White Papers
Table Of Contents
- Dell 9.13.0.0 Configuration Guide for the S5000 Switch
- About this Guide
- Configuration Fundamentals
- Getting Started
- Accessing Ports
- Accessing the RJ-45/RS-232 Console Port
- Pin Assignments
- Accessing the CLI Interface and Running Scripts Using SSH
- Default Configuration
- Accessing the USB-B Console Port
- Booting Process
- Enter the Initial Configuration Information
- Configuring the Enable Password
- Configuring a Host Name
- Navigating CLI Modes
- Default Configuration
- Configuring Layer 2 (Data Link) Mode
- Accessing the System Remotely
- Configure the Management Port IP Address
- Configure a Management Route
- Configuring a Username and Password
- Creating a Port-based VLAN
- Assigning Interfaces to a VLAN
- Assigning an IP Address to a VLAN
- Connect the S5000 to the Network
- Configure File Management
- Copying Files to and from the System
- Mounting an NFS File System
- Saving the Running-Configuration
- Viewing Files
- View Configuration Files
- Compressing Configuration Files
- Managing the File System
- Enabling Software Features on Devices Using a Command Option
- View Command History
- Upgrading and Downgrading Dell Networking OS
- Verify Software Images Before Installation
- Using HTTP for File Transfers
- Switch Management
- Configuring Privilege Levels
- Removing a Command from EXEC Mode
- Moving a Command from EXEC Privilege Mode to EXEC Mode
- Allowing Access to CONFIGURATION Mode Commands
- Allowing Access to the Following Modes
- Applying a Privilege Level to a Username
- Applying a Privilege Level to a Terminal Line
- Configuring Logging
- Log Messages in the Internal Buffer
- Configuring a UNIX System as a Syslog Server
- Track Login Activity
- Limit Concurrent Login Sessions
- Enabling Secured CLI Mode
- Changing System Logging Settings
- Display the Logging Buffer and the Logging Configuration
- Configuring a UNIX Logging Facility Level
- Synchronizing Log Messages
- Enabling Timestamp on Syslog Messages
- File Transfer Services
- Terminal Lines
- Configuring Login Authentication for Terminal Lines
- Setting Time Out of EXEC Privilege Mode
- Using Telnet to get to Another Network Device
- Lock CONFIGURATION Mode
- View the Configuration Lock Status
- Recovering from a Forgotten Password
- Recovering from a Forgotten Enable Password
- Recovering from a Failed Start
- Viewing the Reason for Last System Reboot
- 802.1X
- The Port-Authentication Process
- EAP over RADIUS
- Configuring 802.1X
- Enabling 802.1X
- Configuring MAC addresses for a do1x Profile
- Configuring Request Identity Re-Transmissions
- Configuring a Quiet Period after a Failed Authentication
- Forcibly Authorizing or Unauthorizing a Port
- Re-Authenticating a Port
- Configuring Timeouts
- Configuring Dynamic VLAN Assignment with Port Authentication
- Guest and Authentication-Fail VLANs
- Configuring dot1x Profile
- Configuring the Static MAB and MAB Profile
- Configuring Critical VLAN
- Access Control List (ACL) VLAN Groups and Content Addressable Memory (CAM)
- Access Control Lists (ACLs)
- IP Access Control Lists (ACLs)
- CAM Allocation and CAM Optimization
- Implementing ACLs on Dell Networking OS
- IP Fragment Handling
- Configure a Standard IP ACL
- Configure an Extended IP ACL
- Established Flag
- Configure Layer 2 and Layer 3 ACLs
- Assign an IP ACL to an Interface
- Configure Ingress ACLs
- Configure Egress ACLs
- Configure ACLs to Loopback
- Applying an ACL on Loopback Interfaces
- IP Prefix Lists
- Creating a Prefix List
- ACL Resequencing
- Route Maps
- Bidirectional Forwarding Detection (BFD)
- How BFD Works
- BFD Packet Format
- BFD Sessions
- BFD Three-Way Handshake
- Session State Changes
- Configure BFD
- Border Gateway Protocol IPv4 (BGPv4)
- Autonomous Systems (AS)
- Sessions and Peers
