Dell™ Networking™ X1000 and X4000 Series Switches User Guide FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_AstuteCover.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_AstuteCover.fm Notes, Cautions, and Warnings NOTE: A NOTE indicates important information that helps you make better use of your computer. CAUTION: A CAUTION indicates either potential damage to hardware, or loss of data and tells you how to avoid the problem. WARNING: A WARNING indicates a potential for property damage, personal injury, or death. ____________________ © Copyright © 2016 Dell Inc. All rights reserved.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_AstuteUG_PrintTOC.fm Table of Contents Table of Contents 1 Preface 2 Features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . MAC Address Capacity Support . Layer 2 Features . . . . . . . . . . . . . . . . . . . . . 18 Quality of Service Features . . . . . . . . . . . . . . . Security Features 19 . . . . . . . . . .
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_AstuteUG_PrintTOC.fm Power Supplies 4 Using the GUI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Starting the Application . . . . . . . . . . . . . . . . . Understanding the Interface . Dashboard . . . . . . . . . . . . . . . . . . . . . . . . 45 Field Definitions . . . . . . . . . . . . . . . . . . 45 . . . . . . . . . . . . . . . . . . . 46 . . . . . . . . . . . . . . . . . .
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_AstuteUG_PrintTOC.fm 6 Switch Management . . . . . . . . . . . . . . . . 71 IP Addressing Overview . . . . . . . . . . . . . . . . . 71 . . . . . . . . . . . . . . . . . . . 72 IPv4 Addressing . . . . . . . . . . . . . . . . . . . . . 73 IPv6 Addressing . . . . . . . . . . . . . . . . . . . . . 75 Switch Information File Update and Backup . . . . . . . . . . . . . . . 98 . . . . . . . . . . . . . . . . . .
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_AstuteUG_PrintTOC.fm 9 Network Administration: VLAN . . . . . . . 143 VLAN Overview . . . . . . . . . . . . . . . . . . . . 143 Standard VLAN . . . . . . . . . . . . . . . . . . . . . 147 . . . . . . . . . . . . . . . . . . . . . . 156 Voice VLAN . 10 Network Administration: Port Settings Ports . 161 . . . . . . . . . . . . . . . . . . . . . . . . . . 161 Address Tables . UDLD . . . . . . . . . . . . . . . . .
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_AstuteUG_PrintTOC.fm 13 Network Administration: Route Settings 215 System Routing Mode . . . . . . . . . . . . . . . . . . 215 IPv4 Route Settings . . . . . . . . . . . . . . . . . . . 216 IPv6 Route Settings . . . . . . . . . . . . . . . . . . . 220 14 Network Administration: Quality of Service 227 Overview . 227 . . . . . . . . . . . . . . . . . . . . . . . . Global Settings. . . . . . . . . . . . . . . . . . . . .
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_AstuteUG_PrintTOC.fm Access Control . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 283 . . . . . . . . . . . . . . . . . . . . . . 284 User Security Model . Communities Notification Filter . . . . . . . . . . . . . . . . . . . Notification Recipients . . . . . . . . . . . . . . . . 17 Network Administration: Multicast Overview . 282 286 287 . . . . 289 . . . . . . . . . . . . . . . . . . .
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_AstuteUG_PrintTOC.fm 19 Network Administration: DHCP Server Overview . 309 309 . . . . . . . . . . . . . . . . . . . . . . . . DHCP Server Properties . . . . . . . . . . . . . . . . . 310 . . . . . . . . . . . . . . . . . . . . . . 311 . . . . . . . . . . . . . . . . . . . . . . . 313 Network Pool Static Hosts Address Binding . 315 . . . . . . . . . . . . . . . . . . . . Excluded Addresses . 316 . . . . . . . . .
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_AstuteUG_PrintTOC.fm clear logging. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 333 configure . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 334 copy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 334 crypto certificate generate . . . . . . . . . . . . . . . . . . . . . . . 338 crypto certificate import. . . . . . . . . . . . . . . . . . . . . . . . .
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_AstuteUG_PrintTOC.fm ping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 364 power inline legacy support disable . . . . . . . . . . . . . . . 368 power inline usage-threshold. . . . . . . . . . . . . . . . . . . . . 368 reload . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 369 show bootvar . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_AstuteUG_PrintTOC.fm Downloading Drivers, Firmware, and Software. Related Documentation . . . 396 . . . . . . . . . . . . . . . . 396 Documentation Feedback Glossary 12Contents . . . . . . . . . . . . . . . 396 . . . . . . . . . . . . . . . . . . . . . . . . . . . .
1 Preface This guide contains the information needed for configuring and maintaining the Dell™ Networking™ X1000 and X4000 Series devices through the Dell Networking Administrator. For explanation of acronyms, refer to the Glossary.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Prefix.
2 Features This section describes the features of the Dell™ Networking™ X1000 and X4000 Series devices. For a complete list of all updated device features, see the Release Notes included in the latest version of software released at dell.com/support.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Features.fm • UDLD • Static Routing • IPv6 Router • sFlow IP Version 6 (IPv6) Support The device functions as an IPv6-compliant host, as well as an IPv4 host (also known as dual stack). This enables device operation in a pure IPv6 network as well as in a combined IPv4/IPv6 network. For more information, see IPv6 Addressing.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Features.fm The devices enhance auto-negotiation by providing port advertisement. Port advertisement enables the system administrator to configure the port speeds that are advertised. For more information, see Network Administration: Port Settings.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Features.fm Automatic Aging for MAC Addresses MAC addresses from which no traffic is received for a given period, are aged out. This frees Bridging Table resources for learning new MAC addresses. For more information, see Address Tables. VLAN-Aware MAC-Based Switching The device always performs VLAN-aware bridging. VLAN-aware bridges perform VLAN-based MAC address learning and forwarding.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Features.fm MLD Snooping Multicast Listener Discovery (MLD) Snooping performs the function of IGMP Snooping for IPv6. For more information, see MLD Snooping. Port and VLAN Mirroring Port and VLAN mirroring monitors network traffic by forwarding copies of incoming and outgoing packets from a monitored port to a monitoring port.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Features.fm Full 802.1Q VLAN Tagging Compliance IEEE 802.1Q defines an architecture for virtual, bridged LANs, the services provided in VLANs, and the protocols and algorithms involved in the provision of these services. For more information, see VLAN Overview. GVRP Support GARP VLAN Registration Protocol (GVRP) provides IEEE 802.1Qcompliant VLAN pruning and dynamic VLAN creation on 802.1Q trunk ports.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Features.fm Private VLAN The Private VLAN feature provides Layer 2 isolation between ports that share the same Broadcast domain, or in other words, it creates a point-tomultipoint Broadcast domain. The ports can be located anywhere in the Layer 2 network. For more information, see Private VLAN.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Features.fm IEEE 802.1w Rapid Spanning Tree Spanning Tree takes 30–60 seconds for each host to decide whether its ports are actively forwarding traffic. Rapid Spanning Tree (RSTP) detects uses of network topologies to enable faster convergence, without creating forwarding loops. For more information, see Rapid Spanning Tree. IEEE 802.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Features.fm For more information, see VLAN LAG Membership. Link Aggregation and LACP LACP uses peer exchanges across links to determine, on an ongoing basis, the aggregation capability of various links, and continuously provides the maximum level of aggregation capability achievable between a given pair of devices. LACP automatically determines, configures, binds, and monitors the port binding within the system.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Features.fm Device Management Features SNMP Alarms and Trap Logs The system logs events with severity codes and timestamps. Events are sent as SNMP traps to a Trap Recipient List. For more information, see Network Administration: SNMP Monitoring. SNMP Versions 1, 2, and 3 Simple Network Management Protocol (SNMP) over the UDP/IP protocol controls access to the system.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Features.fm Auto-Update of Configuration/Image File This feature facilitates installation of new devices. When you enable the various auto-update options, the device automatically downloads a new image or configuration file. It receives configuration parameters with its IP address from a DHCP server, after which the device automatically reboots, using the image or configuration file it received.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Features.fm • X1018/P • X1026/P For more information, see Network Administration: sFlow. Command Line Interface Command Line Interface (CLI) is composed of mandatory and optional elements. The CLI interpreter provides command and keyword completion to assist users and save typing. CLI is only available in Managed mode. For more information, see Using the CLI.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Features.fm 802.1ab (LLDP-MED) The Link Layer Discovery Protocol (LLDP) enables network managers to troubleshoot, and enhances network management by discovering and maintaining network topologies over multi-vendor environments. LLDP allows a device to identify itself and advertise its capabilities and device information to its neighbors.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Features.fm Locked Port Support Locked Port increases network security by limiting access on a specific port to users with specific MAC addresses. These addresses are either manually defined or learned on that port. When a frame is received on a locked port, and the frame source MAC address is not tied to that port, the protection mechanism is invoked. For more information, see Port Security.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Features.fm The switch provides the ability to demand strong passwords, meaning that they must contain both upper and lower-case letters, numbers, and special characters. For more information, see Global Password Management. Access Control Lists (ACL) Access Control Lists (ACL) enable network managers to define classification rules and actions for specific ingress ports.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Features.fm ARP Inspection Dynamic ARP inspection is a security feature that validates ARP packets in a network. It intercepts, logs, and discards ARP packets with invalid IP-to-MAC address bindings. This capability protects the network from certain man-inthe-middle attacks. For more information, see Dynamic ARP Inspection (DAI).
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Features.fm UDLD UDLD complements the Spanning Tree Protocol which is used to eliminate switching loops For more information, see UDLD. Static Routing Static routing enables the user to define a routing table manually. IPv4 routes are supported on X1008/P, X1018/P, X1026/P in L2+ mode only. For more information, see Network Administration: Route Settings.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Features.
3 Hardware Description This section describes Dell™ Networking™ X1000 and X4000 Series devices hardware.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Hardware.fm Device Models The X1000 and X4000 devices switches combine versatility with minimal management requirements. This series includes PoE-powered and PoEenabled (name contains P) devices of the following types: • X1008 — 8 10/100/1000BASE-T ports with single PoE PD port. Port 8 is the PD port; the X1008 can be powered from the external power supply or from PoE power.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Hardware.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Hardware.fm Managed Mode Button The switches have a managed mode button that enables switching between the modes. The following describes the transitions between the modes: Reset Button The switches have a reset button that is used for manual reset or reboot of the device. The reset buttons functions as follows: • To reboot switch — Press reset button for 2 seconds or less.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Hardware.fm Fans X1018P, X1026P, X1052 and X4012 platforms have two fan units, whose speeds are monitored and controlled by a FAN controller. When the temperature inside the switch is low, the fan speed is decremented, which results in less noise from the fans. LED Definitions System LEDs The system LEDs provide information about the ports and activity on the device.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Hardware.fm Port LEDs Gigabit Copper Ports The following describes the LED indications for the Gigabit ports: Table 3-2.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Hardware.fm SFP Ports Each of the SFP ports has two LEDs, marked as LNK and ACT, associated with them. The following describes these LEDs: Table 3-3.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Hardware.fm • Power Supply Ratings, Table 3-5. Product Name Model Name 24W Adapter X1008 30W Adapter X1008 150W Adapter X1008P 40W Adapter X1018, X1026 100W Adapter X4012, X1052 280W Adapter X1018P 450W Adapter X1026P 525W Adapter X1052P • Input Voltage 90 to 264V AC, universal input. Nominal input voltage: 100 to 240V AC. • Input Frequency Range 47 to 63 Hz.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Hardware.fm 40W PSU Table 3-8. Output Voltage Minimum Current Maximum Current 12V DC +/-5% 0 Amp 3.33 Amp Output Voltage Minimum Current Maximum Current 12V DC +/-5% 0 Amp 8.33 Amp Output Voltage Minimum Current Maximum Current 12V DC +/-3% 0.5 Amp 2.5 Amp 54V DC +/-3% 0.2 Amp 4.63 Amp Output Voltage Minimum Current Maximum Current 12V DC +/-3% 0.1 Amp 5.1 Amp 54V DC +/-3% 0 Amp 7.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Hardware.
4 Using the GUI This section describes how to manage the X1000 and X4000 devices using the Networking Administrator.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Using_GUI.fm Starting the Application NOTE: Before starting the application the IP address must be defined. For more information, see Initial Setup. 1 Open a web browser. 2 Enter the device’s IP address in the address bar and press . The default IP address for the device is 192.168.2.1. 3 When the Log In window displays, enter a user name and password. The default user name and password is admin/admin.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Using_GUI.fm • Modal Windows — Pop-ups, such as Edit or Add pages, located on a container that are used to configure features. • Masthead — Located at the top of the UI, this contains information buttons. • Information Buttons — Displays basic information about alerts and has quick links to tasks like logging out, saving settings to the startup configuration, rebooting switch, and viewing basic switch information.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Using_GUI.fm Information Buttons This section describes the buttons found on the masthead. Table 4-1 describes the masthead (header bar) and its features that provide access to online support and online help, as well as information about the Networking Administrator interfaces. These are displayed at the top of each page. Table 4-1. Masthead Buttons Icon Description Displays the urgent alerts. Displays the major alerts.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Using_GUI.fm Table 4-1. Masthead Buttons Icon Description Opens the following menu items: • About: Contains the version and build number and Dell copyright information. • Help: Open online help. The online help pages are context-sensitive. For example, if the IP Addressing page is open, the help topic for that page is displayed when Help is clicked.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Using_GUI.fm Common GUI Features Table 4-3 describes the common functions that can be performed on many GUI pages. Table 4-3. Common GUI Elements Button Description Add Open the Add modal window. Apply to The following options are available when Apply is clicked: • Running Configuration — Save all configuration changes to the Running Configuration file.
