Users Guide

ManualsBrandsDell ManualsAccess PlatformsPowerSwitch S4112F-ON/S4112T-ON

1111

Table Of Contents

Dell EMC SmartFabric OS10 User Guide Release 10.5.2
Contents
About this guide
- Conventions
- Related Documents
- Documentation Feedback
Change history
Getting Started with Dell EMC SmartFabric OS10
- Switch with factory-installed OS10
- Baremetal switch with only ONIE installed
- Downgrade to Release 10.5.0.0 or earlier releases
  - Roll back from 10.5.2.0 or later release to 10.5.0.x or earlier release
- Downgrade to Release 10.5.1.0 or later releases
  - Rollback from 10.5.2.0 or later release to 10.5.1.0 or later release
- Switch deployment options
- Remote access
CLI Basics
- CONFIGURATION mode
- Check device status
  - Related Videos
- Command help
- Candidate configuration
- Copy running configuration
- Restore startup configuration
- Reload system image
- Filter show commands
- Common OS10 commands
Advanced CLI tasks
- Command alias
- Batch mode
  - batch
- Linux shell commands
- Using OS9 commands
  - feature config-os9-style
Dell EMC SmartFabric OS10 zero-touch deployment
- ZTD DHCP server configuration
- ZTD provisioning script
- ZTD CLI batch file
- Post-ZTD script
- ZTD commands
Dell EMC SmartFabric OS10 provisioning
- Using Ansible
- Example: Configure an OS10 switch using Ansible
SmartFabric Director
- Enable SmartFabric Director mode on a switch
- Support for SmartFabric Director
- gRPC Network Management Interface agent
- Lifecycle Management using SmartFabric Director
- SmartFabric Director commands
System management
- System banners
- User session management
  - User session management commands
- Telnet server
  - Telnet commands
    - ip telnet server enable
    - ip telnet server vrf
- Simple Network Management Protocol
- System clock
  - Time zones and UTC offset reference
  - System Clock commands
- Network Time Protocol
- Precision Time Protocol
- Synchronous Ethernet (SyncE)
- Dynamic Host Configuration Protocol
- Containers
- Low Latency Modes
  - Low Latency Modes CLI commands
    - show switching-mode
    - switching-mode cut-through
Interfaces
- Ethernet interfaces
- Unified port groups
- Z9264F-ON port-group profiles
- Port-groups on S5200F-ON switches
- L2 mode configuration
- L3 mode configuration
- Fibre Channel interfaces
  - Configuring wavelength
- Management interface
  - Management interface
- VLAN interfaces
- User-configured default VLAN
- VLAN scale profile
- Loopback interfaces
- Port-channel interfaces
  - Create port-channel
  - Add port member
  - Minimum links
  - Assign Port Channel IP Address
  - Remove or disable port-channel
  - Load balance traffic
  - Change hash algorithm
- Configure interface ranges
- Switch-port profiles
  - S4148-ON Series port profiles
  - S4148U-ON port profiles
- Configure negotiation modes on interfaces
- Configure breakout mode
- Breakout auto-configuration
- Reset default configuration
- Forward error correction
- Energy-efficient Ethernet
  - Enable energy-efficient Ethernet
  - Clear EEE counters
  - View EEE status/statistics
  - EEE commands
- View interface configuration
- High-power optical modules
  - High-power optical module commands
    - allow high-wattage-optics
    - show inventory media wattage
- Digital optical monitoring
  - Enable DOM and DOM traps
- Default MTU Configuration
- Configure polling interval for Ethernet interface counters
- Interface commands
  - channel-group
  - default interface
  - default vlan-id
  - description (Interface)
  - duplex
  - enable dom
  - enable dom traps
  - feature auto-breakout
  - fec
  - interface breakout
  - interface ethernet
  - interface loopback
  - interface mgmt
  - interface null
  - interface port-channel
  - interface range
  - interface vlan
  - link-bundle-utilization
  - mode
  - mode l3
  - mtu
  - negotiation
  - port mode Eth
  - port-group
  - profile
  - scale-profile vlan
  - show discovered-expanders
  - show interface
  - show interface description
  - show interface phy-eth
  - show interface switchport
  - show inventory media
  - show link-bundle-utilization
  - show port-channel summary
  - show port-group
  - show switch-port-profile
  - show system
  - show unit-provision
  - show vlan
  - shutdown
  - speed (Fibre Channel)
  - speed (Management)
  - stats-monitor
  - switch-port-profile
  - switchport access vlan
  - switchport mode
  - switchport trunk allowed vlan
  - unit-provision
  - wavelength
  - default mtu
  - show default mtu
PowerEdge MX Ethernet I/O modules
- MX-IOM Hardware Replacement
- Unified port groups
Fibre Channel
- Fibre Channel over Ethernet
  - Configure FIP snooping
- Terminology
- Virtual fabric
- Fibre Channel zoning
- F_Port on Ethernet
- Pinning FCoE traffic to a specific port of a port-channel
  - Sample FSB configuration on VLT network