- Route Reflectors
- Communities
- BGP Attributes
- Weight
- Local Preference
- Origin
- AS Path
- Next Hop
- Multiprotocol BGP
- Implement BGP with Dell Networking OS
- AS Number Migration
- BGP4 Management Information Base (MIB)
- Configuration Information
- Enabling BGP
- Configuring AS4 Number Representations
- Configuring Peer Groups
- Configuring BGP Fast Fall-Over
- Configuring Passive Peering
- Maintaining Existing AS Numbers During an AS Migration
- Allowing an AS Number to Appear in its Own AS Path
- Enabling Graceful Restart
- Enabling Neighbor Graceful Restart
- Filtering on an AS-Path Attribute
- Filtering BGP Routes Using AS-PATH Information
- Redistributing Routes
- Enabling Additional Paths
- Configuring IP Community Lists
- Filtering Routes with Community Lists
- Manipulating the COMMUNITY Attribute
- Changing MED Attributes
- Changing the LOCAL_PREFERENCE Attribute
- Configuring the local System or a Different System to be the Next Hop for BGP-Learned Routes
- Changing the WEIGHT Attribute
- Enabling Multipath
- Filtering BGP Routes Using Route Maps
- Filtering BGP Routes Using AS-PATH Information
- Filtering BGP Routes
- Configuring BGP Route Reflectors
- Aggregating Routes
- Configuring BGP Confederations
- Enabling Route Flap Dampening
- Changing BGP Timers
- Enabling BGP Neighbor Soft-Reconfiguration
- Enabling or disabling BGP neighbors
- Route Map Continue
- Enabling MBGP Configurations
- BGP Regular Expression Optimization
- Debugging BGP
- Sample Configurations
- Bare Metal Provisioning (BMP)
- Content Addressable Memory (CAM)
- Control Plane Policing (CoPP)
- Data Center Bridging (DCB)
- Ethernet Enhancements in Data Center Bridging
- Enabling Data Center Bridging
- Data Center Bridging: Default Configuration
- Configuring Priority-Based Flow Control
- Configuring PFC in a DCB Map
- Applying a DCB Map on a Port
- Configuring PFC without a DCB Map
- Priority-Based Flow Control Using Dynamic Buffer Method
- Behavior of Tagged Packets
- Configuration Example for DSCP and PFC Priorities
- Using PFC to Manage Converged Ethernet Traffic
- Configure Enhanced Transmission Selection
- Hierarchical Scheduling in ETS Output Policies
- Using ETS to Manage Converged Ethernet Traffic
- Applying DCB Policies in a Switch Stack
- Configure a DCBx Operation
- Verifying the DCB Configuration
- Sample DCB Configuration
- QoS dot1p Traffic Classification and Queue Assignment
- Configuring the Dynamic Buffer Method
- Dynamic Host Configuration Protocol (DHCP)
- DHCP Packet Format and Options
- Assign an IP Address using DHCP
- Implementation Information
- Configuration Tasks
- Configure the System to be a DHCP Server
- Configure the System to be a Relay Agent
- Configure the System for User Port Stacking
- Configure Secure DHCP
- Viewing the Number of SAV Dropped Packets
- Clearing the Number of SAV Dropped Packets
- Equal Cost Multi-Path (ECMP)
- Fabric Services
- FCoE Transit
- Fibre Channel over Ethernet
- Ensure Robustness in a Converged Ethernet Network
- FIP Snooping on Ethernet Bridges
- FIP Snooping in a Switch Stack
- Using FIP Snooping
- Enable the FCoE Transit Feature
- FIP Snooping Prerequisites
- Important Points to Remember
- Enabling the FCoE Transit Feature
- Enable FIP Snooping on VLANs
- Configure the FC-MAP Value
- Configure a Port for a Bridge-to-Bridge Link
- Configure a Port for a Bridge-to-FCF Link
- Impact on Other Software Features
- FIP Snooping on an NPIV Proxy Gateway
- FIP Snooping in an S5000 Stack
- Impact on Other Software Features
- FIP Snooping Restrictions
- Configuring FIP Snooping
- Displaying FIP Snooping Information
- FCoE Transit Configuration Example
- FIPS Cryptography
- Fibre Channel Interface
- Force10 Resilient Ring Protocol (FRRP)
- GARP VLAN Registration Protocol (GVRP)
- High Availability (HA)
