VirtualScale Command Line Reference Publication Date: February 2012

Notes, Cautions, and Warnings NOTE: A NOTE indicates important information that helps you make better use of your computer.

CAUTION: A CAUTION indicates potential damage to hardware or loss of data if instructions are not followed. WARNING: A WARNING indicates a potential for property damage, personal injury, or death.

Information in this publication is subject to change without notice. © 2012 Dell Force10. All rights reserved. Reproduction of these materials in any manner whatsoever without the written permission of Dell Inc. is strictly forbidden. Trademarks used in this text: Dell™, the DELL logo, Dell Precision™, OptiPlex™, Latitude™, PowerEdge™, PowerVault™, PowerConnect™, OpenManage™, EqualLogic™, KACE™, FlexAddress™ and Vostro™ are trademarks of Dell Inc. Intel®, Pentium®, Xeon®, Core™ and Celeron® are registered trademarks of Intel Corporation in the U.S. and other countries. AMD® is a registered trademark and AMD Opteron™, AMD Phenom™, and AMD Sempron™ are trademarks of Advanced Micro Devices, Inc. Microsoft®, Windows®, Windows Server®, MS-DOS® and Windows Vista® are either trademarks or registered trademarks of Microsoft Corporation in the United States and/or other countries. Red Hat Enterprise Linux® and Enterprise Linux® are registered trademarks of Red Hat, Inc. in the United States and/or other countries. Novell® is a registered trademark and SUSE ™ is a trademark of Novell Inc. in the United States and other countries. Oracle® is a registered trademark of Oracle Corporation and/or its affiliates. Citrix®, Xen®, XenServer® and XenMotion® are either registered trademarks or trademarks of Citrix Systems, Inc. in the United States and/or other countries. VMware®, Virtual SMP®, vMotion®, vCenter®, and vSphere® are registered trademarks or trademarks of VMWare, Inc. in the United States or other countries. Other trademarks and trade names may be used in this publication to refer to either the entities claiming the marks and names or their products. Dell Inc. disclaims any proprietary interest in trademarks and trade names other than its own. February 2012

Table of Contents 1 VirtualScale Getting Started Commands. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7 description . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7 redundancy force-failover rpm . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8 reset stack-unit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8 show stack redundancy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9 show stack virtual . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9 ssh-peer-rpm . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11 stack convert mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12 stack-unit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13 stack virtual domain . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13 stack virtual-link . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14 telnet-peer-rpm . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15

2 Private VLAN (PVLAN) Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Private VLAN Concepts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ip local-proxy-arp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . private-vlan mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . private-vlan mapping secondary-vlan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . show interfaces private-vlan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . show vlan private-vlan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . show vlan private-vlan mapping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . switchport mode private-vlan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . show arp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . show vlan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

17 17 18 18 19 20 21 22 24 25 26 27

Table of Contents | 3

4

|

Table of Contents

www.dell.com | support.dell.com

1 VirtualScale Getting Started Commands This chapter contains the following commands: • • • • • • • • • • •

description redundancy force-failover rpm reset stack-unit show stack redundancy show stack virtual ssh-peer-rpm stack convert mode stack-unit stack virtual domain stack virtual-link telnet-peer-rpm

description ex Syntax Parameters Defaults Command Mode Command History Example

Configure a short description for the Virtual Stack. description word word

Enter a text string up to 80 characters long.

None. CONFIGURATION-VS-DOMAIN Version 8.4.4.0

Introduced

Force10(conf)#stack virtual-domain 100 Force10(config-vs-domain-100)#description "Virtual Domain is 100" Force10(config-vs-domain-100)#show conf ! stack virtual-domain 100 description: "Virtual Domain is 100"

VirtualScale Getting Started Commands | 5

www.dell.com | support.dell.com

redundancy force-failover rpm This command causes an RPM failover to fail over to the Stack Standby RPM rather than the Chassis Standby RPM. Syntax Command Mode Command History Example

redundancy force-failover rpm

EXEC Privilege Version 8.4.4.0

Introduce support for VirtualScale

Force10# redundancy force-failover rpm

System configuration has been modified. Save? [yes/no]: yes Oct 28 14:34:59.289: %STKUNIT0-M-RPM0-P:CP %FILEMGR-5-FILESAVED: Copied running-config to startup-config in flash by default Synchronizing data to peer RPM !!!!!! Proceed with RPM hot failover [confirm yes/no]:yes

reset stack-unit ex Syntax Parameters

Reset a stack-unit within the Virtual Stack. reset stack-unit number {hard} number

Enter the Stack ID number. Range 0-1

hard

Enter the keyword hard to reset the unit.