5 Dashboard This section the system dashboard that displays critical system information and enables simple configuration of the device.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Dashboard.fm Overview The dashboard supplies device information at a glance, as shown below:. To access the dashboard click on Dashboard on the slide-in (left) menu.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Dashboard.fm Interfaces The interface buttons, as outlined in the graphic below, provides a graphic display of the Port Status, Port Profile, VLANs and LAGs configured on the device. Port Tab The ports on the device are displayed in a color that designates its status.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Dashboard.fm Hover on a single port to display the following fields: • Port Number • Status of port (up, inactive, error or disabled) • Port type — Type of port (for example: 1GBase-T, 1GbE SFP, 10GbE SFP+) • VLAN n — VLAN(s) # assigned to port • LAG n —LAG # of which port is member • Port Profile — Whether port has been assigned to be connected to a desktop, phone, switch, router or wireless.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Dashboard.fm Switch Information The Switch Information block, as outlined in the graphic below, displays the current system information:. The following is displayed in this block: • IP Address — Displays the device management IP address. To configure whether the IP address of the device will be static or dynamic, click on the Edit icon by the IP Address field.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Dashboard.fm – IP Version — The type is always IPv4. – IP Address — Enter the IP address of the device. – Subnet Mask — Enter the subnet mask of the IP address of the device. – Gateway — Enter the prefix of the gateway. • MAC Address — Displays the device MAC address. • Asset Tag — Asset tag for the device. This is the user-defined reference for the device.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Dashboard.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Dashboard.fm The Power Over Ethernet (PoE) block displays device information regarding the power output of the device.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Dashboard.fm Recent Logged Events The Recent Logged Events block, as outlined in the graphic below, displays the three most recent logged events: Click View All to display a list of all active alerts, or click the Active Alert level to see all the events logged for the alert level. Click Learn More to view detailed information about the displayed recent logged event.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Dashboard.fm Active Alerts The Active Alerts block, as outlined in the graphic below, displays the number of the various types of alerts. Click View All to see the list of all active alerts or click the Active Alert level to see all the events logged for the alert level.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Dashboard.fm Ports and VLANs The Ports and VLANs block, as outlined in the graphic below, displays important information about how the ports and VLANs are configured: The following fields are displayed: • Ports Configured Out Of — Number of ports that have been configured out of total ports on the device. • VLANs — Number of VLANs configured on the device.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Dashboard.fm Configuration Wizards The Configure block, as outlined in the graphic below, contains buttons to open the various configuration wizards. Ports To configure one or more ports: 1 Click on the Ports button from the dashboard and select one or more ports to configure. 2 Click Next. 3 Enter a description of the port(s) in Port Description (optional).
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Dashboard.fm – Re-Activate Suspended Port(s)—Select Enabled to reactive a port if the port has been disabled through the locked port security option or Disabled to leave it down. 5 Click Next. 6 Depending on the type of port being configured, enter the following fields: Copper 10/100/1000MBase-T Ports – Ports — Port numbers. – Port Type — Port type. – Admin Speed — Select the configured rate for the port.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Dashboard.fm • 1000 Full — The port advertises for a 1000 mbps speed port and full duplex mode setting. – Energy Efficient Ethernet — Globally enable/disable Energy Efficient Ethernet. – Energy Efficient Ethernet LLDP — Globally enable/disable the EEE LLDP advertisement feature. – Short Reach Energy Saving — Globally enable/disable Short Reach Energy Saving feature.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Dashboard.fm – – Admin Duplex Mode — Select the port duplex mode (this is only possible if Auto Negotiation is not enabled). The options are: • Full — The interface supports transmission between the device and the client in both directions simultaneously. • Half — The interface supports transmission between the device and the client in only one direction at a time. Flow Control — Set flow control on the port.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Dashboard.fm 5 In the Assign Select Ports to VLAN and Port Tag Membership section, select whether ports will be Tagged or Untagged in the VLAN. This is possible for individual VLANs or All Future VLANs. 6 Enter the following fields: – PVID — Enter the number of the VLAN ID contained in ports. – Native VLAN ID — Displays the VLAN used for untagged traffic to trunk ports.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Dashboard.fm • Ingress Filtering — Displays whether there is ingress filtering on the ports in the LAG. 2 Select Configure LAG. 3 Click Next. 4 Click on the Edit icon of a LAG and enter the following fields: – LAG — Displays the number of the LAG – LAG Mode— Select one of the following modes: • Static — User-defined LAG. • LACP — LACP-defined LAG – Description — Enter descriptive text.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Dashboard.fm – Flow Control — Select to enable or disable flow control. 5 Click Next to view a summary of the port configuration. 6 Click Apply to save the changes. Configure VLAN The following processes can be performed in this wizard. Configure VLAN To add a VLAN: 1 Select Configure VLAN. 2 Click Next and Add. 3 Enter the following fields: – VLAN ID — Enter the number of the VLAN.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Dashboard.fm 6 Click Next to view a summary of the port configuration. 7 Click Apply to save the changes. Port Profile To assign a port to be connected to a desktop PC, phone, switch, router or wireless access point: 1 Click Port Profile. 2 Click Next. 3 Select one or more ports to assign to a port profile. 4 Select Assign Port to Profile in Port Edit Mode field.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Dashboard.fm The remaining fields on this page are display-only, and describe the port configuration of the profile. The following fields are described: Port Security fields: – Mode — Learning mode. The possible options are: • Classic Lock — Locks the port using the classic lock mechanism. The port is immediately locked, regardless of the number of addresses that have already been learned.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Dashboard.fm 4 If the IP Address Source is Static IP, enter the fields: – IP Version — Displays IPv4. – VLAN ID — Displays the ID of the default VLAN. – IP Address — Enter the device IP address. – Subnet Mask — Enter the device subnet mask. – Gateway — Enter the device default gateway. 5 Click Next. 6 Enter the following fields: – Username — Enter a username. – Password — Enter a password.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Dashboard.
6 Switch Management This section describes how to set system parameters, such as security features, switch software, system time, logging parameters and more. It contains the following topics: • IP Addressing Overview • Switch Information • IPv4 Addressing • IPv6 Addressing • File Update and Backup • Domain Name System (DNS) • Time Synchronization • Management Security IP Addressing Overview The device functions as an IPv6-compliant host, as well as an IPv4-host (also known as dual stack).
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_SwitchManagement.fm IPv6 Prefixes While Unicast IPv6 addresses written with their prefix lengths are permitted, in practice their prefix lengths are always 64 bits, and therefore are not required to be expressed. Any prefix that is less than 64 bits is a route or address range that summarizes a portion of the IPv6 address space.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_SwitchManagement.fm – Time — Enter the current time (mandatory). If SNTP has been defined, but the SNTP server is not available, the switch uses the date and time in this field and the Date field. Otherwise this information is taken from the SNTP server. – System Up Time — Displays the amount of time since the last device reset. – Service Tag — Displays the service reference number used when servicing the device.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_SwitchManagement.fm The IP address is assigned even if the above validation procedure concludes that the IP address in question is not unique, but a SYSLOG message is generated.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_SwitchManagement.fm 2 To assign the IP address of the interface, on which IPv4 routing is enabled, click Edit, Add and enter the fields: – Interface Type — Select the type of interface to be configured. – Interface — Select the interface to be configured. – IP Address Source— Select DHCP to have address assigned dynamically or Static.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_SwitchManagement.fm IPv6 Global Parameters To define IPv6 global parameters: 1 Click Switch Management > IPv6 Addressing > Global Parameters. 2 Click Edit and enter values for the following fields: • IPv6 Routing —Select Enable/Disable to enable/disable IPv6 routing. If this is not enabled, the device acts as a host (not a router) and can receive management packets, but cannot forward packets.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_SwitchManagement.fm 2 Click Edit, Add and enter the fields: – Interface Type — Select the type of interface to be configured. – Interface — Select the interface to be configured. – Duplicate Address Attempts — Number of consecutive neighbor solicitation messages that are sent on an interface while Duplicate Address Detection (DAD) is performed on Unicast IPv6 addresses on this interface.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_SwitchManagement.fm – Information Refresh Time (86400-4294967294)—This value indicates how often the device will refresh information received from the DHCPv6 server. If this option is not received from the server, the value entered here is used.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_SwitchManagement.fm IPv6 Default Gateway Use the IPv6 Default Gateway page to configure and view the default IPv6 router addresses. This list contains routers that are candidates to become the switch default router for non-local traffic. The switch randomly selects a router from the list. The switch supports one static IPv6 default router.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_SwitchManagement.fm – • Stale — The default gateway is no longer known to be reachable but until traffic is sent to the default gateway, no attempt is made to verify its reachability. • Delay— The default gateway is no longer known to be reachable, and traffic has recently been sent to the default gateway.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_SwitchManagement.fm To add an IPv6 neighbor: 1 Click Switch Management > IPv6 Addressing > IPv6 Neighbors. The following fields are displayed for previously-defined neighbors: – Interface—Interface connected to the neighbor. – IPv6 Address—IPv6 address of the neighbor. – MAC Address—MAC address of the neighbor. – Type—Neighbor discovery cache information entry type (Static or Dynamic).
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_SwitchManagement.fm If an entry for the specified IPv6 address already exists in the neighbor discovery cache, as learned through the IPv6 neighbor discovery process, you can convert the entry to a static entry. To do this, select Static in the Type field.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_SwitchManagement.fm File Update and Backup This section describes how to manage device firmware (image files) and configuration files.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_SwitchManagement.fm device. This can be done manually by clicking the Tools icon or by selecting save to Startup-config file within the page. • Image Files — Files with extension .ros. Software images are saved in two flash files called Image 1 and Image 2. The active image contains the active copy, while the other image contains a backup copy. The device boots and runs from the active image.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_SwitchManagement.fm 3 Enter the following IP Format fields: – Supported IP Format — Select whether IPv4 or IPv6 format is supported. – IPv6 Address Type — When the server supports IPv6, this specifies the type of static address supported. The possible options are: • Link Local — A Link Local address that is non-routable and used for communication on the same network only.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_SwitchManagement.fm – Destination File Name — Name of downloaded file on the device. The possible options are: • Running Configuration — Check to download commands into • Startup Configuration — Check to download commands into the • New File Name — Check to copy commands into a file in flash the Running Configuration file. The current file is overwritten. Startup Configuration file. The current file is overwritten.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_SwitchManagement.fm • – Software Image —Name of software image file. Backup Method — Select the backup method to be used. The possible options are: • HTTP — Backup file using HTTP • TFTP — Backup file using TFTP • USB — Backup to USB drive • Flash — Backup to Flash memory. It is suggested to use the same name for each configuration backup to the Flash, since the storage space on the Flash is limited.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_SwitchManagement.fm – Apply Version After Reboot — Select one of the possible versions of the image to be active after reset. 3 Click OK to select the image file to be used.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_SwitchManagement.fm • Flag—Indicates the status of the line. The following values can be used in this field: – In-Use—This line has already been applied. It is no longer a candidate for future use. – Invalid—The line is invalid, do not use. – Blank—There is no value for the flag field. This line is a candidate to be applied to the device.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_SwitchManagement.fm This line will not be used because the flag is invalid indicating that it is failed in the past. • Format B—Contains the following 4 fields: Example: 0080.c200.0010 switch-X.text x10xx-10059.ros This means that the line applies to the device with MAC address: 0080.c200.0010. The switch-x.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_SwitchManagement.fm Triggering the Auto Update of Configuration/Image File Process When the Auto-Update feature is enabled (in the Auto Update of Configuration/Image File page), the device automatically attempts to download a new image or configuration file (under certain circumstances) using one of the following processes: • The Auto-Update process is triggered from the USB drive if a USB key in the USB drive is found.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_SwitchManagement.fm • If the USB drive contains a setup file, but that setup file does not include a line that can be used for the current device, the DHCP client is able to trigger the Auto-Update process from TFTP (because the USB process never started at all).
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_SwitchManagement.fm 2. 3. 4. Find the line in the setup file relevant to the device—When the correct setup file is found, it is searched for a line relevant to the device, as follows: – The setup file is searched for a line with format A or B in which there is a match to the device's MAC address. If such line is found, and its format is valid (the field is empty), the line is applied.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_SwitchManagement.fm Preparations for Using Auto Configuration from a TFTP Server The Auto-Update feature enables configuring the device from a configuration file found on the TFTP server. Two methods may be used: • One-file Read, described in Auto Configuration (One File Read Method). This method is used if a configuration file is found on the TFTP server.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_SwitchManagement.fm • Device - On the device, one of the following cases may exist: – If Configuration Auto-Config is selected, the device is configured with the configuration file on the TFTP server only if the Startup configuration file is empty.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_SwitchManagement.fm Preparations for Firmware Image Download from TFTP When an image file is downloaded from TFTP, the following steps are performed: • The switch downloads the Indirect Image File and extracts from it the name of the image file. NOTE: If the size of the image name bigger than 160 octets only the first 160 octets will be used.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_SwitchManagement.fm A2 02 00 00 15 01 13 69 6E 64 69 72 65 63 74 2D 41 73 74 75 74 65 2E 7478 74. Auto Update of Configuration/Image File To set the auto update and configuration parameters: NOTE: For the automatic options in this page to work the following must be implemented: • Since Auto-Config depends on retrieving information from a DHCP server, the startup configuration needs to include a DHCP IP interface.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_SwitchManagement.fm Restore Factory Defaults To restore factory defaults: 1 Click Switch Management > File Update and Backup > Restore Factory Defaults. 2 Click Edit. 3 Select Restore Switch Configuration to replace the current configuration settings by the factory configuration default settings. Domain Name System (DNS) The Domain Name feature enables configuring the usage of site names in place of IP addresses.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_SwitchManagement.fm 6 To add a DNS server, click Add, and enter the fields: – Supported IP Format — Select whether the IPv4 or IPv6 format is supported. – IPv6 Address Type — When the server supports IPv6, this specifies the type of static address supported. The possible options are: – • Link Local — A Link Local address that is non-routable and used for communication on the same network only.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_SwitchManagement.fm – – IPv6 Address Type — When the server supports IPv6, this specifies the type of static address supported. The possible options are: • Link Local — A Link Local address that is non-routable and used for communication on the same network only. • Global — A globally unique IPv6 address; visible and reachable from different subnets.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_SwitchManagement.fm Clock Source System time can be set manually, or it may be received from an external SNTP server. To set the system time manually, there is no need to use the Clock Source page, because the default is manual (local) system time. To set the clock source to SNTP: 1 Click Switch Management > Time Synchronization > Clock Source. 2 Select the Clock Source.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_SwitchManagement.fm 3 To set Daylight Savings Time (DST), select the Daylight Savings field and select one of the possible options: – None — No DST. – USA — The device switches to DST at 2 a.m. on the second Sunday of March, and reverts to standard time at 2 a.m. on the first Sunday of November.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_SwitchManagement.fm 5 To enter recurring DST parameters, select Daylight Saving Recurrence Patter and enter the following fields: From — The time that DST begins each year, for example, DST begins locally every second Sunday in April at 5:00 am. The possible options are: – • Day — The day of the week from which DST begins every year. • Week — The week within the month from which DST begins every year.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_SwitchManagement.fm SNTP is a simple and lighter version of NTP, and can be used when the ultimate performance of the full NTP implementation, described in RFC-1305, is not required. SNTP operates with NTP, thus an SNTP client can work with both SNTP and NTP servers. The switch operates only as a client, and cannot provide time services to other systems.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_SwitchManagement.fm • Broadcast Broadcast information is used if receiving Broadcast packets has been enabled, and one of the following situations occurs: – The SNTP server IP address has not been defined. – Several time-information packets are received and the Broadcast time is best according to the algorithm defined in Algorithm for Selecting Designated SNTP Server.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_SwitchManagement.fm • If there is a tie in stratums, packets from servers defined on the device are preferred to Anycast packets, which in turn are preferred to Broadcast packets. • If multiple servers pass the above criteria, then the server that sent the first (earliest) time packet is chosen. If a better server is discovered later, it is selected to be the “designated server” at that time.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_SwitchManagement.fm To define the types of server from which the device accepts SNTP information and the polling interval: 1 Click Switch Management > Time Synchronization > SNTP Global Settings. 2 Enter the fields: – Poll Interval (Sec.) — Enter the interval (in seconds) at which the SNTP servers are polled. – Receive Broadcast Servers Updates — Enable/disable receiving time information from Broadcast servers.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_SwitchManagement.fm – Authentication Key — Enter the key used for authentication. The SNTP server must send this key for the switch to use its time and date information. – Trusted Key — Check to specify that the encryption key is used to authenticate the (Unicast) SNTP server. If this is not checked, the key is not used for authentication (and another key(s) is used).
