Welcome

Dell Sites

Dell Technologies
Premier Sign In
Partner Program Sign In
Support

Dell Sites

Dell Technologies
Premier Sign In
Partner Program Sign In
Support

Sign Out

Welcome to Dell

My Account

Place orders quickly and easily
View orders and track your shipping status
Create and access a list of your products
Manage your Dell EMC sites, products, and product-level contacts using Company Administration.

AE/EN

Find a Partner

Support
Product Support
Manuals

Dell EMC Configuration Guide for the S3100 Series 9.14.2.4

Notes, cautions, and warnings
About this Guide
- Audience
- Conventions
- Related Documents
Configuration Fundamentals
- Accessing the Command Line
- CLI Modes
  - Navigating CLI Modes
- The do Command
- Undoing Commands
- Obtaining Help
- Entering and Editing Commands
- Command History
- Filtering show Command Outputs
- Multiple Users in Configuration Mode
Getting Started
- Console Access
  - Serial Console
    - Accessing the Console Port
    - Pin Assignments
- Accessing the CLI Interface and Running Scripts Using SSH
- Default Configuration
- Configuring a Host Name
- Accessing the System Remotely
- Configuring the Enable Password
- Configuration File Management
- Managing the File System
- Enabling Software Features on Devices Using a Command Option
- View Command History
- Upgrading Dell EMC Networking OS
- Verify Software Images Before Installation
- Using HTTP for File Transfers
Management
- Configuring Privilege Levels
- Configuring Logging
- Track Login Activity
- Limit Concurrent Login Sessions
- Enabling Secured CLI Mode
- Log Messages in the Internal Buffer
- Disabling System Logging
- Sending System Messages to a Syslog Server
  - Configuring a UNIX System as a Syslog Server
- Changing System Logging Settings
- Display the Logging Buffer and the Logging Configuration
- Configuring a UNIX Logging Facility Level
- Synchronizing Log Messages
- Enabling Timestamp on Syslog Messages
- File Transfer Services
- Terminal Lines
  - Denying and Permitting Access to a Terminal Line
  - Configuring Login Authentication for Terminal Lines
- Setting Timeout for EXEC Privilege Mode
- Using Telnet to get to Another Network Device
- Lock CONFIGURATION Mode
- Viewing the Reason for Last System Reboot
802.1X
- Port-Authentication Process
  - EAP over RADIUS
- Configuring 802.1X
- Important Points to Remember
- Enabling 802.1X
- Configuring dot1x Profile
- Configuring MAC addresses for a do1x Profile
- Configuring the Static MAB and MAB Profile
- Configuring Critical VLAN
- Configuring Request Identity Re-Transmissions
  - Configuring a Quiet Period after a Failed Authentication
- Forcibly Authorizing or Unauthorizing a Port
- Re-Authenticating a Port
- Configuring Timeouts
- Configuring Dynamic VLAN Assignment with Port Authentication
- Guest and Authentication-Fail VLANs
  - Configuring a Guest VLAN
  - Configuring an Authentication-Fail VLAN
Access Control List (ACL) VLAN Groups and Content Addressable Memory (CAM)
- Optimizing CAM Utilization During the Attachment of ACLs to VLANs
- Guidelines for Configuring ACL VLAN Groups
- Configuring ACL VLAN Groups and Configuring FP Blocks for VLAN Parameters
- Viewing CAM Usage
- Allocating FP Blocks for VLAN Processes
Access Control Lists (ACLs)
- IP Access Control Lists (ACLs)
  - CAM Usage
  - Implementing ACLs on Dell EMC Networking OS
- Important Points to Remember
- IP Fragment Handling
  - IP Fragments ACL Examples
  - Layer 4 ACL Rules Examples
- Configure a Standard IP ACL
  - Configuring a Standard IP ACL Filter
- Configure an Extended IP ACL
  - Configuring Filters with a Sequence Number
    - Configure Filters, TCP Packets
    - Configure Filters, UDP Packets
  - Configuring Filters Without a Sequence Number
- Configure Layer 2 and Layer 3 ACLs
- Assign an IP ACL to an Interface
- Applying an IP ACL
  - Counting ACL Hits
- Configure Ingress ACLs
- Configure Egress ACLs
  - Applying Egress Layer 3 ACLs (Control-Plane)
- IP Prefix Lists
  - Configuration Task List for Prefix Lists
- ACL Remarks
  - Configuring a Remark
  - Deleting a Remark
- ACL Resequencing
  - Resequencing an ACL or Prefix List
- Route Maps
- Logging of ACL Processes
  - Guidelines for Configuring ACL Logging
  - Configuring ACL Logging
- Flow-Based Monitoring
  - Enabling Flow-Based Monitoring
Bidirectional Forwarding Detection (BFD)
- How BFD Works
- Important Points to Remember
- Configure BFD
Border Gateway Protocol (BGP)
- BGP IP version 4 (BGPv4) Overview
- Basic BGP configuration tasks
- Advanced BGP configuration tasks
Content Addressable Memory (CAM)
- CAM Allocation
- Test CAM Usage
