FTOS Configuration Guide for Z9000 System - Force10 Networks

More documents

Recommendations

Info

www.dell.com | support.dell.com 6 | Configuration Task List for System Log Management . . . . . . . . . . . . . . . . . . . . . . . .54 Disable System Logging . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .54 Send System Messages to a Syslog Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .55 Configure a Unix System as a Syslog Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .55 Change System Logging Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .55 Display the Logging Buffer and the Logging Configuration . . . . . . . . . . . . . . . . . . . . . . .56 Configure a UNIX logging facility level . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .58 Synchronize log messages . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .59 Enable timestamp on syslog messages . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .59 File Transfer Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .60 Configuration Task List for File Transfer Services . . . . . . . . . . . . . . . . . . . . . . . . . . .60 Terminal Lines . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .62 Deny and Permit Access to a Terminal Line . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .62 Configure Login Authentication for Terminal Lines . . . . . . . . . . . . . . . . . . . . . . . . . .63 Time out of EXEC Privilege Mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .64 Telnet to Another Network Device . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .65 Lock CONFIGURATION mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .66 Viewing the Configuration Lock Status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .67 Recovering from a Forgotten Password on the S4810 and Z9000 . . . . . . . . . . . . . . . . .67 Recovering from a Forgotten Enable Password on the S4810 and Z9000 . . . . . . . .69 Recovering from a Failed Start on the S4810 and Z9000 . . . . . . . . . . . . . . . . . . . . . . . .70 5 802.1X . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 71 Protocol Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .71 The Port-authentication Process . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .72 EAP over RADIUS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .73 Configuring 802.1X . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .75 Related Configuration Tasks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .75 Important Points to Remember . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .75 Enabling 802.1X . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .75 Configuring Request Identity Re-transmissions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .77 Configuring a Quiet Period after a Failed Authentication . . . . . . . . . . . . . . . . . . . . .78 Forcibly Authorizing or Unauthorizing a Port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .79 Re-authenticating a Port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .80 Periodic Re-authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .80 Configuring Timeouts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .81 Dynamic VLAN Assignment with Port Authentication . . . . . . . . . . . . . . . . . . . . . . . . . . .82 Guest and Authentication-fail VLANs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .83 Configuring a Guest VLAN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .84 Configuring an Authentication-fail VLAN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .84 6 Access Control Lists (ACLs) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 87 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .87
IP Access Control Lists (ACLs) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .88 CAM Profiling, CAM Allocation, and CAM Optimization . . . . . . . . . . . . . . . . . . . . . .88 Implementing ACLs on FTOS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .91 IP Fragment Handling . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .92 Configure a standard IP ACL . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .94 Configure an extended IP ACL . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .97 Configuring Layer 2 and Layer 3 ACLs on an Interface . . . . . . . . . . . . . . . . . . . . . . . . .100 Assign an IP ACL to an Interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .100 Counting ACL Hits . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .102 Configuring Ingress ACLs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .102 Configuring Egress ACLs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .103 Egress Layer 3 ACL Lookup for Control-plane IP Traffic . . . . . . . . . . . . . . . . . . . .104 Configuring ACLs to Loopback . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .104 Applying an ACL on Loopback Interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .105 IP Prefix Lists . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .106 Implementation Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .106 Configuration Task List for Prefix Lists . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .107 ACL Resequencing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 111 Resequencing an ACL or Prefix List . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 112 Route Maps . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 113 Implementation Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 113 Important Points to Remember . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 113 Configuration Task List for Route Maps . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 114 7 Bidirectional Forwarding Detection (BFD) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 121 Protocol Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .121 How BFD Works . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .122 Important Points to Remember . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .127 Configuring Bidirectional Forwarding Detection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .127 Configuring BFD for Physical Ports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .128 Configuring BFD for Static Routes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .132 Configuring BFD for OSPF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .134 Configuring BFD for IS-IS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .137 Configuring BFD for BGP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .140 Configuring BFD for VRRP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .148 Configuring BFD for VLANs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .151 Configuring BFD for Port-Channels . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .153 Configuring Protocol Liveness . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .156 Troubleshooting BFD . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .156 8 Border Gateway Protocol . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 157 Protocol Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .158 Autonomous Systems (AS) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .158 | 7
Page 1 and 2: FTOS Configuration Guide for the Z9
Page 3 and 4: | 3
Page 5: 1 About this Guide . . . . . . . .