- Internet Group Management Protocol (IGMP)
- IGMP Protocol Overview
- Configure IGMP
- Viewing IGMP Enabled Interfaces
- Selecting an IGMP Version
- Viewing IGMP Groups
- Adjusting Timers
- Enabling IGMP Immediate-Leave
- IGMP Snooping
- Fast Convergence after MSTP Topology Changes
- Egress Interface Selection (EIS) for HTTP and IGMP Applications
- Designating a Multicast Router Interface
- Interfaces
- Interface Types
- View Basic Interface Information
- Resetting an Interface to its Factory Default State
- Enabling Energy Efficient Ethernet
- View EEE Information
- Clear EEE Counters
- Enabling a Physical Interface
- Physical Interfaces
- Egress Interface Selection (EIS)
- Management Interfaces
- VLAN Interfaces
- Loopback Interfaces
- Null Interfaces
- Port Channel Interfaces
- Port Channel Definition and Standards
- Port Channel Benefits
- Port Channel Implementation
- Interfaces in Port Channels
- Configuration Tasks for Port Channel Interfaces
- Creating a Port Channel
- Adding a Physical Interface to a Port Channel
- Reassigning an Interface to a New Port Channel
- Configuring the Minimum Oper Up Links in a Port Channel
- Adding or Removing a Port Channel from a VLAN
- Assigning an IP Address to a Port Channel
- Deleting or Disabling a Port Channel
- Load Balancing Through Port Channels
- Changing the Hash Algorithm
- Bulk Configuration
- Defining Interface Range Macros
- Monitoring and Maintaining Interfaces
- Non Dell-Qualified Transceivers
- Splitting QSFP Ports to SFP+ Ports
- Converting a QSFP or QSFP+ Port to an SFP or SFP+ Port
- Configuring wavelength for 10–Gigabit SFP+ optics
- Link Dampening
- Link Bundle Monitoring
- Using Ethernet Pause Frames for Flow Control
- Configure the MTU Size on an Interface
- Port-Pipes
- Auto-Negotiation on Ethernet Interfaces
- View Advanced Interface Information
- Configuring the Traffic Sampling Size Globally
- Dynamic Counters
- Internet Protocol Security (IPSec)
- IPv4 Routing
- IP Addresses
- Configuration Tasks for IP Addresses
- Assigning IP Addresses to an Interface
- Configuring Static Routes
- Configure Static Routes for the Management Interface
- IPv4 Path MTU Discovery Overview
- Using the Configured Source IP Address in ICMP Messages
- Configuring the Duration to Establish a TCP Connection
- Enabling Directed Broadcast
- Resolution of Host Names
- Enabling Dynamic Resolution of Host Names
- Specifying the Local System Domain and a List of Domains
- Configuring DNS with Traceroute
- ARP
- Configuration Tasks for ARP
- Configuring Static ARP Entries
- Enabling Proxy ARP
- Clearing ARP Cache
- ARP Learning via Gratuitous ARP
- Enabling ARP Learning via Gratuitous ARP
- ARP Learning via ARP Request
- Configuring ARP Retries
- ICMP
- Configuration Tasks for ICMP
- Enabling ICMP Unreachable Messages
- UDP Helper
- Enabling UDP Helper
- Configuring a Broadcast Address
- Configurations Using UDP Helper
- UDP Helper with Broadcast-All Addresses
- UDP Helper with Subnet Broadcast Addresses
- UDP Helper with Configured Broadcast Addresses
- UDP Helper with No Configured Broadcast Addresses
- Troubleshooting UDP Helper
- IPv6 Routing
- Protocol Overview
- Implementing IPv6 with Dell Networking OS
- Configuration Tasks for IPv6
- Adjusting Your CAM-Profile
- Assigning an IPv6 Address to an Interface
- Assigning a Static IPv6 Route
- Configuring Telnet with IPv6
- SNMP over IPv6
- Showing IPv6 Information
- Showing an IPv6 Interface
- Showing IPv6 Routes
- Showing the Running-Configuration for an Interface
- Clearing IPv6 Routes
- Disabling ND Entry Timeout
- Configuring IPv6 RA Guard
- iSCSI Optimization
- Intermediate System to Intermediate System
- Link Aggregation Control Protocol (LACP)
- Layer 2
- Link Layer Discovery Protocol (LLDP)
- 802.1AB (LLDP) Overview
- Optional TLVs
- Configure LLDP
