Alcatel-Lucent 6850 Bpdu Shutdown Ports, Command Line Interface CLI, Dhcp Relay, Dhcp Snooping

Page 20

Software Supported

BPDU Shutdown Ports

It is possible to configure a global UserPorts profile, as described in “ACL & Layer 3 Security”, to moni- tor BPDU on user ports. Such a profile also determines whether user ports will filter BPDU or will admin- istratively shutdown when BPDU are received on the port. Note that this functionality only applies to ports that are designated as members of the UserPorts port group.

A port configured to administratively shutdown when BPDU are detected will generate an inferior BPDU every 5 seconds. This will prevent loops in the network if two BPDU shutdown ports are accidentally bridged together either through an external loop or through a hub, since both ports would be receiving inferior BPDUs.

Command Line Interface (CLI)

Alcatel-Lucent’s command line interface (CLI) is a text-based configuration interface that allows you to configure switch applications and to view switch statistics. Each CLI command applicable to the switch is defined in the CLI Reference guide. All command descriptions listed in the Reference Guide include command syntax definitions, defaults, usage guidelines, example screen output, and release history.

The CLI uses single-line text commands that are similar to other industry standard switch interfaces.

DHCP Relay

DHCP Relay allows you to forward DHCP broadcast requests to configurable DHCP server IP address in a routing environment.

DHCP Relay is configured using the IP helper set of commands.

DHCP Option-82 (Relay Agent Information Option)

The DHCP Option-82 feature enables the relay agent to insert identifying information into client-origi- nated DHCP packets before the packets are forwarded to the DHCP server. The implementation of this feature is based on the functionality defined in RFC 3046.

When DHCP Option-82 is enabled, communications between a DHCP client and a DHCP server are authenticated by the relay agent. To accomplish this task, the agent adds Option-82 data to the end of the options field in DHCP packets sent from a client to a DHCP server.

If the relay agent receives a DHCP packet from a client that already contains Option-82 data, the packet is dropped by default. However, it is possible to configure a DHCP Option-82 policy that directs the relay agent to drop, keep, or replace the existing Option-82 data and then forward the packet to the server.

DHCP Option-82 is supported on the OmniSwitch 6800 Series and OmniSwitch 6850 Series. The 6.1.3.R01 release provides support for this feature on the OmniSwitch 9000 Series.

DHCP Snooping

DHCP Snooping improves network security by filtering DHCP packets received from devices outside the network and building and maintaining a binding table (database) to log DHCP client access information. There are two levels of operation available for the DHCP Snooping feature: switch level or VLAN level.

To identify DHCP traffic that originates from outside the network, DHCP Snooping categorizes ports as either trusted or untrusted. A port is trusted if it is connected to a device inside the network, such as a DHCP server. A port is untrusted if it is connected to a device outside the network, such as a customer switch or workstation. The port trust mode is also configurable through the CLI.

Additional DHCP Snooping functionality includes the following:

page 20

OmniSwitch 6800/6850/9000—Release 6.1.3.R01

Image 20
Contents Page OmniSwitch 6800 Series Getting Started guide Related DocumentationUpgrade Instructions for 6.1.3.R01 OmniSwitch 6800 Series OmniSwitch 6850 SeriesOmniSwitch 9000 Series Memory RequirementsNew Hardware Supported New Chassis Management Module CMM OS9800-CMMOmniSwitch 9000 OS-IP-SHELF PoE Power Shelf OmniSwitch 9600 Support for PS-510W AC/PS-360W ACGigabit Ethernet Transceiver SFP MSA Dual Speed Ethernet Transceivers100FX Ethernet Transceivers 3.R01 Supported Hardware/Software CombinationsModule Type Part Number Asic Physical New Software Features Feature Platform Software PackageVlan Range Support Software Supported BGP4PIM-SM 802.1W Rstp Default 802.1x Device Classification Access Guardian802.1Q 802.1Q 2005 MstpAccess Control Lists ACLs Access Control Lists ACLs for IPv6ACL & Layer 3 Security Source ipv6 destination ipv6 ipv6 Nh next header flow-labelACL Manager Automatic Vlan Containment AVC Authenticated Switch AccessAuthenticated VLANs Basic IPv4 Routing BGP Graceful RestartCommand Line Interface CLI Bpdu Shutdown PortsDhcp Relay Dhcp Option-82 Relay Agent Information OptionEnd User Partitioning Eupm DNS ClientDynamic Vlan Assignment Mobility HTTP/HTTPS Port Configuration Ethernet InterfacesGeneric UDP Relay Health StatisticsIP DoS Enhancements Interswitch Protocol AmapIP Multicast Switching Ipms IPv6 NPD IP Multicast Switching Ipms ProxyingIP Route Map Redistribution IPX Routing L2 Dhcp SnoopingL2 MAC Address Table Size Enhancement L2 Static Multicast AddressesMulticast Routing Learned Port Security LPSLink Aggregation static & 802.3ad OSPFv2/OSPFv3 MultinettingNTP Client Partitioned Switch Management Policy Based Routing Permanent ModePer-VLAN Dhcp Relay Policy Server ManagementPower over Ethernet PoE Quality of Service QoSPort Mapping Port MirroringRouting Protocol Preference Redirect Policies Port and Link AggregateRouter Discovery Protocol RDP Secure Shell SSH Public Key Authentication Secure Copy SCPSecure Shell SSH SSH Software Supported Operating SystemsSmart Continuous Switching OmniSwitch 6800/OmniSwitch Smart Continuous Switching OmniSwitchServer Load Balancing SLB SFlowSource Learning Software RollbackSwitch Logging Text File ConfigurationSpanning Tree Syslog to Multiple HostsUser Definable Loopback Interface Vlan Range SupportVlan Stacking and Translation VRRPv2/VRRPv3Web-Based Management WebView Supported Traps Trap Name Platforms DescriptionTrap Name Platforms Description Sion which was active on a slot cannot Trap Name Platforms Description Table gets dropped due to the overload Software Feature Unsupported CLI Commands Unsupported Software FeaturesUnsupported CLI Commands RIP Unsupported MIBs MIB Name Unsupported MIB variables Alcatel IND1AAAAlcatel IND1Bgp Alcatel IND1LAGMIB Name Unsupported MIB variables AlcatelIND1QoS AlcatelIND1SlbMIB Name Unsupported MIB variables AlcatelIND1VlanManagerIetfsnmp Problem Reports Open Problem Reports and Feature ExceptionsCommand Line Interface CLI Rmon SFlowFeature Exceptions Web-Based Management WebViewOpen Problem Reports and Feature Exceptions Open Problem Reports and Feature Exceptions Layer AutonegotiationBridging Ethernet Interfaces Open Problem Reports and Feature Exceptions IP Multicast Switching Ipms Group MobilityLink Aggregation Port Mirroring/MonitoringSource Learning Open Problem Reports and Feature Exceptions Open Problem Reports and Feature Exceptions Spanning Tree Open Problem Reports and Feature Exceptions Vlan Stacking Basic IP Routing Dhcp SnoopingIPv6 Open Problem Reports and Feature Exceptions Server Load Balancing SLB UDP RelayAdvanced Routing Dvmrp OSPFv3PIM Quality of Service includes ACLs GeneralPolicy Manager Security 802.1x Authenticated Switch Access Authenticated VLANs Policy Server ManagementSystem Open Problem Reports and Feature Exceptions Chassis Supervision Open Problem Reports and Feature Exceptions Power Over Ethernet Open Problem Reports and Feature Exceptions Hot Swap Time Limitations for OmniSwitch Redundancy / Hot SwapOpen Problem Reports and Feature Exceptions Technical Support Region Phone Number