DELL Force10 Interoperability Guide
Interoperability Guide on Key Features
Dell │ Force10
Force10 Marketing Team
July 2012 Dell Networking Confidential Internal use only
THIS WHITE PAPER IS FOR INFORMATIONAL PURPOSES ONLY, AND MAY CONTAIN TYPOGRAPHICAL ERRORS AND TECHNICAL INACCURACIES. THE CONTENT IS PROVIDED AS IS, WITHOUT EXPRESS OR IMPLIED WARRANTIES OF ANY KIND.
© 2010 Dell Inc. All rights reserved. Reproduction of this material in any manner whatsoever without the express written permission of Dell Inc. is strictly forbidden. For more information, contact Dell.
Dell, the DELL logo, and the DELL badge, PowerConnect, and PowerVault are trademarks of Dell Inc. Symantec and the SYMANTEC logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the US and other countries. Microsoft, Windows, Windows Server, and Active Directory are either trademarks or registered trademarks of Microsoft Corporation in the United States and/or other countries. Other trademarks and trade names may be used in this document to refer to either the entities claiming the marks and names or their products. Dell Inc. disclaims any proprietary interest in trademarks and trade names other than its own.
July 2012
Page ii
Dell Networking Confidential Internal use only
Contents Introduction ...... 2 Purpose of This Document ...... 2 VTP...... 3 Spanning Tree Protocols ...... 4 PVST (FTOS) and PVST+ (IOS) ...... 5 Switch Configuration ...... 5 Convergence Test: ...... 7 Results: ...... 7 RSTP and RPVST+ ...... 8 Switch Configuration ...... 8 Convergence Test: ...... 10 Results: ...... 10 MSTP ...... 11 Implementation Note ...... 11 Miscellaneous ...... 12 Port Channels ...... 12
Figures Figure 1 : VTP Basic Test Setup ...... 3 Figure 2: Port Channel FTOS Screenshot ...... 4 Figure 3 : Dell Force 10 and Cisco Catalyst 6509 PVST+ Test Setup ...... 5 Figure 4 : RSTP and PVST+ Setup ...... Error! Bookmark not defined. Figure 5 : S4810_1 Configuration ...... 8 Figure 6 : S4810_2 Configuration ...... 9 Figure 7 : Catalyst 6509 Configuration ...... 9 Figure 8 : Port Channel Setup ...... 12 Figure 9 : Port Channel Configuration ...... 12
Tables
Table 1 : Dell Force 10 vs. Cisco Features
Page 1
Dell Networking Confidential Internal use only
Introduction Vendors influence network architectures through features and functionality found in the equipment they manufacture, leading to the overall look and feel of the network. For example, some vendor- driven networks require a 3-tier model with core, distribution and access. Although this has been the prevalent design in the past 10 years or so, the overall increase in capex and opex expenses due to the number of switches at network layer has remained on par. Such design deserves another look.
The proprietary nature of the protocols and features locked customers to one particular vendor, with some forced interdependencies of some features. Customers were forced to use proprietary features by the vendor-created dependencies between protocols. For example, early Cisco IP phones rely on CDP to collect network information and use a Cisco-proprietary PoE standard, not the IEEE standard.
The Dell Force10 philosophy always has bucked this approach. Instead, buy less and build best-of- breed open and converged networks has been the model. Force10 allows for a 2-tier model of core/distribution and access. Less equipment means lower capex and opex expenses as well as a lower number of networking points of failure. Customers can design their networks with standards- based protocols and features without the need to worry about whether features will be disabled / unsupported. We have the confidence to allow our customers to build interoperable, multi-vendor networks based on standards. Inter-dependent features are based on standards. Customers can change features/products without worrying about changing their network design or architecture.
Purpose of This Document The purpose of this document is to help Dell Force10 SEs and customers integrate Dell Force10 equipment into legacy Cisco networks.
Table 1 : Dell Force 10 vs. Cisco Features
Cisco Proprietary Dell Force10 Standard Notes Feature Feature Available?
PVST+, RPVST PVST No Full interoperability
IEEE CDP LLDP Higher scalability & extensibility with LLDP 802.1AB
IEEE VTP GVRP Extensible - built on top of GARP 802.1p
IEEE ISL 802.1Q ISL has greater header overhead 802.1D
Extension 802.1X + Mac- Cisco supports 802.1X + Mac-Auth-Bypass VMPS of IEEE Auth Bypass** extension 802.1X
RFC 1112, CGMP IGMP Cisco supports IGMP on all platforms 2236
Page 2
Dell Networking Confidential Internal use only
Force10 recommends OSPF EIGRP OSPF Yes Cisco also supports OSPF
IEEE PAgP LACP Cisco supports LACP 802.3ad
HSRP VRRP RFC 2238 Cisco supports VRRP
Netflow sFlow RFC 3176 More scalable
IEEE Cisco switches and new IP phones support Cisco POE IEEE 802.3af 802.3af the IEEE standard
VTP Force10 systems can operate in VTP transparent mode, passing traffic on untagged VLANs. Thus, Force10 systems can co-exist with VTP-enabled networks. Force10 recommends deploying the standards-based GVRP protocol.
