processes ipc flow-control cp output Command Field Description Retr /Available Retra Number of retries left Total/ Max Retra Number of retries allowed The Single window protocol (SWP) provides flow control-based reliable communication between the sending and receiving software tasks.
The output of show memory and this command will differ based on which FTOS processes are counted. • • Example In the show memory display output, the memory size is equal to the size of the application processes. In the output of this command, the memory size is equal to the size of the application processes plus the size of the system processes. Figure 4-25.
www.dell.com | support.dell.com Table 4-2. Descriptions of show processes memory output Field Description PID Process ID Process Process Name ResSize Actual resident size of the process in memory Size Process test, stack, and data size Allocs Total dynamic memory allocated Frees Total dynamic memory freed Max Maximum dynamic memory allocated Current Current dynamic memory in use show software ifm Display interface management (IFM) data.
Example Figure 4-27.
www.dell.com | support.dell.com Example Figure 4-28.
Related Commands asset-tag Assign and store unique asset-tag to the stack member. show version Displays the FTOS version. show processes memory Displays the memory usage based on the running processes. show system stack-ports Displays information about the stack ports on all switches in the stack. show hardware stack-unit Displays the data plane and management plane input and output statistics of a particular stack member.
www.dell.com | support.dell.com Examples Figure 4-30.
Figure 4-31.
www.dell.com | support.dell.com This display output is an accumulation of the same information that is displayed when you execute one of the following show commands: • • • • • • • • • • • • • Related Commands show cam show clock show environment show file show interfaces show inventory show ip protocols show ip route summary show processes cpu show processes memory show redundancy show running-conf show version show version Displays the FTOS version. show system Displays the current switch status.
Defaults Command Modes Not configured. EXEC EXEC Privilege Command History Usage Information Version 8.3.16.1 Introduced on the MXL 10/40GbE Switch IO Module. Telnet to link-local addresses is not supported. terminal length Configure the number of lines displayed on the terminal screen. Syntax terminal length screen-length To return to the default values, use the terminal no length command. Parameters screen-length Defaults Command Modes Enter a number of lines.
www.dell.com | support.dell.com Usage Information This command enables XML input mode where you can either cut and paste XML requests or enter the XML requests line-by-line. For more information about using the XML feature, refer to the XML chapter in the FTOS Configuration Guide. traceroute View the packet path to a specific device. Syntax traceroute {host | ip-address} Parameters Defaults Command Modes host Enter the name of device.
undebug all Disable all debug operations on the system. Syntax Defaults undebug all none Command Modes EXEC Privilege Command History Version 8.3.16.1 Introduced on the MXL 10/40GbE Switch IO Module. virtual-ip Configure a virtual IP address for the active management interface. You can configure virtual addresses for IPv4 independently. Syntax Parameters Defaults Command Modes Command History Usage Information Example virtual-ip {ipv4-address} {ipv4-address} Enter the IPv4 address (A.B.C.
www.dell.com | support.dell.com 84 Command Modes EXEC Privilege Command History Version 8.3.16.1 Usage Information | Introduced on the MXL 10/40GbE Switch IO Module. The write memory command saves the running-configuration to the file labeled startup-configuration. When using a LOCAL CONFIG FILE other than the startup-config not named “startup-configuration”, the running-config is not saved to that file; use the copy command to save any running-configuration changes to that local file.
5 802.1X The 802.
www.dell.com | support.dell.com Important Points to Remember FTOS limits network access for certain users by using VLAN assignments. 802.1X with VLAN assignment has these characteristics when configured on the switch and the RADIUS server. • • • • • • • • • 802.1X is supported on C-Series, E-Series, S-Series (S25/S50), S4810, S4820T, and E-Series Terascale. If no VLAN is supplied by the RADIUS server or if 802.
Command History Version 9.2(0.2) Introduced on the MXL 10/40GbE Switch IO Module. Version 8.3.19.0 Introduced on the S4820T. Version 8.3.12.0 Introduced on the S4810. Version 8.4.1.0 Introduced on C-Series and S-Series dot1x auth-fail-vlan Configure an authentication failure VLAN for users and devices that fail 802.1X authentication.
www.dell.com | support.dell.com dot1x auth-server Configure the authentication server to RADIUS. Syntax dot1x auth-server radius Defaults No default behavior or values Command Modes Command History CONFIGURATION Version 9.2(0.2) Introduced on the MXL 10/40GbE Switch IO Module. Version 8.3.19.0 Introduced on the S4820T. Version 8.3.12.0 Introduced on the S4810. Version 7.6.1.0 Introduced on C-Series and S-Series Version 7.4.1.
Related Commands dot1x mac-auth-bypass Enable MAC authentication bypass. dot1x authentication (Configuration) Enable dot1x globally; dot1x must be enabled both globally and at the interface level. Syntax dot1x authentication To disable dot1x on an globally, use the no dot1x authentication command. Defaults Command Modes Command History Related Commands Disabled CONFIGURATION Version 9.2(0.2) Introduced on the MXL 10/40GbE Switch IO Module. Version 8.3.19.0 Introduced on the S4820T. Version 8.3.
www.dell.com | support.dell.com dot1x guest-vlan Configure a guest VLAN for limited access users or for devices that are not 802.1X capable. Syntax dot1x guest-vlan vlan-id To disable the guest VLAN, use the no dot1x guest-vlan vlan-id command. Parameters Defaults Command Modes Command History Usage Information vlan-id Enter the VLAN Identifier. Range: 1 to 4094 Not configured CONFIGURATION (conf-if-interface-slot/port) Version 9.2(0.2) Introduced on the MXL 10/40GbE Switch IO Module. Version 8.3.
Parameters Defaults Command Modes Command History Usage Information single-host Enable single-host authentication. multi-host Enable multi-host authentication. multi-auth Enable multi-supplicant authentication. single-host INTERFACE Version 9.2(0.2) Introduced on the MXL 10/40GbE Switch IO Module. Version 8.3.19.0 Introduced on the S4820T. Version 8.3.12.0 Introduced on the S4810. Version 8.4.1.0 The multi-auth option was introduced on the C-Series and S-Series. Version 8.3.2.
www.dell.com | support.dell.com dot1x max-eap-req Configure the maximum number of times an EAP (Extensive Authentication Protocol) request is transmitted before the session times out. Syntax dot1x max-eap-req number To return to the default, use the no dot1x max-eap-req command. Parameters Defaults Command Modes Command History number Enter the number of times an EAP request is transmitted before a session time-out. Range: 1 to 10 Default: 2 2 INTERFACE Version 9.2(0.
dot1x port-control Enable port control on an interface. Syntax Parameters Defaults Command Modes Command History Usage Information dot1x port-control {force-authorized | auto | force-unauthorized} force-authorized Enter the keyword force-authorized to forcibly authorize a port. auto Enter the keyword auto to authorize a port based on the 802.1X operation result. force-unauthorized Enter the keyword force-unauthorized to forcibly de-authorize a port. No default behavior or values Auto Version 9.2(0.
www.dell.com | support.dell.com dot1x reauthentication Enable periodic re-authentication of the client. Syntax dot1x reauthentication [interval seconds] To disable periodic re-authentication, use the no dot1x reauthentication command. Parameters Defaults Command Modes Command History (Optional) Enter the keyword interval followed by the interval time, in seconds, after which re-authentication will be initiated.
dot1x server-timeout Configure the amount of time after which exchanges with the server time out. Syntax dot1x server-timeout seconds To return to the default, use the no dot1x server-timeout command. Parameters Defaults Command Modes Command History Usage Information seconds Enter a time-out value in seconds. Range: 1 to 300, where 300 is implementation dependant. Default: 30 30 seconds INTERFACE Version 9.2(0.2) Introduced on the MXL 10/40GbE Switch IO Module. Version 8.3.19.
www.dell.com | support.dell.com Defaults Command Modes Command History 30 seconds INTERFACE Version 9.2(0.2) Introduced on the MXL 10/40GbE Switch IO Module. Version 8.3.19.0 Introduced on the S4820T. Version 8.3.12.0 Introduced on the S4810. Version 7.6.1.0 Introduced on C-Series and S-Series Version 7.4.1.0 Introduced on E-Series dot1x tx-period Configure the intervals at which EAPOL PDUs are transmitted by the Authenticator PAE.
Parameters Defaults Command Modes interface Enter one of the following keywords and slot/port or number information: • For a Gigabit Ethernet interface, enter the keyword GigabitEthernet followed by the slot/port information. • For a Fast Ethernet interface, enter the keyword FastEthernet followed by the slot/port information. • For a Ten Gigabit Ethernet interface, enter the keyword TenGigabitEthernet followed by the slot/port information. mac-address (Optional) MAC address of an 802.
www.dell.com | support.dell.com 6 7 1 0 show dot1x interface Display the 802.1X configuration of an interface. Syntax Parameters Defaults Command Modes show dot1x interface interface [mac-address mac-address] interface Enter one of the following keywords and slot/port or number information: • For a Gigabit Ethernet interface, enter the keyword GigabitEthernet followed by the slot/port information. • For a Fast Ethernet interface, enter the keyword FastEthernet followed by the slot/port information.
Quiet Period: ReAuth Max: Supplicant Timeout: Server Timeout: Re-Auth Interval: Max-EAP-Req: Auth Type: 60 seconds 2 30 seconds 30 seconds 3600 seconds 2 SINGLE_HOST Auth PAE State: Backend State: Initialize Initialize FTOS# Example (show dot1x interface mac-address) FTOS#show dot1x interface gig 2/21 mac-address 00:00:01:00:07:00 802.
www.dell.com | support.dell.
6 Access Control Lists (ACL) Overview The Dell Networking operating software (FTOS) supports the following types of access control lists (ACLs), IP prefix lists, and route maps: • • • • • • • • • Commands Common to all ACL Types Common IP ACL Commands Standard IP ACL Commands Extended IP ACL Commands Common MAC Access List Commands Standard MAC ACL Commands Extended MAC ACL Commands IP Prefix List Commands Route Map Commands Note: For ACL commands used in the Trace function, refer to the Secure DHCP Comma
www.dell.com | support.dell.com description Configure a short text string describing the ACL. Syntax Parameters Defaults Command Modes description text text Enter a text string up to 80 characters long. Not enabled. CONFIGURATION-IP ACCESS-LIST-STANDARD CONFIGURATION-IP ACCESS-LIST-EXTENDED CONFIGURATION-MAC ACCESS LIST-STANDARD CONFIGURATION-MAC ACCESS LIST-EXTENDED Command History Version 8.3.16.1 Introduced on MXL 10/40GbE Switch IO Module remark Enter a description for an ACL entry.
Example Figure 6-1. remark Command Example FTOS(conf-std-nacl)#remark 10 Deny rest of the traffic FTOS(conf-std-nacl)#remark 5 Permit traffic from XYZ Inc. FTOS(conf-std-nacl)#show config ! ip access-list standard test remark 5 Permit traffic from XYZ Inc. seq 5 permit 1.1.1.0/24 remark 10 Deny rest of the traffic seq 10 Deny any FTOS(conf-std-nacl)# Related Commands resequence access-list Re-assign sequence numbers to entries of an existing access-list.
www.dell.com | support.dell.com Parameters Defaults Command Modes prefix-list-name Enter the name of configured prefix list, up to 140 characters long. StartingSeqNum Enter the starting sequence number to resequence. Range: 0 to 65535 Step-to-Increment Enter the step to increment the sequence number. Range: 1 to 65535 none EXEC EXEC Privilege Command History Usage Information Version 8.3.16.
The following commands allow you to clear, display, and assign IP ACL configurations. • • • • • access-class clear counters ip access-group ip access-group show ip access-lists show ip accounting access-list Note: See also Commands Common to all ACL Types. access-class Apply a standard ACL to a terminal line. Syntax Parameters Defaults Command Modes Command History access-class access-list-name access-list-name Enter the name of a configured Standard ACL, up to 140 characters. Not configured.
www.dell.com | support.dell.com Defaults Command Modes (OPTIONAL) Enter the keyword implicit-permit to change the default action of the ACL from implicit-deny to implicit-permit (that is, if the traffic does not match the filters in the ACL, the traffic is permitted instead of dropped). vlan vlan-id (OPTIONAL) Enter the keyword vlan followed by the ID numbers of the VLANs. Not enabled. INTERFACE Command History Usage Information implicit-permit Version 8.3.16.
show ip accounting access-list Display the IP access-lists created on the switch and the sequence of filters. Syntax Parameters show ip accounting {access-list access-list-name | cam_count} interface interface access-list-name Enter the name of the ACL to be displayed. cam_count List the count of the CAM rules for this ACL.
www.dell.com | support.dell.com Standard IP ACL Commands When an ACL is created without any rule and then applied to an interface, ACL behavior reflects an implicit permit. The MXL 10/40GbE Switch IO Module platform supports both ingress and egress IP ACLs. The commands needed to configure a Standard IP ACL are: • • • deny ip access-list standard permit Note: See also Commands Common to all ACL Types and Common IP ACL Commands. deny Configure a filter to drop packets with a certain IP address.
Command History Usage Information Version 8.3.16.1 Introduced on MXL 10/40GbE Switch IO Module The order option is relevant in the context of the Policy QoS feature only. For more information, refer to the Quality of Service (QoS) chapter of the FTOS Configuration Guide. In the MXL Switch, you can configure either count (packets) or count (bytes). However, for an ACL with multiple rules, you can configure some ACLs with count (packets) and others as count (bytes) at any given time.
www.dell.com | support.dell.com • Parameters Defaults Command Modes Command History Usage Information Use the no permit {source [mask] | any | host ip-address} command. source Enter the IP address in dotted decimal format of the network from which the packet was sent. mask (OPTIONAL) Enter a network mask in /prefix format (/x) or A.B.C.D. The mask, when specified in A.B.C.D format, may be either contiguous or non-contiguous.
Defaults Command Modes Enter an IP address in dotted decimal format of the network from which the packet was received. mask (OPTIONAL) Enter a network mask in /prefix format (/x) or A.B.C.D. The mask, when specified in A.B.C.D format, may be either contiguous or non-contiguous. any Enter the keyword any to specify that all routes are subject to the filter. host ip-address Enter the keyword host followed by the IP address to specify a host IP address or hostname.
www.dell.com | support.dell.com Extended IP ACL Commands When an ACL is created without any rule and then applied to an interface, ACL behavior reflects an implicit permit. The following commands configure extended IP ACLs, which in addition to the IP address also examine the packet’s protocol type. The MXL 10/40GbE Switch IO Module platform supports both ingress and egress IP ACLs.
Defaults Command Modes (OPTIONAL) Enter the keyword byte to count bytes processed by the filter. dscp (OPTIONAL) Enter the keyword dscp to match to the IP DSCP values. order (OPTIONAL) Enter the keyword order to specify the QoS priority for the ACL entry. Range: 0-254 (where 0 is the highest priority and 254 is the lowest; lower order numbers have a higher priority) Default: If the order keyword is not used, the ACLs have the lowest order by default (255).
www.dell.com | support.dell.com Defaults Command Modes Command History Usage Information message-type (OPTIONAL) Enter an ICMP message type, either with the type (and code, if necessary) numbers or with the name of the message type (ICMP message types are listed in Table 6-2). Range: 0 to 255 for ICMP type; 0 to 255 for ICMP code count (OPTIONAL) Enter the keyword count to count packets processed by the filter. byte (OPTIONAL) Enter the keyword byte to count bytes processed by the filter.
Table 6-2.
www.dell.com | support.dell.com Parameters source Enter the IP address of the network or host from which the packets were sent. mask Enter a network mask in /prefix format (/x) or A.B.C.D. The mask, when specified in A.B.C.D format, may be either contiguous or non-contiguous. any Enter the keyword any to specify that all routes are subject to the filter. host ip-address Enter the keyword host followed by the IP address to specify a host IP address.
Usage Information The order option is relevant in the context of the Policy QoS feature only. For more information, refer to the Quality of Service (QoS) chapter of the FTOS Configuration Guide. In the MXL Switch, you can configure either count (packets) or count (bytes). However, for an ACL with multiple rules, you can configure some ACLs with count (packets) and others as count (bytes) at any given time. Most ACL rules require one entry in the CAM.
www.dell.com | support.dell.com any Enter the keyword any to specify that all routes are subject to the filter. host ip-address Enter the keyword host followed by the IP address to specify a host IP address. dscp Enter this keyword to deny a packet based on DSCP value.
For example, an ACL rule with TCP port range 4000 - 8000 will use eight entries in the CAM: Rule# 1 2 3 4 5 6 7 8 Data Mask From To #Covered 0000111110100000 0000111111000000 0001000000000000 0001100000000000 0001110000000000 0001111000000000 0001111100000000 0001111101000000 1111111111100000 1111111111000000 1111100000000000 1111110000000000 1111111000000000 1111111100000000 1111111111000000 1111111111111111 4000 4032 4096 6144 7168 7680 7936 8000 4031 4095 6143 7167 7679 7935 7999 8000 32 64 204
www.dell.com | support.dell.com permit Configure a filter to pass IP packets meeting the filter criteria. Syntax permit {ip | ip-protocol-number} {source mask | any | host ip-address} {destination mask | any | host ip-address} [count [byte] [dscp value] [order] [fragments] To remove this filter, you have two choices: Use the no seq sequence-number command if you know the filter’s sequence number.
Related Commands ip access-list extended Creates an extended ACL. permit tcp Assigns a permit filter for TCP packets. permit udp Assigns a permit filter for UDP packets. permit icmp Configure a filter to allow all or specific ICMP messages.
www.dell.com | support.dell.com permit tcp Configure a filter to pass TCP packets meeting the filter criteria. Syntax permit tcp {source mask | any | host ip-address} [bit] [operator port [port]] {destination mask | any | host ip-address} [bit] [dscp] [operator port [port]] [count [byte]] [order] [fragments] To remove this filter, you have two choices: Use the no seq sequence-number command if you know the filter’s sequence number.
Defaults Command Modes Command History Usage Information order (OPTIONAL) Enter the keyword order to specify the QoS priority for the ACL entry. Range: 0-254 (where 0 is the highest priority and 254 is the lowest; lower order numbers have a higher priority) Default: If the order keyword is not used, the ACLs have the lowest order by default (255). fragments Enter the keyword fragments to use ACLs to control packet fragments. Not configured. CONFIGURATION-IP ACCESS-LIST-EXTENDED Version 8.3.16.
www.dell.com | support.dell.com permit udp Configure a filter to pass UDP packets meeting the filter criteria. Syntax permit udp {source mask | any | host ip-address} [operator port [port]] {destination mask | any | host ip-address} [dscp] [operator port [port]] [count [byte]] [order] [fragments] To remove this filter, you have two choices: • • Parameters Use the no seq sequence-number command if you know the filter’s sequence number.
In the MXL Switch, you can configure either count (packets) or count (bytes). However, for an ACL with multiple rules, you can configure some ACLs with count (packets) and others as count (bytes) at any given time. Most ACL rules require one entry in the CAM. However, rules with TCP and UDP port operators (gt, lt, range) may require more than one entry. The range of ports is configured in the CAM based on bit mask boundaries; the space required depends on exactly what ports are included in the range.
www.dell.com | support.dell.com ip Enter the keyword ip to configure a generic IP access list. The keyword ip specifies that the access list will permit all IP protocols. tcp Enter the keyword tcp to configure a TCP access list filter. udp Enter the keyword udp to configure a UDP access list filter. source Enter the IP address of the network or host from which the packets were sent. mask Enter a network mask in /prefix format (/x) or A.B.C.D. The mask, when specified in A.B.C.
Usage Information The order option is relevant in the context of the Policy QoS feature only. The following applies: • • • • • The seq sequence-number is applicable only in an ACL group. The order option works across ACL groups that have been applied on an interface via QoS policy framework. The order option takes precedence over the seq sequence-number. If sequence-number is not configured, then rules with the same order value are ordered according to their configuration order.
www.dell.com | support.dell.com mac access-group Apply a MAC ACL to traffic entering or exiting an interface. Syntax mac access-group access-list-name {in [vlan vlan-range] | out} Parameters Defaults Command Modes Enter the name of a configured MAC access list, up to 140 characters. vlan vlan-range (OPTIONAL) Enter the keyword vlan followed a range of VLANs. Note that this option is available only with the in keyword option.
show mac accounting access-list Display MAC access list configurations and counters (if configured). Syntax Parameters show mac accounting access-list access-list-name interface interface in | out access-list-name Enter the name of a configured MAC ACL, up to 140 characters.
www.dell.com | support.dell.com Standard MAC ACL Commands When an access-list is created without any rule and then applied to an interface, ACL behavior reflects implicit permit. The MXL 10/40GbE Switch IO Module platform supports both ingress and egress MAC ACLs. The following commands configure standard MAC ACLs: • • • • deny mac access-list standard permit seq Note: See also Commands Common to all ACL Types and Common MAC Access List Commands.
mac access-list standard Name a new or existing MAC access control list (MAC ACL) and enter the MAC ACCESS LIST mode to configure a standard MAC ACL. See Commands Common to all ACL Types and Common MAC Access List Commands. Syntax mac access-list standard mac-list-name Parameters Defaults Command Modes mac-list-name Not configured CONFIGURATION Command History Usage Information Enter a text string as the name of the standard MAC access list (140 character maximum). Version 8.3.16.
www.dell.com | support.dell.com Defaults Command Modes Command History Related Commands count (OPTIONAL) Enter the keyword count to count packets processed by the filter. byte (OPTIONAL) Enter the keyword byte to count bytes processed by the filter. Not configured. CONFIGURATION-MAC ACCESS LIST-STANDARD Version 8.3.16.1 Introduced on MXL 10/40GbE Switch IO Module deny Configures a MAC ACL filter to drop packets. seq Configures a MAC ACL filter with a specified sequence number.
Extended MAC ACL Commands When an access-list is created without any rule and then applied to an interface, ACL behavior reflects implicit permit. The MXL 10/40GbE Switch IO Module platform supports ingress and egress MAC ACLs. The following commands configure Extended MAC ACLs. • • • • deny mac access-list extended permit seq Note: See also Commands Common to all ACL Types and Common MAC Access List Commands. deny Configure a filter to drop packets that match the filter criteria.
www.dell.com | support.dell.com ethertype operator (OPTIONAL) To filter based on protocol type, enter one of the following Ethertypes: • • • Defaults Command Modes Command History Related Commands ev2 - is the Ethernet II frame format. llc - is the IEEE 802.3 frame format. snap - is the IEEE 802.3 SNAP frame format. count (OPTIONAL) Enter the keyword count to count packets processed by the filter. byte (OPTIONAL) Enter the keyword byte to count bytes processed by the filter. Not configured.
Example Figure 6-8.
www.dell.com | support.dell.com ethertype operator (OPTIONAL) To filter based on protocol type, enter one of the following Ethertypes: • • • Defaults Command Modes Command History Related Commands ev2 - is the Ethernet II frame format. llc - is the IEEE 802.3 frame format. snap - is the IEEE 802.3 SNAP frame format. count (OPTIONAL) Enter the keyword count to count packets processed by the filter. byte (OPTIONAL) Enter the keyword byte to count bytes processed by the filter. Not configured.
ethertype operator (OPTIONAL) To filter based on protocol type, enter one of the following Ethertypes: • • • Defaults Command Modes ev2 - is the Ethernet II frame format. llc - is the IEEE 802.3 frame format. snap - is the IEEE 802.3 SNAP frame format. count (OPTIONAL) Enter the keyword count to count packets processed by the filter. byte (OPTIONAL) Enter the keyword byte to count bytes processed by the filter. Not configured CONFIGURATION-MAC ACCESS LIST-STANDARD Command History Version 8.3.16.
www.dell.com | support.dell.com Command History Default Related Commands Version 8.3.16.1 Introduced on MXL 10/40GbE Switch IO Module Clears “hit” counters for all prefix lists unless a prefix list is specified. ip prefix-list Configures a prefix list. deny Configure a filter to drop packets meeting the criteria specified.
Usage Information Related Commands Prefix lists redistribute OSPF and RIP routes meeting specific criteria. For related RIP commands, refer to Chapter 40, Routing Information Protocol (RIP). For related OSPF commands supported, refer to FTOS Command Line Reference Guide Chapter 34, Open Shortest Path First (OSPF). show ip route list Displays IP routes in an IP prefix list. show ip prefix-list summary Displays a summary of the configured prefix lists.
www.dell.com | support.dell.com Defaults Command Modes (OPTIONAL) Enter the keyword ge followed by the minimum prefix length, which is a number from zero (0) to 32. le max-prefix-length (OPTIONAL) Enter the keyword le followed by the maximum prefix length, which is a number from zero (0) to 32. bitmask number Enter the keyword bitmask followed by a bit mask number in dotted decimal format. Not configured. PREFIX-LIST Command History Usage Information ge min-prefix-length Version 8.3.16.
Command History Example Version 8.3.16.1 Figure 6-10. Introduced on MXL 10/40GbE Switch IO Module show ip prefix-list detail Command Example FTOS#show ip prefix-list detail Prefix-list with the last deletion/insertion: filter_ospf ip prefix-list filter_in: count: 3, range entries: 3, sequences: 5 - 10 seq 5 deny 1.102.0.0/16 le 32 (hit count: 0) seq 6 deny 2.1.0.0/16 ge 23 (hit count: 0) seq 10 permit 0.0.0.
www.dell.com | support.dell.com Route Map Commands When an access-list is created without any rule and then applied to an interface, ACL behavior reflects implicit permit. The following commands allow you to configure route maps and their redistribution criteria.
Match clause with Continue clause The continue feature can exist without a match clause. A continue clause without a match clause executes and jumps to the specified route-map entry. With a match clause and a continue clause, the match clause executes first and the continue clause next in a specified route map entry. The continue clause launches only after a successful match.
www.dell.com | support.dell.com match interface Configure a filter to match routes whose next hop is on the interface specified. Syntax match interface interface To remove a match, use the no match interface interface command. Parameters interface Enter the following keywords and slot/port or number information: • • • • Defaults Not configured Command Modes ROUTE-MAP For the loopback interface, enter the keyword loopback followed by a number from zero (0) to 16383.
match metric Redistributes routes that match a specific metric. match route-type Redistributes routes that match a route type. match tag Redistributes routes that match a specific tag. match ip next-hop Configure a filter to match routes based on the next-hop IP addresses specified in an IP access list or IP prefix list.
www.dell.com | support.dell.com Related Commands match interface Redistributes routes that match the next-hop interface. match ip address Redistributes routes that match an IP address. match ip next-hop Redistributes routes that match the next-hop IP address. match metric Redistributes routes that match a specific metric. match route-type Redistributes routes that match a route type. match tag Redistributes routes that match a specific tag.
Command History Version 8.3.16.1 Related Commands match interface Redistributes routes that match the next-hop interface. match ip address Redistributes routes that match an IP address. match ip next-hop Redistributes routes that match the next-hop IP address. match ip route-source Redistributes routes that match routes advertised by other routers. match metric Redistributes routes that match a specific metric. match tag Redistributes routes that match a tag.
www.dell.com | support.dell.com Defaults deny (OPTIONAL) Enter the keyword deny to set the route map default as deny. sequence-number (OPTIONAL) Enter a number to identify the route map for editing and sequencing with other route maps. You are prompted for a sequence number if there are multiple instances of the route map. Range: 1 to 65535. Not configured If no keyword (permit or deny) is defined for the route map, the permit action is the default.
set metric Configure a filter to assign a new metric to redistributed routes. Syntax set metric [+ | -] metric-value To delete a setting, use the no set metric command. Parameters + (OPTIONAL) Enter + to add a metric-value to the redistributed routes. - (OPTIONAL) Enter - to subtract a metric-value from the redistributed routes. metric-value Defaults Not configured Command Modes ROUTE-MAP Enter a number as the new metric value. Range: zero (0) to 4294967295 Command History Version 8.3.16.
www.dell.com | support.dell.com set tag Configure a filter to specify a tag for redistributed routes. Syntax set tag tag-value Parameters tag-value Defaults Not configured Command Modes ROUTE-MAP Enter a number as the tag. Range: zero (0) to 4294967295. Command History Version 8.3.16.1 Introduced on MXL 10/40GbE Switch IO Module Related Commands set automatic-tag Computes the tag value of the route. set metric Specifies the metric value assigned to redistributed routes.
Example Figure 6-14. show route-map Command Example FTOS#show route-map route-map firpo, permit, sequence 10 Match clauses: Set clauses: tag 34 FTOS# Related Commands route-map Configures a route map.
| Access Control Lists (ACL) www.dell.com | support.dell.
7 Bidirectional Forwarding Detection (BFD) Overview Bidirectional Forwarding Detection (BFD) is a detection protocol that provides fast forwarding path failure detection. The FTOS implementation is based on the standards specified in the IETF Draft draft-ietf-bfd-base-03 and supports BFD on all Layer 3 physical interfaces including VLAN interfaces and port-channels.
www.dell.com | support.dell.com min_rx milliseconds Enter this keyword to specify the minimum rate at which the local system would like to receive control packets from the remote system. Range: 50 to 100 Default: 100 multiplier value Enter this keyword to specify the number of packets that must be missed in order to declare a session down. Range: 3 to 50 Default: 3 role [active | passive] Enter the role that the local system assumes: • Active—The active system initiates the BFD session.
Usage Information All neighbors inherit the timer values configured with the bfd all-neighbors command except in the following cases: • • Related Commands Timer values configured with the isis bfd all-neighbors command in INTERFACE mode override timer values configured with the bfd all-neighbors command. Likewise, using the no bfd all-neighbors command does not disable BFD on an interface if BFD is explicitly enabled using the command isis bfd all-neighbors.
www.dell.com | support.dell.com bfd enable (Interface) Enable BFD on an interface. Syntax Defaults Command Modes Command History bfd enable BFD is enabled on all interfaces when you enable BFD from CONFIGURATION mode. INTERFACE Version 9.2(0.0) Introduced on the MXL 10/40GbE Switch IO Module. bfd interval Specify non-default BFD session parameters beginning with the transmission interval.
bfd neighbor Establish a BFD session with a neighbor. Syntax Parameters Defaults Command Modes bfd neighbor ip-address ip-address Enter the IP address of the neighbor in dotted decimal format (A.B.C.D). None INTERFACE Command History Version 9.2(0.0) Related Commands show bfd neighbors Introduced on the MXL 10/40GbE Switch IO Module. Display BFD neighbor information on all interfaces or a specified interface. bfd protocol-liveness Enable the BFD protocol liveness feature.
www.dell.com | support.dell.com ip route bfd Enable BFD for all neighbors configured through static routes. Syntax ip route bfd [interval interval min_rx min_rx multiplier value role {active | passive}] To disable BFD for all neighbors configured through static routes, use the no ip route bfd [interval interval min_rx min_rx multiplier value role {active | passive}] command.
ipv6 ospf bfd all-neighbors Establish BFD sessions with all OSPFv3 neighbors on a single interface or use non-default BFD session parameters. Syntax ipv6 ospf bfd all-neighbors [disable | [interval interval min_rx min_rx multiplier value role {active | passive}]] To disable all BFD sessions on an OSPFv3 interface, use the no ipv6 ospf bfd all-neighbors [disable | [interval interval min_rx min_rx multiplier value role {active | passive}]] command in interface mode.
www.dell.com | support.dell.com isis bfd all-neighbors Enable BFD on all IS-IS neighbors discovered on an interface. Syntax isis bfd all-neighbors [disable | [interval interval min_rx min_rx multiplier value role {active | passive}]] To remove all BFD sessions with IS-IS neighbors discovered on this interface, use the no isis bfd all-neighbors [disable | [interval interval min_rx min_rx multiplier value role {active | passive}]] command.
neighbor bfd Explicitly enable a BFD session with a BGP neighbor or a BGP peer group. Syntax neighbor {ip-address | peer-group-name} bfd Parameters Defaults Command Modes Enter the IP address of the BGP neighbor that you want to explicitly enable for BFD sessions in dotted decimal format (A.B.C.D). peer-group-name Enter the name of the peer group that you want to explicitly enable for BFD sessions. None ROUTER BGP Command History Usage Information ip-address Version 9.2(0.
www.dell.com | support.dell.com Command Modes ROUTER BGP Command History Usage Information Version 9.2(0.0) Introduced on the MXL 10/40GbE Switch IO Module. When you explicitly disable a BGP neighbor for a BFD session with the neighbor bfd disable command: • • The neighbor does not inherit the global BFD disable values configured with the bfd all-neighbors command or configured for the peer group to which the neighbor belongs.
Example Figure 7-2. show bfd neighbors Command Force10#show bfd neighbors * Ad Dn B C I O R - Active session role Admin Down BGP CLI ISIS OSPF Static Route (RTM) LocalAddr * 10.1.3.2 Example Figure 7-3. RemoteAddr 10.1.3.1 Interface State Rx-int Tx-int Mult Clients Gi 1/3 Up 300 250 3 C show bfd neighbors detail Command Example Force10#show bfd neighbors detail Session Discriminator: 1 Neighbor Discriminator: 1 Local Addr: 10.1.3.2 Local MAC Addr: 00:01:e8:02:15:0e Remote Addr: 10.1.3.
www.dell.com | support.dell.
8 Border Gateway Protocol IPv4 (BGPv4) Overview For detailed information on configuring BGP, refer to the BGP chapter in the FTOS Configuration Guide.
www.dell.com | support.dell.
• • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • neighbor peer-group passive neighbor remote-as neighbor remove-private-as neighbor route-map neighbor route-reflector-client neighbor shutdown neighbor shutdown neighbor soft-reconfiguration inbound neighbor timers neighbor update-source neighbor weight network network backdoor redistribute redistribute ospf router bgp show capture bgp-pdu neighbor show config show ip bgp show ip bgp cluster-list show ip bgp community show ip bgp com
www.dell.com | support.dell.com Parameters ipv4 multicast Enter BGPv4 multicast mode. ipv6 unicast Enter BGPv6 mode. Defaults Not configured. Command Modes ROUTER BGP Command History Version 9.2(0.0) Introduced on the MXL 10/40GbE Switch IO Module. aggregate-address Summarize a range of prefixes to minimize the number of entries in the routing table.
If the route is injected via the network command, that route still appears in the routing table if the summary-only parameter is configured in the aggregate-address command. The summary-only parameter suppresses all advertisements. If you want to suppress advertisements to only specific neighbors, use the neighbor distribute-list command. In the show ip bgp command, aggregates contain an ‘a’ in the first column and routes suppressed by the aggregate contain an ‘s’ in the first column.
www.dell.com | support.dell.com Usage Information Command History Any update without a MED attribute is the least preferred route If you enable this command, use the clear ip bgp * command to recompute the best path. Version 9.2(0.0) Introduced on the MXL 10/40GbE Switch IO Module. bgp asnotation Enables you to implement a method for AS Number representation in the CLI.
Command History Version 9.2(0.0) Introduced on the MXL 10/40GbE Switch IO Module. bgp bestpath as-path ignore Ignore the AS PATH in BGP best path calculations. Syntax bgp bestpath as-path ignore To return to the default, enter no bgp bestpath as-path ignore. Defaults Command Modes Usage Information Command History Disabled (that is, the software considers the AS_PATH when choosing a route as best). ROUTER BGP If you enable this command, use the clear ip bgp * command to recompute the best path.
www.dell.com | support.dell.com Defaults Command Modes Usage Information Command History Disabled ROUTER BGP The software compares the MEDs only if the path contains no external autonomous system numbers. If you enable this command, use the clear ip bgp * command to recompute the best path. Version 9.2(0.0) Introduced on the MXL 10/40GbE Switch IO Module.
bgp client-to-client reflection Enables you to enable route reflection between clients in a cluster. Syntax bgp client-to-client reflection To disable client-to-client reflection, enter no bgp client-to-client reflection. Defaults Command Modes Usage Information Related Commands Command History Enabled when a route reflector is configured. ROUTER BGP Route reflection to clients is not necessary if all client routers are fully meshed.
www.dell.com | support.dell.com bgp confederation identifier Configure an identifier for a BGP confederation. Syntax bgp confederation identifier as-number To delete a BGP confederation identifier, use the no bgp confederation identifier as-number command. Parameters as-number Enter the AS number. Range: 0-65535 (2-Byte) or 1-4294967295 (4-Byte) or 0.1-65535.65535 (Dotted format) Defaults Not configured.
Command Modes Usage Information ROUTER BGP All the routers in the Confederation must be 4 or 2 byte identified routers. You cannot mix them. The Autonomous Systems configured in this command are visible to the EBGP neighbors. Each Autonomous System is fully meshed and contains a few connections to other Autonomous Systems. After specifying autonomous systems numbers for the BGP confederation, recycle the peers to update their configuration.
www.dell.com | support.dell.com Command Modes ROUTER BGP ROUTER-BGP-ADDRESS FAMILY Usage Information Related Commands Command History If you enter the bgp dampening command, the default values for half-life, reuse, suppress, and max-suppress-time are applied. The parameters are position-dependent, therefore, if you configure one parameter, you must configure the parameters in the order they appear in the CLI. show ip bgp dampened-paths Version 9.2(0.
Usage Information This command is enabled by default, that is for all updates received from EBGP peers, BGP ensures that the first AS of the first AS segment is always the AS of the peer. If not, the update is dropped and a counter is increments. Use the show ip bgp neighbors command to view the “failed enforce-first-as check” counter. If you disable the enforce-first-as command, it can be viewed using the show ip protocols command.
www.dell.com | support.dell.com Where the 2-Byte format is 1-65535, the 4-Byte format is 1-4294967295. Both formats are accepted, and the advertisements will reflect the entered format. For more information about using the 2 or 4-Byte format, refer to the FTOS Configuration Guide. Command History Version 9.2(0.0) Introduced on the MXL 10/40GbE Switch IO Module.
Command Modes Usage Information ROUTER BGP In non-deterministic mode, paths are compared in the order in which they arrive. This method can lead to FTOS choosing different best paths from a set of paths, depending on the order in which they are received from the neighbors since MED may or may not get compared between adjacent paths. In deterministic mode (no bgp non-deterministic-med), FTOS compares MED between adjacent paths within an AS group since all paths in the AS group are from the same AS.
www.dell.com | support.dell.com Command History Usage Information Version 9.2(0.0) Introduced on the MXL 10/40GbE Switch IO Module. BGP uses regular expressions (regex) to filter route information. In particular, the use of regular expressions to filter routes based on AS-PATHs and communities is quite common.
Usage Information Peering sessions are reset when you change the router ID of a BGP router. bgp soft-reconfig-backup Use this command only when route-refresh is not negotiated to avoid the peer from resending messages. Syntax bgp soft-reconfig-backup To return to the default setting, use the no bgp soft-reconfig-backup command. Defaults Command Modes Command History Usage Information Related Commands Off ROUTER BGP Version 9.2(0.0) Introduced on the MXL 10/40GbE Switch IO Module.
www.dell.com | support.dell.com capture bgp-pdu max-buffer-size Set the size of the BGP packet capture buffer. This buffer size pertains to both IPv4 and IPv6 addresses. Syntax Parameters capture bgp-pdu max-buffer-size 100-102400000 100-102400000 Defaults 40960000 bytes. Command Modes EXEC Privilege Command History Related Commands Version 9.2(0.0) Enter a size for the capture buffer. Introduced on the MXL 10/40GbE Switch IO Module.
clear ip bgp dampening Clear information on route dampening and return suppressed route to active state. Syntax Parameters Command Modes Usage Information Command History clear ip bgp dampening [ip-address mask] ip-address mask (OPTIONAL) Enter an IP address in dotted decimal format and the prefix mask in slash format (/x) to clear dampening information only that BGP neighbor. EXEC Privilege After you enter this command, the software deletes history routes and returns suppressed routes to active state.
www.dell.com | support.dell.com Command History Version 9.2(0.0) Introduced on the MXL 10/40GbE Switch IO Module. clear ip bgp peer-group Reset a peer group’s BGP sessions. Syntax Parameters Command Modes Command History clear ip bgp peer-group peer-group-name Enter the keyword peer-group followed by the name of the peer group. peer-group peer-group-name EXEC Privilege Version 9.2(0.0) Introduced on the MXL 10/40GbE Switch IO Module.
Command History Version 9.2(0.0) Introduced on the MXL 10/40GbE Switch IO Module. debug ip bgp dampening Display information on routes being dampened. Syntax debug ip bgp dampening [in | out] To disable debugging, enter no debug ip bgp dampening. Parameters Command Modes Usage Information Related Commands Command History in (OPTIONAL) Enter the keyword in to view only inbound dampened routes. out (OPTIONAL) Enter the keyword out to view only outbound dampened routes.
www.dell.com | support.dell.com debug ip bgp keepalives Display information about BGP keepalive messages. Syntax debug ip bgp [ip-address | peer-group peer-group-name] keepalives [in | out] To disable debugging, use the no debug ip bgp [ip-address | peer-group peer-group-name] keepalives [in | out] command. Parameters Command Modes Usage Information Command History ip-address (OPTIONAL) Enter the IP address of the neighbor in dotted decimal format.
debug ip bgp soft-reconfiguration Enable soft-reconfiguration debug. Syntax debug ip bgp {ip-address | peer-group-name} soft-reconfiguration To disable, use the no debug ip bgp {ip-address | peer-group-name} soft-reconfiguration command. Parameters Defaults Command Modes Usage Information Command History ip-address (OPTIONAL) Enter the IP address of the neighbor in dotted decimal format.
www.dell.com | support.dell.com default-metric Enables you to change the metrics of redistributed routes to locally originated routes. Use this command with the redistribute command. Syntax default-metric number To return to the default setting, enter the no default-metric command. Parameters Defaults Command Modes Usage Information Related Commands Command History number Enter a number as the metric to be assigned to routes from other protocols. Range: 1 to 4294967295.