  - Sample FC Switch configuration on VLT network
  - Sample FSB configuration on non-VLT network
  - Sample FC Switch configuration on non-VLT network
- Multiswitch fabric (E Port)
  - Configure multiswitch fabric (E Port)
  - Verify multiswitch fabric (E Port) configuration
  - Multiswitch fabric (E Port) CLI commands
- Multi-hop FIP-snooping bridge
  - Configuration notes
  - Configure multi-hop FSB
  - Verify multi-hop FSB configuration
  - Sample Multi-hop FSB configuration
- Configuration guidelines
- NPIV Proxy Gateway cascading
- Support for untagged VLAN in FCoE
- Rebalance FC sessions (NPG)
- Load balancing after system reboot
  - NPG rebalance topology
  - NPG switch configurations
  - Example: Manual rebalance trigger
  - Equivalent RESTCONF request for the rebalancing CLIs
- Single FCF per vFabric
  - Usecase 1 - NPG fabric is connected to an FCF switch through multiple links
  - Use case 2 - NPG fabric is connected to multiple upstream switches belonging to the same SAN fabric
  - Use case 3 - Multiple NPG Fabrics connected to upstream switches belonging to different SAN fabrics
- F_Port commands
  - fc alias
  - fc zone
  - fc zoneset
  - feature fc
  - member (alias)
  - member (zone)
  - member (zoneset)
  - show fc alias
  - show fc interface-area-id mapping
  - show fc ns switch
  - show fc zone
  - show fc zoneset
  - zone default-zone permit
  - zoneset activate
- NPG commands
  - fc port-mode F
  - feature fc npg
  - show npg devices
  - show npg uplink-interface
- F_Port and NPG commands
  - clear fc statistics
  - fcoe
  - fcoe delay fcf-adv
  - name
  - Re-balance the FC sessions
  - show npg uplink-interface
  - show npg node-interface
  - show fc statistics
  - show fc switch
  - show running-config vfabric
  - show vfabric
  - vfabric
  - vfabric (interface)
  - vlan
- FIP-snooping commands
  - feature fip-snooping with-cvl
  - fip-snooping enable
  - fip-snooping fc-map
  - fip-snooping port-mode
- FCoE commands
  - clear fcoe database
  - clear fcoe statistics
  - fcoe delay fcf-adv
  - fcoe-pinned-port
  - fcoe max-sessions-per-enodemac
  - fcoe priority-bits
  - lldp tlv-select dcbxp-appln fcoe
  - re-balance fc npg sessions vfabric
  - show fcoe enode
  - show fcoe fcf
  - show fcoe pinned-port
  - show fcoe sessions
  - show fcoe statistics
  - show fcoe system
  - show fcoe vlan
  - show npg node-interface
  - show npg uplink-interface
- Debug FC commands
  - debug fc
  - show debug fc
Layer 2
- 802.1X
- Far-end failure detection
- Link Aggregation Control Protocol
- Link Layer Discovery Protocol
- Media Access Control
- Spanning-tree protocol
- Virtual LANs
- Private VLANs
- Port monitoring
Layer 3
- Virtual routing and forwarding
- Bidirectional Forwarding Detection
- Border Gateway Protocol
- Equal cost multi-path
- IPv4 routing
- IPv6 routing
- Open shortest path first
- Object tracking manager
- Policy-based routing
- Virtual Router Redundancy Protocol
Multicast
- Important notes
- Configure multicast routing
- Unknown multicast flood control
  - Enable multicast flood control
- Multicast Commands
  - multicast snooping flood-restrict
- Internet Group Management Protocol
- Multicast Listener Discovery Protocol
  - MLD snooping
  - MLD snooping commands
- Multicast snooping on VLANs
- Layer 3 multicast: Protocol Independent Multicast
- Anycast RP using PIM
- Sample configuration: Multicast VRF using PIM-SM
- VLT multicast routing
VXLAN
- VXLAN concepts
- VXLAN as NVO solution
- Configure VXLAN
- L3 VXLAN route scaling
- DHCP relay on VTEPs
- View VXLAN configuration
- VXLAN MAC addresses
- VXLAN commands
- VXLAN MAC commands
- Example: VXLAN with static VTEP
- BGP EVPN for VXLAN
- Controller-provisioned VXLAN
UFT modes
- Configure UFT modes
  - IPv6 extended prefix routes
- UFT commands
Security
- Switch security
- Network security
OpenFlow
- OpenFlow logical switch instance
- OpenFlow controller
- OpenFlow version 1.3
- OpenFlow use cases
- Configure OpenFlow
  - Establish TLS connection
- OpenFlow commands
- OpenFlow-only mode commands
Access Control Lists
- IP ACLs
- MAC ACLs
- Control-plane ACLs
  - Control-plane ACL qualifiers
- IP fragment handling
- L3 ACL rules
- Assign sequence number to filter
- Delete ACL rule
- L2 and L3 ACLs
- Assign and apply ACL filters
- Ingress ACL filters
- Egress ACL filters
- VTY ACLs
- SNMP ACLs
- Clear access-list counters
- IP prefix-lists
- Route-maps
- Match routes
- Set conditions
- Continue clause
- ACL flow-based monitoring
- Enable flow-based monitoring
- View ACL table utilization report
  - Known behavior
- ACL logging
  - Important notes
  - IP ACL logging
  - Control-plane management ACL logging
- ACL commands
  - clear ip access-list counters
  - clear ipv6 access-list counters
  - clear mac access-list counters
