DELL Interoperability Guide

Interoperability Guide on Key Features

Dell │ Force10

Force10 Marketing Team

July 2012 Confidential Internal use only

THIS WHITE PAPER IS FOR INFORMATIONAL PURPOSES ONLY, AND MAY CONTAIN TYPOGRAPHICAL ERRORS AND TECHNICAL INACCURACIES. THE CONTENT IS PROVIDED AS IS, WITHOUT EXPRESS OR IMPLIED WARRANTIES OF ANY KIND.

© 2010 Dell Inc. All rights reserved. Reproduction of this material in any manner whatsoever without the express written permission of Dell Inc. is strictly forbidden. For more information, contact Dell.

Dell, the DELL logo, and the DELL badge, PowerConnect, and PowerVault are trademarks of Dell Inc. Symantec and the SYMANTEC logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the US and other countries. , Windows, Windows Server, and Active Directory are either trademarks or registered trademarks of Microsoft Corporation in the United States and/or other countries. Other trademarks and trade names may be used in this document to refer to either the entities claiming the marks and names or their products. Dell Inc. disclaims any proprietary interest in trademarks and trade names other than its own.

July 2012

Page ii

Dell Networking Confidential Internal use only

Contents Introduction ...... 2 Purpose of This Document ...... 2 VTP...... 3 Spanning Tree Protocols ...... 4 PVST (FTOS) and PVST+ (IOS) ...... 5 Switch Configuration ...... 5 Convergence Test: ...... 7 Results: ...... 7 RSTP and RPVST+ ...... 8 Switch Configuration ...... 8 Convergence Test: ...... 10 Results: ...... 10 MSTP ...... 11 Implementation Note ...... 11 Miscellaneous ...... 12 Port Channels ...... 12

Figures Figure 1 : VTP Basic Test Setup ...... 3 Figure 2: Port Channel FTOS Screenshot ...... 4 Figure 3 : Dell Force 10 and Cisco Catalyst 6509 PVST+ Test Setup ...... 5 Figure 4 : RSTP and PVST+ Setup ...... Error! Bookmark not defined. Figure 5 : S4810_1 Configuration ...... 8 Figure 6 : S4810_2 Configuration ...... 9 Figure 7 : Catalyst 6509 Configuration ...... 9 Figure 8 : Port Channel Setup ...... 12 Figure 9 : Port Channel Configuration ...... 12

Tables

Table 1 : Dell Force 10 vs. Cisco Features

Page 1

Dell Networking Confidential Internal use only

Introduction Vendors influence network architectures through features and functionality found in the equipment they manufacture, leading to the overall look and feel of the network. For example, some vendor- driven networks require a 3-tier model with core, distribution and access. Although this has been the prevalent design in the past 10 years or so, the overall increase in capex and opex expenses due to the number of switches at network layer has remained on par. Such design deserves another look.

The proprietary nature of the protocols and features locked customers to one particular vendor, with some forced interdependencies of some features. Customers were forced to use proprietary features by the vendor-created dependencies between protocols. For example, early Cisco IP phones rely on CDP to collect network information and use a Cisco-proprietary PoE standard, not the IEEE standard.

The Dell Force10 philosophy always has bucked this approach. Instead, buy less and build best-of- breed open and converged networks has been the model. Force10 allows for a 2-tier model of core/distribution and access. Less equipment means lower capex and opex expenses as well as a lower number of networking points of failure. Customers can design their networks with standards- based protocols and features without the need to worry about whether features will be disabled / unsupported. We have the confidence to allow our customers to build interoperable, multi-vendor networks based on standards. Inter-dependent features are based on standards. Customers can change features/products without worrying about changing their network design or architecture.

Purpose of This Document The purpose of this document is to help Dell Force10 SEs and customers integrate Dell Force10 equipment into legacy Cisco networks.

Table 1 : Dell Force 10 vs. Cisco Features

Cisco Proprietary Dell Force10 Standard Notes Feature Feature Available?

PVST+, RPVST PVST No Full interoperability

IEEE CDP LLDP Higher scalability & extensibility with LLDP 802.1AB

IEEE VTP GVRP Extensible - built on top of GARP 802.1p

IEEE ISL 802.1Q ISL has greater header overhead 802.1D

Extension 802.1X + Mac- Cisco supports 802.1X + Mac-Auth-Bypass VMPS of IEEE Auth Bypass** extension 802.1X

RFC 1112, CGMP IGMP Cisco supports IGMP on all platforms 2236

Page 2

Dell Networking Confidential Internal use only

Force10 recommends OSPF EIGRP OSPF Yes Cisco also supports OSPF

IEEE PAgP LACP Cisco supports LACP 802.3ad

HSRP VRRP RFC 2238 Cisco supports VRRP

Netflow sFlow RFC 3176 More scalable

IEEE Cisco switches and new IP phones support Cisco POE IEEE 802.3af 802.3af the IEEE standard

VTP Force10 systems can operate in VTP transparent mode, passing traffic on untagged VLANs. Thus, Force10 systems can co-exist with VTP-enabled networks. Force10 recommends deploying the standards-based GVRP protocol.