- View CAM-ACL Settings
- View CAM Usage
- Configuring CAM Threshold and Silence Period
- CAM Optimization
- Troubleshoot CAM Profiling
  - QoS CAM Region Limitation
Control Plane Policing (CoPP)
- Configure Control Plane Policing
Dynamic Host Configuration Protocol (DHCP)
- DHCP Packet Format and Options
- Assign an IP Address using DHCP
- Implementation Information
- Configure the System to be a DHCP Server
- Configure the System to be a Relay Agent
- Configure the System to be a DHCP Client
- DHCP Relay When DHCP Server and Client are in Different VRFs
  - Configuring Route Leaking between VRFs on DHCP Relay Agent
- Non-default VRF configuration for DHCPv6 helper address
- Configuring DHCP relay source interface
  - Global DHCP relay source IPv4 or IPv6 configuration
  - Interface level DHCP relay source IPv4 or IPv6 configuration
- Configure the System for User Port Stacking (Option 230)
- Configure Secure DHCP
- Source Address Validation
Equal Cost Multi-Path (ECMP)
- ECMP for Flow-Based Affinity
- Link Bundle Monitoring
FIPS Cryptography
- Configuration Tasks
- Preparing the System
- Enabling FIPS Mode
- Generating Host-Keys
- Monitoring FIPS Mode Status
- Disabling FIPS Mode
Force10 Resilient Ring Protocol (FRRP)
- Protocol Overview
- Implementing FRRP
- FRRP Configuration
- Troubleshooting FRRP
- Sample Configuration and Topology
GARP VLAN Registration Protocol (GVRP)
- Configure GVRP
- Enabling GVRP Globally
- Enabling GVRP on a Layer 2 Interface
- Configure GVRP Registration
- Configure a GARP Timer
- RPM Redundancy
High Availability (HA)
- Component Redundancy
- Pre-Configuring a Stack Unit Slot
- Removing a Provisioned Logical Stack Unit
- Hitless Behavior
- Graceful Restart
- Software Resiliency
- Hot-Lock Behavior
Internet Group Management Protocol (IGMP)
- IGMP Protocol Overview
  - IGMP Version 2
    - Join a Multicast Group
      - Responding to an IGMP Query
      - Sending an Unsolicited IGMP Report
    - Leaving a Multicast Group
  - IGMP Version 3
    - Joining and Filtering Groups and Sources
    - Leaving and Staying in Groups
- Configure IGMP
- Viewing IGMP Enabled Interfaces
- Selecting an IGMP Version
- Viewing IGMP Groups
- Adjusting Timers
  - Adjusting Query and Response Timers
- Preventing a Host from Joining a Group
- Enabling IGMP Immediate-Leave
- IGMP Snooping
- Fast Convergence after MSTP Topology Changes
- Egress Interface Selection (EIS) for HTTP and IGMP Applications
- Designating a Multicast Router Interface
Interfaces
- Interface Types
- Optional Modules
- View Basic Interface Information
- Resetting an Interface to its Factory Default State
- Enabling Energy Efficient Ethernet
- View EEE Information
- Clear EEE Counters
- Enabling a Physical Interface
- Physical Interfaces
  - Configuration Task List for Physical Interfaces
  - Overview of Layer Modes
  - Configuring Layer 2 (Data Link) Mode
  - Configuring Layer 2 (Interface) Mode
  - Configuring Layer 3 (Network) Mode
  - Configuring Layer 3 (Interface) Mode
- Automatic recovery of an Err-disabled interface
  - Configuring an automatic recovery for an Err-disabled interface
- Egress Interface Selection (EIS)
  - Configuring EIS
- Management Interfaces
  - Configuring Management Interfaces
  - Configuring a Management Interface on an Ethernet Port
- VLAN Interfaces
- Loopback Interfaces
- Null Interfaces
- Configuring Port Delay
- Port Channel Interfaces
  - Port Channel Definition and Standards
  - Port Channel Benefits
  - Port Channel Implementation
  - Interfaces in Port Channels
  - Configuration Tasks for Port Channel Interfaces
  - Creating a Port Channel
  - Adding a Physical Interface to a Port Channel
  - Reassigning an Interface to a New Port Channel
  - Configuring the Minimum Oper Up Links in a Port Channel
  - Adding or Removing a Port Channel from a VLAN
  - Assigning an IP Address to a Port Channel
  - Deleting or Disabling a Port Channel
  - Load Balancing Through Port Channels
  - Load-Balancing Method
  - Changing the Hash Algorithm
- Bulk Configuration
  - Interface Range
  - Bulk Configuration Examples
- Defining Interface Range Macros
  - Define the Interface Range
  - Choosing an Interface-Range Macro
- Monitoring and Maintaining Interfaces
  - Maintenance Using TDR
- Link Dampening
  - Enabling Link Dampening
- Link Bundle Monitoring
- Using Ethernet Pause Frames for Flow Control
  - Enabling Pause Frames
- Configure the MTU Size on an Interface
- Port-Pipes
- Auto-Negotiation on Ethernet Interfaces
  - Setting the Speed of Ethernet Interfaces
  - Set Auto-Negotiation Options
    - Adjusting the Keepalive Timer
- Provisioning Combo Ports