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_SwitchManagement.fm – Offset — The estimated offset of the server's clock, relative to the local clock, in milliseconds. The host determines the value of this offset, using the algorithm described in RFC 2030. – Delay — The estimated round-trip delay of the server's clock, relative to the local clock over the network path between them, in milliseconds.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_SwitchManagement.fm – Receive Servers Updates — Displays whether the interface is enabled to receive updates from the SNTP server. 2 To add an interface that can receive SNTP server updates, click Edit, Add. 3 Enter the following fields: – Interface Type — Type of interface on which SNTP is being configured. – Interface — Interface on which SNTP is being configured.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_SwitchManagement.fm • Prevention of frequent password reuse • Lockout of users after failed login attempts • Number of different character classes required in the password. Numeric, alphabetic, and special characters are all character classes. • Length of time that past passwords are stored. Password aging starts immediately after password management is enabled.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_SwitchManagement.fm – Consecutive Passwords Before Reuse — When checked, indicates the number of times a password must be changed, before the password can be reused. Select the number of times. – Password History Hold Time — When checked, the password history will be deleted after the number of days entered. Enter the number of days.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_SwitchManagement.fm To set a local password to control access to Normal and Privilege levels activities. 1 Click Switch Management > Management Security > Enable Password for CLI. 1 Click Edit to enter the fields: – Select Enable Access Level — Select the access level to associate with the enable password. The following access levels are available: • Read-Only — Users with this access level can only view information.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_SwitchManagement.fm Local User Database Use the Local User Database page to define users, passwords and access levels. The default username is admin. There is no default password. To add a new user: 1 Click Switch Management > Management Security > Local User Database. All users are displayed even if they have been suspended.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_SwitchManagement.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_SwitchManagement.fm Rule priority sets the order in which the rules are implemented. Assigning an access profile to an interface denies access via other interfaces. If an access profile is not assigned to any interface, the device can be accessed by all interfaces. A total of 256 rules can be defined for all Management Access profiles.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_SwitchManagement.fm – Interface — Select the specific interface to which the rule applies. – Source IP Address — Select Enable/Disable to allow or not allow access, restriction based on the source IP address. When this field is disabled, the source IP address cannot be entered into a configured rule. – Supported IP Format — Select whether the IPv4 or IPv6 format is supported for the source IP addresses.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_SwitchManagement.fm – Console Only— Active management of the device can only be performed using the console connection. In this case, you are disconnected from the management GUI. This profile cannot be removed. 5 Click OK. Authentication Profiles In addition to access profiles, you can configure authentication for either the console or network management access method.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_SwitchManagement.fm 2 Click Edit, Add to add a new authentication profile, and enter the fields: – Authentication Profile Name (1-12 Characters) — Enter the name of the new authentication profile. Profile names cannot include blank spaces. – Optional Methods — Select a user authentication methods that can be assigned to this authentication profile.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_SwitchManagement.fm 3 For Secure HTTP and HTTP types of users, select one or all of the Optional Methods and click the right-arrow to move them to the Selected Methods. The options are: – Local — Authentication occurs locally. – None — No authentication method is used for access. – RADIUS — Authentication occurs at the RADIUS server. – TACACS+ — Authentication occurs at the TACACS+ server.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_SwitchManagement.fm Timeout for Replay — Enter the amount of time that can pass before the connection between the device and the TACACS+ server times out. – 3 Click OK. 4 To add a TACACS+ server, click Edit, Add and enter the following fields: – Supported IP Format — Select whether the IPv4 or IPv6 format is supported for the TACACS+ server IP address.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_SwitchManagement.fm To add a RADIUS server: 1 Click Switch Management > Management Security > RADIUS. The RADIUS default parameters and previously-defined RADIUS servers are displayed. 2 To set the global parameters, click Edit, Settings Icon ( ) and enter the following fields: – Source IPv4 Interface — Enter the address of the IPv4 interface used to connect to the RADIUS server.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_SwitchManagement.fm – Accounting Port — Enter the accounting port, which is the UDP port number of the RADIUS server used for accounting requests. Enter 0 if you do not want this server to be used for accounting purposes. – Key String — The key string used for authenticating and encrypting all RADIUS communications between the device and the RADIUS server. Select Use Default to use the default value.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_SwitchManagement.
7 Logs and Alerts The Logs feature enables the switch to keep several, independent logs. Each log is a set of entries that record system events. It contains the following topics: • Overview • Logs • Login History • Remote Log Servers Overview System logs record events and report errors or informational messages. Some aspects of system logging can be configured, as described below.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Logs&Alerts.fm Event messages have a unique format, as per the System Logs (SYSLOG) protocol recommended message format for all error reporting, for example, SYSLOG and local device reporting messages are assigned a severity code, and include a message mnemonic that identifies the source application generating the message. Messages may be filtered, based on their urgency or relevancy.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Logs&Alerts.fm – Log Authentication Events — Enable/disable generating logs when users are authenticated. – Log Copy Files Events — Enable/disable generating logs when files are copied. – Log Management Access Events — Enable/disable generating logs when the device is accessed using a management method, for example, each time the device is accessed using SSH, a device log is generated.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Logs&Alerts.fm – IPv6 Address Type — When the server supports IPv6, this specifies the type of static address supported. The possible options are: • Link Local — A Link Local address that is non-routable and used for communication on the same network only. • Global — A globally unique IPv6 address; visible and reachable from different subnets.
Statistics and Diagnostics 8 This section describes many of the statistics available on the device. It contains the following topics: • Monitoring • Statistics • Diagnostics Monitoring This section describes remote monitoring, which enables network managers to display network information from a remote location.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Statistics_and_Diagnostics.fm – Received Packets — Number of packets received on the selected interface. – Broadcast Packets Received — Number of good Broadcast packets received on the interface since the device was last refreshed. This number does not include Multicast packets. – Multicast Packets Received — Number of good Multicast packets received on the interface, since the device was last refreshed.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Statistics_and_Diagnostics.fm – Frames of 128 to 255 Bytes — Number of 128-255-byte frames received on the interface, since the device was last refreshed. – Frames of 256 to 511 Bytes — Number of 256-511-byte frames received on the interface, since the device was last refreshed. – Frames of 512 to 1023 Bytes — Number of 512-1023-byte frames received on the interface, since the device was last refreshed.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Statistics_and_Diagnostics.fm 3 To add a new entry, click Add. The New History Entry number, which uniquely identifies the sample, is displayed. 4 Enter the fields for the entry: – Interface Type — Select port or LAG. – Interface — Select the sampled Ethernet interface. – Sampling Interval (sec) — The time interval in seconds between samples. – Max No. of Samples to Keep — Number of samples to be saved.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Statistics_and_Diagnostics.fm – Multicast Packets — Number of good Multicast packets received during the sampling interval. – CRC Align Errors — Number of packets received during the sampling session, with a length of between 64-1632 octets, who had a bad Check Sequence (FCS) with an integral number of octets, or a bad FCS with a non-integral number.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Statistics_and_Diagnostics.fm – Counter Name — Select the counter name from the drop down options. – Sample Type — Select the sampling method for the selected variable and comparing the value against the thresholds. The possible options are: • Delta — Subtracts the last sampled value from the current value. The difference in the values is compared to the threshold.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Statistics_and_Diagnostics.fm 3 Click Configure Events Controls, Add. 4 Enter the following fields: – Event Entry — Displays a new event number. – Community — Enter the community password. – Event Type — Select the action that will take place when an event occurs. Select one of the following options: • None — No action will be performed. • Log — A SYSLOG will be generated. • Trap — A trap will be generated.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Statistics_and_Diagnostics.fm The following fields are displayed for every interface: – Interface Name — Displays name of interface. – Interface Status — Displays whether port is up or down. – Total Bytes (Octets) Received — Amount of octets received on the selected interface. – Unicast Packets Received — Number of Unicast packets received on the selected interface.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Statistics_and_Diagnostics.fm EAP Statistics For information about EAP, see Dot1x Authentications. To display EAP statistics: 1 Click Statistics and Diagnosis > Statistics. 2 Click EAP Statistics. The following fields are displayed: – Interface Name — Displays name of interface. – Frames Receive — The number of valid EAPOL frames received on the port.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Statistics_and_Diagnostics.fm Etherlike Statistics To display interface error statistics: 1 Click Statistics and Diagnosis > Statistics. 2 Click Etherlike Statistics. 3 Select Ports or LAG in View By. NOTE: Figures can be displayed in either Tabular or Graphical format by clicking the relevant button. The following fields are displayed: – Interface Name — Displays name of interface.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Statistics_and_Diagnostics.fm The following fields are displayed: A NOTE: Figures can be displayed in either Tabular or Graphical format by clicking the relevant button. The number of received and transmitted packets in the following counters is displayed: – Join Empty Received — The number of received GVRP Join Empty packets. – Join Empty Transmitted — The number of transmitted GVRP Join Empty packets.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Statistics_and_Diagnostics.fm 1 Click Statistics and Diagnosis > Statistics. 2 Click CPU Utilization. 3 Select Ports or LAG in View By. 4 Select the Refresh Rate to specify how frequently the statistics should be refreshed. The following fields are displayed: – Interface — The port or LAG number. – Interface Status — The status of the interface: Up, Down or Not Present when no port is attached to the LAG.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Statistics_and_Diagnostics.fm The Approximated Cable Length test can only be performed when the port is up and operating at 1 Gbps. To perform a cable test and view the results: 1 Click Statistics and Diagnosis > Diagnostics. 2 Click Integrated Cable Test. 3 Ensure that both ends of the copper cable are connected, one end to tested port and one end to device. 4 Click Test for the port to be tested.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Statistics_and_Diagnostics.fm 1 Click Statistics and Diagnosis > Diagnostics. 2 Click Optical Transceiver Diagnostics. This page displays the following fields: – Port—Port number and description on which the SFP is connected. – Transmitter Qualification — Whether fiber optic wire is supported by Dell. – Temperature (in C) — Temperature (Celsius) at which the SFP is operating.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_VLAN.fm Network Administration: VLAN 9 This chapter describes how VLANs are configured on the device. It contains the following topics: • VLAN Overview • Standard VLAN • Voice VLAN VLAN Overview A switched network can be logically segmented into multiple VLANs on an organizational basis, by functions, project teams, or applications rather than on a physical or geographical basis.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_VLAN.fm Frame Flow Figure 9-1 describes the flow of VLAN frames from the Ingress port to the Egress port: Figure 9-1. Frame Flow Through a VLAN Ingress Progress Egress Received Frame T ransmitted Frame VLAN Classification Ingress Filtering Forwarding Decision Egress Filtering Filtering Database When a frame is received, it must be assigned a VLAN.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_VLAN.fm QinQ Tagging QinQ enables packets between sites of a customer network to be forwarded over a provider network. The device is a provider bridge that supports ctagged service interface to which the customer network/site connects. QinQ tagging adds a service VLAN tag to customer-tagged packets when forwarding customer packets into the provider network.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_VLAN.fm Frames, whose VID is the PVID of the egress port, are sent untagged. Frames sent in all other VLANs active on the port are sent tagged. Ingress filtering is always enabled on Trunk-mode ports. Incoming frames will undergo ingress filtering, and if correctly tagged, (tagged with a VID of one of the VLANs to which the port currently belongs) are admitted. The default PVID is 1 (the default VLAN).