To return to the default values, enter no maximum-paths. Parameters Defaults Command Modes Usage Information Command History ebgp Enter the keyword ebgp to enable multipath support for External BGP routes. ibgp Enter the keyword ibgp to enable multipath support for Internal BGP routes. number Enter a number as the maximum number of parallel paths. Range: 2 to 64 none ROUTER BGP If you enable this command, use the clear ip bgp * command to recompute the best path. Version 9.2(0.
www.dell.com | support.dell.com Parameters Defaults Command Modes Related Commands Command History ip-address (OPTIONAL) Enter the IP address of the neighbor in dotted decimal format. peer-group-name (OPTIONAL) Enter the name of the peer group. send Enter this keyword to indicate that the system will send multiple paths to peers. receive Enter this keyword to indicate that the system will accept multiple paths from peers.
To return to the default value, use the no neighbor {ip-address} advertisement-start command. Parameters Defaults Command Modes Command History ip-address Enter the IP address of the neighbor in dotted decimal format. seconds Enter a number as the time interval, in seconds, before BGP route updates are sent. Range: 0 to 3600 seconds. none ROUTER BGP Version 9.2(0.0) Introduced on the MXL 10/40GbE Switch IO Module.
www.dell.com | support.dell.com Parameters ip-address Enter the IP address of the neighbor in dotted decimal format. peer-group-name Enter the name of the peer group to set the default route of all routers in that peer group. route-map map-name (OPTIONAL) Enter the keyword route-map followed by the name of a configured route map. Defaults Not configured.
in Enter the keyword in to distribute only inbound traffic. out Enter the keyword out to distribute only outbound traffic. Defaults Not configured. Command Modes ROUTER BGP Usage Information Related Commands Command History Other BGP filtering commands include: neighbor filter-list, ip as-path access-list, and neighbor route-map. neighbor route-map Version 9.2(0.0) Assign a route map to a neighbor or peer group. Introduced on the MXL 10/40GbE Switch IO Module.
www.dell.com | support.dell.com Parameters Defaults Command Modes Usage Information Related Commands Command History ipv4-address Enter the IP address of the neighbor in dotted decimal format. peer-group-name Enter the name of the peer group. Disabled ROUTER BGP When fall-over is enabled, BGP keeps track of IP or IPv6 reachability to the peer remote address and the peer local address. Whenever either address becomes unreachable (i.
neighbor local-as Configure Internal BGP (IBGP) routers to accept external routes from neighbors with a local AS number in the AS number path Syntax neighbor {ip-address | peer-group-name} local-as as-number [no-prepend] To return to the default value, use the no neighbor {ip-address | peer-group-name} local-as command. Parameters ip-address Enter the IP address of the neighbor in dotted decimal format.
www.dell.com | support.dell.com threshold (OPTIONAL) Enter a number to be used as a percentage of the maximum value. When the number of prefixes reaches this percentage of the maximum value, the software sends a message. Range: 1 to 100 percent. Default: 75 warning-only (OPTIONAL) Enter the keyword warning-only to set the router to send a log message when the maximum value is reached. If this parameter is not set, the router stops peering when the maximum number of prefixes is reached.
If you specify a BGP peer group by using the peer-group-name parameter, all the members of the peer group will inherit the characteristic configured with this command.
www.dell.com | support.dell.com Related Commands Command History clear ip bgp Resets BGP sessions. neighbor peer-group (creating group) Create a peer group. show ip bgp peer-group View BGP peers. show ip bgp neighbors View BGP neighbors configurations. Version 9.2(0.0) Introduced on the MXL 10/40GbE Switch IO Module. neighbor peer-group (creating group) Enables you to create a peer group and assign it a name.
Defaults Not Configured Command Modes ROUTER BGP Usage Information After you configure a peer group as passive, you must assign it a subnet using the neighbor soft-reconfiguration inbound command. For passive eBGP limits, the Remote AS must be different from the AS for this neighbor. Related Commands Command History neighbor soft-reconfiguration inbound Assign a subnet to a dynamically-configured BGP neighbor. neighbor remote-as Create and specify the remote peer to the BGP neighbor Version 9.
www.dell.com | support.dell.com neighbor remove-private-as Remove private AS numbers from the AS-PATH of outgoing updates. Syntax neighbor {ip-address | peer-group-name} remove-private-as To return to the default, use the no neighbor {ip-address | peer-group-name} remove-private-as command. Parameters Defaults Command Modes Usage Information ip-address Enter the IP address of the neighbor to remove the private AS numbers.
Usage Information When you apply a route map to outbound routes, only routes that match at least one section of the route map are permitted. If you identify a peer group by name, the peers in that peer group inherit the characteristics in the Route map used in this command. If you identify a peer by IP address, the Route map overwrites either the inbound or outbound policies on that peer. Command History Version 9.2(0.0) Introduced on the MXL 10/40GbE Switch IO Module.
www.dell.com | support.dell.com neighbor shutdown Disable a BGP neighbor or peer group. Syntax neighbor {ip-address | peer-group-name} shutdown To enable a disabled neighbor or peer group, use the neighbor {ip-address | peer-group-name} no shutdown command. Parameters Defaults Command Modes Usage Information Related Commands Command History ip-address Enter the IP address of the neighbor in dotted decimal format.
Usage Information This command enables soft-reconfiguration for the BGP neighbor specified. BGP will store all the updates received by the neighbor but will not reset the peer-session. Caution: Inbound update storage is a memory-intensive operation. The entire BGP update database from the neighbor is stored in memory regardless of the inbound policy results applied on the neighbor. Note: This command is supported in BGP Router Configuration mode for IPv4 Unicast address only.
www.dell.com | support.dell.com Command History Version 9.2(0.0) Introduced on the MXL 10/40GbE Switch IO Module. neighbor update-source Enable the software to use Loopback interfaces for TCP connections for BGP sessions. Syntax neighbor {ip-address | peer-group-name} update-source interface To use the closest interface, use the no neighbor {ip-address | peer-group-name} update-source interface command. Parameters ip-address Enter the IP address of the peer router in dotted decimal format.
Usage Information In the FTOS best path selection process, the path with the highest weight value is preferred. Note: Reset the neighbor connection (clear ip bgp * command) to apply the weight to the connection and recompute the best path. If the set weight command is configured in a route map applied to this neighbor, the weight set in that command overrides the weight set in the neighbor weight command. Command History Version 9.2(0.0) Introduced on the MXL 10/40GbE Switch IO Module.
www.dell.com | support.dell.com network backdoor Specify this IGP route as the preferred route. Syntax network ip-address mask backdoor To remove a network, use the no network ip-address mask backdoor command. Parameters ip-address Enter an IP address in dotted decimal format of the network. mask Enter the mask of the IP address in the slash prefix length format (for example, /24). The mask appears in command outputs in dotted decimal format (A.B.C.D). Defaults Not configured.
Usage Information With FTOS version 8.3.1.0 and later, the redistribute command can be used to advertise the IGP cost as the MED on redistributed routes. When the route-map is set with metric-type internal and applied outbound to an EBGP peer/peer-group, the advertised routes corresponding to those peer/peer-group will have IGP cost set as MED.
www.dell.com | support.dell.com router bgp Enter ROUTER BGP mode to configure and enable BGP. Syntax router bgp as-number To disable BGP, use the no router bgp as-number command. Parameters as-number Enter the AS number. Range: 1 to 65535 (2-Byte) or 1-4294967295 (4-Byte) or 0.1-65535.65535 (Dotted format) Defaults Command Modes Example Not enabled. CONFIGURATION Figure 8-3. Command Example: router bgp FTOS(conf)#router bgp 3 FTOS(conf-router_bgp)# Command History Usage Information Version 9.2(0.
Example Figure 8-4. Command Example: show capture bgp-pdu neighbor FTOS(conf-router_bgp)#show capture bgp-pdu neighbor 20.20.20.2 Incoming packet capture enabled for BGP neighbor 20.20.20.
www.dell.com | support.dell.com show ip bgp View the current BGP IPv4 routing table for the system. Syntax show ip bgp [ipv4 unicast] [network [network-mask] [longer-prefixes]] Parameters Command Modes ipv4 unicast (OPTIONAL) Enter the ipv4 unicast keywords to view information only related to ipv4 unicast routes. network (OPTIONAL) Enter the network address (in dotted decimal format) of the BGP network to view information only on that network.
Table 8-1 defines the information displayed in Figure 8-6 Table 8-1. Related Commands Command History show ip bgp Command Example Fields Field Description Network Displays the destination network prefix of each BGP route. Next Hop Displays the next hop address of the BGP router. If 0.0.0.0 is listed in this column, then local routes exist in the routing table. Metric Displays the BGP route’s metric, if assigned. LocPrf Displays the BGP LOCAL_PREF attribute for the route.
www.dell.com | support.dell.com Example Figure 8-7. Command Example: show ip bgp cluster-list (Partial) FTOS#show ip bgp cluster-list BGP table version is 64444683, local router ID is 120.1.1.1 Status codes: s suppressed, d damped, h history, * valid, > best Path source: I - internal, a - aggregate, c - confed-external, r - redistributed, n - network Origin codes: i - IGP, e - EGP, ? - incomplete Network * I 10.10.10.1/32 * I *>I * I * I * I * I 10.19.75.5/32 * I *>I * I * I * I * I 10.30.1.
Parameters Command Modes ipv4 unicast (OPTIONAL) Enter the ipv4 unicast keywords to view information only related to ipv4 unicast routes. community-number Enter the community number in AA:NN format where AA is the AS number (2 bytes) and NN is a value specific to that autonomous system. You can specify up to eight community numbers to view information on those community groups. local-AS Enter the keywords local-AS to view all routes with the COMMUNITY attribute of NO_EXPORT_SUBCONFED.
www.dell.com | support.dell.com The show ip bgp community command without any parameters lists BGP routes with at least one BGP community attribute and the output is the same as for the show ip bgp command output. Table 8-3. Command History Command Example Fields: show ip bgp community Field Description Network Displays the destination network prefix of each BGP route. Next Hop Displays the next hop address of the BGP router. If 0.0.0.
The show ip bgp community-list command without any parameters lists BGP routes matching the Community List and the output is the same as for the show ip bgp command output. Table 8-4. Command History show ip bgp community-list Command Example Fields Field Description Network Displays the destination network prefix of each BGP route. Next Hop Displays the next hop address of the BGP router. If 0.0.0.0 is listed in this column, then local routes exist in the routing table.
www.dell.com | support.dell.com Command History Version 9.2(0.0) Introduced on the MXL 10/40GbE Switch IO Module. show ip bgp detail Display BGP internal information for IPv4 Unicast address family. Syntax Defaults Command Modes show ip bgp [ipv4 unicast] detail none EXEC EXEC Privilege Example Figure 8-11.
show ip bgp extcommunity-list View information on all routes with Extended Community attributes. Syntax Parameters Command Modes show ip bgp [ipv4 unicast] extcommunity-list [list name] ipv4 unicast (OPTIONAL) Enter the ipv4 unicast keywords to view information only related to ipv4 unicast routes. list name Enter the extended community list name you wish to view. EXEC EXEC Privilege Usage Information To view the total number of COMMUNITY attributes found, use the show ip bgp summary command.
www.dell.com | support.dell.com Example Figure 8-12. Command Example: show ip bgp filter-list FTOS#show ip bgp filter-list hello BGP table version is 80227, local router ID is 120.1.1.1 Status codes: s suppressed, d damped, h history, * valid, > best Path source: I - internal, a - aggregate, c - confed-external, r - redistributed, n network Origin codes: i - IGP, e - EGP, ? - incomplete Network * I 6.1.5.0/24 * I * I * I *>I * I * I * I 6.1.6.0/24 * I * I * I *>I * I * I * I 6.1.20.
show ip bgp flap-statistics View flap statistics on BGP routes. Syntax Parameters show ip bgp [ipv4 unicast] flap-statistics [ip-address [mask]] [filter-list as-path-name] [regexp regular-expression] ipv4 unicast (OPTIONAL) Enter the ipv4 unicast keywords to view information only related to ipv4 unicast routes. ip-address (OPTIONAL) Enter the IP address (in dotted decimal format) of the BGP network to view information only on that network.
www.dell.com | support.dell.com Table 8-7 defines the information displayed in Figure 8-13. Table 8-7. Command History show ip bgp flap-statistics Command Example Fields Field Description Network Displays the network ID to which the route is flapping. From Displays the IP address of the neighbor advertising the flapping route. Flaps Displays the number of times the route flapped. Duration Displays the hours:minutes:seconds since the route first flapped.
Table 8-8. Command History show ip bgp inconsistent-as Command Example Fields Fields Description Network Displays the destination network prefix of each BGP route. Next Hop Displays the next hop address of the BGP router. If 0.0.0.0 is listed in this column, then local routes exist in the routing table. Metric Displays the BGP route’s metric, if assigned. LocPrf Displays the BGP LOCAL_PREF attribute for the route.
www.dell.com | support.dell.com Command Modes EXEC EXEC Privilege Command History Example Version 9.2(0.0) Figure 8-15. Introduced on the MXL 10/40GbE Switch IO Module. Command Example: show ip bgp neighbors on the S4810(Partial) FTOS#show ip bgp neighbors BGP neighbor is 10.10.10.1, remote AS 23456, external link BGP version 4, remote router ID 10.10.10.1 BGP state ESTABLISHED, in this state for 00:00:35 . . .
Example 2 Figure 8-17. Command Example: show ip bgp neighbors advertised-routes FTOS>show ip bgp neighbors 192.14.1.5 advertised-routes BGP table version is 74103, local router ID is 33.33.33.33 Status codes: s suppressed, S stale, d damped, h history, * valid, > best Path source: I - internal, a - aggregate, c - confed-external, r - redistributed, n - network Origin codes: i - IGP, e - EGP, ? - incomplete Network Next Hop *>r 1.10.1.0/24 0.0.0.0 *>r 1.11.0.0/16 0.0.0.0 ..... ..... *>I 223.94.249.
www.dell.com | support.dell.com Table 8-9. Lines beginning with Description BGP state Displays the neighbor’s BGP state and the amount of time in hours:minutes:seconds it has been in that state.
show ip bgp next-hop View all next hops (via learned routes only) with current reachability and flap status. This command only displays one path, even if the next hop is reachable by multiple paths. Syntax Command Modes show ip bgp next-hop EXEC EXEC Privilege Example Figure 8-20. Command Example: show ip bgp next-hop FTOS>show ip bgp next-hop Next-hop Via 63.114.8.33 63.114.8.33, 63.114.8.34 63.114.8.34, 63.114.8.35 63.114.8.35, 63.114.8.60 63.114.8.60, FTOS> Table 8-10.
www.dell.com | support.dell.com Parameters regexp regular-expression Enter a regular expression then use one or a combination of the following characters to match: • • • • • • • • • Command Modes . = (period) any single character (including a white space) * = (asterisk) the sequences in a pattern (0 or more sequences) + = (plus) the sequences in a pattern (1 or more sequences) ? = (question mark) sequences in a pattern (either 0 or 1 sequences).
Command History Version 9.2(0.0) Introduced on the MXL 10/40GbE Switch IO Module. show ip bgp paths as-path View all unique AS-PATHs in the BGP database Syntax Command Modes show ip bgp paths as-path EXEC EXEC Privilege Example Figure 8-22.
www.dell.com | support.dell.com Example Figure 8-23.
Command Modes EXEC EXEC Privilege Example Figure 8-24. Command Example: show ip bgp peer-group on the S4810 (Partial) FTOS#show ip bgp peer-group Peer-group pg1 BGP version 4 Minimum time between advertisement runs is 30 seconds For address family: IPv4 Unicast BGP neighbor is pg1 Number of peers in this group 4 Update packing has 4_OCTECT_AS support enabled Add-path support enabled Peer-group members (* - outbound optimized): 1.1.1.5 1.1.1.6 10.10.10.2* 20.20.20.100 Example Figure 8-25.
www.dell.com | support.dell.com Table 8-14. Related Commands Command History Command Example fields: show ip bgp peer-group Line beginning with Description Number of peers Displays the number of peers currently configured for this peer group. Peer-group members: Lists the IP addresses of the peers in the peer group. If the address is outbound optimized, a * is displayed next to the IP address. neighbor peer-group (assigning peers) Assign peer to a peer-group.
Example Figure 8-26. Command Example: show ip bgp regexp (Partial) FTOS#show ip bgp regexp ^2914+ BGP table version is 3700481, local router ID is 63.114.8.35 Status codes: s suppressed, S stale, d damped, h history, * valid, > best Path source: I - internal, a - aggregate, c - confed-external, r - redistributed, n - network Origin codes: i - IGP, e - EGP, ? - incomplete Network Next Hop Metric LocPrf Weight Path *>I 3.0.0.0/8 1.1.1.2 0 100 0 2914 1239 80 i *>I 4.0.0.0/8 1.1.1.
www.dell.com | support.dell.com Example 232 Figure 8-27. Command Example: show ip bgp summary FTOS#show ip bgp summary BGP router identifier 120.10.10.
Table 8-16. Command History Command Example fields: show ip bgp summary Field Description Up/Down Displays the amount of time that the neighbor is in the Established stage. If the neighbor has never moved into the Established stage, the word never is displayed.
www.dell.com | support.dell.com Parameters Defaults Command Modes keepalive Enter a number for the time interval, in seconds, between keepalive messages sent to the neighbor routers. Range: 1 to 65535 Default: 60 seconds holdtime Enter a number for the time interval, in seconds, between the last keepalive message and declaring the router dead. Range: 3 to 65535 Default: 180 seconds No default values or behavior ROUTER BGP Command History Version 9.2(0.
distance bgp Define an administrative distance for routes. Syntax distance bgp external-distance internal-distance local-distance To return to default values, enter no distance bgp. Parameters Defaults Command Modes external-distance Enter a number to assign to routes learned from a neighbor external to the AS. Range: 1 to 255 Default: 20 internal-distance Enter a number to assign to routes learned from a router within the AS.
www.dell.com | support.dell.com Usage Information Example The following describes the show ip bgp dampened-paths command in the following example. Field Description Network Displays the network ID to which the route is dampened. From Displays the IP address of the neighbor advertising the dampened route. Reuse Displays the hour:minutes:seconds until the dampened route is available. Path Lists all the ASs the route passed through to reach the destination network.
Defaults Command Modes Usage Information additive (OPTIONAL) Enter the keyword additive to add to the existing extended community. non-trans (OPTIONAL) Enter the keyword non-trans to indicate a non-transitive BGP extended community.
www.dell.com | support.dell.com Related Commands set extcommunity rt Command History Version 9.2(0.0) Set extended community route origins via the route-map Introduced on the MXL 10/40GbE Switch IO Module. show ip bgp paths extcommunity Use this feature to display all BGP paths having extended community attributes. Syntax Command Modes show ip bgp paths extcommunity EXEC EXEC Privilege Example Figure 8-28.
Example Figure 8-29. Command Example: show ip extcommunity-list FTOS#show ip extcommunity-list test ip extcommunity-list test deny RT:1234:12 permit regexp 123 deny regexp 234 deny regexp 123 FTOS# Command History Version 9.2(0.0) Introduced on the MXL 10/40GbE Switch IO Module. IPv6 BGP Commands IPv6 Border Gateway Protocol (IPv6 BGP) is supported on the MXL 10/40GbE Switch IO Module.
www.dell.com | support.dell.com Command History Version 9.2(0.0) Introduced on the MXL 10/40GbE Switch IO Module. clear ip bgp ipv6 unicast soft Clear and reapply policies for IPv6 unicast routes without resetting the TCP connection; that is, perform BGP soft reconfiguration. Syntax Parameters Command Modes Command History clear ip bgp {* | as-number | ipv4-neighbor-addr | ipv6-neighbor-addr | peer-group name} ipv6 unicast soft [in | out] * Clear and reapply policies for all BGP sessions.
Command Modes Command History Usage Information EXEC Privilege Version 9.2(0.0) Introduced on the MXL 10/40GbE Switch IO Module. This command turns on BGP soft-reconfiguration inbound debugging for IPv6 unicast routes. If no neighbor is specified, debug is turned on for all neighbors. ipv6 prefix-list Configure an IPv6 prefix list. Syntax Parameters Defaults Command Modes Command History Related Commands ipv6 prefix-list prefix-list name prefix-list name Enter the name of the prefix list.
www.dell.com | support.dell.com IPv6 MBGP Commands Multiprotocol BGP (MBGP) is an enhanced BGP that enables multicast routing policy throughout the Internet and connecting multicast topologies between BGP and autonomous systems (AS). FTOS MBGP is implemented as per IETF RFC 1858. The MBGP commands are: • show ipv6 mbgproutes Display the selected IPv6 MBGP route or a summary of all MBGP routes in the table.
9 Content Addressable Memory (CAM) Overview Warning: If you are using these features for the first time, contact Dell Networking Technical Assistance Center (TAC) for guidance. For information on contacting Dell Networking TAC, visit the Dell Networking website at www.force10networks.com/ support CAM Profile Commands The content addressable memory (CAM) profiling feature allows you to partition the CAM to best suit your application.
www.dell.com | support.dell.com • show cam-acl-egress cam-acl (Configuration) Select the default CAM allocation settings or reconfigure new CAM allocation for Layer 2, IPv4 and IPv6 ACLs, Layer 2 and Layer 3 (IPv4) QoS, Layer 2 Protocol Tunneling (L2PT), IP and MAC source address validation for DHCP, Ethernet Connectivity Fault Management (CFM) ACLs, and Policy-based Routing (PBR).
Ranges for the CAM profiles are 1-10, except for the ipv6acl profile which is 0-10. The ipv6acl allocation must be a factor of two (2, 4, 6, 8, 10). cam-optimization Optimize CAM utilization for QoS Entries by minimizing require policy-map CAM space. Syntax Parameters Command Modes Defaults Command History Usage Information cam-optimization [qos] qos Optimize CAM usage for Quality of Service (QoS) CONFIGURATION Disabled Version 8.3.16.
www.dell.com | support.dell.com Example Figure 9-1.
show cam-acl-egress Display the details of the FP groups allocated for the egress ACL. Syntax Defaults Command Modes Command History Usage Information Example show cam-acl-egress none EXEC Version 8.3.16.1 Introduced on MXL 10/40GbE Switch IO Module The display reflects the settings implemented with the cam-acl-egress command. Figure 9-3.
www.dell.com | support.dell.
10 Control Plane Policing (CoPP) Overview The CoPP commands are supported on the Dell Networking MXL 10/40GbE Switch IO Module. Commands • • • • • • • control-plane-cpuqos service-policy rate-limit-cpu-queues service-policy rate-limit-protocols show cpu-queue rate cp show ip protocol-queue-mapping show ipv6 protocol-queue-mapping show mac protocol-queue-mapping control-plane-cpuqos Enter control-plane mode and configure the switch to manage control-plane traffic.
www.dell.com | support.dell.com Command Modes Command History Usage Information CONTROL-PLANE-CPUQOS Version 9.2(0.0) Introduced on the MXL 10/40GbE Switch IO Module. Create a policy-map by associating a queue number with the qos-policy. Create QoS policies prior to enabling this command. For CoPP, do not use the keywords cpu-qos when creating qos-policy-input. Related Commands qos-policy-input Create a QoS input policy map. class-map Create a QoS class map.
Defaults Not configured. Command Modes EXEC Privilege Command History Usage Information Version 9.2(0.0) Introduced on the MXL 10/40GbE Switch IO Module. This command applies the service-policy based on the type of protocol defined in the ACL rules. Create ACL and QoS policies prior to enabling this command.
www.dell.com | support.dell.com show ipv6 protocol-queue-mapping Display the queue mapping for each configured IPv6 protocol. Syntax show ipv6 protocol-queue-mapping Defaults Not configured. Command Modes EXEC Privilege Command History Version 9.2(0.0) Introduced on the MXL 10/40GbE Switch IO Module.
11 Data Center Bridging Overview Data center bridging (DCB) refers to a set of IEEE Ethernet enhancements that provide data centers with a single, robust, converged network to support multiple traffic types, including LAN, server, and storage traffic. The Dell Networking operating software (FTOS) commands for data center bridging features include 802.1Qbb priority-based flow control (PFC), 802.1Qaz enhanced transmission selection (ETS), and the Data Center Bridging Exchange (DCBX) protocol.
www.dell.com | support.dell.
Command History Usage Information Version 8.3.16.1 Introduced on MXL 10/40GbE Switch IO Module To disable TLV transmission, use the no form of the command; for example, no advertise dcbx-appln-tlv iscsi. advertise dcbx-tlv On a DCBX port with a manual role, configure the PFC and ETS TLVs advertised to DCBX peers. Syntax advertise dcbx-tlv {ets-conf | ets-reco | pfc} [ets-conf | ets-reco | pfc] [ets-conf | ets-reco | pfc] To remove the advertised ETS TLVs, use the no advertise dcbx-tlv command.
www.dell.com | support.dell.com Defaults Command Modes Command History Usage Information none POLICY-MAP-OUT-ETS Version 8.3.16.1 Introduced on MXL 10/40GbE Switch IO Module By default, equal bandwidth is assigned to each port queue and each dot1p priority in a priority group. Use the bandwidth-percentage command to configure bandwidth amounts in associated dot1p queues.
dcb-input Create a DCB input policy to apply pause or flow control for specified priorities using a configure delay time. Syntax dcb-input policy-name To delete the DCB input policy, use the no dcb-input command. Parameters Defaults Command Modes Command History Usage Information policy-name Maximum: 32 alphanumeric characters. none CONFIGURATION Version 8.3.16.
www.dell.com | support.dell.com Usage Information Create a DCB output policy to associate a priority group with an ETS output policy with scheduling and bandwidth configuration. You can apply a DCB output policy on multiple egress ports. When you apply an ETS output policy on an interface, ETS-configured scheduling and bandwidth allocation take precedence over any configured settings in QoS output policies. The ETS configuration associated with 802.
dcb-policy input stack-unit stack-ports all Apply the specified DCB input policy on all ports of the switch stack or a single stacked switch. Syntax dcb-policy input stack-unit {all | stack-unit-id} stack-ports all dcb-input-policy-name To remove all DCB input policies applied to the stacked ports and rest the PFC to its default settings, use the no dcb-policy input stack-unit all command.
www.dell.com | support.dell.com To remove an ETS output policy from an interface, enter the no dcb-policy output policy-name command. ETS is enabled by default with the default ETS configuration applied (all dot1p priorities in the same group with equal bandwidth allocation). Related Commands dcb-output Create a DCB output policy. dcb-policy output stack-unit stack-ports all Apply the specified DCB output policy on all ports of the switch stack or a single stacked switch.
Parameters Defaults Command Modes Command History Usage Information pfc-port-count {1-56} Enter the pfc-port count. The valid range is 1 to 56. pfc-queues {1-2} Enter the pfc-queue number. The valid range is 1 to 2. The PFC buffer is enabled on all ports on the stack unit. CONFIGURATION Version 8.3.16.1 Introduced on MXL 10/40GbE Switch IO Module If you configure PFC on a 40GbE port, count the 40GbE port as four PFC-enabled ports in the pfc-port number you enter in the command syntax.
www.dell.com | support.dell.com Usage Information If you configure PFC on a 40GbE port, count the 40GbE port as four PFC-enabled ports in the pfc-port number you enter in the command syntax. To achieve lossless PFC operation, the PFC port count and queue number used for the reserved buffer size that is created must be greater than or equal to the buffer size required for PFC-enabled ports and lossless queues on the switch.
dcbx version Configure the DCBX version used on the interface. dcbx version {auto | cee | cin | ieee-v2.5} Syntax To remove the DCBX version, use the no dcbx version {auto | cee | cin | ieee-v2.5} command. Parameters auto | cee | cin | ieee-v2.5 Enter the DCBX version type used on the interface, where: • auto: configures the port to operate using the DCBX version received from a • • • cee: configures the port to use CDD (Intel 1.01). cin: configures the port to use Cisco-Intel-Nuova (DCBX 1.0).
www.dell.com | support.dell.com Command History Version 8.3.16.1 Introduced on MXL 10/40GbE Switch IO Module description Enter a text description of the DCB policy (PFC input or ETS output). Syntax description text To remove the text description, use the no description command. Parameters Defaults Command Modes text Enter the description of the output policy. Maximum: 32 characters. none DCB INPUT POLICY DCB OUTPUT POLICY Command History Version 8.3.16.
Related Commands dcb-output Create a DCB output policy. dcb-policy output Apply the output policy. fcoe priority-bits Configure the FCoE priority advertised for the FCoE protocol in application priority TLVs. Syntax fcoe priority-bits priority-bitmap To remove the configured FCoE priority, use the no fcoe priority-bits command. Parameters Defaults Usage Information Command Modes Command History priority-bitmap Enter the priority-bitmap range. The valid range is 1 to FF.
www.dell.com | support.dell.com pfc link-delay Configure the link delay used to pause specified priority traffic. Syntax pfc link-delay value To remove the link delay, use the no pfc link-delay command. Parameters Defaults Command Modes Command History Usage Information Related Commands value Valid values (in quanta) are 712-65535. One quantum is equal to a 512-bit transmission. 45556 quantum DCB INPUT POLICY Version 8.3.16.
pfc no-drop queues Configure the port queues that will still function as no-drop queues for lossless traffic. Syntax pfc no-drop queues queue-range To remove the no-drop port queues, use the no pfc no-drop queues command. Parameters Defaults Command Modes Command History Usage Information queue-range Enter the queue range. Separate the queue values with a comma; specify a priority range with a dash; for example, pfc no-drop queues 1,3 or pfc no-drop queues 2-3. Valid values: 0 to 3.
www.dell.com | support.dell.com Defaults Command Modes Command History Usage Information none DCB INPUT POLICY Version 8.3.16.1 Introduced on MXL 10/40GbE Switch IO Module you can enable any number of 802.1p priorities for PFC. Queues to which PFC priority traffic is mapped are lossless by default. Traffic may be interrupted due to an interface flap (going down and coming up) when you reconfigure the lossless queues for no-drop priorities in a PFC input policy and re-apply the policy to an interface.
Related Commands priority-list Configure the 802.1p priorities for an ETS output policy. set-pgid Configure the priority-group. priority-group qos-policy Associate the 802.1p priority traffic in a priority group with the ETS configuration in a QoS output policy. Syntax priority-group group-name qos-policy ets-policy-name To remove the 802.1p priority group, use the no priority-group qos-policy command.
www.dell.com | support.dell.com Command Modes PRIORITY-GROUP Command History Usage Information Related Commands Version 8.3.16.1 Introduced on MXL 10/40GbE Switch IO Module By default: • • All 802.1p priorities are grouped in priority group 0. 100% of the port bandwidth is assigned to priority group 0. The complete bandwidth is equally assigned to each priority class so that each class has 12-13%. priority-group qos-policy Create an ETS priority group. set-pgid Configure the priority-group.
To remove the configured priority schedule, use the no scheduler command. Parameters value Enter schedule priority value. The valid values are: • • strict: strict priority traffic is serviced before any other queued traffic. werr: weighted elastic round robin (werr) provides low-latency scheduling for priority traffic on port queues. Defaults Command Modes Command History Usage Information WERR scheduling is used to queue priority traffic. POLICY-MAP-OUT-ETS Version 8.3.16.
www.dell.com | support.dell.com show dcb Displays the data center bridging status, the number of PFC-enabled ports, and the number of PFC-enabled queues. Syntax Parameters Command Mode Command History Example show dcb [stack-unit unit-number] unit number Enter the DCB unit number. The valid values are 0 to 5. EXEC PRIVILEGE Version 8.3.16.1 Figure 11-1.
Example Figure 11-2.
www.dell.com | support.dell.com Table 11-2. show interface dcbx detail Command Example Fields (continued) Field Description Local DCBX Configured mode DCBX version configured on the port: CEE, CIN, IEEE v2.5, or Auto (port auto-configures to use the DCBX version received from a peer). Peer Operating version DCBX version that the peer uses to exchange DCB parameters.
show interface ets Displays the ETS configuration applied to egress traffic on an interface, including priority groups with priorities and bandwidth allocation. Syntax Parameters Command Mode Command History show interface port-type slot/port ets {summary | detail} port-type slot/port ets Enter the port-type slot and port ETS information. {summary | detail} Enter the keyword summary for a summary list of results or enter the keyword detail for a full list of results. CONFIGURATION Version 8.3.16.
www.dell.com | support.dell.com Example 276 | Figure 11-3.
Example show interfaces ets detail Command Example FTOS(conf)# show interfaces tengigabitethernet 0/0 ets Interface TenGigabitEthernet 0/0 Max Supported TC Groups is 4 Number of Traffic Classes is 8 Admin mode is on Admin Parameters : -----------------Admin is enabled TC-grp Priority# Bandwidth TSA 0 0,1,2,3,4,5,6,7 100% ETS 1 0% ETS 2 0% ETS 3 0% ETS 4 0% ETS 5 0% ETS 6 0% ETS 7 0% ETS Priority# 0 1 2 3 4 5 6 7 Remote Parameters: ------------------Remote is disabled Local Parameters : -----------------Loc
www.dell.com | support.dell.com Table 11-3 lists the show interface ets detail field descriptions. Table 11-3. show interfaces ets detail Command Example Fields Field Description Interface Interface type with stack-unit and port number. Max Supported TC Group Maximum number of priority groups supported. Number of Traffic Classes Number of 802.1p priorities currently configured. Admin mode ETS mode: on or off.
show interface pfc Displays the PFC configuration applied to ingress traffic on an interface, including priorities and link delay. Syntax Parameters Command Mode Command History show interface port-type slot/port pfc {summary | detail} port-type slot/port pfc Enter the port-type slot and port PFC information. {summary | detail} Enter the keyword summary for a summary list of results or enter the keyword detail for a full list of results. INTERFACE Version 8.3.16.
www.dell.com | support.dell.com Example Figure 11-4.
Table 11-4. show interfaces pfc summary Command Example Fields (continued) Field Description Remote is enabled, Priority list Remote Willing Status is enabled Operational status (enabled or disabled) of peer device for DCBX exchange of PFC configuration with a list of the configured PFC priorities. Willing status of peer device for DCBX exchange (Willing bit received in PFC TLV): enabled or disabled.
www.dell.com | support.dell.com show interface pfc statistics Displays counters for the PFC frames received and transmitted (by dot1p priority class) on an interface. Syntax Parameters Command Mode Command History Example show interface port-type slot/port pfc statistics port-type Enter the port type. slot/port Enter the slot/port number. INTERFACE Version 8.3.16.1 Figure 11-5.
show qos dcb-output Displays the ETS configuration in a DCB output policy. Syntax Parameters Command Mode Command History Example show qos dcb-output [ets-profile] [ets-profile] Enter the ETS profile. EXEC PRIVILEGE Version 8.3.16.1 Figure 11-7.
www.dell.com | support.dell.com Parameters Command Mode Command History Example stack-unit Enter the stack unit identification. port-number Enter the port number. CONFIGURATION Version 8.3.16.1 Figure 11-9.
show stack-unit stack-ports pfc detail Displays the PFC configuration applied to ingress traffic on stacked ports, including PFC operational mode on each unit with the configured priorities, link delay, and number of pause packets sent and received. Syntax Parameters Command Mode Command History Example show stack-unit {all | stack-unit} stack-ports {all | port-number} pfc detail stack-unit Enter the stack unit. port-number Enter the port number. CONFIGURATION Version 8.3.16.1 Figure 11-10.
| Data Center Bridging www.dell.com | support.dell.
12 Debugging and Diagnostics This chapter contains three sections: • • • Offline Diagnostic Commands Buffer Tuning Commands Hardware Commands Offline Diagnostic Commands The offline diagnostics test suite is useful for isolating faults and debugging hardware. While tests are running, the Dell Networking operating software (FTOS) results are saved as a text file (TestReport-SU-X.txt) in the flash directory. The show file command is available only on Master and Standby.
www.dell.com | support.dell.com Defaults level0 Enter the keyword level0 to run Level 0 diagnostics. Level 0 diagnostics check for the presence of various components and perform essential path verifications. In addition, they verify the identification registers of the components on the board. level1 Enter the keyword Level1 to run Level 1 diagnostics. Level 1 diagnostics is a smaller set of diagnostic tests with support for automatic partitioning.
online stack-unit Place a stack unit in the online state. Syntax online stack-unit number Parameters Defaults Command Mode Command History number Enter the stack unit number. range: 0 to 5 none EXEC Privilege H Version 8.3.16.1 Introduced on the MXL 10/40GbE Switch IO Module.
www.dell.com | support.dell.com queue0 number Enter this keyword to allocate an amount of buffer space or packet pointers to Queue 0. Dedicated Buffer Range: 0-2013 Dynamic Buffer Range: FP: 0-2013 CSF: 0-131200 (in multiples of 80) Packet Pointer Range: 0-2047 queue1 number Enter this keyword to allocate an amount of buffer space or packet pointers to Queue 1.
Defaults Command Mode Usage Information port-set port-pipe Enter the keyword port-set followed by the port-pipe number. Range: 0-1 buffer-policy buffer-profile Enter the keyword buffer-policy followed by the name of a buffer profile you created. none BUFFER PROFILE If you attempt to apply a buffer profile to a non-existent port-pipe, FTOS displays the following message. However, the configuration still appears in the running-config.
www.dell.com | support.dell.com Usage Information The buffer-profile global command fails if you have already applied a custom buffer-profile on an interface. Similarly, when you configure buffer-profile global, you cannot not apply buffer-profile on any interface. If the default buffer-profile (4Q) is active, FTOS displays an error message instructing you to remove the default configuration using the no buffer-profile global command.
Example Figure 12-1. show buffer-profile Command Example FTOS#show buffer-profile summary fp-uplink Stack Unit Port-set Buffer-profile 0 0 test1 4 0 test2 FTOS# Related Commands buffer-profile (Configuration) Creates a buffer profile that can be applied to an interface. show buffer-profile interface Display the buffer profile that is applied to an interface.
www.dell.com | support.dell.com Hardware Commands These commands display information from a hardware sub-component or ASIC. The hardware commands are: • • • • • • clear hardware stack-unit clear hardware system-flow show hardware layer2 acl show hardware layer3 show hardware stack-unit show hardware system-flow clear hardware stack-unit Clear statistics from selected hardware components.
clear hardware system-flow Clear system-flow statistics from selected hardware components. Syntax Parameters Defaults clear hardware system-flow layer2 stack-unit 0-5 port-set 0-0 counters stack-unit 0-5 Enter the keyword stack-unit followed by 0 to 5 to select a particular stack member and then enter one of the following command options to clear a specific collection of data.
www.dell.com | support.dell.com Defaults stack-unit 0-5 Enter the keyword stack-unit followed by a numeral from 0 to 5 to select a stack ID. port-set 0-0 Enter the keyword port-set with a port-pipe number — 0. none Command Modes EXEC Privilege Command History Version 8.3.16.1 Introduced on the MXL 10/40GbE Switch IO Module. show hardware stack-unit Display the data plane or management plane input and output statistics of the designated component of the designated stack member.
Defaults Command Modes drops [unit 0-0 [port 1-56]] Enter the drops keyword to display internal drops on the selected stack member. Optionally, use the unit keyword with 0 to select port-pipe 0, and then use port 1-56 to select a port on that port-pipe. stack-port 33-56 Enter this keyword and a stacking port number to select a stacking port for which to display statistics. Identify the stack port number as you would to identify a 10G port that was in the same place in one of the rear modules.
www.dell.com | support.dell.com In the above example, the “Status” field represents presence of OPTM ports, “Programmed version” field represents loaded firmware version, and “SW version” represents SDK version. Example 2 Figure 12-4. .
Example 5 Figure 12-7. Example show hardware stack-unit drops unit (drop summary per port) Command FTOS#show hard stack-unit 0 drops unit 0 PortNumber 1 2 3 4 FTOS# Example 6 Figure 12-8.
www.dell.com | support.dell.com Example 7 Figure 12-9.
Example 9 Figure 12-11.
www.dell.com | support.dell.com Example 11 Figure 12-13. Example show hardware stack-unit per port buffer (a Specific Port) Command FTOS(conf)#show hardware stack-unit 0 buffer unit 0 port 1 buffer-info ----- Buffer Stats for Unit 0 Port 1 ----Maximum Shared Limit for the Port: 30720 Default Packet Buffer allocate for the Port: 120 Used Packet Buffer for the Port: 0 Example 12 Figure 12-14.
Example 1 Figure 12-15. show hardware system-flow layer2 counters Command Example FTOS#show hardware system-flow layer2 stack-unit 0 port-set 0 counters --------------------------------------------------------------------------EntryId Description #HITS --------------------------------------------------------------------------2048 STP BPDU Redirects 0 2047 LLDP BPDU Redirects 164904 2045 LACP traffic Redirects 0 2044 GVRP traffic Redirects 0 2043 ARP Reply Redirects 0 2042 802.
www.dell.com | support.dell.com Example 2 Figure 12-16.
Debugging and Diagnostics | 305
| Debugging and Diagnostics www.dell.com | support.dell.
13 Dynamic Host Configuration Protocol (DHCP) Overview Dynamic host configuration protocol (DHCP) is an application layer protocol that dynamically assigns IP addresses and other configuration parameters to network end-stations (hosts) based on configuration policies determined by network administrators. An MXL Switch can operate as a DHCP server or DHCP client. As a DHCP client, the switch requests an IP address from a DHCP server.
www.dell.com | support.dell.com clear ip dhcp Reset DHCP counters. Syntax Parameters Command Mode Default Command History Usage Information clear ip dhcp [binding {address} | conflict | server statistics] binding Enter this keyword to delete all entries in the binding table. address Enter the IP address to clear the binding entry for a single IP address. conflict Enter this keyword to delete all of the log entries created for IP address conflicts.
