Reference Guide
Table Of Contents
- About this Guide
- Configuration Fundamentals
- Getting Started
- Management
- Configure Privilege Levels
- Configure Logging
- Log Messages in the Internal Buffer
- Disable System Logging
- Send System Messages to a Syslog Server
- Change System Logging Settings
- Display the Logging Buffer and the Logging Configuration
- Configure a UNIX logging facility level
- Synchronize log messages
- Enable timestamp on syslog messages
- File Transfer Services
- Terminal Lines
- Time out of EXEC Privilege Mode
- Telnet to Another Network Device
- Lock CONFIGURATION mode
- Recovering from a Forgotten Password on the S4810
- Recovering from a Failed Start on the S4810
- 802.1ag
- Ethernet CFM
- Maintenance Domains
- Maintenance Points
- Maintenance End Points
- Implementation Information
- Configure CFM
- Enable Ethernet CFM
- Create a Maintenance Domain
- Create a Maintenance Association
- Create Maintenance Points
- Continuity Check Messages
- Loopback Message and Response
- Linktrace Message and Response
- Enable CFM SNMP Traps.
- Display Ethernet CFM Statistics
- 802.1X
- Access Control Lists (ACLs)
- Overview
- IP Access Control Lists (ACLs)
- IP Fragment Handling
- Configure a standard IP ACL
- Configure an extended IP ACL
- Configuring Layer 2 and Layer 3 ACLs on an Interface
- Assign an IP ACL to an Interface
- Configuring Ingress ACLs
- Configuring Egress ACLs
- Configuring ACLs to Loopback
- IP Prefix Lists
- ACL Resequencing
- Route Maps
- Important Points to Remember
- Bidirectional Forwarding Detection (BFD)
- Protocol Overview
- Important Points to Remember
- Configuring Bidirectional Forwarding Detection
- Border Gateway Protocol
- Protocol Overview
- BGP Attributes
- Multiprotocol BGP
- Implementing BGP with FTOS
- Configuration Information
- BGP Configuration
- Defaults
- Configuration Task List for BGP
- Enable BGP
- Configure AS4 Number Representations
- Configure Peer Groups
- BGP fast fall-over
- Configure passive peering
- Maintain existing AS numbers during an AS migration
- Allow an AS number to appear in its own AS path
- Enable graceful restart
- Filter on an AS-Path attribute
- Redistribute routes
- Enable additional paths
- Configure IP community lists
- Manipulate the COMMUNITY attribute
- Change MED attribute
- Change LOCAL_PREFERENCE attribute
- Change NEXT_HOP attribute
- Change WEIGHT attribute
- Enable multipath
- Filter BGP routes
- Configure BGP route reflectors
- Aggregate routes
- Configure BGP confederations
- Enable route flap dampening
- Change BGP timers
- BGP neighbor soft-reconfiguration
- Route map continue
- MBGP Configuration
- BGP Regular Expression Optimization
- Debugging BGP
- Sample Configurations
- Bare Metal Provisioning 3.0 (BMP 3.0)
- Overview
- Prerequisites
- Important Information
- BMP Process Overview
- Preparing BMP
- Reload Modes
- Scripts
- Configuration Tasks
- System boot and set-up behavior in BMP Mode
- BMP mode: Boot and Set-up Behavior
- Reload without a DHCP Server Offer
- Reload with a DHCP Server Offer without an FTOS Image
- Reload with a DHCP Server Offer without a Configuration File
- Reload with a DHCP Server Offer without a DNS Server
- Reload with a Pre-configuration Script (BMP mode only)
- Using the Post-Configuration Script (BMP mode only)
- Reload using the Auto-execution Script (Normal mode only)
- Script Examples
- Content Addressable Memory (CAM)
- Content Addressable Memory
- CAM Profiles
- Microcode
- CAM Profiling for ACLs
- Boot Behavior
- When to Use CAM Profiling