- View Advanced Interface Information
  - Configuring the Interface Sampling Size
- Configuring the Traffic Sampling Size Globally
- Dynamic Counters
  - Clearing Interface Counters
Internet Protocol Security (IPSec)
- Configuring IPSec
IPv4 Routing
- IP Addresses
- Configuration Tasks for IP Addresses
- Assigning IP Addresses to an Interface
- Configuring Static Routes
  - Adding description for IPv4 and IPv6 static routes
- Configure Static Routes for the Management Interface
- IPv4 Path MTU Discovery Overview
- Using the Configured Source IP Address in ICMP Messages
- Configuring the Duration to Establish a TCP Connection
- Enabling Directed Broadcast
- Resolution of Host Names
- Enabling Dynamic Resolution of Host Names
- Specifying the Local System Domain and a List of Domains
- Configuring DNS with Traceroute
- ARP
- Configuration Tasks for ARP
- Configuring Static ARP Entries
- Enabling Proxy ARP
- Clearing ARP Cache
- ARP Learning via Gratuitous ARP
- Enabling ARP Learning via Gratuitous ARP
- ARP Learning via ARP Request
- Configuring ARP Retries
- ICMP
- Configuration Tasks for ICMP
- Enabling ICMP Unreachable Messages
- ICMP Redirects
- UDP Helper
- Enabling UDP Helper
- Configuring a Broadcast Address
- Configurations Using UDP Helper
- UDP Helper with Broadcast-All Addresses
- UDP Helper with Subnet Broadcast Addresses
- UDP Helper with Configured Broadcast Addresses
- UDP Helper with No Configured Broadcast Addresses
- Troubleshooting UDP Helper
IPv6 Routing
- Protocol Overview
- Implementing IPv6 with Dell EMC Networking OS
- ICMPv6
- Path MTU discovery
- IPv6 Neighbor Discovery
  - IPv6 Neighbor Discovery of MTU Packets
- Configuration Task List for IPv6 RDNSS
- Secure Shell (SSH) Over an IPv6 Transport
- Configuration Tasks for IPv6
- Configuring IPv6 RA Guard
  - Configuring IPv6 RA Guard on an Interface
  - Monitoring IPv6 RA Guard
iSCSI Optimization
- iSCSI Optimization Overview
- Default iSCSI Optimization Values
- iSCSI Optimization Prerequisites
- Configuring iSCSI Optimization
- Displaying iSCSI Optimization Information
Intermediate System to Intermediate System
- IS-IS Protocol Overview
- IS-IS Addressing
- Multi-Topology IS-IS
- Graceful Restart
  - Timers
- Implementation Information
- Configuration Information
- IS-IS Metric Styles
- Configure Metric Values
- Sample Configurations
Link Aggregation Control Protocol (LACP)
- Introduction to Dynamic LAGs and LACP
- LACP Configuration Tasks
- Shared LAG State Tracking
  - Configuring Shared LAG State Tracking
  - Important Points about Shared LAG State Tracking
- LACP Basic Configuration Example
  - Configure a LAG on ALPHA
Layer 2
- Manage the MAC Address Table
- MAC Learning Limit
- NIC Teaming
- Configure Redundant Pairs
- Far-End Failure Detection
Link Layer Discovery Protocol (LLDP)
- 802.1AB (LLDP) Overview
  - Protocol Data Units
- Optional TLVs
  - Management TLVs
    - IEEE Organizationally Specific TLVs
- TIA-1057 (LLDP-MED) Overview
  - TIA Organizationally Specific TLVs
- Configure LLDP
- CONFIGURATION versus INTERFACE Configurations
- Enabling LLDP
  - Disabling and Undoing LLDP
- Enabling LLDP on Management Ports
  - Disabling and Undoing LLDP on Management Ports
- Advertising TLVs
- Storing and Viewing Unrecognized LLDP TLVs
- Viewing the LLDP Configuration
- Viewing Information Advertised by Adjacent LLDP Neighbors
- Configuring LLDPDU Intervals
- Configuring LLDP Notification Interval
- Configuring Transmit and Receive Mode
- Configuring the Time to Live Value
- Debugging LLDP
- Relevant Management Objects
Microsoft Network Load Balancing
- Configuring a Switch for NLB
Multicast Source Discovery Protocol (MSDP)
- Anycast RP
- Implementation Information
- Configure Multicast Source Discovery Protocol
  - Related Configuration Tasks
- Enable MSDP
- Manage the Source-Active Cache
- Accept Source-Active Messages that Fail the RFP Check
- Specifying Source-Active Messages
- Limiting the Source-Active Messages from a Peer
- Preventing MSDP from Caching a Local Source
- Preventing MSDP from Caching a Remote Source
- Preventing MSDP from Advertising a Local Source
- Logging Changes in Peership States
- Terminating a Peership
- Clearing Peer Statistics
- Debugging MSDP
- MSDP with Anycast RP
- Configuring Anycast RP
  - Reducing Source-Active Message Flooding
  - Specifying the RP Address Used in SA Messages
- MSDP Sample Configurations
Multicast Listener Discovery Protocol
- MLD timers
  - Reducing Host Response Burstiness
- Configuring MLD Version
- Clearing MLD groups
- Debugging MLD
- Explicit Tracking
- Reducing Leave Latency