Default Command History none Version 8.3.16.1 Introduced on MXL 10/40GbE Switch IO Module disable Disable the DHCP server. DHCP Server is disabled by default. Enable the system to be a DHCP server using the no form of the disable command. Syntax Command Mode Default Command History disable DHCP Disabled Version 8.3.16.1 Introduced on MXL 10/40GbE Switch IO Module dns-server Assign a DNS server to clients based on address pool.
www.dell.com | support.dell.com Command History Version 8.3.16.1 Introduced on MXL 10/40GbE Switch IO Module excluded-address Prevent the server from leasing an address or range of addresses in the pool. Syntax Parameters Command Mode Default Command History excluded-address [address | low-address high-address] address Enter a single address to be excluded from the pool. low-address Enter the lowest address in a range of addresses to be excluded from the pool.
lease Specify a lease time for the addresses in a pool. Syntax Parameters Command Mode Default Command History lease {days [hours] [minutes] | infinite} days Enter the number of days of the lease. Range: 0-31 hours Enter the number of hours of the lease. Range: 0-23 minutes Enter the number of minutes of the lease. Range: 0-59 infinite Specify that the lease never expires. DHCP 24 hours Version 8.3.16.
www.dell.com | support.dell.com Parameters Command Mode Default Command History type Enter the NETBIOS node type. Broadcast: Enter the keyword b-node. Hybrid: Enter the keyword h-node. Mixed: Enter the keyword m-node. Peer-to-peer: Enter the keyword p-node. DHCP Hybrid Version 8.3.16.1 Introduced on MXL 10/40GbE Switch IO Module network Specify the range of addresses in an address pool.
Parameters Command Mode Default Command History pool name Display the configuration for a DHCP pool. global Display the DHCP configuration for the entire system. EXEC Privilege none Version 8.3.16.1 Introduced on MXL 10/40GbE Switch IO Module show ip dhcp conflict Display the address conflict log. Syntax Parameters Command Mode Default Command History show ip dhcp conflict address address Display a particular conflict log entry. EXEC Privilege none Version 8.3.16.
www.dell.com | support.dell.com Commands to Configure the System to be a DHCP Client • clear ip dhcp ip address dhcp Configure an Ethernet interface to acquire its IP address from a DHCP network server. Syntax Command Mode Default Command History Usage Information ip address dhcp INTERFACE The Ethernet is not configured to operate as a DHCP client and receive a dynamic IP address. Version 8.3.16.
Other Commands supported by DHCP Client • • • • • • • clear ip dhcp client statistics debug ip dhcp clients events debug ip dhcp clients packets release dhcp interface renew dhcp interface show ip dhcp client statistics show ip dhcp lease clear ip dhcp client statistics Display DHCP client statistics, including the number of DHCP messages sent and received on an interface.
www.dell.com | support.dell.com Command Mode Default Command History EXEC Privilege None Version 8.3.16.1 Introduced on MXL 10/40GbE Switch IO Module debug ip dhcp clients packets Enable the display of log messages for all DHCP packets sent and received on DHCP client interfaces. Syntax Parameters Command Mode Default Command History debug ip dhcp client packets [interface type slot/port] interface type slot/ port Display log messages for DHCP packets sent and received on the specified interface.
renew dhcp interface Re-acquire a dynamic IP address on an Ethernet interface enabled as a DHCP client. Syntax Parameters Command Mode Default Command History Usage Information renew dhcp interface type slot/port interface type slot/ port For a 10-GigabitEthernet Ethernet interface, enter TenGigabitEthernet followed by the slot/port numbers; for example, tengigabitethernet 1/3.
www.dell.com | support.dell.com Parameters Command Mode Default interface type slot/ port Display DHCP lease information on the specified interface. For a 10-GigabitEthernet Ethernet interface, enter TenGigabitEthernet followed by the slot/port numbers; for example, tengigabitethernet 1/3. For a 40-GigabitEthernet Ethernet interface, enter FortyGigabitEthernet followed by the slot/port numbers; for example, fortygigabitethernet 0/2.
arp inspection-trust Specify a port as trusted so that ARP frames are not validated against the binding table. Syntax Command Modes arp inspection-trust INTERFACE INTERFACE PORT-CHANNEL Default Command History Related Commands Disabled Version 8.3.16.1 arp inspection Introduced on MXL 10/40GbE Switch IO Module Enables Dynamic ARP Inspection on a VLAN. clear ip dhcp snooping Clear the DHCP binding table.
www.dell.com | support.dell.com Introduced in FTOS version 7.8.1.0, DHCP snooping was available for Layer 3 only and dependent on DHCP Relay Agent (ip helper-address). FTOS version 8.2.1.0 extends DHCP Snooping to Layer 2, and you do not have to enable relay agent to snoop on Layer 2 interfaces. Related Commands ip dhcp snooping vlan Enables DHCP snooping on one or more VLANs. ip dhcp snooping database Delay writing the binding table for a specified time.
Command History Related Commands Version 8.3.16.1 Introduced on MXL 10/40GbE Switch IO Module show ip dhcp snooping Displays the contents of the DHCP binding table. ip dhcp snooping database renew Renew the binding table. Syntax Command Modes ip dhcp snooping database renew EXEC EXEC Privilege Default Command History none Version 8.3.16.1 Introduced on MXL 10/40GbE Switch IO Module ip dhcp snooping trust Configure an interface as trusted.
www.dell.com | support.dell.com 1 Use the command cam-acl l2acl from CONFIGURATION mode 2 Save the running-config to the startup-config 3 Reload the system. ip dhcp snooping vlan Enable DHCP snooping on one or more VLANs. Syntax Parameters Command Modes Default Command History Usage Information Related Commands [no] ip dhcp snooping vlan name name Enter the name of a VLAN on which to enable DHCP Snooping. CONFIGURATION Disabled Version 8.3.16.
Parameters Command Modes binding Display the binding table. source-address-validation Display the interfaces configured with IP Source Guard. EXEC EXEC Privilege Default Command History Related Commands none Version 8.3.16.1 clear ip dhcp snooping Introduced on MXL 10/40GbE Switch IO Module Clears the contents of the DHCP binding table. ip dhcp snooping verify mac-address Validate a DHCP packet’s source hardware address against the client hardware address field (CHADDR) in the payload.
www.dell.com | support.dell.
14 Equal Cost Multi-Path Overview Equal cost multi-path (ECMP) is supported on the MXL 10/40GbE Switch IO Module. Commands The ECMP commands are: • • • • • • ecmp-group hash-algorithm / hash-algorithm ecmp hash-algorithm seed ip ecmp-group link-bundle-monitor enable ecmp-group Provides a mechanism to monitor traffic distribution on an ECMP link bundle. A system log is generated when the standard deviation of traffic distribution on a member link exceeds a defined threshold.
www.dell.com | support.dell.com interface Enter the following keywords and slot/port to add the interface to the ECMP group. • For a 10-Gigabit Ethernet interface, enter the keyword • TenGigabitEthernet followed by the slot/port information. For a 40-Gigabit Ethernet interface, enter the keyword fortyGigE followed by the slot/port information. link-bundle-monitor Defaults Command Modes Enter the keywords link-bundle-monitor to enable link bundle monitoring.
Parameters algorithm-number Enter the algorithm number.
www.dell.com | support.dell.com The line card option is applicable with the lag-hash-align microcode only. Any other microcode returns an error message as follows: FTOS(conf)#hash-algorithm linecard 5 ip-sa-mask ff ip-da-mask ff % Error: This command is not supported in the current microcode configuration.
Defaults Command Modes Command History Usage Information crc-lower, dest-ip enabled CONFIGURATION Version 9.2(0.0) Introduced on the MXL 10/40GbE Switch IO Module. The hash value calculated with the hash-algorithm command is unique to the entire chassis. The default ECMP hash configuration is crc-lower. This takes the lower 32 bits of the hash key to compute the egress port and is the “fall-back” configuration if the user hasn’t configured anything else.
www.dell.com | support.dell.com FTOS provides a CLI-based solution for modifying the hash seed to ensure that on each configured system, the ECMP selection is same. When configured, the same seed is set for ECMP, LAG, and NH, and is used for incoming traffic only. Note: While the seed is stored separately on each port-pipe, the same seed is used across all CAMs. Note: You cannot separate LAG and ECMP, but you can use different algorithms across chassis with the same seed.
Command History Version 9.2(0.0) Introduced on the MXL 10/40GbE Switch IO Module. link-bundle-monitor enable Provides a mechanism to enable monitoring of traffic distribution on an ECMP link bundle. Syntax link-bundle-monitor enable To exit from ecmp group mode, use the exit command. Command Modes ECMP-GROUP PORT-CHANNEL INTERFACE Command History Version 9.2(0.0) Introduced on the MXL 10/40GbE Switch IO Module. show config Display the ECMP configuration.
| Equal Cost Multi-Path www.dell.com | support.dell.
15 FIPS Cryptography Overview The following commands are used to configure the FIPS Cryptography feature on the MXL 10/40GbE Switch IO Module. FIPS • • • • fips mode enable show fips status show ip ssh ssh fips mode enable Enable the FIPS cryptography mode on the platform. Syntax [no] fips mode enable Use the no fips mode enable command to disable the FIPS cryptography mode.
www.dell.com | support.dell.com show fips status Displays the status of the FIPs mode. Syntax show fips status Default None Command Mode Example EXEC FTOS#show fips status FIPS Mode : Enabled FTOS# Command History Version 9.2(0.0) Introduced on the MXL 10/40GbE Switch IO Module. show ip ssh Display information about established SSH sessions. Syntax Command Modes show ip ssh EXEC EXEC Privilege Example Without FIPS Mode enabled: FTOS#sh ip ssh 334 | SSH server : enabled.
With FIPS Mode enabled: FTOS#sh ip ssh SSH server : enabled. SSH server version : v2. Password Authentication : enabled. Hostbased Authentication : disabled. RSA : disabled. * Command History Authentication Vty Encryption HMAC 0 aes128-cbc hmac-sha1 10.11.8.13 1 aes128-cbc hmac-sha1 10.1.20.48 Version 9.2(0.0) Remote IP Introduced on the MXL 10/40GbE Switch IO Module. ssh Open an SSH connection specifying the hostname, username, port number and version of the SSH client.
www.dell.com | support.dell.com -p port-number (OPTIONAL) Enter the keyword -p followed by the port number. Range: 1 to 65536 Default: 22 -v {1 | 2} (OPTIONAL) Enter the keyword -v followed by the SSH version 1 or 2. Default: The version from the protocol negotiation. Note: If the FIPS mode is enabled, this option does not display in the output. Defaults As indicated above. Command Modes EXEC Privilege Command History Version 9.2(0.0) Example Introduced on the MXL 10/40GbE Switch IO Module.
16 FIP Snooping Overview In a converged Ethernet network, an MXL Switch can operate as an intermediate Ethernet bridge to snoop on Fibre Channel over Ethernet Initialization Protocol (FIP) packets during the login process on Fibre Channel over Ethernet (FCoE) forwarders (FCFs). Acting as a transit FIP snooping bridge, the switch uses dynamically-created ACLs to permit only authorized FCoE traffic to be transmitted between an FCoE end-device and an FCF.
www.dell.com | support.dell.com Command History Version 8.3.16.1 Introduced on MXL 10/40GbE Switch IO Module clear fip-snooping statistics Clears the statistics on the FIP packets snooped on all VLANs, a specified VLAN, or a specified port interface. Syntax Parameters Command Modes Command History clear fip-snooping statistics [interface vlan vlan-id | interface port-type port/slot | interface port-channel port-channel-number] vlan-id Enter the VLAN ID of the FIP packet statistics to be cleared.
fip-snooping enable Enable FIP snooping on all VLANs or on a specified VLAN. Syntax fip-snooping enable To disable the FIP snooping feature on all or a specified VLAN, use the no fip-snooping enable command. Defaults Command Modes FIP snooping is disabled on all VLANs. • • Command History Usage Information CONFIGURATION VLAN INTERFACE Version 8.3.16.1 Introduced on MXL 10/40GbE Switch IO Module The maximum number of FCFs supported per FIP snooping-enabled VLAN is four.
www.dell.com | support.dell.com show fip-snooping config Display the FIP snooping status and configured FC-MAP values. Syntax Command Mode show fip-snooping config • • Command History Example EXEC EXEC Privilege Version 8.3.16.1 Figure 16-1.
Table 16-1. show fip-snooping enode Command Field Description Field Description ENode MAC MAC address of the ENode ENode Interface Slot/ port number of the interface connected to the ENode. FCF MAC MAC address of the FCF VLAN VLAN ID number used by the session FC-ID Fibre Channel session ID assigned by the FCF.
www.dell.com | support.dell.com Table 16-2. show fip-snooping fcf Command Field Descriptions (continued) Field Description No of ENodes Number of ENodes connected to the FCF FC-ID Fibre Channel session ID assigned by the FCF.
Table 16-3. show fip-snooping sessions Command Field Description (continued) Field Description FCF MAC MAC address of the FCF. FCF Interface Slot/ port number of the interface to which the FCF is connected. VLAN VLAN ID number used by the session. FCoE MAC MAC address of the FCoE session assigned by the FCF. FC-ID Fibre Channel ID assigned by the FCF. Port WWPN Worldwide port name of the CNA port. Port WWNN Worldwide node name of the CNA port.
www.dell.com | support.dell.com Example Figure 16-5.
Figure 16-6.
www.dell.com | support.dell.com Table 16-4.
show fip-snooping vlan Display information on the FCoE VLANs on which FIP snooping is enabled. Syntax Command Mode Command History Example show fip-snooping vlan • • EXEC EXEC Privilege Version 8.3.16.1 Figure 16-8.
| FIP Snooping www.dell.com | support.dell.
17 Force10 Resilient Ring Protocol (FRRP) Overview Force10 Resilient Ring Protocol (FRRP) is supported on the MXL 10/40GbE Switch IO Module. FRRP is a proprietary protocol for that offers fast convergence in a Layer 2 network without having to run the spanning tree protocol (STP). The resilient ring protocol is an efficient protocol that transmits a high-speed token across a ring to verify the link status.
www.dell.com | support.dell.com clear frrp Clear the FRRP statistics counters. Syntax clear frrp [ring-id] Parameters Defaults Command Modes ring-id No default values or behavior EXEC Command History Example (Optional) Enter the ring identification number. Range: 1 to 255 Version 9.2(0.0) Figure 17-1. Introduced on the MXL 10/40GbE Switch IO Module.
Parameters Defaults Command Modes Command History Usage Information event Enter the keyword event to display debug information related to ring protocol transitions. packet Enter the keyword packet to display brief debug information related to control packets. detail Enter the keyword detail to display detailed debug information related to the entire ring protocol packets. ring-id (Optional) Enter the ring identification number.
www.dell.com | support.dell.com Command History Version 9.2(0.0) Introduced on the MXL 10/40GbE Switch IO Module. interface Configure the primary, secondary, and control-vlan interfaces. Syntax interface {primary interface secondary interface control-vlan vlan-id} To return to the default, use the no interface {primary interface secondary interface control-vlan vlan-id} command.
member-vlan Specify the member VLAN identification numbers. Syntax member-vlan {vlan-range} To return to the default, use the no member-vlan [vlan-range] command. Parameters Defaults Command Modes vlan-range Enter the member VLANs using comma separated VLAN IDs, a range of VLAN IDs, a single VLAN ID, or a combination. For example: Comma separated: 3, 4, 6 Range: 5-10 Combination: 3, 4, 5-10, 8 No default values or behavior CONFIGURATION (conf-frrp) Command History Version 9.2(0.
www.dell.com | support.dell.com Command Modes Command History Usage Information CONFIGURATION Version 9.2(0.0) Introduced on the MXL 10/40GbE Switch IO Module. This command places you into the Resilient Ring Protocol. After executing this command, the command line prompt changes to conf-frrp. show frrp Display the Resilient Ring Protocol configuration.
Example 3 Figure 17-4. show frrp ring-id summary Command Example FTOS#show frrp 2 summary Ring-ID State Mode Ctrl_Vlan Member_Vlans ----------------------------------------------------------------2 Up Master 2 11-20, 25, 27-30 FTOS# Related Commands protocol frrp Enter the Resilient Ring Protocol and designate a ring identification timer Set the hello or dead interval for the Ring control packets.
www.dell.com | support.dell.
18 GARP VLAN Registration (GVRP) Commands The generic attribute registration protocol (GVRP) commands are: • • • • • • • • • • • • clear gvrp statistics debug gvrp disable garp timers gvrp enable gvrp registration protocol gvrp show config show garp timers show gvrp show gvrp statistics show vlan The GARP mechanism allows the configuration of a GARP participant to propagate through a network quickly.
www.dell.com | support.dell.com Important Points to Remember • • • • • • • • • • • • • GVRP is supported on Layer 2 ports only. All VLAN ports added by GVRP are tagged. GVRP is supported on untagged ports belonging to a default VLAN, and tagged ports. GVRP cannot be enabled on untagged ports belonging to a non-default VLAN unless native VLAN is turned on. GVRP requires end stations with dynamic access network interface controller (NICs).
Related Commands show gvrp statistics Displays the GVRP statistics debug gvrp Enable debugging on GVRP. Syntax debug gvrp {config | events | pdu} To disable debugging, use the no debug gvrp {config | events | pdu} command. Parameters config Enter the keyword config to enable debugging on the GVRP configuration. event Enter the keyword event to enable debugging on the JOIN/LEAVE events.
www.dell.com | support.dell.com garp timers Set the intervals (in milliseconds) for sending GARP messages. Syntax garp timers {join | leave | leave-all} To return to the previous setting, use the no garp timers {join | leave | leave-all} command. Parameters Defaults Command Modes Command History Usage Information join Enter the keyword join followed by the number of milliseconds to configure the join time.
gvrp enable Enable GVRP on physical interfaces and LAGs. Syntax gvrp enable To disable GVRP on the interface, use the no gvrp enable command. Defaults Command Modes Command History Related Commands Disabled CONFIGURATION-INTERFACE Version 8.3.16.1 disable Introduced on MXL 10/40GbE Switch IO Module Globally disables the GVRP. gvrp registration Configure the GVRP register type. Syntax gvrp registration {fixed | normal | forbidden} To return to the default, use the gvrp register normal command.
www.dell.com | support.dell.com Related Commands show gvrp Displays the GVRP configuration including the registration protocol gvrp Access GVRP protocol — (config-gvrp)#. Syntax Defaults Command Modes protocol gvrp Disabled CONFIGURATION Command History Version 8.3.16.1 Related Commands disable Introduced on MXL 10/40GbE Switch IO Module Globally disables the GVRP. show config Display the global GVRP configuration.
Example Figure 18-1. show garp timers Command Example FTOS#show garp timers GARP Timers Value (milliseconds) ---------------------------------------Join Timer 200 Leave Timer 600 LeaveAll Timer 10000 FTOS# Related Commands garp timers Sets the intervals (in milliseconds) for sending GARP messages. show gvrp Display the GVRP configuration. Syntax Parameters show gvrp [brief | interface] brief (OPTIONAL) Enter the keyword brief to display a brief summary of the GVRP configuration.
www.dell.com | support.dell.com to GVRP Participants running on no ports Related Commands show gvrp statistics Displays the GVRP statistics. show gvrp statistics Display the GVRP configuration statistics.
• • • The attribute that was being parsed had an invalid attribute length. The attribute that was being parsed had an invalid GARP event. The attribute that was being parsed had an invalid VLAN ID. The valid range is 1 - 4095. A failed registration can occur for the following reasons: • • Related Commands Join requests were received on a port that was blocked from learning dynamic VLANs (GVRP Blocking state). An entry for a new GVRP VLAN could not be created in the GVRP database.
www.dell.com | support.dell.
19 Internet Group Management Protocol (IGMP) IGMP Snooping Commands The Dell Networking operating software (FTOS) supports internet group management protocol (IGMP) snooping version 2 and 3 on all Dell Networking systems: • • • • • • • • • • • • • ip igmp access-group ip igmp group-join-limit ip igmp querier-timeout ip igmp query-interval ip igmp query-max-resp-time ip igmp version ip igmp snooping enable ip igmp snooping fast-leave ip igmp snooping flood ip igmp snooping last-member-query-interval ip igmp
www.dell.com | support.dell.com Important Points to Remember for IGMP Querier • • • • • • • The IGMP snooping Querier supports version 2. You must configure an IP address to the VLAN interface for IGMP snooping Querier to begin. The IGMP snooping Querier disables itself when a VLAN IP address is cleared, and then it restarts itself when an IP address is re-assigned to the VLAN interface.
Command History Version 8.3.16.1 Introduced on MXL 10/40GbE Switch IO Module ip igmp querier-timeout Change the interval that must pass before a multicast router decides that there is no longer another multicast router that should be the querier. Syntax ip igmp querier-timeout seconds To return to the default value, enter no ip igmp querier-timeout. Parameters Defaults Command Modes Command History seconds Enter the number of seconds the router must wait to become the new querier.
www.dell.com | support.dell.com Parameters Defaults Command Modes Command History seconds Enter the number of seconds for the maximum response time. Default: 10 seconds Range: 1 to 25 10 seconds INTERFACE Version 8.3.16.1 Introduced on MXL 10/40GbE Switch IO Module ip igmp version Manually set the version of the router to IGMPv2 or IGMPv3. Syntax Parameters Defaults Command Modes Command History ip igmp version {2 | 3} 2 Enter the number 2 to set the IGMP version number to IGMPv2.
Related Commands no shutdown Activates an interface. ip igmp snooping fast-leave Enable IGMP snooping fast leave for this VLAN. Syntax ip igmp snooping fast-leave To disable IGMP snooping fast leave, use the no igmp snooping fast-leave command. Defaults Command Modes Command History Usage Information Not configured INTERFACE VLAN — (conf-if-vl-n) Version 8.3.16.
www.dell.com | support.dell.com ip igmp snooping last-member-query-interval The last member query interval is the maximum response time inserted into Group-Specific queries sent in response to Group-Leave messages. This interval is also the interval between successive Group-Specific Query messages. Use this command to change the last member query interval. Syntax ip igmp snooping last-member-query-interval milliseconds To return to the default value, enter no ip igmp snooping last-member-query-interval.
ip igmp snooping querier Enable IGMP querier processing for the VLAN interface. Syntax ip igmp snooping querier To disable IGMP querier processing for the VLAN interface, enter no ip igmp snooping querier command. Defaults Command Modes Command History Usage Information Not configured INTERFACE VLAN — (conf-if-vl-n) Version 8.3.16.1 Introduced on MXL 10/40GbE Switch IO Module This command enables the IGMP switch to send General Queries periodically.
www.dell.com | support.dell.
20 \ Interfaces Overview This chapter defines interface commands and is divided into the following sections: • • • • Basic Interface Commands Port Channel Commands Time Domain Reflectometer (TDR) UDP Broadcast Basic Interface Commands The following commands are for physical, loopback, and null interfaces: • • • • • • • • • • • • • • • • • • • • • • • clear counters clear dampening cx4-cable-length dampening description duplex (1000/10000 Interfaces) flowcontrol interface interface loopback interface Ma
www.dell.com | support.dell.
Example Figure 20-1. clear counters Command Example FTOS#clear counters Clear counters on all interfaces [confirm] Related Commands mac learning-limit Limit the maximum number of MAC addresses (static + dynamic) learned on a selected interface. show interfaces Display information on a specific physical interface or virtual interface. clear dampening Clear the dampening counters on all the interfaces or just the specified interface.
www.dell.com | support.dell.com Parameters long | medium | short Enter the keyword that matches the cable length to be used at the selected port: short = For 1-meter and 3-meter cable lengths medium = For 5-meter cable length long = For 10-meter and 15-meter cable lengths Defaults Command Mode Command History Usage Information Example medium INTERFACE Version 8.3.16.1 Introduced on the MXL 10/40GbE Switch IO Module. This command only works on ports that the system recognizes as CX4 ports.
Parameters half-life Enter the number of seconds after which the penalty is decreased. The penalty is decreased by half after the half-life period expires. Range: 1 to 30 seconds Default: 5 seconds Defaults Command Modes Enter a number as the reuse threshold, the penalty value below which the interface state is changed to “up”. Range: 1 to 20000 Default: 750 suppress-threshold Enter a number as the suppress threshold, the penalty value above which the interface state is changed to “error disabled”.
www.dell.com | support.dell.com description Assign a descriptive text string to the interface. Syntax description desc_text To delete a description, enter no description. Parameters Defaults Command Modes desc_text No description is defined. INTERFACE Command History Usage Information Version 8.3.16.1 • • • • Related Commands Enter a text string up to 240 characters long. To use special characters as a part of the description string, you must enclose the whole string in double quotes.
Usage Information This command applies to any physical interface with speed set to 1000/10000. Note: Starting with FTOS 7.8.1.0, when a copper SFP2 module with catalog number GP-SFP2-1T is used, its speed can be manually set with the speed command. When the speed is set to 10 or 100 Mbps, the duplex command can also be executed. Related Commands speed (for 1000/10000/auto interfaces) Sets the speed on the Base-T Ethernet interface. negotiation auto Enables or disables auto-negotiation on an interface.
Do not enable tx pause when buffer carving is enabled. Consult Dell Networking TAC for information and assistance. Asymmetric flow control (rx on tx off or rx off tx on) setting for the interface port less than 100 Mb/s speed is not permitted. The following error is returned: www.dell.com | support.dell.com • • Cannot configure Asymmetric flowcontrol when speed <1G, config ignored The only configuration applicable to half duplex ports is rx off tx off.
Table 20-1. Negotiated Flow Control Values Configured LocRxConf Negotiated LocTxConf RemoteRxConf RemoteTxConf LocNegRx LocNegTx RemNegRx RemNegTx off off off off on on off on off on off off off off off off off off off off off off off off off off on on off off on on off on off on off off on on off off on on off off on on off off on on Related Commands show running-config Displays the flow configuration parameters (non-default values only).
www.dell.com | support.dell.com Related Commands 384 | Interfaces interface loopback Configures a Loopback interface. interface null Configures a Null interface. interface port-channel Configures a port channel. interface vlan Configures a VLAN. show interfaces Displays interface configuration.
interface loopback Configure a Loopback interface. Syntax interface loopback number To remove a loopback interface, use the no interface loopback number command. Parameters Defaults Command Modes Command History Example number Enter a number as the interface number. Range: 0 to 16383. Not configured. CONFIGURATION Version 8.3.16.1 Figure 20-8. Introduced on the MXL 10/40GbE Switch IO Module.
www.dell.com | support.dell.com The Management port is enabled by default (no shutdown). Use the ip address command to assign an IP address to the Management port. Related Commands management route Configure a static route that points to the Management interface or a forwarding router. duplex (1000/10000 Interfaces) Configure duplex mode on any physical interfaces where the speed is set to 1000/10000 interface null Configure a Null interface on the switch.
Parameters interface, interface,... Enter the keyword interface range and one of the interfaces — slot/port, port-channel or VLAN number. Select the range of interfaces for bulk configuration. You can enter up to six comma separated ranges—spaces are not required between the commas. Comma-separated ranges can include VLANs, port-channels and physical interfaces. Slot/Port information must contain a space before and after the dash.
www.dell.com | support.dell.com Example Figure 20-13. Interface Range prompt Overlapping Port Ranges FTOS(conf)#interface range tengig 2/1 - 11 , tengig 2/1 - 23 FTOS(conf-if-range-tengig-2/1-23# Only VLAN and port-channel interfaces created using the interface vlan and interface port-channel commands can be used in the interface range command. Use the show running-config command to display the VLAN and port-channel interfaces.
interface range macro (define) Defines a macro for an interface range and then saves the macro in the running configuration. Syntax Parameters define interface range macro name interface , interface , ... name Enter up to 16 characters for the macro name. interface , interface ,... Enter the interface keyword (see below) and one of the interfaces slot/port, port-channel or VLAN numbers. Select the range of interfaces for bulk configuration.
www.dell.com | support.dell.com interface range macro name Run the interface-range macro to automatically configure the pre-defined range of interfaces. Syntax Parameters Defaults Command Modes Command History Usage Information Example interface range macro name name Enter the name of an existing macro. none CONFIGURATION Version 8.3.16.1 Introduced on the MXL 10/40GbE Switch IO Module. Figure 20-18 runs the macro named test that was defined earlier. Figure 20-18.
FTP, TFTP, and SNMP operations are not supported on a VLAN. MAC ACLs are not supported in VLANs. IP ACLs are supported. Refer to Chapter 6, Access Control Lists (ACL). Related Commands interface Configures a physical interface. interface loopback Configures a loopback interface. interface null Configures a null interface. interface port-channel Configures a port channel group. show vlan Displays the current VLAN configuration on the switch. shutdown Disables/Enables the VLAN.
www.dell.com | support.dell.com Parameters Defaults Command Modes Command History Usage Information seconds (OPTIONAL) For interfaces with PPP encapsulation enabled, enter the number of seconds between keepalive packets. Range: 0 to 23767 Default: 10 seconds Enabled INTERFACE Version 8.3.16.1 Introduced on the MXL 10/40GbE Switch IO Module. When you configure keepalive, the system sends a self-addressed packet out of the configured interface to verify that the far end of a WAN link is up.
Example Figure 20-20. systest-3 monitor Command Example of a Single Interface Monitor time: 00:00:06 Refresh Intvl.
www.dell.com | support.dell.com Parameters Defaults Command Modes value 1554 INTERFACE Command History Usage Information Enter a maximum frame size in bytes. Range: 594 to 9252 MXL Switch Range: 594 to 12000 Default: 1554 Version 8.3.16.1 Introduced on the MXL 10/40GbE Switch IO Module.
negotiation auto Enable auto-negotiation on an interface. Syntax negotiation auto To disable auto-negotiation, enter no negotiation auto. Defaults Command Modes Enabled INTERFACE Command History Usage Information Version 8.3.16.1 Introduced on the MXL 10/40GbE Switch IO Module. The no negotiation auto command is only available if you first manually set the speed of a port to 10Mbits or 100Mbits.
www.dell.com | support.dell.com Figure 20-22. Display Auto-negotiation Master/Slave Setting (partial) FTOS#show interfaces configured TenGigabitEthernet 13/18 is up, line protocol is up Hardware is Dell Force10Eth, address is 00:01:e8:05:f7:fc Current address is 00:01:e8:05:f7:fc Interface index is 474791997 Internet address is 1.1.1.
Command History Example Version 8.3.16.1 Figure 20-23. Introduced on the MXL 10/40GbE Switch IO Module.
www.dell.com | support.dell.com Example Figure 20-24.
rate-interval Configure the traffic sampling interval on the selected interface. Syntax rate-interval seconds Parameters Defaults Command Modes seconds 299 seconds INTERFACE Command History Usage Information Enter the number of seconds for which to collect traffic data. Range: 5 to 299 seconds Note: For 0-5 seconds, polling occurs every 5 seconds. For 6-10 seconds, polling occurs every 10 seconds. For any other value, polling occurs every 15 seconds. Version 8.3.16.
www.dell.com | support.dell.com Command History Version 8.3.16.1 Example Figure 20-27. Introduced on the MXL 10/40GbE Switch IO Module.
Note: After the counters are cleared, the line-rate continues to increase until it reaches the maximum line rate. When the maximum line rate is reached, there will be no change in the line-rate. Example Figure 20-28. show interfaces Command Example for 10G Port FTOS#show interfaces tengigabitethernet 2/0 TenGigabitEthernet 2/0 is up, line protocol is up Hardware is Dell Force10Eth, address is 00:01:e8:05:f7:3a Interface index is 100990998 Internet address is 213.121.22.
www.dell.com | support.dell.com Table 20-5. Lines in show interfaces Command Example Line Input Statistics: Description Displays all the input statistics including: • Number of packets and bytes into the interface • Number of packets with IP headers and VLAN tagged headers. Note: The sum of the number of packets may not be as expected since a VLAN tagged IP packet counts as both a VLAN packet and an IP packet.
Example Figure 20-29. show interfaces Command Example for 1G SFP Interface FTOS#show interfaces tengigabitethernet 0/44 TenGigabitEthernet 0/44 is up, line protocol is up Hardware is DellForce10Eth, address is 00:01:e8:43:00:01 Current address is 00:01:e8:43:00:01 Port is present Pluggable media present, SFP+ type is 10GBASE-SR Medium is MultiRate, Wavelength is 850nm SFP+ receive power reading is -3.
www.dell.com | support.dell.com Related Commands show interfaces configured Displays any interface with a non-default configuration. show interfaces stack-unit Displays information on all interfaces on a specific stack unit. strict-priority unicast Displays information of either rate limiting or rate policing on the interface. show interfaces switchport Displays Layer 2 information about the interfaces.
show interfaces dampening Display interface dampening information. Syntax Parameters show interfaces dampening [[interface] [summary] [detail]] interface (OPTIONAL) Enter one of the following keywords and slot/port or number information: • For a Port Channel interface, enter the keyword port-channel followed by a number: Range: 1-128 • For a 10-Gigabit Ethernet interface, enter the keyword • TenGigabitEthernet followed by the slot/port information.
www.dell.com | support.dell.com show interfaces description Display the descriptions configured on the interface. Syntax Parameters show interfaces [interface] description interface Enter one of the following keywords and slot/port or number information: • • • • • • • Command Modes For Loopback interfaces, enter the keyword loopback followed by a number from 0 to 16383. For the management interface on the stack unit enter the keyword ManagementEthernet followed by the slot/port information.
Table 20-6. show interfaces description Command Example Fields Field Description Protocol States whether IP is enabled (up) or disabled (down) on the interface. Description Displays the description (if any) manually configured for the interface. Related Commands show interfaces Display information on a specific physical interface or virtual interface. show interfaces stack-unit Display information on all interfaces on a specific MXL Switch stack member.
www.dell.com | support.dell.com Related Commands show hardware stack-unit Displays data plane and management plane input/output statistics. show interfaces Displays information on a specific physical interface or virtual interface. show interfaces status Display a summary of interface information or specify a stack unit and interface to display status information for that specific interface only.
show interfaces switchport Display only virtual and physical interfaces in Layer 2 mode. This command displays the Layer 2 mode interfaces’ IEEE 802.1Q tag status and VLAN membership.
www.dell.com | support.dell.com Example Figure 20-36. show interfaces switchport Command Example FTOS#show interfaces switchport Codes: U - Untagged, T - Tagged x - Dot1x untagged, X - Dot1x tagged G - GVRP tagged, M - Trunk, H - VSN tagged i - Internal untagged, I - Internal tagged, v - VLT untagged, V - VLT tagged Name: TenGigabitEthernet 3/20 802.1QTagged: Hybrid Vlan membership: Q Vlans U 20 T 10 Native VlanId: 20. Name: TenGigabitEthernet 5/20 802.
show interfaces transceiver Display the physical status and operational status of an installed transceiver. The output also displays the transceiver’s serial number. Syntax Parameters Command Modes show interfaces [tengigabitethernet slot/port | fortyGigE slot/port] transceiver tengigabitethernet For a 10G interface, enter the keyword tengigabitethernet followed by the slot/port information. fortyGigE For a 40G interface, enter the keyword fortyGigE followed by the slot/port information.
www.dell.com | support.dell.com Example Figure 20-37. show interfaces tengigabitethernet transceiver Command Example FTOS#show interfaces tengigabitethernet 1/0 transceiver SFP is present.
Table 20-8. Diagnostic Data in show interfaces transceiver Line Description Rx Power measurement type Output depends on the vendor, typically either “Average” or “OMA” (Receiver optical modulation amplitude). Temp High Alarm threshold Factory-defined setting, typically in Centigrade. Value differs between SFPs and SFP+. Voltage High Alarm threshold Displays the interface index number used by SNMP to identify the interface. Bias High Alarm threshold Factory-defined setting.
www.dell.com | support.dell.com Table 20-8. 414 | Interfaces Diagnostic Data in show interfaces transceiver (continued) Line Description Tx Power Present Tx power of the SFP. If this crosses Tx power alarm/warning thresholds, then the Tx power high alarm/warning flag is set to true. If it falls below the low alarm/warning thresholds, then the Tx power low alarm/ warning flag is set to true. Rx Power Present Rx power of the SFP. This value is either average Rx power or OMA.
Table 20-8. Related Commands Diagnostic Data in show interfaces transceiver (continued) Line Description Tx Power High Warning Flag This can be either true or false, depending on the Current Tx power value displayed above. Rx Power High Warning Flag This can be either true or false, depending on the Current Tx power value displayed above. Temperature Low Warning Flag This can be either true or false, depending on the Current Temperature value displayed above.
www.dell.com | support.dell.com shutdown Disable an interface. Syntax shutdown To activate an interface, enter no shutdown. Defaults Command Modes Command History Usage Information The interface is disabled. INTERFACE Version 8.3.16.1 Introduced on the MXL 10/40GbE Switch IO Module. The shutdown command marks a physical interface as unavailable for traffic. To discover if an interface is disabled, use the show ip interface brief command. Disabled interfaces are listed as down.
Command History Usage Information Version 8.3.16.1 Introduced on the MXL 10/40GbE Switch IO Module. This command is found on the 1000/10000 Base-T Ethernet interfaces. When you enable auto, the system performs and automatic discovery to determine the optics installed and configure the appropriate speed. When you configure a speed for the 1000/10000 interface, you should confirm negotiation auto command setting. Both sides of the link should have auto-negotiation either enabled or disabled.
www.dell.com | support.dell.com Port Channel Commands A link aggregation group (LAG) is a group of links that appear to a MAC client as if they were a single link according to IEEE 802.3ad. In FTOS, a LAG is referred to as a Port Channel. Table 20-9.
Usage Information Use the interface port-channel command to access this command. You cannot add an interface to a Port Channel if the interface contains an IP address in its configuration. Link MTU and IP MTU considerations for Port Channels are: • • All members must have the same link MTU value and the same IP MTU value. The Port Channel link MTU and IP MTU must be less than or equal to the link MTU and IP MTU values configured on the channel members.
www.dell.com | support.dell.com Command Modes PORT-CHANNEL FAILOVER-GROUP (conf-po-failover-grp) Command History Version 8.3.16.1 Example Figure 20-39. Introduced on the MXL 10/40GbE Switch IO Module. group Command Example FTOS(conf)#port-channel failover-group FTOS(conf-po-failover-grp)#group 1 port-channel 1 port-channel 2 FTOS(conf-po-failover-grp)# Related Commands port-channel failover-group Accesses the PORT-CHANNEL FAILOVER-GROUP mode to configure a LAG failover group.
Related Commands channel-member Adds a physical interface to the LAG. interface Configures a physical interface. interface loopback Configures a Loopback interface. interface null Configures a null interface. interface vlan Configures a VLAN. shutdown Disables/Enables the port channel. minimum-links Configure the minimum number of links in a LAG (Port Channel) that must be in “oper up” status for the LAG to be also in “oper up” status.
www.dell.com | support.dell.com Related Commands group Groups two LAGs in a supergroup (“fate-sharing group”). show interfaces port-channel Displays information on configured Port Channel groups. show config Display the current configuration of the selected LAG. Syntax Command Modes Example show config INTERFACE PORTCHANNEL Figure 20-41.
Example Figure 20-42.
www.dell.com | support.dell.com Table 20-10. show interfaces port-channel Command Example Fields (continued) Field Description Output 0... Displays the type and number of packets sent out the interface. This information is displayed over three lines. Rate information... Displays the traffic rate information into and out of the interface. Traffic rate is displayed in bits and packets per second. Time since... Displays the time since the last change in the configuration of this interface.
Time Domain Reflectometer (TDR) Time domain reflectormeter (TDR) is useful for troubleshooting an interface that is not establishing a link; either it is flapping or not coming up at all. TDR detects open or short conditions of copper cables on 100/1000 Base-T modules. • • tdr-cable-test show tdr Important Points to Remember • The interface and port must be enabled (configured—see the interface command) before running TDR. An error message is generated if you have not enabled the interface.
www.dell.com | support.dell.com Parameters Defaults Command Modes Enter the keyword TenGigabitEthernet followed by the slot/port information for the 100/1000 Ethernet interface. interface none EXEC Command History Version 8.3.16.1 Example Figure 20-44. Introduced on the MXL 10/40GbE Switch IO Module.
UDP Broadcast The user datagram protocol (UDP) broadcast feature is a software-based method to forward low throughput (not to exceed 200 pps) IP/UDP broadcast traffic arriving on a physical or VLAN interface. Important Points to Remember • • • Routing information protocol (RIP) is not supported with the UDP broadcast feature. If this feature is configured on an interface using ip udp-helper udp-port, the ip directed-broadcast command becomes ineffective on that interface.
www.dell.com | support.dell.com ip udp-broadcast-address Configure an IP UDP address for broadcast. Syntax ip udp-broadcast-address address To delete the configuration, use the no ip udp-broadcast-address address command. Parameters Defaults Command Modes Usage Information Command History Related Commands address Enter an IP broadcast address in dotted decimal format (A.B.C.D).
Related Commands ip helper-address Configures the destination broadcast or host address for DHCP server. debug ip udp-helper Enables debug and display the debug information on a console. show ip udp-helper Displays the configured UDP helper(s) on all interfaces. show ip udp-helper Display the configured UDP helper(s) on all interfaces. Syntax Defaults Command Modes Example show ip udp-helper none EXEC Figure 20-46.
| Interfaces www.dell.com | support.dell.
21 IPv4 Routing Commands This chapter describes the IPv4-related commands.
www.dell.com | support.dell.com • • • • • • • show ip management-route show ip protocols show ip route show ip route list show ip route summary show ip traffic show tcp statistics arp Use the address resolution protocol (ARP) to associate an IP address with a MAC address in the switch. Syntax arp ip-address mac-address interface To remove an ARP address, use the no arp ip-address command. Parameters ip-address Enter an IP address in dotted decimal format. mac-address Enter a MAC address in nnnn.