- Important Points to Remember
- Select CAM Profiles
- CAM Allocation
- Test CAM Usage
- View CAM Profiles
- View CAM-ACL settings
- View CAM Usage
- Configure IPv4Flow Sub-partitions
- Configure Ingress Layer 2 ACL Sub-partitions
- Return to the Default CAM Configuration
- CAM Optimization
- Applications for CAM Profiling
- Troubleshoot CAM Profiling
- Control Plane Policing (CoPP)
- Data Center Bridging (DCB)
- Ethernet Enhancements in Data Center Bridging
- Enabling Data Center Bridging
- QoS dot1p Traffic Classification and Queue Assignment
- Configuring Priority-Based Flow Control
- Configuring Enhanced Transmission Selection
- Applying DCB Policies in a Switch Stack
- Configuring DCBx Operation
- Verifying DCB Configuration
- PFC and ETS Configuration Examples
- S-Series Debugging and Diagnostics
- Dynamic Host Configuration Protocol (DHCP)
- Protocol Overview
- Implementation Information
- Configuration Tasks
- Configure the System to be a DHCP Server
- Configure the System to be a Relay Agent
- Configure the System for User Port Stacking
- Configure Secure DHCP
- Equal Cost Multi-Path (ECMP)
- Enabling FIPS Cryptography
- FIP Snooping
- Force10 Resilient Ring Protocol (FRRP)
- GARP VLAN Registration Protocol (GVRP)
- High Availability
- Internet Group Management Protocol (IGMP)
- IGMP Implementation Information
- IGMP Protocol Overview
- Configuring IGMP
- Viewing IGMP Enabled Interfaces
- Selecting an IGMP Version
- Viewing IGMP Groups
- Adjusting Timers
- Configuring a Static IGMP Group
- Enabling IGMP Immediate-leave
- IGMP Snooping
- Fast Convergence after MSTP Topology Changes
- Designating a Multicast Router Interface
- Interfaces
- Basic Interface Configuration:
- Advanced Interface Configuration:
- Interface Types
- View Basic Interface Information
- Enable a Physical Interface
- Physical Interfaces
- Management Interfaces
- VLAN Interfaces
- Loopback Interfaces
- Null Interfaces
- Port Channel Interfaces
- Port channel definition and standards
- Port channel benefits
- Port channel implementation
- 10/100/1000 Mbps interfaces in port channels
- Configuration task list for port channel interfaces
- Create a port channel
- Add a physical interface to a port channel
- Reassign an interface to a new port channel
- Configure the minimum oper up links in a port channel (LAG)
- Add or remove a port channel from a VLAN
- Assign an IP address to a port channel
- Delete or disable a port channel
- Load balancing through port channels
- E-Series load-balancing
- IPv4, IPv6, and non-IP traffic handling on the E-Series
- C-Series and S-Series load-balancing
- Hash algorithm
- Bulk Configuration
- Interface Range Macros
- Monitor and Maintain Interfaces
- Splitting QSFP ports to SFP+ ports
- Link Debounce Timer
- Link Dampening
- Link Bundle Monitoring
- Ethernet Pause Frames
- Configure MTU Size on an Interface
- Port-pipes
- Auto-Negotiation on Ethernet Interfaces
- View Advanced Interface Information
- IPv4 Routing
- IP Addresses
- Directed Broadcast
- Resolution of Host Names
- ARP
- ARP Learning via Gratuitous ARP
- ARP Learning via ARP Request
- Configurable ARP Retries
- ICMP
- UDP Helper
- Configuring UDP Helper
- Important Points to Remember about UDP Helper
- Enabling UDP Helper
- Configuring a Broadcast Address
- Configurations Using UDP Helper
- Troubleshooting UDP Helper
- IPv6 Routing
- Protocol Overview
- Implementing IPv6 with FTOS
- ICMPv6
- Path MTU Discovery
- IPv6 Neighbor Discovery
- QoS for IPv6
- IPv6 Multicast
- SSH over an IPv6 Transport
- Configuration Task List for IPv6