VTP packets are passed untagged. Therefore, depending on the configuration, the FTOS native VLAN or portmode hybrid capability may be required to pass such packets. The portmode hybrid command sets a physical port or port-channel to accept both tagged and untagged frames.
FTOS Release 7.7.1.0 introduces native VLAN capability on physical interfaces, and FTOS Release 8.2.1.0 extends this to port-channel interfaces. In other words, starting with these releases, FTOS transparently bridges VTP packets over physical and port-channel interfaces, allowing VTP to run between devices connected to an FTOS switch/router.
Figure 1 : VTP Basic Test Setup
In this sample configuration, port-channel 1 and port-channel 2 are added to VLAN 100 as tagged, while remaining in VLAN 1 as untagged. Untagged traffic arrives at port-channel 1 and is flooded out Gigabit Ethernet interface 6/47 or port-channel 2.
Page 3
Dell Networking Confidential Internal use only
Figure 2: Port Channel FTOS Screenshot
FTOS Configuration
interface Port-channel 1 no ip address portmode hybrid switchport channel-member GigabitEthernet 6/0 no shutdown ! interface Port-channel 2 no ip address portmode hybrid switchport channel-member GigabitEthernet 6/47 no shutdown ! interface vlan 100 tagged port-channel 1-2
E-Series#show vlan
Codes: * - Default VLAN, G - GVRP VLANs, P - Primary, C - Community, I - Isolated Q: U - Untagged, T – Tagged x - Dot1x untagged, X - Dot1x tagged G - GVRP tagged, M - Vlan-stack
NUM Status Description Q Ports * 1 Active U Po1(Gi 6/0) U Po2(Gi 6/47) 100 Active T Po1(Gi 6/0) T Po2(Gi 6/47)
Spanning Tree Protocols Dell Force 10 switches running FTOS support the different standard based spanning tree flavors such as MSTP, RSTP, and PVST. These three different spanning tree variations are fully compatible with other proprietary spanning tree extensions such as MST, PVST+, and RPVST+
The following section is divided into several scenarios:
• PVST (FTOS) and PVST+ (IOS) • PVST (FTOS) and RPVST (IOS) • RSTP and RPVST+ • MSTP
In our next revision, we aim to have two Catalyst 6509’s acting as root and backup root with dual homed connections from the S4810’s. For now, the results obtained using the configuration on figure 3, are clear enough to give us an idea of how the different spanning tree modes interact with each other.
Page 4
Dell Networking Confidential Internal use only
PVST (FTOS) and PVST+ (IOS) Dell Force 10’s PVST’s implementation is fully compatible with Cisco’s IOS implementation. The following setup will demonstrate how PVST can be deployed in a mixed environment.
In figure 3, we have a typical deployment where all devices are connected and potentially create a loop if spanning tree was not configured. The Cisco Catalyst 6509 is the root bridge and the Catalyst 4948 is the backup root bridge.
Figure 3 : Dell Force 10 and Cisco Catalyst 6509 PVST+ Test Setup
PVST is enabled on the Dell Force 10 switches, whereas PVST+ is enabled on the Cisco switch. PVST is the IEEE nomenclature, and PVST+ is Cisco’s equivalent to the IEEE’s PVST version.
Switch Configuration Figure 4 : S55_1 PVST status and configuration
Page 5
Dell Networking Confidential Internal use only
Figure 5 : S4810_2 PVST status and configuration
In S4810_2, port 0/47 is blocking in an alternate role. The alternate role will switch to forwarding as soon as the local root port fails.
All other ports are forwarding with the Cisco switch acting as the root switch for vlan 10. See figure 6.
Figure 6 : Catalyst 6509 PVST+ status and configuration
Page 6
Dell Networking Confidential Internal use only
Figure 7 : Catalyst 4948 PVST status and configuration
Convergence Test: 1. Shutdown the link between S55_1 (Gi 0/47) and Catalyst 6509 (Gi 2/47). 2. Bring back up the link between S55_1 and Catalyst 6509.
Results: IXIA traffic resumes under a second on link Gi 0/42 on S55_1. The blocking port (Gi 0/42) moves to the forwarding state as expected. This is because no interaction is needed with another switch, i.e. no BPDU exchanged is needed.
IXIA traffic resumes 30 seconds later. This is as expected since the link between the S55_1 and the Cisco Catalyst 6509 go through the “listening” and “learning” states before moving onto the “forwarding” state. Each state lasts 15 seconds and thus the 30 second traffic loss.