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_VLAN.fm Acceptable Frame Type The acceptable frame type can be set on a port to accept all frames (tagged and untagged), tagged only, or untagged only. This setting takes precedence over all other settings, so that if the acceptable frame type is tagged only, incoming untagged frames are silently discarded, even if the port has a valid PVID. Standard VLAN This section describes standard (non-voice) VLANs.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_VLAN.fm – None — The interface is not a VLAN member. Packets associated with the interface are not forwarded. 2 Click Edit and enter the fields: – VLAN — Select a VLAN ID to configure. – VLAN Name — Displays the VLAN name. – Status — Displays the VLAN type. Possible values are: – • Dynamic — The VLAN was dynamically created through GVRP. • Static — The VLAN is user-defined.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_VLAN.fm – – Switchport Mode — Enter the port system mode. The possible options are: • Layer 2 — Set the port to layer 2 mode. • Layer 3 — Set the port to layer 3 mode in which static routing is supported. For Layer 3 ports, the fields below are not relevant. Port VLAN Mode — Enter the port VLAN mode.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_VLAN.fm A NOTE: In Access mode, a port can only be a member in a single VLAN, so before adding an access port to the VLAN, the VLAN the port is currently a member in should be manually removed (by selecting it from the VLAN list and clicking the remove button). – – Membership — Packet tagging on VLAN. The possible options are: • Tagged — The LAG is a member of a VLAN.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_VLAN.fm Protocol-based VLANs are useful for isolating Layer 2 traffic of various Layer 3 protocols. If, for example, a switch serves IP stations and IPX stations that communicate with a single VLAN-unaware server, without using protocol-based VLANs, all the Layer 2 Broadcast traffic would reach all the stations.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_VLAN.fm Defining Protocol Groups Define a protocol group by performing the following steps: 1 Define a protocol group by assigning one or more protocols to the group and giving it a protocol-group ID (any integer), using the Protocol Group page. 2 Associate the group with a desired VLAN classification, per port, using the Protocol Port page.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_VLAN.fm – Group ID — Select a protocol group ID to which the interface is added. Protocol ports can either be attached to a VLAN identified either by ID or VLAN name. – VLAN ID—Check and enter a VLAN ID. or – VLAN Name — Check and enter a VLAN name. GVRP Parameters GARP VLAN Registration Protocol (GVRP) is used for automatic distribution of VLAN membership information among VLAN-aware bridges.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_VLAN.fm – GVRP Registration — Enable/disable VLAN registration through GVRP on the interface. GARP Timers Generic Attribute Registration Protocol (GARP) is a general-purpose protocol that registers network connectivity or membership-style information. GARP defines a set of devices interested in a given network attribute, such as VLAN information or the Multicast address.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_VLAN.fm – GARP Leave Timer (mSec) — Enter the time interval during which the device waits before leaving its GARP state. Leave time is activated by a Leave All Time message sent/received, and cancelled by the Join message received. Leave time must be greater than or equal to three times the join time. – GARP Leave All Timer (mSec) — Enter time interval which all devices wait before leaving the GARP state.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_VLAN.fm • Primary — Traffic from promiscuous ports flow through this type of VLAN. This is for the Internet or shared servers. • Isolated —Traffic from isolated ports flow through this type of VLAN. – Associate Primary VLAN — If the Private VLAN type is Isolated, check to associate the isolated VLAN with a primary VLAN, thus allowing traffic between isolated and promiscuous ports.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_VLAN.fm VoIP phones transmits IP traffic with a pre-configured Organizational Unique Identifier (OUI) prefix in the source MAC address. This enables the switch to dynamically identify ports connected to VoIP equipment and automatically add these ports to the Voice VLAN. VoIP phones use one of the following modes, both of which are supported by the device: • Use only tagged packets for all communications.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_VLAN.fm The aging time starts after the MAC address is aged out of the Dynamic MAC Address table. The default time is 300 sec. For more information on defining MAC address age out time, see "Dynamic Address Table " on page 174. Port Settings To configure voice VLAN properties on a port or LAG: 1 Click Network Administration > VLAN > Voice VLAN > Port Setting.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_VLAN.fm OUI Organizationally Unique Identifiers (OUIs) are a 24-bit numbers assigned by the Institute of Electrical and Electronics Engineers, Incorporated (IEEE) Registration Authority to equipment manufacturers. Up to 16 OUIs can be stored on the switch. Nine specific OUIs of popular VoIP phones manufacturers are stored by default, as shown in the following table:.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_VLAN.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_PortSettings.fm 10 Network Administration: Port Settings This section describes how to configure port functionality.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_PortSettings.fm The device supports 802.3x flow control for ports configured to Full Duplex mode. By default, this feature is enabled on all ports, and it can be disabled per port. The device supports back pressure for BaseT copper ports configured to Half Duplex mode. By default, this feature is disabled, and it can be enabled per port.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_PortSettings.fm Flow Control The device supports 802.3x flow control for ports configured to Full Duplex mode. By default, this feature is enabled on all ports, and it can be disabled per port. Flow control creates a lossless link with no packet loss.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_PortSettings.fm Jumbo Frames Jumbo frames are frames of up to 10 Kb in size. If jumbo frames are not enabled, the system supports a packet size of up to 2K bytes. To enable jumbo frames: 1 Click Network Administration > Ports Settings > Jumbo Frames. The current jumbo frames setting is displayed. 2 To enable/disable jumbo frames, click Edit.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_PortSettings.fm Port Protection is independent of all other features and configuration settings. Two protected ports in a common VLAN cannot communicate with each other. Protected Port Restrictions The following restrictions apply to protected ports: • When a protected port is placed in a LAG, it loses its protected port attribute and takes upon itself the LAG's protection attributes.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_PortSettings.fm To assign a profile to a port: 1 Click Network Administration > Ports Settings > Port Profile. A summary of all the interfaces and their profiles is displayed. 2 To assign a profile to an interface, click Edit. 3 Select an interface and click its Edit icon. 4 Select an Assigned Profile to assign to the interface. The Profile Description is displayed.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_PortSettings.fm • Limited Dynamic Lock — Locks the port by deleting the dynamic MAC addresses associated with the port. The port learns up to the maximum addresses allowed on the port. Both relearning and aging MAC addresses are enabled. – Max Entries — Displays the maximum number of MAC addresses that can be learned on the port.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_PortSettings.fm – Fast Link — Displays whether Fast Link mode is enabled for the port. If this is enabled, the Port State is automatically placed in the Forwarding state when the port is up. – BPDU Guard — Displays whether BPDU Guard is enabled on the port. Miscellaneous fields: – Policy Name — Displays the name of a policy if one is defined on the port.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_PortSettings.fm – Operational Status — Displays the port operational status. The possible options are: • Suspended — Port is currently active, and is not receiving or transmitting traffic. • Active — Port is currently active, and is receiving and transmitting traffic. • Disable — Port is currently disabled, and is not receiving or transmitting traffic.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_PortSettings.fm • 10 Half — The port advertises for a 10 mbps speed port and half duplex mode setting. • 10 Full — The port advertises for a 10 mbps speed port and full duplex mode setting. • 100 Half — The port advertises for a 100 mbps speed port and half duplex mode setting. • 100 Full — The port advertises for a 100 mbps speed port and full duplex mode setting.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_PortSettings.fm • Auto — Use to automatically detect the cable type. • MDIX — Use for hubs and switches. • MDI — Use for end stations. – Current MDI/MDIX — Displays the current device MDIX settings. – LAG — Displays whether the port is part of a LAG. Port and VLAN Mirrorings Switches usually only forward frames to relevant ports.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_PortSettings.fm • Destination ports cannot be a member of a LAG. • IP interfaces cannot be configured on the destination port. • GVRP cannot be enabled on the destination port. • The destination port cannot be a member of a VLAN. • Only one destination port can be defined.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_PortSettings.fm 2 Select the Destination Interface. NOTE: When you add a new VLAN mirror, the mirrored traffic is only Rx traffic (unlike port mirror in which you can also mirror Tx traffic). 3 To add an interface to be mirrored, click Edit, Add, and enter the fields: – Interface — The source port number from which port traffic is copied. – Type — Type of traffic (Tx or Rx or Tx and Rx) to be copied.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_PortSettings.fm 1 Click Network Administration > Port Settings > Address Tables > Static Address Table. A list of the currently-defined static addresses is displayed. 2 To add a static address, click Edit, Add. 3 Enter the following fields: • Interface Type— Select either port or LAG interface type. • Interface— Select a port or LAG for the entry. • MAC Address — Enter the interface MAC address.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_PortSettings.fm To configure dynamic addresses: 1 Click Network Administration > Port Settings > Dynamic Address Table. The current address table is displayed along with other parameters. 2 Click Edit, Settings Icon ( ). 3 Enter Address Aging (sec). The aging time is a value between the userconfigured value and twice that value minus 1.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_PortSettings.fm The purpose of UDLD is to detect ports on which the neighbor does not receive traffic from the local device (unidirectional link) and to shut down those ports. All connected devices must support UDLD for the protocol to successfully detect unidirectional links. If only the local device supports UDLD, it is not possible for the device to detect the status of the link.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_PortSettings.fm UDLD is enabled on a port when one of the following occurs: • The port is a fiber port and UDLD is enabled globally. • The port is a copper port and you specifically enable UDLD on it. How UDLD Works When UDLD is enabled on a port, the following actions are performed: • UDLD initiates the detection state on the port.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_PortSettings.fm If an interface is down and UDLD is enabled, the device removes all neighbor information and sends at least one ULDL message to the neighbors informing them that the port is down. When the port is brought up, the UDLD state is changed to detection.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_PortSettings.fm • Manually—Reactivate a port in the Port Configuration page. Usage Guidelines Dell does not recommend enabling UDLD on ports that are connected to devices on which UDLD is not supported or disabled. Sending UDLD packets on a port connected to a device that does not support UDLD simply causes more traffic on the port without providing benefits.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_PortSettings.fm • Default message time is 15 seconds. • Default expiration time is 45 seconds (3 times the message time). • Default port UDLD state: – Fiber interfaces are in the global UDLD state. – Non-fiber interfaces are in the disable state. Common UDLD Tasks This section describes some common tasks to setup UDLD.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_PortSettings.fm 1 Click Network Administration > Port Settings > Unidirectional Link Detection (UDLD) > UDLD Global Settings. 2 Click Edit and enter the following fields: – Message Interval—Enter the timeout interval between two sent UDLD messages. This field is relevant for both fiber and copper ports. – Fiber Port UDLD Default State—This field is only relevant for fiber ports.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_PortSettings.fm • – – Aggressive — Device shuts down a port if the link is unidirectional or undetermined. Bidirectional State — Bidirectional state for the selected port. The possible states are: • Detection — The latest UDLD state of the port is in the process of being determined.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_PortSettings.fm – Device Name — Name of the remote device. – Port ID — Name of the remote port. – State — State of the link between the local and neighboring device on the local port. The following values are possible: • Detection — The latest UDLD state of the port is in the process of being determined.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_PortSettings.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_STP.fm 11 Network Administration: Spanning Tree and LAG This chapter covers the following topics: • Spanning Tree • Link Aggregation (LAG) Spanning Tree This section: describes how to configure the Spanning Tree feature.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_STP.fm The device supports the following Spanning Tree versions: • Classic STP — Provides a single path between end stations, avoiding and eliminating loops. For more information on configuring Classic STP, see "Global Settings " on page 187. • Rapid STP (RSTP) — Provides faster convergence of the spanning tree than Classic STP.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_STP.fm MST region appears as a single bridge. For more information on configuring Multiple STP, see "MSTP Properties " on page 193. Global Settings To enable STP and select the STP mode on the device: 1 Click Network Administration > Spanning Tree and LAG > Spanning Tree > Global Settings. The currently-defined settings are displayed.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_STP.fm The default path costs assigned to an interface vary according to the selected method: Interface Long Cost Short Cost LAG 20,000 4 1000 Mbps 20,000 4 100 Mbps 200,000 19 10 Mbps 2,000,000 100 10 Gb 20,000 2 Bridge Settings – Priority (0-61440 in steps of 4096) — Enter the bridge priority value. When switches or bridges are running STP, each is assigned a priority.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_STP.fm – Topology Changes Counts — The total amount of STP state changes that have occurred. – Last Topology Change — The amount of time that has elapsed since the bridge was initialized or reset, and the last topographic change occurred. STP Port Settings To assign STP properties to individual ports: 1 Click Network Administration > Spanning Tree and LAG > Spanning Tree > STP Port Settings.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_STP.fm – • Learning — The port is currently in the learning mode. The port cannot forward traffic, however it can learn new MAC addresses. • Forwarding — The port is currently in the forwarding mode. The port can forward traffic and learn new MAC addresses. Role — Displays the port role assigned by the STP algorithm that provides STP paths.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_STP.fm Rapid Spanning Tree While classic spanning tree prevents Layer 2 forwarding loops on a general network topology, convergence can take from 30 to 60 seconds. This delay provides time to detect possible loops, and propagate status changes. Rapid Spanning Tree Protocol (RSTP) detects and uses network topologies that enable a faster convergence of the spanning tree, without creating forwarding loops.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_STP.fm – • Enable — Fast Link is enabled. • Disable — Fast Link is disabled. • Auto — Fast Link mode is enabled a few seconds after the interface becomes active. Point-to-Point Admin Status — Select if a point-to-point links is established, or permits the device to establish a point-to-point link.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_STP.fm MSTP Properties MSTP maps VLANs into MSTP instances, using various load balancing scenarios. As a result of this partitioning into instances, a port can be placed in Blocking State in one STP instance and can be placed in the Forwarding State in another STP instance. Packets are transmitted along the MSTP instances that their VLANs are associated with in a Multiple Spanning Tree Region.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_STP.fm • Add — Add these VLANS to the MST instance. • Remove — Remove these VLANS from the MST instance. MSTP Instance Settings To configure MSTP instances: 1 Click Network Administration > Spanning Tree and LAG > MSTP Instance Settings. The MSTP instances and their associated VLANs are displayed. 2 Select an Instance ID. 3 Enter the Bridge Priority (0-61440) of this bridge for the selected MSTP instance.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_STP.fm – Port State — Displays whether the port is enabled or disabled in the specific instance. – Type — Displays whether MSTP treats the port as a point-to-point port, or a port connected to a hub, and whether the port is internal to the MST region or a boundary port. A Master port provides connectivity from a MSTP region to the outlying CIST root.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_STP.fm – Forward Transitions — Displays the number of times the port changed to the forwarding state. – Remain Hops — Displays the number of hops remaining to the next destination. Link Aggregation (LAG) This section describes link aggregation of ports.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_STP.fm • Auto-negotiation mode is not configured on the port. • The port is in full-duplex mode. • All ports in the LAG have the same ingress filtering and tagged modes. • All ports in the LAG have the same back pressure and flow control modes. • All ports in the LAG have the same priority. • All ports in the LAG have the same transceiver type.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_STP.fm 4 Select whether it is a Standard (user-defined LAG) or an LACP-defined LAG. 5 Click on the ports that will comprise the LAG. LAG Configuration Use the LAG Configuration pages to configure LAGs. The device supports up to 12 LAGs per system. To set various configuration parameters for LAGs: 1 Click Network Administration > Spanning Tree and LAG > Link Aggregation (LAG) > LAG Configuration.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_STP.fm – Admin Auto Negotiation — Enable/disable auto-negotiation, which is a protocol between two link partners that enables a LAG to advertise its transmission rate, duplex mode and flow control abilities to its partner. – Current Auto Negotiation — Displays the current auto-negotiation setting.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_STP.fm With all factors equal, when the LAG is configured with more candidate ports than the maximum number of active ports allowed, the switch activates the highest priority candidate ports from the dynamic LAG. To configure LACP parameters: 1 Click Network Administration > Spanning Tree and LAG > Link Aggregation (LAG) > LACP Parameters. The LACP parameters for all ports are displayed.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_STP.fm – Status — User defined or LACP defined – Authentication Not Required — Whether authentication is enabled on the VLAN. VLAN LAG Settings VLANs can either be composed of individual ports or of LAGs. Untagged packets entering the device are tagged with the LAGs ID specified by the PVID.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_STP.fm • Private VLAN Host — The port is an isolated port – Current Reserved VLAN — Displays the VLAN currently designated as the reserved VLAN. – Reserve VLAN for Internal Use (1-4094) — Enter the VLAN that will be used when assigning IP Address on a port, or select None. – PVID — Assigns a VLAN ID to untagged packets. The possible VLAN IDs are 1-4095.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_STP.fm – Native VLAN ID — Enter VLAN used for untagged traffic to trunk ports, or select None. – Multicast VLAN ID — Enter VLAN used for Multicast TV VLAN traffic on access ports, or select None. – Customer VLAN ID — Enter VLAN used for customer ports, or select None.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_STP.fm – • RSTP Discarding State — The LAG does not learn MAC addresses and does not forward frames. This state is union of Blocking and Listening state introduced in STP (802.1.D). • Listening — The LAG is in the listening mode, and cannot forward traffic or learn MAC addresses. • Learning — The LAG is in the learning mode, and cannot forward traffic, but it can learn new MAC addresses.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_STP.fm – Designated Bridge ID — Displays the priority and the MAC address of the designated bridge. – Designated Port ID — Displays the ID of the selected interface. – Designated Cost — Displays the cost of the port participating in the STP topology. Ports with a lower cost are less likely to be blocked if STP detects loops.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_STP.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_LLDP.fm 12 Network Administration: Link Layer Discovery Protocol (LLDP) The section describes the Link Layer Discovery Protocol (LLDP).