Defaults Command Modes Command History Disabled CONFIGURATION Version 8.3.16.1 Introduced on MXL 10/40GbE Switch IO Module arp retries Set the number of ARP retries in case the system does not receive an ARP reply in response to an ARP request. Syntax arp retries number Parameters Defaults Command Modes Command History Usage Information Related Commands number Enter the number of retries. Range: 5 to 20. Default: 5 5 CONFIGURATION Version 8.3.16.
www.dell.com | support.dell.com clear arp-cache Clear the dynamic ARP entries from a specific interface or optionally delete (no-refresh) ARP entries from CAM. Syntax Parameters clear arp-cache [interface | ip ip-address] [no-refresh] interface (OPTIONAL) Enter the following keywords and slot/port or number information: • • • • • For the Management interface, enter the keyword ManagementEthernet followed by the slot/port information. The slot range is 0 and the port range is 0.
clear ip fib stack-unit Clear all forwarding information base (fib) entries in the specified stack unit (use this command with caution, refer to Usage Information). Syntax Parameters Command Mode clear ip fib stack-unit unit-number unit-number Enter the stack-unit number. Range: 0 to 5 EXEC EXEC Privilege Command History Usage Information Version 8.3.16.1 Introduced on MXL 10/40GbE Switch IO Module Use this command to clear Layer 3 CAM inconsistencies.
www.dell.com | support.dell.com Command Modes EXEC Privilege Command History Version 8.3.16.1 Introduced on MXL 10/40GbE Switch IO Module debug arp View information on ARP transactions. Syntax debug arp [interface] [count value] To stop debugging ARP transactions, use the no debug arp command.
Example Figure 21-1. debug ip dhcp Command Example FTOS#debug ip dhcp 00:12:21 : %RELAY-I-PACKET: BOOTP REQUEST (Unicast) received at interface 113.3.3.17 BOOTP Request, hops = 0, XID = 0xbf05140f, secs = 0, hwaddr = 00:60:CF:20:7B:8C, giaddr = 0.0.0.0 00:12:21 : %RELAY-I-BOOTREQUEST: Forwarded BOOTREQUEST for 00:60:CF:20:7B:8C to 14.4.4.2 00:12:26 : %RELAY-I-PACKET: BOOTP REQUEST (Unicast) received at interface 113.3.3.
www.dell.com | support.dell.com Example Figure 21-2. ICMP: ICMP: ICMP: ICMP: ICMP: ICMP: ICMP: ICMP: Usage Information debug ip icmp Command Example (Partial) echo request rcvd from src 40.40.40.40 src 40.40.40.40, dst 40.40.40.40, echo src 40.40.40.40, dst 40.40.40.40, echo echo request sent to dst 40.40.40.40 echo request rcvd from src 40.40.40.40 src 40.40.40.40, dst 40.40.40.40, echo src 40.40.40.40, dst 40.40.40.40, echo echo request sent to dst 40.40.40.
Example Figure 21-3. debug ip packet Command Example (Partial) IP: s=10.1.2.62 (local), d=10.1.2.206 (Ma 0/0), len 54, sending TCP src=23, dst=40869, seq=2112994894, ack=606901739, win=8191 ACK PUSH IP: s=10.1.2.206 (Ma 0/0), d=10.1.2.62, len 40, rcvd TCP src=0, dst=0, seq=0, ack=0, win=0 IP: s=10.1.2.62 (local), d=10.1.2.206 (Ma 0/0), len 226, sending TCP src=23, dst=40869, seq=2112994896, ack=606901739, win=8192 ACK PUSH IP: s=10.1.2.216 (Ma 0/0), d=10.1.2.255, len 78, rcvd UDP src=0, dst=0 IP: s=10.1.
www.dell.com | support.dell.com Usage Information Use the count option to stop packets from flooding the user terminal when debugging is turned on. The access-group option supports only the equal to (eq) operator in TCP ACL rules. Port operators not equal to (neq), greater than (gt), less than (lt), or range are not supported in access-group option (see Figure 21-4). ARP packets (arp) and Ether-type (ether-type) are also not supported in access-group option.
ip directed-broadcast Enables the interface to receive directed broadcast packets. Syntax ip directed-broadcast To disable the interface from receiving directed broadcast packets, use the no ip directed-broadcast command. Defaults Command Modes Disabled (that is, the interface does not receive directed broadcast packets) INTERFACE Command History Version 8.3.16.1 Introduced on MXL 10/40GbE Switch IO Module ip domain-list Configure names to complete unqualified host names.
www.dell.com | support.dell.com ip domain-lookup Enable dynamic host-name to address resolution (that is, DNS). Syntax ip domain-lookup To disable DNS lookup, use the no ip domain-lookup command. Defaults Command Mode Disabled. CONFIGURATION Command History Usage Information Version 8.3.16.1 Introduced on MXL 10/40GbE Switch IO Module To fully enable DNS, also specify one or more domain name servers with the ip name-server command. FTOS does not support sending DNS queries over a VLAN.
Related Commands ip domain-list Configures additional names. ip helper-address Specify the address of a DHCP server so that DHCP broadcast messages can be forwarded when the DHCP server is not on the same subnet as the client. Syntax ip helper-address ip-address To remove a DHCP server address, use the no ip helper-address command. Parameters Defaults Command Modes Command History Usage Information ip-address Enter an IP address in dotted decimal format (A.B.C.D). Not configured.
www.dell.com | support.dell.com Related Commands ip helper-address Specifies the destination broadcast or host address for DHCP server requests. show running-config Displays the current configuration and changes from the default values. ip host Assign a name and IP address to be used by the host-to-IP address mapping table. Syntax ip host name ip-address To remove an IP host, use the no ip host name [ip-address] command.
Parameters Defaults Command Modes Enter the IPv4 address, in dotted decimal format, of the name server to be used. ipv4-address2... ipv4-address6 (OPTIONAL) Enter up five more IPv4 addresses, in dotted decimal format, of name servers to be used. Separate the addresses with a space. No name servers are configured. CONFIGURATION Command History Usage Information ipv4-address Version 8.3.16.1 Introduced on MXL 10/40GbE Switch IO Module FTOS does not support sending DNS queries over a VLAN.
www.dell.com | support.dell.com interface Enter the following keywords and slot/port or number information: • • • • • • Defaults Command Modes Command History Usage Information For a 10-Gigabit Ethernet interface, enter the keyword TenGigabitEthernet followed by the slot/port information. For a 40-Gigabit Ethernet interface, enter the keyword fortyGigE followed by the slot/port information. For a VLAN, enter the keyword vlan followed by a number from 1 to 4094.
Defaults Command Modes Command History Enabled. CONFIGURATION Version 8.3.16.1 Introduced on MXL 10/40GbE Switch IO Module ip unreachables Enable the generation of Internet Control Message Protocol (ICMP) unreachable messages. Syntax ip unreachables To disable the generation of ICMP messages, use the no ip unreachables command. Defaults Command Modes Command History Disabled INTERFACE Version 8.3.16.
www.dell.com | support.dell.com show arp Display the ARP table. Syntax Parameters show arp [interface interface | ip ip-address [mask] | macaddress mac-address [mac-address mask]] [static | dynamic] [summary] interface interface (OPTIONAL) Enter the following keywords and slot/port or number information: • • For a 10-Gigabit Ethernet interface, enter the keyword • TenGigabitEthernet followed by the slot/port information.
Figure 21-6. show arp Command Example with Private VLAN data FTOS#show arp Protocol Address Age(min) Hardware Address Interface VLAN CPU ----------------------------------------------------------------------------------Internet 5.5.5.1 00:01:e8:43:96:5e Vl 10 pv 200 CP Internet 5.5.5.10 00:01:e8:44:99:55 Vl 10 CP Internet 10.1.2.4 1 00:01:e8:d5:9e:e2 Ma 0/0 CP Internet 10.10.10.4 1 00:01:e8:d5:9e:e2 Ma 0/0 CP Internet 10.16.127.53 1 00:01:e8:d5:9e:e2 Ma 0/0 CP Internet 10.16.134.
www.dell.com | support.dell.com show arp retries Display the configured number of ARP retries. Syntax Command Modes show arp retries EXEC EXEC Privilege Command History Related Commands Version 8.3.1.0 Introduced arp retries Sets the number of ARP retries in case the system does not receive an ARP reply in response to an ARP request. show hosts View the host table and DNS configuration. Syntax Command Modes show hosts EXEC EXEC Privilege Command History Version 8.3.16.1 Example Figure 21-8.
Table 21-4. show hosts Command Example Fields (continued) Field Description Flags Classifies the entry as one of the following: • perm - the entry was manually configured and will not time out • temp - the entry was learned and will time out after 72 hours of inactivity. Also included in the flag is an indication of the validity of the route: • • • Related Commands ok - the entry is valid. ex - the entry expired. ?? - the entry is suspect.
www.dell.com | support.dell.com Example Figure 21-9. show ip cam stack-unit Command Example FTOS#show ip cam stack-unit 0 port-set 0 10.10.10.10/32 longer-prefixes Destination EC CG V C ----------------10.10.10.10 VId Mac-Addr Port -- -- - - ----- ----------------- ------------0 0 1 1 0 00:00:00:00:00:00 3f01 CP FTOS# Table 21-5. show ip cam Command Example Fields Field Description Destination Displays the destination route of the index. CG Displays 0.
show ip fib stack-unit View all forwarding information base (FIB) entries. Syntax Parameters Command Mode show ip fib stack-unit 0-5 [ip-address [mask] [longer-prefixes] | summary] 0-5 Enter the stack unit ID, from 0 to 5. ip-address mask (OPTIONAL) Enter the IP address of the network destination to view only information on that destination. Enter the IP address in dotted decimal format (A.B.C.D). You must enter the mask in slash prefix format (/X).
www.dell.com | support.dell.com show ip interface View IP-related information on all interfaces. Syntax Parameter show ip interface [interface | brief] [configuration] interface (OPTIONAL) Enter the following keywords and slot/port or number information: • • • • • • • Command Modes For a Loopback interface, enter the keyword Loopback followed by a number from 0 to 16383. For the Management interface, enter the keyword ManagementEthernet followed by zero (0).
Table 21-7. show ip interface Command Example Items (continued) Lines Description IP MTU is... Displays IP MTU value. Inbound access... Displays the name of the any configured incoming access list. If none is configured, the phrase “not set” is displayed. Proxy ARP... States whether proxy ARP is enabled on the interface. Split horizon... States whether split horizon for RIP is enabled on the interface. Poison Reverse... States whether poison for RIP is enabled on the interface ICMP redirects..
www.dell.com | support.dell.com Command Modes summary (OPTIONAL) Enter the keyword summary to view a table listing the number of active and non-active routes and their sources. static (OPTIONAL) Enter the keyword static to view non-active routes also. EXEC EXEC Privilege Command History Version 8.3.16.1 Introduced on MXL 10/40GbE Switch IO Module Example Figure 21-15. show ip management route Command Example FTOS#show ip management-route Destination ----------10.1.2.0/24 172.16.1.
show ip route View information, including how they were learned, about the IP routes on the switch. Syntax Parameter Command Modes show ip route [hostname | ip-address [mask] [longer-prefixes] | list prefix-list [process-id] | all | connected | static | summary] ip-address (OPTIONAL) Specify a name of a device or the IP address of the device to view more detailed information about the route. mask (OPTIONAL) Specify the network mask of the route. Use this parameter with the IP address parameter.
www.dell.com | support.dell.com Example Figure 21-18. show ip route summary and show ip route static Command Examples FTOS#show ip route summary Route Source Active Routes Non-active Routes connected 2 0 static 1 0 Total 3 0 Total 3 active route(s) using 612 bytes FTOS#show ip route static ? | Pipe through a command FTOS#show ip route static Destination Gateway Dist/Metric Last Change --------------------------- ----------*S 0.0.0.0/0 via 10.10.91.9, Te 1/2 1/0 3d2h FTOS# Table 21-9.
Parameters Command Modes prefix-list Enter the name of a configured prefix list. EXEC EXEC Privilege Command History Related Commands Example Version 8.3.16.1 Introduced on MXL 10/40GbE Switch IO Module ip prefix-list Enters the CONFIGURATION-IP PREFIX-LIST mode and configure a prefix list. show ip prefix-list summary Displays a summary of the configured prefix lists. Figure 21-19.
www.dell.com | support.dell.com Example Figure 21-20. show ip route summary Command Example FTOS>show ip route summary Route Source Active Routes Non-active Routes connected 17 0 static 3 0 ospf 100 1368 2 Intra-area: 762 Inter-area: 1 External-1: 600 External-2: 5 Total 1388 2 Total 1388 active route(s) using 222440 bytes Total 2 non-active route(s) using 128 bytes FTOS> Table 21-10.
Example Figure 21-21.
www.dell.com | support.dell.com Usage Information The F10 monitoring MIB provides access to the statistics described below. Table 21-12. F10 Monitoring MIB Command Display Object OIDs IP statistics: Bcast: Received Sent f10BcastPktRecv f10BcastPktSent 1.3.6.1.4.1.6027.3.3.5.1.1 1.3.6.1.4.1.6027.3.3.5.1.2 f10McastPktRecv f10McastPktSent 1.3.6.1.4.1.6027.3.3.5.1.3 1.3.6.1.4.1.6027.3.3.5.1.4 f10ArpReqRecv f10ArpReplyRecv 1.3.6.1.4.1.6027.3.3.5.2.1 1.3.6.1.4.1.6027.3.3.5.2.
Example Figure 21-22.
www.dell.com | support.dell.com Table 21-13. 464 | IPv4 Routing show tcp statistics cp Command Example Fields (continued) Field Description 355 ack... Displays the number of acknowledgement packets sent and the number of packet delayed. 0 window probe... Displays the number of window probe and update packets sent. 7 Connections initiated... Displays the number of TCP connections initiated, accepted, and established. 14 Connections closed...
22 Internet Protocol Security (IPSec) Commands Internet protocol security (IPSec) is an end-to-end security scheme for securing IP communications by authenticating and encrypting all packets in a session. Use IPSec between hosts, gateways, or hosts and gateways. IPSec uses a series of protocol functions to achieve information security: • • • Authentication Headers (AH) — Connectionless integrity and origin authentication for IP packets.
www.dell.com | support.dell.com crypto ipsec transform-set Create a transform set, or combination of security algorithms and protocols, of cryptos. Syntax crypto ipsec transform-set name {ah-authentication {md5|sha1|null} | esp-authentication {md5|sha1|null} | esp-encryption {3des|cbc|des|null}} To delete a transform set, use the no crypto ipsec transform-set name {ah-authentication {md5|sha1|null} | esp-authentication {md5|sha1|null} | esp-encryption {3des|cbc|des|null}} command.
Syntax crypto ipsec policy name seq-num ipsec-manual To delete a crypto policy entry, use the no crypto ipsec policy name seq-num ipsec-manual command. Parameters Defaults Command Modes Command History Usage Information Example name Enter the name for the crypto policy set. seq-num Enter the sequence number assigned to the crypto policy entry. The range is from 0 to 255. none CONFIGURATION Version 9.2(0.0) Introduced on the MXL 10/40GbE Switch IO Module.
www.dell.com | support.dell.com Defaults Command Modes Usage Information Enter the keyword udp to configure a UDP access list filter. ipv6 Enter the source IPv6 address. ip Enter the source IPv4 address. port-num Enter the source port number. The range is from 0 to 65535. dest-ip Enter the destination IP address. dest-port-num Enter the destination port number. The range is from 0 to 65535. none CONFIG-CRYPTO-POLICY Command History Example udp Version 9.2(0.
Command Modes CONFIG-CRYPTO-POLICY Command History Usage Information Version 9.2(0.0) • • Introduced on the MXL 10/40GbE Switch IO Module. This command is only available in the ipsec-manual model. The key information entry is associated with the global method for enabling clear text or encrypted display in the running config. show crypto ipsec transform-set Display the transform set configuration.
www.dell.com | support.dell.
transform-set Specify the transform set used in the crypto map. Syntax transform-set transform-set-name To delete a transform set from the crypto map, use the no transform-set transform-set-name command. Parameters Defaults Command Modes Command History transform-set-name Enter the name for the crypto map transform set. none CONFIG-CRYPTO-POLICY Version 9.2(0.0) Introduced on the MXL 10/40GbE Switch IO Module.
www.dell.com | support.dell.
23 IPv6 Access Control Lists (IPv6 ACLs) Overview IPv6 ACLs and IPv6 Route Map commands are supported on the Dell Networking MXL Switch. Note: For IPv4 ACL commands, refer to the Access Control Lists (ACL) chapter. Important Points to Remember • • • • • • • • • Certain platforms require manual CAM usage space allotment. For more information, refer to the cam-acl command. Egress IPv6 ACL and IPv6 ACL on the Loopback interface is not supported. Reference to an empty ACL permits any traffic.
www.dell.com | support.dell.com IPv6 ACL Commands The following commands configure IPv6 ACLs: • • • • • • • • cam-acl cam-acl-egress ipv6 control-plane egress-filter ipv6 access-list permit permit icmp show cam-acl show cam-acl-egress cam-acl Allocate space for IPv6 ACLs. Syntax Parameters cam-acl {default | l2acl 1-10 ipv4acl 1-10 ipv6acl 0-10 ipv4qos 1-10 l2qos 1-10} default Use the default CAM profile settings, and set the CAM as follows.
cam-acl-egress Allocate space for IPv6 egress ACLs. Syntax Parameters cam-acl-egress {default | l2acl 1-4 ipv4acl 1-4 ipv6acl 0-4} default Use the default CAM profile settings, and set the CAM as follows. • • • l2acl 1-4 ipv4acl 1- 4 ipv6acl 0-4 Command Modes Command History Usage Information L2 ACL(l2acl): 1 L3 ACL (ipv4acl): 1 IPv6 L3 ACL (ipv6acl): 2 Allocate space to support IPv6 ACLs. Enter all of the profiles and a range for each. Enter the CAM profile name followed by the amount to be allotted.
www.dell.com | support.dell.com Parameters Defaults Command Modes access-list-name All access lists contain an implicit “deny any”; that is, if no match occurs, the packet is dropped. CONFIGURATION Command History Usage Information Enter the as the access list name as a string, up to 140 characters. Version 9.2(0.0) Introduced on the MXL 10/40GbE Switch IO Module. The number of entries allowed per ACL is hardware-dependent.
Command History Version 9.2(0.0) Introduced on the MXL 10/40GbE Switch IO Module. permit icmp To allow all or specific internet control message protocol (ICMP) messages, configure a filter.
www.dell.com | support.dell.com show cam-acl Show space allocated for IPv6 ACLs. Syntax Command Modes show cam-acl EXEC EXEC Privilege Command History Related Commands Examples Version 9.2(0.0) Introduced on the MXL 10/40GbE Switch IO Module. cam-acl Figure 23-2. Configure CAM profiles to support IPv6 ACLs.
show cam-acl-egress Show information on FP groups allocated for egress ACLs. Syntax Command Modes show cam-acl-egress EXEC EXEC Privilege Command History Related Commands Examples Version 9.2(0.0) cam-acl Figure 23-4. Introduced on the MXL 10/40GbE Switch IO Module.
www.dell.com | support.dell.
24 IPv6 Basics Overview This chapter describes IPv6 basic commands for the MXL 10/40GbE Switch IO Module.
www.dell.com | support.dell.com clear ipv6 fib Clear (refresh) all forwarding information base (FIB) entries on a linecard or stack unit. Syntax Parameters Command Mode Command History clear ipv6 fib linecard slot | stack-unit unit-number slot Enter the slot number to clear the FIB for a linecard. unit-number Enter the stack member number. EXEC Privilege Version 9.2(0.0) Introduced on the MXL 10/40GbE Switch IO Module.
Default Command Modes Command History Disabled INTERFACE (management interface only) Version 9.2(0.0) Usage Information • • • • • • Introduced on the MXL 10/40GbE Switch IO Module. SAA can configure up to two addresses. If any preferred prefix or valid timers time out, the corresponding address are deprecated or removed. If an address is removed due to a time-out, an address from the current unused prefix is used to create a new address.
www.dell.com | support.dell.com FTOS(conf-if-gi-10/0)#ipv6 address 2002:1:2::3 /96 FTOS(conf-if-gi-10/0)#show config ! interface GigabitEthernet 10/0 no ip address ipv6 address 2002:1:2::3 /96 no shutdown FTOS(conf-if-gi-10/0)# Usage Information • • • • • If two addresses are configured, delete an existing address before configuring a new address. If the last manually-configured global IPv6 address is removed using the “no” form of the command, the link-local IPv6 address is removed automatically.
ipv6 control-plane icmp error-rate-limit Configure the maximum number of ICMP error packets per second that can be sent per second. Syntax ipv6 control-plane icmp error-rate-limit {1-200} To restore the default value, use the no ipv6 control-plane icmp error-rate-limit command. Parameters Command Modes Default Command History pps Enter the maximum number of error packets to be generated per second. Range: 1 to 200, where 0 disables the rate-limiting. CONFIGURATION 100 pps Version 9.2(0.
www.dell.com | support.dell.com Parameters Defaults Command Modes Command History name Enter a text string to associate with one IP address. ipv6-address Enter an IPv6 address (X:X:X:X::X) to be mapped to the name. Not configured. CONFIGURATION Version 9.2(0.0) Introduced on the MXL 10/40GbE Switch IO Module. ipv6 name-server Enter up to six IPv6 addresses of name servers. The order you enter the addresses determines the order of their use. Syntax ipv6 name-server ipv6-address [ipv6-address2...
Command Modes Command History INTERFACE (management interface only) Version 9.2(0.0) Introduced on the MXL 10/40GbE Switch IO Module. ipv6 nd prefix Specify which IPv6 prefixes are included in Neighbor Advertisements. Syntax Parameters Command Mode Command History Usage Information ipv6 nd prefix {ipv6-prefix | prefix-length | default} [no-advertise] | [no-autoconfig] [no-rtr-address] [off-link] [lifetime {valid | infinite} {preferred | infinite}] ipv6-prefix Enter an IPv6 prefix.
www.dell.com | support.dell.com Syntax ipv6 route ipv6-address prefix-length {ipv6-address | interface | interface ipv6-address} [distance] [tag value] [permanent] To remove the IPv6 route, use the no ipv6 route ipv6-address prefix-length {ipv6-address | interface | interface ipv6-address} [distance] [tag value] [permanent] command. Parameters ipv6-address prefix-length Enter the IPv6 address in the x:x:x:x::x format followed by the prefix length in the /x format.
loopback null port-channel sonet tenGigabitethernet vlan Loopback interface Null interface Port channel interface Sonet interface TenGigabit Ethernet interface VLAN interface FTOS(conf)#ipv6 route 55::0 /64 gigabitethernet 9/0 ? <1-255> Distance metric for this route X:X:X:X::X Forwarding router's address permanent Permanent route tag Set tag for this route FTOS(conf)#ipv6 route 55::0 /64 gigabitethernet 9/0 66::1 ? <1-255> Distance metric for this route permanent Permanent route tag Set tag for this rout
www.dell.com | support.dell.com • • • additional protocol adjacencies (OSPFv3 and BGP4) are brought down and no new adjacencies are formed the IPv6 address family configuration (under router bgp) is deleted IPv6 Multicast traffic continues to flow unhindered show ipv6 cam stack-unit Display the IPv6 CAM entries for the specified stack-unit.
Command Mode Command History Related Commands EXEC Version 9.2(0.0) Introduced on the MXL 10/40GbE Switch IO Module. ipv6 flowlabel-zero Configure IPv6 address auto-configuration for the management interface. show ipv6 fib stack-unit View all FIB entries. Syntax Parameters Command Mode show ipv6 fib stack-unit unit-number [summary | ipv6-address] slot-number Enter the number of the stack unit. The range is from 0 to 11.
www.dell.com | support.dell.
IPV6 is enabled Link Local address: fe80::201:e8ff:fe8a:e8f7 Global Unicast address(es): 2001::1, subnet is 2001::/64 2002::1, subnet is 2002::/120 2003::1, subnet is 2003::/120 2004::1, subnet is 2004::/32 Global Anycast address(es): Joined Group address(es): ff02::1 ff02::2 ff02::1:ff00:1 ff02::1:ff8a:e8f7 ND MTU is 0 ICMP redirects are not sent DAD is enabled, number of DAD attempts: 3 ND reachable time is 0 milliseconds ND advertised reachable time is 0 milliseconds ND advertised retransmit interval is
www.dell.com | support.dell.com Syntax Command Modes Command History Usage Information Example show ipv6 mld_host EXEC Version 9.2(0.0) Introduced on the MXL 10/40GbE Switch IO Module. The following table describes the information in the output example: Valid MLD Packets The total number of packets received and sent from the last time the elapsed time was cleared. Reports The total number of reports (queries and unsolicited reports generated from joins or leaves) that have been received or sent.
Defaults Command Modes static (OPTIONAL) View only routes configured by the ipv6 route command. summary (OPTIONAL) View a brief list of the configured IPv6 routes. none EXEC EXEC Privilege Command History Example (S-Series) Version 9.2(0.0) Introduced on the MXL 10/40GbE Switch IO Module.
www.dell.com | support.dell.com Table 24-1.
Trust diffserv (IPv4) can co-exist with trust ipv6-diffserv in an Input Policy Map. Dynamic classification happens based on the mapping detailed in the following table. Table 24-2.
| IPv6 Basics www.dell.com | support.dell.
25 iSCSI Optimization Overview Internet Small Computer System Interface (iSCSI) optimization enables quality-of-service (QoS) treatment for iSCSI storage traffic on an MXL Switch.
www.dell.com | support.dell.com iscsi aging time Set the aging time for iSCSI sessions. iscsi aging time time Syntax To remove the iSCSI session aging time, use the no iscsi aging time command. Parameters time Defaults Enter the aging time for the iSCSI session. Valid values: 5 to 43,200 minutes. 10 minutes. Command Mode CONFIGURATION Command History Version 8.3.16.1 Introduced on MXL 10/40GbE Switch IO Module iscsi cos Set the QoS policy that will be applied to the iSCSI flows.
iscsi enable Globally enable iSCSI optimization. Syntax iscsi enable To disable iSCSI optimization, use the no iscsi command. Parameters Defaults Command Modes Command History Usage Information enable Enter the keyword enable to enable the iSCSI optimization feature. Enabled. CONFIGURATION Version 8.3.16.1 Introduced on MXL 10/40GbE Switch IO Module When you enable the iSCSI feature using the iscsi enable command, flow control settings are set to rx on tx off on all interfaces.
www.dell.com | support.dell.com iscsi target port Configure the iSCSI target ports and optionally, the IP addresses on which iSCSI communication will be monitored. iscsi target port tcp-port-1[tcp-port-2...tcp-port-16][address ip-address] Syntax To remove the configured iSCSI target ports or IP addresses, use the no iscsi target port command. Parameters Defaults Enter the tcp-port number of the iSCSI target ports.
Example Figure 25-1. show iscsi Command Example FTOS# show isci iSCSI is enabled iSCSI COS : dot1p is 4 no-remark Session aging time: 10 Maximum number of connections is 256 -----------------------------------------------iSCSI Targets and TCP Ports: -----------------------------------------------TCP Port Target IP Address 3260 860 Related Commands show iscsi sessions Display information on active iSCSI sessions on the switch.
www.dell.com | support.dell.com show iscsi sessions detailed Display detailed information on active iSCSI sessions on the switch. Syntax Parameters Command Mode show iscsi sessions detailed [session isid] isid Enter the session’s iSCSi ID to display detailed information on specified iSCSi session. EXEC EXEC Privilege Command History Example Version 8.3.16.1 Figure 25-3.
show run iscsi Display all globally-configured non-default iSCSI settings in the current FTOS session. Syntax Command Mode Command History Related Commands show run iscsi EXEC Privilege Version 8.3.16.1 Introduced on MXL 10/40GbE Switch IO Module show iscsi Display the currently configured iSCSI settings. show iscsi sessions Display information on active iSCSI sessions on the switch. show iscsi sessions detailed Display detailed information on active iSCSI sessions on the switch.
| iSCSI Optimization www.dell.com | support.dell.
26 Intermediate System to Intermediate System (IS-IS) Overview Intermediate System to Intermediate System Protocol (IS-IS) for IPv4 and IPv6 is supported on supported on the MXL 10/40GbE Switch IO Module. IS-IS is an interior gateway protocol that uses a shortest-path-first algorithm. IS-IS facilitates the communication between open systems, supporting routers passing both IP and OSI traffic. A router is considered an intermediate system.
www.dell.com | support.dell.
• • • • • • • • • show config show isis database show isis graceful-restart detail show isis hostname show isis interface show isis neighbors show isis protocol show isis traffic spf-interval adjacency-check Verify that the “protocols supported” field of the IS-IS neighbor contains matching values to this router. Syntax adjacency-check To disable adjacency check, use the no adjacency-check command.
www.dell.com | support.dell.com Defaults Command Modes level1-into-level2 (Level 1 to Level 2 leaking enabled.) ROUTER ISIS (for IPv4) CONFIGURATION-ROUTER-ISIS-ADDRESS-FAMILY-IPV6 (for IPv6) Command History Usage Information Version 9.2(0.0) Introduced on the MXL 10/40GbE Switch IO Module. You cannot disable leaking from one level to another, however, you can regulate the rate flow from one level to another via an IP Prefix list. If the IP Prefix list is not configured, all routes are leaked.
clear config Clear IS-IS configurations that display under the router isis heading of the show running-config command output. Syntax Command Modes Command History Usage Information Related Commands clear config ROUTER ISIS Version 9.2(0.0) Introduced on the MXL 10/40GbE Switch IO Module. Use caution when you enter this command. Back up your configuration prior to using this command or your IS-IS configuration will be erased. copy Use this command to save the current configuration to another location.
www.dell.com | support.dell.com Command History Related Commands Usage Information Version 9.2(0.0) Introduced on the MXL 10/40GbE Switch IO Module. hostname dynamic Enables dynamic learning of hostnames from routers in the domain and allows the routers to advertise the hostnames in LSPs. Use this command to configure a shortcut name that can used instead of entering a long string of numbers associated with an NSAP address. debug isis Enable debugging for all IS-IS operations.
debug isis local-updates Enables debugging on a specific interface and provides diagnostic information to debug IS-IS local update packets. Syntax debug isis local-updates [interface] To turn off debugging, enter the no debug isis local-updates [interface] command.
www.dell.com | support.dell.com To turn off debugging, enter no debug isis spf-triggers. Command Modes Command History EXEC Privilege Version 9.2(0.0) Introduced on the MXL 10/40GbE Switch IO Module. debug isis update-packets Enable debugging on Link State PDUs (LSPs) Syntax that are detected by a router. debug isis update-packets [interface] To turn off debugging, enter the no debug isis update-packets [interface] command.
CONFIGURATION-ROUTER-ISIS-ADDRESS-FAMILY-IPV6 (for IPv6) Command History Usage Information Version 9.2(0.0) Introduced on the MXL 10/40GbE Switch IO Module. When you use this command to redistribute routes into a routing domain, the router becomes an autonomous system (AS) boundary router. An AS boundary router does not always generate a default route into a routing domain. The router still requires its own default route before it can generate one.
www.dell.com | support.dell.com Parameters Defaults Command Modes weight The administrative distance value indicates the reliability of a routing information source. Range: 1 to 255. (A higher relative value indicates lower reliability. Routes with smaller values are given preference.) Default: 115 ip-address mask (OPTIONAL) Enter an IP address in dotted decimal format and enter a mask in either dotted decimal or /prefix format. prefix-list (OPTIONAL) Enter the name of a prefix list name.
Related Commands distribute-list out Suppress networks from being advertised in updates. redistribute Redistributes routes from one routing domain to another routing domain. distribute-list out Suppress network prefixes from being advertised in outbound updates.
www.dell.com | support.dell.com Defaults Command Modes No default behavior or values ROUTER ISIS (for IPv4) CONFIGURATION-ROUTER-ISIS-ADDRESS-FAMILY-IPV6 (for IPv6) Command History Usage Information Version 9.2(0.0) Introduced on the MXL 10/40GbE Switch IO Module. When the command is executed, IS-IS will not download the route to the routing table if the same route was redistributed into IS-IS routing protocol on the same router. domain-password Set the authentication password for a routing domain.
Defaults Command Modes Command History Usage Information Default is Graceful Restart disabled. ROUTER ISIS Version 9.2(0.0) Introduced on the MXL 10/40GbE Switch IO Module. A Restart TLV included in every Graceful Restart enabled router’s HELLO PDUs. This enables the (re)starting as well as the existing ISIS peers to detect the GR capability of the routers on the connected network.
www.dell.com | support.dell.com Parameters Defaults Command Modes Command History interval Enter the keyword interval to set the wait time. Range: 5-120 seconds Default: 5 seconds retry-times Enter the keyword retry-times to set the number of times the request interval is extended until a CSNP is received from the helping router. Range: 1-10 attempts Default: 1 above ROUTER ISIS Version 9.2(0.0) Introduced on the MXL 10/40GbE Switch IO Module.
Parameters adjacency Enter the keyword adjacency so that the restarting router receives the remaining time value from its peer and adjusts its T3 value accordingly if user has configured this option. Enter the keyword manual to specify a time value that the restarting router uses. Range: 50-120 seconds default: 30 seconds manual Defaults Command Modes Command History Usage Information manual, 30 seconds ROUTER ISIS Version 9.2(0.0) Introduced on the MXL 10/40GbE Switch IO Module.
www.dell.com | support.dell.com hello padding Use to turn ON or OFF padding for LAN and point-to-point hello PDUs or to selectively turn padding ON or OFF for LAN or point-to-point hello PDUs. Syntax hello padding [multi-point | point-to-point] To return to default, use no hello padding [multi-point | point-to-point]. Parameters Defaults Command Modes Command History Usage Information Related Commands multi-point (OPTIONAL) Enter the keyword multi-point to pad only LAN hello PDUs.
ignore-lsp-errors Ignore LSPs with bad checksums instead of purging those LSPs. Syntax ignore-lsp-errors To return to the default values, enter no ignore-lsp-errors. Defaults Command Modes In IS-IS, the default deletes LSPs with internal checksum errors (no ignore-lsp-errors). ROUTER ISIS Command History Usage Information Version 9.2(0.0) Introduced on the MXL 10/40GbE Switch IO Module. IS-IS normally purges LSPs with an incorrect data link checksum, causing the LSP source to regenerate the message.
www.dell.com | support.dell.com Parameters Defaults Command Modes Command History Usage Information tag (OPTIONAL) This is a unique name for a routing process. A null tag is assumed if the tag option is not specified. The tag name must be unique for all IP router processes for a given router. Not configured. ROUTER ISIS Version 9.2(0.0) Introduced on the MXL 10/40GbE Switch IO Module. You must configure a network entity title (the net command) to specify the area address and the router system ID.
Only configure interfaces as Level 1 or Level 2 on routers that are between areas (for example, a Level 1-2 router) to prevent the software from sending unused hello packets and wasting bandwidth. isis csnp-interval Configure the IS-IS complete sequence number PDU (CSNP) interval on an interface. Syntax isis csnp-interval seconds [level-1 | level-2] To return to the default values, enter the no isis csnp-interval [seconds] [level-1 | level-2] command.
www.dell.com | support.dell.com Defaults Command Modes Command History Usage Information Related Commands seconds = 10; level-1 (if not otherwise specified) INTERFACE Version 9.2(0.0) Introduced on the MXL 10/40GbE Switch IO Module. Hello packets are held for a length of three times the value of the hello interval. Use a high hello interval seconds to conserve bandwidth and CPU usage. Use a low hello interval seconds for faster convergence (but uses more bandwidth and CPU resources).
To return to the default, use the no isis hello padding. Defaults Command Modes Command History Usage Information Related Commands Padding of hello PDUs is enabled (ON). INTERFACE Version 9.2(0.0) Introduced on the MXL 10/40GbE Switch IO Module. Hello PDUs are “padded” only when both the global and interface padding options are ON. Turning either one OFF will disable padding for the corresponding interface(s). hello padding Turn ON or OFF padding for LAN and point-to-point hello PDUs.
www.dell.com | support.dell.com To return to the default values, enter no isis metric [default-metric] [level-1 | level-2]. Parameters Defaults Command Modes Command History Usage Information default-metric Metric assigned to the link and used to calculate the cost from each other router via the links in the network to other destinations. You can configure this metric for Level 1 or Level 2 routing. Range: 0 to 63 for narrow and transition metric styles; 0 to 16777215 for wide metric styles.
Defaults Command Modes Command History Usage Information password Assign the interface authentication password. level-1 (OPTIONAL) Independently configures the authentication password for Level 1. The router acts as a station router for Level 1 routing. This is the default. level-2 (OPTIONAL) Independently configures the authentication password for Level 2. The router acts as an area router for Level 2 routing. No default password. level-1 (if not otherwise specified) INTERFACE Version 9.2(0.
www.dell.com | support.dell.com Routers with a priority of 0 cannot be a designated router. Setting the priority to 0 lowers the chance of this system becoming the DIS, but does not prevent it. If all the routers have priority 0, one with highest MAC address will become DIS even though its priority is 0. is-type Configure IS-IS operating level for a router. Syntax is-type {level-1 | level-1-2 | level-2-only} To return to the default values, enter no is-type.
lsp-gen-interval Set the minimum interval between successive generations of link-state packets (LSPs). Syntax lsp-gen-interval [level-l | level-2] interval seconds [initial_wait_interval seconds [second_wait_interval seconds]] To restore default values, use the no lsp-gen-interval [level-l | level-2] interval seconds [initial_wait_interval seconds [second_wait_interval seconds]] command.
www.dell.com | support.dell.com To return to the default values, enter no lsp-mtu. Parameters Defaults Command Modes Command History Usage Information size The maximum LSP size, in bytes. Range: 128 to 1497 for non-jumbo mode; 128 to 9195 for jumbo mode. Default: 1497 1497 bytes ROUTER ISIS Version 9.2(0.0) Introduced on the MXL 10/40GbE Switch IO Module. The link MTU and the LSP MTU size must be the same.
max-area-addresses Configure manual area addresses. Syntax max-area-addresses number To return to the default values, enter no max-area-addresses. Parameters Defaults Command Modes Command History Usage Information number Set the maximum number of manual area addresses. Range: 3 to 6. Default: 3 3 addresses ROUTER ISIS Version 9.2(0.0) Introduced on the MXL 10/40GbE Switch IO Module. Use this command to configure the number of area addresses on router.
www.dell.com | support.dell.com maximum-paths Allows you to configure the maximum number of equal cost paths allowed in a routing table. Syntax maximum-paths number To return to the default values, enter no maximum-paths. Parameters Defaults Command Mode number Enter a number as the maximum number of parallel paths an IP routing installs in a routing table. Range: 1 to 16. Default: 4 4 ROUTER ISIS (for IPv4) CONFIGURATION-ROUTER-ISIS-ADDRESS-FAMILY-IPV6 (for IPv6) Command History Version 9.2(0.
The new-style TLVs have wider metric fields than old-style TLVs. Related Commands isis metric Use this command to configure a metric for an interface. multi-topology Enables Multi-Topology IS-IS. It also allows enabling/disabling of old and new style TLVs for IP prefix information in the LSPs. Syntax multi-topology [transition] To return to a single topology configuration, enter no multi-topology [transition].
www.dell.com | support.dell.com To delete a passive interface configuration, enter the no passive-interface interface command. Parameters interface Enter the following keywords and slot/port or number information: • • • • • • Defaults Command Modes Command History Usage Information For a 1-Gigabit Ethernet interface, enter the keyword GigabitEthernet followed by the slot/port information. For Loopback interface, enter the keyword loopback followed by a number from zero (0) to 16383.
Defaults Command Modes level-1-2 (OPTIONAL) Routes are independently redistributed into IS-IS as Level-1-2 routes. level-2 (OPTIONAL) Routes are independently redistributed into IS-IS as Level 2 routes. This is the default. route-map map-name (OPTIONAL) If the route-map argument is not entered, all routes are redistributed. If a map-name value is not specified, then no routers are imported.
www.dell.com | support.dell.com Parameters AS number Enter a number that corresponds to the Autonomous System number. Range: 1 to 65355 level-1 (OPTIONAL) Routes are independently redistributed into IS-IS Level 1 routes only level-1-2 (OPTIONAL) Routes are independently redistributed into IS-IS Level 1 and Level 2 routes. level-2 (OPTIONAL) Routes are independently redistributed into IS-IS as Level 2 routes only. This is the default.
Syntax redistribute ospf process-id [level-1| level-1-2 | level-2] [match {internal | external}] [metric metric-value] [metric-type {external | internal}] [route-map map-name] To return to the default values, enter the no redistribute ospf process-id [level-1| level-1-2 | level-2] [match {internal | external}] [metric metric-value][metric-type {external | internal}] [route-map map-name] command. Parameters process-id Enter a number that corresponds to the OSPF process ID to be redistributed.
www.dell.com | support.dell.com router isis Allows you to enable the IS-IS routing protocol and to specify an IP IS-IS process. Syntax router isis [tag] To disable IS-IS routing, enter no router isis [tag]. Parameters Defaults Command Modes Command History Usage Information tag (OPTIONAL) This is a unique name for a routing process. A null tag is assumed if the tag option is not specified. The tag name must be unique for all IP router processes for a given router. Not configured.