Page 9 and 10: 10 Content Addressable Memory (CAM)
Page 11 and 12: Configuring GVRP Registration . . .
Page 13 and 14: Configuration Task List for ICMP .
Page 15 and 16: 22 Link Layer Discovery Protocol (L
Page 17 and 18: Implementing OSPF with FTOS . . . .
Page 19 and 20: Apply a WRED profile to traffic . .
Page 21 and 22: 38 sFlow . . . . . . . . . . . . .
Page 23 and 24: VLANs and Port Tagging . . . . . .
Page 25 and 26: About this Guide Objectives 1 This
Page 27 and 28: Configuration Fundamentals The FTOS
Page 29 and 30: Figure 2-2. CLI Modes in FTOS EXEC
Page 31 and 32: Table 2-1. FTOS Command Modes (cont
Page 33 and 34: Obtaining Help Obtain a list of key
Page 35 and 36: Filtering show Command Outputs Filt
Page 37 and 38: Getting Started This chapter contai
Page 39 and 40: Configure a Host Name The host name
Page 41 and 42: To configure a username and passwor
Page 43 and 44: Important Points to Remember • Yo
Page 45 and 46: The output of the command dir also
Page 47 and 48: Figure 3-7. Alternative Storage Loc
Page 49 and 50: Management Management is supported
Page 51 and 52: The following table lists the confi
Page 53 and 54: Apply a Privilege Level to a Userna
Page 55 and 56: Send System Messages to a Syslog Se
Page 57 and 58:
show logging Command FTOS#show logg
Page 59 and 60:
Synchronize log messages You can co
Page 61 and 62:
Enable FTP server To enable the sys
Page 63 and 64:
To apply an IP ACL to a line: Task
Page 65 and 66:
To change the timeout period or dis
Page 67 and 68:
Viewing the Configuration Lock Stat
Page 69 and 70:
Recovering from a Forgotten Enable
Page 71 and 72:
802.1X 802.1X is supported on platf
Page 73 and 74:
3. The authenticator decapsulates t
Page 75 and 76:
Configuring 802.1X Configuring 802.
Page 77 and 78:
View 802.1X configuration informati
Page 79 and 80:
Figure 5-7. Configuring a Request I
Page 81 and 82:
Figure 5-9. Configuring a Reauthent
Page 83 and 84:
Figure 5-11. Dynamic VLAN Assignmen
Page 85 and 86:
Figure 5-13. Configuring an Authent
Page 87 and 88:
Access Control Lists (ACLs) The Acc
Page 89 and 90:
CAM optimization is supported on pl
Page 91 and 92:
V Implementing ACLs on FTOS One IP
Page 93 and 94:
• Loopback interfaces do not supp
Page 95 and 96:
Step Command Syntax Command Mode Pu
Page 97 and 98:
Configure an extended IP ACL Extend
Page 99 and 100:
Configure filters without sequence
Page 101 and 102:
The same ACL may be applied to diff
Page 103 and 104:
Configuring Egress ACLs Egress ACLs
Page 105 and 106:
Loopback interfaces do not support
Page 107 and 108:
Configuration Task List for Prefix
Page 109 and 110:
To delete a filter, enter the show
Page 111 and 112:
Figure 6-18. Command Example: show
Page 113 and 114:
Figure 6-20. Resequencing Remarks F
Page 115 and 116:
Page 117 and 118:
Also, if there are different instan
Page 119 and 120:
Command Syntax Command Mode Purpose