- Displaying MLD groups table
- Displaying MLD Interfaces
Multiple Spanning Tree Protocol (MSTP)
- Spanning Tree Variations
  - Implementation Information
- Configure Multiple Spanning Tree Protocol
  - Related Configuration Tasks
- Enable Multiple Spanning Tree Globally
- Adding and Removing Interfaces
- Creating Multiple Spanning Tree Instances
- Influencing MSTP Root Selection
- Interoperate with Non-Dell Bridges
- Changing the Region Name or Revision
- Modifying Global Parameters
- Modifying the Interface Parameters
- Setting STP path cost as constant
- Configuring an EdgePort
- Flush MAC Addresses after a Topology Change
- MSTP Sample Configurations
- Debugging and Verifying MSTP Configurations
Multicast Features
- Enabling IP Multicast
- Implementation Information
- Multicast Policies
Multicast Listener Discovery Protocol
- MLD timers
  - Reducing Host Response Burstiness
- Clearing MLD groups
- Debugging MLD
- Explicit Tracking
- Reducing Leave Latency
- Displaying MLD groups table
- Displaying MLD Interfaces
- MLD Snooping
Object Tracking
- Object Tracking Overview
- Object Tracking Configuration
- Displaying Tracked Objects
Open Shortest Path First (OSPFv2 and OSPFv3)
- Protocol Overview
- OSPF with Dell EMC Networking OS
- Configuration Information
  - Configuration Task List for OSPFv2 (OSPF for IPv4)
- OSPFv3 NSSA
- Configuration Task List for OSPFv3 (OSPF for IPv6)
- MIB Support for OSPFv3
  - Viewing the OSPFv3 MIB
Policy-based Routing (PBR)
- Overview
- Implementing PBR
- Configuration Task List for Policy-based Routing
- Sample Configuration
PIM Sparse-Mode (PIM-SM)
- Implementation Information
- Protocol Overview
- Configuring PIM-SM
  - Related Configuration Tasks
- Enable PIM-SM
- Configuring S,G Expiry Timers
- Configuring a Static Rendezvous Point
  - Overriding Bootstrap Router Updates
- Configuring a Designated Router
- Creating Multicast Boundaries and Domains
- Electing an RP using the BSR Mechanism
PIM Source-Specific Mode (PIM-SSM)
- Implementation Information
- Configure PIM-SSM
- Enabling PIM-SSM
- Use PIM-SSM with IGMP Version 2 Hosts
- Electing an RP using the BSR Mechanism
  - Enabling RP to Server Specific Multicast Groups
Power over Ethernet (PoE)
- Configuring PoE or PoE+
  - Enable PoE/PoE+
  - Upgrading the PoE Controller
- Manage Ports using Power Priority and Power Budget
- Manage Legacy Devices
- Suspend Power Delivery on a Port
- Restore Power Delivery on a Port
- Display the Power Details
Port Monitoring
- Important Points to Remember
- Port Monitoring
- Configuring Port Monitoring
- Configuring Monitor Multicast Queue
- Enabling Flow-Based Monitoring
- Remote Port Mirroring
- Encapsulated Remote Port Monitoring
- ERPM Behavior on a typical Dell EMC Networking OS
- Port Monitoring on VLT
Private VLANs (PVLAN)
- Private VLAN Concepts
- Using the Private VLAN Commands
- Configuration Task List
- Private VLAN Configuration Example
- Inspecting the Private VLAN Configuration
Per-VLAN Spanning Tree Plus (PVST+)
- Protocol Overview
- Implementation Information
- Configure Per-VLAN Spanning Tree Plus
- Enabling PVST+
- Disabling PVST+
- Influencing PVST+ Root Selection
- Modifying Global PVST+ Parameters
- Modifying Interface PVST+ Parameters
- Configuring an EdgePort
- PVST+ in Multi-Vendor Networks
- Enabling PVST+ Extend System ID
- PVST+ Sample Configurations
Quality of Service (QoS)
- Implementation Information
- Port-Based QoS Configurations
- Policy-Based QoS Configurations
- DSCP Color Maps
- Enabling QoS Rate Adjustment
- Enabling Strict-Priority Queueing
- Weighted Random Early Detection
- Pre-Calculating Available QoS CAM Space
- Configuring Weights and ECN for WRED
- Configuring WRED and ECN Attributes
- Guidelines for Configuring ECN for Classifying and Color-Marking Packets
- Applying Layer 2 Match Criteria on a Layer 3 Interface
- Applying DSCP and VLAN Match Criteria on a Service Queue
- Classifying Incoming Packets Using ECN and Color-Marking
- Guidelines for Configuring ECN for Classifying and Color-Marking Packets
- Sample configuration to mark non-ecn packets as “yellow” with Multiple traffic class
- Sample configuration to mark non-ecn packets as “yellow” with single traffic class
Routing Information Protocol (RIP)
- Protocol Overview
  - RIPv1
  - RIPv2
- Implementation Information
- Configuration Information
  - Configuration Task List
  - RIP Configuration Example
Remote Monitoring (RMON)
- Implementation Information
- Fault Recovery
Rapid Spanning Tree Protocol (RSTP)
- Protocol Overview
- Configuring Rapid Spanning Tree
- Important Points to Remember
  - RSTP and VLT
- Configuring Interfaces for Layer 2 Mode
