Manualshelf

Users Guide

ManualsBrandsDell ManualsAccess PlatformsPowerSwitch N2000 Series
181182183184185186187188189190
186 Setting Basic Network Information
recommended that the port be connected only to a physically isolated secure
management network. The OOB port is a layer-3 interface that uses an
internal non-user-configurable VLAN.
The out-of-band port is a logical management interface. The IP stack’s
routing table contains both IPv4/IPv6 routes associated with these
management interfaces and IPv4/IPv6 routes associated with routing
interfaces. If routes to the same destination (such as a default route) are
learned or configured on both the OOB interface and a routing interface, the
routing interface route is preferred. If a directly connected subnet is
configured on an out-of-band interface, it cannot also be configured on an in-
band interface. If a default gateway is configured on routing interfaces (front-
panel ports), then IP addresses not in the OOB port subnet will not be
reachable via the OOB port. It is never recommended that the switch default
gateway be configured on the out-of-band port subnet.
Dell recommends that, if used, the OOB port be used for remote
management on a physically independent management network and be
assigned an IP address from the non-routable private IP address space. The
following list highlights some advantages of using OOB management instead
of in-band management:
Traffic on the OOB port is passed directly to the switch CPU, bypassing
the switching silicon. The OOB port is implemented as an independent
NIC, which allows direct access to the switch CPU from the management
network.
If the production network is experiencing problems, administrators can
still access the switch management interface and troubleshoot issues.
Because the OOB port is intended to be physically isolated from the
production network or deployed behind a firewall, configuration options
are limited to just those protocols needed to manage the switch. Limiting
the configuration options makes it difficult to accidentally cut off
management access to the switch.
Alternatively, network administrators may choose to manage their network via
the production network. This is in-band management. Because in-band
management traffic is mixed in with production network traffic, it is subject
to all of the filtering rules usually applied on a switched/routed port, such as
ACLs and VLAN tagging, and may be rate limited to protect against DoS
attacks.