Page 121 and 122:
Bidirectional Forwarding Detection
Page 123 and 124:
Figure 7-1. BFD in IPv4 Packet Form
Page 125 and 126:
• Active—The active system init
Page 127 and 128:
Figure 7-3. BFD State Machine Down
Page 129 and 130:
Establishing a session on physical
Page 131 and 132:
Figure 7-8. Changing Session Parame
Page 133 and 134:
To establish a BFD session: Step Ta
Page 135 and 136:
Figure 7-11. Establishing Sessions
Page 137 and 138:
Disabling BFD for OSPF If BFD is di
Page 139 and 140:
Figure 7-14. Viewing Established Se
Page 141 and 142:
For example, the following illustra
Page 143 and 144:
To remove the disabled state of a B
Page 145 and 146:
Figure 7-18. Verifying BFD Sessions
Page 147 and 148:
Figure 7-21. Displaying Routing Ses
Page 149 and 150:
To establish sessions with all VRRP
Page 151 and 152:
To disable all VRRP sessions on an
Page 153 and 154:
Changing session parameters BFD ses
Page 155 and 156:
Figure 7-28. Viewing Established Se
Page 157 and 158:
Border Gateway Protocol Platforms s
Page 159 and 160:
A stub AS is one that is connected
Page 161 and 162:
In order to make decisions in its o
Page 163 and 164:
BGP Attributes Syste Routes learned
Page 165 and 166:
• AS_CONFED_SEQUENCE has a path l
Page 167 and 168:
Multi-Exit Discriminators (MEDs) If
Page 169 and 170:
Figure 8-8. AS Path attribute repor
Page 171 and 172:
Table 8-1 gives some examples of th
Page 173 and 174:
Figure 8-9. Dynamic changes of the
Page 175 and 176:
Figure 8-11. Local-AS Scenario AS 1
Page 177 and 178:
• The f10BgpM2[Cfg]PeerReflectorC
Page 179 and 180:
Configuration Task List for BGP The
Page 181 and 182:
Page 183 and 184:
Figure 8-14. Command example: show
Page 185 and 186:
Only one form of AS Number Represen
Page 187 and 188:
Page 189 and 190:
Page 191 and 192:
Page 193 and 194:
Use these commands in the following
Page 195 and 196:
Figure 8-25. Allowas-in information
Page 197 and 198:
Page 199 and 200:
Figure 8-27. Filtering with Regular
Page 201 and 202:
Page 203 and 204:
To view the configuration, use the
Page 205 and 206:
Page 207 and 208:
Change MED attribute By default, FT
Page 209 and 210:
Use the show config command in CONF
Page 211 and 212:
Use these commands in the following
Page 213 and 214:
Aggregate routes FTOS provides mult
Page 215 and 216:
When dampening is applied to a rout
Page 217 and 218:
To view which routes are dampened (
Page 219 and 220:
Use the clear ip bgp command in EXE
Page 221 and 222:
MBGP Configuration MBGP for IPv6 un
Page 223 and 224:
Use no debug ip bgp to disable all
Page 225 and 226:
• New PDU are captured and there
Page 227 and 228:
Figure 8-38. Enable BGP - Router 1
Page 229 and 230:
Figure 8-40. Enable BGP - Router 3
Page 231 and 232:
Figure 8-42. Enable Peer Groups - R
Page 233 and 234:
Figure 8-44. Enable Peer Group - Ro
Page 235 and 236:
Bare Metal Provisioning 2.0 (BMP 2.