- Enabling LLDP on Management Ports
- Advertising TLVs
- Storing and Viewing Unrecognized LLDP TLVs
- Viewing the LLDP Configuration
- Viewing Information Advertised by Adjacent LLDP Agents
- Configuring LLDPDU Intervals
- Configuring LLDP Notification Interval
- Configuring Transmit and Receive Mode
- Configuring a Time to Live
- Debugging LLDP
- Relevant Management Objects
- Microsoft Network Load Balancing
- Multicast Source Discovery Protocol (MSDP)
- Anycast RP
- Implementation Information
- Configure Multicast Source Discovery Protocol
- Related Configuration Tasks
- Enable MSDP
- Manage the Source-Active Cache
- Accept Source-Active Messages that Fail the RFP Check
- Specifying Source-Active Messages
- Limiting the Source-Active Messages from a Peer
- Preventing MSDP from Caching a Local Source
- Preventing MSDP from Caching a Remote Source
- Preventing MSDP from Advertising a Local Source
- Logging Changes in Peership States
- Terminating a Peership
- Clearing Peer Statistics
- Debugging MSDP
- Configuring Anycast RP
- MSDP Sample Configurations
- Multiple Spanning Tree Protocol (MSTP)
- Configure Multiple Spanning Tree Protocol
- Enable Multiple Spanning Tree Globally
- Adding and Removing Interfaces
- Creating Multiple Spanning Tree Instances
- Influencing MSTP Root Selection
- Interoperate with Non-Dell Networking OS Bridges
- Modifying Global Parameters
- Modifying the Interface Parameters
- Configuring an EdgePort
- Configuring Fast Hellos for Link State Detection
- Flush MAC Addresses after a Topology Change
- MSTP Sample Configurations
- Debugging and Verifying MSTP Configurations
- Multicast Features
- NPIV Proxy Gateway
- Object Tracking
- Open Shortest Path First (OSPFv2)
- Protocol Overview
- Implementing OSPF with Dell Networking OS
- Configuration Information
- Configuration Task List for OSPFv2 (OSPF for IPv4)
- Enabling OSPFv2
- Assigning an OSPFv2 Area
- Enable OSPFv2 on Interfaces
- Assigning OSPFv3 Process ID and Router ID to a VRF
- Configuring Stub Areas
- Configuring LSA Throttling Timers
- Enabling Passive Interfaces
- Enabling Fast-Convergence
- Changing OSPFv2 Parameters on Interfaces
- Enabling OSPFv2 Authentication
- Configuring Virtual Links
- Creating Filter Routes
- Redistributing Routes
- Troubleshooting OSPFv2
- Sample Configurations for OSPFv2
- OSPFv3 NSSA
- Configuration Task List for OSPFv3 (OSPF for IPv6)
- Enabling IPv6 Unicast Routing
- Assigning IPv6 Addresses on an Interface
- Assigning Area ID on an Interface
- Assigning OSPFv3 Process ID and Router ID Globally
- Assigning OSPFv3 Process ID and Router ID to a VRF
- Configuring Stub Areas
- Configuring Passive-Interface
- Redistributing Routes
- Configuring a Default Route
- Enabling OSPFv2 Graceful Restart
- OSPFv3 Authentication Using IPsec
- Troubleshooting OSPFv3
- Configuration Task List for OSPFv2 (OSPF for IPv4)
- Configuration Task List for OSPFv3 (OSPF for IPv6)
- Enabling IPv6 Unicast Routing
- Applying cost for OSPFv3
- Assigning IPv6 Addresses on an Interface
- Assigning Area ID on an Interface
- Assigning OSPFv3 Process ID and Router ID Globally
- Assigning OSPFv3 Process ID and Router ID to a VRF
- Configuring Stub Areas
- Configuring Passive-Interface
- Redistributing Routes
- Configuring a Default Route
- Enabling OSPFv3 Graceful Restart
- OSPFv3 Authentication Using IPsec
- Troubleshooting OSPFv3
- Policy-based Routing (PBR)
- PIM Sparse-Mode (PIM-SM)
- PIM Source-Specific Mode (PIM-SSM)
- Port Monitoring
- Private VLANs (PVLAN)
- Per-VLAN Spanning Tree Plus (PVST+)
- Quality of Service (QoS)
- Implementation Information
- Port-Based QoS Configurations
- Policy-Based QoS Configurations
- DSCP Color Maps
- Enabling QoS Rate Adjustment
- Enabling Strict-Priority Queueing
- Weighted Random Early Detection
- Pre-Calculating Available QoS CAM Space