Command History Version 9.2(0.0) Introduced on the MXL 10/40GbE Switch IO Module. show config Display the changes you made to the IS-IS configuration. Default values are not shown. Syntax Command Modes show config ROUTER ISIS (for IPv4) CONFIGURATION-ROUTER-ISIS-ADDRESS-FAMILY-IPV6 (for IPv6) Command History Examples Version 9.2(0.0) Figure 26-2. Introduced on the MXL 10/40GbE Switch IO Module.
www.dell.com | support.dell.com Command Modes summary (OPTIONAL) Summary of link-state database information displays when specified. lspid (OPTIONAL) Display only the specified LSP. EXEC EXEC Privilege Command History Example Version 9.2(0.0) Figure 26-4. Introduced on the MXL 10/40GbE Switch IO Module. Command Example: show isis database FTOS#show isis database IS-IS Level-1 Link State Database LSPID LSP Seq Num ISIS.
Table 26-1. Command Example Fields Field Description IS-IS Level-1/Level-2 Link State Database Displays the IS-IS link state database for Level 1 or Level 2. LSPID Displays the LSP identifier. The first six octets are the System ID of the originating router. The next octet is the pseudonode ID. If this byte is not zero, then the LSP describes system links. If this byte is zero (0), then the LSP describes the state of the originating router.
www.dell.com | support.dell.com Example Figure 26-5.
Parameters interface (OPTIONAL) Enter the following keywords and slot/port or number information: • • • • Command Modes For Loopback interface, enter the keyword loopback followed by a number from zero (0) to 16383. For a Port Channel interface, enter the keyword port-channel followed by a number: Range: 1-128 For a 10-Gigabit Ethernet interface, enter the keyword TenGigabitEthernet followed by the slot/port information. For a VLAN, enter the keyword vlan followed by a number from 1 to 4094.
www.dell.com | support.dell.com detail (OPTIONAL) Displays detailed information about neighbors. interface (OPTIONAL) Identifies the interface type slot/port as one of the following: • For a Port Channel interface, enter the keyword port-channel followed by a number: Range: 1-128 • For a 10-Gigabit Ethernet interface, enter the keyword TenGigabitEthernet followed by the slot/port information. For a VLAN, enter the keyword vlan followed by a number from 1 to 4094.
Syntax Command Modes show isis protocol EXEC EXEC Privilege Command History Example Version 9.2(0.0) Figure 26-9. Introduced on the MXL 10/40GbE Switch IO Module. Command Example: show isis protocol FTOS#show isis protocol IS-IS Router: System Id: F100.E120.0013 IS-Type: level-1-2 Manual area address(es): 49.0000.0001 Routing for area address(es): 49.0000.
www.dell.com | support.dell.com Example Figure 26-10.
Defaults Command Modes interval seconds Enter the maximum number of seconds between SPF calculations. Range: 0 to 120 seconds Default: 10 seconds initial_wait_interval seconds (OPTIONAL) Enter the initial wait time, in seconds, before running the first SPF calculations. Range: 0 to 120 seconds Default: 5 second second_wait_interval seconds (OPTIONAL) Enter the wait interval, in seconds, between the first and second SPF calculations.
www.dell.com | support.dell.
27 Link Aggregation Control Protocol (LACP) Overview This chapter contains commands for Dell Networking’s implementation of the link aggregation control protocol (LACP) for the creation of dynamic link aggregation groups (LAGs — called port-channels in FTOS parlance). For static LAG commands, refer to the section Port Channel Commands in the Interfaces chapter), based on the standards specified in the IEEE 802.
www.dell.com | support.dell.com Related Commands show lacp Displays the LACP configuration debug lacp Debug LACP (configuration, events etc.) Syntax debug lacp [config | events | pdu [in | out | [interface [in | out]]]] To disable LACP debugging, use the no debug lacp [config | events | pdu [in | out | [interface [in | out]]]] command. Parameters config (OPTIONAL) Enter the keyword config to debug the LACP configuration. events (OPTIONAL) Enter the keyword events to debug LACP event information.
Usage Information Related Commands This command applies to dynamic port-channel interfaces only. When applied on a static port-channel, the command has no effect. show lacp Displays the lacp configuration lacp port-priority Configure the port priority to influence which ports will be put in standby mode when there is a hardware limitation that prevents all compatible ports from aggregating.
www.dell.com | support.dell.com Parameters number Enter the keyword port-channel followed by a number: Range: 1 to 128 active Enter the keyword active to set the mode to the active state.* passive Enter the keyword passive to set the mode to the passive state.* off Enter the keyword off to set the mode to the off state.* * The LACP modes are defined in Table 27-1. Defaults Command Modes Command History Usage Information off INTERFACE-LACP Version 8.3.16.
Related Commands show lacp Displays the LACP information. show interfaces port-channel Displays information on configured Port Channel groups. show lacp Display the LACP matrix. Syntax Parameters Command Modes show lacp port-channel-number [sys-id | counters] port-channel-number Enter a port-channel number: Range: 1 to 128 sys-id (OPTIONAL) Enter the keyword sys-id and the value that identifies a system. counters (OPTIONAL) Enter the keyword counters to display the LACP counters.
www.dell.com | support.dell.com Example 3 556 Figure 27-4. show lacp counter Command Example FTOS#show lacp 1 counters ---------------------------------------------------------------------LACP PDU Marker PDU Unknown Illegal Port Xmit Recv Xmit Recv Pkts Rx Pkts Rx ---------------------------------------------------------------------TenGig 10/6 200 200 0 0 0 0 FTOS# Related Commands | clear lacp counters Clears the LACP counters.
28 Layer 2 Overview This chapter describes commands to configure Layer 2 features.
www.dell.com | support.dell.com interface interface Enter the following keywords and slot/port or number information: • For a Port Channel interface, enter the keywords port-channel followed by a number: Range: 1 to 128 • For a 10-Gigabit Ethernet interface, enter the keyword • TenGigabitEthernet followed by the slot/port information. For a 40-Gigabit Ethernet interface, enter the keyword fortyGigE followed by the slot/port information.
Parameters mac-address Enter the 48-bit hexidecimal address in nn:nn:nn:nn:nn:nn format. output interface Enter the keyword output followed by one of the following interfaces: • For a Port Channel interface, enter the keywords port-channel followed by a number: Range: 1 to 128 • For a 10-Gigabit Ethernet interface, enter the keyword • TenGigabitEthernet followed by the slot/port information. For a 40-Gigabit Ethernet interface, enter the keyword fortyGigE followed by the slot/port information.
www.dell.com | support.dell.com Defaults no-station-move (OPTIONAL) Enter the keywords no-station-move to disallow a station move (associate the learned MAC address with the most recently accessed port) on learned MAC addresses. station-move (OPTIONAL) Enter the keywords station-move to allow a station move on learned MAC addresses. sticky (OPTIONAL) Enter the keyword sticky to allow configuring the sticky mac feature along with the learning limit. The default behavior is dynamic.
mac learning-limit learn-limit-violation Configure an action for a MAC address learning-limit violation. Syntax mac learning-limit learn-limit-violation {log | shutdown} To return to the default, use the no mac learning-limit learn-limit-violation {log | shutdown} command. Parameters Defaults Command Modes Command History Usage Information Related Commands log Enter the keyword log to generate a syslog message on a learning-limit violation.
www.dell.com | support.dell.com Usage Information Related Commands This is supported on physical interfaces, static LAGs, and LACP LAGs. show mac learning-limit Displays details of the mac learning-limit. mac learning-limit reset Reset the MAC address learning-limit error-disabled state. Syntax Defaults Command Modes mac learning-limit reset none EXEC EXEC Privilege Command History Version 8.3.16.1 Introduced on the MXL 10/40GbE Switch IO Module.
interface interface (OPTIONAL) Enter the keyword interface followed by the interface type, slot and port information: • For a Port Channel interface, enter the keywords port-channel followed by a number: Range: 1 to 128 • For a 10-Gigabit Ethernet interface, enter the keyword • TenGigabitEthernet followed by the slot/port information. For a 40-Gigabit Ethernet interface, enter the keyword fortyGigE followed by the slot/port information.
www.dell.com | support.dell.com Command Modes vlan vlan-id (OPTIONAL) Enter the keyword vlan followed by the VLAN ID to display the MAC address assigned to the VLAN. Range: 1 to 4094. count (OPTIONAL) Enter the keyword count, followed optionally, by an interface or VLAN ID, to display total or interface-specific static addresses, dynamic addresses, and MAC addresses in use. EXEC EXEC Privilege Command History Example Version 8.3.16.1 Figure 28-1. Introduced on the MXL 10/40GbE Switch IO Module.
Table 28-2. Related Commands show mac-address-table count Command Information Line Beginning with Description Static Address... Lists the number of user-defined MAC addresses. Total MAC... Lists the total number of MAC addresses used by the switch. show mac-address-table aging-time Displays MAC aging time. show mac-address-table aging-time Display the aging times assigned to the MAC addresses on the switch.
www.dell.com | support.dell.com show mac learning-limit Display MAC address learning limits set for various interfaces. Syntax Parameters show mac learning-limit [violate-action] [detail] [interface interface violate-action (OPTIONALY) Enter the keywords violate-action to display the MAC learning limit violation status. detail (OPTIONAL) Enter the keyword detail to display the MAC learning limit in detail.
Virtual LAN (VLAN) Commands The following commands configure and monitor virtual local area networks (VLANs). VLANs are a virtual interface and use many of the same commands as physical interfaces. You can configure an IP address and Layer 3 protocols on a VLAN called Inter-VLAN routing. file transfer protocol (FTP), trivial FTP (TFTP), ACLs, and simple network management protocol (SNMP) are not supported on a VLAN.
www.dell.com | support.dell.com default vlan-id Specify a VLAN as the Default VLAN. Syntax default vlan-id vlan-id To remove the default VLAN status from a VLAN and VLAN 1 does not exist, use the no default vlan-id vlan-id command. Parameters Defaults Command Modes Command History Usage Information vlan-id Enter the VLAN ID number of the VLAN to become the new Default VLAN. Range: 1 to 4094. Default: 1 The Default VLAN is VLAN 1. CONFIGURATION Version 8.3.16.
Defaults Command Modes Not configured. INTERFACE VLAN Command History Usage Information Version 8.3.16.1 Introduced on the MXL 10/40GbE Switch IO Module. To display information about a named VLAN, enter the show vlan command with the name parameter or the show interfaces description command. Related Commands description Assigns a descriptive text string to the interface. interface vlan Configures a VLAN. show vlan Displays the current VLAN configurations on the switch.
www.dell.com | support.dell.com 570 Command Modes id vlan-id (OPTIONAL) Enter the keyword id followed by a number from 1 to 4094. Only information on the VLAN specified is displayed. name vlan-name (OPTIONAL) Enter the keyword name followed by the name configured for the VLAN. Only information on the VLAN named is displayed. EXEC EXEC Privilege Command History Version 8.3.16.1 Usage Information | Layer 2 Introduced on the MXL 10/40GbE Switch IO Module.
Example Figure 28-6. show vlan Command Example FTOS#show vlan Codes: * - Default VLAN, G - GVRP VLANs, R - Remote Port Mirroring VLANs, P Primary, C - Community, I - Isolated Q: U - Untagged, T - Tagged x - Dot1x untagged, X - Dot1x tagged G - GVRP tagged, M - Vlan-stack, H - VSN tagged i - Internal untagged, I - Internal tagged, v - VLT untagged, V - VLT tagged NUM 1 2 * 20 1002 FTOS# Figure 28-7.
www.dell.com | support.dell.com tagged Add a Layer 2 interface to a VLAN as a tagged interface. Syntax tagged interface To remove a tagged interface from a VLAN, use no tagged interface command. Parameters interface Enter the following keywords and slot/port or number information: • For a Port Channel interface, enter the keywords port-channel followed by a number: Range: 1-128 • For a 10-Gigabit Ethernet interface, enter the keyword TenGigabitEthernet followed by the slot/port information.
Parameters interface Enter the following keywords and slot/port or number information: • For a Port Channel interface, enter the keywords port-channel followed by a number: Range: 1 to 128 • For a 10-Gigabit Ethernet interface, enter the keyword TenGigabitEthernet followed by the slot/port information. For a 40-Gigabit Ethernet interface, enter the keyword fortyGigE followed by the slot/port information.
www.dell.com | support.dell.com Usage Information 574 Untagged interfaces can only belong to one VLAN. In the default VLAN, you cannot use the no untagged interface command. To remove an untagged interface from all VLANs, including the default VLAN, enter INTERFACE mode and use the no Port Channel Commands command. Related Commands | Layer 2 interface vlan Configures a VLAN. tagged Specifies which interfaces in a VLAN are tagged.
29 Link Layer Discovery Protocol (LLDP) Overview The link layer discovery protocol (LLDP) advertises connectivity and management from the local station to the adjacent stations on an IEEE 802 LAN. LLDP facilitates multi-vendor interoperability by using standard management tools to discover and make available a physical topology for network management. The Dell Fore10 operating software (FTOS) implementation of LLDP is based on IEEE standard 801.1ab.
www.dell.com | support.dell.com advertise dot1-tlv Advertise dot1 TLVs (Type, Length, Value). Syntax advertise dot1-tlv {port-protocol-vlan-id | port-vlan-id | vlan-name} To remove advertised dot1-tlv, use the no advertise dot1-tlv {port-protocol-vlan-id | port-vlan-id | vlan-name} command. Parameters Defaults Command Modes Command History Related Commands port-protocol-vlan-id Enter the keyword port-protocol-vlan-id to advertise the port protocol VLAN identification TLV.
advertise management-tlv Advertise management TLVs (Type, Length, Value). Syntax advertise management -tlv {system-capabilities | system-description | system-name} To remove advertised management TLVs, use the no advertise management -tlv {system-capabilities | system-description | system-name} command. Parameters Defaults Command Modes Command History Usage Information system-capabilities Enter the keyword system-capabilities to advertise the system capabilities TLVs.
www.dell.com | support.dell.com Parameters interface Enter the following keywords and slot/port or number information: • • Defaults For a 10-Gigabit Ethernet interface, enter the keyword tenGigabitEthernet followed by the slot/port information. For a 40-Gigabit Ethernet interface, enter the keyword fortyGigE followed by the slot/port information. none Command Modes EXEC Privilege Command History Version 8.3.16.
disable Enable or disable LLDP. Syntax disable To enable LLDP, use the no disable Defaults Command Modes Command History Related Commands Enabled, that is no disable CONFIGURATION (conf-lldp) and INTERFACE (conf-if-interface-lldp) Version 8.3.16.1 Introduced on MXL 10/40GbE Switch IO Module protocol lldp (Configuration) Enables LLDP globally.
www.dell.com | support.dell.com Command Modes Command History Related Commands CONFIGURATION (conf-lldp) and INTERFACE (conf-if-interface-lldp) Version 8.3.16.1 Introduced on MXL 10/40GbE Switch IO Module protocol lldp (Configuration) Enables LLDP globally. show lldp neighbors Displays the LLDP neighbors multiplier Set the number of consecutive misses before LLDP declares the interface dead. Syntax multiplier integer To return to the default, use the no multiplier integer command.
Command Modes Command History Usage Information INTERFACE (conf-if-interface-lldp) Version 8.3.16.1 Introduced on MXL 10/40GbE Switch IO Module You must enable LLDP globally from CONFIGURATION mode before you can configure it on an interface. This command places you in LLDP mode on the interface; it does not enable the protocol. When you enter the LLDP protocol in the Interface context, it overrides global configurations.
www.dell.com | support.dell.com Command Modes EXEC Privilege Command History Version 8.3.16.1 Example Figure 29-2.
LLDP-MED Commands The LLDP-media endpoint discovery (MED) commands in this section are: • • • • • • • • • • advertise med guest-voice advertise med guest-voice-signaling advertise med location-identification advertise med power-via-mdi advertise med softphone-voice advertise med streaming-video advertise med video-conferencing advertise med video-signaling advertise med voice advertise med voice-signaling FTOS LLDP-MED commands are an extension of the set of LLDP TLV advertisement commands.
www.dell.com | support.dell.com Defaults Command Modes DSCP_value Enter the DSCP value. Range: 0 to 63 priority-tagged number Enter the keyword priority-tagged followed the Layer 2 priority. Range: 0 to 7 Unconfigured CONFIGURATION (conf-lldp) Command History Related Commands Version 8.3.16.1 Introduced on MXL 10/40GbE Switch IO Module protocol lldp (Configuration) Enables LLDP globally. debug lldp interface Debugs LLDP. show lldp neighbors Displays the LLDP neighbors.
advertise med location-identification Configure the system to advertise a location identifier. Syntax advertise med location-identification {coordinate-based value | civic-based value | ecs-elin value} To return to the default, use the no advertise med location-identification {coordinate-based value | civic-based value | ecs-elin value} command.
www.dell.com | support.dell.com Related Commands debug lldp interface Debugs LLDP show lldp neighbors Displays the LLDP neighbors show running-config lldp Displays the LLDP running configuration advertise med softphone-voice Configure the system to advertise softphone to enable IP telephony on a computer so that the computer can be used as a phone.
Command History Related Commands Version 8.3.16.1 Introduced on MXL 10/40GbE Switch IO Module debug lldp interface Debugs LLDP show lldp neighbors Displays the LLDP neighbors show lldp neighbors Displays the LLDP running configuration advertise med video-conferencing Configure the system to advertise dedicated video conferencing and other similar appliances that support real-time interactive video.
www.dell.com | support.dell.com Command Modes Command History Related Commands CONFIGURATION (conf-lldp) Version 8.3.16.1 Introduced on MXL 10/40GbE Switch IO Module debug lldp interface Debugs LLDP show lldp neighbors Displays the LLDP neighbors show lldp neighbors Displays the LLDP running configuration advertise med voice Configure the system to advertise a dedicated IP telephony handset or other appliances supporting interactive voice services.
Defaults Command Modes Command History Related Commands unconfigured CONFIGURATION (conf-lldp) Version 8.3.16.
www.dell.com | support.dell.
30 Multicast Source Discovery Protocol (MSDP) Overview Multicast Source Discovery Protocol (MSDP) connects multiple PIM Sparse-Mode (PIM-SM) domains together. MSDP peers connect using TCP port 639. Peers send keepalives every 60 seconds. A peer connection is reset after 75 seconds if no MSDP packets are received. MSDP connections are parallel with MBGP connections. The Dell Networking operating system (FTOS) supports MSDP commands on the MXL switch.
www.dell.com | support.dell.com Parameters Defaults peer address Enter the peer address in a dotted decimal format (A.B.C.D.) Not configured Command Modes EXEC Privilege Command History Version 9.2(0.0) Introduced on the MXL 10/40GbE Switch IO Module. clear ip msdp sa-cache Clears the entire source-active cache, the source-active entries of a particular multicast group, rejected, or local source-active entries.
debug ip msdp Turn on MSDP debugging. Syntax debug ip msdp {event peer address | packet peer address | pim} To turn debugging off, use the no debug ip msdp {event peer address | packet peer address | pim} command. Parameters event peer address Enter the keyword event then the peer address in a dotted decimal format (A.B.C.D.). packet peer address Enter the keyword packet then the peer address in a dotted decimal format (A.B.C.D.). pim Enter the keyword pim to debug advertisement from PIM.
www.dell.com | support.dell.com Parameters Defaults Command Modes Command History Usage Information peer address Enter the peer address in a dotted decimal format (A.B.C.D.). list name Enter the keywords list name and specify a standard access list that contains the RP address that should be treated as the default peer. If no access list is specified, then all SAs from the peer are accepted. Not configured. CONFIGURATION Version 9.2(0.0) Introduced on the MXL 10/40GbE Switch IO Module.
Usage Information A MSDP mesh group is a mechanism for reducing SA flooding, typically in an intra-domain setting. When some subset of a domain’s MSDP speakers are fully meshed, they can be configured into a mesh-group. If member X of a mesh-group receives a SA message from an MSDP peer that is also a member of the mesh-group, member X accepts the SA message and forwards it to all of its peers that are not part of the mesh-group.
www.dell.com | support.dell.com Parameters peer address Enter the peer address in a dotted decimal format (A.B.C.D.). connect-source interface Enter the keywords connect-source then one of the interfaces and slot/port or number information: • • • • • • Defaults Command Modes Command History Usage Information For a Fast Ethernet interface, enter the keyword FastEthernet then the slot/ port information. For a Loopback interface, enter the keyword loopback then a number from 0 to 16383.
Command History Usage Information Version 9.2(0.0) Introduced on the MXL 10/40GbE Switch IO Module. Modifications to the ACL do not have an immediate affect on the sa-cache. To apply the redistribute filter to entries already present in the SA cache, use clear ip msdp sa-cache local command. ip msdp sa-filter Permit or deny MSDP source active (SA) messages based on multicast source and/or group from the specified peer.
www.dell.com | support.dell.com Usage Information FTOS counts the SA messages originated by itself and those received from the MSDP peers. When the total SA messages reach this limit, the subsequent SA messages are dropped (even if they pass RPF checking and policy checking). If the total number of SA messages is already larger than the limit when this command is applied, those SA messages that are already in FTOS continue to be accepted.
Parameters Defaults Command Modes peer peer address Enter the keyword peer then the peer address in a dotted decimal format (A.B.C.D.). sa-cache Enter the keyword sa-cache to display the Source-Active cache. summary Enter the keyword summary to display a MSDP peer summary. Not configured. EXEC EXEC Privilege Command History Example 1 Version 9.2(0.0) Figure 30-1. Introduced on the MXL 10/40GbE Switch IO Module. show ip msdp peer Command Example FTOS#show ip msdp peer 100.1.1.1 Peer Addr: 100.
www.dell.com | support.dell.com EXEC Privilege 600 Command History Example Version 9.2(0.0) Figure 30-4. Introduced on the MXL 10/40GbE Switch IO Module. show ip msdp sa-cache rejected-sa Command Example FTOS#show ip msdp sa-cache rejected-sa MSDP Rejected SA Cache 200 rejected SAs UpTime GroupAddr SourceAddr 00:00:13 225.1.2.1 10.1.1.3 00:00:13 225.1.2.2 10.1.1.4 00:00:13 225.1.2.3 10.1.1.3 00:00:13 225.1.2.4 10.1.1.4 00:00:13 225.1.2.5 10.1.1.3 00:00:13 225.1.2.6 10.1.1.4 00:00:13 225.1.2.7 10.1.
31 Multiple Spanning Tree Protocol (MSTP) Overview The multiple spanning tree protocol (MSTP), as implemented by the Dell Networking operating software (FTOS), conforms to IEEE 802.1s.
www.dell.com | support.dell.com debug spanning-tree mstp Enable debugging of the multiple spanning tree protocol and view information on the protocol. Syntax debug spanning-tree mstp [all | bpdu interface {in | out} | events] To disable debugging, use the no debug spanning-tree mstp command. Parameters all (OPTIONAL) Enter the keyword all to debug all spanning tree operations. bpdu interface {in | out} (OPTIONAL) Enter the keyword bpdu to debug Bridge Protocol Data Units.
Command History Related Commands Version 8.3.16.1 Introduced on MXL 10/40GbE Switch IO Module protocol spanning-tree mstp Enters MULTIPLE SPANNING TREE mode on the switch. disable Globally disable the multiple spanning tree protocol on the switch. Syntax disable To enable Multiple Spanning Tree Protocol, use the no disable command. Defaults Command Modes Command History Related Commands MSTP is disabled MULTIPLE SPANNING TREE Version 8.3.16.
www.dell.com | support.dell.com Parameters Defaults Command Modes Command History Related Commands seconds Enter the number of seconds the interface waits in the Blocking State and the Learning State before transiting to the Forwarding State. Range: 4 to 30 Default: 15 seconds. 15 seconds MULTIPLE SPANNING TREE Version 8.3.16.1 Introduced on MXL 10/40GbE Switch IO Module max-age Changes the wait time before MSTP refreshes protocol configuration information.
Parameters Defaults Command Modes Command History Related Commands max-age Enter a number of seconds the FTOS waits before refreshing configuration information. Range: 6 to 40 Default: 20 seconds. 20 seconds MULTIPLE SPANNING TREE Version 8.3.16.1 Introduced on MXL 10/40GbE Switch IO Module edge-port bpdufilter default The amount of time the interface waits in the Blocking State and the Learning State before transitioning to the Forwarding State. hello-time Changes the time interval between BPDUs.
www.dell.com | support.dell.com Parameters Defaults Command Modes Command History Usage Information msti instance Enter the MST instance number. Range: 0 to 4094. vlan range Enter the keyword vlan followed by the identifier range value. Range: 1 to 4094 bridge-priority priority Enter the keyword bridge-priority followed by a value in increments of 4096 as the bridge priority.
protocol spanning-tree mstp Enter MULTIPLE SPANNING TREE mode to enable and configure the multiple spanning tree group. Syntax protocol spanning-tree mstp To disable the multiple spanning tree group, use the no protocol spanning-tree mstp command. Defaults Command Modes Command History Example Not configured. CONFIGURATION Version 8.3.16.1 Figure 31-2.
www.dell.com | support.dell.com show config View the current configuration for the mode. Only non-default values are shown. Syntax Command Modes Command History Example show config MULTIPLE SPANNING TREE Version 8.3.16.1 Figure 31-3.
Parameters Command Modes instance-number [OPTIONAL] Enter the MST instance number. Range: 0 to 4094. brief [OPTIONAL] Enter the keyword brief to view a synopsis of the MST instance. guard [OPTIONAL] Enter the keyword guard to display the type of guard enabled on an MSTP interface and the current port state. EXEC EXEC Privilege Usage Information Command History Example You must enable the multiple spanning tree protocol prior to using this command. Version 8.3.16.1 Figure 31-5.
www.dell.com | support.dell.com Example 2 Figure 31-6. show spanning-tree msti Command Example with EDS and LBK FTOS#show spanning-tree msti 0 brief MSTI 0 VLANs mapped 1-4094 Executing IEEE compatible Spanning Tree Protocol Root ID Priority 32768, Address 0001.e801.6aa8 Root Bridge hello time 2, max age 20, forward delay 15, max hops 20 Bridge ID Priority 32768, Address 0001.e801.
Table 31-1. show spanning-tree msti guard Command Information Field Description Sts Port state: root-inconsistent (INCON Root), forwarding (FWD), listening (LIS), blocking (BLK), or shut down (EDS Shut) Guard Type Type of STP guard configured (Root or BPDU guard) BPDU Filter BPDU filter enabled (Yes) or BPDU filter disabled (No) spanning-tree Enable the multiple spanning tree protocol on the interface.
www.dell.com | support.dell.com Command History Version 8.3.16.1 Introduced on MXL 10/40GbE Switch IO Module spanning-tree mstp Configures a Layer 2 MSTP interface as an edge port with (optionally) a BPDU guard, a BPDU filter or enables the root guard feature on the interface. Syntax spanning-tree mstp {edge-port [bpduguard [shutdown-on-violation | bpdufilter] | rootguard} Parameters Command Modes Enter the keyword edge-port to configure the interface as a Multiple Spanning Tree edge port.
tc-flush-standard Enable the MAC address flushing after receiving every topology change notification. Syntax tc-flush-standard To disable, use the no tc-flush-standard command. Defaults Command Modes Command History Usage Information Disabled CONFIGURATION Version 8.3.16.1 Introduced on MXL 10/40GbE Switch IO Module By default, FTOS implements an optimized flush mechanism for MSTP.
www.dell.com | support.dell.
32 Multicast Overview The multicast commands are supported by Dell Networking operating systems (FTOS) on the MXL switch.
www.dell.com | support.dell.com clear ip mroute Clear learned multicast routes on the multicast forwarding table. To clear the protocol-independent multicast (PIM) tree information base, use Usage Information command. Syntax Parameters clear ip mroute {group-address [source-address] | * | snooping} group-address [source-address] Enter multicast group address and source address (if desired), in dotted decimal format, to clear information on a specific group. * Enter * to clear all multicast routes.
Defaults Command Modes ip-address (OPTIONAL) Enter the IP address in dotted decimal format of the reverse path forwarding (RPF) neighbor. distance (OPTIONAL) Enter a number as the distance metric assigned to the mroute. The range is from 0 to 255. Not configured. CONFIGURATION Command History Version 9.2(0.0) Related Commands show ip mroute Introduced on the MXL 10/40GbE Switch IO Module. View the Multicast Routing Table.
www.dell.com | support.dell.com Usage Information Related Commands After you enable multicast, you can enable IGMP and PIM on an interface. In INTERFACE mode, enter the iip pim sparse-mode command to enable IGMP and PIM on the interface. iip pim sparse-mode Enables IGMP and PIM on an interface. show ip mroute View the Multicast Routing Table.
Example 2 Figure 32-2. show ip mroute snooping Command Example FTOS#show ip mroute snooping IPv4 Multicast Snooping Table (*, 224.0.0.0), uptime 17:46:23 Incoming vlan: Vlan 2 Outgoing interface list: GigabitEthernet 4/13 (*, 225.1.2.1), uptime 00:04:16 Incoming vlan: Vlan 2 Outgoing interface list: GigabitEthernet 4/11 GigabitEthernet 4/13 (165.87.1.7, 225.1.2.
www.dell.com | support.dell.com Example 4 Figure 32-4. show ip mroute Command Example FTOS#show ip mroute IP Multicast Routing Table (*, 224.10.10.1), uptime 00:05:12 Incoming interface: GigabitEthernet 3/12 Outgoing interface list: GigabitEthernet 3/13 (1.13.1.100, 224.10.10.1), uptime 00:04:03 Incoming interface: GigabitEthernet 3/4 Outgoing interface list: GigabitEthernet 3/12 GigabitEthernet 3/13 (*, 224.20.20.
debug ipv6 mld_host Enable the collection of debug information for MLD host transactions. Syntax [no] debug ipv6 mld_host [int-count | interface type] [slot / port-range] To discontinue collection of debug information for the MLD host transactions, use the no debug ipv6 mld_host command. Parameters int-count Enter the keyword count to indicate the number of required debug messages.
www.dell.com | support.dell.com Usage Information 622 This feature allows you to limit the number of multicast entries on the system. This number is the total of all the multicast entries on all line cards in the system. On each line card, the multicast module only installs the maximum number of entries, depending on the configured CAM profile. To store multicast routes, use the IN-L3-McastFib CAM partition. It is a separate hardware limit that exists per port-pipe.
33 Neighbor Discovery Protocol (NDP) The Dell Networking operating software (FTOS) supports the network discovery protocol for IPv6 on the MXL switch. The neighbor discovery protocol for IPv6 is defined in RFC 2461 as part of the Stateless Address Autoconfiguration protocol. It replaces the Address Resolution Protocol used with IPv4.
www.dell.com | support.dell.com Parameters ipv6-address Enter the IPv6 address of the neighbor in the x:x:x:x::x format to remove a specific IPv6 neighbor. NOTE: The :: notation specifies successive hexadecimal fields of zero.
Command Modes Command History CONFIGURATION Version 9.2(0.0) Introduced on the MXL 10/40GbE Switch IO Module. show ipv6 neighbors Display IPv6 discovery information. Entering the command without options shows all IPv6 neighbor addresses stored on the CP (control processor). Syntax Parameters show ipv6 neighbors [ipv6-address] [cpu {rp1 [ipv6-address] | rp2 [ipv6-address]}] [interface interface] ipv6-address Enter the IPv6 address of the neighbor in the x:x:x:x::x format.
www.dell.com | support.dell.com Example 626 Figure 33-1. show ipv6 neighbors Command Example FTOS#show ipv6 neighbors IPv6 Address Expires(min) Hardware Address State Interface VLAN CPU -----------------------------------------------------------------------------fe80::201:e8ff:fe17:5bc6 1439 00:01:e8:17:5b:c6 STALE Gi 1/9 CP fe80::201:e8ff:fe17:5bc7 1439 00:01:e8:17:5b:c7 STALE Gi 1/10 CP fe80::201:e8ff:fe17:5bc8 1439 00:01:e8:17:5b:c8 STALE Gi 1/11 CP fe80::201:e8ff:fe17:5caf 0.
34 Open Shortest Path First (OSPF) Overview The MXL 10/40GbE Switch IO Module platform supports open shortest path first version 2 (OSPFv2) for IPv4 and version 3 (OSPFv3) for IPv6. Up to 16 OSPF instances can be run simultaneously on the MXL Switch. OSPF is an interior gateway protocol (IGP), which means that it distributes routing information between routers in a single autonomous system (AS).
www.dell.com | support.dell.com Parameters Defaults area-id Specify the OSPF area in dotted decimal format (A.B.C.D.) or enter a number from zero (0) to 65535. cost Specifies the stub area’s advertised external route metric. Range: zero (0) to 65535. cost = 1; no areas are configured. Command Modes ROUTER OSPF Command History Version 8.3.16.1 Usage Information Related Commands Introduced on MXL 10/40GbE Switch IO Module In FTOS, cost is defined with reference to bandwidth.
Parameters Defaults area-id Specify the OSPF area in dotted decimal format (A.B.C.D.) or enter a number from zero (0) to 65535. ip-address Specify an IP address in dotted decimal format. mask Specify a mask for the destination prefix. Enter the full mask (for example, 255.255.255.0). not-advertise (OPTIONAL) Enter the keyword not-advertise to set the status to DoNotAdvertise (that is, the Type 3 summary-LSA is suppressed and the component networks remain hidden from other areas.
www.dell.com | support.dell.com auto-cost Specify how the OSPF interface cost is calculated based on the reference bandwidth method. Syntax auto-cost [reference-bandwidth ref-bw] To return to the default bandwidth or to assign cost based on the interface type, use the no auto-cost [reference-bandwidth] command. Parameters Defaults ref-bw (OPTIONAL) Specify a reference bandwidth in megabits per second. Range: 1 to 4294967 Default: 100 megabits per second. 100 megabits per second.
clear ip ospf statistics Clear the packet statistics in interfaces and neighbors. Syntax Parameters clear ip ospf process-id statistics [interface name {neighbor router-id}] process-id Enter the OSPF Process ID to clear statistics for a specific process. If no Process ID is entered, all OSPF processes are cleared.
www.dell.com | support.dell.com Command Modes EXEC Privilege Command History Version 8.3.16.1 Example Figure 34-1. Introduced on MXL 10/40GbE Switch IO Module debug ip ospf process-id packet Command Example FTOS#debug ip ospf 1 packet OSPF process 1, packet debugging is on FTOS# 08:14:24 : OSPF(100:00): Xmt. v:2 t:1(HELLO) l:44 rid:192.1.1.1 aid:0.0.0.1 chk:0xa098 aut:0 auk: keyid:0 to:TenGig 4/3 dst:224.0.0.5 netmask:255.255.255.0 pri:1 N-, MC-, E+, T-, hi:10 di:40 dr:90.1.1.1 bdr:0.0.0.
Table 34-1.
www.dell.com | support.dell.com default-metric Change the metrics of redistributed routes to a value useful to OSPF. Use this command with the redistribute command. Syntax default-metric number To return to the default values, use the no default-metric [number] command. Parameters Defaults number Disabled. Command Modes ROUTER OSPF Command History Version 8.3.16.1 Related Commands Enter a number as the metric. The range is from 1 to 16777214.
Parameters Defaults weight Specify an administrative distance. The range is from 1 to 255. The default is 110. ip-address (OPTIONAL) Enter a router ID in the dotted decimal format. If you enter a router ID, include the mask for that router address. mask (OPTIONAL) Enter a mask in dotted decimal format or /n format. access-list-name (OPTIONAL) Enter the name of an IP standard access list, up to 140 characters. 110 Command Modes ROUTER OSPF Command History Version 8.3.16.
www.dell.com | support.dell.com Parameters prefix-list-name Enter the name of a configured prefix list. interface (OPTIONAL) Enter one of the following keywords and slot/port or number information: • • • • Defaults For Port Channel groups, enter the keywords port-channel followed by a number. The range is from 1 to 128. For a 10-Gigabit Ethernet interface, enter the keyword TenGigabitEthernet followed by the slot/port information.
fast-convergence This command sets the minimum LSA origination and arrival times to zero (0), allowing more rapid route computation so that convergence takes less time. Syntax fast-convergence {number} To cancel fast-convergence, use the no fast convergence command. Parameters Defaults number None Command Modes ROUTER OSPF Command History Version 8.3.16.1 Usage Information Enter the convergence level desired. The higher this parameter is set, the faster OSPF converge takes place.
www.dell.com | support.dell.com By default, FTOS implements an enhanced flooding procedure that dynamically and intelligently determines when to optimize flooding. Whenever possible, the OSPF task attempts to reduce flooding overhead by selectively flooding on a subset of the interfaces between two routers. When flood-2328 is enabled, this command configures FTOS to flood LSAs on all interfaces.
To return to default value, enter the no graceful-restart mode command. Parameters Defaults planned-only (OPTIONAL) Enter the keywords planned-only to indicate graceful restart is supported in a planned restart condition only. unplanned-only (OPTIONAL) Enter the keywords unplanned-only to indicate graceful restart is supported in an unplanned restart condition only. Support for both planned and unplanned failures. Command Modes ROUTER OSPF Command History Version 9.2(0.
www.dell.com | support.dell.com Command History Version 8.3.16.1 Introduced on MXL 10/40GbE Switch IO Module ip ospf authentication-key Enable authentication and set an authentication key on OSPF traffic on an interface. Syntax ip ospf authentication-key [encryption-type] key To delete an authentication key, use the no ip ospf authentication-key command. Parameters Defaults Command Modes Command History Usage Information encryption-type (OPTIONAL) Enter 7 to encrypt the key.
ip ospf dead-interval Set the time interval since the last hello-packet was received from a router. After the interval elapses, the neighboring routers declare the router dead. Syntax ip ospf dead-interval seconds To return to the default values, use the no ip ospf dead-interval command. Parameters Defaults Command Modes Command History Usage Information Related Commands seconds Enter the number of seconds for the interval. Range: 1 to 65535. Default: 40 seconds. 40 seconds INTERFACE Version 8.3.16.
www.dell.com | support.dell.com ip ospf message-digest-key Enable OSPF MD5 authentication and send an OSPF message digest key on the interface. Syntax ip ospf message-digest-key keyid md5 key To delete a key, use the no ip ospf message-digest-key keyid command. Parameters Defaults Command Modes Command History Usage Information keyid Enter a number as the key ID. Range: 1 to 255. key Enter a continuous character string as the password. No MD5 authentication is configured. INTERFACE Version 8.3.16.
ip ospf network Set the network type for the interface. Syntax ip ospf network {broadcast | point-to-point} To return to the default, use the no ip ospf network command. Parameters Defaults Command Modes broadcast Enter the keyword broadcast to designate the interface as part of a broadcast network. point-to-point Enter the keywords point-to-point to designate the interface as part of a point-to-point network. Not configured. INTERFACE Command History Version 8.3.16.
www.dell.com | support.dell.com ip ospf retransmit-interval Set the retransmission time between lost link state advertisements (LSAs) for adjacencies belonging to the interface. Syntax ip ospf retransmit-interval seconds To return to the default values, use the no ip ospf retransmit-interval command. Parameters Defaults Command Modes Command History Usage Information seconds Enter the number of seconds as the interval between retransmission. Range: 1 to 3600. Default: 5 seconds.
log-adjacency-changes To send a Syslog message about changes in the OSPF adjacency state, set FTOS. Syntax log-adjacency-changes To disable the Syslog messages, use the no log-adjacency-changes command. Defaults Disabled. Command Mode ROUTER OSPF Command History Version 8.3.16.1 Introduced on MXL 10/40GbE Switch IO Module maximum-paths To forward packets over multiple paths, enable the software.
www.dell.com | support.dell.com Usage Information This command is either enabled or disabled. If no OSPF process is identified as the MIB manager, the first OSPF process is used. If an OSPF process has been selected, it must be disabled prior to assigning new process ID the MIB responsibility. network area Define which interfaces run OSPF and the OSPF area for those interfaces. Syntax network ip-address mask area area-id To disable an OSPF area, use the no network ip-address mask area area-id command.
Parameters default Enter the keyword default to make all OSPF interfaces (current and future) passive. interface Enter the following keywords and slot/port or number information: • • • • Command Modes ROUTER OSPF Command History Version 8.3.16.1 Usage Information For a 40-Gigabit Ethernet interface, enter the keyword fortyGigE followed by the slot/port information.
www.dell.com | support.dell.com • • All previously marked passive interfaces are removed. May update ABR status. redistribute Redistribute information from another routing protocol throughout the OSPF process. Syntax redistribute {connected | rip | | ospf | static} [metric metric-value | metric-type type-value] [route-map map-name] [tag tag-value] To disable redistribution, use the no redistribute {connected | ospf | rip | static} command.
redistribute bgp Redistribute BGP routing information throughout the OSPF instance. Syntax redistribute bgp as number [metric metric-value | metric-type type-value] [tag tag-value] To disable redistribution, use the no redistribute bgp as number [metric metric-value | metric-type type-value] [tag tag-value] command. Parameters as number Enter the autonomous system number. The range is from 1 to 65535. metric metric-value (OPTIONAL) Enter the keyword metric followed by a number.
www.dell.com | support.dell.com Defaults route-map map-name (OPTIONAL) Enter the keywords route-map followed by the name of the route map. tag tag-value (OPTIONAL) Enter the keyword tag followed by a number. The range is from 0 to 4294967295. Not configured. Command Modes ROUTER OSPF Command History Version 9.2(0.0) Introduced on MXL 10/40GbE Switch IO Module router-id Use this command to configure a fixed router ID.
router ospf To configure an OSPF instance, enter the ROUTER OSPF mode. Syntax router ospf process-id To clear an OSPF instance, use the no router ospf process-id command. Parameters Defaults Command Modes process-id Not configured. CONFIGURATION Command History Example Enter a number for the OSPF instance. Range: 1 to 65535. Version 8.3.16.1 Figure 34-3.
www.dell.com | support.dell.com Parameters Command Modes process-id Enter the OSPF process ID to show a specific process. If no process ID is entered, command applies only to the first OSPF process. EXEC EXEC Privilege Command History Usage Information Version 8.3.16.1 Introduced on MXL 10/40GbE Switch IO Module If you delete all the network area commands for Area 0, the show ip ospf command output does not list Area 0.