Defaults Command Mode Command History Example

6

|

EXEC Version 8.4.4.0

Introduced

Force10#reset stack-unit 1 hard Proceed with reset? [yes/no]: yes

VirtualScale Getting Started Commands

show stack redundancy ex Syntax

Display the Virtual Stack’s redundancy configuration (reboot status on the Stack Master). show stack redundancy

Defaults

None.

Command Mode

EXEC

Command History Example

Version 8.4.4.0

Introduced

Force10#show stack redundancy ------------------- Stack Unit Stack Unit : RPM Slot ID : Stack Unit Redundancy Role: Stack Unit State : Stack Unit SW Version : Link to Peer :

Status --------------------------0 0 Stack Master Active E8.4.4.0 Up

------ Peer Stack Unit Status --------------------------------------------------------------------------------------Stack Unit : 1 RPM Slot ID : 0 Stack Unit Stat : Stack Standby Stack Unit SW Version : E8.4.4.0 -----Stack Redundancy Configuration ----------------------------------------------------------------------------------------Auto Data Sync : Full Failover Type : Hot Failover ---- Stack Failover Record ---------------------------------------------------------------------------------------Failover Count : 0 Last failover timestamp : Last failover Reason : None Last failover type : None

-- Last Data Block Sync Record: ------------------------------------------------Line Card Config: succeeded Mar 31 1993 Start-up Config: succeeded Mar 31 1993 Runtime Event Log: succeeded Mar 31 1993 Running Config: succeeded Mar 31 1993 Force10#

04:29:21 04:29:21 04:29:21 04:29:21

show stack virtual ex

Display information on the virtual stack, including domain number, operation roles of chassis, and the VSI link.

VirtualScale Getting Started Commands | 7

www.dell.com | support.dell.com

Syntax Parameters

Defaults Command Mode Command History Example

show stack virtual [role | link [port-channel]]

role

(Optional) Display information on the operational role of a chassis in the virtual stack.

link

(Optional) Display status information on the VSI link.

port-channel

(Optional) Display status and configuration information on the VSI port-channel.

None EXEC Version 8.4.4.0

Introduced

Force10#show stack virtual Stack mode Virtual stack domain number Local stack unit Local stack rpm0 operational role Local stack rpm1 operational role Peer stack unit Peer stack rpm0 operational role Peer stack rpm1 operational role

: : : : : : : :

Virtual Stack 100 0 Stack Master Stack Member 1 Stack Standby Stack Member

Force10#show stack virtual role Stack Stack Rpm Status Role unit SlotId -----------------------------------------------------------------------LOCAL 0 0 Active Stack Master LOCAL 0 1 Active Stack Member REMOTE 1 0 Active Stack Standby REMOTE 1 1 Active Stack Member

Force10#show stack virtual link VirtualScale Interconnect (VSI) Status for Stack Unit 0 VSI Status : UP VSI Uptime : 11 min, 43 sec VSI Control Link: *Te 0/13/0 Te 0/13/39 VirtualScale Interconnect (VSI) Status for Stack Unit 1 VSI Status : UP VSI Uptime : 11 min, 37 sec VSI Control Link: *Te 1/13/0 Te 1/13/39

8

|

VirtualScale Getting Started Commands

Example

Force10#show stack virtual link VSL Port Channel Information Flags:

D s N M m u w

-

port-channel

down P - bundled in port-channel I - stand-alone suspended R - Layer3 S - Layer2 U - in use not in use, no aggregation f - failed to allocate aggregator not in use, no aggregation due to minimum links not met not in use, port not aggregated due to minimum links not met unsuitable for bundling waiting to be aggregated

Port-channel Ports -----------------------------------------------------------------Po200(RU) *Te 0/13/0, Te 0/13/39 Po201(RU) *Te 1/13/0, Te 1/13/39

ssh-peer-rpm ex Syntax Parameters

Defaults Command Modes

Open an SSH connection to the Stack Standby RPM. ssh-peer-rpm [-l username] -l username

(OPTIONAL) Enter the keyword -l followed by your user name. Default: The user name associated with the terminal

Not configured. EXEC EXEC Privilege

Command History

Version 8.4.4.0

Introduce support for VirtualScale

VirtualScale Getting Started Commands | 9

www.dell.com | support.dell.com

stack convert mode ex Syntax Parameters

Defaults Command Mode Command History Usage Information

Convert an ExaScale chassis to VirtualScale mode, or a Virtual Stack to Stand-alone mode. stack convert mode {virtual | standalone} virtual

Enter the keyword virtual to convert an ExaScale chassis to VirtualScale mode.

standalone

Enter the keyword standalone to convert a Virtual Stack to Stand-alone mode.

none EXEC Version 8.4.4.0

Introduced

When converting to VirtualScale mode, prior to rebooting, the current running-configuration is backed up on the chassis master RPM to a file labeled Backup-startup-config-standalone.cfg, and the interface notations are converted from slot/port to stack-id/slot/port. These changes are also saved into startup-configuration. After the VirtualScale mode bootup in completes, configurations on the Standby chassis default to default configurations and only the VSI LAG configuration of the standby chassis is synched to Master chassis. When converting to Stand-alone mode, prior to rebooting, the current running-configuration file is backed up on the Stack Master and the interface notation is converted from stack-id/slot/port to slot/ port. These changes are also saved into startup-configuration. After bootup in stand-alone mode completes, configurations on both the chassis use the default configurations.