- Change your CAM-Profile on an E-Series system
- Adjust your CAM-Profile on a C-Series or S-Series
- Assign an IPv6 Address to an Interface
- Assign a Static IPv6 Route
- Telnet with IPv6
- SNMP over IPv6
- Show IPv6 Information
- Show an IPv6 Interface
- Show IPv6 Routes
- Show the Running-Configuration for an Interface
- Clear IPv6 Routes
- iSCSI Optimization
- iSCSI Optimization Overview
- Monitoring iSCSI Traffic Flows
- Application of Quality of Service to iSCSI Traffic Flows
- Information Monitored in iSCSI Traffic Flows
- Detection and Auto-configuration for Dell EqualLogic Arrays
- Detection and Port Configuration for Dell Compellent Arrays
- Synchronizing iSCSI Sessions Learned on VLT-Lags with VLT-Peer
- Enabling and Disabling iSCSI Optimization
- Default iSCSI Optimization Values
- iSCSI Optimization Prerequisites
- Configuring iSCSI Optimization
- Displaying iSCSI Optimization Information
- iSCSI Optimization Overview
- Intermediate System to Intermediate System
- Link Aggregation Control Protocol (LACP)
- Layer 2
- Link Layer Discovery Protocol (LLDP)
- 802.1AB (LLDP) Overview
- Optional TLVs
- TIA-1057 (LLDP-MED) Overview
- Configuring LLDP
- Important Points to Remember
- CONFIGURATION versus INTERFACE Configurations
- Enabling LLDP
- Advertising TLVs
- Viewing the LLDP Configuration
- Viewing Information Advertised by Adjacent LLDP Agents
- Configuring LLDPDU Intervals
- Configuring Transmit and Receive Mode
- Configuring a Time to Live
- Debugging LLDP
- Relevant Management Objects
- Multicast Source Discovery Protocol (MSDP)
- Protocol Overview
- Implementation Information
- Configuring Multicast Source Discovery Protocol
- Enable MSDP
- Manage the Source-active Cache
- Accept Source-active Messages that fail the RFP Check
- Limit the Source-active Messages from a Peer
- Prevent MSDP from Caching a Local Source
- Prevent MSDP from Caching a Remote Source
- Prevent MSDP from Advertising a Local Source
- Log Changes in Peership States
- Terminate a Peership
- Clear Peer Statistics
- Debug MSDP
- MSDP with Anycast RP
- MSDP Sample Configurations
- Multiple Spanning Tree Protocol (MSTP)
- Protocol Overview
- Configure Multiple Spanning Tree Protocol
- Enable Multiple Spanning Tree Globally
- Add and Remove Interfaces
- Create Multiple Spanning Tree Instances
- Influence MSTP Root Selection
- Interoperate with Non-FTOS Bridges
- Modify Global Parameters
- Modify Interface Parameters
- Configure an EdgePort
- Flush MAC Addresses after a Topology Change
- MSTP Sample Configurations
- Debugging and Verifying MSTP Configuration
- Multicast Features
- Open Shortest Path First (OSPFv2 and OSPFv3)
- Protocol Overview
- Implementing OSPF with FTOS
- Configuration Information
- Configuration Task List for OSPFv2 (OSPF for IPv4)
- Enable OSPFv2
- Enable Multi-Process OSPF
- Assign an OSPFv2 area
- Enable OSPFv2 on interfaces
- Configure stub areas
- Configure OSPF Stub-Router Advertisement
- Enable passive interfaces
- Enable fast-convergence
- Change OSPFv2 parameters on interfaces
- Enable OSPFv2 authentication
- Enable OSPFv2 graceful restart
- Configure virtual links
- Filter routes
- Redistribute routes
- Troubleshooting OSPFv2
- Sample Configurations for OSPFv2
- Configuration Task List for OSPFv3 (OSPF for IPv6)
- Enable IPv6 Unicast Routing
- Assign IPv6 addresses on an interface
- Assign Area ID on interface
- Assign OSPFv3 Process ID and Router ID Globally
- Configure stub areas
- Configure Passive-Interface
- Redistribute routes
- Configure a default route