Command Modes EXEC EXEC Privilege Command History Usage Information Version 8.3.16.1 Introduced on MXL 10/40GbE Switch IO Module To isolate problems with external routes, use this command. In OSPF, external routes are calculated by adding the LSA cost to the cost of reaching the ASBR router. If an external route does not have the correct cost, use this command to determine if the path to the originating router is correct. The display output is not sorted in any order.
www.dell.com | support.dell.com Table 34-2. show ip ospf process-id database Command Description Field Description Link ID Identifies the router ID. ADV Router Identifies the advertising router’s ID. Age Displays the link state age. Seq# Identifies the link state sequence number. This number enables you to identify old or duplicate link state advertisements. Checksum Displays the Fletcher checksum of an LSA’s complete contents. Link count Displays the number of interfaces for that router.
Parameters process-id Enter the OSPF process ID to show a specific process. If no process ID is entered, command applies only to the first OSPF process. link-state-id (OPTIONAL) Specify the LSA ID in dotted decimal format. The LSA ID value depends on the LSA type and can be one of the following: • • • adv-router ip-address Command Modes the network’s IP address for Type 3 LSAs or Type 5 LSAs the router’s OSPF router ID for Type 1 LSAs or Type 4 LSAs the default destination (0.0.0.
www.dell.com | support.dell.com Example Figure 34-5. show ip ospf database asbr-summary Command Example (Partial) FTOS#show ip ospf 100 database asbr-summary OSPF Router with ID (1.1.1.10) (Process ID 100) Summary Asbr (Area 0.0.0.0) LS age: 1437 Options: (No TOS-capability, No DC, E) LS type: Summary Asbr Link State ID: 103.1.50.1 Advertising Router: 1.1.1.
Usage Information The following describes the show ip ospf process-id database external command shown in the following example. Table 34-4. show ip ospf process-id database external Command Description Item Description LS Age Displays the LSA age. Options Displays the optional capabilities available on router. The following options can be found in this item: • • • TOS-capability or No TOS-capability is displayed depending on whether the router can support Type of Service.
www.dell.com | support.dell.com Example FTOS#show ip ospf 1 database external OSPF Router with ID (20.20.20.5) (Process ID 1) Type-5 AS External LS age: 612 Options: (No TOS-capability, No DC, E) LS type: Type-5 AS External Link State ID: 12.12.12.2 Advertising Router: 20.31.3.1 LS Seq Number: 0x80000007 Checksum: 0x4cde Length: 36 Network Mask: /32 Metrics Type: 2 TOS: 0 Metrics: 25 Forward Address: 0.0.0.
Command History Example Version 8.3.16.1 Figure 34-6. Introduced on MXL 10/40GbE Switch IO Module show ip ospf process-id database network Command Example FTOS#show ip ospf 1 data network OSPF Router with ID (20.20.20.5) (Process ID 1) Network (Area 0.0.0.0) LS age: 1372 Options: (No TOS-capability, DC, E) LS type: Network Link State ID: 202.10.10.2 Advertising Router: 20.20.20.8 LS Seq Number: 0x80000006 Checksum: 0xa35 Length: 36 Network Mask: /24 Attached Router: 20.20.20.8 Attached Router: 20.20.
www.dell.com | support.dell.com Related Commands show ip ospf database Displays OSPF database information. show ip ospf database nssa-external Display NSSA-External (Type 7) LSA information. Syntax Parameters show ip ospf database nssa-external [link-state-id] [adv-router ip-address] link-state-id (OPTIONAL) Specify the LSA ID in dotted decimal format.
Example FTOS>show ip ospf 1 database opaque-area OSPF Router with ID (3.3.3.3) (Process ID 1) Type-10 Opaque Link Area (Area 0) LS age: 1133 Options: (No TOS-capability, No DC, E) LS type: Type-10 Opaque Link Area Link State ID: 1.0.0.1 Advertising Router: 10.16.1.160 LS Seq Number: 0x80000416 Checksum: 0x376 Length: 28 Opaque Type: 1 Opaque ID: 1 Unable to display opaque data LS age: 833 Options: (No TOS-capability, No DC, E) LS type: Type-10 Opaque Link Area Link State ID: 1.0.0.2 Advertising Router: 10.
www.dell.com | support.dell.com Parameters process-id Enter the OSPF process ID to show a specific process. If no Ppocess ID is entered, command applies only to the first OSPF process. link-state-id (OPTIONAL) Specify the LSA ID in dotted decimal format.
show ip ospf database router Display the router (Type 1) LSA information. Syntax Parameters show ip ospf process-id database router [link-state-id] [adv-router ip-address] process-id Enter the OSPF Process ID to show a specific process. If no Process ID is entered, command applies only to the first OSPF process. link-state-id (OPTIONAL) Specify the LSA ID in dotted decimal format.
www.dell.com | support.dell.com Example Figure 34-7. show ip ospf process-id database router Command Example (Partial) FTOS#show ip ospf 100 database router OSPF Router with ID (1.1.1.10) (Process ID 100) Router (Area 0) LS age: 967 Options: (No TOS-capability, No DC, E) LS type: Router Link State ID: 1.1.1.10 Advertising Router: 1.1.1.
Table 34-7. show ip ospf process-id database router Command Description Related Commands Item Description LS Seq Number Displays the link state sequence number. This number detects duplicate or old LSAs. Checksum Displays the Fletcher checksum of an LSA’s complete contents. Length Displays the length in bytes of the LSA. Number of Links Displays the number of active links to the type of router (Area Border Router or AS Boundary Router) listed in the previous line.
www.dell.com | support.dell.com Example Figure 34-8. show ip ospf process-id database summary Command Example FTOS#show ip ospf 100 database summary OSPF Router with ID (1.1.1.10) (Process ID 100) Summary Network (Area 0.0.0.0) LS age: 1551 Options: (No TOS-capability, DC, E) LS type: Summary Network Link State ID: 192.68.16.0 Advertising Router: 192.168.17.
Table 34-8. show ip ospf process-id database summary Command Description Related Commands Items Description TOS Displays the TOS options. Option 0 is the only option. Metric Displays the LSA metrics. show ip ospf database Displays OSPF database information. show ip ospf interface Display the OSPF interfaces configured. If OSPF is not enabled on the switch, no output is generated.
www.dell.com | support.dell.com Example Figure 34-9. show ip ospf process-id interface Command Example FTOS>show ip ospf int TenGigabitEthernet 13/17 is up, line protocol is up Internet Address 192.168.1.2/30, Area 0.0.0.1 Process ID 1, Router ID 192.168.253.2, Network Type BROADCAST, Cost: 1 Transmit Delay is 1 sec, State DR, Priority 1 Designated Router (ID) 192.168.253.2, Interface address 192.168.1.2 Backup Designated Router (ID) 192.168.253.1, Interface address 192.168.1.
Syntax Parameters show ip ospf process-id neighbor process-id Command Modes EXEC Privilege Command History Version 8.3.16.1 Example Figure 34-10. Enter the OSPF Process ID to show a specific process. If no Process ID is entered, command applies only to the first OSPF process. Introduced on MXL 10/40GbE Switch IO Module show ip ospf process-id neighbor Command Example FTOS#show ip ospf 34 neighbor Neighbor ID 20.20.20.7 192.10.10.2 20.20.20.
www.dell.com | support.dell.com Usage Information This command is useful in isolating routing problems between OSPF and the RTM. For example, if a route is missing from the RTM/FIB but is visible from the display output of this command, then the problem is with downloading the route to the RTM. This command has the following limitations: • • Example The display output is sorted by prefixes; intra-area ECMP routes are not displayed together. For Type 2 external routes, Type 1 cost is not displayed.
Example Figure 34-12.
www.dell.com | support.dell.com Table 34-12. show ip ospf statistics process-id global Error Descriptions Usage Information Error Type Description Intf_Down Received packets on an interface that is either down or OSPF is not enabled.
Example Figure 34-13. show ip ospf process-id statistics Command Example FTOS#show ip ospf 10 statistics Interface TenGigabitEthernet 4/45 Error packets (Receive statistics) Intf-Down 0 Non-Dr Wrong-Len 0 Invld-Nbr Auth-Error 0 MD5-Error Version 0 AreaMisMatch SeqNo-Err 0 Unknown-Pkt RtidZero 0 Neighbor ID 3.1.1.
www.dell.com | support.dell.com Syntax Parameters Defaults Command Modes show ip ospf process-id topology process-id Enter the OSPF Process ID to show a specific process. If no Process ID is entered, command applies only to the first OSPF process. none EXEC EXEC Privilege Command History Usage Information Example Version 8.3.16.1 Introduced on MXL 10/40GbE Switch IO Module To isolate problems with inter-area and external routes, use this command.
Usage Information The command area range summarizes routes for the different areas. With the not-advertise parameter configured, you can use this command to filter out some external routes. For example, if you want to redistribute static routes to OSPF but you don't want OSPF to advertise routes with prefix 1.1.0.0. Then you can configure summary-address 1.1.0.0 255.255.0.0 not-advertise to filter out all the routes that fall in range 1.1.0.0/16.
www.dell.com | support.dell.com • • hold-interval 5000 msec max-interval: 5000 msec Command Modes ROUTER OSPF Command History Version 8.3.16.1 Usage Information Introduced on MXL 10/40GbE Switch IO Module LSAs are sent after the start-interval and then after hold-interval until the maximum interval is reached. In throttling, exponential backoff is used when sending same LSA, so that the interval is multiplied until the maximum time is reached.
OSPFv3 Commands Open shortest path first version 3 (OSPFv3) for IPv6 is supported on the MXL Switch platform. The fundamental mechanisms of OSPF (flooding, DR election, area support, SPF calculations, and so on) remain unchanged. However, OSPFv3 runs on a per-link basis instead of on a per-IP-subnet basis. Most changes were necessary to handle the increased address size of IPv6. The Dell Networking implementation of OSPFv3 is based on IETF RFC 2740.
www.dell.com | support.dell.com The configuration of IPsec authentication on an interface-level takes precedence over an area-level configuration. If you remove an interface configuration, an area authentication policy that has been configured is applied to the interface. area encryption Configure an IPsec encryption policy for OSPFv3 packets in an OSPFv3 area.
When you configure encryption for an OSPFv3 area with the area encryption command, you enable both IPsec encryption and authentication. However, when you enable authentication on an area with the area authentication command, you do not enable encryption at the same time. If you have enabled IPsec authentication in an OSPFv3 area with the area authentication command, you cannot use the area encryption command in the area at the same time.
www.dell.com | support.dell.com Example Lines Beginning With or Including Description OSPFv3... 05:21:01 Sending Ver:3 Debugging is on for all OSPFv3 packets and all interfaces. Displays the time stamp. Sending OSPF3 version.. Figure 34-16.
Command History Version 9.2(0.0) Introduced on MXL 10/40GbE Switch IO Module default-information originate Configure the FTOS to generate a default external route into an OSPFv3 routing domain. Syntax default-information originate [always] [metric metric-value] [metric-type type-value] [route-map map-name] To return to the default values, use the no default-information originate command.
www.dell.com | support.dell.com Usage Information By default, OSPFv3 graceful restart is disabled and functions only in a helper role to help restarting neighbor routers in their graceful restarts when it receives a Grace LSA. To enable OSPFv3 graceful restart, enter the ipv6 router ospf command to enter OSPFv3 configuration mode and then configure a grace period using the graceful-restart grace-period command.
ipv6 ospf area Enable IPv6 OSPF on an interface. Syntax ipv6 ospf process id area area id To disable OSPFv6 routing for an interface, use the no ipv6 ospf process id area area id command. Parameters Defaults Command Modes Command History process id Enter the process identification number. area area id Specify the OSPF area. The range is from 0 to 65535. none INTERFACE Version 9.2.(0.0) Introduced on MXL 10/40GbE Switch IO Module ipv6 ospf authentication Enable IPv6 OSPF on an interface.
www.dell.com | support.dell.com Usage Information Before you enable IPsec authentication on an OSPFv3 interface, first enable IPv6 unicast routing globally, configure an IPv6 address and enable OSPFv3 on the interface, and assign the interface to an area. An SPI value must be unique to one IPsec security policy (authentication or encryption) on the router. Configure the same authentication policy (same SPI and key) on each OSPFv3 interface in a link.
ipv6 ospf cost Explicitly specify the cost of sending a packet on an interface. Syntax ipv6 ospf interface-cost Parameters Defaults Command Modes interface-cost Default cost based on the bandwidth. INTERFACE Command History Usage Information Enter a unsigned integer value expressed as the link-state metric. The range is from 1 to 65535. Version 9.2.(0.
www.dell.com | support.dell.com ipv6 ospf encryption Configure an IPsec encryption policy for OSPFv3 packets on an IPv6 interface. Syntax ipv6 ospf encryption {null | ipsec spi number esp encryption-algorithm [key-encryption-type] key authentication-algorithm [key-encryption-type] key}} To remove an IPsec encryption policy from an interface, enter the no ipv6 ospf encryption spi number command.
ipv6 ospf graceful-restart helper-reject Configure an OSPFv3 interface to not act upon the Grace LSAs that it receives from a restarting OSPFv3 neighbor. Syntax ipv6 ospf graceful-restart helper-reject To disable the helper-reject role, enter the no ipv6 ospf graceful-restart helper-reject command. Defaults Command Modes Command History Usage Information The helper-reject role is not configured INTERFACE Version 9.2.(0.
www.dell.com | support.dell.com To return to the default time interval, use the no ipv6 ospf priority command. Parameters Defaults Command Modes number 1 INTERFACE Command History Usage Information Enter the number as the priority. The range is from 1 to 255. Version 9.2.(0.0) Introduced on MXL 10/40GbE Switch IO Module Setting a priority of 0 makes the router ineligible for election as a designated router or backup designated router.
Command History Version 9.2(0.0) Added support for OSPFv3. Version 8.3.16.1 Introduced on MXL 10/40GbE Switch IO Module passive-interface Suppress both receiving and sending routing updates on an interface. Syntax passive-interface {default | interface} To enable both the receiving and sending routing, enter the no passive-interface interface command. To return all OSPF interfaces (current and future) to active, enter the no passive-interface default command.
www.dell.com | support.dell.com redistribute Redistribute information from another routing protocol into OSPFv3 throughout the OSPF process. Syntax redistribute {bgp as number} {connected | static} [metric metric-value | metric-type type-value] [route-map map-name] [tag tag-value] To disable redistribution, use the no redistribute {connected | static} command. Parameters bgp as number Enter the keyword bgp then the autonomous system number. The range is from 1 to 65535.
Defaults Command Modes The router ID is selected automatically from the set of IPv6 addresses configured on a router. ROUTER OSPFv3 for OSPFv3 Command History Example Version 9.2(0.0) Added support for OSPFv3. Version 8.3.16.1 Introduced on MXL 10/40GbE Switch IO Module Figure 34-17. router-id Command Example FTOS(conf)#router ospf 100 FTOS(conf-router_ospf)#router-id 1.1.1.
www.dell.com | support.dell.com Syntax show crypto ipsec sa ipv6 [interface interface] Parameters interface interface (OPTIONAL) Displays information about the SAs used on a specified OSPFv3 interface, where interface is one of the following values: • • • • • Defaults Command Modes No default behavior or values. • • Command History Usage Information For a 1-Gigabit Ethernet interface, enter the keyword GigabitEthernet then the slot/ port number.
show ipv6 ospf interface View OSPFv3 interface information. Syntax Parameters show ipv6 ospf [interface] interface (OPTIONAL) Enter the following keywords and slot/port or number information: • • • • • • Defaults Command Modes Command History Usage Information For a 1-Gigabit Ethernet interface, enter the keyword GigabitEthernet and the slot/ port information. For a 10-Gigabit Ethernet interface, enter the keyword TenGigabitEthernet and the slot/port information.
www.dell.com | support.dell.com Parameters (OPTIONAL) Enter the following keywords and slot/port or number information: • • • • • • Defaults Command Modes Command History 694 interface | For a 1-Gigabit Ethernet interface, enter the keyword GigabitEthernet and the slot/ port information. For a 10-Gigabit Ethernet interface, enter the keyword TenGigabitEthernet and the slot/port information. For a 40-Gigabit Ethernet interface, enter the keyword fortyGigE and the slot/port information.
35 Port Monitoring Overview The port monitoring feature allows you to monitor network traffic by forwarding a copy of each incoming or outgoing packet from one port to another port. Commands • • • • • • description monitor session show config show monitor session show running-config monitor session source (port monitoring) Important Points to Remember • • • • • • • • • Port monitoring is supported on physical ports only.
www.dell.com | support.dell.com description Enter a description of this monitoring session. Syntax description {description} To remove the description, use the no description {description} command. Parameters Defaults Command Modes description Enter a description regarding this session(80 characters maximum). none MONITOR SESSION (conf-mon-sess-session-ID) Command History Version 8.3.16.1 Related Commands monitor session Introduced on M I/O Aggregator Enables a monitoring session.
show config Display the current monitor session configuration. Syntax Defaults Command Modes Command History Example show config none MONITOR SESSION (conf-mon-sess-session-ID) Version 8.3.16.1 Figure 35-2. Introduced on M I/O Aggregator show config Command Example FTOS(conf-mon-sess-11)#show config ! monitor session 11 source TenGigabitEthernet 10/0 destination TenGigabitEthernet 10/47 direction rx show monitor session Display the monitor information of a particular session or all sessions.
www.dell.com | support.dell.com show running-config monitor session Display the running configuration of all monitor sessions or a specific session. Syntax show running-config monitor session {session-ID} To display the running configuration for all monitor sessions, use just the show running-config monitor session command. Parameters Defaults Command Modes session-ID (OPTIONAL) Enter a session identification number. Range: 0 to 65535 none EXEC EXEC Privilege Command History Example Version 8.3.16.
source (port monitoring) Configure a port monitor source. Syntax source interface destination interface direction {rx | tx | both} To disable a monitor source, use the no source interface destination interface direction {rx | tx | both} command. Parameters interface Enter the one of the following keywords and slot/port information: • For a 10-Gigabit Ethernet interface, enter the keyword • TenGigabitEthernet followed by the slot/port information.
| Port Monitoring www.dell.com | support.dell.
36 PIM-Sparse Mode (PIM-SM) Overview The protocol-independent multicast (PIM) commands are supported by the Dell Networking operating software (FTOS) on the MXL Switch platform. This chapter contains the following sections: • • IPv4 PIM-Sparse Mode Commands IPv6 PIM-Sparse Mode Commands IPv4 PIM-Sparse Mode Commands The following describes the IPv4 PIM-sparse mode (PIM-SM) commands.
www.dell.com | support.dell.com • • • • show ip pim snooping tib show ip pim summary show ip pim tib show running-config pim clear ip pim rp-mapping The bootstrap router (BSR) feature uses this command to remove all or particular rendezvous point (RP) advertisement. Syntax Parameters clear ip pim rp-mapping rp-address rp-address Command Modes EXEC Privilege Command History Version 9.2(0.0) (OPTIONAL) Enter the RP address in dotted decimal format (A.B.C.
Parameters bsr (OPTIONAL) Enter the keyword bsr to view PIM Candidate RP/BSR activities. events (OPTIONAL) Enter the keyword events to view PIM events for a specific group. group (OPTIONAL) Enter the keyword group to view PIM messages for a specific group. packet [in | out] (OPTIONAL) Enter the keyword packet to view PIM packets. Enter one of the optional parameters • • register (OPTIONAL) Enter the keyword register to view PIM register address in dotted decimal format (A.B.C.D).
www.dell.com | support.dell.com ip pim bsr-candidate To join the Bootstrap election process, configure the PIM router. Syntax ip pim bsr-candidate interface [hash-mask-length] [priority] To return to the default value, use the no ip pim bsr-candidate command. Parameters interface Enter the following keywords and slot/port or number information: • • • • Defaults Command Modes For a Loopback interface, enter the keyword loopback then a number from 0 to 16383.
iip pim join-filter Permit or deny PIM Join/Prune messages on an interface using an extended IP access list. This command prevents the PIM SM router from creating state based on multicast source and/or group. Syntax ip pim join-filter ext-access-list {in | out} To remove the access list, use the no ip pim join-filter ext-access-list {in | out} command. Parameters Defaults Command Modes Command History Example ext-access-list Enter the name of an extended access list.
www.dell.com | support.dell.com ip pim neighbor-filter To prevent a router from participating in protocol independent multicast (PIM), configure this feature. Syntax ip pim neighbor-filter {access-list} To remove the restriction, use the no ip pim neighbor-filter {access-list} command. Parameters Defaults Command Modes Command History Usage Information access-list Enter the name of a standard access list. Maximum 16 characters. none CONFIGURATION Version 9.2(0.
Command History Usage Information Version 9.2(0.0) Introduced on the MXL 10/40GbE Switch IO Module. The access name is an extended IP access list that denies PIM register packets to RP at the source DR based on the multicast and group addresses. Do not enter this command before creating the access-list. ip pim rp-address Configure a static PIM Rendezvous Point (RP) address for a group or access-list.
www.dell.com | support.dell.com Parameters interface Enter the following keywords and slot/port or number information: • • • • • priority Defaults Command Modes Command History Usage Information For a Gigabit Ethernet interface, enter the keyword GigabitEthernet then the slot/port information. For a Loopback interface, enter the keyword loopback then a number from 0 to 16383. For a Port Channel interface, enter the keywords port-channel then a number: The range is from 1 to 128.
ip pim sparse-mode sg-expiry-timer Enable expiry timers globally for all sources, or for a specific set of (S,G) pairs defined by an access list. Syntax ip pim sparse-mode sg-expiry-timer seconds [access-list name] To disable configured timers and return to default mode, enter no ip pim sparse-mode sg-expiry-timer. Parameters Defaults Command Modes Command History Usage Information seconds Enter the number of seconds the S, G entries will be retained. The range is from 211 to 86400.
www.dell.com | support.dell.com no ip pim snooping dr-flood Disable the flooding of multicast packets to the PIM designated router. Syntax no ip pim snooping dr-flood To re-enable the flooding of multicast packets to the PIM designated router, use the ip pim snooping dr-flood command. Defaults Command Modes Command History Usage Information Enabled. CONFIGURATION Version 9.2(0.0) Introduced on the MXL 10/40GbE Switch IO Module.
Example Figure 36-2. show ip pim bsr-router Command Example E600-7-rpm0#show ip pim bsr-router PIMv2 Bootstrap information This system is the Bootstrap Router (v2) BSR address: 7.7.7.7 (?) Uptime: 16:59:06, BSR Priority: 0, Hash mask length: 30 Next bootstrap message in 00:00:08 This system is a candidate BSR Candidate BSR address: 7.7.7.7, priority: 0, hash mask length: 30 show ip pim interface View information on the interfaces with IP PIM enabled.
www.dell.com | support.dell.com show ip pim neighbor View PIM neighbors. Syntax Command Modes show ip pim neighbor EXEC EXEC Privilege Command History Example Version 9.2(0.0) Figure 36-4. Introduced on the MXL 10/40GbE Switch IO Module. show ip pim neighbor Command Example FTOSshow ip pim neighbor Neighbor Interface Address 127.87.3.4 Gi 7/16 FTOS Table 36-2.
Command Modes EXEC EXEC Privilege Command History Example 1 Version 9.2(0.0) Figure 36-5. Introduced on the MXL 10/40GbE Switch IO Module. show ip pim rp mapping Command Example 1 FTOSsh ip pim rp Group RP 224.2.197.115 165.87.20.4 224.2.217.146 165.87.20.4 224.3.3.3 165.87.20.4 225.1.2.1 165.87.20.4 225.1.2.2 165.87.20.4 229.1.2.1 165.87.20.4 229.1.2.2 165.87.20.4 FTOS Example 2 Figure 36-6. show ip pim rp mapping Command Example 2 FTOSsh ip pim rp mapping Group(s): 224.0.0.0/4 RP: 165.87.20.
www.dell.com | support.dell.com Example Figure 36-8. show ip pim snooping interface Command Example FTOSshow ip pim snooping interface Interface Ver Nbr DR Count Prio Vlan 2 v2 3 1 Table 36-3. DR 165.87.32.2 show ip pim snooping interface Command Example Fields Field Description Interface Displays the VLAN interfaces with PIM-SM snooping enabled.
Table 36-4. show ip pim snooping neighbor Command Example Fields Field Description Neighbor address Displays the IP address of the neighbor learned through PIM-SM snooping. Interface Displays the VLAN ID number and slot/port on which the PIM-SM-enabled neighbor was discovered. Uptime/expires Displays the amount of time the neighbor has been up then the amount of time until the neighbor is removed from the multicast routing table (that is, until the neighbor hold time expires).
www.dell.com | support.dell.com Example Figure 36-10. show ip pim snooping tib Command Example FTOSshow ip pim snooping tib PIM Multicast Snooping Table Flags: J/P - (*,G) Join/Prune, j/p - (S,G) Join/Prune SGR-P - (S,G,R) Prune Timers: Uptime/Expires * : Inherited port (*, 225.1.2.1), uptime 00:00:01, expires 00:02:59, RP 165.87.70.1, flags: J Incoming interface: Vlan 2, RPF neighbor 0.0.0.0 Outgoing interface list: GigabitEthernet 4/11 RPF 165.87.32.
Table 36-5. show ip pim snooping tib Command Example Fields (continued) Field Description RPF neighbor Displays the next hop from this interface towards the RP/source. Outgoing interface list: Lists the interfaces that meet one of the following criteria: • • • a directly connect member of the Group. statically configured member of the Group. received a (*,G) Join message. show ip pim summary View information about PIM-SM operation.
www.dell.com | support.dell.com Example Figure 36-11.
Example Figure 36-12. show ip pim tib Command Example FTOSshow ip pim tib PIM Multicast Routing Table Flags: D - Dense, S - Sparse, C - Connected, L - Local, P - Pruned, R - RP-bit set, F - Register flag, T - SPT-bit set, J - Join SPT, M - MSDP created entry, A - Candidate for MSDP Advertisement, K - Ack-Pending State Timers: Uptime/Expires Interface state: Interface, next-Hop, State/Mode (*, 226.1.1.1), uptime 01:29:19, expires 00:00:52, RP 10.211.2.
www.dell.com | support.dell.com show running-config pim Display the current configuration of PIM-SM snooping. Syntax show running-config pim Command Modes EXEC Privilege Command History Version 9.2(0.0) Related Commands Example iip pim sparse-mode Introduced on the MXL 10/40GbE Switch IO Module. Enable PIM-SM snooping.
IPv6 PIM-Sparse Mode Commands The IPv6 PIM-SM commands are: • • • • • • • • • • • • • • • • ipv6 pim bsr-border ipv6 pim bsr-candidate ipv6 pim dr-priority ipv6 pim join-filter ipv6 pim query-interval ipv6 pim neighbor-filter ipv6 pim register-filter ipv6 pim rp-address ipv6 pim rp-candidate iip pim sparse-mode ipv6 pim spt-threshold show ipv6 pim bsr-router show ipv6 pim interface show ipv6 pim neighbor show ipv6 pim rp show ipv6 pim tib ipv6 pim bsr-border Define the border of PIM domain by filtering in
www.dell.com | support.dell.com Parameters interface Enter the following keywords and slot/port or number information: • • • • hash-mask-length (OPTIONAL) Enter the hash mask length for RP selection. The range is from 0 to 128. The default is 126. priority (OPTIONAL) Enter the priority value for Bootstrap election process. The range is from 0 to 255. The default is 126. Defaults Refer to Parameters.
Parameters Defaults Command Modes Command History Example access-list Enter the name of an extended access list. in Enter the keyword in to apply the access list to inbound traffic. out Enter this keyword out to apply the access list to outbound traffic. None INTERFACE Version 9.2(0.0) Introduced on the MXL 10/40GbE Switch IO Module.
www.dell.com | support.dell.com Usage Information Do not enter this command before creating the access-list. ipv6 pim register-filter Configure the source DR so that it does not send register packets to the RP for the specified sources and groups. Syntax Parameters Defaults Command Modes Command History Example ipv6 pim register-filter access-list access-list Enter the name of the extended ACL that contains the sources and groups to filtere. None CONFIGURATION Version 9.2(0.
Command History Usage Information Version 9.2(0.0) Introduced on the MXL 10/40GbE Switch IO Module. The RP addresses are stored in the order in which they are entered. RP addresses learned via BSR take priority over static RP addresses. Without the override option, BSR-advertised RPs updates take precedence over the statically configured RPs. ipv6 pim rp-candidate Specify an interface as an RP candidate.
www.dell.com | support.dell.com ipv6 pim spt-threshold Specifies when a PIM leaf router should join the shortest path tree. Syntax ipv6 pim spt-threshold {kbps | infinity} To return to the default value, use the no ipv6 pim spt-threshold command. Parameters Defaults Command Modes Command History Usage Information kbps Enter a traffic rate in kilobytes per second. The range is from 0 to 4294967 kbps. The default is 10 kbps.
show ipv6 pim interface Display IPv6 PIM enabled interfaces. Syntax Command Modes show ipv6 pim interface EXEC EXEC Privilege Command History Example Version 9.2(0.0) Figure 36-14. Introduced on the MXL 10/40GbE Switch IO Module.
www.dell.com | support.dell.com show ipv6 pim rp View all IPv6 multicast groups-to-rendezvous point (RP) mappings. Syntax Parameters show ipv6 pim rp [mapping | group-address] mapping (OPTIONAL) Enter the keyword mapping to display the multicast groups-to-RP mapping and information on how RP is learnt. group-address (OPTIONAL) Enter the multicast group address in the x:x:x:x::x format to view RP mappings for a specific group. NOTE: The :: notation specifies successive hexadecimal fields of zero.
Command Modes EXEC EXEC Privilege Command History Example Version 9.2(0.0) Figure 36-18. Introduced on the MXL 10/40GbE Switch IO Module.
| PIM-Sparse Mode (PIM-SM) www.dell.com | support.dell.
37 Private VLAN (PVLAN) Commands This chapter describes the following commands: • • • • • • • ip local-proxy-arp private-vlan mode private-vlan mapping secondary-vlan show interfaces private-vlan show vlan private-vlan show vlan private-vlan mapping switchport mode private-vlan For more information, also refer to the following commands. The command output is augmented in FTOS 7.8.1.
www.dell.com | support.dell.com Private VLAN Concepts Primary VLAN: The primary VLAN is the base VLAN and can have multiple secondary VLANs. There are two types of secondary VLAN — community VLAN and isolated VLAN: • • A primary VLAN can have any number of community VLANs and isolated VLANs. Private VLANs block all traffic to isolated ports except traffic from promiscuous ports. Traffic received from an isolated port is forwarded only to promiscuous ports or trunk ports.
To disable Layer 3 communication in a particular secondary VLAN, use the no ip local-proxy-arp command in INTERFACE VLAN mode for the selected secondary VLAN. Note: Even after ip-local-proxy-arp is disabled (no ip-local-proxy-arp) in a secondary VLAN, Layer 3 communication may happen between some secondary VLAN hosts, until the ARP timeout happens on those secondary VLAN hosts. Defaults Command Modes Layer 3 communication is disabled between secondary VLANs in a private VLAN.
www.dell.com | support.dell.com Only ports (and port channels) configured as promiscuous, host, or PVLAN trunk ports (as described above) can be added to the PVLAN. No other regular ports can be added to the PVLAN. After using this command to configure a VLAN as a primary VLAN, use the private-vlan mapping secondary-vlan command to map secondary VLANs to this VLAN. Related Commands private-vlan mapping secondary-vlan Sets the mode of the selected VLAN to primary and then associate secondary VLANs to it.
show interfaces private-vlan Display type and status of PVLAN interfaces. Syntax Parameters Defaults Command Modes show interfaces private-vlan [interface interface] interface interface (OPTIONAL) Enter the keyword interface, followed by the ID of the specific interface for which to display PVLAN status. none EXEC EXEC Privilege Command History Usage Information Examples Version 8.3.16.
www.dell.com | support.dell.com show vlan private-vlan mapping Displays the primary-secondary VLAN mapping. switchport mode private-vlan Sets the PVLAN mode of the selected port. show vlan private-vlan Display PVLANs and/or interfaces that are part of a PVLAN.
Figure 37-4. show vlan private-vlan Command Example (Primary) FTOS# show vlan private-vlan primary Primary Secondary Type Active Ports ------- --------- --------- ------ -----------------------10 primary Yes TenGig 2/1,3 20 primary Yes TenGig 3/1,3 Figure 37-5.
www.dell.com | support.dell.com Table 37-2 defines the fields in the output. Table 37-2.
switchport mode private-vlan Set PVLAN mode of the selected port. Syntax [no] switchport mode private-vlan {host | promiscuous | trunk} To remove the PVLAN mode from the selected port, use the no switchport mode private-vlan command. Parameters Defaults Command Modes Command History Usage Information Example host Enter host to configure the selected port or port channel as an isolated interface in a PVLAN, as described above.
| Private VLAN (PVLAN) www.dell.com | support.dell.
38 Per-VLAN Spanning Tree Plus (PVST+) Overview The FTOS implementation of PVST+ (Per-VLAN Spanning Tree plus) is based on the IEEE 802.1w standard Spanning Tree Protocol, but it creates a separate spanning tree for each VLAN configured.
www.dell.com | support.dell.com Related Commands protocol spanning-tree pvst Enter PVST+ mode. description Enter a description of the PVST+ Syntax description {description} To remove the description, use the no description {description} command. Parameters Defaults Command Modes Command History Related Commands description Enter a description to identify the Spanning Tree (80 characters maximum). No default behavior or values SPANNING TREE PVST+ (The prompt is “config-pvst”) Version 8.3.16.
extend system-id Use Extend System ID to augment the Bridge ID with a VLAN ID so that PVST+ differentiate between BPDUs for each VLAN. If for some reason a VLAN receives a BPDU meant for another VLAN, PVST+ will then not detect a loop, and both ports can remain in forwarding state. Syntax Defaults Command Modes Command History Example extend system-id Disabled PROTOCOL PVST Version 8.3.16.1 Figure 38-1.
www.dell.com | support.dell.com protocol spanning-tree pvst Enter the PVST+ mode to enable PVST+ on a device. Syntax protocol spanning-tree pvst To disable PVST+, use the disable command. Defaults Command Modes Command History Example This command has no default value or behavior. CONFIGURATION Version 8.3.16.1 Figure 38-2.
Interface (OPTIONAL) Enter one of the interface keywords along with the slot/port information: • For a Port Channel interface, enter the keyword port-channel followed by a number: Range: 1-128 • For a 10-Gigabit Ethernet interface, enter the keyword • TenGigabitEthernet followed by the slot/port information. For a 40-Gigabit Ethernet interface, enter the keyword fortyGigE followed by the slot/port information.
www.dell.com | support.dell.com Example 2 Figure 38-4. show spanning-tree pvst vlan Command FTOS#show spanning-tree pvst vlan 2 VLAN 2 Root Identifier has priority 32768, Address 001e.c9f1.00f3 Root Bridge hello time 2, max age 20, forward delay 15 Bridge Identifier has priority 32768, Address 001e.c9f1.00f3 Configured hello time 2, max age 20, forward delay 15 Bpdu filter disabled globally We are the root of VLAN 2 Current root has priority 32768, Address 001e.c9f1.
Example 4 Figure 38-6.
www.dell.com | support.dell.com spanning-tree pvst Configure a PVST+ interface with one of the following settings: edge port with optional Bridge Port Data Unit (BPDU) guard, BPDU filter, port disablement if an error condition occurs, port priority or cost for a VLAN range, or root guard.
By default bpdu filtering on an interface is disabled. Note: A port configured as an edge port, on a PVST switch, will immediately transition to the forwarding state. Only ports connected to end-hosts should be configured as an edge port. Consider an edge port similar to a port with a spanning-tree portfast enabled. Example Figure 38-8.
www.dell.com | support.dell.com tc-flush-standard Enable the MAC address flushing upon receiving every topology change notification. Syntax tc-flush-standard To disable, use the no tc-flush-standard command. Defaults Command Modes Command History Usage Information Disabled CONFIGURATION Version 8.3.16.1 Introduced on MXL 10/40GbE Switch IO Module By default FTOS implements an optimized flush mechanism for PVST+.
vlan forward-delay Set the amount of time the interface waits in the Listening State and the Learning State before transitioning to the Forwarding State. Syntax vlan forward-delay seconds To return to the default setting, enter no vlan forward-delay command. Parameters Defaults Command Modes Command History Related Commands vlan vlan-range Enter the keyword vlan followed by the VLAN number(s).
www.dell.com | support.dell.com Related Commands Set the bridge-priority value vlan forward-delay Change the time interval before FTOS transitions to the forwarding state vlan max-age Change the time interval before PVST+ refreshes show spanning-tree pvst Display the PVST+ configuration vlan max-age Set the time interval for the PVST+ bridge to maintain configuration information before refreshing that information.
39 Quality of Service (QoS) Overview The Dell Networking operating software (FTOS) commands for quality of service (QoS) include traffic conditioning and congestion control. This chapter contains the following sections: • • Global Configuration Commands Policy-Based QoS Commands Global Configuration Commands • • qos-rate-adjust service-class dot1p-mapping qos-rate-adjust By default, for rate policing and rate shaping, FTOS does not include the Preamble, SFD, or the IFG fields.
www.dell.com | support.dell.com service-class dot1p-mapping This command maps an 802.1p priority to an internal traffic class. Syntax service-class dot1p-mapping user-priority trafficclass The user-priority value can range from 0-7 and traffic class can range from 0-6. The no form of this command is not supported. Command Modes Command History CONFIGURATION Version 8.3.16.
Command History Usage Information Version 8.3.16.1 Introduced on MXL 10/40GbE Switch IO Module The dot1p-priority command changes the priority of incoming traffic on the interface. The system places traffic marked with a priority in the correct queue and processes that traffic according to its queue. When you set the priority for a Port Channel, the physical interfaces assigned to the Port Channel are configured with the same value.
www.dell.com | support.dell.com Related Commands rate-police Police traffic output as part of the designated policy. rate shape Shape the traffic output on the selected interface. Syntax Parameters Defaults Command Modes Command History Related Commands rate shape [kbps] rate [burst-KB] kbps Enter this keyword to specify the rate shape in Kilobits per second (Kbps). On MXL Switch. make the following value a multiple of 64. The default granularity is Megabits per second (Mbps).
Table 39-1. Command Modes Default dot1p to Queue Mapping (continued) dot1p Queue ID 3 1 4 2 5 3 6 3 7 3 INTERFACE CONFIGURATION Command History Usage Information Version 8.3.16.1 Introduced on MXL 10/40GbE Switch IO Module Enter this command to honor all incoming 802.1p markings, on incoming switched traffic, on the interface. By default, this facility is not enabled (that is, the 802.1p markings on incoming traffic are not honored).
www.dell.com | support.dell.com Command History Usage Information Version 8.3.16.1 Introduced on MXL 10/40GbE Switch IO Module Guarantee a minimum bandwidth to different queues globally using the command service-class bandwidth-percentage from CONFIGURATION mode. The DCB ETS supersedes the global and policy based QoS bandwidth configurations.
Policy-Based QoS Commands Policy-based traffic classification is handled with class maps. These maps classify unicast traffic into one of four classes in the MXL Switch. FTOS enables you to match multiple class maps and specify multiple match criteria. Policy-based QoS is not supported on logical interfaces, such as port-channels, VLANS, or loopbacks.
www.dell.com | support.dell.com bandwidth-percentage Assign a percentage of weight to class/queue. Syntax bandwidth-percentage percentage To remove the bandwidth percentage, use the no bandwidth-percentage command. Parameters Defaults Command Modes Command History Usage Information Related Commands percentage Enter the percentage assignment of weight to class/queue. Range: 1 to 100% (granularity 1%) none CONFIGURATION (conf-qos-policy-out) Version 8.3.16.
Usage Information Related Commands Packets arriving at the input interface are checked against the match criteria, configured using this command, to determine if the packet belongs to that class. This command accesses the CLASS-MAP mode, where the configuration commands include match ip and match mac options. ip access-list extended Configures an extended IP ACL. ip access-list standard Configures a standard IP ACL.
www.dell.com | support.dell.com match ip access-group Configure match criteria for a class map, based on the access control list (ACL). Syntax match ip access-group access-group-name [set-ip-dscp value] To remove ACL match criteria from a class map, use the no match ip access-group access-group-name [set-ip-dscp value] command.
qos-policy-output Creates an output QOS-policy on the router. wred-profile Creates a WRED profile. match ip dscp Use a differentiated services code point (DSCP) value as a match criteria. Syntax match ip dscp dscp-list [set-ip-dscp value] To remove a DSCP value as a match criteria, use the no match ip dscp dscp-list [[multicast] set-ip-dscp value] command. Parameters dscp-list Enter the IP DSCP value(s) that is to be the match criteria.
www.dell.com | support.dell.com Parameters ip-precedence-list Enter the IP precedence value(s) as the match criteria. Separate values by commas — no spaces (1,2,3) or indicate a list of values separated by a hyphen (1-3). Range: 0 to 7 set-ip-dscp value (OPTIONAL) Enter the keyword set-ip-dscp followed by the IP DSCP value. The matched traffic will be marked with the DSCP value.
match mac dot1p Configure a match criterion for a class map, based on a dot1p value. Syntax Parameters Defaults Command Modes Command History Usage Information Related Commands match mac dot1p {dot1p-list} dot1p-list Enter a dot1p value. Range: 0 to 7 none CLASS-MAP Version 8.3.16.1 Introduced on MXL 10/40GbE Switch IO Module You must enter the class-map command in order to access this command. After the class map is identified, you can configure the match criteria.
www.dell.com | support.dell.com policy-aggregate Allow an aggregate method of configuring per-port QoS via policy maps. An aggregate QoS policy is part of the policy map (input/output) applied on an interface. Syntax policy-aggregate qos-policy-name To remove a policy aggregate configuration, use the no policy-aggregate qos-policy-name command. Parameters Defaults Command Modes Command History Usage Information qos-policy-name none CONFIGURATION (policy-map-input and policy-map-output) Version 8.3.16.