  - deny
  - deny (IPv6)
  - deny (MAC)
  - deny icmp
  - deny icmp (IPv6)
  - deny ip
  - deny ipv6
  - deny tcp
  - deny tcp (IPv6)
  - deny udp
  - deny udp (IPv6)
  - description
  - ip access-group
  - ip access-list
  - ip as-path access-list
  - ip community-list standard deny
  - ip community–list standard permit
  - ip extcommunity-list standard deny
  - ip extcommunity-list standard permit
  - ip prefix-list description
  - ip prefix-list deny
  - ip prefix-list permit
  - ip prefix-list seq deny
  - ip prefix-list seq permit
  - ipv6 access-group
  - ipv6 access-list
  - ipv6 prefix-list deny
  - ipv6 prefix-list description
  - ipv6 prefix-list permit
  - ipv6 prefix-list seq deny
  - ipv6 prefix-list seq permit
  - logging access-list mgmt burst
  - logging access-list mgmt rate
  - mac access-group
  - mac access-list
  - permit
  - permit (IPv6)
  - permit (MAC)
  - permit icmp
  - permit icmp (IPv6)
  - permit ip
  - permit ipv6
  - permit tcp
  - permit tcp (IPv6)
  - permit udp
  - permit udp (IPv6)
  - remark
  - seq deny
  - seq deny (IPv6)
  - seq deny (MAC)
  - seq deny icmp
  - seq deny icmp (IPv6)
  - seq deny ip
  - seq deny ipv6
  - seq deny tcp
  - seq deny tcp (IPv6)
  - seq deny udp
  - seq deny udp (IPv6)
  - seq permit
  - seq permit (IPv6)
  - seq permit (MAC)
  - seq permit icmp
  - seq permit icmp (IPv6)
  - seq permit ip
  - seq permit ipv6
  - seq permit tcp
  - seq permit tcp (IPv6)
  - seq permit udp
  - seq permit udp (IPv6)
  - show access-group
  - show access-lists
  - show acl-table-usage detail
  - show control-plane logging
  - show ip as-path-access-list
  - show ip prefix-list
  - show logging access-list
- Route-map commands
  - continue
  - match as-path
  - match community
  - match extcommunity
  - match inactive-path-additive
  - match interface
  - match ip address
  - match ip next-hop
  - match ipv6 address
  - match ipv6 next-hop
  - match metric
  - match origin
  - match route-type
  - match tag
  - route-map
  - set comm-list add
  - set comm-list delete
  - set community
  - set extcomm-list add
  - set extcomm-list delete
  - set extcommunity
  - set local-preference
  - set metric
  - set metric-type
  - set next-hop
  - set origin
  - set tag
  - set weight
  - show route-map
Quality of service
- Classification
  - Data traffic classification
  - Control-plane policing
- Marking Traffic
- Queuing
- Policing traffic
- Coloring traffic
- Modifying packet fields
- Shaping traffic
- Bandwidth allocation
- Strict priority queuing
- Rate adjustment
- Configure quality of service
- Example 1: Traffic classification and bandwidth allocation in VXLAN topology using CoS value
- Example 2: Traffic classification and bandwidth allocation in VXLAN topology using CoS value on access ports and DSCP value on network ports
- Buffer management
- Congestion avoidance
- Storm control
- RoCE for faster access and lossless connectivity
- Port to port-pipe and MMU mapping
- QoS commands
Virtual Link Trunking
- Terminology
- VLT domain
- VLT interconnect
- Graceful LACP with VLT
- Configure VLT
- Configure VRRP Active-Active mode
- Migrate VMs across data centers with eVLT
- View VLT information
- Delay-restore for orphan ports
  - Configuring delay-restore port - non-VLT
  - Configuring delay-restore orphan port - VLT
- VLT commands
Uplink Failure Detection
- Configure uplink failure detection
- Uplink failure detection on VLT
  - Sample configurations of UFD on VLT
- UFD commands
Converged data center services
- Priority flow control
- Enhanced transmission selection
- Data center bridging eXchange
- Internet small computer system interface
- Converged network DCB example
sFlow
- Enable sFlow
- Max-header size configuration
- Collector configuration
- Polling-interval configuration
- Sample-rate configuration
- Source interface configuration
- View sFlow information
- sFlow commands
Telemetry
- Telemetry terminology
- YANG-modeled telemetry data
- Configure telemetry
- View telemetry configuration
- Telemetry commands
- Example: Configure streaming telemetry
RESTCONF API
- Configure RESTCONF API
- RESTCONF request of CLI command
  - Obtain RESTCONF API documentation from OS10
  - Translated RESTCONF requests example
- REST Token-Based Authentication
- CLI commands for RESTCONF API
- RESTCONF API tasks
  - View XML structure of CLI commands
  - RESTCONF API Examples
    - System
    - Interface
Troubleshoot Dell EMC SmartFabric OS10
- Diagnostic tools
- Recover Linux password
- Recover OS10 user name password
- Restore factory defaults
- SupportAssist
- Support bundle
- System monitoring
- Monitor CPU Utilization
  - CPU Utilization commands
- Monitor Memory Utilization
  - Memory Utilization commands
- Log into OS10 device
- Frequently asked questions
Support resources