Example

Force10#stack convert mode virtual This command will backup current running-config to flash:// Backup-startup-config-standalone.cfg file(Overwrite if it already exists). It will also convert the running-config from slot/port to stack-id/slot/port notation, save running-config to startup-config and reload the chassis. Proceed[Yes/No]?yes Force10#stack convert mode stand-alone Backup the current running-config to flash:// Backup-startup-config-vstack.cfg file(Overwrite if it already exists) and reload the chassis. Proceed[Yes/No]?yes

10

|

VirtualScale Getting Started Commands

stack-unit ex Syntax Parameters

Defaults Command Mode Command History Usage Information Example

Set the Stack ID number for a chassis, as it will be identified within the Virtual Stack.

stack-unit number number

Enter the Stack ID number for the chassis. Range: 0-1

None CONFIGURATION-VS-DOMAIN Version 8.4.4.0

Introduced

The Stack ID number must be different for each chassis in the Virtual Stack.

Force10(conf)#stack virtual-domain 100 Force10(config-vs-domain-100)#stack-unit 0 Force10(config-vs-domain-100)#

stack virtual domain ex Syntax Parameters

Defaults Command Mode Command History Usage Information Example

Set the Domain number for the Virtual Stack.

stack virtual domain number number

Enter the Domain ID number for the Virtual Stack. Range: 1-255

None CONFIGURATION Version 8.4.4.0

Introduced

The Domain number must be the same for all the chassis in the Virtual Stack.

Force10(conf)#stack virtual-domain 100 Force10(config-vs-domain-100)#show conf ! stack virtual-domain 100

VirtualScale Getting Started Commands | 11

www.dell.com | support.dell.com

stack virtual-link ex Syntax Parameters

Defaults Command Mode Command History Usage Information

Associate a stack-unit number to the stack as the VSI link. stack virtual-link number number

Enter the stack-unit number. Range 0-1

None INTERFACE-PORTCHANNEL Version 8.4.4.0

Introduced

The port-channel must already be configured, prior to making this association. The members are added after this command is implemented. When configuring the VSI LAG, only the following attributes are supported. If any other attributes are configured on the LAG, it cannot be defined as a VSI LAG. — — — —

Example

12

|

channel-member, no channel-member description, no description minimum-links, no minimum-links shutdown, no shutdown

Force10(conf)#int port-channel 200 Force10(conf-if-po-200)#stack virtual-link 0 Force10(conf-if-po-200)#show conf ! interface Port-channel 200 no ip address stack virtual-link 0 shutdown

VirtualScale Getting Started Commands

telnet-peer-rpm ex Syntax

Open a Telnet connection with a peer RPM from any stack unit (chassis) in the virtual stack. telnet-peer-rpm [stack-unit-number/rpm-number]

Parameters

Defaults Command Modes

stack-unit-number

Enter the number of a stack unit in the virtual stack. Range: 0-1.

rpm-number

Enter the number of an RPM in the stack unit. Range: 0-1.

Not configured. EXEC EXEC Privilege

Command History Usage Information

Version 8.4.4.0

If you do not specify a stack unit and RPM when you enter the command: • •

Example

Introduce support for VirtualScale

The Stack Master RPM connects via Telnet with the Stack Standby RPM. THe Stack Standby and Stack Associate RPMs connect via Telnet with the Stack Master RPM.

Force10#telnet-peer-rpm 1/1 Trying RPM 1/1... Connected to RPM 1/1. Exit character is '^]'. Force10(associate)#

VirtualScale Getting Started Commands | 13

www.dell.com | support.dell.com 14

|

VirtualScale Getting Started Commands

2 Private VLAN (PVLAN) Commands Overview Starting with FTOS 8.4.4.2, the Private VLAN (PVLAN) feature of FTOS is supported for VirtualScale on the E-Series ExaScale: e x Private VLANs extend the FTOS security suite by providing Layer 2 isolation between ports within the same private VLAN. A private VLAN partitions a traditional VLAN into subdomains identified by a primary and secondary VLAN pair. The FTOS private VLAN implementation is based on RFC 3069.