Usage Information Related Commands Input policy map is used to classify incoming traffic to different flows using class-map, QoS policy, or simply using incoming packets DSCP. This command enables policy-map-input configuration mode (conf-policy-map-in). service-queue Assigns a class map and QoS policy to different queues. policy-aggregate Allows an aggregate method of configuring per-port QoS via policy maps. service-policy input Applies an input policy map to the selected interface.
www.dell.com | support.dell.com Command Modes Command History Usage Information CONFIGURATION Version 8.3.16.1 Introduced on MXL 10/40GbE Switch IO Module Use this command to specify the name of the input QoS policy. After input policy is specified, rate-police can be defined. This command enables the qos-policy-input configuration mode— (conf-qos-policy-in).
rate-police Specify the policing functionality on incoming traffic. Syntax Parameters Defaults Command Modes Command History Related Commands rate-police [kbps] committed-rate [burst-KB] [peak [kbps] peak-rate [burst-KB]] kbps Enter this keyword to specify the rate limit in Kilobits per second (Kbps). On MXL Switch, make the following value a multiple of 64. The default granularity is Megabits per second (Mbps). Range: 0-40000000 (Kbps) committed-rate Enter the committed rate in Mbps.
www.dell.com | support.dell.com Command History Usage Information Related Commands Version 8.3.16.1 Introduced on MXL 10/40GbE Switch IO Module When rate-shape in QoS policy is applied both on queue level and aggregate mode, the queue-based shaping occurs first followed by the aggregate rate shaping. rate shape Shapes the traffic output of the selected interface. qos-policy-output Creates a QoS output policy. service-policy input Apply an input policy map to the selected interface.
Parameters Defaults Command Modes Command History Usage Information Related Commands policy-map-name Enter the name for the policy map in character format (16 characters maximum). You can identify an existing policy map or name one that does not yet exist. none INTERFACE Version 8.3.16.1 Introduced on MXL 10/40GbE Switch IO Module A single policy-map can be attached to one or more interfaces to specify the service-policy for those interfaces. A policy map attached to an interface can be modified.
www.dell.com | support.dell.com set Mark outgoing traffic with a Differentiated Service Code Point (DSCP) or dot1p value. Syntax Parameters Defaults Command Modes Command History Usage Information set {ip-dscp value | mac-dot1p value} ip-dscp value (OPTIONAL) Enter the keyword ip-dscp followed by the IP DSCP value. Range: 0 to 63 mac-dot1p value Enter the keyword mac-dot1p followed by the dot1p value.
show qos policy-map View the QoS policy map information.
www.dell.com | support.dell.com show qos policy-map-input View the input QoS policy map details. Syntax Parameters Defaults Command Modes show qos policy-map-input [policy-map-name] [class class-map-name] [qos-policy-input qos-policy-name] policy-map-name Enter the policy map name. class class-map-name Enter the keyword class followed by the class map name. qos-policy-input qos-policy-name Enter the keyword qos-policy-input followed by the QoS policy name.
Example Figure 39-5. show qos policy-map-output Command Example FTOS#show qos policy-map-output Policy-map-output PolicyMapOutput Aggregate Qos-policy-name AggPolicyOut Queue# Qos-policy-name 0 qosPolicyOutput FTOS# show qos qos-policy-input View the input QoS policy details. Syntax Parameters Defaults Command Modes show qos qos-policy-input [qos-policy-name] qos-policy-name Enter the QoS policy name. none EXEC EXEC Privilege Command History Example Version 8.3.16.1 Figure 39-6.
www.dell.com | support.dell.com Example Figure 39-7. show qos qos-policy-output Command Example FTOS#show qos qos-policy-output FTOS#show qos qos-policy-output Qos-policy-output qmap_out Bandwidth-percentage 10 Qos-policy-output qmap_wg Rate-shape 100 50 Wred yellow wy Wred green wg FTOS# show qos statistics View QoS statistics.
Table 39-2. Example 2 show qos statistics Command Description (ED and EE Series) Field Description Queue # Queue Number Matched Pkts The number of packets that matched the class-map criteria. Note: When trust is configured, matched packet counters are not incremented in this field. Figure 39-9. show qos statistics wred-profile Command Example FTOS#show qos statistics wred-profile Interface Te 0/20 Drop-statistic Dropped Pkts Green 0 Yellow 0 Out of Profile 0 FTOS# Table 39-3.
www.dell.com | support.dell.com Example Figure 39-10. show qos wred-profile Command Example FTOS#show qos wred-profile Wred-profile-name wred_drop wred_ge_y wred_ge_g wred_teng_y wred_teng_g WRED1 min-threshold 0 1024 2048 4096 8192 2000 max-threshold 0 2048 4096 8192 16384 7000 test cam-usage Check the Input Policy Map configuration for the CAM usage. Syntax test cam-usage service-policy input policy-map stack-unit {[number] | [all]} Parameters policy-map Enter the policy map name.
Table 39-4. Usage Information test cam-usage Command Description Field Description stack-unit Indicates the stack-unit number. Portpipe Indicates the portpipe number. CAM Partition The CAM space where the rules are added. Available CAM Indicates the free CAM space, in the partition, for the classification rules.
www.dell.com | support.dell.com Usage Information When trust is configured, matched bytes/packets counters are not incremented in the show qos statistics command. Dynamic mapping honors packets marked according to the standard definitions of DSCP. The default mapping table is detailed in the following table. Table 39-5.
Usage Information Use this command to assign drop precedence to green or yellow traffic. If there is no honoring enabled on the input, all the traffic defaults to green drop precedence. Related Commands wred-profile Creates a WRED profile and name that profile trust Defines the dynamic classification to trust DSCP wred-profile Create a WRED profile and name that profile. Syntax wred-profile wred-profile-name To remove an existing WRED profile, use the no wred-profile command.
| Quality of Service (QoS) www.dell.com | support.dell.
40 Routing Information Protocol (RIP) Overview Routing information protocol (RIP) is a distance vector routing protocol. The Dell Networking operating software (FTOS) supports both RIP version 1 (RIPv1) and RIP version 2 (RIPv2). The FTOS implementation of RIP is based on IETF RFCs 2453 and RFC 1058. For more information about configuring RIP, refer to the FTOS Configuration Guide.
www.dell.com | support.dell.com • • • show running-config rip timers basic version auto-summary Restore the default behavior of automatic summarization of subnet routes into network routes. This command applies only to RIP version 2. Syntax auto-summary To send sub-prefix routing information, use the no auto-summary command. Default Command Modes Enabled. ROUTER RIP Command History Version 8.3.16.
Parameters interface (OPTIONAL) Enter the interface type and ID as one of the following: • For a Port Channel interface, enter the keyword port-channel followed by a number: Range: 1-128 • For a 10-Gigabit Ethernet interface, enter the keyword TenGigabitEthernet followed by the slot/port information. For a 40-Gigabit Ethernet interface, enter the keyword fortyGigE followed by the slot/port information. For a VLAN, enter the keyword vlan followed by a number from 1 to 4094.
www.dell.com | support.dell.com default-metric Change the default metric for routes. Use this command with the redistribute command to ensure that all redistributed routes use the same metric value. Syntax default-metric number To return the default metric to the original values, use the no default-metric command. Parameters Default Command Modes Command History Usage Information Related Commands number Specify a number. Range: 1 to 16. The default is 1. 1 ROUTER RIP Version 8.3.16.
Parameters Defaults Command Modes weight Enter a number from 1 to 255 for the weight (for prioritization). The default is 120. ip-address (OPTIONAL) Enter the IP address, in dotted decimal format (A.B.C.D), of the host or network to receive the new distance metric. mask If you enter an IP address, you must also enter a mask for that IP address, in either dotted decimal format or /prefix format (/x) prefix-name (OPTIONAL) Enter a configured prefix list name.
www.dell.com | support.dell.com Syntax distribute-list prefix-list-name out [interface | bgp | connected | ospf | static] To delete the filter, use the no distribute-list prefix-list-name out command. Parameters prefix-list-name Enter the name of a configured prefix list.
Syntax ip rip receive version [1] [2] To return to the default, use the no ip rip receive version command. Parameters Defaults Command Modes Command History Usage Information Related Commands 1 (OPTIONAL) Enter the number 1 for RIP version 1. 2 (OPTIONAL) Enter the number 2 for RIP version 2. RIPv1 and RIPv2 INTERFACE Version 8.3.16.1 Introduced on MXL 10/40GbE Switch IO Module If you want the interface to receive both versions of RIP, use ip rip receive version 1 2.
www.dell.com | support.dell.com ip split-horizon Enable split-horizon for RIP data on the interface. As described in RFC 2453, the split-horizon scheme prevents any routes learned over a specific interface to be sent back out that interface. Syntax ip split-horizon To disable split-horizon, enter no ip split-horizon. Defaults Command Modes Enabled INTERFACE Command History Version 8.3.16.
Command Modes Command History Usage Information ROUTER RIP Version 8.3.16.1 Introduced on MXL 10/40GbE Switch IO Module When a neighbor router is identified, unicast data exchanges occur. Multiple neighbor routers are possible. Use the passive-interface command in conjunction with the neighbor command to ensure that only specific interfaces are receiving and sending data. Related Commands passive-interface Sets the interface to only listen to RIP broadcasts.
www.dell.com | support.dell.com offset Enter a number from zero (0) to 16 to be applied to the incoming route metric matching the access list specified. If you set an offset value to zero (0), no action is taken.
To delete a passive interface, use the no passive-interface interface command. Parameters interface Enter the following information: • For a Port Channel interface, enter the keyword port-channel followed by a number: Range: 1-128 • For a 10-Gigabit Ethernet interface, enter the keyword TenGigabitEthernet followed by the slot/port information. For a 40-Gigabit Ethernet interface, enter the keyword fortyGigE followed by the slot/port information.
www.dell.com | support.dell.com redistribute ospf Redistribute routing information from an OSPF process. Syntax redistribute ospf process-id [match external {1 | 2} | match internal | metric metric-value] [route-map map-name] To disable redistribution, use the no redistribute ospf process-id [match external {1 | 2} | match internal | metric metric-value] [route-map map-name] command.
show config Display the changes you made to the RIP configuration. Default values are not shown. Syntax Command Modes Command History Example show config ROUTER RIP Version 8.3.16.1 Figure 40-2. Introduced on MXL 10/40GbE Switch IO Module show config Command Example in ROUTER RIP Mode FTOS(conf-router_rip)#show config ! router rip network 172.31.0.0 passive-interface TenGigabitEthernet 0/1 FTOS(conf-router_rip)# show ip rip database Display the routes learned by RIP.
www.dell.com | support.dell.com Table 40-1. show ip rip database Command Description Field Description Total number of routes in RIP database Displays the number of RIP routes stored in the RIP database. 100.10.10.0/24 directly connected Lists the route(s) directly connected. 150.100.0.0 redistributed Lists the routes learned through redistribution. 209.9.16.0/24... Lists the routes and the sources advertising those routes.
Defaults Command Modes Command History Usage Information holddown Enter the number of seconds to specify a time interval during which the route is marked as unreachable but still sending RIP packets. The holddown value should be at least three times the update timer value. Range: zero (0) to 4294967295. Default: 180 seconds. flush Enter the number of seconds to specify the time interval during which the route is advertised as unreachable.
www.dell.com | support.dell.
41 Remote Monitoring (RMON) Overview Dell Networking operating software (FTOS) remote monitoring (RMON) is based on IEEE standards, providing both 32-bit and 64-bit monitoring and long-term statistics collection.
www.dell.com | support.dell.com • • • rmon alarm Set an alarm on any MIB object. Syntax rmon alarm number variable interval {delta | absolute} rising-threshold value event-number falling-threshold value event-number [owner string] To disable the alarm, use the no rmon alarm number command. Parameters Default Command Modes Command History 800 show rmon history show rmon log show rmon statistics | number Enter the alarm integer number from 1 to 65535.
rmon collection history Enable the RMON MIB history group of statistics collection on an interface. Syntax rmon collection history {controlEntry integer} [owner name] [buckets number] [interval seconds] To remove a specified RMON history group of statistics collection, use the no rmon collection history {controlEntry integer} command. Parameters Defaults Command Modes Command History controlEntry integer Enter the keyword controlEntry to specify the RMON group of statistics using a value.
www.dell.com | support.dell.com rmon event Add an event in the RMON event table. Syntax rmon event number [log] [trap community] [description string] [owner name] To disable RMON on an interface, use the no rmon event number [log] [trap community] [description string] command. Parameters Defaults Command Modes Command History number Assign an event number in integer format from 1 to 65535. The number value must be unique in the RMON Event Table.
Defaults Command Modes Command History rising-threshold value event-number Enter the keyword rising-threshold followed by the value (64 bit) the rising-threshold alarm is either triggered or reset. Then enter the event-number to trigger when the rising threshold exceeds its limit. This value is the same as the alarmRisingEventIndex or alarmTable of the RMON MIB. If there is no corresponding rising-threshold event, the value is zero.
www.dell.com | support.dell.com Parameters Defaults Command Modes Command History Example 1 index (OPTIONAL) Enter the table index number to display just that entry. brief (OPTIONAL) Enter the keyword brief to display the RMON Alarm Table in an easy-to-read format. none EXEC Version 8.3.16.1 Figure 41-2. Introduced on MXL 10/40GbE Switch IO Module show rmon alarms index Command Example FTOS#show rmon alarm 1 RMON alarm entry 1 sample Interval: 5 object: 1.3.6.1.2.1.1.
show rmon events Display the contents of RMON event table. Syntax Parameters Defaults Command Modes Command History Example 1 show rmon events [index] [brief] index (OPTIONAL) Enter the table index number to display just that entry. brief (OPTIONAL) Enter the keyword brief to display the RMON Event Table in an easy-to-read format. none EXEC Version 8.3.16.1 Figure 41-4.
www.dell.com | support.dell.com show rmon hc-alarm Display the contents of RMON High-Capacity Alarm Table. Syntax Parameters Defaults Command Modes Command History Example 1 show rmon hc-alarm [index] [brief] index (OPTIONAL) Enter the table index number to display just that entry. brief (OPTIONAL) Enter the keyword brief to display the RMON High-Capacity Alarm Table in an easy-to-read format. none EXEC Version 8.3.16.1 Figure 41-6.
Command Modes Command History Example 1 EXEC Version 8.3.16.1 Figure 41-8. Introduced on MXL 10/40GbE Switch IO Module show rmon history index Command Example FTOS#show rmon history 6001 RMON history control entry 6001 interface: ifIndex.100974631 TenGigabitEthernet 2/1 bucket requested: 1 bucket granted: 1 sampling interval: 5 sec owner: 1 status: OK FTOS# Example 2 Figure 41-9.
www.dell.com | support.dell.com Example 2 show rmon log brief Command Example FTOS#show rmon log br eventIndex description -------------------------------------------------------------------2 2 4 4 FTOS# Usage Information The log table has a maximum of 500 entries. If the log exceeds that maximum, the oldest log entry is purged to allow room for the new entry. show rmon statistics Display the contents of RMON ethernet statistics table.
Example 1 Figure 41-12. show rmon statistics index Command Example FTOS#show rmon statistics 6001 RMON statistics entry 6001 interface: ifIndex.
| Remote Monitoring (RMON) www.dell.com | support.dell.
42 Rapid Spanning Tree Protocol (RSTP) Overview The Dell Networking operating software (FTOS) implementation of the rapid spanning tree protocol (RSTP) is based on the IEEE 802.1w standard spanning-tree protocol. The RSTP algorithm configures connectivity throughout a bridged local area network (LAN) that is comprised of LANs interconnected by bridges.
www.dell.com | support.dell.com Command Modes Command History Related Commands CONFIGURATION RSTP (conf-rstp) Version 8.3.16.1 Introduced on MXL 10/40GbE Switch IO Module protocol spanning-tree rstp Enters rapid spanning tree mode debug spanning-tree rstp Enable debugging of RSTP and view information on the protocol. Syntax debug spanning-tree rstp [all | bpdu interface {in | out} | events] To disable debugging, use the no debug spanning-tree rstp command.
Parameters Defaults Command Modes Command History Related Commands description Enter a description to identify the Rapid Spanning Tree (80 characters maximum). none SPANNING TREE (The prompt is “config-rstp”.) Version 8.3.16.1 Introduced on MXL 10/40GbE Switch IO Module protocol spanning-tree rstp Enters SPANNING TREE mode on the switch. disable Disable RSTP globally on the system. Syntax disable To enable rapid spanning tree protocol, use the no disable command.
www.dell.com | support.dell.com Related Commands hello-time Changes the time interval between BPDUs. max-age Changes the wait time before RSTP refreshes protocol configuration information. hello-time Set the time interval between generation of RSTP bridge protocol data units (BPDUs). Syntax hello-time [milli-second] seconds To return to the default value, use the no hello-time command.
Command Modes Command History Related Commands CONFIGURATION RSTP (conf-rstp) Version 8.3.16.1 Introduced on MXL 10/40GbE Switch IO Module max-age Changes the wait time before RSTP transitions to the Forwarding state. hello-time Changes the time interval between BPDUs. edge-port bpdufilter default Enable BPDU Filter globally to filter transmission of BPDU on port fast enabled interfaces.
www.dell.com | support.dell.com show config View the current configuration for the mode. Only non-default values are displayed. Syntax Command Modes Command History Example show config CONFIGURATION RSTP (conf-rstp) Version 8.3.16.1 Figure 42-3. Introduced on MXL 10/40GbE Switch IO Module show config Command Example for RSTP Mode FTOS(conf-rstp)#show config ! protocol spanning-tree rstp no disable bridge-priority 16384 show spanning-tree rstp Display the RSTP configuration.
Command History Example 1 Version 8.3.16.1 Figure 42-4. Introduced on MXL 10/40GbE Switch IO Module show spanning-tree rstp brief Command Example FTOS#show spanning-tree rstp brief Executing IEEE compatible Spanning Tree Protocol Root ID Priority 8192, Address 0001.e805.e306 Root Bridge hello time 4, max age 20, forward delay 15 Bridge ID Priority 16384, Address 0001.e801.
www.dell.com | support.dell.com Example 2 Figure 42-5. show spanning-tree rstp with EDS and LBK FTOS#show spanning-tree rstp br Executing IEEE compatible Spanning Tree Protocol Root ID Priority 32768, Address 0001.e801.6aa8 Root Bridge hello time 2, max age 20, forward delay 15 Bridge ID Priority 32768, Address 0001.e801.
Note: Loop guard is not supported in the show spanning-tree rstp guard command. spanning-tree rstp Configure an RSTP interface with one of these settings: port cost, edge port with optional Bridge Port Data Unit (BPDU) guard, port priority, loop guard, or root guard. Syntax Parameters spanning-tree rstp {cost port-cost | edge-port [bpduguard [shutdown-on-violation] | bpdufilter] | priority priority | {rootguard}} cost port-cost Enter the keyword cost followed by the port cost value.
www.dell.com | support.dell.com Usage Information The BPDU guard option prevents the port from participating in an active STP topology in case a BPDU appears on a port unintentionally, or is mis-configured, or is subject to a DOS attack. This option places the port into an error disable state if a BPDU appears, and a message is logged so that the administrator can take corrective action. Note: A port configured as an edge port on an RSTP switch, immediately transitions to the Forwarding state.
Usage Information By default FTOS implements an optimized flush mechanism for RSTP. This helps in flushing MAC addresses only when necessary (and less often), allowing for faster convergence during topology changes. However, if a standards-based flush mechanism is needed, you can turn on this knob command to enable flushing MAC addresses after receiving every topology change notification.
www.dell.com | support.dell.
43 Security Commands This chapter describes various types of security commands in the Dell Networking operating software (FTOS), in the following sections: • • • • • • • AAA Accounting Commands Authorization and Privilege Commands Authentication and Password Commands RADIUS Commands TACACS+ Commands SSH Server and SCP Commands Secure DHCP Commands For configuration details, refer to the Security chapter in the FTOS Configuration Guide. Note: Starting with FTOS version 7.2.1.
www.dell.com | support.dell.com aaa accounting Enable AAA accounting and create a record for monitoring the accounting function. Syntax aaa accounting {system | exec | commands level} {name | default} {start-stop | wait-start | stop-only} {tacacs+} To disable AAA Accounting, use the no aaa accounting {system | exec | command level} {name | default} {start-stop | wait-start | stop-only} {tacacs+} command.
aaa accounting suppress Prevent the generation of accounting records of users with user name value of NULL. Syntax aaa accounting suppress null-username To permit accounting records to users with user name value of NULL, use the no aaa accounting suppress null-username command Defaults Command Modes Command History Usage Information Accounting records are recorded for all users. CONFIGURATION Version 8.3.16.
www.dell.com | support.dell.com Command Modes EXEC Command History Example Version 8.3.16.1 Figure 43-2.
Usage Information aaa authorization commands Sets the parameters that restrict (or permit) a user’s access to EXEC and CONFIGURATION level commands aaa authorization exec Sets the parameters that restrict (or permit) a user’s access to EXEC level commands.
www.dell.com | support.dell.com aaa authorization exec Set parameters that restrict (or permit) a user’s access to EXEC-level commands. Syntax aaa authorization exec {name | default} {local || tacacs+ || if-authenticated || none} To disable authorization checking for EXEC level commands, use the no aaa authorization exec command. Parameters Defaults Command Modes Command History name Define a name for the list of authorization methods. default Define the default list of authorization methods.
Command History Usage Information Version 8.3.16.1 Introduced on MXL 10/40GbE Switch IO Module To define a password for the level to which you are assigning privilege or access, use the enable password command. privilege level (LINE mode) Change the access level for users on the terminal lines. Syntax privilege level level To delete access to a terminal line, use the no privilege level level command.
www.dell.com | support.dell.com aaa authentication enable Configure AAA Authentication method lists for user access to the EXEC privilege mode (the “Enable” access). Syntax aaa authentication enable {default | method-list-name} method [... method2] To return to the default setting, use the no aaa authentication enable {default | method-list-name} method [... method2] command.
aaa authentication login Configure AAA Authentication method lists for user access to the EXEC mode (Enable log-in). Syntax aaa authentication login {method-list-name | default} method [... method4] To return to the default setting, use the no aaa authentication login {method-list-name | default} command. Parameters method-list-name Enter a text string (up to 16 characters long) as the name of a user-configured method list that can be applied to different lines.
www.dell.com | support.dell.com Connections to the SSH server works with the following login mechanisms: local, radius, and tacacs. Related Commands login authentication Applies an authentication method list to designated terminal lines. password Creates a password. radius-server host Specifies a RADIUS server host. tacacs-server host Specifies a TACACS+ server host. access-class Restrict incoming connections to a particular IP address in a defined IP access control list (ACL).
Defaults Command Modes No password is configured. level = 15 CONFIGURATION Command History Usage Information Version 8.3.16.1 Introduced on MXL 10/40GbE Switch IO Module Use this command to define a password for a level. Use the privilege level (CONFIGURATION mode) command to control access to command modes. Passwords must meet the following criteria: • • Start with a letter, not a number. Passwords can have a regular expression as the password.
www.dell.com | support.dell.com enable secret Change the password for the enable command. Syntax enable secret [level level] [encryption-type] password To delete a password, use the no enable secret [encryption-type] password [level level] command. Parameters Defaults Command Modes (OPTIONAL) Enter the keyword level followed by a number as the level of access. Range: 1 to 15 encryption-type (OPTIONAL) Enter the number 5 or 0 as the encryption type.
Parameters Defaults Command Modes Command History Usage Information Related Commands method-list-name Enter the method-list-name to specify that method list, created in the aaa authentication login command, to be applied to the designated terminal line. default Enter the keyword default to specify that the default method list, created in the aaa authentication login command, is applied to the terminal line.
www.dell.com | support.dell.com Configures a key for all RADIUS communications between the switch and the RADIUS host server. tacacs-server key Configures a key for communication between a TACACS+ server and client. username Establishes an authentication system based on user names. password-attributes Configure the password attributes (strong password).
service password-encryption Encrypt all passwords configured in FTOS. Syntax service password-encryption To store new passwords as clear text, use the no service password-encryption command. Defaults Command Modes Command History Enabled. CONFIGURATION Version 8.3.16.1 Introduced on MXL 10/40GbE Switch IO Module Caution: Encrypting passwords with this command does not provide a high level of security. When the passwords are encrypted, you cannot return them to plain text unless you re-configure them.
www.dell.com | support.dell.com show users View information on all users logged into the switch. Syntax Parameters show users [all] all Command Modes EXEC Privilege Command History Version 8.3.16.1 Example Figure 43-4. (OPTIONAL) Enter the keyword all to view all terminal lines in the switch. Introduced on MXL 10/40GbE Switch IO Module show users Command Example FTOS#show user Line 0 console 0 * 3 vty 1 FTOS# User admin admin Host(s) idle idle Location 172.31.1.
Command Modes Command History Usage Information LINE Version 8.3.16.1 Introduced on MXL 10/40GbE Switch IO Module The software measures the period of inactivity defined in this command as the period between consecutive keystrokes. For example, if your password is “password” you can enter “p” and wait 29 seconds to enter the next letter. username Establish an authentication system based on user names.
www.dell.com | support.dell.com Related Commands password Specifies a password for users on terminal lines. show running-config Views the current configuration. RADIUS Commands The RADIUS commands supported by FTOS are: • • • • • • • debug radius ip radius source-interface radius-server deadtime radius-server host radius-server key radius-server retransmit radius-server timeout debug radius View RADIUS transactions to assist with troubleshooting.
Parameters interface Enter the following keywords and slot/port or number information: For Loopback interfaces, enter the keyword loopback followed by a number from zero (0) to 16838. For the Null interface, enter the keywords null 0. For a Port Channel interface, enter the keyword port-channel followed by a number: Range: 1 to 128 • • • For a Ten Gigabit Ethernet interface, enter the keyword TenGigabitEthernet followed by the slot/port information.
www.dell.com | support.dell.com auth-port port-number (OPTIONAL) Enter the keyword auth-port followed by a number as the port number. Range: zero (0) to 65535 The default port-number is 1812. retransmit retries (OPTIONAL) Enter the keyword retransmit followed by a number as the number of attempts. This parameter overwrites the radius-server retransmit command.
radius-server key Configure a key for all RADIUS communications between the switch and the RADIUS host server. Syntax radius-server key [encryption-type] key To delete a password, use the no radius-server key command. Parameters encryption-type (OPTIONAL) Enter either zero (0) or 7 as the encryption type for the key entered. The options are: • • key Defaults Command Modes Command History Usage Information 0 is the default and means the key is not encrypted and stored as clear text.
www.dell.com | support.dell.com Related Commands radius-server host Configures a RADIUS host. radius-server timeout Configure the amount of time the RADIUS client (the switch) waits for a RADIUS host server to reply to a request. Syntax radius-server timeout seconds To return to the default value, use the no radius-server timeout command. Parameters Defaults Command Modes seconds Enter the number of seconds between an unsuccessful attempt and the FTOS times out. Range: zero (0) to 1000 seconds.
Command History Version 8.3.16.1 Introduced on MXL 10/40GbE Switch IO Module ip tacacs source-interface Specify an interface’s IP address as the source IP address for TACACS+ connections. Syntax ip tacacs source-interface interface To delete a source interface, use the no ip tacacs source-interface command.
www.dell.com | support.dell.com Defaults Command Modes Command History Usage Information timeout seconds (OPTIONAL) Enter the keyword timeout followed by the number of seconds the switch waits for a reply from the TACACS+ server. Range: 0 to 1000 Default: 10 seconds key key (OPTIONAL) Enter the keyword key followed by a string up to 42 characters long as the authentication key. This authentication key must match the key specified in the tacacs-server key for the TACACS+ daemon.
SSH Server and SCP Commands FTOS supports secure shell (SSH) protocol versions 1.5 and 2.0. SSH is a protocol for secure remote login over an insecure network. SSH sessions are encrypted and use authentication.
www.dell.com | support.dell.com Example Figure 43-5. crypto key generate rsa1 Command Example FTOS#conf FTOS(conf)#crypto key generate rsa1 Enter key size <1024-2048>. Default<1024>: 1024 Host key already exists. Do you want to replace. [y/n] FTOS(conf)# Usage Information :y The host keys are required for key-exchange by the SSH server. If the keys are not found when the server is enabled (ip ssh server enable), the keys are automatically generated.
Parameters Defaults Command Modes directory The internal flash (flash:) is the default directory. CONFIGURATION Command History Usage Information Enter a directory name. Version 8.3.16.1 Introduced on MXL 10/40GbE Switch IO Module To configure the switch as a SCP server, use the ip ssh server command. Related Commands ip ssh server Enables the SSH and SCP server on the switch. ip ssh authentication-retries Configure the maximum number of attempts that should be used to authenticate a user.
www.dell.com | support.dell.com Command History Version 8.3.16.1 Introduced on MXL 10/40GbE Switch IO Module ip ssh hostbased-authentication Enable hostbased-authentication for the SSHv2 server. Syntax ip ssh hostbased-authentication enable To disable hostbased-authentication for SSHv2 server, use the no ip ssh hostbased-authentication enable command.
Command History Usage Information Version 8.3.16.1 Introduced on MXL 10/40GbE Switch IO Module The server-generated key is used for SSHv1 key-exchange. ip ssh password-authentication Enable password authentication for the SSH server. Syntax ip ssh password-authentication enable To disable password-authentication, use the no ip ssh password-authentication enable command.
www.dell.com | support.dell.com Usage Information This command specifies the file to be used for the host-based authentication. The file creates/ overwrites the file flash://ADMIN_DIR/ssh/knownhosts and deletes the user specified file. Even though this is a global configuration command, it does not appear in the running configuration because this command needs to be run just once. The file contains the OpenSSH compatible public keys of the host for which host-based authentication is allowed.
ip ssh rsa-authentication (Config) Enable RSA authentication for the SSHv2 server. Syntax ip ssh rsa-authentication enable To disable RSA authentication, use the no ip ssh rsa-authentication enable command. Parameters Defaults Command Modes Command History Usage Information Related Commands enable Enter the keyword enable to enable RSA authentication for the SSHv2 server. RSA authentication is disabled by default. CONFIGURATION Version 8.3.16.
www.dell.com | support.dell.com Related Commands show ip ssh rsa-authentication Displays RSA authorized keys. ip ssh rsa-authentication (Config) Enables RSA authentication. ip ssh server Configure an SSH server. Syntax ip ssh server {enable | port port-number} [version {1 | 2}] To disable SSH server functions, use the no ip ssh server enable command. Parameters enable Enter the key word enable to start the SSH server.
Defaults Command Modes Enter the keyword rsa to display the host SSHv2 RSA public key. rsa1 Enter the keyword rsa1 to display the host SSHv1 RSA public key. none EXEC Command History Example rsa Version 8.3.16.1 Figure 43-9.
www.dell.com | support.dell.com show ip ssh client-pub-keys Display the client public keys used in host-based authentication. Syntax Defaults Command Modes Command History Example show ip ssh client-pub-keys none EXEC Version 8.3.16.1 Figure 43-11. Introduced on MXL 10/40GbE Switch IO Module show ip ssh client-pub-keys Command Example FTOS#show ip ssh client-pub-keys poclab4,123.12.1.
Usage Information Related Commands This command displays the contents of the file flash:/ADMIN_DIR/ssh/authorized-keys.username. ip ssh rsa-authentication (Config) Configures the RSA authorized keys. ssh Open an SSH connection specifying the hostname, username, port number and version of the SSH client. FTOS supports both inbound and outbound SSH sessions using IPv4 addressing. Inbound SSH supports accessing the system through the management interface as well as through a physical Layer 3 interface.
www.dell.com | support.dell.com Secure DHCP Commands The dynamic host configuration protocol (DHCP) as defined by RFC 2131 provides no authentication or security mechanisms. Secure DHCP is a suite of features that protects networks that use dynamic address allocation from spoofing and attacks.
ip dhcp snooping Enable DHCP Snooping globally. Syntax Command Modes Default Command History Usage Information Related Commands [no] ip dhcp snooping CONFIGURATION Disabled Version 8.3.16.1 Introduced on MXL 10/40GbE Switch IO Module When enabled, no learning takes place until snooping is enabled on a VLAN. After disabling DHCP Snooping, the binding table is deleted, and Option 82, IP Source Guard, and Dynamic ARP Inspection are disabled.
www.dell.com | support.dell.com interface type Enter the keyword interface followed by the type of interface to which the host is connected. • • Command Modes For a Ten Gigabit Ethernet interface, enter the keyword tengigabitethernet. For a 40-Gigabit Ethernet interface, enter the keyword fortyGigE. slot/port Enter the slot and port number of the interface. lease time Enter the keyword lease followed by the amount of time the IP address will be leased.
ip dhcp source-address-validation Enable IP Source Guard. Syntax Command Modes Default Command History [no] ip dhcp source-address-validation INTERFACE Disabled Version 8.3.16.1 Introduced on MXL 10/40GbE Switch IO Module ip dhcp snooping vlan Enable DHCP Snooping on one or more VLANs. Syntax Parameters Command Modes Default Command History Usage Information Related Commands [no] ip dhcp snooping vlan name name Enter the name of a VLAN on which to enable DHCP Snooping.
| Security www.dell.com | support.dell.
44 sFlow Overview The Dell Networking operating software (FTOS) sFlow monitoring system includes an sFlow agent and an sFlow collector. • • The sFlow agent combines the flow samples and interface counters into sFlow datagrams and forwards them to the sFlow collector. The sFlow collector analyses the sFlow datagrams received from the different devices and produces a network-wide view of traffic flows. Important Points to Remember • • • • • • • • • FTOS exports all sFlow packets to the sFlow collector.
www.dell.com | support.dell.com Commands The sFlow commands are: • • • • • • • • • • sflow collector sflow enable (Global) sflow enable (Interface) sflow extended-switch enable sflow polling-interval (Global) sflow polling-interval (Interface) sflow sample-rate (Global) sflow sample-rate (Interface) show sflow show sflow stack-unit sflow collector Configure a collector device to which sFlow datagrams are forwarded.
As part of the sFlow-MIB, if the simple network management protocol (SNMP) request originates from a configured collector, FTOS returns the corresponding configured agent IP in management information base (MIB) requests. FTOS checks to ensure that two entries are not configured for the same collector IP with a different agent IP. Should that happen, FTOS generates the following error: %Error: Different agent-addr attempted for an existing collector sflow enable (Global) Enable sFlow globally.
www.dell.com | support.dell.com sflow extended-switch enable Enable packing information on a switch only. Syntax sflow extended-switch enable To disable packing information, use the no sflow extended-switch [enable] command. Parameters Defaults Command Modes Command History Usage Information Related Commands enable Enter the keyword enable to enable global extended information. Disabled CONFIGURATION Version 8.3.16.1 Introduced on MXL 10/40GbE Switch IO Module FTOS version 7.8.1.
sflow polling-interval (Interface) Set the sFlow polling interval at an interface (overrides the global-level setting.) Syntax sflow polling-interval interval value To return to the default, use the no sflow polling-interval interval command. Parameters Defaults Command Modes Command History Usage Information Related Commands interval value Enter the interval value in seconds.
www.dell.com | support.dell.com Related Commands sflow sample-rate (Interface) Changes the Interface sampling rate. sflow sample-rate (Interface) Change the Interface default sampling rate. Syntax sflow sample-rate value To return to the default sampling rate, use the no sflow sample-rate command. Parameters value Enter the sampling rate value. Range:256 to 8388608 packets Enter values in powers of 2 only, for example 4096, 8192, 16384 etc.
Command History Example Version 8.3.16.1 Figure 44-1.
| sFlow www.dell.com | support.dell.
45 Service Provider Bridging Overview Service Provider Bridging is composed of virtual local area network (VLAN) Stacking, Layer 2 Protocol Tunneling, and Provider Backbone Bridging as described in the FTOS Configuration Guide Service Provider Bridging chapter. This chapter includes command line information (CLI) for the Dell Networking operating software (FTOS) Layer 2 Protocol Tunneling (L2PT). L2PT enables protocols to tunnel through an 802.1q tunnel.
www.dell.com | support.dell.com debug protocol-tunnel Enable debugging to ensure incoming packets are received and rewritten to a new MAC address. Syntax debug protocol-tunnel interface {in | out | both} [vlan vlan-id] [count value] To disable debugging, use the no debug protocol-tunnel interface {in | out | both} [vlan vlan-id] [count value] command.
Example Figure 45-1. Protocol-tunneling Command Example FTOS#conf FTOS(conf)#interface vlan 2 FTOS(conf-if-vl-2)#vlan-stack compatible FTOS(conf-if-vl-2)#member Gi1/2-3 FTOS(conf-if-vl-2)#protocol-tunnel stp FTOS(conf-if-vl-2)#protocol-tunnel enable Related Commands show protocol-tunnel Displays tunneling information for all VLANs. protocol-tunnel destination-mac Overwrite the BPDU destination MAC address with a specific value.
www.dell.com | support.dell.com protocol-tunnel rate-limit Enable traffic rate limiting per box. Syntax protocol-tunnel rate-limit rate To reset the rate limit to the default, use the no protocol-tunnel rate-limit rate command. Parameters Defaults Command Modes Command History Example rate Enter the rate in frames per second. The range is from 75 to 3000. The default is 75. 75 Frames per second CONFIGURATION Version 9.2(0.0) Figure 45-2. Introduced on the MXL 10/40GbE Switch IO Module.
Example Figure 45-4. show protocol-tunnel command example for a specific VLAN FTOS#show protocol-tunnel vlan 2 System Rate-Limit: 1000 Frames/second Interface Vlan Protocol(s) Gi1/2 2 STP, PVST FTOS Related Commands show running-config Displays the current configuration.
| Service Provider Bridging www.dell.com | support.dell.
Simple Network Management Protocol (SNMP) and Syslog Overview This chapter contains commands to configure and monitor the simple network management protocol (SNMP) v1/v2/v3 and Syslog.
www.dell.com | support.dell.com Important Points to Remember • • • Typically, 5-second timeout and 3-second retry values on an SNMP server are sufficient for both local area network (LAN) and wide area network (WAN) applications.
Command Modes EXEC EXEC Privilege Command History Example Version 8.3.16.1 Figure 46-2. Introduced on MXL 10/40GbE Switch IO Module show snmp engineID Command Example FTOS#show snmp engineID Local SNMP engineID: 0000178B02000001E80214A8 Remote Engine ID IP-addr 80001F88043132333435 172.31.1.3 80001F88043938373635 172.31.1.3 Port 5009 5008 FTOS# Related Commands snmp-server engineID Configures local and remote SNMP engines on the router.
www.dell.com | support.dell.com Command Modes EXEC EXEC Privilege Example Figure 46-4. show snmp user Command Example FTOS#show snmp user User name: v1v2creadu Engine ID: 0000178B02000001E80214A8 storage-type: nonvolatile active Authentication Protocol: None Privacy Protocol: None FTOS# Command History Version 8.3.16.
Parameters Defaults Command Modes Example Enter a text string (up to 20 characters long) to act as a password for SNMP. ro Enter the keyword ro to specify read-only permission. rw Enter the keyword rw to specify read-write permission. security-name name (OPTIONAL) Enter the keyword security-name followed by the security name as defined by the community MIB. access-list-name (OPTIONAL) Enter a standard IPv4 access list name (a string up to 16 characters long).
www.dell.com | support.dell.com Related Commands ip access-list standard Names (or selects) a standard access list to filter based on IP address. show running-config snmp Displays the current SNMP configuration and defaults. snmp-server contact Configure contact information for troubleshooting this SNMP node. Syntax snmp-server contact text To delete the SNMP server contact information, use the no snmp-server contact command.
Parameters notification-type Enter the type of notification from the list below: • • • ecfm — Notification of changes to ECFM entity — Notification of changes to entity envmon—Device notification when an environmental threshold is • • • • • • • • • eoam — Notification of changes to the EOAM state ets — Notification of changes to the ets traps fips — Notification of changes to the FIP snooping state lacp — Notification of changes to the LACP state pfc — Notification of changes to pfc traps snmp — Notifi
www.dell.com | support.dell.com Parameters Enter the keyword local followed by the engine ID number that identifies the copy of the SNMP on the local device. Format (as specified in RFC 3411): 12 octets. local engineID • • Defaults Command Modes Command History Usage Information The first 4 octets are set to the private enterprise number. The remaining 8 octets are the MAC address of the chassis.
Parameters group_name Enter a text string (up to 20 characters long) as the name of the group. Defaults: The following groups are created for mapping to read/write community/security-names. • • v1v2creadg — maps to a community/security-name with ro permissions 1v2cwriteg — maps to a community/security-name rw permissions (OPTIONAL) Enter the security model version number (1, 2c, or 3). 1 | 2c | 3 • • • 1 is the least secure version 3 is the most secure of the security modes.
www.dell.com | support.dell.com Related Commands show snmp group Displays the group name, security model, view status, and storage type of each group. show running-config snmp Displays the SNMP running configuration. snmp-server host Configure the recipient of an SNMP trap operation.
udp-port port-number (OPTIONAL) Enter the keywords udp-port followed by the port number of the remote host to use. Range: 0 to 65535.
www.dell.com | support.dell.com To send an inform, follow these steps: 1. 2. 3. 4. 5. Related Commands Configure a remote engine ID. Configure a remote user. Configure a group for this user with access rights. Enable traps. Configure a host to receive informs. snmp-server enable traps Enables the SNMP traps. snmp-server community Configures a new community SNMPv1 or SNMPv2c. snmp-server location Configure the location of the SNMP server.
snmp-server trap-source Configure a specific interface as the source for SNMP traffic. Syntax snmp-server trap-source interface To disable sending traps out a specific interface, use the no snmp trap-source command. Parameter interface Enter the following keywords and slot/port or number information: • • • Defaults Command Modes Command History Usage Information Related Commands For a Loopback interface, enter the keyword loopback followed by a number from 0 to 16383.
www.dell.com | support.dell.com udp-port port-number Enter the keyword udp-port followed by the UDP (User Datagram Protocol) port number on the remote device. Range: 0 to 65535. Default: 162 1 | 2c | 3 (OPTIONAL) Enter the security model version number (1, 2c, or 3). • • • 1 is the least secure version 3 is the most secure of the security modes. 2c allows transmission of informs and counter 64, which allows for integers twice the width of what is normally allowed.
