Legal Notices
About this Guide
- How to Use this Guide
- Related Publications
- Text Conventions
- Commonly Used Acronyms
- Feature Platform Support Labeling
- Getting Help
- Providing Feedback to Us
Getting Started
- Device Management Methods
- Initial Configuration
- Advanced Configuration Overview
Using the CLI
- CLI Conventions
- Configuring CLI Properties
  - Example CLI Properties Configuration
  - CLI Properties Display Commands
Image Configuration and File Management
- Configuration and Image File Management on Your System
- Automated Deployment
- Saving a Configuration
- Executing a Configuration
- Deleting a Configuration Restore-Point or File
- Downloading a File from an FTP, TFTP, or SCP Server
- Downloading a Firmware Image via the Serial Port
- Uploading a Configuration File
- Setting the Boot Firmware Image
- Running a Configuration Script
- Linecard Phantom Configuration (K-Series)
- Configuration and Image File Display Commands
High Availability Firmware Upgrade (HAU) Configuration
- Using High Availability Firmware Upgrade in Your Network
- Implementing HAU
- High Availability Upgrade Preconditions
- System Limitations During a High Availability Upgrade
- HAU Configuration Overview
- Configuring HAU
- Terms and Definitions
S- and K-Series Virtual Switch Bonding (VSB) Configuration
- Using Virtual Switch Bonding in Your Network
- Implementing VSB
- VSB Configuration Overview
- Configuring VSB
- Terms and Definitions
7100-Series Virtual Switch Bonding (VSB) Stacking Configuration
- Using Virtual Switch Bonding in Your Network
- Implementing VSB Stacking
- VSB Configuration Overview
- Configuring VSB
- Terms and Definitions
Port Configuration
- Port Configuration Overview
- Configuring Ports
- Terms and Definitions
Port Mirroring Configuration
- How to Use Port Mirroring in Your Network
- Implementing Port Mirroring
- Overview of Port Mirroring Configurations
- Configuring Port Mirrors
- Example: Configuring and Monitoring Port Mirroring (S-, K-Series)
- Example: Configuring an IDS Mirror (S-, K-Series)
- Example: Configuring a Policy Mirror Destination (S-, K-Series)
System Configuration
- Chassis Compatibility Mode (S-Series)
- System Properties Overview
  - System Properties Example
- User Management Overview
- Management Authentication Notification MIB Overview
  - Configuring Management Authentication Notification MIB
  - Management Authentication Notification MIB Configuration Examples
- License Overview
  - Configuring a License
  - License Examples
- SNTP Overview
- Telnet Overview
  - Configuring Telnet
  - Telnet Examples
- Secure Shell Overview
- Domain Name Server (DNS) Overview
  - Configuring DNS
  - DNS Configuration Example
- DHCP Overview
  - IPv4 DHCP Supported Server Options
  - DHCP Server
    - Configuring Client Class
    - DHCP Configuration Example
- DHCPv6 Overview
- Node Alias Overview
  - Configuring Node Alias
  - Setting Node Alias State and Max Entries
- MAC Address Settings Overview
- Terms and Definitions
Security Mode Configuration
- How to Use Security Mode in Your Network
- Implementing Security Mode
- Configuring Security Mode
  - Security Mode Display Commands
- Security Mode Configuration Example
- Terms and Definitions
IPsec Protocol Configuration
- How to Use IPsec in Your Network
- IPsec Implementation Requirements
  - Required Manual Configuration
- Understanding the IPsec Protocol
  - IKE Map
- Configuring IPsec
- IPsec Configuration Example
- Terms and Definitions
Public-Key Infrastructure (PKI) Configuration
- Using Public-Key Infrastructure (PKI) in Your Network
- Implementing Public-Key Infrastructure
- Public-Key Infrastructure Configuration Overview
- Configuring Public-Key Infrastructure
- Terms and Definitions
Tracked Object Manager Configuration
- Using Tracked Object Manager in Your Network
  - Tracked Objects
  - Probes
  - Scheduling
    - Probe Session Scheduling
    - Tracked Object Scheduling
- State Probe Configuration
- Timing Probe Configuration
- Tracked Object Configuration
- Terms and Definitions
Bidirectional Forwarding Detection (BFD) Configuration
- Using Bidirectional Forwarding Detection (BFD) in Your Network
- Implementing BFD
- BFD Configuration Overview
- Configuring BFD
- Terms and Definitions
Link-State Configuration
- Using the Link-State Application in Your Network