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_LLDP.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_LLDP.fm To use the default values for any field, select Use Default. LLDP Port Settings LLDP configuration of a port includes activating LLDP notification on it, and selecting the optional TLVs that will be sent in the LLDP PDU, in addition to the mandatory ones. By setting these properties, it is possible to provide additional types of information to network devices that support the LLDP.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_LLDP.fm – System Capabilities — Primary functions of the switch, and whether or not these functions are enabled in the switch. The capabilities are indicated by two octets. Bits 0 through 7 indicate Other, Repeater, Bridge, WLAN AP, Router, Telephone, DOCSIS cable device, and station respectively. Bits 8 through 15 are reserved. – 802.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_LLDP.fm 2 Click Edit, Add, and enter the fields: – Network Policy Number — Select an available network policy number. – Application — Select the application (type of traffic) for which the network policy is defined. – VLAN ID — Enter the VLAN ID to which the traffic should be sent. – VLAN Type —Select whether the traffic is Tagged or Untagged.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_LLDP.fm Move the TLVs to be published to the Tx Optional TLVs list. – Available Network Policy — Contains a list of network policies that can be assigned to a port. Move the network policies to be assigned to the port to the Network Policy list. – Location Coordinate — Enter the device’s location map coordinates.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_LLDP.fm – – – Application — The following fields are displayed for each possible application type: • Application Type — The application type. • Flags — The VLAN tagging status for the application type: Tagged or Untagged. • VLAN ID — The VLAN number for the application type. • User Priority — The user priority for the application type. • DSCP — The DSCP value assigned to the network policy.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_LLDP.fm – Port ID — Neighboring port ID – Capabilities — Neighboring device capabilities 2 Click Clear Neighbors Table to delete all the entries or select Remove to delete a specific port entry. 3 Click the Details button of a port.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_RouteSettings.fm 13 Network Administration: Route Settings This section describes configuring route settings on the device.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_RouteSettings.fm • ARP Table • UDP Relay IPv4 Routes Table NOTE: This feature is only applicable for Layer 2 + Static Routing mode for all devices. IPv4 static routes can be configured for IP addresses that are not on directly connected networks. These are defined in the System Routing Mode page. Static route configuration is allowed only on the in-band interfaces.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_RouteSettings.fm • Static — Manually-added route. • DHCP — DHCP-supplied route. – Next Hop — IP address to which the packet is forwarded on the route to the destination address. This is typically the address of a neighboring switch. – Metric — Cost of the destination.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_RouteSettings.fm ARP Table The Address Resolution Protocol (ARP) converts IP addresses into physical MAC addresses. The number of ARP table entries supported is based on the SKU and the system mode, as follows: • X1008/P, x1018/P, x1026/P in L2 support: Entries that fit in 1K are supported. • X1008/P, x1018/P, x1026/P in L2+: 64 entries are supported • X1052 and X4012: 64 entries are supported.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_RouteSettings.fm 4 To change the status of a mapping from static to dynamic or vice versa, click Edit from the main page. 5 Select an interface and enter the field: – Status — Select the entry’s status. The possible options are: • Static — The entry was statically entered. • Dynamic — The entry was dynamically learned. UDP Relay NOTE: This feature is also called IP Helper.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_RouteSettings.fm If Default Services are not selected, check the text box and enter a UDP port. – Destination IP Address — Enter the IP address that receives the UDP packet relays. If this field is 0.0.0.0, UDP packets are discarded. If this field is 255.255.255.255, UDP packets are flooded to all IP interfaces.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_RouteSettings.fm – Prefix Length — The length of the IPv6 prefix. This field is applicable only when the destination address is defined as a global IPv6 address. – Next Hop — The type of address to which the packet is forwarded on the route to the Destination address (typically the address of a neighboring router). This can be either a Link Local or Global IPv6 address.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_RouteSettings.fm When enabling ISATAP on a tunnel interface, an explicit IPv4 address is configured as the tunnel source, or an automatic mode exists, where the lowest IPv4 address is assigned to an IP interface. This source IPv4 address is used for setting the tunnel interface identifier according to ISATAP addressing conventions.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_RouteSettings.fm • Auto — Use the dynamic address. • Manual — Use the manual address assigned. – IPv4 Address — Enter the local (source) IPv4 address of a tunnel interface. – Tunnel Router's Domain Name — Enter a specific automatic tunnel router domain name. – ISATAP Router Solicitation Interval — Enter the interval between router solicitations messages when there is no active router.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_RouteSettings.fm – Advertisement Interval Option—Select to indicate that an advertisement option will be used by the system. This option indicates to a visiting mobile node the interval at which that node may expect to receive router advertisements. The node may use this information in its movement detection algorithm. – Hop Limit —This is the value that the router advertises.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_RouteSettings.fm – Router Advertisement Lifetime (Sec)—Enter the remaining length of time, in seconds, that this router will continue to be useful as a default router. A value of zero indicates that it is no longer useful as a default router. – Reachable Time (mS)—Enter the amount of time that a remote IPv6 node is considered reachable or select the Use Default option to use the system default.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_RouteSettings.fm processed as expected. The preferred-lifetime must not be larger than the valid-lifetime. Select Infinite to set the field to 4,294,967,295, which represents infinity. • Auto Configuration—Enable automatic configuration of IPv6 addresses using stateless auto configuration on an interface and enable IPv6 processing on the interface.
14 Network Administration: Quality of Service This section provides information for configuring Quality of Service (QoS). It contains the following topics: • Overview • Global Settings • QoS Mapping • QoS Statistics Overview The QoS feature is used to optimize network performance.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_QoS.fm Global Settings This section contains the following topics: • QoS Properties • Queue Scheduling • CoS to Queue • DSCP to Queue • Bandwidth Management • TCP Congestion Avoidance QoS Properties To set the default CoS value on incoming, untagged packets: 1 Click Network Administration > Quality of Service > Global Settings > QoS Properties.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_QoS.fm • Weighted Round Robin (WRR) — In WRR mode, the number of packets sent from the queue is proportional to the weight of the queue (the higher the weight, the more frames are sent). The type of WRR algorithm used in the device is not the standard Deficit WRR (DWRR), but rather Shaped Deficit WRR (SDWRR).
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_QoS.fm – WRR Weight — If WRR is selected, enter the WRR weight assigned to the queue. – % of WRR Bandwidth — Displays the amount of bandwidth assigned to the queue. These values represent the percent of the WRR weight. CoS to Queue The CoS to Queue page maps CoS priorities to an egress queue, meaning that the egress queues of the incoming packets is based on the CoS priority in their VLAN Tags.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_QoS.fm 2 Click Edit and enter the fields: – Class of Service — The CoS priority tag values, where zero is the lowest priority and 7 is the highest priority. – Queue — The queue to which the CoS priority is mapped. DSCP to Queue The DSCP to Queue mapping determines the egress queues of the incoming IP packets, based on their DSCP values. The original VPT (VLAN Priority Tag) of the packet is unchanged.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_QoS.fm 2 Click Edit and enter the fields: – DSCP In — The values of the DSCP field in the incoming packet. – Queue — The queue to which packets with the specific DSCP value is assigned. The values are 1-8, where 1 is the lowest value, and 8 is the highest values.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_QoS.fm – Enable Egress Shaping Rate — Enable/disable egress traffic limitation. If this field is selected, enter the following fields. – Committed Information Rate (CIR) — Enter the average maximum amount of data allowed to be sent on the egress interface, measured in bits per second.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_QoS.fm • Policy Class Maps • Policy Binding Overview The switch uses policies to support per-flow QoS. A policy and its components have the following characteristics and relationships: • A policy contains one or more class maps. • A class map defines a flow with one or more associated ACLs.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_QoS.fm • – Policers — "Policers " on page 237 – Trust — "Policy Class Maps " on page 240 – Set DSCP/CoS — "Policy Class Maps " on page 240 – Set Queue — "DSCP Mapping " on page 236 Binding — Combination of rules and actions that are bound to one or more interfaces.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_QoS.fm DSCP Mapping When a policer is assigned to a class map (flow), you can specify the action to take when the amount of traffic in the flow(s) exceeds the QoS-specified limits. The portion of the traffic that causes the flow to exceed its QoS limit is referred to as out-of-profile packets.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_QoS.fm If a more complex set of rules is needed, several class maps can be grouped into a super-group called a policy (see "Aggregate Policer " on page 238). To define a class map: 1 Click Network Administration > QoS Mapping > Class Mapping. The previously-defined class maps are displayed. 2 To add a class map, click Edit, Add.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_QoS.fm This is done by using the ACLs in the class map(s) to match the desired pattern of traffic, and by using a policer to apply QoS on the matching traffic. A policer is configured with a QoS specification. There are two kinds of policers: • Single Policer — A single policer applies the QoS to a single class map, and to a single flow, based on the policer's QoS specification.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_QoS.fm 1 Click Quality of Service > QoS Mapping > Aggregate Policer. The existing aggregate policers are displayed. 2 To add an aggregate policer, click Edit, Add, and enter the fields. – Aggregate Policer Name — Enter the name of the Aggregate Policer. – Committed Information Rate (CIR) — Enter the maximum bandwidth allowed in bits per second.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_QoS.fm To create a QoS policy: 1 Click Quality of Service > QoS Mapping > Policy Table. The previously-defined policies are displayed. 2 To create a policy, click Edit, Add. 3 Enter the name of the new policy in the Policy Name field. 4 Add class maps to the new policy in the Policy Class Maps page. Policy Class Maps One or more class maps can be added to a policy.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_QoS.fm – Marking Type — If this option is selected, enter a New Value, which determines the egress queue of the matching packets: • DSCP — If DSCP is selected, the new DSCP value and the DSCP to Queue mapping determines the egress queue of the matching packets. • Queue — If Queue is selected, the new value is the egress queue number for all matching packets.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_QoS.fm Policy Binding After policies are created, they must be bound to interfaces (ports or LAGs).When a policy is bound to a specific interface, it becomes active on it (subject to time range restrictions). Only one policy can be active on a single interface, but a single policy can be bound to more than one interface.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_QoS.fm To view policer statistics: 1 Click Network Administration > Quality of Service QoS Statistics Policer Statistics. The following statistics for the previously-defined counters are displayed: – Interface — Statistics are displayed for this interface. – Policy — Statistics are displayed for this policy. – Class Map — Statistics are displayed for this class map.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_QoS.fm 3 Select an aggregate policer in the Aggregate Policer Name field. Queues Statistics Queue statistics include statistics of forwarded and dropped packets, based on interface, queue, and drop precedence. Lowest drop precedence has the lowest probability of being dropped. To view Queue Statistics: 1 Click Network Administration > Quality of Service QoS Statistics Queues Statistics.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_Security.fm 15 Network Administration: Security This section describes the various mechanisms for providing security on the switch. It contains the following topics: • Dot1x Authentications • Storm Control Configuration • Port Security • Dynamic ARP Inspection (DAI) • ACL and ACE Dot1x Authentications This section describes Dot1x authentication.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_Security.fm • Authenticators — Specifies the device port that is authenticated before permitting system access. • Supplicants — Specifies the host connected to the authenticated port hat is requesting to access the system services.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_Security.fm made by other devices received from the same port, are denied until the authorized supplicant is no longer using the port, or the access request is to an unauthenticated or guest VLAN. – • Single-session/Multiple Hosts—This follows the Dot1x standard.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_Security.fm Authentication Methods The possible authentication methods are: • Dot1x — The switch supports this authentication mechanism, as described in the standard, to authenticate and authorize Dot1x supplicants. • MAC-based — The switch can be configured to use this method to authenticate and authorize devices that do not support Dot1x.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_Security.fm • The member ports must be trunk and/or general ports. An access port cannot be member of an unauthenticated VLAN. The Guest VLAN, if configured, is a static VLAN with the following characteristics. • It must be manually defined from an existing, static VLAN. • It is automatically available only to unauthorized devices, or to ports of devices that are connected and Guest VLAN enabled.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_Security.fm • RADIUS — Authenticate the user on the RADIUS server. If no authentication is performed, the session is not permitted. • None — Do not authenticate the user. Permit the session. – Guest VLAN — Enable/disable the use of a Guest VLAN for unauthorized ports. If a Guest VLAN is enabled, all unauthorized ports automatically join the VLAN selected in the Guest VLAN ID field.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_Security.fm • Unauthorized — Denies the selected interface system access by moving the interface into unauthorized state. The device cannot provide authentication services to the client through the interface. – Current Interface Control — Displays the current port authorization state. – Authentication Type — Select the type of authentication on the port. The possible options are: • 802.1x Only — 802.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_Security.fm – Dynamic VLAN Assignment — Enable/disable dynamic VLAN assignment for this port. This feature enables you to automatically assign users to VLANs during the RADIUS server authentication. When a user is authenticated by the RADIUS server, the user is automatically joined to the VLAN configured on a RADIUS server. • Port Lock and Port Monitor should be disabled when DVA is enabled.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_Security.fm – Reauthenticate Now — Select to enable immediate port re-authentication. – Authentication Server Timeout (1-65535) — Enter the time interval that lapses before the device resends a request to the authentication server. The field value is specified in seconds. – Resending EAP Identity Request (1-65535) — Enter the amount of time that lapses before EAP request are resent.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_Security.fm • – No Single Host — Multiple Host is enabled. Number of Violations — Displays the number of packets that arrive on the interface in single-host mode, from a host whose MAC address is not the supplicant MAC address. 2 Click Edit. 3 Select the port to which you want to apply the authentication mode and click its Edit icon.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_Security.fm To view ports and their authentication definitions: 1 Click Network Administration > Security > Dot1 Authentications > Port Authentication Users. The ports and their authentication definitions are displayed. – User Name — Supplicant names that were authenticated on each port. – Port — Number of port.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_Security.fm Storm Control To configure Storm Control: 1 Click Network Administration > Security > Storm Control. Storm control parameters are displayed for all ports. 2 To configure Storm Control on a port, click Edit. 3 Select a port from the Port drop-down list, click its Edit button and enter the following fields: – Broadcast Control — Enable/disable forwarding Broadcast packets on the specific interface.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_Security.fm – Discarded with no trap – Discarded with a trap – The port is shut down Locked port security enables storing a list of MAC addresses in the configuration file. The MAC addresses are restored when the device is reset. Disabled ports can be activated from the Port Configuration page.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_Security.fm 8 Set Set Port to Locked. 9 Enter the following fields: – Action on Violation — Select the action to be applied to packets arriving on a locked port. The possible options are: • Discard — Discard the packets from any unlearned source. • Forward — Forward the packets from an unknown source, without learning the MAC address.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_Security.fm Entries pages). If the packet’s IP address was not found in the ARP Inspection List, and DHCP Snooping is enabled for a VLAN, a search of the DHCP Snooping database is performed. See Binding Database for an explanation of the DHCP Snooping database. If the IP address is found the packet is valid, and is forwarded. Packets with invalid ARP Inspection bindings are logged and dropped.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_Security.fm DAI List An ARP inspection list consists of entries where each entry is a pair of MAC/IP addresses. To create a new ARP inspection list and add the first entry to it: 1 Click Network Administration > Security > Dynamic ARP Inspection (DAI) > DAI List. The dynamic ARP lists are displayed.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_Security.fm DAI VLAN Settings To assign a list of IP/MAC address pairs, defined in the DAI Entries pages, to a VLAN: 1 Click Network Administration > Security > Dynamic ARP Inspection (DAI) > DAI VLAN Settings. The VLANs and their associated list names are displayed. 2 To designate a VLAN to be associated with an ARP inspection list, click Edit, Add and enter the VLAN ID.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_Security.fm • MAC-Based ACEs • IPv4-Based ACLs • IPv4-Based ACEs • IPv6-Based ACLs • IPv6-Based ACEs • ACL Binding • Proprietary Protocol Filtering • Time Range Configuration Overview Access Control Lists (ACLs) enable network managers to define classification actions and rules for specific ingress or egress ports.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_Security.fm 1 Click Network Administration > Security > ACL and ACE > MAC Based ACL. The currently-defined MAC-based ACLs are displayed. 2 To add a new ACL, click Edit, Add and enter the name of the new ACL. MAC-Based ACEs To add rules to an ACL: 1 Click Network Administration > Security > ACL and ACE > MAC Based ACE. The currently-defined rules for the selected ACL are displayed.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_Security.fm – Ether Type — Match the packet’s Ethertype to this one. – Time Range Name — Check to associate a time range with the ACE. Select one of the time ranges defined in the Time Range Configuration page. – Action — Select the action taken upon a match. The following options are available: – • Permit — Forward packets that meet the ACL criteria.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_Security.fm – Protocol Select From List — Select to create an ACE, based on a specific protocol. The following options are available: • ICMP — Internet Control Message Protocol (ICMP). The ICMP enables the gateway or destination host to communicate with the source host, for example, to report a processing error. • IGMP — Internet Group Management Protocol (IGMP).