Page 237 and 238:
To reconfigure a switch to reload b
Page 239 and 240:
Update the following parameters on
Page 241 and 242:
If a DHCP offer has neither an imag
Page 243 and 244:
Content Addressable Memory (CAM) Co
Page 245 and 246:
Table 10-1. CAM Profile Description
Page 247 and 248:
When budgeting your CAM allocations
Page 249 and 250:
Figure 10-2. EH Line Card with EG C
Page 251 and 252:
• L3 ACL (ipv4acl): 6 • L2 ACL(
Page 253 and 254:
The command show running-config cam
Page 255 and 256:
Figure 10-7. Viewing CAM Usage Info
Page 257 and 258:
Figure 10-8. Configuring IPv4Flow o
Page 259 and 260:
Figure 10-9. Configuring Ingress La
Page 261 and 262:
• If the packet has more than 5 M
Page 263 and 264:
Control Plane Policing (CoPP) Contr
Page 265 and 266:
The CoPP policies are configured by
Page 267 and 268:
Match QoS Class Map to QoS Policy F
Page 269 and 270:
Use the show ip protocol-queue-mapp
Page 271 and 272:
12 Dynamic Host Configuration Proto
Page 273 and 274:
Assigning an IP Address using DHCP
Page 275 and 276:
The key responsibilities of DHCP se
Page 277 and 278:
Specify an Address Lease Time Task
Page 279 and 280:
To create a manual binding: Step Ta
Page 281 and 282:
You can configure an interface on t
Page 283 and 284:
The server echoes the option back t
Page 285 and 286:
View the DHACP Snooping statistics
Page 287 and 288:
• denial of service—an attacker
Page 289 and 290:
DHCP MAC Source Address Validation
Page 291 and 292:
Equal Cost Multi-Path (ECMP) Equal
Page 293 and 294:
FTOS provides a CLI-based solution
Page 295 and 296:
Use the ip ecmp-group path-fallback
Page 297 and 298:
Force10 Resilient Ring Protocol (FR
Page 299 and 300:
If the Master node does not receive
Page 301 and 302:
• Multiple physical rings can be
Page 303 and 304:
• The Control VLAN is used to car
Page 305 and 306:
Page 307 and 308:
Clear FRRP counters Use one of the
Page 309 and 310:
R1 MASTER Figure 14-3. Basic Topolo
Page 311 and 312:
GARP VLAN Registration Protocol (GV
Page 313 and 314:
Figure 15-2. GVRP Configuration Ove
Page 315 and 316:
Based on the configuration in the e
Page 317 and 318:
Internet Group Management Protocol
Page 319 and 320:
Sending an Unsolicited IGMP Report
Page 321 and 322:
Figure 16-4. IGMP Membership Report
Page 323 and 324:
Figure 16-6. Viewing IGMP-enabled I
Page 325 and 326:
2. When a router receives a query i
Page 327 and 328:
Figure 16-10. Enabling IGMP Snoopin
Page 329 and 330:
Interfaces 17 This chapter describe
Page 331 and 332:
Figure 17-1. show interfaces Comman
Page 333 and 334:
To confirm that the interface is en
Page 335 and 336:
For information on enabling and con
Page 337 and 338:
To configure a Management interface
Page 339 and 340:
VLAN Interfaces VLANs are logical i
Page 341 and 342:
Port Channel Interfaces Port channe
Page 343 and 344:
For example, if four interfaces (Gi
Page 345 and 346:
Figure 17-10. show interfaces port-
Page 347 and 348:
Figure 17-13. Command Example from
Page 349 and 350:
Load balancing through port channel
Page 351 and 352:
IPv4, IPv6, and non-IP traffic hand
Page 353 and 354:
• lsb — always uses the least s
Page 355 and 356:
Overlap port ranges If overlapping
Page 357 and 358:
Monitor and Maintain Interfaces Mon
Page 359 and 360:
To test the condition of cables on
Page 361 and 362:
Assign a debounce time to an interf
Page 363 and 364:
Figure 17-27. Configuring Link Damp
Page 365 and 366:
The PAUSE frame is defined by IEEE
Page 367 and 368:
Configure MTU Size on an Interface
Page 369 and 370:
Auto-Negotiation on Ethernet Interf
Page 371 and 372:
Figure 17-33. Setting Auto-Negotiat
Page 373 and 374:
Figure 17-36. Configuring Rate Inte
Page 375 and 376:
Clear interface counters The counte
Page 377 and 378:
IPv4 Routing IPv4 Routing is suppor
Page 379 and 380:
To assign an IP address to an inter
Page 381 and 382:
Figure 18-3. show ip route static C
Page 383 and 384:
Page 385 and 386:
ARP FTOS uses two forms of address
Page 387 and 388:
Page 389 and 390:
Configurable ARP Retries ICMP In FT
Page 391 and 392:
2. Configure a broadcast address on
Page 393 and 394:
2. If UDP helper (using the command
Page 395 and 396:
Troubleshooting UDP Helper Display
Page 397 and 398:
IPv6 Routing IPv6 Routing is suppor
Page 399 and 400:
• Traffic Class (8 bits) • Flow
Page 401 and 402:
Hop Limit (8 bits) The Hop Limit fi
Page 403 and 404:
• 2001:0db8::1428:57ab • 2001:d
Page 405 and 406:
Table 19-2. FTOS and IPv6 Feature S
Page 407 and 408:
Path MTU Discovery IPv6 MTU Discove
Page 409 and 410:
QoS for IPv6 IPv6 QoS is supported
Page 411 and 412:
Page 413 and 414:
Assign a Static IPv6 Route IPv6 Sta
Page 415 and 416:
Show IPv6 Information All of the fo
Page 417 and 418:
Page 419 and 420:
Show the Running-Configuration for
Page 421 and 422:
Link Aggregation Control Protocol (
Page 423 and 424:
LACP Configuration Commands If aggr
Page 425 and 426:
To configure the LACP long timeout
Page 427 and 428:
In Figure 20-6, LAGs 1 and 2 have b
Page 429 and 430:
Figure 20-10. Enabling Hitless LACP
Page 431 and 432:
Figure 20-14. Inspecting Configurat
Page 433 and 434:
Summary of the configuration on ALP
Page 435 and 436:
Figure 20-18. Using the show interf
Page 437 and 438:
Figure 20-20. Using the show lacp C
Page 439 and 440:
Layer 2 Layer 2 features are suppor
Page 441 and 442:
Display the MAC Address Table To di
Page 443 and 444:
mac learning-limit mac-address-stic
Page 445 and 446:
Station Move Violation Actions Stat
Page 447 and 448:
Task Command Syntax Command Mode FT
Page 449 and 450:
Microsoft Clustering Microsoft Clus
Page 451 and 452:
Enable and Disable VLAN Flooding
Page 453 and 454:
Important Points about Configuring
Page 455 and 456:
Conversely, if you want all multica
Page 457 and 458:
1. An interface on which FEFD is no
Page 459 and 460:
Step Task Command Syntax Command Mo
Page 461 and 462:
Link Layer Discovery Protocol (LLDP
Page 463 and 464:
Management TLVs A Management TLV is
Page 465 and 466:
TIA Organizationally Specific TLVs
Page 467 and 468:
LLDP-MED Network Policies TLV A net
Page 469 and 470:
• Viewing Information Advertised
Page 471 and 472:
If LLDP is configured both globally
Page 473 and 474:
Figure 22-12. Viewing All Informati
Page 475 and 476:
Figure 22-14. Configuring LLDPDU Tr
Page 477 and 478:
Figure 22-17. Relevant Management O
Page 479 and 480:
Table 22-8. LLDP System MIB Objects
Page 481 and 482:
Table 22-10. LLDP-MED System MIB Ob
Page 483 and 484:
Multicast Source Discovery Protocol
Page 485 and 486:
Anycast RP Using Multicast Source D
Page 487 and 488:
Figure 23-3. Configuring Interfaces
Page 489 and 490:
Figure 23-5. Configuring PIM in Mul
Page 491 and 492:
Enable MSDP Enable MSDP by peering
Page 493 and 494:
Enable the Rejected Source-active C
