Tuesday, July 07, 2015

DELL Force10 : Interface Configuration and VLANs

Physical interface configuration

Physical switch interface configuration is a basic operation with any switch device. DELL Force10 switch is not exception. However one think is very unique on Force10 switches. Everything, including physical interfaces, on Force10 switch is disabled by default therefore interfaces are in down state and must be configured before any use. Someones are saying it is strange behavior but in my opinion that's pretty good behavior because it is much more secure approach. You will not disrupt whole network by connecting and cabling new switch in to your enterprise network until you configure something. If you will do bad configuration than it is your fault and not device fault.

Ok, so when you want to use some switch interface you have to enable interface explicitly. Before that you should be absolutely sure your new Force10 switch is ready to be connected to the network. Think for example about spanning tree protocol configuration. Let's assume you know what you do and you want enable particular physical interface. It is easy. I thong the example below is self explanatory
conf
  interface tengigabit 0/1
  no shutdown
So your interface is up but another important note is that all physical interfaces are Layer 3 by default. You can assign IP address to Layer 3 (routed) interface and your L3 switch is configured as router device. IP address assignment is shown below.
conf
  interface tengigabit 0/1
  ip address 192.168.1.11/24
  no shutdown
Cool, but there is a chance you want configure Layer 2 interface to work as a switch port and not routed port. It is pretty easy, you have to tell it to your interface to not have IP address and behave as a switch port.
conf
  interface tengigabit 0/1
  no ip address
  switchport
  no shutdown

Physical Interface Numbering

So far we have used similar interface identification as follows
interface tengigabit 0/13

General interface identification convention parts have following format
interface <Interface Type> <Stack Unit Number>/<Interface Number>
where
  • Interface Type - can have values gigabit (gi), tengigabit (te), fortygigabit (fo)
  • Stack Unit Number - is stack ID number if classic stacking is configured otherwise there is 0 as it is single unit switch
  • Interface Number - is sequential port number on particular stack unit

Interface ranges

You can leverage interface ranges to simplify interface and VLAN configurations. 
conf
interface range  te 0/1-3, te 0/5-7
interface range vlan 100-110
I think you can see.the benefit. All configurations are applied to all interfaces on the range.

VLANs

In configurations above everything is happening in default VLAN which is by default VLAN 1. This is a single broadcast domain. In computer networking, a single layer-2 network may be partitioned to create multiple distinct broadcast domains, which are mutually isolated so that packets can only pass between them via one or more routers; such a domain is referred to as a virtual local area network, virtual LAN or VLAN. Source: wikipedia. Nowadays VLANs are used very often for network separation (security) and broadcast domain split (availability, performance). If you are familiar with CISCO VLAN configuration then you have to create VLAN id in VLAN database and you can assign VLAN/VLANs to particular interface. In Force10 it is little bit different. You have to create VLAN id, that's the same. However you are not assigning VLAN per interface but assigning interfaces to VLAN. See example below.
conf
  interface vlan 100
  description "VLAN for mission critical servers"
  untagged TenGigabitEthernet 0/1-3
  tagged TenGigabitEthernet 0/0
In example above we have created VLAN 100 for three mission critical servers. Servers are connected to ports Te 0/1, Te 0/2 and Te 0/3 without VLAN tagging (aka access mode). Switch interface Te 0/0 is uplink to the rest of the network therefore more VLANs has to be configured on this particular port therefore the port is configured as a trunk port with more tagged VLANs.

Switch uplinks are usually configured redundantly in high availability mode therefore there is a big chance you would like to use port-channel (aka LAG) as an switch uplink. LAGs are explained in next section. Port-channel is nothing else as a special virtual interface therefore port-channel VLAN configuration is very similar to physical interfaces.
conf
interface vlan 100
  description "VLAN for mission critical servers"
  untagged TenGigabitEthernet 0/1-3
  tagged Port-channel 1

LAGs - Link Aggregates 

Link Aggregation is general term for channeling multiple links into single virtual aggregate also known as port channel. There are two types of port channels static and dynamic (aka LACP). For more general information about link aggregation look here.

Now let's see how you can configure port channels.

Static Port Channel
Below is example of static port channel bundled with two interfaces (te 0/1 and te 0/2)
interface port-channel 1
  description "Static Port-Channel"
  channel-member tengigabit 0/1
  channel-member tengigabit 0/2
  no ip address
  switchport
  no shutdown
Dynamic Port Channel
Below is example of dynamic port channel bundled with two interfaces (te 0/1 and te 0/2)
interface port-channel 1
  description "Dynamic Port-Channel (LACP)"
  no ip address
  switchport
  no shutdown
 
interface tengigabit 0/1
  port-channel-protocol lacp
    port-channel 1 mode active
  no shutdown
 
interface tengigabit 0/2
  port-channel-protocol lacp
    port-channel 1 mode active
  no shutdown

VLT (Virtual Link Trunking) is actually virtual Port Channel spanned across multiple chassis (aka MultiChassis LAG). VLT can be static or dynamic port-channel. When two Force10 switches are configured in single VLT domain you can create VLT port-channel independently on each VLT node. You can read more about VLT here.

You configure VLT port-channel on each node in absolutely same way as classic port-channels. The only difference is that you will tell FTOS that this particular port-channel is VLT and you can define peer port-channel id which can be different then on other node. However best practice is to use same port-channel IDs on both VLT nodes just to keep configuration simple and more readable.

Directive to tell the port-channel is VLT is vlt-peer-lag.

So if port-channel examples above would be VLTs then the configuration is the same only with one additional option. See examples below.

Static VLT Port Channel
interface port-channel 1
  description "Static Port-Channel"
  channel-member tengigabit 0/1
  channel-member tengigabit 0/2
  vlt-peer-lag port-channel 1
  no ip address
  no shutdown

Dynamic VLT Port Channel
interface port-channel 1
  description "Dynamic Port-Channel (LACP)"
  no ip address
  vlt-peer-lag port-channel 1
  switchport
  no shutdown
 
interface tengigabit 0/1
  port-channel-protocol lacp
    port-channel 1 mode active
  no shutdown
 
interface tengigabit 0/2
  port-channel-protocol lacp
    port-channel 1 mode active
  no shutdown

Conclusion

Interface and VLAN configuration is an basic network operation. If you are familiar with any other switch vendor interface configuration I think Force10 interface configuration is simple for you. Only different approach is with VLAN configuration but it is just a matter of habit.

Hope you found this blog post useful and as always, any comment and feedback is highly appreciated.

3 comments:

Martin Zidek said...

Still no "default interface" command :) but it's on roadmap.

slashdot effect said...

"default interface" is now in release 9.9.

Iftekhar Alam said...

Great explanation..