2. Configure port interfaces as trunk members and remove the access VLAN in Interface mode.

interface ethernet node/slot/port[:subport]

switchport mode trunk

no switchport access vlan

exit

3. Assign the trunk interfaces as untagged members of the virtual network in VIRTUAL-NETWORK mode. You cannot use

the reserved VLAN ID for a legacy VLAN or for tagged traffic on member interfaces of virtual networks.

virtual-network vn-id

member-interface ethernet node/slot/port[:subport] untagged

exit

If at least one untagged member interface is assigned to a virtual network, you cannot delete the reserved untagged VLAN ID.

If you reconfigure the reserved untagged VLAN ID, you must either reconfigure all untagged member interfaces in the virtual

networks to use the new ID or reload the switch.

Enable overlay routing between virtual networks

The previous sections describe how a VTEP switches traffic between hosts in the same L2 tenant segment on a virtual network,

and transports traffic over an IP underlay fabric. This section describes how a VTEP enables hosts in different L2 segments

belonging to the same tenant VRF to communicate with each other.

NOTE: On the S4248-ON switch, IPv6 overlay routing between virtual networks is not supported with static VXLAN. IPv6

overlay routing is, however, supported with BGP EVPN asymmetric IRB.

Each tenant is assigned a VRF and each virtual-network interface is assigned an IP subnet in the tenant VRF. The VTEP acts

as the L3 gateway that routes traffic from one tenant subnet to another in the overlay before encapsulating it in the VXLAN

header and transporting it over the IP underlay fabric.

To enable host traffic routing between virtual networks, configure an interface for each virtual network and associate it to

a tenant VRF. Assign a unique IP address in the IP subnet range associated with the virtual network to each virtual-network

interface on each VTEP.

To enable efficient traffic forwarding on a VTEP, OS10 supports distributed and centralized gateway routing. A distributed

gateway means that multiple VTEPs act as the gateway router for a tenant subnet. The VTEP nearest to a host acts as its

gateway router. To support seamless migration of hosts and virtual machines on different VTEPs, configure a common virtual IP

address, known as an anycast IP address, on all VTEPs for each virtual network. Use this anycast IP address as the gateway IP

address on VMs.

To support multiple tenants when each tenant has its own L2 segments, configure a different IP VRF for each tenant. All

tenants share the same VXLAN underlay IP fabric in the default VRF.

1. Create a non-default VRF instance for overlay routing in Configuration mode. For multi-tenancy, create a VRF instance for

each tenant.

ip vrf tenant-vrf-name

exit

2. Configure the anycast gateway MAC address all VTEPs use in all VXLAN virtual networks in Configuration mode.

When a VM sends an Address Resolution Protocol (ARP) request for the anycast gateway IP address in a VXLAN virtual

network, the nearest VTEP responds with the configured anycast MAC address. Configure the same MAC address on all

VTEPs so that the anycast gateway MAC address remains the same if a VM migrates to a different VTEP. Because the

configured MAC address is automatically used for all VXLAN virtual networks, configure it in global Configuration mode.

ip virtual-router mac-address mac-address

Example:

OS10(config)# ip virtual-router mac-address 00:01:01:01:01:01

3. Configure a virtual-network interface, assign it to the tenant VRF, and configure an IP address.

The interface IP address must be unique on each VTEP, including VTEPs in VLT pairs. You can configure an IPv6 address

on the virtual-network interface. Different virtual-network interfaces you configure on the same VTEP must have virtual-

1118

VXLAN