Commands • • • • • • •

ip local-proxy-arp private-vlan mode private-vlan mapping secondary-vlan show interfaces private-vlan show vlan private-vlan show vlan private-vlan mapping switchport mode private-vlan

PVLAN information is also displayed in the output of the following show commands: • •

show arp show vlan

Private VLAN (PVLAN) Commands | 15

www.dell.com | support.dell.com

Private VLAN Concepts Primary VLAN: The primary VLAN is the base VLAN and can have multiple secondary VLANs. There are two types of secondary VLAN — community VLAN and isolated VLAN: • •

A primary VLAN can have any number of community VLANs and isolated VLANs. Private VLANs block all traffic to isolated ports except traffic from promiscuous ports. Traffic received from an isolated port is forwarded only to promiscuous ports or trunk ports.

Community VLAN: A community VLAN is a secondary VLAN of the primary VLAN: • •

Ports in a community VLAN can talk to each other. Also, all ports in a community VLAN can talk to all promiscuous ports in the primary VLAN and vice-versa. Devices on a community VLAN can communicate with each other via member ports, while devices in an isolated VLAN cannot.

Isolated VLAN: An isolated VLAN is a secondary VLAN of the primary VLAN: • •

Ports in an isolated VLAN cannot talk to each other. Servers would be mostly connected to isolated VLAN ports. Isolated ports can talk to promiscuous ports in the primary VLAN, and vice-versa.

Port types: •

• • •

Community port: A community port is, by definition, a port that belongs to a community VLAN and is allowed to communicate with other ports in the same community VLAN and with promiscuous ports. Isolated port: An isolated port is, by definition, a port that, in Layer 2, can only communicate with promiscuous ports that are in the same PVLAN. Promiscuous port: A promiscuous port is, by definition, a port that is allowed to communicate with any other port type. Trunk port: A trunk port, by definition, carries VLAN traffic across switches: — A trunk port in a PVLAN is always tagged to the primary VLAN. — Primary or secondary VLAN traffic is carried by the trunk port in tagged mode. The tag on the packet helps identify the VLAN to which the packet belongs. — A trunk port can also belong to a regular VLAN (non-private VLAN).

ip local-proxy-arp ex Syntax

Enable/disable Layer 3 communication between secondary VLANs in a private VLAN. [no] ip local-proxy-arp To disable Layer 3 communication between secondary VLANs in a private VLAN, use the no ip local-proxy-arp command in the INTERFACE VLAN mode for the primary VLAN.

16

|

Private VLAN (PVLAN) Commands

To disable Layer 3 communication in a particular secondary VLAN, use the no ip local-proxy-arp command in the INTERFACE VLAN mode for the selected secondary VLAN.

Note: Even after ip-local-proxy-arp is disabled (no ip-local-proxy-arp) in a secondary VLAN, Layer 3 communication may occur between some secondary VLAN hosts, until the ARP timeout happens on those secondary VLAN hosts. Defaults

Layer 3 communication is disabled between secondary VLANs in a private VLAN. When you enable local-proxy ARP on a primary VLAN with the ip-local-proxy-arp command, local-proxy ARP is enabled by default on all secondary VLANs in the primary VLAN.

Command Modes

INTERFACE VLAN for the primary VLAN

Command History

Version 8.4.4.2

Related Commands

Introduced for VirtualScale on the E-Series ExaScale.

private-vlan mode

Set the mode of the selected VLAN to community, isolated, or primary.

private-vlan mapping secondary-vlan

Map secondary VLANs to the selected primary VLAN.

show arp

Displays the output hardware address against each IP address. All of the secondary vlans are displayed with their associated primary vlan ID.

show interfaces private-vlan

Display type and status of PVLAN interfaces.

show vlan private-vlan

Display PVLANs and/or interfaces that are part of a PVLAN.

switchport mode private-vlan

Set the PVLAN mode of the selected port.

private-vlan mode ex Syntax

Set the PVLAN mode of the selected VLAN to community, isolated, or primary. [no] private-vlan mode {community | isolated | primary} To remove the PVLAN configuration, use the no private-vlan mode {community | isolated | primary} command syntax.

Parameters

Defaults Command Modes

Enter community to set the VLAN as a community VLAN, as described above.

isolated

Enter isolated to configure the VLAN as an isolated VLAN, as described above.

primary

Enter primary to configure the VLAN as a primary VLAN, as described above.

None INTERFACE VLAN

Command History Usage Information

community

Version 8.4.4.2

Introduced for VirtualScale on the E-Series ExaScale.

The VLAN: •

Can be in only one mode, either community, isolated, or primary.