- Enabling Rapid Spanning Tree Protocol Globally
- Adding and Removing Interfaces
- Modifying Global Parameters
  - Enabling SNMP Traps for Root Elections and Topology Changes
- Modifying Interface Parameters
- Enabling SNMP Traps for Root Elections and Topology Changes
- Influencing RSTP Root Selection
- Configuring an EdgePort
- Configuring Fast Hellos for Link State Detection
Software-Defined Networking (SDN)
Security
- AAA Accounting
  - Configuration Task List for AAA Accounting
  - RADIUS Accounting
- AAA Authentication
  - Configuration Task List for AAA Authentication
- Obscuring Passwords and Keys
- AAA Authorization
  - Privilege Levels Overview
  - Configuration Task List for Privilege Levels
- RADIUS
- TACACS+
- Protection from TCP Tiny and Overlapping Fragment Attacks
- Enabling SCP and SSH
- Telnet
- VTY Line and Access-Class Configuration
- Role-Based Access Control
- Two Factor Authentication (2FA)
- Configuring the System to Drop Certain ICMP Reply Messages
- Dell EMC Networking OS Security Hardening
Service Provider Bridging
- VLAN Stacking
- VLAN Stacking Packet Drop Precedence
- Dynamic Mode CoS for VLAN Stacking
  - Mapping C-Tag to S-Tag dot1p Values
- Layer 2 Protocol Tunneling
- Provider Backbone Bridging
sFlow
- Overview
- Implementation Information
- Enabling and Disabling sFlow on an Interface
- Enabling sFlow Max-Header Size Extended
- sFlow Show Commands
- Configuring Specify Collectors
- Changing the Polling Intervals
- Back-Off Mechanism
- sFlow on LAG ports
- Enabling Extended sFlow
  - Important Points to Remember
Simple Network Management Protocol (SNMP)
- Protocol Overview
- Implementation Information
- SNMPv3 Compliance With FIPS
- Configuration Task List for SNMP
- Important Points to Remember
- Set up SNMP
  - Creating a Community
  - Setting Up User-Based Security (SNMPv3)
- Reading Managed Object Values
- Writing Managed Object Values
- Configuring Contact and Location Information using SNMP
- Subscribing to Managed Object Value Updates using SNMP
- Enabling a Subset of SNMP Traps
- Enabling an SNMP Agent to Notify Syslog Server Failure
- Copy Configuration Files Using SNMP
  - Copying a Configuration File
  - Copying Configuration Files via SNMP
  - Copying the Startup-Config Files to the Running-Config
  - Copying the Startup-Config Files to the Server via FTP
  - Copying the Startup-Config Files to the Server via TFTP
  - Copy a Binary File to the Startup-Configuration
  - Additional MIB Objects to View Copy Statistics
  - Obtaining a Value for MIB Objects
- MIB Support to Display Reason for Last System Reboot
  - Viewing the Reason for Last System Reboot Using SNMP
- MIB Support for Power Monitoring
- MIB Support to Display the Available Memory Size on Flash
  - Viewing the Available Flash Memory Size
- MIB Support to Display the Software Core Files Generated by the System
  - Viewing the Software Core Files Generated by the System
- SNMP Support for WRED Green/Yellow/Red Drop Counters
- MIB Support to Display the Available Partitions on Flash
  - Viewing the Available Partitions on Flash
- MIB Support to Display Egress Queue Statistics
- MIB Support to ECMP Group Count
  - Viewing the ECMP Group Count Information
- MIB Support for entAliasMappingTable
  - Viewing the entAliasMappingTable MIB
- MIB Support for LAG
  - Viewing the LAG MIB
- MIB Support to Display Unrecognized LLDP TLVs
  - MIB Support to Display Reserved Unrecognized LLDP TLVs
    - Viewing the Details of Reserved Unrecognized LLDP TLVs
  - MIB Support to Display Organizational Specific Unrecognized LLDP TLVs
    - Viewing the Details of Organizational Specific Unrecognized LLDP TLVs
- MIB support for Port Security
  - Global MIB objects for port security
  - MIB support for interface level port security
    - Enabling and viewing SNMP for port security
  - MIB objects for configuring MAC addresses
    - Enabling and viewing SNMP for static MAC addresses
  - MIB objects for configuring MAC addresses
    - Viewing the Details of MAC addresses
- Manage VLANs using SNMP
  - Creating a VLAN
  - Assigning a VLAN Alias
  - Displaying the Ports in a VLAN
  - Add Tagged and Untagged Ports to a VLAN
- Managing Overload on Startup
- Enabling and Disabling a Port using SNMP
- Fetch Dynamic MAC Entries using SNMP
- Example of Deriving the Interface Index Number
- Monitoring BGP sessions via SNMP
- Monitor Port-Channels
- Enabling an SNMP Agent to Notify Syslog Server Failure
- Troubleshooting SNMP Operation
- Transceiver Monitoring
- Configuring SNMP context name
Stacking
- Stacking Overview
- Important Points to Remember