VTP packets are passed untagged. Therefore, depending on the configuration, the FTOS native VLAN or portmode hybrid capability may be required to pass such packets. The portmode hybrid command sets a physical port or port-channel to accept both tagged and untagged frames.

FTOS Release 7.7.1.0 introduces native VLAN capability on physical interfaces, and FTOS Release 8.2.1.0 extends this to port-channel interfaces. In other words, starting with these releases, FTOS transparently bridges VTP packets over physical and port-channel interfaces, allowing VTP to run between devices connected to an FTOS switch/.

Figure 1 : VTP Basic Test Setup

In this sample configuration, port-channel 1 and port-channel 2 are added to VLAN 100 as tagged, while remaining in VLAN 1 as untagged. Untagged traffic arrives at port-channel 1 and is flooded out Gigabit Ethernet interface 6/47 or port-channel 2.

Page 3

Dell Networking Confidential Internal use only

Figure 2: Port Channel FTOS Screenshot

FTOS Configuration

interface Port-channel 1 no ip address portmode hybrid switchport channel-member GigabitEthernet 6/0 no shutdown ! interface Port-channel 2 no ip address portmode hybrid switchport channel-member GigabitEthernet 6/47 no shutdown ! interface vlan 100 tagged port-channel 1-2

E-Series#show vlan

Codes: * - Default VLAN, G - GVRP VLANs, P - Primary, C - Community, I - Isolated Q: U - Untagged, T – Tagged x - Dot1x untagged, X - Dot1x tagged G - GVRP tagged, M - Vlan-stack

NUM Status Description Q Ports * 1 Active U Po1(Gi 6/0) U Po2(Gi 6/47) 100 Active T Po1(Gi 6/0) T Po2(Gi 6/47)

Spanning Tree Protocols Dell Force 10 switches running FTOS support the different standard based spanning tree flavors such as MSTP, RSTP, and PVST. These three different spanning tree variations are fully compatible with other proprietary spanning tree extensions such as MST, PVST+, and RPVST+

The following section is divided into several scenarios:

• PVST (FTOS) and PVST+ (IOS) • PVST (FTOS) and RPVST (IOS) • RSTP and RPVST+ • MSTP

In our next revision, we aim to have two Catalyst 6509’s acting as root and backup root with dual homed connections from the S4810’s. For now, the results obtained using the configuration on figure 3, are clear enough to give us an idea of how the different spanning tree modes interact with each other.

Page 4

Dell Networking Confidential Internal use only

PVST (FTOS) and PVST+ (IOS) Dell Force 10’s PVST’s implementation is fully compatible with Cisco’s IOS implementation. The following setup will demonstrate how PVST can be deployed in a mixed environment.

In figure 3, we have a typical deployment where all devices are connected and potentially create a loop if spanning tree was not configured. The Cisco Catalyst 6509 is the root bridge and the Catalyst 4948 is the backup root bridge.

Figure 3 : Dell Force 10 and Cisco Catalyst 6509 PVST+ Test Setup

PVST is enabled on the Dell Force 10 switches, whereas PVST+ is enabled on the Cisco switch. PVST is the IEEE nomenclature, and PVST+ is Cisco’s equivalent to the IEEE’s PVST version.

Switch Configuration Figure 4 : S55_1 PVST status and configuration

Page 5

Dell Networking Confidential Internal use only

Figure 5 : S4810_2 PVST status and configuration

In S4810_2, port 0/47 is blocking in an alternate role. The alternate role will switch to forwarding as soon as the local root port fails.

All other ports are forwarding with the Cisco switch acting as the root switch for vlan 10. See figure 6.

Figure 6 : Catalyst 6509 PVST+ status and configuration

Page 6

Dell Networking Confidential Internal use only

Figure 7 : Catalyst 4948 PVST status and configuration

Convergence Test: 1. Shutdown the link between S55_1 (Gi 0/47) and Catalyst 6509 (Gi 2/47). 2. Bring back up the link between S55_1 and Catalyst 6509.

Results: IXIA traffic resumes under a second on link Gi 0/42 on S55_1. The blocking port (Gi 0/42) moves to the forwarding state as expected. This is because no interaction is needed with another switch, i.e. no BPDU exchanged is needed.

IXIA traffic resumes 30 seconds later. This is as expected since the link between the S55_1 and the Cisco Catalyst 6509 go through the “listening” and “learning” states before moving onto the “forwarding” state. Each state lasts 15 seconds and thus the 30 second traffic loss.