- Configuring Weights and ECN for WRED
- Configuring WRED and ECN Attributes
- Guidelines for Configuring ECN for Classifying and Color-Marking Packets
- Applying Layer 2 Match Criteria on a Layer 3 Interface
- Applying DSCP and VLAN Match Criteria on a Service Queue
- Classifying Incoming Packets Using ECN and Color-Marking
- Guidelines for Configuring ECN for Classifying and Color-Marking Packets
- Sample configuration to mark non-ecn packets as “yellow” with Multiple traffic class
- Sample configuration to mark non-ecn packets as “yellow” with single traffic class
- Enabling Buffer Statistics Tracking
- Routing Information Protocol (RIP)
- Remote Monitoring (RMON)
- Rapid Spanning Tree Protocol (RSTP)
- Software-Defined Networking (SDN)
- Security
- AAA Accounting
- AAA Authentication
- Obscuring Passwords and Keys
- AAA Authorization
- RADIUS
- RADIUS Authentication and Authorization
- Configuration Task List for RADIUS
- TACACS+
- Protection from TCP Tiny and Overlapping Fragment Attacks
- Enabling SCP and SSH
- Using SCP with SSH to Copy a Software Image
- Secure Shell Authentication
- Enabling SSH Authentication by Password
- Using RSA Authentication of SSH
- Configuring Host-Based SSH Authentication
- Using Client-Based SSH Authentication
- Configuring the HMAC Algorithm for the SSH Server
- Configuring the HMAC Algorithm for the SSH Client
- Configuring the SSH Server Cipher List
- Configuring the SSH Client Cipher List
- Troubleshooting SSH
- Telnet
- VTY Line and Access-Class Configuration
- Two Factor Authentication (2FA)
- Configuring the System to Drop Certain ICMP Reply Messages
- Dell EMC Networking OS Security Hardening
- Service Provider Bridging
- sFlow
- Simple Network Management Protocol (SNMP)
- Protocol Overview
- Implementation Information
- Configuration Task List for SNMP
- Set up SNMP
- Reading Managed Object Values
- Writing Managed Object Values
- Configuring Contact and Location Information using SNMP
- Subscribing to Managed Object Value Updates using SNMP
- Enabling a Subset of SNMP Traps
- Enabling an SNMP Agent to Notify Syslog Server Failure
- Copy Configuration Files Using SNMP
- Copying a Configuration File
- Copying Configuration Files via SNMP
- Copying the Startup-Config Files to the Running-Config
- Copying the Startup-Config Files to the Server via FTP
- Copying the Startup-Config Files to the Server via TFTP
- Copy a Binary File to the Startup-Configuration
- Additional MIB Objects to View Copy Statistics
- Obtaining a Value for MIB Objects
- MIB Support to Display Reason for Last System Reboot
- MIB Support for Power Monitoring
- MIB Support to Display the Available Memory Size on Flash
- MIB Support to Display the Software Core Files Generated by the System
- MIB Support to Display the Available Partitions on Flash
- MIB Support to Display Egress Queue Statistics
- MIB Support to ECMP Group Count
- MIB Support for entAliasMappingTable
- MIB Support for LAG
- MIB Support to Display Unrecognized LLDP TLVs
- Manage VLANs using SNMP
- Managing Overload on Startup
- Enabling and Disabling a Port using SNMP
- Fetch Dynamic MAC Entries using SNMP
- Deriving Interface Indices
- Monitoring BGP sessions via SNMP
- Monitor Port-Channels
- Troubleshooting SNMP Operation
- Transceiver Monitoring
- Stacking
- Stacking S5000 Switches
- Configuring an S5000 Switch Stack
- Configuring Stacking Ports and Bringing Up a Stack
- Provisioning a Stack Unit
- Converting Four 10 GbE Ports to 40 GbE Ports for Stacking
- Removing a Stack Group from Stacking Mode
- Remove a Switch from a Stack
- Adding a Stack Unit
- Adding a Standalone Switch to a Stack
- Merging Two Stacks
- Split a Stack
- Managing Redundant Stack Management
- Resetting a Unit on a Stack
- Verify a Stack Configuration
- Troubleshooting a Switch Stack
