Physical interface configuration
Physical switch interface configuration is a basic operation with any switch device. DELL Force10 switch is no exception. However, one thing is very unique on Force10 switches. Everything, including physical interfaces, on Force10 switch, is disabled by default, therefore, interfaces are in downstate and must be configured before any use. Someones are saying it is strange behavior but in my opinion, that's pretty good behavior because it is a much more secure approach. You will not disrupt the whole network by connecting and cabling new switch into your enterprise network until you configure something. If you will do bad configuration than it is your fault and not device fault.
Ok, so when you want to use some switch interface you have to enable interface explicitly. Before that, you should be absolutely sure your new Force10 switch is ready to be connected to the network. Think for example about spanning tree protocol configuration. Let's assume you know what you do and you want to enable the particular physical interface. It is easy. I think the example below is self-explanatory
conf
interface tengigabit 0/1
no shutdown
So your interface is up but another important note is that all physical interfaces are Layer 3 by default. You can assign IP address to Layer 3 (routed) interface and your L3 switch is configured as a router device. IP address assignment is shown below.
conf
interface tengigabit 0/1
ip address 192.168.1.11/24
no shutdown
Cool, but there is a chance you want configure Layer 2 interface to work as a switch port and not routed port. It is pretty easy, you have to tell it to your interface to not have IP address and behave as a switch port.
conf
interface tengigabit 0/1
no ip address
switchport
no shutdown
Physical Interface Numbering
So far we have used similar interface identification as follows
interface tengigabit 0/13
General interface identification convention parts have following format
interface “Interface Type” “Stack Unit Number”/”Interface Number”
where
· Interface Type - can have values gigabit (gi), tengigabit (te), fortygigabit (fo)
· Stack Unit Number - is stack ID number if classic stacking is configured otherwise there is 0 as it is a single unit switch
· Interface Number - is a sequential port number on particular stack unit
Interface ranges
You can leverage interface ranges to simplify interface and VLAN configurations.
conf
interface range te 0/1-3, te 0/5-7
interface range vlan 100-110
interface range vlan 4, vlan 11, vlan 22-26, vlan 100
I think you can see the benefit. All configurations are applied to all interfaces on the range.
VLANs
In configurations above everything is happening in default VLAN which is by default VLAN 1. This is a single broadcast domain. In computer networking, a single layer-2 network may be partitioned to create multiple distinct broadcast domains, which are mutually isolated so that packets can only pass between them via one or more routers; such a domain is referred to as a virtual local area network, virtual LAN or VLAN. Source: wikipedia. Nowadays VLANs are used very often for network separation (security) and broadcast domain split (availability, performance). If you are familiar with CISCO VLAN configuration then you have to create VLAN id in VLAN database and you can assign VLAN/VLANs to the particular interface. In Force10 it is a little bit different. You have to create VLAN id, that's the same. However, you are not assigning VLAN per interface but assigning interfaces to VLAN. See example below.
conf
interface vlan 100
description "VLAN for mission critical servers"
untagged TenGigabitEthernet 0/1-3
tagged TenGigabitEthernet 0/0
In the example above we have created VLAN 100 for three mission-critical servers. Servers are connected to ports Te 0/1, Te 0/2 and Te 0/3 without VLAN tagging (aka access mode in Cisco terminology). The particular switch port in "access" mode is configured in Force10 in following way
interface TenGigabitEthernet 0/1
description "Mission critical server 1"
no ip address
switchport
spanning-tree rstp edge-port bpduguard
no shutdown
Switch interface Te 0/0 is uplink to the rest of the network, therefore, more VLANs has to be configured on this particular port, therefore, the port is configured as a trunk port with more tagged VLANs. Switch uplinks are usually configured redundantly in a high availability mode, therefore, there is a big chance you would like to use port-channel (aka LAG) as a switch uplink. LAGs are explained in next section. Port-channel is nothing else as a special virtual interface, therefore, port-channel VLAN configuration is very similar to physical interfaces.
conf
interface vlan 100
description "VLAN for mission critical servers"
untagged TenGigabitEthernet 0/1-3
tagged Port-channel 1
There is another switch port mode which is typical for ESXi hosts. It is the server, but you want one VLAN to be configured as a native (usually for ESXi management) and also to configure trunk of multiple VLANs for virtual networking (VMware portgroups). Force10 call this port configuration as a hybrid. Switch port configuration will look similar as an example below
interface GigabitEthernet 0/11
description ESX11
no ip address
mtu 9252
portmode hybrid
switchport
spanning-tree rstp edge-port
no shutdown
and for such hybrid switch port, we can have one VLAN configured as an untagged (aka native in Cisco terminology) and multiple VLANs as tagged. VLAN configuration should look similar to ...
interface Vlan 4
description DC-MGMT
ip address 192.168.4.254/24
untagged GigabitEthernet 0/4,6,11-14,34-36,41,43
no shutdown
VLAN 4 is a used for ESXi management but multiple other VLANs can be carried to the ESXi host as tagged VLANs. This is depicted in configuration snippet below ...
interface Vlan 22
description VMOTION
name VMOTION
no ip address
tagged GigabitEthernet 0/11-14,34-36
shutdown
!