Private VLAN (PVLAN) Commands | 17

www.dell.com | support.dell.com

•

•

Mode can be set to community or isolated even before associating it to a primary VLAN. This secondary VLAN will continue to work normally as a normal VLAN even though it is not associated to a primary VLAN. (A syslog message indicates this.) Must not have a port in it when the VLAN mode is being set.

Only ports and port channels configured as promiscuous, host, or PVLAN trunk ports (as described above) can be added to the PVLAN. No other regular ports can be added to the PVLAN. After using this command to configure a VLAN as a primary VLAN, use the private-vlan mapping secondary-vlan command to map secondary VLANs to this VLAN. Related Commands

private-vlan mapping secondary-vlan

Set the mode of the selected VLAN to primary and then associate secondary VLANs to it.

show arp

Displays the output hardware address against each IP address. All of the secondary vlans are displayed with their associated primary vlan ID.

show interfaces private-vlan

Display type and status of PVLAN interfaces.

show vlan private-vlan

Display PVLANs and/or interfaces that are part of a PVLAN.

show vlan private-vlan mapping

Display primary-secondary VLAN mapping.

switchport mode private-vlan

Set the PVLAN mode of the selected port.

private-vlan mapping secondary-vlan ex Syntax

Map secondary VLANs to the selected primary VLAN. [no] private-vlan mapping secondary-vlan vlan-list To remove specific secondary VLANs from the configuration, use the no private-vlan mapping secondary-vlan vlan-list command syntax.

Parameters

vlan-list

Enter the list of secondary VLANs to associate with the selected primary VLAN, as described above. The list can be in comma-delimited or hyphenated-range format, following the

convention for range input. Defaults Command Modes

none INTERFACE VLAN

Command History Usage Information

Version 8.4.4.2

The list of secondary VLANs can be: • • •

Related Commands

18

|

Introduced for VirtualScale on the E-Series ExaScale.

Specified in comma-delimited or hyphenated-range format. Specified with this command even before they have been created. Amended by specifying the new secondary VLAN to be added to the list. private-vlan mode

Set the mode of the selected VLAN to community, isolated, or primary.

show arp

Displays the output hardware address against each IP address. All of the secondary vlans are displayed with their associated primary vlan ID.

Private VLAN (PVLAN) Commands

show interfaces private-vlan

Display type and status of PVLAN interfaces.

show vlan private-vlan

Display PVLANs and/or interfaces that are part of a PVLAN.

show vlan private-vlan mapping

Display primary-secondary VLAN mapping.

switchport mode private-vlan

Set the PVLAN mode of the selected port.

show interfaces private-vlan ex Syntax Parameters

Defaults Command Modes

Command History Usage Information Examples

Display the type and status of PVLAN interfaces. show interfaces private-vlan [interface interface] interface interface

(OPTIONAL) Enter the keyword interface followed by one of the following interface types: 1-Gigabit Ethernet: Enter gigabitethernet stack-id/slot/port. 10-Gigabit Ethernet: Enter tengigabitethernet stack-id/slot/port. Port channel: Enter port-channel {1-511}.

None EXEC EXEC Privilege Version 8.4.4.2

Introduced for VirtualScale on the E-Series ExaScale.

This command has two types of display — a list of all PVLAN interfaces or for a specific interface. Examples of both types of output are shown below. Figure 2-1.

show interfaces private-vlan Command Output

Force10# show interfaces private-vlan Interface Vlan PVLAN-Type Interface Type Status --------- ---- ---------- -------------- -------Gi 0/2/5 101 Community Host Up Gi 0/2/7 30 Community Host Up Gi 0/4/0 10 Primary Promiscuous Up Gi 0/4/1 102 Isolated Host Up Gi 1/1/0 100 Primary Promiscuous Up Gi 1/1/3 20 Community Host Up Gi 1/1/5 10 Primary Trunk Up Po 10 40 Isolated Host Up Po 20 101 Community Host Up

Force10# show interfaces private-vlan Gi 1/1/0 Interface Vlan PVLAN-Type Interface Type Status --------- ---- ---------- -------------- -------Gi 1/1/0 100 Primary Promiscuous Up

Private VLAN (PVLAN) Commands | 19

www.dell.com | support.dell.com

Table 2-1.

Related Commands

show interfaces description Command Example Fields

Field

Description

Interface

Displays type of interface and associated slot and port number

Vlan

Displays the VLAN ID of the designated interface

PVLAN-Type

Displays the type of VLAN in which the designated interface resides

Interface Type

Displays the PVLAN port type of the designated interface.