- Storm Control
- Spanning Tree Protocol (STP)
- Protocol Overview
- Configure Spanning Tree
- Configuring Interfaces for Layer 2 Mode
- Enabling Spanning Tree Protocol Globally
- Adding an Interface to the Spanning Tree Group
- Removing an Interface from the Spanning Tree Group
- Modifying Global Parameters
- Modifying Interface STP Parameters
- Enabling PortFast
- Prevent Network Disruptions with BPDU Guard
- Global BPDU Filtering
- Interface BPDU Filtering
- Selecting STP Root
- STP Root Guard
- Enabling SNMP Traps for Root Elections and Topology Changes
- Configuring Spanning Trees as Hitless
- STP Loop Guard
- Displaying STP Guard Configuration
- SupportAssist
- System Time and Date
- Tunneling
- Uplink Failure Detection (UFD)
- Upgrade Procedures
- Virtual LANs (VLANs)
- VLT Proxy Gateway
- Virtual Link Trunking (VLT)
- Overview
- VLT Terminology
- Configure Virtual Link Trunking
- RSTP Configuration
- Preventing Forwarding Loops in a VLT Domain
- Sample RSTP Configuration
- Configuring VLT
- Configuring a VLT Interconnect
- Enabling VLT and Creating a VLT Domain
- Configuring a VLT Backup Link
- Configuring a VLT Port Delay Period
- Reconfiguring the Default VLT Settings (Optional)
- Connecting a VLT Domain to an Attached Access Device (Switch or Server)
- Configuring a VLT VLAN Peer-Down (Optional)
- Configuring Enhanced VLT (Optional)
- PVST+ Configuration
- VLT Sample Configuration
- eVLT Configuration Example
- PIM-Sparse Mode Configuration Example
- Verifying a VLT Configuration
- Additional VLT Sample Configurations
- Troubleshooting VLT
- Reconfiguring Stacked Switches as VLT
- Specifying VLT Nodes in a PVLAN
- Configuring a VLT VLAN or LAG in a PVLAN
- Proxy ARP Capability on VLT Peer Nodes
- VLT Nodes as Rendezvous Points for Multicast Resiliency
- Configuring VLAN-Stack over VLT
- IPv6 Peer Routing in VLT Domains Overview
- Virtual Routing and Forwarding (VRF)
- Virtual Router Redundancy Protocol (VRRP)
- S5000 Debugging and Diagnostics
- Standards Compliance
- X.509v3
- Introduction to X.509v3 certification
- X.509v3 support in
- Information about installing CA certificates
- Information about Creating Certificate Signing Requests (CSR)
- Information about installing trusted certificates
- Transport layer security (TLS)
- Online Certificate Status Protocol (OSCP)
- Verifying certificates
- Event logging
Neighbor Solicitation from VLT Hosts
Consider a case in which NS for VLT node1 IP reaches VLT node1 on the VLT interface and NS for VLT node1 IP reaches VLT
node2 due to LAG level hashing in the ToR. When VLT node1 receives NS from VLT VLAN interface, it unicasts the NA packet
on the VLT interface. When NS reaches VLT node2, it is flooded on all interfaces including ICL. When VLT node 1 receives NS on
ICL, it floods the NA packet on the VLAN. If NS is unicast and if it reaches the wrong VLT peer, it is lifted to the CPU using ACL
entry. Then wrong peer adds a tunnel header and forwards the packet over ICL.
Neighbor Advertisement from VLT Hosts
Consider an example in which NA for VLT node1 reaches VLT node1 on the VLT interface and NA for VLT node1 reaches VLT
node2 due to LAG level hashing in ToR. When VLT node1 receives NA on VLT interface, it learns the Host MAC address on VLT
interface. This learned neighbor entry is synchronized to VLT node2 as it is learned on VLT interface of Node2. If VLT node2
receives a NA packet on VLT interface which is destined to VLT node1, node 2 lifts the NA packet to CPU using an ACL entry
then it adds a tunnel header to the received NA and forwards the packet to VLT node1 over ICL. When VLT node1 receives
NA over ICL with tunnel header it learns the Host MAC address on VLT port channel interface. This learned neighbor entry is
synchronized to VLT node2 as it is learned on VLT interface of Node2.