- Configuring Link-State
IP SLA Configuration
- Using IP SLA in Your Network
- Configuring IP SLA
Power over Ethernet Configuration
- How to Use PoE in Your Network
- Implementing PoE
  - Allocation of PoE Power to Modules
    - When Manual Mode is Configured
  - Management of PoE Power to PDs
- Configuring PoE
Discovery Protocol Configuration
- How to Use Neighbor Discovery in Your Network
- Understanding Neighbor Discovery
- Configuring LLDP
- Configuring Neighbor Warning Detection
- Configuring Enterasys Discovery Protocol
  - Enterasys Discovery Protocol Configuration Commands
  - Enterasys Discovery Protocol Show Commands
- Configuring Cisco Discovery Protocol
  - Cisco Discovery Protocol Configuration Commands
  - Cisco Discovery Protocol Show Commands
Data Center Bridging Configuration
- How to Use Data Center Bridging in Your Network
- Implementing Data Center Bridging
- Enhanced Transmission Selection Configuration
- Priority-Based Flow Control Configuration (S-, 7100-Series)
- Application Priority Configuration
- Congestion Notification (CN) Configuration (S-, 7100-Series)
- Configuring Data Center Bridging
- Terms and Definitions
Simple Network Management Protocol (SNMP) Configuration
- Using SNMP in Your Network
  - High-Level Configuration Process
- SNMP Concepts
- SNMP Support on S- K- and 7100-Series Devices
- Configuring SNMP
  - Configuration Basics
  - How SNMP Processes a Notification Configuration
  - SNMP Defaults
    - Device Start Up Configuration
  - Configuring SNMPv1/SNMPv2c
    - Creating a New Configuration
    - Adding to or Modifying the Default Configuration
  - Configuring SNMPv3
  - Configuring Secure SNMP Community Names
    - Example
- Reviewing SNMP Settings
Spanning Tree Configuration
- What Is the Spanning Tree Protocol?
- Why Would I Use Spanning Trees in My Network?
- How Do I Implement Spanning Trees?
- STP Overview
  - Rapid Spanning Tree
  - Multiple Spanning Tree
    - Per-VLAN Spanning Tree (PVST)
- Functions and Features Supported on the S- K- and 7100-Series Devices
- Understanding How Spanning Tree Operates
- Configuring STP and RSTP
- Configuring MSTP
- Understanding and Configuring SpanGuard
- Understanding and Configuring Loop Protect
- Terms and Definitions
Shortest Path Bridging (SPB) Configuration
- Using Shortest Path Bridging (SPB) in Your Network
- Implementing Shortest Path Bridging
- Shortest Path Bridging VLAN Configuration Overview
- Configuring Shortest Path Bridging VLAN
- Terms and Definitions
Routing as a Service (RaaS) Configuration
- Using Routing as a Service (RaaS) in Your Network
- Implementing Routing as a Service
- Routing as a Service Configuration Overview
  - Helper Router Configuration
  - Main Router Configuration
- Configuring Routing as a Service
- RaaS Configuration Example
- Terms and Definitions
VLAN Configuration
- Using VLANs in Your Network
- Implementing VLANs
  - Preparing for VLAN Configuration
- Understanding How VLANs Operate
  - Learning Modes and Filtering Databases
  - VLAN Assignment and Forwarding
  - Example of a VLAN Switch in Operation
- VLAN Support on Extreme Networks S-, K-, and 7100-Series Switches
- Configuring VLANs
- Terms and Definitions
- VLAN Provider Bridges
  - Configuring Provider Bridges
    - Customer Bridge Mode
    - Provider Bridge Mode
Link Aggregation Control Protocol (LACP) Configuration
- Using Link Aggregation in Your Network
- Implementing Link Aggregation
- Link Aggregation Overview
- Configuring Link Aggregation
- Link Aggregation Configuration Examples
  - Link Aggregation Configuration Example 1
  - Link Aggregation Configuration Example 2
    - Configuring the Edge Switch
    - Configuring the Upstream Switch
- Terms and Definitions
Policy Configuration
- Using Policy in Your Network
- Implementing Policy
- Policy Overview
- Configuring Policy
- Policy Configuration Example
- Terms and Definitions
Multicast Configuration
- How to Use Multicast in Your Network
- Implementing Multicast
- Understanding Multicast
  - Internet Group Management Protocol (IGMP)
  - Understanding Distance Vector Multicast Routing Protocol (DVMRP)
    - Overview
    - DVMRP Support on Extreme Networks Devices
  - Understanding PIM
- Configuring Multicast
MSDP Configuration
- MSDP Overview
  - Source Active Messages
  - MSDP Mesh Groups
- Configuring MSDP
  - MSDP Display Commands