Status

States whether the interface is operationally up or down.

private-vlan mode

Set the mode of the selected VLAN to community, isolated, or primary.

show arp

Displays the output hardware address against each IP address. All of the secondary vlans are displayed with their associated primary vlan ID.

show vlan

Displays the output of all Private-vlans and regular vlans. All of the private-vlans will have the appropriate codes..

show vlan private-vlan

Display PVLANs and/or interfaces that are part of a PVLAN.

show vlan private-vlan mapping

Display primary-secondary VLAN mapping.

switchport mode private-vlan

Set the PVLAN mode of the selected port.

show vlan private-vlan ex Syntax Parameters

Defaults Command Modes

Command History

20

|

Display PVLANs and/or interfaces that are part of a PVLAN. show vlan private-vlan [community | isolated | primary | interface interface | vlan-id] community

(OPTIONAL) Enter the keyword community to display VLANs configured as community VLANs, along with their interfaces.

isolated

(OPTIONAL) Enter the keyword isolated to display VLANs configured as isolated VLANs, along with their interfaces.

primary

(OPTIONAL) Enter the keyword primary to display VLANs configured as primary VLANs, along with their interfaces.

interface interface

(OPTIONAL) Enter the keyword interface followed by one of the following interface types: 1-Gigabit Ethernet: Enter gigabitethernet stack-id/slot/port. 10-Gigabit Ethernet: Enter tengigabitethernet stack-id/slot/port. Port channel: Enter port-channel {1-511}.

vlan-id

(OPTIONAL) Enter the VLAN ID of a primary or secondary VLAN to display the PVLAN configuration of the specified VLAN.

None EXEC EXEC Privilege Version 8.4.4.2

Private VLAN (PVLAN) Commands

Introduced for VirtualScale on the E-Series ExaScale.

Usage Information

Examples

Examples of all types of command output are shown below. The first type of output is the result of not entering an optional keyword. It displays a detailed list of all PVLANs and their member VLANs and interfaces. The other types of output show details about PVLAN subsets. Figure 2-2.

show vlan private-vlan Command Output

Force10# show vlan private-vlan Primary Secondary Type Active Ports ------- --------- --------- ------ -----------------------------------------10 Primary Yes Gi 0/4/0 Gi 1/1/5 20 Community Yes Gi 1/1/3 30 Community Yes Gi 0/2/7 40 Isolated Yes Po 10 100 Primary Yes Gi 1/1/0 101 Community Yes Gi 0/2/5 Po 20 102 Isolated Yes Gi 0/4/1

Force10# show vlan Primary Secondary ------- --------10 100

Force10# show vlan Primary Secondary ------- --------10 40 100 102

Force10# show vlan Primary Secondary ------- --------10 20 30 100 101

Force10# show vlan Primary Secondary ------- --------100 101

private-vlan primary Type Active Ports --------- ------ -----------------------------------------Primary Yes Gi 0/4/0 Gi 1/1/5 Primary Yes Gi 1/1/0

private-vlan isolated Type Active Ports --------- ------ -----------------------------------------Primary Yes Gi 0/4/0 Gi 1/1/5 Isolated Yes Po 10 Primary Yes Gi 1/1/0 Isolated Yes Gi 0/4/1

private-vlan community Type Active Ports --------- ------ -----------------------------------------Primary Yes Gi 0/4/0 Gi 1/1/5 Community Yes Gi 1/1/3 Community Yes Gi 0/2/7 Primary Yes Gi 1/1/0 Community Yes Gi 0/2/5 Po 20

private-vlan interface Gi 0/2/5 Type Active Ports --------- ------ -----------------------------------------Primary Yes Gi 1/1/0 Community Yes Gi 0/2/5

If you enter the VLAN ID of a primary VLAN, the entire private VLAN output will be displayed as shown in Figure 2-3. If you enter the VLAN ID of a secondary VLAN, only its primary VLAN and particular secondary VLAN properties will be displayed, as shown in Figure 2-4.

Private VLAN (PVLAN) Commands | 21

www.dell.com | support.dell.com

Figure 2-3.

Output of show vlan private-vlan (primary)

Force10# show vlan Primary Secondary ------- --------100 101 102

Figure 2-4.

private-vlan 100 Type Active --------- -----Primary Yes Community Yes Isolated

Yes

Ports -----------------------------------------Gi 1/1/0 Gi 0/2/5 Po 20 Gi 0/4/1

Output of show vlan private-vlan (secondary)

Force10#show vlan private-vlan 40 Primary Secondary Type Active Ports ------- --------- --------- ------ -----------------------------------------10 Primary Yes Gi 0/4/0 Gi 1/1/5 40 Isolated Yes Po 10

Table 2-2 describes the fields in the show vlan private-vlan command output. Table 2-2.