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_Security.fm • RVSP — Matches the packet to the ReSerVation Protocol (RSVP). • AH — Authentication Header (AH). Provides source host authentication and data integrity. • EIGRP — Enhanced Interior Gateway Routing Protocol (EIGRP). Provides fast convergence, support for variable-length subnet mask, and supports multiple network layer protocols.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_Security.fm – – Source IP Address — Enter the source IP address to which addresses in the packet are compared. • Wildcard Mask —In addition to the Source MAC address, you can enter a mask that specifies which bits in the source address are used for matching and which bits are ignored. A wildcard of 0.0.0.0 means the bits must be matched exactly in addition to the IP source address; ff.ff.ff.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_Security.fm – – IGMP — IGMP packets can be filtered by IGMP message type. This field is available only when IGMP is selected in the Protocol field. The following options are available: • Select from List — Select an IGMP message type from the list. • IGMP Type — Enter the IGMP message type. • Any — Check to use all IGMP message types.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_Security.fm To define IPv6-based ACLs: 1 Click Network Administration > Security > ACL and ACE > IPv6 Based ACL. A list of all of the currently defined IPv6-based ACLs is displayed. 2 To add a new ACL, click Edit, Add. 3 Enter the name of the new ACL. Names are case-sensitive. IPv6-Based ACEs To add a rule to an IPv6-based ACL: 1 Click Network Administration > Security > ACL and ACE > IPv6 Based ACE.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_Security.fm – Source Port — Enter the TCP/UDP source port. Enter either a Single, Range or select Any to include all ports. – Destination Port — Enter the TCP/UDP destination port. Enter either a Single, Range or select Any to include all ports. – Source IP Address — Enter the source IP address to which addresses in the packet are compared.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_Security.fm • Match IP Precedence — Matches the IP-precedence with the packet IP-precedence value. IP-precedence enables marking frames that exceed CIR threshold. In a congested network, frames containing a higher DP value are discarded before frames with a lower DP value. – Time Range Name — Check to associate a time range with the ACE.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_Security.fm 4 Select the Edit icon of the interface to which you want to bind the ACL(s). 5 Enter the following fields: – Binding Type — Select whether the ACL is bound on the: Ingress or Egress. – Select MAC-based ACL — If you select this, select an ACL of this type from the drop-down menu to bind to the interface.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_Security.fm 5 In the Blocked Protocol field, select one of the following options: – None — All protocol packets will be received. – Block All — No protocol packets will be received. – Select Protocols — Move the required protocols from the Available Protocols list to the Filtered Protocols list. The following displays the protocols and the addresses that can be blocked: Table 15-1.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_Security.fm All time specifications are interpreted as local time (Daylight Savings Time does not affect this). To ensure that the time range entries take effect at the desired times, the system time must be set. For more information on setting the system time, see "Time Synchronization " on page 100.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_Security.fm 3 Select the Time Range Name to which you want to add the Time Range Recurrence. The Absolute Start and Absolute End fields are displayed. 4 Check if the recurrence is Daily or Weekly in Recurrence type. 5 If the recurrence is Daily, enter: – Start Time — Select the time on which the time range starts. – End Time— Select the time on which the time range ends.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_Security.
16 Network Administration: SNMP Monitoring This section describes the Simple Network Management Protocol (SNMP) for managing network devices. NOTE: Full SNMP is only supported on the X1008/P devices. Other devices support SNMP in read-only mode.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_SNMP.fm SNMP v3 In addition to the features provided by SNMPv1 and SNMPv2, SNMPv3 applies access control and a new trap mechanism to SNMPv1 and SNMPv2 PDUs. In addition, a User Security Model (USM) can be defined, which includes: • Authentication — Provides data integrity and data origin authentication. • Privacy — Protects against disclosure of message content.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_SNMP.fm • SNMPv3 — Users and Groups SNMP v3 works with users instead of communities. The users belong to groups that have access rights assigned to them. Users are defined in the User Security Model pages SNMPv3 provides two security mechanisms: – Authentication — The switch checks that the SNMP user is an authorized system administrator. This is done for each and every frame.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_SNMP.fm The local information is stored in four read-only MIB variables: snmpEngineId, snmpEngineBoots, snmpEngineTime, and snmpEngineMaxMessageSize. To configure SNMP: 1 Click Network Administration > SNMP Monitoring > Global Parameters. The global parameters are displayed.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_SNMP.fm – IP Address — Enter the IP address. – Local Engine ID— Enter the remote Engine ID. View Settings An SNMP view, which is a collection of MIB subtrees, provides or blocks access to device features. Each subtree is defined by the Object ID (OID) of the root of its subtrees. In extreme cases this subtree can be a leaf.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_SNMP.fm – View Type — Specify if the defined OID branch will be included or excluded in the selected SNMP view. Access Control For ease of use, users may be assigned to groups. In this way, it is possible to assign feature access rights to an entire group, instead of assigning them individually to users. Users are created in the User Security Model pages.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_SNMP.fm User Security Model An SNMP user is defined by the following: • Login credentials (username, password, and authentication method) • Context and scope in which the user operates • Association with a group • Engine ID SNMP user login credentials are verified using a local database.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_SNMP.fm • SHA Key — Users are authenticated using the HMAC-SHA-96 authentication level. – Authentication Password — If the MD5 Key or SHA Key authentication method was selected, enter the user-defined password for a group. – Privacy Method — If the MD5 Key or SHA Key authentication method was selected, enable the DES privacy method or None.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_SNMP.fm • Global — A globally unique IPv6 address; visible and reachable from different subnets. – SNMP Management Station — Enter the management station IP address for which the SNMP community is defined, or choose All to be able to receive SNMP messages from anywhere.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_SNMP.fm Notification Filter Notification filters determine the type of SNMP notifications that are sent to the management station, based on the OID of the notification to be sent. Each OID is linked to a device feature or a feature aspect.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_SNMP.fm Notification Recipients An SNMP notification is a trap message, sent from the switch to the SNMP management station, indicating that a certain event has occurred, such as a link up or down. Trap receivers, also known as notification recipients, are network nodes to which trap messages are sent by the switch.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_SNMP.fm – Notification Version — The message trap SNMP version (v1 or v2). If SNMPv3 is used to send and receive traps, enter the fields: – User Name — The user to whom SNMP notifications are sent. – Security Level — The means by which the packet is authenticated. The possible options are: • No Authentication — The packet is neither authenticated nor encrypted.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_Multicast.fm 17 Network Administration: Multicast This chapter describes Multicast support on the device.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_Multicast.fm • Unregistered Multicast Group — If traffic addressed to an unregistered Multicast group is received, it is handled by a special entry in the Multicast Filtering Database. The default setting of this is to flood all such traffic (traffic in unregistered Multicast groups). NOTE: The system supports Multicast filtering for 256 Multicast groups.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_Multicast.fm • MLDv1 snooping detects MLDv1 control packets, and sets up traffic bridging, based on IPv6 destination Multicast addresses. • MLDv2 snooping uses MLDv2 control packets to forward traffic based on the source IPv6 address, and the destination IPv6 Multicast address. The actual MLD version is selected by the Multicast router in the network.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_Multicast.fm – MLD Querier Status — Enable/disable MLD Querier on the device. Disabled is the default value. Enable MLD querier if MLD snooping is enabled. MLD querier fills the tables used by MLD snooping. – VLAN ID— Select the VLAN ID whose forwarding method is set in the next fields.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_Multicast.fm – Ports — Select the ports to be added to a Multicast service. Toggle a port to S to join the port to the selected Multicast group as a Static port. Toggle a port to F to indicate that it is Forbidden to this service. Leave the field empty if it is not involved in the VLAN. – LAGs — Select the LAGs to be added to a Multicast service.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_Multicast.fm 4 Click Edit. 5 Select an interface or group of interfaces in the graphic block, and click one of the following Multicast Forwarding Mode options: – Static—The port receives all Multicast streams. – Forbidden—Ports cannot receive any Multicast streams, even if IGMP/MLD snooping designated the port to join a Multicast group.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_Multicast.fm 2 To enable IGMP Snooping on a VLAN, click Edit. 3 Select a VLAN, click its Enter icon and enter the fields: • IGMP Snooping Status — Enable/disable the monitoring of network traffic to determine which hosts have asked to be sent Multicast traffic. The switch performs IGMP snooping only if IGMP snooping and Bridge Multicast filtering are both globally enabled.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_Multicast.fm • IGMP Querier Status — Enables or disables the IGMP Querier. The IGMP Querier simulates the behavior of a Multicast router, enabling snooping of the Layer 2 Multicast domain even though there is no Multicast router. • IGMP Querier Version — Select the version of IGMP snooping querier to be used. • Querier Source IP Address — Select the IP address of the IGMP Querier.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_Multicast.fm MLD Snooping To enable MLD Snooping and configure it on a VLAN: 1 Click Network Administration > Multicast > MLD Snooping. 2 Enable or disable MLD Snooping Status. When MLD Snooping is globally enabled, the device monitoring network traffic can determine which hosts have requested to receive Multicast traffic.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_Multicast.fm • Operational Query Max Response Interval (Sec) —Displays the delay used to calculate the Maximum Response Code inserted into the General Queries. • Last Member Query Counter —Enter the Last Member Query Count to be used if the device cannot derive the value from the messages sent by the elected querier.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_Multicast.fm 2 Select either Ports or LAGs in the View By drop-down menu. 3 To modify the forwarding action for an interface, click Edit. 4 Select an interface, click its Edit icon and enter the fields. • Unregistered Multicast — Select the forwarding status of the selected interface.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_Multicast.fm and receive traffic to and from the access VLAN. Receiver ports of the same Multicast VLAN are isolated from each other if they are in different access VLANs. If a Multicast-TV VLAN is defined on an access port, then: • The access port joins the Multicast-TV VLAN. • The Multicast-TV VLAN on the receiver port is always untagged.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_DHCP_Snooping&Relay.fm 18 Network Administration: DHCP Snooping and DHCP Relay This section describes DHCP snooping. It contains the following topics: • DHCP Snooping • DHCP Relay DHCP Snooping This section describes DHCP Snooping.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_DHCP_Snooping&Relay.fm DHCP snooping filters untrusted messages, and stores these messages in a database. Interfaces are untrusted if the packet is received from an interface outside the network, or from an interface beyond the network firewall. Trusted interfaces receive packets only from within the network or the network firewall.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_DHCP_Snooping&Relay.fm Table 18-1. DHCP Packet Handling when DHCP Snooping is Enabled (continued) Packet Type Arriving from Untrusted Ingress Interface Arriving from Trusted Ingress Interface DHCPDECLINE Check if there is Forward to trusted information in the interfaces only database. If the information exists and does not match the interface on which the message was received, the packet is filtered.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_DHCP_Snooping&Relay.fm DHCP Snooping Global Settings Use the Global Settings page to: • Enable/disable DHCP snooping globally. • Determine whether to forward or filter DHCP packets received from untrusted interfaces, whose source MAC address and the DHCP client MAC address do not match. • Determine whether to forward or filter DHCP packets, received from untrusted interfaces, with option-82 information.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_DHCP_Snooping&Relay.fm To enable/disable DHCP snooping on a VLAN: 1 Click Network Administration > DHCP Snooping > VLAN Settings. The list of existing VLANs are displayed in the VLAN ID list. 2 Click Add to move the VLANs, for which you want to enable DHCP snooping, from the VLAN ID list to the Enabled VLANs list. To remove a VLAN, click Remove to move it from the Enabled VLANs list to the VLAN ID list.