Page 495 and 496:
Task Command Syntax Command Mode Sp
Page 497 and 498:
Prevent MSDP from Caching a Remote
Page 499 and 500:
Log Changes in Peership States Task
Page 501 and 502:
Debug MSDP Task Command Syntax Comm
Page 503 and 504:
Reducing Source-active Message Floo
Page 505 and 506:
Figure 23-20. R2 Configuration for
Page 507 and 508:
MSDP Sample Configurations The foll
Page 509 and 510:
Figure 23-24. MSDP Sample Configura
Page 511 and 512:
Multiple Spanning Tree Protocol (MS
Page 513 and 514:
• Preventing Network Disruptions
Page 515 and 516:
Influence MSTP Root Selection MSTP
Page 517 and 518:
Task Command Syntax Command Mode Ch
Page 519 and 520:
Verify that EdgePort is enabled on
Page 521 and 522:
Figure 24-11. Router 2 Running-conf
Page 523 and 524:
Figure 24-13. SFTOS Example Running
Page 525 and 526:
Figure 24-15. Sample Output for sho
Page 527 and 528:
Multicast Features Multicast Featur
Page 529 and 530:
As the upper five bits of an IP Mul
Page 531 and 532:
Note: The IN-L3-McastFib CAM partit
Page 533 and 534:
Rate Limit IGMP Join Requests If yo
Page 535 and 536:
Prevent a PIM Router from Processin
Page 537 and 538:
Multicast Traceroute Multicast Trac
Page 539 and 540:
Open Shortest Path First (OSPFv2) O
Page 541 and 542:
Area Types The Backbone of the netw
Page 543 and 544:
Area Border Router (ABR) Within an
Page 545 and 546:
• 3: connection to a stub network
Page 547 and 548:
• Opaque Link-local (type 9) Fast
Page 549 and 550:
OSPF ACK Packing The OSPF ACK Packi
Page 551 and 552:
If implementing, Multi-Process OSPF
Page 553 and 554:
Message 4 Once the OSPF process and
Page 555 and 556:
Page 557 and 558:
Configure LSA throttling timers Con
Page 559 and 560:
Page 561 and 562:
Use any or all of the following com
Page 563 and 564:
• transmit-delay: LSA transmissio
Page 565 and 566:
Redistribute routes You can add rou
Page 567 and 568:
Page 569 and 570:
Figure 26-20. Basic topology and CL
Page 571 and 572:
PIM Sparse-Mode (PIM-SM) PIM Sparse
Page 573 and 574:
1. The source gateway router (first
Page 575 and 576:
Figure 27-3. Viewing the PIM Multic
Page 577 and 578:
Override Bootstrap Router Updates P
Page 579 and 580:
• restart-time is the time requir
Page 581 and 582:
PIM Source-Specific Mode (PIM-SSM)
Page 583 and 584:
Implementation Information • The
Page 585 and 586:
• When an extended ACL is associa
Page 587 and 588:
Figure 28-4. Configuring PIM-SSM wi
Page 589 and 590:
Port Monitoring Port Monitoring is
Page 591 and 592:
On the E-Series TeraScale, FTOS sup
Page 593 and 594:
Figure 29-4. Number of Monitoring P
Page 595 and 596:
Figure 29-7. Port Monitoring Exampl
Page 597 and 598:
Private VLANs 30 FTOS 7.8.1.0 adds
Page 599 and 600:
Each of the port types can be any t
Page 601 and 602:
Creating a Primary VLAN A primary V
Page 603 and 604:
Figure 30-2. Configuring VLANs for
Page 605 and 606:
• show vlan private-vlan mapping:
Page 607 and 608:
Per-VLAN Spanning Tree Plus (PVST+)
Page 609 and 610:
• PVST+ in Multi-vendor Networks
Page 611 and 612:
Figure 31-4. Display the PVST+ Forw
Page 613 and 614:
Task Command Syntax Command Mode Ch
Page 615 and 616:
Figure 31-5. PVST+ with Extend Syst
Page 617 and 618:
Figure 31-7. PVST+ Sample Configura
Page 619 and 620:
Quality of Service (QoS) Quality of
Page 621 and 622:
Figure 32-1. Dell Force10 Networks
Page 623 and 624:
On the C-Series and S-Series you ca