Related Commands

show vlan private-vlan Command Fields

Field

Description

Primary

Displays the VLAN ID of the designated or associated primary VLAN(s)

Secondary

Displays the VLAN ID of the designated or associated secondary VLAN(s

Type

Displays the type of VLAN in which the listed interfaces reside

Active

States whether the interface is operationally up or down

Ports

Displays the interface IDs in the listed VLAN.

private-vlan mode

Set the mode of the selected VLAN to either community or isolated.

show arp

Displays the output hardware address against each IP address. All of the secondary vlans are displayed with their associated primary vlan ID.

show interfaces private-vlan

Display type and status of PVLAN interfaces.

show vlan private-vlan mapping

Display primary-secondary VLAN mapping.

switchport mode private-vlan

Set the PVLAN mode of the selected port.

show vlan private-vlan mapping ex Syntax Defaults Command Modes

Command History

22

|

Display primary-secondary VLAN mapping. show vlan private-vlan mapping

none EXEC EXEC Privilege Version 8.4.4.2

Private VLAN (PVLAN) Commands

Introduced for VirtualScale on the E-Series ExaScale.

Usage Information

The output of this command, shown below, displays the community and isolated VLAN IDs that are associated with each primary VLAN. Figure 2-5.

show vlan private-vlan mapping Command Output

Force10# show vlan private-vlan mapping Private Vlan: Primary : 10 Community : 20,30 Isolated : 40 Private Vlan: Primary : 100 Community : 101 Isolated : 102 Unknown : 103

Related Commands

private-vlan mode

Set the mode of the selected VLAN to either community or isolated.

sshow arp

Displays the output hardware address against each IP address. All of the secondary vlans are displayed with their associated primary vlan ID.

show interfaces private-vlan

Display type and status of PVLAN interfaces.

show vlan private-vlan mapping

Display primary-secondary VLAN mapping.

switchport mode private-vlan

Set the PVLAN mode of the selected port.

switchport mode private-vlan ex Syntax

Set the PVLAN mode of the selected port. [no] switchport mode private-vlan {host | promiscuous | trunk} To remove the PVLAN mode from the selected port, use the no switchport mode private-vlan command.

Parameters

Defaults Command Modes Command History Usage Information

host

Enter host to configure the selected port or port channel as an isolated interface in a PVLAN, as described above.

promiscuous

Enter promiscuous to configure the selected port or port channel as an promiscuous interface, as described above.

trunk

Enter trunk to configure the selected port or port channel as a trunk port in a PVLAN, as described above.

disabled INTERFACE Version 8.4.4.2

Introduced for VirtualScale on the E-Series ExaScale.

The assignment of the various PVLAN port types to port and port channel (LAG) interfaces is demonstrated below.

Private VLAN (PVLAN) Commands | 23

www.dell.com | support.dell.com

Example

Figure 2-6.

Examples of switchport mode private-vlan Command

Force10#conf Force10(conf)#interface GigabitEthernet 0/2/1 Force10(conf-if-gi-0/2/1)#switchport mode private-vlan Force10(conf)#interface GigabitEthernet 0/2/2 Force10(conf-if-gi-0/2/2)#switchport mode private-vlan Force10(conf)#interface GigabitEthernet 0/2/3 Force10(conf-if-gi-0/2/3)#switchport mode private-vlan Force10(conf)#interface port-channel 10 Force10(conf-if-gi-0/2/3)#switchport mode private-vlan

Related Commands

promiscuous host trunk promiscuous

private-vlan mode

Set the mode of the selected VLAN to either community or isolated.

private-vlan mapping secondary-vlan

Set the mode of the selected VLAN to primary and then associate secondary VLANs to it.

show interfaces private-vlan

Display type and status of PVLAN interfaces.

show vlan private-vlan mapping

Display primary-secondary VLAN mapping.

show arp ex Syntax

Parameters

Displays the output hardware address against each IP address; all secondary vlans are displayed with their associated primary vlan ID. show arp [vrf vrf name][interface interface | ip ip-address [mask] | macaddress mac-address [mac-address mask]] [cpu {cp | rp1 | rp2}] [static | dynamic] [summary] vrf name

Show only the ARP cache entries tied to the VRF process.

cpu

(OPTIONAL) Enter the keyword cpu with one of the following keywords to view ARP entries on that CPU: • • •

interface interface

(OPTIONAL) Enter the following keywords and slot/port or number information: • • •

• • •

|

For a 1-Gigabit Ethernet interface, enter the keyword GigabitEthernet followed by the slot/port information. For the Management interface, enter the keyword managementethernet followed by the slot/port information. For a Port Channel interface, enter the keyword port-channel followed by a number: C-Series and S-Series Range: 1-128 E-Series Range: 1 to 32 for EtherScale, 1 to 255 for TeraScale and 1 to 512 for ExaScale. For a SONET interface, enter the keyword sonet followed by the slot/port information. For a 10-Gigabit Ethernet interface, enter the keyword TenGigabitEthernet followed by the slot/port information. For a VLAN, enter the keyword vlan followed by a number from 1 to 4094.