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_DHCP_Snooping&Relay.fm To query and add IP addresses to the Binding database: 1 Click Network Administration > DHCP Snooping > Binding Database. A list of the database entries is displayed. 2 To query the database, enter query criteria and click Query. Database entries matching the query are displayed. 3 To add an entry, click Edit, Add, and enter the fields: – Type — Select the entry type.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_DHCP_Snooping&Relay.fm Overview NOTE: DHCP Relay is only operational in Layer 2+ mode. The device can act as a DHCP Relay agent that listens for DHCP messages, and relays them between DHCP servers and clients, which reside in different VLANs or IP subnets. This functionality is intended to be used when the client ingress VLAN is different than the VLAN on which DHCP servers are connected.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_DHCP_Snooping&Relay.fm 6 Enter the IP address of the DHCP server in the DHCP Server IP Address field. Option 82 The relay agent information option (Option 82) in the DHCP protocol enables a DHCP relay agent to send additional client information when requesting an IP address. Option 82 specifies the relaying switch's MAC address, the port identifier, and the VLAN that forwarded the packet.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_DHCP_Server.fm 19 Network Administration: DHCP Server The Dynamic Host Configuration Protocol (DHCP) Server feature enables you to configure the device as a DHCPv4 server.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_DHCP_Server.fm Dependencies Between Features It is impossible to configure DHCP server and DHCP client on the system at the same time, meaning: if one interface is DHCP client enabled, it is impossible to enable DHCP server globally. If DHCPv4 Relay is enabled, the device cannot be configured as a DHCP server. Default Settings and Configurations The device is not configured as a DHCPv4 server by default.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_DHCP_Server.fm 1 Click Network Administration > DHCP Server > DHCP Server Properties. 2 Click DHCP Server Status to configure the device as a DHCP server. 3 Click Apply. The device immediately begins functioning as a DHCP server. However, it does not assign IP addresses to clients until a pool is created.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_DHCP_Server.fm 2 Click Add. Either enter the Subnet IP Address and the Mask, and the system will compute the Address Pool Start and Address Pool End, or continue to next step to configure the Address Pool Start and End. 3 Enter the fields: – Pool Name—Enter the pool name. – Subnet IP Address—Enter the subnet in which the network pool resides.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_DHCP_Server.fm – NetBIOS WINS Server — Enter the NetBIOS WINS name server available to a DHCP client. This is DHCP option 44. – NetBIOS Node Type — Select how to resolve the NetBIOS name. This is DHCP option 46. Valid node types are: • None — Name will not be resolved. • Broadcast — IP Broadcast messages are used to register and resolve NetBIOS names to IP addresses.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_DHCP_Server.fm 2 To add a static host, click Edit, Add, and enter the following Static Hosts fields: – Host Name—Enter the host name, which can be a string of symbols and an integer. – IP Address—Enter the IP address that was statically assigned to the host. – Network Mask—Check and enter the static host’s network mask.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_DHCP_Server.fm • Mixed—A combination of b-node and p-node communications is used to register and resolve NetBIOS names. M-node first uses bnode; then, if necessary, p-node. M-node is typically not the best choice for larger networks because its preference for b-node Broadcasts increases network traffic. • Hybrid—A hybrid combination of b-node and p-node is used.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_DHCP_Server.fm • Static—The hardware address of the host was mapped to an IP • Dynamic—The IP address, obtained dynamically from the device, is owned by the client for a specified period of time. The IP address is revoked at the end of this period, at which time the client must request another IP address. address. 2 Click Delete. The Running Configuration file is updated.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_PowerManagement.fm 20 Network Administration: Power Management This section describes how to configure port functionality.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_PowerManagement.fm • Link Short-Reach Energy Saving Mode — Power usage is adjusted to the actual cable length. In this mode, the VCT (Virtual Cable Tester) length test is performed to measure cable length. If the cable is shorter than a predetermined length, the switch reduces the power used to send frames over the cable, thus saving energy. This mode is only supported on RJ45 ports.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_PowerManagement.fm 3 To reset the Cumulative Energy Saved counter, click Reset. Interface Settings To display EEE settings on ports: 1 Click Network Administration > Power Management > Green Ethernet > Interface Settings. 2 The following is displayed for each port on the device: – Port — Port number. • Energy Efficient Ethernet. • • – • Oper — Displays the operational status of EEE mode.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_PowerManagement.fm – Local Tx Timer (μsec) — Indicates the time (in micro seconds) that the transmitting link partner waits before it starts transmitting data after leaving Low Power Idle (LPI mode). – Resolved Rx Timer (μsec) — Integer that indicates the current Tw_sys_tx supported by the remote system.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_PowerManagement.fm – Power Limit Mode — Select one of the following options. • Port — The power limit of the port depends on port • Max Port Power — In this mode, each port can get up to the configuration. maximum power. – System Usage Threshold — Enter the percentage of power consumed before a trap is generated. – Traps — Enable/disable PoE traps on the device.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_PowerManagement.fm supply is running at 99% usage and port 1 is prioritized as high, but port 3 is prioritized as low, port 1 receives power and port 3 might be denied power. – Power Limit — Displays the class that determines the power level: Cl as s Ma xi mum Po wer De li ve red b y Device Po rt 0 15.4 watt 1 4.0 watt 2 7.0 watt 3 15.4 watt 4 30.
21 Network Administration: sFlow This section describes sFlow monitoring of traffic. It contains the following topics: • Overview • sFlow Receiver Settings • sFlow Interface Settings • sFlow Statistics Overview NOTE: This feature is supported as follows: • x1052/P and x4012 — Supported • x1008/P, x1018/P, x1026/P — Not Supported The sFlow feature enables collecting statistics using the sFlow sampling technology, based on sFlow V5.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_sFlow.fm • The format of the sample data used by the sFlow agent when forwarding data to a central data collector. The device provides support for two types of sFlow sampling: flow sampling and counters sampling.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_sFlow.fm • – Global — A globally unique IPv6 address; visible and reachable from different subnets. IP Address — Enter the receiver’s IP address. 4 Enter the fields: – UDP Port — Port to which SYSLOG message are sent. – Maximum Datagram Size (Bytes) — Maximum number of bytes that can be sent to the receiver in a single sample datagram (frame).
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Network_Admin_sFlow.fm – Counters Sampling Receiver Index — Select one of the indices that was defined in these sFlow Receiver Settings pages. sFlow Statistics To view sFlow statistics: 1 Click Network Administration > sFlow > sFlow Statistics. The following sflow statistics per interface are displayed: – Interface — Port for which sample was collected. – Packets Sampled — Number of packets sampled.
22 Using the CLI This section describes how to perform various configuration operations through the Command Line Interface CLI. To view the actual CLI commands, see the CLI chapter. This chapter covers the following topics: • Using the CLI • CLI Command Conventions • Accessing the Device Through the CLI • IPv6 Address Conventions Using the CLI This section provides some general information for using the CLI.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Using_CLI.fm After logging into the device, User EXEC command mode is enabled. The user-level prompt consists of the host name followed by the angle bracket (>). For example: console> NOTE: The default host name is console unless it has been modified during initial configuration.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Using_CLI.fm The following example illustrates accessing privileged EXEC mode and then returning to the User EXEC mode: console> enable Enter Password: ****** console# console# disable console> Use the exit command to return to a previous mode. To configure the device, enter the next level, Global Configuration mode. Global Configuration Mode The Global Configuration mode manages device configuration on a global level.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Using_CLI.fm The following example places the CLI in Interface Configuration mode on port gi0/1. The sntp command is then applied to that port.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Using_CLI.fm Button Description all When a parameter is required to define a range of ports or parameters and all is an option, the default for the command is all when no parameters are defined. For example, the command interface range port-channel has the option of either entering a range of channels, or selecting all. When the command is entered without a parameter, it automatically defaults to all.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Using_CLI.fm • ipv6_address — Refers to the IPv6 address on the single interface on which an IPv6 address is defined.
CLI The following commands can be used to configure the device. clear counters Use the clear counters EXEC mode command to clear counters on all or on a specific interface. Syntax clear counters [interface-id] Parameters interface-id—Specifies an interface ID. The interface ID can be one of the following types: Ethernet port or port-channel. Default Configuration All counters are cleared. Command Mode Privileged EXEC mode Example The following example clears the statistics counters for te0/1.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_CLI_new.fm Default Configuration N/A Command Mode Privileged EXEC mode Example The following example clears messages from the internal logging buffer. console# clear logging Clear Logging Buffer ? (Y/N)[N] configure The configure Privileged EXEC mode command enters the Global Configuration mode. Syntax configure [terminal] Parameters terminal—Enter the Global Configuration mode with or without the keyword terminal.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_CLI_new.fm Syntax copy source-url destination-url Parameters • source-url—Specifies the source file URL or source file reserved keyword • destination-url—Specifies the destination file URL or destination file to be copied. (Length: 1–160 characters) reserved keyword. (Length: 1–160 characters). The following URL options are supported: • running-config—Currently running configuration file.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_CLI_new.fm The entire copying process may take several minutes and differs from protocol to protocol and from network to network. IPv6z Address Format See IPv6 Address Conventions Invalid Combinations of Source and Destination The following are invalid combinations of source and destination files: • The source file and destination file are the same file. • xmodem: is the destination file.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_CLI_new.fm Use the copy source-url running-config command to load a configuration file from a network server to the running configuration file of the device. The commands in the loaded configuration file are added to those in the running configuration file as if the commands were typed in the commandline interface (CLI).
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_CLI_new.fm Example 2 - Copying an Image from a Server to Flash Memory The following example copies a system image named file1 from the TFTP server with an IP address of 172.16.101.101 to a non-active image file. console# copy tftp://172.16.101.101/file1 flash://image Accessing file 'file1' on 172.16.101.101... Loading file1 from 172.16.101.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_CLI_new.fm • – or organization—Specifies the organization name. (Length: 1–64 characters) – loc location—Specifies the location or city name. (Length: 1–64 characters) – st state—Specifies the state or province name. (Length: 1–64 characters) – cu country—Specifies the country name. (Length: 2 characters) duration days—Specifies the number of days a certification is valid.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_CLI_new.fm console(config)# crypto certificate 1 generate key-generate 2048 crypto certificate import The crypto certificate import Global Configuration mode command imports a certificate signed by a Certification Authority for HTTPS. In addition, the RSA key-pair can also be imported. Use the no form of the command to delete the user-defined keys and certificate.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_CLI_new.fm Examples Example 1 - The following example imports a certificate signed by the Certification Authority for HTTPS. console(config)# crypto certificate 1 import Please paste the input now, add a period (.) on a separate line after the input,and press Enter.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_CLI_new.fm Example 2: The following example imports a certificate signed by the Certification Authority for HTTPS, and the RSA key-pair. console(config)# crypto certificate 1 import Please paste the input now, add a period (.) on a separate line after the input,and press Enter.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_CLI_new.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_CLI_new.fm Parameters • number—Specifies the certificate number. (Range: 1–2) • The following elements can be associated with the key. When the key is displayed, they are also displayed. – cn common- name—Specifies the fully qualified device URL or IP address. (Length: 1–64 characters). If unspecified, defaults to the lowest IP address of the device (when the certificate is generated).