If NA is intended for a VLT peer and DIP is LLA of the peer, it is lifted to the CPU and tunneled to the peer. VLT nodes drop the
NA packet if the NA is received over ICL without a tunneling header.
Neighbor Solicitation from Non-VLT Hosts
Consider a sample scenario in which NS for VLT node1 IP reaches VLT node1 on a non-VLT interface and NS for VLT node1 IP
reaches VLT node2 on a non-VLT interface. When VLT node1 receives NS from a non-VLT interface, it unicasts the NA packet
on the received interface. When NS reaches VLT node2, it floods on all interfaces including ICL. When VLT node 1 receives NS
on the ICL, it floods the NA packet on the VLAN. If NS is unicast and if it reaches the wrong VLT peer, it is lifted to the CPU
using the ACL entry. Then the wrong peer adds a tunnel header and forwards the packet over the ICL.
Neighbor Advertisement from Non-VLT Hosts
Consider a situation in which NA for VLT node1 reaches VLT node1 on a non-VLT interface and NA for VLT node1 reaches
VLT node2 on a non-VLT interface. When VLT node1 receives NA on a VLT interface, it learns the Host MAC address on the
received interface. This learned neighbor entry is synchronized to VLT node2 as it is learned on ICL. If VLT node2 receives a NA
packet on non-VLT interface which is destined to VLT node1, node 2 lifts the NA packet to CPU using an ACL entry then it adds
a tunnel header to the received NA and forwards the packet to VLT node1 over ICL. When VLT node1 received NA over ICL with
tunnel header it learns the Host MAC address on the ICL. Host entries learned on ICL will not be synchronized to the VLT peer.
If NA is intended for VLT peer and DIP is LLA of peer, it is lifted to CPU and tunneled to the peer. VLT nodes will drop NA
packet, If NA is received over ICL without tunneling header.
Traffic Destined to VLT Nodes
Hosts can send traffic to one of the VLT nodes using a global IP or Link-Local address. When the host communicates with the
VLT node using LLA and traffic reaches the wrong peer due to LAG level hashing in the ToR, the wrong peer routes the packet
to correct the VLT node though the destination IP is LLA. Consider a case in which traffic destined for VLT node1 reaches VLT
node1 on the VLT interface and traffic destined for VLT node1 reaches VLT node2 due to LAG level hashing in the ToR.
When VLT node1 receives traffic on VLT interface, it consumes the packets and process them based on the packet type. If
VLT node2 receives a packet on a VLT interface which is destined to VLT node1, it routes the packet to VLT node1 instead of
switching the packet because the match that occurs for the neighbor entry in the TCAM table.
If the destination IP address is peers' link-local advertisement (LLA), the wrong VLT peer switches the traffic over ICL. This is
achieved using switching egress object for peers LLA.
VLT host to North Bound traffic flow
One of the VLT peer is configured as the default gateway router on VLT hosts. If the VLT node receives Layer 3 traffic intended
for the other VLT peer, it routes the traffic to next hop instead of forwarding the traffic to the VLT peer. If the neighbor entry
is not present, the VLT node resolves the next hop. There may be traffic loss during the neighbor resolution period.
North-Bound to VLT host traffic flow
When a VLT node receives traffic from the north intended for the VLT host, it completes neighbor entry lookup and routes
traffic to the VLT interface. If the VLT interface is not operationally up, the VLT node routes the traffic over ICL. If the neighbor
entry is not present, the VLT node resolves the destination. There may be traffic loss during the neighbor resolution period.
VLT host to Non-VLT host traffic flow
When VLT node receives traffic intended to non-VLT host, it routes the traffic over non-VLT interface. If the traffic intended
to non-VLT host reaches wrong VLT peer due to LAG hashing in ToR, the wrong VLT node will resolve the destination over ICL
and routes the traffic over ICL. When Correct VLT node receives this routed traffic over ICL it will switch traffic to non-VLT
interface.
Non-VLT host to VLT host traffic flow
958
Virtual Link Trunking (VLT)