ip ip-address mask

(OPTIONAL) Enter the keyword ip followed by an IP address in the dotted decimal format. Enter the optional IP address mask in the slash prefix format (/x).

macaddress

(OPTIONAL) Enter the keyword macaddress followed by a MAC address in nn:nn:nn:nn:nn:nn format. Enter the optional MAC address mask in nn:nn:nn:nn:nn format also.

mac-address mask

24

cp - view ARP entries on the control processer. rp1 - view ARP entries on Routing Processor 1. rp2 - view ARP entries on Routing Processor 2.

Private VLAN (PVLAN) Commands

Command Modes Command History Usage Information

static

(OPTIONAL) Enter the keyword static to view entries entered manually.

dynamic

(OPTIONAL) Enter the keyword dynamic to view dynamic entries.

summary

(OPTIONAL) Enter the keyword summary to view a summary of ARP entries.

EXEC Privilege Version 8.4.4.2

Introduced for VirtualScale on the E-Series ExaScale.

The following figure shows the a that are associated with a private VLAN (PVLAN) with VirtualScale information.

Note: See the E-Series ExaScale Command Line Reference Guide, “IP4 Routing” chapter for an example of the show arp command without VirtualScale information. Example

Figure 2-7.

show arp Command Example with Private VLAN data

Force10# show arp Protocol Address Age(min) Hardware Address Interface VLAN CPU ---------------------------------------------------------------------------------------Internet 10.10.10.2 00:01:e8:6f:b8:3f Vl 4094 CP Internet 10.10.10.3 0 00:00:a9:aa:1d:73 Gi 1/0/20 Vl 4094 pv 4093 CP Internet 10.10.10.4 0 00:00:a9:aa:1d:70 Gi 0/6/38 Vl 4094 pv 4092 CP Internet 20.20.20.2 00:01:e8:6f:b8:3f Vl 3094 CP Internet 20.20.20.3 61 00:00:a9:aa:1d:6f Gi 0/6/10 Vl 3094 pv 3093 CP Internet 20.20.20.4 61 00:00:a9:aa:1d:75 Gi 1/0/47 Vl 3094 pv 3092 CP Internet 20.20.20.254 61 00:00:a9:aa:1d:72 Gi 1/0/2 Vl 3094

Related Commands

ip local-proxy-arp

Enable/disable Layer 3 communication in secondary VLANs.

switchport mode private-vlan

Set the PVLAN mode of the selected port.

show vlan ex Syntax

Display the current VLAN configurations on the switch.

show vlan [brief | id vlan-id | name vlan-name]

Private VLAN (PVLAN) Commands | 25

www.dell.com | support.dell.com

Parameters

brief

(OPTIONAL) Enter the keyword brief to display the following information: • • • • •

Command Modes

VLAN ID VLAN name (left blank if none is configured.) Spanning Tree Group ID MAC address aging time IP address

id vlan-id

(OPTIONAL) Enter the keyword id followed by a number from 1 to 4094. Only information on the VLAN specified is displayed.

name vlan-name

(OPTIONAL) Enter the keyword name followed by the name configured for the VLAN. Only information on the VLAN named is displayed.

EXEC EXEC Privilege

Command History Usage Information

Version 8.4.4.2

Introduced for VirtualScale on the E-Series ExaScale.

The following figure shows the VLAN that are associated with a private VLAN (PVLAN) with VirtualScale information.

Note: See the E-Series ExaScale Command Line Reference Guide, “Layer 2” chapter for an example of the show vlan command without VirtualScale information. Example

Figure 2-8.

show vlan Command Example with Private VLAN data

Force10#show vlan Codes: Q: U x G -

* - Default VLAN, G - GVRP VLANs, P - Primary, C - Community, I - Isolated Untagged, T - Tagged Dot1x untagged, X - Dot1x tagged GVRP tagged, M - Vlan-stack

* P

NUM 1 100

Status Inactive Active

C

101

Active

C I

102 103

Active Active

Description

Q U T T T T T T T

Ports Gi 0/6/20 Gi 0/6/2 Gi 1/0/2 Gi 0/6/3 Gi 1/0/3,20 Gi 0/6/10 Gi 0/6/11 Gi 1/0/21

Force10#

Related Commands

26

|

vlan-stack compatible

Enable the Stackable VLAN feature on the selected VLAN.

interface vlan

Configure a VLAN.

Private VLAN (PVLAN) Commands

Private VLAN (PVLAN) Commands | 27

www.dell.com | support.dell.com 28

|

Private VLAN (PVLAN) Commands