  - Example MSDP Configuration
- Configuring Anycast RP in MSDP
Multi-Topology Configuration
- Multiple Topology Overview
- Configuring a Multicast Topology
Multicast Listener Discovery (MLD) Configuration
- Using MLD in Your Network
- Implementing MLD
- Understanding MLD
  - MLD Support on Extreme Networks Devices
  - Example: Sending a Multicast Stream
- Configuring MLD
System Logging Configuration
- Using Syslog in Your Network
  - Syslog On S- K- and 7100-Series Switches
- Syslog Overview
- Configuring Syslog
Network Monitoring Configuration
- Using Network Monitoring in Your Network
- Network Monitoring Overview
- Configuring Network Monitoring
NetFlow Configuration
- Using NetFlow in Your Network
- Implementing NetFlow
- Understanding Flows
  - Flow Expiration Criteria
  - Deriving Information from Collected Flows
- Configuring NetFlow on the S- and K-Series
- Terms and Definitions
- NetFlow Version 5 Record Format
- NetFlow Version 9 Templates
Connectivity Fault Management Configuration
- How to Use Connectivity Fault Management in Your Network
- Connectivity Fault Management Overview
- Implementing Connectivity Fault Management
- Configuring CFM at the Global System Level
  - CFM Logging Filtering
  - VLAN Table Configuration
- Activating CFM Configuration
- Configuring a Maintenance Domain (MD)
- Configuring a Maintenance Association (MA)
- Configuring a Maintenance End-Point (MEP)
- CFM Loopback and Linktrace Protocols
  - The CFM Loopback Protocol
  - The CFM Linktrace Protocol
- Configuring Connectivity Fault Management
- Single MD Configuration Example
- Multiple MD Configuration Example
- Terms and Definitions
Virtual Routing and Forwarding (VRF) Configuration
- Using VRF in Your Network
- Implementing VRF
- VRF Overview
- Configuring VRF
- Terms and Definitions
IP Routing Configuration
- The Router
  - Entering Router Configuration
  - Display Router Configuration
- The Routing Interface
- IP Static Routes
  - Traffic Forwarding IP Static Routes (S-, K-Series)
    - Traffic Forwarding IPv4 Static Route Examples
  - Traffic Non-Forwarding IP Static Routes
    - Traffic Non-Forwarding IP Static Route Examples
- IPv6 Neighbor Discovery
- Configuring IPv6 Neighbor Discovery
- The ARP Table
- IP Broadcast (S-, K-Series)
- Router Management and Information Display
- IP Debug (S-, K-Series)
- Terms and Definitions
Tunneling Configuration
- How to Use Tunneling in Your Network
- Implementing Tunneling
- Tunneling Overview
- Configuring Tunneling
- Tunnel Configuration Example
  - Configuration Example Packet Transit Discussion
  - Configuration Example CLI Input
- Terms and Definitions
Layer 3 Virtual Private Network (VPN) Configuration
- How to Use Layer 3 VPN in Your Network
  - L3 VPN using L3 Tunnels or Native MPLS
  - L3 VPN over SPBV
- Implementing Layer 3 VPN using L3 Tunneling
- Implementing Layer 3 VPN using Native MPLS Tunneling
- Implementing Layer 3 VPN over SPBV
- Layer 3 VPN Overview
- Configuring Layer 3 VPN
- L3 VPN Using L3 Tunnels or Native MPLS Example Configuration
- L3 VPN Over SPBV Example Configuration
- Terms and Definitions
Routing Information Protocol (RIP) Configuration
- Using RIP in Your Network
- RIP Overview
  - Configuring RIP Authentication
  - Configuring RIP Offset
- Configuring RIP
- Terms and Definitions
Routing Information Protocol Next Generation (RIPng) Configuration
- Using RIPng in Your Network
- RIPng Configuration Overview
- Configuring RIPng
- Terms and Definitions
Open Shortest Path First (OSPFv2) Configuration
- Using the OSPF Protocol in Your Network
- Implementing OSPF
- OSPF Overview
- Configuring OSPF
  - Default Settings
Open Shortest Path First Version 3 (OSPFv3) Configuration
- Using the OSPFv3 Protocol in Your Network
- Implementing OSPFv3
- OSPFv3 Configuration Overview
- OSPFv3 Configuration Details
  - Default Settings
Intermediate System To Intermediate System (IS-IS) Configuration
- Using IS-IS in Your Network
- Implementing IS-IS
- IS-IS Configuration Overview
- Configuring IS-IS
- Terms and Definitions
RADIUS-Snooping Configuration
- Using RADIUS-Snooping in Your Network
- Implementing RADIUS-Snooping
- RADIUS-Snooping Overview
  - RADIUS-Snooping Configuration
  - RADIUS-Snooping Management
  - RADIUS Session Attributes
- Configuring RADIUS-Snooping
- RADIUS-Snooping Configuration Example