Page 625 and 626:
Figure 32-7. Displaying How Your Ra
Page 627 and 628:
Figure 32-10. Using the Order Keywo
Page 629 and 630:
FTOS Behavior: An explicit “deny
Page 631 and 632:
Figure 32-12. Marking DSCP Values f
Page 633 and 634:
Create Input Policy Maps There are
Page 635 and 636:
By default, if no match occurs, the
Page 637 and 638:
Apply an output QoS policy to a que
Page 639 and 640:
You can create a custom WRED profil
Page 641 and 642:
Figure 32-16. show qos statistics C
Page 643 and 644:
• Exception indicates that the nu
Page 645 and 646:
Routing Information Protocol (RIP)
Page 647 and 648:
Configuration Task List for RIP •
Page 649 and 650:
Control RIP routing updates By defa
Page 651 and 652:
Figure 33-3 shows an example of the
Page 653 and 654:
If you must perform routing between
Page 655 and 656:
Configuring RIPv2 on Core 2 Figure
Page 657 and 658:
RIP Configuration on Core 3 Figure
Page 659 and 660:
RIP Configuration Summary Figure 33
Page 661 and 662:
Remote Monitoring (RMON) Remote Mon
Page 663 and 664:
Set rmon alarm To set an alarm on a
Page 665 and 666:
Figure 34-2. rmon event Command Exa
Page 667 and 668:
Rapid Spanning Tree Protocol (RSTP)
Page 669 and 670:
Figure 35-1. Configuring Interfaces
Page 671 and 672:
Figure 35-4. Rapid Spanning Tree En
Page 673 and 674:
Figure 35-6. show spanning-tree rst
Page 675 and 676:
To change the port cost or priority
Page 677 and 678:
Figure 35-8. bridge-priority Comman
Page 679 and 680:
Security Security features are supp
Page 681 and 682:
Suppress AAA Accounting for null us
Page 683 and 684:
Configure login authentication for
Page 685 and 686:
To get enable authentication from t
Page 687 and 688:
To configure a username and passwor
Page 689 and 690:
Page 691 and 692:
Enable and disabling privilege leve
Page 693 and 694:
RADIUS exec-authorization stores a
Page 695 and 696:
Apply the method list to terminal l
Page 697 and 698:
Monitor RADIUS To view information
Page 699 and 700:
Figure 36-4. Failed Authentication
Page 701 and 702:
To delete a TACACS+ server host, us
Page 703 and 704:
Figure 36-6. Specifying an SSH vers
Page 705 and 706:
Figure 36-8. Enabling SSH Password
Page 707 and 708:
Figure 36-12. Client-based SSH Auth
Page 709 and 710:
Since traffic passes through the fi
Page 711 and 712:
Figure 36-13. Trace list Using seq
Page 713 and 714:
Figure 36-14. Trace List Example FT
Page 715 and 716:
Figure 36-16. Example Access-Class
Page 717 and 718:
Service Provider Bridging Service P
Page 719 and 720:
Create Access and Trunk Ports An ac
Page 721 and 722:
Step Task Command Syntax Command Mo
Page 723 and 724:
Figure 37-6. TPID Match and First-b
Page 725 and 726:
Figure 37-8. First-byte TPID Match
Page 727 and 728:
Figure 37-10. Single and Double-tag
Page 729 and 730:
Enable Drop Eligibility You must en
Page 731 and 732:
Figure 37-12. Statically and Dynami
Page 733 and 734:
To map C-Tag dot1p values to S-Tag
Page 735 and 736:
Figure 37-14. VLAN Stacking with L2
Page 737 and 738:
There are total 13 user-configurabl
Page 739 and 740:
sFlow Configuring sFlow is supporte
Page 741 and 742:
• FTOS exports all sFlow packets
Page 743 and 744:
Page 745 and 746:
The sflow sample-rate command, when
Page 747 and 748:
Figure 38-6. Confirming that Extend
Page 749 and 750:
39 Simple Network Management Protoc
Page 751 and 752:
View your SNMP configuration, using