Page 7

Dell Networking Confidential Internal use only

Note: PVST (FTOS) and RPVST+ (IOS) configuration was also tested and the results were identical to that of PVST (FTOS) and PVST+ (IOS).

RSTP and RPVST+ Using the same test setup (See Figure 3), RSTP and RPVST+ were enabled on the respective switches. For this particular configuration, port Gi 0/42 on S55_1 assumes the alternate role and discarding status after spanning tree settles down.

The same set of tests was performed and the results were as expected.

Switch Configuration Figure 8 : S55_1 RSTP configuration and status

Page 8

Dell Networking Confidential Internal use only

Figure 9 : S4810_2 RSTP configuration and status

Figure 10 : Catalyst 6509 RPVST+ configuration and status

Page 9

Dell Networking Confidential Internal use only

Figure 11 : Catalyst 4948 RPVST+ configuration and status

Convergence Test: 1. Shutdown Gi 0/47 on S55_1 and measure length of time required for traffic to resume. 2. Recover Gi 0/47 on S55_1 and measure length of time required for traffic to resume.

Results: Shutting down Gi 0/47 on S55_1 caused very little traffic interruption. Less than a second for traffic to resume with Gi 0/42 taking over as the root port towards the Catalyst 6509.

However, reverting the process caused a 30 second traffic interruption. This is attributed to the fact that the Cisco switches are running per-vlan spanning tree instances a proprietary implementation of RSTP and the Dell Force 10 devices are running a single spanning tree instance. For more details on the protocol exchanges please see the “Miscellaneous “ section of the document.

Page 10

Dell Networking Confidential Internal use only

MSTP MSTP was enabled on all the switches and allowed to converge. Port Gi 0/42 on S55_1 is blocking while Gi 0/47 on the same switch is forwarding. The same set of tests was performed where port Gi 0/47 is shutdown and Gi 0/42 becomes active and traffic resumes under a second.

Gi 0/47 is brought back online and traffic and traffic resumes in under a second. Having all switches be part of the same spanning tree instance improves the reconvergence times dramatically.

Implementation Note Some non-Dell Force10 systems which have hybrid ports participating in PVST+ transmit two kinds of BPDUs: an 802.1D BPDU and an untagged PVST+ BPDU (Cisco proprietary BPDU packet). The PVST+ BPDU is sent to perform consistency checking and to inform all other potential Cisco switches about the native VLAN configuration. Receiving switches consider only IEEE BPDUs (802.1D) for the native VLAN computations and ignore the SSTP (Shared ) BPDUs.

Force10 systems do not expect either tagged or untagged PVST+ BPDUs on an untagged VLAN so FTOS places the port in error-disable state by default when it receives this type of frame. This behavior, while consistent with other vendors, might result in the network not converging.

To resolve this issue, which is documented in PR 84608, FTOS Release 8.2.1.0 introduces a CLI option to set the error-disable state for receiving PVST BPDUs received on an untagged VLAN.

Force10 (conf-if-gi-4/0)# no spanning-tree pvst err-disable cause invalid-pvst-bpdu

The FTOS default remains placing the port in an error-disable state if a tagged or untagged PVST BPDU is received on an untagged VLAN.

Note: If VLAN 10 is untagged and an FTOS system receives a PVST BPDU with VLAN tag 20, the BPDU is simply dropped.

Page 11

Dell Networking Confidential Internal use only

Miscellaneous Additional documentation on spanning tree interoperability can be found at the following link. http://salesedge/browse under “Networking  Dell Force 10  Dell Force 10  Whitepapers & Technical Docs”

Port Channels Both FTOS and Cisco IOS support the Control Protocol (LACP) for exchanging information required to create a port-channel interface.

Figure 12 : Port Channel Setup

Figure 13 : Static Port Channel Configuration

6509 Configuration C300 Configuration interface TenGigabitEthernet1/3 interface TenGigabitEthernet 0/1 switchport no ip address switchport trunk encapsulation dot1q no shutdown switchport trunk allowed vlan 10-15,97-99 ! switchport mode trunk interface TenGigabitEthernet 1/1 no ip address no ip address load-interval 30 no shutdown spanning-tree portfast disable ! channel-group 2 mode on interface Port-channel 2 ! description to-6509-Right interface TenGigabitEthernet1/4 no ip address switchport switchport switchport trunk encapsulation dot1q spanning-tree pvst vlan 11 cost 200000 switchport trunk allowed vlan 10-15,97-99 channel-member TenGigabitEthernet 0/1 switchport mode trunk channel-member TenGigabitEthernet 1/1 no ip address rate-interval 30 load-interval 30 no shutdown spanning-tree portfast disable channel-group 2 mode on

Page 12