  - Configure the Distribution-tier Switch
  - Managing RADIUS-Snooping on the Distribution-tier Switch
- Terms and Definitions
Border Gateway Protocol (BGP) Configuration
- Using BGP in Your Network
- Implementing BGP
- BGP Overview
- Configuring BGP
- Terms and Definitions
Network Address Translation (NAT) Configuration
- Using Network Address Translation in Your Network
- Implementing NAT
- NAT Overview
- Configuring NAT
- NAT Configuration Examples
- Terms and Definitions
Load Sharing Network Address Translation (LSNAT) Configuration
- Using LSNAT on Your Network
- Implementing LSNAT
- LSNAT Overview
- Configuring LSNAT
- LSNAT Configuration Example
- Terms and Definitions
Transparent Web Cache Balancing (TWCB) Configuration
- Using Transparent Web Cache Balancing (TWCB) on Your Network
- Implementing TWCB
- TWCB Overview
  - The Server Farm
  - The Cache Server
    - Cache Server Weight
    - Fail Detection
  - The Web Cache
  - The Outbound Interface
  - The Switch and Router
    - The TWCB Binding
  - TWCB Source and Destination NAT
    - TWCB Destination NAT
    - TWCB Source NAT
- Configuring TWCB
- TWCB Configuration Example
Virtual Router Redundancy Protocol (VRRP) Configuration
- Using VRRP in Your Network
- Implementing VRRP in Your Network
- VRRP Overview
- Configuring VRRP
- VRRP Configuration Examples
  - Basic VRRP Configuration Example
  - Multiple Backup VRRP Configuration Example
- Terms and Definitions
Security Configuration
- Using Security Features in Your Network
- Implementing Security
- Security Overview
- Configuring Security
Flow Setup Throttling Configuration
- Using Flow Setup Throttling in Your Network
- Implementing Flow Setup Throttling
- Flow Setup Throttling Overview
- Configuring Flow Setup Throttling
- Flow Setup Throttling Configuration Example
  - Switch 1 Configuration
  - Switch 2 Chassis Configuration
- Terms and Definitions
Route-Map Manager Configuration
- Using Route-Map Manager in Your Network
- Implementing Route-Maps
- Route-Map Manager Overview
- Configuring Route-Map Manager
- Route-Map Manager Configuration Examples
- Terms and Definitions
S- and K-Series L3 and L2 Access Control List Configuration
- Using Access Control Lists (ACLs) in Your Network
- Implementing ACLs
- ACL Overview
- Configuring ACLs
- Terms and Definitions
7100-Series Access Control List Configuration
- Using Access Control Lists (ACLs) in Your Network
- Implementing ACLs
- ACL Overview
- Configuring ACLs
- Terms and Definitions
Quality of Service (QoS) Configuration
- Using Quality of Service in Your Network
- Implementing Quality of Service
- Quality of Service Overview
- Understanding QoS Configuration on the S- K- and 7100-Series
- The QoS CLI Command Flow
- QoS Configuration Example (S-, K-Series)
- Terms and Definitions
Anti-Spoofing Configuration
- Anti-Spoofing Feature Overview
- Implementing Anti-Spoofing in Your Network
  - Using DHCP Snooping Only
    - Using DAI, IP Source Guard, and Duplicate IP Detection
- Anti-Spoofing Configuration
  - Overview
    - Port Classes
    - Managing the Binding Database
  - Configuration Examples
    - Code Example
Authentication Configuration
- Using Authentication in Your Network
- Implementing User Authentication
- Authentication Overview
- Configuring Authentication
- Authentication Configuration Example
- Terms and Definitions
IEEE 802.1x MACsec Authentication
- MACsec Overview
- Configuring IEEE 802.1x MACsec Authentication (S-, 7100-Series)
OpenFlow
- OpenFlow Overview
- OpenFlow Limitations
- OpenFlow Security
  - Generating Transport Layer Security (TLS) Private Keys
  - Certificate Revocation Checking Not Supported
- Configuring OpenFlow
Glossary
- A
- B
- C
- D
- E
- F
- G
- H
- I
- J
- L
- M
- N
- O
- P
- Q
- R
- S
- T
- U
- V
- W
- X

Establishing a Public Key Infrastructure

To create a PKI:

Initialize a new PKI by executing the ovs-pki init command on the PKI host.

The following files are created:

File Name	Usage
controllerca/private/cakey.pem	Not required by switches or controllers.
switchca/cacert.pem	Required by controller to authenticate valid switches.
switchca/cakey.pem	Not required by switches or controllers.
controllerca/cacert.pem	Required by switches to authenticate controllers.

Published May 2016prev | next

Email this topic

Print this page Print this page

Leave feedback Feedback