Figure 46-10 shows how to enter a plain-text password as the string authpasswd for user authuser of group v3group. Figure 46-10. snmp-server user Command Example (Plain-text) FTOS#conf FTOS(conf)# snmp-server user authuser v3group v3 auth md5 authpasswd Figure 46-11 configures a remote user named n3user with a v3 security model and a security level of authNOPriv. Figure 46-11. config Command Example FTOS#conf FTOS(conf)# snmp-server user n3user ngroup remote 172.31.1.
www.dell.com | support.dell.com Related Commands show running-config snmp Displays the SNMP running configuration. snmp trap link-status Enable the interface to send SNMP link traps, which indicate whether the interface is up or down. Syntax snmp trap link-status To disable sending link trap messages, use the no snmp trap link-status command. Defaults Command Modes Enabled. INTERFACE Command History Usage Information Version 8.3.16.
clear logging Clear the messages in the logging buffer. Syntax Defaults clear logging none Command Modes EXEC Privilege Command History Version 8.3.16.1 Related Commands Introduced on MXL 10/40GbE Switch IO Module show logging Displays logging settings and system messages in the internal buffer. default logging buffered Return to the default setting for messages logged to the internal buffer.
www.dell.com | support.dell.com default logging monitor Return to the default settings for messages logged to the terminal. Syntax Defaults Command Modes default logging monitor level = 7 or debugging CONFIGURATION Command History Version 8.3.16.1 Related Commands logging monitor Sets the logging monitor parameters. terminal monitor Sends system messages to the terminal/monitor.
Related Commands logging on Enables the logging asynchronously to logging buffer, console, Syslog server, and terminal lines. logging trap Enables logging to the Syslog server based on severity. logging buffered Enable logging and specify which messages are logged to an internal buffer. By default, all messages are logged to the internal buffer. Syntax logging buffered [level] [size] To return to the default values, use the default logging buffered command.
www.dell.com | support.dell.com Defaults Command Modes Command History Related Commands 7 or debugging CONFIGURATION Version 8.3.16.1 Introduced on MXL 10/40GbE Switch IO Module clear logging Clears the logging buffer. default logging console Returns the logging console parameters to the default setting. show logging Displays the logging settings and system messages in the internal buffer. logging facility Configure the Syslog facility, used for error messages sent to Syslog servers.
Command History Related Commands Version 8.3.16.1 Introduced on MXL 10/40GbE Switch IO Module logging Enables logging to a Syslog server. logging on Enables logging. logging history Specify which messages are logged to the history table of the switch and the SNMP network management station (if configured). Syntax logging history level To return to the default values, use the no logging history command.
www.dell.com | support.dell.com Usage Information Related Commands When the number of messages reaches the limit you set with the logging history size command, older messages are deleted as newer ones are added to the table. show logging history Displays information logged to the history buffer. logging monitor Specify which messages are logged to Telnet applications. Syntax logging monitor [level] To disable logging to terminal connections, use the no logging monitor command.
logging source-interface Specify that the IP address of an interface is the source IP address of Syslog packets sent to the Syslog server. Syntax logging source-interface interface To disable this command and return to the default setting, use the no logging source-interface command.
www.dell.com | support.dell.com Defaults Command Modes Enter the keyword all to turn off all limit number-of-buffers Enter the keyword limit followed by the number of buffers to be queued for the terminal after which new messages are dropped Range: 20 to 300 Default: 20 Disabled. If enabled without level or number-of-buffers options specified, level = 2 and number-of-buffers = 20 are the defaults. LINE Command History Usage Information all Version 8.3.16.
show logging Display the logging settings and system messages logged to the internal buffer of the switch. Syntax Parameters Command Modes show logging [number | history [reverse][number] | reverse [number] | summary] number (OPTIONAL) Enter the number of message to be displayed on the output. Range: 1 to 65535 history (OPTIONAL) Enter the keyword history to view only information in the Syslog history table.
www.dell.com | support.dell.com Figure 46-14. show logging history Command Example FTOS#show logging history Syslog History Table: 1 maximum table entries, saving level warnings or higher SNMP notifications not Enabled May 22 08:53:09: %STKUNIT0-M:CP %SEC-3-AUTHENTICATION_ENABLE_SUCCESS: Enable password authentication success on vty0 ( 10.11.68.22 ) FTOS# show logging driverlog stack-unit Display the driver log for the specified stack member.
47 Stacking Commands Overview For more information about using the MXL 10/40GbE Switch stacking feature, refer to the Stacking MXL 10/40GbE Switches chapter in the FTOS Configuration Guide. Commands The commands described in this chapter are used for managing the stacking of MXL 10/40GbE switch systems.
www.dell.com | support.dell.com Usage Information When the command is given as redundancy disable-auto-reboot stack-unit, it prevents the MXL 10/ 40GbE switch stack management unit and standby unit from rebooting if they fail. When a particular unit number in the range 0-5 is issued as part of the CLI, it prevents that particular unit from rebooting upon failure. When members is issued as part of the CLI, all the units part of the stack are prevented from rebooting upon failure.
Example Figure 47-1.
www.dell.com | support.dell.com Example Figure 47-2.
Example Figure 47-3.
www.dell.com | support.dell.com Example Figure 47-4. show system stack-ports status Command Example FTOS# show system stack-ports status Topology: Ring Example Interface Link Speed (Gb/s) Admin Status Link Status 0/33 0/37 40 40 up up up up 0/41 40 up up 0/45 40 up up 1/33 40 up up 1/37 40 up up 1/49 40 up up 1/53 40 up up 2/33 40 up up 2/37 40 up up 2/49 40 up up 2/53 40 up up Figure 47-5.
Related Commands Table 47-1. show system stack-ports Command Description Field Description Topology Lists the topology of stack ports connected: Ring, Daisy chain, or Standalone Interface The unit/port ID of the connected stack port on this unit Link Speed Link Speed of the stack port in Gb/s Admin Status The only currently listed status is Up. Connection The stack port ID to which this unit’s stack port is connected redundancy disable-auto-reboot Resets the designated stack member.
www.dell.com | support.dell.com Command History Version 8.3.16.1 Related Commands Introduced on MXL 10/40GbE Switch IO Module reload Reboots FTOS. show system Displays the current status of all stack members or a specific member. show system stack-unit stack-group Display the stack-groups present/configured for a MXL 10/40GbE switch stack unit. stack-unit priority Configure the ability of an MXL 10/40GbE switch to become the management unit of a stack.
stack-unit renumber Change the stack member ID of any stack member or a stand-alone switch. Syntax Parameters Defaults stack-unit 0-5 renumber 0-5 0-5 none Command Modes EXEC Privilege Command History Version 8.3.16.1 Usage Information The first instance of this value is the stack member unit identifier, from 0 to 5, of the switch that you want add to the stack. The second instance of this value is the desired new unit identifier number.
| Stacking Commands www.dell.com | support.dell.
48 Storm Control Overview The Dell Networking operating software (FTOS) storm control feature allows users to limit or suppress traffic during a traffic storm.
www.dell.com | support.dell.com Parameters interface (OPTIONAL) Enter one of the following interfaces to display the interface specific storm control configuration. • • Defaults Command Modes For a 10-Gigabit Ethernet interface, enter the keyword TenGigabitEthernet followed by the slot/port information. For a 40-Gigabit Ethernet interface, enter the keyword fortyGigE followed by the slot/ port information. none EXEC EXEC Privilege Command History Example Version 8.3.16.1 Figure 48-1.
Example Figure 48-2.
www.dell.com | support.dell.com Parameters Defaults Command Modes Command History Usage Information packets_per_second Enter the packets per second of broadcast traffic allowed from the network. Range: 0 to 33554368. none CONFIGURATION (conf) Version 8.3.16.1 Introduced on MXL 10/40GbE Switch IO Module Broadcast storm control is valid on Layer 2/Layer 3 interfaces only. Layer 2 broadcast traffic is treated as unknown-unicast traffic.
Usage Information Broadcast traffic (all 0xFs) should be counted against broadcast storm control meter, not against the multicast storm control meter. It is possible, however, that some multicast control traffic may get dropped when storm control thresholds are exceeded. storm-control multicast (Interface) Configure the packets per second of multicast traffic allowed on a MXL Switch interface (ingress only).
www.dell.com | support.dell.com storm-control unknown-unicast (Interface) Configure the packets per second of unknown-unicast traffic allowed on a MXL Switch interface (ingress only). Syntax To disable unknown-unicast storm control on the interface, use the no storm-control unknown-unicast [packets_per_second] in command.
49 Spanning Tree Protocol (STP) Overview The commands described in this chapter configure and monitor the IEEE 802.1d spanning tree protocol (STP). The STP commands are: • • • • • • • • • • • • bridge-priority debug spanning-tree description disable forward-delay hello-time max-age portfast bpdufilter default protocol spanning-tree show config show spanning-tree 0 spanning-tree 0 bridge-priority Set the bridge priority of the switch in an IEEE 802.1D Spanning Tree.
www.dell.com | support.dell.com Command History Version 8.3.16.1 Introduced on MXL 10/40GbE Switch IO Module debug spanning-tree Enable debugging of the spanning tree protocol and view information on the protocol. Syntax debug spanning-tree {stp-id [all | bpdu | events | exceptions] | protocol} To disable debugging, use the no debug spanning-tree command. Parameters stp-id Enter zero (0). The switch supports one Spanning Tree group with a group ID of 0.
disable Disable the spanning tree protocol globally on the switch. Syntax disable To enable STP, use the no disable command. Defaults Command Modes Command History Related Commands Enabled (that is, the spanning tree protocol is disabled.) SPANNING TREE Version 8.3.16.1 Introduced on MXL 10/40GbE Switch IO Module portfast bpdufilter default Enters SPANNING TREE mode.
www.dell.com | support.dell.com Parameters Defaults Command Modes Command History Related Commands seconds Enter a number as the time interval between transmission of BPDUs. Range: 1 to 10. Default: 2 seconds. 2 seconds SPANNING TREE Version 8.3.16.1 Introduced on MXL 10/40GbE Switch IO Module forward-delay Changes the wait time before STP transitions to the Forwarding state. max-age Changes the wait time before STP refreshes protocol configuration information.
Command History Version 8.3.16.1 Introduced on MXL 10/40GbE Switch IO Module protocol spanning-tree Enter SPANNING TREE mode to enable and configure the spanning tree group. Syntax protocol spanning-tree stp-id To disable the Spanning Tree group, use the no protocol spanning-tree stp-id command. Parameters Defaults Command Modes stp-id Not configured. CONFIGURATION Command History Example Enter zero (0). FTOS supports one Spanning Tree group, group 0. Version 8.3.16.1 Figure 49-1.
www.dell.com | support.dell.com show spanning-tree 0 Display the spanning tree group configuration and status of interfaces in the spanning tree group. Syntax Parameters show spanning-tree 0 [active | brief | guard | interface interface | root | summary] 0 Enter 0 (zero) to display information about that specific Spanning Tree group. active (OPTIONAL) Enter the keyword active to display only active interfaces in Spanning Tree group 0.
Example Figure 49-3. show spanning-tree 0 Command Example FTOS#show spanning-tree 0 Executing IEEE compatible Spanning Tree Protocol Bridge Identifier has priority 32768, Address 0001.e800.0a56 Configured hello time 2, max age 20, forward delay 15 Bpdu filter disabled globally We are the root of the spanning tree Current root has priority 32768 address 0001.e800.
www.dell.com | support.dell.com Table 49-1. show spanning-tree 0 Command Description Field Description “Times” List the number of seconds since the last: • • • • hello time topology change notification aging “Port 1...” Displays the Interface type slot/port information and the status of the interface (Disabled or Enabled). “Port path...” Displays the path cost, priority, and identifier for the interface. “Designated root...
Table 49-2. show spanning-tree 0 guard Command Description Field Description Guard Type Type of STP guard configured (Root, Loop, or BPDU guard) Bpdu Filter BPDU Filter enabled - Yes, BPDU Filter disabled - No spanning-tree 0 Assigns a Layer 2 interface to STP instance 0 and configures a port cost or port priority, or enables loop guard, root guard, or the Portfast feature on the interface.
www.dell.com | support.dell.com STP root guard is supported on a port or port-channel enabled in any Spanning Tree mode: Spanning Tree Protocol (STP), Rapid Spanning Tree Protocol (RSTP), Multiple Spanning Tree Protocol (MSTP), and Per-VLAN Spanning Tree Plus (PVST+). 928 Root guard is supported on any STP-enabled port or port-channel except when used as a stacking port. When enabled on a port, root guard applies to all VLANs configured on the port.
50 System Time and Date Overview The commands in this chapter configure time values on the system, either using the Dell Networking operating software (FTOS), the hardware, or using the network time protocol (NTP). With NTP, the switch can act only as a client to an NTP clock host. For more information, refer to the “Network Time Protocol” section of the Management chapter in the FTOS Configuration Guide.
www.dell.com | support.dell.com calendar set Set the time and date for the switch hardware clock. Syntax Parameters calendar set time month day year time Enter the time in hours:minutes:seconds. For the hour variable, use the 24-hour format, for example, 17:15:00 is 5:15 pm. month Enter the name of one of the 12 months in English. You can enter the name of a day to change the order of the display to time day month year. day Enter the number of the day. Range: 1 to 31.
Command Modes EXEC Privilege Command History Version 8.3.16.1 Usage Information Introduced on MXL 10/40GbE Switch IO Module In the switch, the hardware clock is separate from the software and is called the calendar. This hardware clock runs continuously. After the hardware clock (the calendar) is set, the FTOS automatically updates the software clock after system bootup. You cannot delete this command (that is, there is not a “no” version of this command).
www.dell.com | support.dell.com clock summer-time date Set a date (and time zone) on which to convert the switch to daylight saving time on a one-time basis. Syntax To delete a daylight saving time zone configuration, use the no clock summer-time command.
clock summer-time recurring Set the software clock to convert to daylight saving time on a specific day each year. Syntax clock summer-time time-zone recurring [start-week start-day start-month start-time end-week end-day end-month end-time [offset]] To delete a daylight saving time zone configuration, use the no clock summer-time command. Parameters time-zone Enter the three-letter name for the time zone. This name is displayed in the show clock output. You can enter up to eight characters.
www.dell.com | support.dell.com clock timezone Configure a timezone for the switch. Syntax clock timezone timezone-name offset To delete a timezone configuration, use the no clock timezone command. Parameters timezone-name Enter the name of the timezone. You cannot use spaces. offset Enter one of the following: • • Default Command Modes Command History Usage Information a number from 1 to 23 as the number of hours in addition to UTC for the timezone.
debug ntp Display NTP transactions and protocol messages for troubleshooting. Syntax debug ntp {adjust | all | authentication | events | loopfilter | packets | select | sync} To disable debugging of NTP transactions, use the no debug ntp {adjust | all | authentication | events | loopfilter | packets | select | sync} command. Parameters adjust Enter the keyword adjust to display information on NTP clock adjustments. all Enter the keyword all to display information on all NTP transactions.
www.dell.com | support.dell.com ntp authentication-key Specify a key for authenticating the NTP server. Syntax Parameters Defaults Command Modes Command History Usage Information ntp authentication-key number md5 [0 | 7] key number Specify a number for the authentication key. Range: 1 to 4294967295. This number must be the same as the number parameter configured in the ntp trusted-key command. md5 Specify that the authentication key will be encrypted using MD5 encryption algorithm.
ntp disable Prevent an interface from receiving NTP packets. Syntax ntp disable To re-enable NTP on an interface, use the no ntp disable command. Default Command Modes Command History Disabled (that is, if an NTP host is configured, all interfaces receive NTP packets) INTERFACE Version 8.3.16.1 Introduced on MXL 10/40GbE Switch IO Module ntp multicast client Configure the switch to receive NTP information from the network via multicast.
www.dell.com | support.dell.com Command Modes Command History Usage Information CONFIGURATION Version 8.3.16.1 Introduced on MXL 10/40GbE Switch IO Module You can configure multiple time serving hosts (up to 250). From these time serving hosts, the FTOS chooses one NTP host with which to synchronize. To determine which server was selected, use the show ntp associations.
Defaults Command Modes Command History Usage Information Related Commands Not configured. CONFIGURATION Version 8.3.16.1 Introduced on MXL 10/40GbE Switch IO Module The number parameter in the ntp trusted-key command must be the same number as the number parameter in the ntp authentication-key command. If you change the ntp authentication-key command, you must also change the ntp trusted-key command. ntp authentication-key Sets an authentication key for NTP.
www.dell.com | support.dell.com Example Figure 50-3. show calendar Command Example FTOS#show calendar 12:29:34 pacific Tue May 22 2012 FTOS# Related Commands show clock Displays the time and date from the switch software clock. show clock Display the current clock settings. Syntax Parameters Command Modes show clock [detail] detail (OPTIONAL) Enter the keyword detail to view the source information of the clock. EXEC EXEC Privilege Command History Example Version 8.3.16.1 Figure 50-4.
Command History Example Version 8.3.16.1 Introduced on MXL 10/40GbE Switch IO Module Figure 50-6. show ntp associations Command Example FTOS#show ntp associations remote ref clock st when poll reach delay offset disp ========================================================================== 10.10.120.5 0.0.0.0 16 - 256 0 0.00 0.000 16000.0 *172.16.1.33 127.127.1.0 11 6 16 377 -0.08 -1499.9 104.16 172.31.1.33 0.0.0.0 16 - 256 0 0.00 0.000 16000.0 192.200.0.2 0.0.0.0 16 - 256 0 0.00 0.000 16000.
www.dell.com | support.dell.com Example show ntp status Command Example FTOS#show ntp status Clock is unsynchronized, stratum 16, no reference clock frequency is 0.000 ppm, stability is 0.000 ppm, precision is 4294967279 reference time is 00000000.00000000 (6:28:16.000 UTC Thu Feb 7 2036) clock offset is 0.000000 msec, root delay is 0.00000 sec root dispersion is 0.00000 sec, peer dispersion is 0.000 msec peer mode is unspec FTOS# Table 50-2. Related Commands 942 Figure 50-7.
51 Tunneling Commands The following commands have been added to support tunneling: • • • • • • tunnel destination tunnel dscp tunnel flow-label tunnel hop-limit tunnel mode tunnel source tunnel destination Set a destination endpoint for the tunnel. Syntax tunnel destination {ip-address | ipv6–address} To delete a tunnel destination address, use the no tunnel destination {ip-address | ipv6–address} command. Parameters Defaults Command Modes Enter the destination IPv4 address for the tunnel.
www.dell.com | support.dell.com tunnel dscp Configure the method to set the DSCP in the outer tunnel header. Syntax tunnel dscp {mapped | } To use the default tunnel mapping behavior, use the no tunnel dscp value command. Parameters Defaults Command Modes Enter the keyword mapped to map original packet DSCP (IPv4)/Traffic Class (IPv6) to the tunnel header DSCP (IPv4)/Traffic Class (IPv6) depending on the mode of tunnel. value Enter a value to set the DSCP value in the tunnel header.
Usage Information This command is only valid for tunnel interfaces with an IPv6 outer header. tunnel hop-limit Configure the method to set the IPv4 time-to-live or the IPv6 hop limit value in the outer tunnel header. Syntax tunnel hop-limit value To restore the default tunnel hop-limit, use the no tunnel hop-limit command. Parameters Defaults Command Modes Command History Usage Information value Enter the hop limit (ipv6) or time-to-live (ipv4) to include in the tunnel header.
www.dell.com | support.dell.com tunnel source Set a source address for the tunnel. Syntax tunnel source {ip-address | ipv6–address | interface-type-number} To delete the current tunnel source address, use the no tunnel source command. Parameters ip-address Enter the source IPv4 address in A.B.C.D format. ipv6–address Enter the source IPv6 address in X:X:X:X::X format.
52 u-Boot Overview All commands in this chapter are in u-Boot mode. These commands are supported on the Dell Networking MXL 10/40GbE Switch Module platform only. To access this mode, press any key when the following line appears on the console during a system boot: Hit any key to stop autoboot: Enter u-Boot immediately, as indicated by the BOOT_USER# prompt. Note: This chapter describes only a few commands available in uBoot mode.
www.dell.com | support.dell.com • syntax help Note: You cannot use the Tab key to complete commands in this mode. boot change Change the operating system boot parameters. Syntax Command Modes boot change [primary | secondary | default] uBoot Command History Version 8.3.16.1 Introduced on MXL 10/40GbE Switch IO Module boot selection Change the ROM bootstrap bootflash partition. Syntax Command Modes boot selection [a | b] uBoot Command History Version 8.3.16.
boot write net config retries Set the number of retries for network boot configuration failure. Syntax Command Modes boot write net config retries uBoot Command History Version 8.3.16.1 Introduced on MXL 10/40GbE Switch IO Module u Example Figure 52-2. boot write net config retries Command Example BOOT_USER # boot write net config retries 2 Updated number of Network Boot Config retries to 2. BOOT_USER # boot zero Clears the primary, secondary, or default boot parameters.
www.dell.com | support.dell.com help Display help menu. Syntax Command Modes help uBoot Command History Version 8.3.16.1 Introduced on MXL 10/40GbE Switch IO Module u Example Figure 52-3. help Command Example BOOT_USER # help ***** Dell Force10 Boot Interface Help Information ***** Current access level: USER LEVEL Use "syntax help" for more information on syntax.
Command History Version 8.3.16.1 Introduced on MXL 10/40GbE Switch IO Module u interface management ethernet ip address Set the management port IP address and mask. Syntax Command Modes interface management ethernet ip address uBoot Command History Version 8.3.16.1 Introduced on MXL 10/40GbE Switch IO Module u no default-gateway Clear the default gateway IP address. Syntax Command Modes no default-gateway uBoot Command History Version 8.3.16.
www.dell.com | support.dell.com show boot blc Show the boot loop counter value. Syntax Command Modes show boot blc uBoot Command History Version 8.3.16.1 Introduced on MXL 10/40GbE Switch IO Module u Example Figure 52-4. show boot blc Command Example BOOT_USER # show boot blc ? Total 1 possible command found.
Command History Version 8.3.16.1 Introduced on MXL 10/40GbE Switch IO Module u Example Figure 52-6. show bootflash Command Example BOOT_USER # show bootflash GENERAL BOOTFLASH INFO ====================== Bootflash Partition A: Dell Force10 Networks System Boot Official IOM_LP_IMG_BOOT_LOADER, BSP Release 4.0.1.0bt1 Created Tue May 1 10:56:16 2012 by build on login-sjc-01 Bootflash Partition B: Dell Force10 Networks System Boot Official IOM_LP_IMG_BOOT_LOADER, BSP Release 4.0.1.
www.dell.com | support.dell.com Example Figure 52-7. show bootvar Command Example BOOT_USER # show bootvar PRIMARY OPERATING SYSTEM BOOT PARAMETERS: ======================================== boot device : tftp file name : premnath Management Etherenet IP address : 10.16.130.134/16 Server IP address : 10.16.127.35 Default Gateway IP address : 15.0.0.
Command History Version 8.3.16.1 Introduced on MXL 10/40GbE Switch IO Module u Example Figure 52-9. show interface management ethernet Command Example BOOT_USER # show interface management ethernet Management ethernet IP address: 10.16.130.134/16 BOOT_USER # show interface management port config Show the management port boot characteristics. Syntax Command Modes show interface management port config uBoot Command History Version 8.3.16.
www.dell.com | support.dell.com 956 Example Figure 52-11. help Command Example BOOT_USER # help ***** Dell Force10 Boot Interface Help Information ***** Current access level: USER LEVEL Use "syntax help" for more information on syntax.
53 Uplink Failure Detection (UFD) Overview Uplink failure detection (UFD) provides detection of the loss of upstream connectivity and, if used with network interface controller (NIC) teaming, automatic recovery from a failed link.
www.dell.com | support.dell.com Parameters interface interface Specifies one or more downstream interfaces.
description Enter a text description of an uplink-state group. Syntax description text Parameters Defaults Command Modes text none UPLINK-STATE-GROUP Command History Version 8.3.16.1 Related Commands Example Text description of the uplink-state group. Maximum length: 80 alphanumeric characters. Introduced on MXL 10/40GbE Switch IO Module uplink-state-group Figure 53-1. Creates an uplink-state group and enable the tracking of upstream links.
www.dell.com | support.dell.com Usage Information You can assign physical port or port-channel interfaces to an uplink-state group. You can assign an interface to only one uplink-state group. You must configure each interface assigned to an uplink-state group as either an upstream or downstream interface, but not both. You can assign individual member ports of a port channel to the group. An uplink-state group can contain either the member ports of a port channel or the port channel itself, but not both.
Command History Usage Information Version 8.3.16.1 Introduced on MXL 10/40GbE Switch IO Module When one upstream interface in an uplink-state group goes down, a user-configurable number of downstream interfaces in an uplink-state group are put into a link-down state with an UFD-Disabled error message. If all upstream interfaces in an uplink-state group go down, all downstream interfaces in the same uplink-state group are put into a link-down state.
www.dell.com | support.dell.com Command History Example Version 8.3.16.1 Figure 53-2.
Example Figure 53-3.
www.dell.com | support.dell.com Command History Usage Information Version 8.3.16.1 Introduced on MXL 10/40GbE Switch IO Module After you enter the command, you enter Uplink-State-Group Configuration mode to assign upstream and downstream interfaces to the group. An uplink-state group is considered to be operationally UP if at least one upstream interface in the group is in the Link-Up state.
You can assign individual member ports of a port channel to the group. An uplink-state group can contain either the member ports of a port channel or the port channel itself, but not both. Related Commands Example downstream Assigns a port or port-channel to the uplink-state group as a downstream interface. upstream Assigns a port or port-channel to the uplink-state group as an upstream interface. uplink-state-group Creates an uplink-state group and enable the tracking of upstream links.
www.dell.com | support.dell.
54 VLAN Stacking Overview With the virtual local area network (VLAN)-stacking feature (also called stackable VLANs and QinQ), you can “stack” VLANs into one tunnel and switch them through the network transparently.
www.dell.com | support.dell.com • • Dell Networking recommends not using the same MAC address, on different customer VLANs, on the same stackable VLAN. Interfaces configured using stackable VLAN access or stackable VLAN trunk commands do not switch traffic for the default VLAN. These interfaces switch traffic only when they are added to a non-default VLAN. dei enable Make packets eligible for dropping based on their drop eligible indicator (DEI) value.
dei mark Set the DEI value on egress according to the color currently assigned to the packet. Syntax Parameters Defaults Command Mode Command History Usage Information Related Commands dei mark {green | yellow} {0 | 1} 0|1 Enter the bit value you want to map to a color. green | yellow Choose a color: • • Green: High priority packets that are the least preferred to be dropped. Yellow: Lower priority packets that are treated as best-effort. All the packets on egress are marked with DEI 0.
www.dell.com | support.dell.com Related Commands vlan-stack compatible Enables stackable VLAN on a VLAN. show interface dei-honor Display the dei honor configuration. Syntax Parameters show interface dei-honor [interface slot/port] interface slot/port Command Mode EXEC Privilege Command History Version 8.3.16.1 Example Figure 54-1. Enter the interface type followed by the slot and port number.
Related Commands dei mark Sets the DEI value on egress. vlan-stack access Specify a Layer 2 port or port channel as an access port to the Stackable VLAN network. Syntax vlan-stack access To remove access port designation, use the no vlan-stack access command. Defaults Command Modes Command History Usage Information Not configured. INTERFACE Version 8.3.16.
www.dell.com | support.dell.com Figure 54-3. show vlan Command Example with Stackable VLANs FTOS#show vlan Codes: * - Default VLAN, G - GVRP VLANs * NUM 1 2 Status Inactive Active 3 Active 4 Active 5 Active Q Ports M M M M M M M M M M M Te 13/13 Te 13/0-2 Po1(Te 13/14-15) Te 13/18 Te 13/3 Po1(Te 13/14-15) Te 13/18 Te 13/4 Po1(Te 13/14-15) Te 13/18 Te 13/5 FTOS# vlan-stack dot1p-mapping Map C-Tag dot1p values to a S-Tag dot1p value.
Command Modes Command History Usage Information Related Commands CONFIGURATION Version 8.3.16.1 Introduced on MXL 10/40GbE Switch IO Module For specific interoperability limitations regarding the S-Tag TPID, refer to the FTOS Configuration Guide. portmode hybrid Sets a port (physical ports only) to accept both tagged and untagged frames. A port configured this way is identified as a hybrid port in report displays.
www.dell.com | support.dell.com Example 1 Figure 54-4.
55 Virtual Link Trunking (VLT) Overview Virtual link trunking (VLT) allows physical links between two chassis to appear as a single virtual link to the network core. VLT eliminates the requirement for Spanning Tree protocols by allowing LAG terminations on two separate distribution or core switches, and by supporting a loop free topology.
www.dell.com | support.dell.com back-up destination Configure the IP address of the management interface on the remote VLT peer to be used as the endpoint of the VLT backup link for sending out-of-band hello messages. Note: Syntax Parameters back-up destination ip-address [interval seconds] ip-address Enter the IPv4 or IPv6 address of the management interface. interval seconds Enter the keyword interval to specify the time interval used to send hello messages. The range is from 1 to 5 seconds.
Command Modes Usage Information EXEC Privilege If this command is used on a local VLT node, all multicast routes from the local PIM TIB, the entire multicast route table, and all the entries in the data plane are deleted. The entries in Peer PIM TIB (Sync) are not deleted but are marked for re-download. Both local and synced routes are removed from the multicast route table. The peer VLT node clears synced routes from the node.
www.dell.com | support.dell.com peer-link port-channel Configure the specified port channel as the chassis interconnect trunk between VLT peers in the domain. Syntax peer-link port-channel id-number Parameters id-number Enter the port-channel number that will act as the interconnect trunk. The range is from 1 to 128. Defaults Not configured. Command Modes VLT DOMAIN Command History Version 9.2(0.0) Introduced on the MXL 10/40GbE Switch IO Module. peer-routing Enable L3 VLT peer-routing.
primary-priority Reconfigure the primary role of VLT peer switches. Syntax Parameters Default Command Modes Usage Information Command History primary-priority value value To configure the primary role on a VLT peer, enter a lower value than the priority value of the remote peer. The range is from 1 to 65535. 32768 VLT DOMAIN After you configure the VLT domain on each peer switch on both sides of the interconnect trunk, by default, the FTOS software elects a primary and secondary VLT peer device.
www.dell.com | support.dell.com Command Modes EXEC EXEC Privilege Command History Examples Version 9.2(0.0) Figure 55-1. Introduced on the MXL 10/40GbE Switch IO Module. show vlt mroute static Command Output FTOS#show ip mroute static Mroute: 23.23.23.0/24, interface: Lo 2 Protocol: static, distance: 0, route-map: none, last change: 00:00:23 Figure 55-2. show vlt mroute snooping Command Output FTOS#show ip mroute snooping IPv4 Multicast Snooping Table (*, 224.0.0.
Usage Information The following describes the show ip mroute command shown in the example. Field Description (S, G) Displays the forwarding entry in the multicast route table. uptime Displays the amount of time the entry has been in the multicast forwarding table. Incoming interface Displays the reverse path forwarding (RPF) information towards the source for (S,G) entries and the RP for (*,G) entries.
www.dell.com | support.dell.com Command Modes Command History Examples EXEC Version 9.2(0.0) Figure 55-5. Introduced on the MXL 10/40GbE Switch IO Module.
show vlt inconsistency Display deviations in VLT multicast traffic. Syntax Command Modes Command History Example show vlt inconsistency ip mroute EXEC Version 9.2(0.0) Figure 55-7. Introduced on the MXL 10/40GbE Switch IO Module. show vlt inconsistency Command Output on VLT peer switches FTOS#show vlt inconsistency ip mroute Spanned Multicast routing IIF inconsistency: Multicast Route (22.22.22.200, 225.1.1.2) (*, 225.1.1.
www.dell.com | support.dell.com show vlt role Display the VLT peer status, role of the local VLT switch, VLT system MAC address and system priority, and the MAC address and priority of the locally-attached VLT device. Syntax Defaults Command Modes Command History Example show vlt role Not configured. EXEC Version 9.2(0.0) Figure 55-9. Introduced on the MXL 10/40GbE Switch IO Module.
Example Figure 55-10.
www.dell.com | support.dell.com system-mac Explicitly configure the MAC address for the VLT domain on a VLT peer switch. Syntax Parameters Defaults Command Modes Usage Information system-mac mac-address mac-address Enter a MAC address in the format aaaa.bbbb.cccc. Automatically assigned based on the primary priority and MAC address of each VLT peer. VLT DOMAIN When you create a VLT domain on a switch, the FTOS software automatically creates a VLT-system MAC address used for internal system operations.
Parameters Command Modes Command History domain-id Enter the domain ID number. You must configure the same domain ID on the peer switch. VLT uses the domain ID to automatically create a VLT MAC address for the domain. The range is from 1 to 1000. CONFIGURATION Version 9.2(0.0) Introduced on the MXL 10/40GbE Switch IO Module. vlt-peer-lag port-channel Associate the port channel to the corresponding port channel in the VLT peer for the VLT connection to an attached device.
www.dell.com | support.dell.
56 Virtual Router Redundancy Protocol (VRRP) IPv4 VRRP Commands The virtual router redundancy protocol (VRRP) chapter describes the commands: • • • • • • • • • • • • • • • • advertise-interval authentication-type clear counters vrrp debug vrrp description disable hold-time preempt priority show config show vrrp track virtual-address vrrp delay minimum vrrp delay reload vrrp-group The VRRP chapter describes the following VRRP for IPv6 commands: • • • • clear counters vrrp ipv6 debug vrrp ipv6 show vrrp ip
www.dell.com | support.dell.com advertise-interval Set the time interval between VRRP advertisements. Syntax advertise-interval seconds To return to the default settings, use the no advertise-interval command. Parameters Defaults Command Modes Command History Usage Information seconds Enter a number of seconds. Range: 1 to 255. Default: 1 second. 1 second. INTERFACE-VRRP Version 8.3.16.1 Introduced on the MXL 10/40GbE Switch IO Module.
Syntax Parameters clear counters vrrp [vrrp-id] vrrp-id Command Modes EXEC Privilege Command History Version 8.3.16.1 (OPTIONAL) Enter the number of the VRRP group ID. Range: 1 to 255 Introduced on the MXL 10/40GbE Switch IO Module.
www.dell.com | support.dell.com debug vrrp Allows you to enable debugging of VRRP. Syntax debug vrrp interface [vrrp-id] {all | packets | state | timer} To disable debugging, use the no debug vrrp interface [vrrp-id] {all | packets | state | timer} command.
disable Disable a VRRP group. Syntax disable To re-enable a disabled VRRP group, use the no disable command. Defaults Command Modes Command History Usage Information Related Commands VRRP is enabled. VRRP Version 8.3.16.1 Introduced on the MXL 10/40GbE Switch IO Module. To enable VRRP traffic, assign an IP address to the VRRP group using the virtual-address command and enter no disable. virtual-address Specifies the IP address of the virtual router.
www.dell.com | support.dell.com preempt Permit a BACKUP router with a higher priority value to preempt or become the MASTER router. Syntax preempt To prohibit preemption, use the no preempt command. Defaults Command Modes Command History Enabled (that is, a BACKUP router can preempt the MASTER router). VRRP Version 8.3.16.1 Introduced on the MXL 10/40GbE Switch IO Module. priority Specify a VRRP priority value for the VRRP group.
show config View the non-default VRRP configuration. Syntax Parameters Command Modes Command History Example show config [verbose] verbose (OPTIONAL) Enter the keyword verbose to view all VRRP group configuration information, including defaults. VRRP Version 8.3.16.1 Figure 56-1. Introduced on the MXL 10/40GbE Switch IO Module. show config Command Example FTOS(conf-if-vrid-4)#show con vrrp-group 4 virtual-address 119.192.182.124 ! show vrrp View the VRRP groups that are active.
www.dell.com | support.dell.com Example Figure 56-2. show vrrp brief Command Example FTOS>Interface Grp Pri Pre State Master addr Virtual addr(s) Description-----------------------------------------------------------------------------TenGig 10/37 1 100 Y Master 200.200.200.200 200.200.200.201 TenGig10/37 2 100 Y Master 200.200.200.200 200.200.200.202 200.200.200.203 Description TenGig10/37 3 100 Y Master 1.1.1.1 1.1.1.2 TenGig10/37 4 100 Y Master 200.200.200.200 200.200.200.206 200.200.200.207 ...
Figure 56-3. show vrrp Command Example FTOS>show vrrp -----------------TenGigabitEthernet 12/3, VRID: 1, Net: 10.1.1.253 State: Master, Priority: 105, Master: 10.1.1.253 (local) Hold Down: 0 sec, Preempt: TRUE, AdvInt: 1 sec Adv rcvd: 0, Adv sent: 1862, Gratuitous ARP sent: 0 Virtual MAC address: 00:00:5e:00:01:01 Virtual IP address: 10.1.1.252 Authentication: (none) Tracking states for 1 interfaces: Up Tengigabitethernet 12/17 priority-cost 10 -----------------Tengigabitethernet 12/4, VRID: 2, Net: 10.1.
www.dell.com | support.dell.com Table 56-2. show vrrp Command Description Authentication:... States whether authentication is configured for the VRRP group. If it is, the authentication type and the password are listed. Tracking states... This line is displayed if the track command is configured on an interface. Below this line, the following information on the tracked interface is displayed: • • Dn or Up states whether the interface is down or up.
virtual-address Configure up to 12 IP addresses of virtual routers in the VRRP group. You must set at least one virtual address for the VRRP group to start sending VRRP packets. Syntax virtual-address ip-address1 [... ip-address12] To delete one or more virtual IP addresses, use the no virtual-address ip-address1 [... ip-address12] command. Parameters Defaults Command Modes Enter an IP address of the virtual router in dotted decimal format.
www.dell.com | support.dell.com Usage Information This command applies to a single interface.When used in conjunction with the vrrp delay reload CLI, the later timer rules the VRRP enabling. For example, if vrrp delay reload is 600 and the vrrp delay minimum is 300: • • Related Commands When the system reloads, VRRP waits 600 seconds (10 minutes) to bring up VRRP on all interfaces that are up and configured for vrrp.
vrrp-group Assign a VRRP ID to an interface. You can configure up to 12 VRRP groups per interface. Syntax Parameters Defaults Command Modes Command History Usage Information Related Commands vrrp-group vrrp-id vrrp-id Enter a number as the group ID. Range: 1 to 255. Not configured. INTERFACE Version 8.3.16.1 Introduced on the MXL 10/40GbE Switch IO Module. The VRRP group only becomes active and sends VRRP packets when a virtual IP address is configured.
www.dell.com | support.dell.com Syntax Parameters debug vrrp ipv6 interface [vrid] {all | packets | state | timer} interface Enter the following keywords and slot/port or number information: • • • Command Modes Command History Usage Information For a Port Channel interface, enter the keywords port-channel then a number. For a 10-Gigabit Ethernet interface, enter the keyword TenGigabitEthernet then the slot/port information. For a VLAN interface, enter the keyword vlan then the VLAN ID.
Command Modes Command History Usage Information • • EXEC EXEC Privilege Version 8.3.16.1 Introduced on the MXL 10/40GbE Switch IO Module. The following describes the show vrrp ipv6 command shown in the following example. Table 1 VRRP IPv6 Commands Line Beginning with Description GigabitEthernet... Displays the Interface, the VRRP group ID, and the network address. If the interface is no sending VRRP packets, 0.0.0.0 appears as the network address.
www.dell.com | support.dell.com Example Figure 56-4.
57 Internet Control Message Protocol (ICMP) Message Types This chapter lists and describes the possible internet control message protocol (ICMP) Message Types resulting from a ping. The first three columns list the possible symbol or type/code. For example, you would receive a ! or 03 as an echo reply from your ping. Table 57-1.
www.dell.com | support.dell.com Table 57-1.
58 SNMP Traps This chapter lists the traps sent by FTOS. Each trap is listed by the fields Message ID, Trap Type, and Trap Option, and the next is the message(s) associated with the trap. Table 58-1. SNMP Traps and Error Messages Message ID Trap Type Trap Option COLD_START SNMP COLDSTART %SNMP-5-SNMP_COLD_START: SNMP COLD_START trap sent.
www.dell.com | support.dell.com Table 58-1.
Table 58-1.
www.dell.com | support.dell.com 1010 Table 58-1. SNMP Traps and Error Messages (continued) Message ID Trap Type Trap Option FIPS_SESSION_DROP FIPS NONE %FCOE-5-SESSION_DROP: New session(%d,%s) request in interface %s dropped as max-session-limit in system reached FIPS_ACL_INSTALL_FAIL FIPS NONE %FCOE-5-ACL_INSTALL_FAIL: problem in installing ACL entries due to no space or hardware failure CHMGR_ENT_LAST_CHANGE_TIME ENTITY No error messages.