- Stacking Installation Tasks
- Stacking Configuration Tasks
- Verify a Stack Configuration
  - Displaying the Status of Stacking Ports
- Removing a Unit from a Stack
- Troubleshoot a Stack
  - Recover from Stack Link Flaps
  - Recover from a Card Problem State on a Stack
Storm Control
- Configure Storm Control
  - Configuring Storm Control from INTERFACE Mode
  - Configuring Storm Control from CONFIGURATION Mode
Spanning Tree Protocol (STP)
- Protocol Overview
- Configure Spanning Tree
- Important Points to Remember
- Configuring Interfaces for Layer 2 Mode
- Enabling Spanning Tree Protocol Globally
- Adding an Interface to the Spanning Tree Group
- Modifying Global Parameters
- Modifying Interface STP Parameters
- Enabling PortFast
  - Prevent Network Disruptions with BPDU Guard
- Selecting STP Root
- STP Root Guard
  - Root Guard Scenario
  - Configuring Root Guard
- Enabling SNMP Traps for Root Elections and Topology Changes
- Configuring Spanning Trees as Hitless
- STP Loop Guard
  - Configuring Loop Guard
- Displaying STP Guard Configuration
SupportAssist
- Configuring SupportAssist Using a Configuration Wizard
- Configuring SupportAssist Manually
- Configuring SupportAssist Activity
- Configuring SupportAssist Company
- Configuring SupportAssist Person
- Configuring SupportAssist Server
- Viewing SupportAssist Configuration
System Time and Date
- Network Time Protocol
- Dell EMC Networking OS Time and Date
Tunneling
- Configuring a Tunnel
- Configuring Tunnel Keepalive Settings
- Configuring a Tunnel Interface
- Configuring Tunnel Allow-Remote Decapsulation
- Configuring the Tunnel Source Anylocal
Uplink Failure Detection (UFD)
- Feature Description
- How Uplink Failure Detection Works
- UFD and NIC Teaming
- Important Points to Remember
- Configuring Uplink Failure Detection
- Clearing a UFD-Disabled Interface
- Displaying Uplink Failure Detection
- Sample Configuration: Uplink Failure Detection
Upgrade Procedures
Virtual LANs (VLANs)
- Default VLAN
- Port-Based VLANs
- VLANs and Port Tagging
- Configuration Task List
- Configuring Native VLANs
- Enabling Null VLAN as the Default VLAN
Virtual Link Trunking (VLT)
- Overview
- Configure Virtual Link Trunking
- RSTP Configuration
- PVST+ Configuration
- Peer Routing Configuration Example
- eVLT Configuration Example
- PIM-Sparse Mode Configuration Example
- Verifying a VLT Configuration
- Additional VLT Sample Configurations
- Troubleshooting VLT
- Reconfiguring Stacked Switches as VLT
- Specifying VLT Nodes in a PVLAN
- Configuring a VLT VLAN or LAG in a PVLAN
- Proxy ARP Capability on VLT Peer Nodes
- VLT Nodes as Rendezvous Points for Multicast Resiliency
- Configuring VLAN-Stack over VLT
- IPv6 Peer Routing in VLT Domains Overview
- Configure BFD in VLT Domain
  - Sample BFD configuration in VLT domain
VLT Proxy Gateway
- Proxy Gateway in VLT Domains
- Configuring a Static VLT Proxy Gateway
- Configuring an LLDP VLT Proxy Gateway
- VLT Proxy Gateway Sample Topology
Virtual Routing and Forwarding (VRF)
- VRF Overview
- VRF Configuration Notes
  - DHCP
- VRF Configuration
- Sample VRF Configuration
- Route Leaking VRFs
- Dynamic Route Leaking
  - Configuring Route Leaking without Filtering Criteria
  - Configuring Route Leaking with Filtering
Virtual Router Redundancy Protocol (VRRP)
- VRRP Overview
- VRRP Benefits
- VRRP Implementation
- VRRP Configuration
  - Configuration Task List
  - Setting VRRP Initialization Delay
- Sample Configurations
  - VRRP in a VRF Configuration
    - VRRP in a VRF: Non-VLAN Scenario
    - VLAN Scenario
  - VRRP for IPv6 Configuration
- Proxy Gateway with VRRP
Debugging and Diagnostics
- Offline Diagnostics
  - Important Points to Remember
  - Running Offline Diagnostics
- Trace Logs
- Auto Save on Crash or Rollover
- Last Restart Reason
- Hardware Watchdog Timer
- Using the Show Hardware Commands
- Enabling Environmental Monitoring
- Troubleshooting Packet Loss
- Enabling Application Core Dumps
- Mini Core Dumps
- Enabling TCP Dumps
Standards Compliance
- IEEE Compliance
- RFC and I-D Compliance
- MIB Location
X.509v3
- Introduction to X.509v3 certificates
- X.509v3 support in
- Information about installing CA certificates
  - Installing CA certificate
- Information about Creating Certificate Signing Requests (CSR)
  - Creating Certificate Signing Requests (CSR)
- Information about installing trusted certificates
  - Installing trusted certificates
- Transport layer security (TLS)
  - Syslog over TLS
- Online Certificate Status Protocol (OSCP)
- Verifying certificates
  - Verifying Server certificates
  - Verifying Client Certificates
- Event logging