- Enable OSPFv3 graceful restart
- OSPFv3 Authentication Using IPsec
- Troubleshooting OSPFv3
- PIM Sparse-Mode (PIM-SM)
- Port Monitoring
- Private VLANs (PVLAN)
- Per-VLAN Spanning Tree Plus (PVST+)
- Quality of Service (QoS)
- Routing Information Protocol (RIP)
- Remote Monitoring (RMON)
- Rapid Spanning Tree Protocol (RSTP)
- Protocol Overview
- Configuring Rapid Spanning Tree
- Important Points to Remember
- Configure Interfaces for Layer 2 Mode
- Enable Rapid Spanning Tree Protocol Globally
- Add and Remove Interfaces
- Modify Global Parameters
- Modify Interface Parameters
- Configure an EdgePort
- Influence RSTP Root Selection
- SNMP Traps for Root Elections and Topology Changes
- Fast Hellos for Link State Detection
- Software-Defined Networking (SDN)
- Security
- Service Provider Bridging
- VLAN Stacking
- VLAN Stacking Packet Drop Precedence
- Dynamic Mode CoS for VLAN Stacking
- Layer 2 Protocol Tunneling
- Provider Backbone Bridging
- sFlow
- Simple Network Management Protocol (SNMP)
- Protocol Overview
- Implementation Information
- Configure Simple Network Management Protocol
- Important Points to Remember
- Setting up SNMP
- Read Managed Object Values
- Write Managed Object Values
- Configure Contact and Location Information using SNMP
- Subscribe to Managed Object Value Updates using SNMP
- Copy Configuration Files Using SNMP
- Manage VLANs using SNMP
- Managing Overload on Startup
- Enable and Disable a Port using SNMP
- Fetch Dynamic MAC Entries using SNMP
- Deriving Interface Indices
- Monitor Port-channels
- Troubleshooting SNMP Operation
- Stacking
- Storm Control
- Spanning Tree Protocol (STP)
- Protocol Overview
- Configuring Spanning Tree
- Important Points to Remember
- Configuring Interfaces for Layer 2 Mode
- Enabling Spanning Tree Protocol Globally
- Adding an Interface to the Spanning Tree Group
- Removing an Interface from the Spanning Tree Group
- Modifying Global Parameters
- Modifying Interface STP Parameters
- Enabling PortFast
- STP Root Selection
- STP Root Guard
- SNMP Traps for Root Elections and Topology Changes
- Configuring Spanning Trees as Hitless
- STP Loop Guard
- Displaying STP Guard Configuration
- System Time and Date
- Uplink Failure Detection (UFD)
- Upgrade Procedures
- Virtual LANs (VLAN)
- Virtual Link Trunking (VLT)
- Virtual Router Redundancy Protocol (VRRP)
- Standards Compliance
- Index
88 | 802.1X
www.dell.com | support.dell.com
RADIUS Attributes for 802.1 Support
Dell Force10 systems includes the following RADIUS attributes in all 802.1X-triggered Access-Request
messages:
• Attribute 31—Calling-station-id: relays the supplicant MAC address to the authentication server.
• Attribute 41—NAS-Port-Type: NAS-port physical port type. 15 indicates Ethernet.
• Attribute 61—NAS-Port: the physical port number by which the authenticator is connected to the
supplicant.
• Attribute 81—Tunnel-Private-Group-ID: associate a tunneled session with a particular group of
users.
Configuring 802.1X
Configuring 802.1X on a port is a one-step process:
1.
Enabling 802.1X.
Related Configuration Tasks
•
Configuring Request Identity Re-transmissions
• Forcibly Authorizing or Unauthorizing a Port
• Re-authenticating a Port
• Configuring Timeouts
• Configuring a Guest VLAN
• Configuring an Authentication-fail VLAN
Code
Identifier
Length
Message-Authenticator
Attribute
EAP-Message At tribute
R
ange: 1-4
C
odes: 1: Access-Request
2: Access-Accept
3: Access-Reject
11: Access-Challenge
Typ e
(79)
Length
EAP-Method Data
(Supplicant Requested Credentials)
fnC0034m
p