Page 753 and 754:
To configure system contact and loc
Page 755 and 756:
Table 39-2. Dell Force10 Enterprise
Page 757 and 758:
The relevant MIBs for these functio
Page 759 and 760:
Table 39-4. Copying Configuration F
Page 761 and 762:
Dell Force10 provides additional MI
Page 763 and 764:
Figure 39-16. Assign a VLAN Alias u
Page 765 and 766:
The value 40 is in the first set of
Page 767 and 768:
Enable and Disable a Port using SNM
Page 769 and 770:
Figure 39-25. Display the Interface
Page 771 and 772:
Storm Control Storm Control is supp
Page 773 and 774:
Spanning Tree Protocol (STP) Spanni
Page 775 and 776:
Configuring Interfaces for Layer 2
Page 777 and 778:
Figure 41-4. Spanning Tree Enabled
Page 779 and 780:
Modifying Global Parameters You can
Page 781 and 782:
To enable PortFast on an interface:
Page 783 and 784:
Figure 41-8. Enabling BPDU Guard 3/
Page 785 and 786:
System Time and Date System Time an
Page 787 and 788:
Figure 42-1. NTP Fields Leap Indica
Page 789 and 790:
Set the Hardware Clock with the Tim
Page 791 and 792:
To configure NTP authentication, us
Page 793 and 794:
• Root Delay (sys.rootdelay, peer
Page 795 and 796:
The software clock runs only when t
Page 797 and 798:
Set Daylight Saving Time Once Set a
Page 799 and 800:
Page 801 and 802:
Upgrade Procedures Find the upgrade
Page 803 and 804:
Virtual LANs (VLAN) Virtual LANs (V
Page 805 and 806:
Untagged interfaces must be part of
Page 807 and 808:
Use the show vlan command (Figure 4
Page 809 and 810:
Use the untagged command to move un
Page 811 and 812:
Native VLANs Traditionally, ports c
Page 813 and 814:
Virtual Router Redundancy Protocol
Page 815 and 816:
VRRP Benefits With VRRP configured
Page 817 and 818:
Create a Virtual Router To enable V
Page 819 and 820:
Figure 45-5. Command Example Displa
Page 821 and 822:
Configure VRRP Authentication Simpl
Page 823 and 824:
Change that advertisement interval
Page 825 and 826:
Task Command Syntax Command Mode Se
Page 827 and 828:
Figure 45-18. VRRP Topography Illus
Page 829 and 830:
Z-Series Debugging and Diagnostics
Page 831 and 832:
Figure 46-2. Verifying the Offline/
Page 833 and 834:
Figure 46-4. Verifying the Offline/
Page 835 and 836:
Figure 46-7. show diag stack-unit c
Page 837 and 838:
Table 46-2. show hardware Commands
Page 839 and 840:
Table 46-3. Cross-reference of inte
Page 841 and 842:
Recognize an under-voltage conditio
Page 843 and 844:
You can configure dynamic buffers p
Page 845 and 846:
Display the allocations for any buf
Page 847 and 848:
Figure 46-13. Single Queue Applicat
Page 849 and 850:
Figure 46-16. Displaying Dataplane
Page 851 and 852:
Application core dumps Application
Page 853 and 854:
Task Command Syntax Command Mode En
Page 855 and 856:
Standards Compliance This appendix
Page 857 and 858:
General IPv4 Protocols RFC# Full Na
Page 859 and 860:
Open Shortest Path First (OSPF) RFC
Page 861 and 862:
5036 LDP Specification 8.3.1 5063 E
Page 863 and 864:
Network Management (continued) RFC#
Page 865 and 866:
FORCE10-CHAS SIS-MIB FORCE10-COPY -
Page 867 and 868:
Index Port Mirroring. See Port Moni
Page 869 and 870:
Force 10 Resilient Ring Protocol 29
Page 871 and 872:
maximum size 364 link MTU configuri
Page 873 and 874:
show ip route command 655, 657 show
show all

FTOS Configuration Guide for Z9000 System - Force10 Networks

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?