PDF

Loading, Please wait

Proxy Gateway in VLT Domains

Using a proxy gateway, the VLT peers in a domain can route the L3 packets destined for VLT peers in another domain as long as they have L3 reachability for the IP destinations.

Guidelines for Enabling the VLT Proxy Gateway

A proxy gateway in a VLT domain provides the following benefits:

Avoids sub-optimal routing of packets by a VLT domain when packets are destined to the endpoint in another VLT domain.
Provides resiliency if a VLT peer goes down by performing proxy routing for the peer’s destination MAC address in another VLT domain.

A typical scenario is virtual movement of servers across data centers. Virtual movement enables live migration of running virtual machines (VMs) from one host to another without downtime. For example, consider a square VLT connecting two data centers. If a VM, VM1 on Server Rack 1 has C as its default gateway and VM1 performs a virtual movement to Server Rack 2 with no change in default gateway. In this case, L3 packets destined for C can be routed either by C1 or D1 locally. To do this, install the local system mac address of C and D in both C1 and D1 so the packets for C and D could have a hit at C1 /D1 and be routed locally.

The following figure shows:

Server racks, named Rack 1 and Rack 2, are part of data centers named DC1 and DC2, respectively.
Rack 1 is connected to devices A and B in Layer 2.
Rack 2 is connected to devices A and B in Layer 2.
A VLT link aggregation group (LAG) is present between A and B.
A and B are connected to core routers, C and D.
VLT routing is present between C and D.
C1 and D1 are Layer 3 core routers in DC2, in which VLT routing is enabled.
The core routers C and D in the local VLT domain is connected to the core routers C1 and D1 in the remote VLT Domain using VLT links in eVLT fashion.

For more information about eVLT, refer to the Virtual Link Trunking (VLT) chapter. The core or Layer 3 routers C and D in local VLT Domain and C1 and D1 in the remote VLT Domain are then part of a Layer 3 cloud.

Topology 1 — Figure 1. Sample Configuration for a VLT Proxy Gateway

Keep the following points in mind when you enable a VLT proxy gateway:

Proxy gateway is supported only for VLT; for example, across a VLT domain.
You must enable the VLT peer-routing command for the VLT proxy gateway to function.
Asymmetric virtual local area network (VLAN) configuration, such as the same VLAN configured with Layer 2 (L2) mode on one VLT domain and L3 mode on another VLT domain is not supported. You must always configure the same mode for the VLANs across the VLT domain.
You must maintain VLAN symmetry within a VLT domain.
The connection between DCs must be a L3 VLT in eVLT format . For more information, refer to the eVLT Configuration Example
The trace route across the DCs can show extra hops.
To ensure no traffic drops, you must maintain route symmetry across the VLT domains. When the routing table across DCs is not symmetrical, there is a possibility of a routing miss by a DC that does not have the route for L3 traffic. Because routing protocols are enabled and both DCs are in the same subnet, there is no dynamic route asymmetry. But if you configure a static route on one DC and not on the other, there is asymmetry.
If the port-channel specified in the proxy-gateway command is not a VLT LAG, the configuration is rejected by the CLI.
You cannot change the VLT LAG to a legacy LAG when it is part of proxy-gateway.
You cannot change the link layer discovery protocol (LLDP) port channel interface to a legacy LAG when you enable a proxy gateway.
Dell EMC Networking recommends the vlt-peer-mac transmit command only for square VLTs without diagonal links.
The virtual router redundancy (VRRP) protocol and IPv6 routing is not supported.
Private VLANs (PVLANs) are not supported.
When a Virtual Machine (VM) moves from one VLT domain to the another VLT domain, the VM host sends the gratuitous ARP (GARP) , which in-turn triggers a mac movement from the previous VLT domain to the newer VLT domain.
After a station move, if the host sends a TTL1 packet destined to its gateway; for example, a previous VLT node, the packet can be dropped.
After a station move, if the host first PINGs its gateway; for example, a previous VLT node it results in a 40 to 60% success rate considering it takes a longer path.
When you remove and add back a MAC address, L3 frames can be received out-of-order at the L3 cloud. This happens when proxy gateway routing and sub-optimal routing intersperse with each other.

Enable VLT Proxy Gateway

To enable the VLT proxy gateway, the system mac addresses of C and D in the local VLT domain must be installed in C1 and D1 in the remote VLT domain and vice versa. You can install the mac address in two methods - the proxy-gateway lldp method or the proxy-gateway static configuration. Proxy-gateway LLDP is a dynamic method of installing the local mac addresses in the remote VLT domain, which is achieved using a new organizational type, length, value (TLV) in LLDP packets.

LLDP Organizational TLV for Proxy Gateway

You can configure the VLT proxy gateway in a VLT domain using the proxy-gateway LLDP command in proxy-gateway Configuration mode. Specify the port-channel interface of the square VLT link on which LLDP packets are sent using thepeer-domain-link port-channel command.
Configuring the proxy gateway lldp and the peer-domain-link port channel, LLDP sets TLV flags on the interfaces for receiving and transmitting private TLV packets. After defining these organizational TLV settings, LLDP encodes the local system mac-addresses as organizational TLVs for transmitting to the peer. If you specify the no proxy gateway LLDP interface command, LLDP stops transmitting and receiving proxy gateway TLV packets on the specified interfaces. However, other TLVs are not affected. From the interfaces on which you enabled the proxy gateway LLDP, LLDP decodes the TLV packets from the remote LLDP by using the new organizational TLV.
The following requirements must be satisfied for LLDP proxy gateway to function correctly:
- Data centers must be directly connected.
- LLDP has a limited TLV size. As a result, information that is carried by the new TLV is limited to one or two MAC addresses.
- You must have all related systems properly configured and set up.
LLDP defines an organizationally specific TLV (type 127) with a unique identifier (0x0001E8) and a defined subtype (0x01) for sending or receiving information.
LLDP uses the existing infrastructure and adds a new TLV for sending and receiving on the configured ports.
There are only a few MAC addresses for each unit transmitted. All currently active MAC addresses are carried on the newly defined TLV.
Dell EMC Networking devices not configured with VLT proxy gateway process standard TLVs and ignore TLVs configured with VLT proxy gateway.