interface Vlan 23
description VTEP
name NSX-OVERLAY
ip address 192.168.23.254/24
tagged GigabitEthernet 0/11-14,34-36
no shutdown
!
interface Vlan 24
description ISCSI
name ISCSI
ip address 192.168.24.254/24
tagged GigabitEthernet 0/11-14,34-36
untagged GigabitEthernet 0/10
no shutdown
!
interface Vlan 25
description NFS
name NFS
ip address 192.168.25.254/24
tagged GigabitEthernet 0/11-14,34-36
no shutdown
!
interface Vlan 26
description VSAN
name VSAN
no ip address
tagged GigabitEthernet 0/11-14,34-36
shutdown
!
interface Vlan 100
description V2P-PEERING
name V2P-PEERING
ip address 172.16.0.254/24
tagged GigabitEthernet 0/11-14,34
no shutdown
So the solution above is one way how to do it. VLAN by VLAN, but what if I would like to configure two new ports into existing VLANs?
Let's assume I have two switch ports (gi 0/29 and gi 0/34) which I want to configure for ESXi hypervisor. Below is the basic configuration of switch ports.
interface GigabitEthernet 0/29
description ESX01-nic1
no ip address
mtu 9216
portmode hybrid
switchport
spanning-tree rstp edge-port
no shutdown
interface GigabitEthernet 0/34
description ESX01-nic0
no ip address
mtu 9216
portmode hybrid
switchport
spanning-tree rstp edge-port
no shutdown
Those, who are familiar with CISCO switch operating systems, they would expect VLANs configuration along with switch port configuration. Dell FTOS is different because you have to configure VLANs from the VLANs point of view and not from the switch ports point of view. Let's assume we have VLAN 4 for vSphere management network segment where ESXi hosts are connected natively without 802.1Q tagging. The rest of VLANs we would like to expose into ESXi must be tagged. These VLANs are 2-3, 5-9, 11, 13, 22-26, 31-34, 51-52, 100-101. So, below is the FTOS CLI commands to add two particular switch ports to several required VLANs ...
conf
interface vlan 4
untagged GigabitEthernet 0/29
untagged GigabitEthernet 0/34
interface range vlan 2-3,vlan 5-9,vlan 11,vlan 13,vlan 22-26,vlan 31-34,vlan 51-52
tagged GigabitEthernet 0/29
tagged GigabitEthernet 0/34
interface range vlan 100-101
tagged GigabitEthernet 0/29
tagged GigabitEthernet 0/34
Note: In this particular case, I have to use two ranges because the FTOS interface range is limited. See what error message you would get if you try to configure single interface range of all VLANs mentioned above.
interface range vlan 2-3,vlan 5-9,vlan 11,vlan 13,vlan 22-26,vlan 31-34,vlan 51-52,vlan 100-101
% Error: Exceeds maximum number of command arguments ( max = 32 ).
LAGs - Link Aggregates
Link Aggregation is a general term for channeling multiple links into single virtual aggregate also known as a port channel. There are two types of port channels static and dynamic (aka LACP). For more general information about "link aggregation" look here.
Now let's see how you can configure port channels.
Static Port Channel
Below is the example of static port channel bundled with two interfaces (te 0/1 and te 0/2)
interface port-channel 1
description "Static Port-Channel"
channel-member tengigabit 0/1
channel-member tengigabit 0/2
no ip address
switchport
no shutdown
Dynamic Port Channel
Below is the example of dynamic port channel bundled with two interfaces (te 0/1 and te 0/2)
VLT (Virtual Link Trunking) is actually virtual Port Channel spanned across multiple chassis (aka MultiChassis LAG). VLT can be static or dynamic port-channel. When two Force10 switches are configured in single VLT domain you can create VLT port-channel independently on each VLT node. You can read more about VLT here.
You configure VLT port-channel on each node in the absolutely same way as classic port-channels. The only difference is that you will tell FTOS that this particular port-channel is VLT and you can define peer port-channel id which can be different than on another node. However, the best practice is to use same port-channel IDs on both VLT nodes just to keep configuration simple and more readable.
Directive to tell the port-channel is VLT is vlt-peer-lag.
So if port-channel examples above would be VLTs then the configuration is the same only with one additional option. See examples below.
Static VLT Port Channel
interface port-channel 1
description "Static Port-Channel"
channel-member tengigabit 0/1
channel-member tengigabit 0/2
vlt-peer-lag port-channel 1
no ip address
no shutdown
Dynamic VLT Port Channel
interface port-channel 1
description "Dynamic Port-Channel (LACP)"
no ip address
vlt-peer-lag port-channel 1
switchport
no shutdown
interface tengigabit 0/1
port-channel-protocol lacp
port-channel 1 mode active
no shutdown
interface tengigabit 0/2
port-channel-protocol lacp
port-channel 1 mode active
no shutdown
Conclusion
Interface and VLAN configuration is a basic network operation. If you are familiar with any other switch vendor interface configuration I think Force10 interface configuration is simple for you. The only different approach is with VLAN configuration but it is just a matter of habit.
Hope you found this blog post useful and as always, any comment and feedback are highly appreciated.