Page 7
Dell Networking Confidential Internal use only
Note: PVST (FTOS) and RPVST+ (IOS) configuration was also tested and the results were identical to that of PVST (FTOS) and PVST+ (IOS).
RSTP and RPVST+ Using the same test setup (See Figure 3), RSTP and RPVST+ were enabled on the respective switches. For this particular configuration, port Gi 0/42 on S55_1 assumes the alternate role and discarding status after spanning tree settles down.
The same set of tests was performed and the results were as expected.
Switch Configuration Figure 8 : S55_1 RSTP configuration and status
Page 8
Dell Networking Confidential Internal use only
Figure 9 : S4810_2 RSTP configuration and status
Figure 10 : Catalyst 6509 RPVST+ configuration and status
Page 9
Dell Networking Confidential Internal use only
Figure 11 : Catalyst 4948 RPVST+ configuration and status
Convergence Test: 1. Shutdown Gi 0/47 on S55_1 and measure length of time required for traffic to resume. 2. Recover Gi 0/47 on S55_1 and measure length of time required for traffic to resume.
Results: Shutting down Gi 0/47 on S55_1 caused very little traffic interruption. Less than a second for traffic to resume with Gi 0/42 taking over as the root port towards the Catalyst 6509.
However, reverting the process caused a 30 second traffic interruption. This is attributed to the fact that the Cisco switches are running per-vlan spanning tree instances a proprietary implementation of RSTP and the Dell Force 10 devices are running a single spanning tree instance. For more details on the protocol exchanges please see the “Miscellaneous “ section of the document.
Page 10
Dell Networking Confidential Internal use only
MSTP MSTP was enabled on all the switches and allowed to converge. Port Gi 0/42 on S55_1 is blocking while Gi 0/47 on the same switch is forwarding. The same set of tests was performed where port Gi 0/47 is shutdown and Gi 0/42 becomes active and traffic resumes under a second.
Gi 0/47 is brought back online and traffic and traffic resumes in under a second. Having all switches be part of the same spanning tree instance improves the reconvergence times dramatically.
Implementation Note Some non-Dell Force10 systems which have hybrid ports participating in PVST+ transmit two kinds of BPDUs: an 802.1D BPDU and an untagged PVST+ BPDU (Cisco proprietary BPDU packet). The PVST+ BPDU is sent to perform consistency checking and to inform all other potential Cisco switches about the native VLAN configuration. Receiving switches consider only IEEE BPDUs (802.1D) for the native VLAN computations and ignore the SSTP (Shared Spanning Tree Protocol) BPDUs.
Force10 systems do not expect either tagged or untagged PVST+ BPDUs on an untagged VLAN so FTOS places the port in error-disable state by default when it receives this type of frame. This behavior, while consistent with other vendors, might result in the network not converging.
To resolve this issue, which is documented in PR 84608, FTOS Release 8.2.1.0 introduces a CLI option to set the error-disable state for receiving PVST BPDUs received on an untagged VLAN.
Force10 (conf-if-gi-4/0)# no spanning-tree pvst err-disable cause invalid-pvst-bpdu
The FTOS default remains placing the port in an error-disable state if a tagged or untagged PVST BPDU is received on an untagged VLAN.
Note: If VLAN 10 is untagged and an FTOS system receives a PVST BPDU with VLAN tag 20, the BPDU is simply dropped.
Page 11
Dell Networking Confidential Internal use only
Miscellaneous Additional documentation on spanning tree interoperability can be found at the following link. http://salesedge/browse under “Networking Dell Force 10 Dell Force 10 Whitepapers & Technical Docs”
Port Channels Both FTOS and Cisco IOS support the Link Aggregation Control Protocol (LACP) for exchanging information required to create a port-channel interface.
Figure 12 : Port Channel Setup
Figure 13 : Static Port Channel Configuration
6509 Configuration C300 Configuration interface TenGigabitEthernet1/3 interface TenGigabitEthernet 0/1 switchport no ip address switchport trunk encapsulation dot1q no shutdown switchport trunk allowed vlan 10-15,97-99 ! switchport mode trunk interface TenGigabitEthernet 1/1 no ip address no ip address load-interval 30 no shutdown spanning-tree portfast disable ! channel-group 2 mode on interface Port-channel 2 ! description to-6509-Right interface TenGigabitEthernet1/4 no ip address switchport switchport switchport trunk encapsulation dot1q spanning-tree pvst vlan 11 cost 200000 switchport trunk allowed vlan 10-15,97-99 channel-member TenGigabitEthernet 0/1 switchport mode trunk channel-member TenGigabitEthernet 1/1 no ip address rate-interval 30 load-interval 30 no shutdown spanning-tree portfast disable channel-group 2 mode on
Page 12