The LLDP organizational TLV passes local destination MAC address information to peer VLT domain devices so they can act as a proxy gateway. To enable proxy gateway LLDP, two configurations are required:

You must configure the global proxy gateway LLDP to enable the proxy-gateway LLDP TLV.
You must configure the interface proxy gateway LLDP to enable or disable a proxy-gateway LLDP TLV on specific interfaces.

The interface is typically a VLT port-channel that connects to a remote VLT domain.
The new proxy gateway TLV is carried on the physical links under the port channel only.
You must have at least one link connection to each unit of the VLT domain.

Following are the prerequisites for Proxy Gateway LLDP configuration:

You must globally enable LLDP.
You cannot have interface–level LLDP disable commands on the interfaces configured for proxy gateway and you must enable both transmission and reception.
You must connect both units of the remote VLT domain by the port channel member.
If you connect more than one port to a unit of the remote VLT domain, the connection must be completed by the time you enable the proxy gateway LLDP.
You cannot have other conflicting configurations (for example, you cannot have a static proxy gateway configuration).

Proxy Gateway LLDP configuration might not operate properly if one of the following conditions is true:

Any proxy gateway configuration or LLDP configuration is not working.
LLDP packets fail to reach the remote VLT domain devices (for example, because the system is down, rebooting, or the port’s physical link connection is down).

LLDP VLT Proxy Gateway in a Square VLT Topology

Figure 2. Sample Configuration for a VLT Proxy Gateway

The preceding figure shows a sample square VLT Proxy gateway topology. There are no diagonal links in the square VLT connection between the C and D in VLT domain 1 and C1 and D1 in the VLT domain 2. This causes sub-optimal routing. For VLT Proxy Gateway to work in this scenario you must configure the VLT-peer-mac transmit command under VLT Domain Proxy Gateway LLDP mode, in both C and D (VLT domain 1) and C1 and D1 (VLT domain 2). This behavior is applicable only in the LLDP configuration and not required in the static configuration.
Sample Configuration
```
DellEMC(conf-vlt-domain)#proxy-gateway lldp 
DellEMC(conf-vlt-domain-pxy-gw-lldp)#vlt-peer-mac transmit
```
Assume the inter-chassis link (ICL) between C1 and D1 is shutdown and if D1 is the secondary VLT, one half of the inter DC link goes down. After VM motion, if a packet reaches D1 with the destination MAC address of D, it may be dropped. This behavior is applicable only in an LLDP configuration; in a static configuration, the packet is forwarded.
Any L3 packet, when it gets an L3 hit and is routed, it has a time to live (TTL) decrement as expected.
You can disable the VLT Proxy Gateway for a particular VLAN using an "Exclude-VLAN" configuration. The configuration has to be done in both the VLT domains [C and D in VLT domain 1 and C1 and D1 in VLT domain 2].
Sample Configuration LLDP Method
```
DellEMC(conf-vlt-domain)#proxy-gateway ll
DellEMC(conf-vlt-domain-pxy-gw-lldp)#peer-domain-link port-channel 1 exclude-vlan 10
```
Sample Configuration Static Method
```
DellEMC(conf-vlt-domain)#proxy-gateway static 
DellEMC(conf-vlt-domain-pxy-gw-static)#remote-mac-address <xx:xx:xx:xx:xx:xx> exclude-vlan 10
```
Packet duplication may happen with “Exclude-VLAN” configuration – Assume you used the exclude-vlan option (called VLAN 10) in C and D and in C1 and D1; If packets for VLAN 10 with C’s MAC address (C is in VLT domain 1) gets an L3 hit at C1 in VLT domain 2, they are switched to both D1 (via ICL) and C via inter DC link. This may lead to packet duplication. Therefore, if C’s MAC address is learned at C1, the packet does not flood to D1 and only switches to C and avoids packet duplication.
With the existing hardware capabilities, you can only disable VLT Proxy Gateway only for 500 VLANs, using exclude-VLAN configuration.

Data is not available for the Topic

Rate this content

All fields are required unless marked otherwise.

Accurate

not accurate

somewhat accurate

mostly accurate

accurate

very accurate

Useful

not useful

somewhat useful

mostly useful

useful

very useful

Easy to understand

not easy

somewhat easy

mostly easy

easy

very-easy

Was this article helpful?

Yes

Send us feedback (Optional)

0/3000 characters

Comments cannot contain these special characters: <>()\

Sorry, our feedback system is currently down. Please try again later.

Thank you for your feedback.

Please provide ratings (1-5 stars).

Please select whether the article was helpful or not.

Comments cannot contain these special characters: <>()\

AE/EN

Support

Support Home
Contact Technical Support

Connect with Us

Community
Contact Us

AE/EN

Our Company

Who We Are
ESG & Impact

Our Partners

Find a Partner
Partner Program

Resources

Blog
Privacy Centre

Dell Technologies
Dell Premier

Terms & Conditions
Privacy Statement
Cookies, Ads & Emails
Legal & Regulatory