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_CLI_new.fm Example The following example displays the certificate request for HTTPS.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_CLI_new.fm Default Configuration The application creates a default key automatically. Command Mode Global Configuration mode User Guidelines DSA keys are generated in pairs - one public DSA key and one private DSA key. If the device already has DSA keys default or user defined, a warning is displayed with a prompt to replace the existing keys with new keys.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_CLI_new.fm Parameters N/A Default Configuration The application creates a default key automatically. Command Mode Global Configuration mode User Guidelines RSA keys are generated in pairs - one public RSA key and one private RSA key. If the device already has RSA keys, a warning is displayed with a prompt to replace the existing keys with new keys.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_CLI_new.fm Parameters N/A Default Configuration DSA and RSA key pairs do not exist. Command Mode Global Configuration mode User Guidelines DSA/RSA keys are imported in pairs - one public DSA/RSA key and one private DSA/RSA key. If the device already has DSA/RSA keys, a warning is displayed with a prompt to replace the existing keys with new keys. This command is saved in the Running Configuration file.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_CLI_new.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_CLI_new.fm delete The delete Privileged EXEC mode command deletes a file from a flash memory device. Syntax delete url Parameters • url—Specifies the location URL or reserved keyword of the file to be deleted. (Length: 1–160 characters) Command Mode Privileged EXEC mode User Guidelines The following keywords and URL prefixes are supported: • flash://—URL of the FLASH file.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_CLI_new.fm Syntax dir Parameters This command has no arguments or keywords. Command Mode Privileged EXEC mode Example Example 1. The following example displays the list of files on a flash file system with static images. The Flash size column for all files except dynamic image specifies the maximum allowed size. The Data size column for dynamic images specifies the real size in the FLASH occupied by the file.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_CLI_new.fm Syntax do command Parameters command—Specifies the EXEC-level command to execute. Command Mode All configuration modes Example The following example executes the show vlan Privileged EXEC mode command from Global Configuration mode.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_CLI_new.fm enable The enable User EXEC mode command enters the Privileged EXEC mode. Syntax enable Parameters N/A Default Configuration The default privilege level is 15. Command Mode User EXEC mode Example The following example enters privilege level 15. console# enable enter password:********** console# Accepted end The end command ends the current configuration session and returns to the Privileged EXEC mode.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_CLI_new.fm Default Configuration N/A Command Mode All configuration modes Example The following example ends the Global Configuration mode session and returns to the Privileged EXEC mode. console(config)# end exit (EXEC) The exit User EXEC mode command closes an active terminal session by logging off the device.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_CLI_new.fm exit (Configuration) The exit command exits any mode and brings the user to the next higher mode in the CLI mode hierarchy. Syntax exit Parameters N/A Default Configuration N/A Command Mode All configuration modes Examples The following examples change the configuration mode from Interface Configuration mode to Privileged EXEC mode.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_CLI_new.fm Command Mode All configuration modes Example The following example describes the Help system. console# help Help may be requested at any point in a command by entering a question mark '?'. If nothing matches the currently entered incomplete command, the help list is empty. This indicates that there is no command matching the input as it currently appears.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_CLI_new.fm Example console(config)# interface vlan 3 console(config-if)# ip address Use the ip address Interface Configuration (Ethernet, VLAN, Port-channel) mode command to define an IP address for an interface. Use the no form of this command to remove an IP address definition. Syntax ip address ip-address {mask | /prefix-length} no ip address [ip-address] Parameters • ip-address—Specifies the IP address.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_CLI_new.fm If a configured IP address overlaps another configured one a warning message is displayed. To change an existed IP address, delete the existed one and add the new one. Examples Example 1 — The following example configures VLAN 1 with IP address 131.108.1.27 and subnet mask 255.255.255.0. console(config)# interface vlan 1 console(config-if)# ip address 131.108.1.27 255.255.255.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_CLI_new.fm no ip default-gateway [ip-address] Parameters • ip-address—Specifies the default gateway IP address. Command Mode Global Configuration mode Default Configuration No default gateway is defined. User Guidelines Use the ip default-gateway command to defines a default gateway (default route). Use the no ip default-gateway ip-address command to delete one default gateway.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_CLI_new.fm Default Configuration The default certificate number is 1. Command Mode Global Configuration mode User Guidelines First, use crypto certificate generate to generate one or two HTTPS certificates. Then use this command to specify which is the active certificate. Example The following example configures the active certificate for HTTPS.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_CLI_new.fm The IP stack is always running on the OOB port as an IP host regardless whether IP routing is enabled. The switch blocks routing between in-band interfaces and the OOB interface. In the case when there are two best routes - one via an in-band and one via the OOB port, the switch will use the route via the OOB port. DHCP Relay and IP Helper cannot be enabled on the OOB port.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_CLI_new.fm Example The following example enables configuring the device to be an SSH server. console(config)# ip ssh server lldp transmit Use the lldp transmit Interface (Ethernet) Configuration mode command to enable transmitting LLDP on an interface. Use the no form of this command to stop transmitting LLDP on an interface.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_CLI_new.fm console(config-if)# lldp transmit lldp receive Use the lldp receive Interface (Ethernet) Configuration mode command to enable receiving LLDP on an interface. Use the no form of this command to stop receiving LLDP on an Interface (Ethernet) Configuration mode interface.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_CLI_new.fm login The login User EXEC mode command enables changing the user that is logged in. When this command is logged in, the user is prompted for a username/password. Syntax login Parameters N/A Default Configuration N/A Command Mode User EXEC mode Example The following example enters Privileged EXEC mode and logs in with the required username ‘bob’.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_CLI_new.fm ping ipv6 {ipv6-address | hostname} [size packet_size] [count packet_count] [timeout time_out] [source source-address] Parameters • ip—Use IPv4 to check the network connectivity. • ipv6—Use IPv6 to check the network connectivity. • ipv4-address—IPv4 address to ping. • ipv6-address—Unicast or Multicast IPv6 address to ping.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_CLI_new.fm • Network or host unreachable—The switch found no corresponding entry in the route table. See IPv6 Address Conventions. When using the ping ipv6 command to check network connectivity of a directly attached host using its link local address, the egress interface may be specified in the IPv6Z format. If the egress interface is not specified, the default interface is selected.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_CLI_new.fm 4 packets transmitted, 4 packets received, 0% packet loss round-trip (ms) min/avg/max = 7/8/11 Example 3 — Ping an IPv6 address. console# ping ipv6 3003::11 Pinging 3003::11 with 64 bytes of data: 64 bytes from 3003::11: icmp_seq=1. time=0 ms 64 bytes from 3003::11: icmp_seq=2. time=50 ms 64 bytes from 3003::11: icmp_seq=3. time=0 ms 64 bytes from 3003::11: icmp_seq=4.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_CLI_new.fm power inline legacy support disable To disable the legacy PDs support, use the power inline legacy support disable Global Configuration mode command. To enable the legacy support, use the no form of this command. This command is only supported on devices that support PoE. Syntax power inline legacy support disable no power inline legacy support disable Parameters N/A.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_CLI_new.fm no power inline usage-threshold Parameters percent—Specifies the threshold in percent to compare to the measured power. (Range: 1–99) Default Configuration The default threshold is 95 percent. Command Mode Global Configuration mode Example The following example configures the threshold for initiating inline power usage alarms to 90 percent.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_CLI_new.fm the next day (if the specified time is earlier than the current time). Specifying 00:00 schedules the reload for midnight. The reload must take place within 24 days. • day - Number of the day in the range from 1 to 31. • month - Month of the year. • cancel - Cancels a scheduled reload.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_CLI_new.fm Example 2 — The following example reloads the operating system in 10 minutes. console# reload in 10 This command will reset the whole system and disconnect your current session. Reload is scheduled for 11:57:08 UTC Fri Apr 21 2012 (in 10 minutes). Do you want to continue? (y/n) [Y] Example 3 — The following example reloads the operating system at 13:00.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_CLI_new.fm Command Mode User EXEC mode Example The following example displays the active system image file that was loaded by the device at startup and the system image file that will be loaded after rebooting the switch: console# show bootvar Image Filename Version Date Status ----- --------- --------- --------------------- ----------- 1 image-1 1.1.0.73 19-Jun-2011 18:10:49 Not active* 2 image-2 1.1.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_CLI_new.fm Example The following example displays SSL certificate # 1 present on the device.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_CLI_new.fm • rsa—Displays the RSA key. • dsa—Displays the DSA key. Default Configuration N/A Command Mode Privileged EXEC mode User Guidelines See Keys and Certificates for information on how to display and copy this key pair. Example The following example displays the SSH public DSA keys on the device.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_CLI_new.fm Parameters • interface-id—Specifies an interface ID. The interface ID can be one of the following types: Ethernet port or port-channel. • detailed—Displays information for non-present ports in addition to present ports. Default Configuration Display counters for all interfaces. If detailed is not used, only present ports are displayed.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_CLI_new.fm Symbol Errors: 0 Received Pause Frames: 0 Transmitted Pause Frames: 0 The following table describes the fields shown in the display. Field Description InOctets Number of received octets. InUcastPkts Number of received Unicast packets. InMcastPkts Number of received Unicast packets. InBcastPkts Number of received broadcast packets. OutOctets Number of transmitted octets.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_CLI_new.fm Field Description Oversize Packets Number of frames received that exceed the maximum permitted frame size. Internal MAC Rx Errors Number of frames for which reception fails due to an internal MAC sublayer receive error. Received Pause Frames Number of MAC Control frames received with an opcode indicating the PAUSE operation.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_CLI_new.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_CLI_new.fm active 1.1.1.1 from sname file path on tftp server active conf/conf-file from option 67 show ip https The show ip https EXEC mode command displays the HTTPS server configuration. Syntax show ip https Command Mode Privileged EXEC mode Example The following example displays the HTTPS server configuration.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_CLI_new.fm show ip interface Use the show ip interface EXEC mode command to display the usability status of configured IP interfaces. Syntax show ip interface [interface-id] Parameters • interface-id—Specifies an interface ID on which IP addresses are defined. Default Configuration All IP addresses.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_CLI_new.fm console# show ip interface vlan 1 !source_precedence_is_supported && !broadcast_address_configuration_is_supported && !ip_redirects_is_supported IP Address I/F I/F Status Type ------------- ------ ----------- ------- -------- ----- 10.5.230.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_CLI_new.fm gi1/1/1 IP Phone Model A Auto On High Class0 Power limit (for port power-limit mode): 15.4W Overload Counter: 0 Short Counter: 0 Denied Counter: 0 Absent Counter: 0 Invalid Signature Counter: 0 The following table describes the fields shown in the display: F i e ld De s c r ip t i o n Power The inline power sourcing equipment operational status.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_CLI_new.fm F i e ld D e s cr ip t i o n Absent Counter Counts the number of times power was removed because powered device dropout was detected. Invalid Signature Counter Counts the number of times an invalid signature of a powered device was detected.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_CLI_new.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_CLI_new.fm Example The following example displays information about the inline power consumption . Console# show power inline consumption Port ---te0/1 te0/1 te0/1 Power Limit (W) ---------15.4 15.4 15.4 Power (W) ---------4.115 4.157 4.021 Voltage (V) --------50.8 50.7 50.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_CLI_new.fm interface range te0/1-4 speed 1000 exit no lldp run interface vlan 1 ip address 1.1.1.1 255.0.0.0 exit line console exec-timeout 0 exit console# show system The show system EXEC mode command displays system information.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_CLI_new.fm 1 42 OK show tech-support Use the show tech-support Privileged EXEC mode command to display system and configuration information that can be provided to the Technical Assistance Center when reporting a problem. Syntax show tech-support [config | memory] Parameters • memory—Displays memory and processor state data. • config—Displays switch configuration within the CLI commands supported on the device.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_CLI_new.fm The show tech-support command output is continuous, meaning that it does not display one screen at a time. To interrupt the output, press Esc.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_CLI_new.fm • VLAN name • Ports on the VLAN • Whether the VLAN was is dynamic or permanent Syntax show vlan [tag vlan-id | name vlan-name] Parameters • tag vlan-id—Specifies a VLAN ID. • name vlan-name—Specifies a VLAN name string (length: 1–32 characters) Default Configuration All VLANs are displayed.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_CLI_new.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_CLI_new.fm Default Configuration Spanning-tree is enabled. Command Mode Global Configuration mode Example The following example enables spanning-tree functionality. console(config)# spanning-tree username Use the username Global Configuration mode command to establish a username-based authentication system. Use the no form to remove a user name.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_CLI_new.fm Command Mode Global Configuration mode Usage Guidelines The last user (regardless of whether it is the default user or any user) cannot be removed and cannot be a remote user. Example Sets an unencrypted password for user top (level 15). It will be encrypted in the configuration file.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_CLI_new.fm VLAN Database Configuration mode User Guidelines If the VLAN does not exist, it is created. If the VLAN cannot be created then the command is finished with error and the current context is not changed. Example The following example creates VLAN 1972, which is assigned the name Marketing.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_CLI_new.fm write Use the write Privileged EXEC mode command to save the running configuration to the startup configuration file. Syntax write [memory] Parameters This command has no arguments or keywords. Command Mode Privileged EXEC mode Examples The following example shows how to overwrite the startup-config file with the running-config file with the write command.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_GettingHelp.fm Getting Help 24 Contacting Dell NOTE: Dell provides several online and telephone-based support and service options. If you do not have an active Internet connection, you can find contact information on your purchase invoice, packing slip, bill, or Dell product catalog. Availability varies by country and product, and some services may not be available in your area.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_GettingHelp.fm Downloading Drivers, Firmware, and Software 1 Go to dell.com/support. 2 Enter your system service tag in the Enter your Service Tag field. 3 Click Submit. The support page that lists the various support categories is displayed. 4 From the left pane, select Get drivers and downloads. 5 Select your filters. 6 View by Category, Importance, or Release Date.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_GettingHelp.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_GettingHelp.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Glossary.fm Glossary Figure 25-1. This glossary contains key technical words of interest. A B C D E F G H I L M N O P Q R S T U V W A Access Mode Specifies the method by which user access is granted to the system. Access Profiles Allows network managers to define profiles and rules for accessing the switch module.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Glossary.fm Authentication Profiles Sets of rules which that enables login to and authentication of users and applications. Auto-negotiation Allows 10/100 Mpbs or 10/100/1000 Mbps Ethernet ports to establish for the following features: • Duplex/Half Duplex mode • Flow Control • Speed B Back Pressure A mechanism used with Half Duplex mode that enables a port not to receive a message.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Glossary.fm Boot Version The boot version. BootP Bootstrap Protocol. Enables a workstation to discover its IP address, an IP address of a BootP server on a network, or a configuration file loaded into the boot of a switch module. BPDU Bridge Protocol Data Unit. Provide bridging information in a message format. BPDUs are sent across switch module information with in Spanning Tree configuration.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Glossary.fm Class of Service (CoS). Class of Service is the 802.1p priority scheme. CoS provides a method for tagging packets with priority information. A CoS value between 0-7 is added to the Layer II header of packets, where zero is the lowest priority and seven is the highest. A overlapping transmission of two or more packets that collide. The data transmitted cannot be used, and the session is restarted.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Glossary.fm • Full Duplex Mode — Permits for bisynchronous communication, for example, a telephone. Two parties can transmit information at the same time. • Half Duplex Mode — Permits asynchronous communication, for example, a walkie-talkie. Only one party can transmit information at a time. Dynamic VLAN Assignment (DVA) Allows automatic assignment of users to VLANs during the RADIUS server authentication.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Glossary.fm Flapping Flapping occurs when an interfaces state is constantly changing. For example, an STP port constantly changes from listening to learning to forwarding. This may cause traffic loss. Flow Control Enables lower speed devices to communicate with higher speed devices, that is, that the higher speed device refrains from sending packets. Fragment Ethernet packets smaller than 576 bits.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Glossary.fm HyperText Transport Protocol. Transmits HTML documents between servers and clients on the internet. I IC Integrated Circuit. Integrated Circuits are small electronic devices composed from semiconductor material. ICMP Internet Control Message Protocol. Allows gateway or destination host to communicate with a source host, for example, to report a processing error.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Glossary.fm IP Internet Protocol. Specifies the format of packets and there addressing method. IP addresses packets and forwards the packets to the correct port. IP Address Internet Protocol Address. A unique address assigned to a network device with two or more interconnected LANs or WANs. IP Version 6 (IPv6) A version of IP addressing with longer addresses than the traditional IPv4.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Glossary.fm Layer 3 Establishes a connections and ensures that all data arrives to their destination. Packets inspected at the Layer 3 level are analyzed and forwarding decisions, based on their applications. LLDP-MED Link Layer Discovery Protocol - Media Endpoint Discovery.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Glossary.fm Message Digest 5. An algorithm that produces a 128-bit hash. MD5 is a variation of MD4, and increases MD4 security. MD5 verifies the integrity of the communication, authenticates the origin of the communication. MDI Media Dependent Interface. A cable used for end stations. MDIX Media Dependent Interface with Crossover (MDIX). A cable used for hubs and switches. MIB Management Information Base.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Glossary.fm • Controllers • Workstations O OID Organizationally Unique Identifiers. Identifiers associated with a Voice VLAN. OUI Object Identifier. Used by SNMP to identify managed objects. In the SNMP Manager/Agent network management paradigm, each managed object must have an OID to identify it. P Packets Blocks of information for transmission in packet switched systems. PDU Protocol Data Unit.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Glossary.fm Protocol VLAN Edge. A port can be defined as a Private VLAN Edge (PVE) port of an uplink port, so that it will be isolated from other ports within the same VLAN. Q QoS Quality of Service. QoS allows network managers to decide how and what network traffic is forwarded according to priorities, application types, and source and destination addresses.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Glossary.fm Running Configuration File Contains all startup configuration file commands, as well as all commands entered during the current session. After the switch module is powered down or rebooted, all commands stored in the Running Configuration file are lost. S Segmentation Divides LANs into separate LAN segments for bridging. Segmentation eliminates LAN bandwidth limitations.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Glossary.fm Startup Configuration Retains the exact switch module configuration when the switch module is powered down or rebooted. Subnet Sub-network. Subnets are portions of a network that share a common address component. On TCP/IP networks, devices that share a prefix are part of the same subnet. For example, all devices with a prefix of 157.100.100.100 are part of the same subnet.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Glossary.fm Link Aggregation. Optimizes port usage by linking a group of ports together to form a single trunk (aggregated groups). TV VLAN Multicast Television Vlan or TV VLAN, is used for television applications with a PC or with televisions equipped with a "Set-Top Box" device. U UDP User Data Protocol. Transmits packets but does not guarantee their delivery.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_Astute_Glossary.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_AstuteBackCover.
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User Guide\Dell_AstuteBackCover.fm Printed in the U.S.A. dell.
