Introduction to the ExtremeXOS User Guide
- Conventions
- Related Publications
- Providing Feedback to Us
- Getting Help
Getting Started
- Product Overview
- Software Required
- Simple Switch Configuration with Chalet
- Switch Configuration Using VLAN ID (VID)
- Zero Touch Provisioning (Auto Configuration)
  - Auto-provisioning Process
  - Auto-provisioning Configuration
- Logging in to the Switch
- Understanding the Command Syntax
- Port Numbering
  - Stand-alone Switch Numerical Ranges
  - SummitStack Numerical Ranges
- Line-Editing Keys
- Viewing Command History
- Common Commands
- Using Safe Defaults Mode
- Configuring Management Access
- Managing Passwords
- Accessing an Active Node in a SummitStack
- Domain Name Service Client Services
- Checking Basic Connectivity
  - Ping
  - Traceroute
- Displaying Switch Information
  - Filtering the Output of Show Commands
Managing the Switch
- ExtremeXOS Switch Management Overview
- Understanding the ExtremeXOS Shell
- Using the Console Interface
- Using the 10/100 or 10/100/1000 Ethernet Management Port
- Using NetSight or Ridgeline to Manage the Network
- Authenticating Users
- Using Telnet
- Using Secure Shell 2
  - Access Profile Logging for SSH2
- Using the Trivial File Transfer Protocol
  - TFTP Block-size Configuration
  - Connecting to Another Host Using TFTP
- Understanding System Redundancy
- Understanding Hitless Failover Support
  - Protocol Support for Hitless Failover
  - Hitless Failover Caveats
    - Caveats for a SummitStack
- Understanding Power Supply Management
- Using the Network Time Protocol
- Using the Simple Network Management Protocol
- Using the Simple Network Time Protocol
  - Configuring and Using SNTP
    - GMT Offsets
  - SNTP Example
- Access Profile Logging for HTTP/HTTPS
Managing the ExtremeXOS Software
- Using the ExtremeXOS File System
- Managing the Configuration File
- Managing ExtremeXOS Processes
- Understanding Memory Protection
Configuring Stacked Switches
- Introduction to Stacking
- Preparing to Configure a Stack
- Configuring a Stack
  - Manually Configuring a Stack
  - Verifying the Configuration
- Managing an Operating Stack
- Changing the Stack Configuration
- Troubleshooting a Stack
Configuring Slots and Ports on a Switch
- Configuring Ports on a Switch
- Using the Precision Time Protocol
- DWDM Optics Support
- Jumbo Frames
- Link Aggregation on the Switch
- MLAG
- Mirroring
- Remote Mirroring
- Extreme Discovery Protocol
- EXOS Cisco Discovery Protocol
  - EXOS CDP Support
  - EXOS CDP Protocol Operations
- Software-Controlled Redundant Port and Smart Redundancy
- Configuring Automatic Failover for Combination Ports
  - Summit Family Switches with Shared Copper/Fiber Gigabit Ports Only
- Displaying Port Information
- EXOS Port Description String
  - Configure Port decription-string
- Port Isolation
  - Configuring Port Isolation
- Energy Efficient Ethernet
  - Configuring Energy Efficient Ethernet
Universal Port
- Profile Types
  - Static Profiles
  - Dynamic Profiles
- Dynamic Profile Trigger Types
- How Device-detect Profiles Work
- How User Authentication Profiles Work
- Profile Configuration Guidelines
- Collecting Information from Supplicants
- Supplicant Configuration Parameters
- Universal Port Configuration Overview
- Using Universal Port in an LDAP or Active Directory Environment
- Configuring Universal Port Profiles and Triggers
- Managing Profiles and Triggers
- Sample Universal Port Configurations
Using CLI Scripting
- Setting Up Scripts
- Displaying CLI Scripting Information
- CLI Scripting Examples
LLDP Overview
- Supported Advertisements (TLVs)
- LLDP Packets
- Transmitting LLDP Messages
- Receiving LLDP Messages
- LLDP Management
- Configuring and Managing LLDP
- Displaying LLDP Information
  - Displaying LLDP Port Configuration Information and Statistics
  - Display LLDP Information Collected from Neighbors
OAM
- CFM
- Y.1731—Compliant Performance Monitoring
- Y.1731 MIB Support
- EFM OAM—Unidirectional Link Fault Management
  - Unidirectional Link Fault Management
  - Configuring Unidirectional Link Fault Management
- Two-Way Active Measurement Protocol
  - TWAMP-Test Protocol
- Bidirectional Forwarding Detection (BFD)
PoE
- Extreme Networks PoE Devices
- Summary of PoE Features
- Power Delivery
- Configuring PoE
- Displaying PoE Settings and Statistics
Status Monitoring and Statistics
- Viewing Port Statistics
- Viewing Port Errors
- Using the Port Monitoring Display Keys
- Viewing VLAN Statistics
  - Summit Family Switches Only
    - Configuring VLAN Statistics
    - Guidelines and Limitations
- Performing Switch Diagnostics
- Using the System Health Checker
  - Understanding the System Health Checker
    - Summit Family Switches
  - Displaying the System Health Check Setting--All Platforms
- Using ELSM
- Viewing Fan Information
- Viewing the System Temperature
  - System Temperature Output
    - SummitStack
    - Summit Family Switches Only
- Using the Event Management System/Logging
- Using the XML Notification Client
- Using sFlow
- Using RMON
- Monitoring CPU Utilization
VLANs
- VLANs Overview
- Configuring VLANs on the Switch
- Displaying VLAN Information
- Private VLANs
- VLAN Translation
- Port-Specific VLAN Tag
  - Port-Specific Tags in L2VPN
  - Configuring Port-Specific VLAN Tags
VMAN (PBN)
- VMAN Overview
- VMAN Configuration Options and Features
- Configuration
  - Configuring VMANs (PBNs)
    - Guidelines for Configuring VMANs
    - Procedure for Configuring VMANs
  - Configuring VMAN Options
    - Configuring the Ethertype for VMAN Ports
    - Selecting the Tag used for Egress Queue Selection
- Displaying Information
  - Displaying VMAN Information
- Configuration Examples
  - VMAN CEP Example
  - Multiple VMAN Ethertype Example
FDB
- FDB Contents
- How FDB Entries Get Added
- How FDB Entries Age Out
- FDB Entry Types
- Managing the FDB
- Displaying FDB Entries and Statistics
  - Display FDB Entries
  - Display FDB Statistics
- MAC-Based Security
- Managing MAC Address Tracking
Data Center Solutions
- Data Center Overview
- Managing the DCBX Feature
- Managing the XNV Feature, VM Tracking
- Managing Direct Attach to Support VEPA
- Managing the FIP Snooping Feature
AVB
- Overview
- AVB Feature Pack License
- Configuring and Managing AVB
  - MRP/MSRP LAG Support
  - gPTP LAG Support
- Displaying AVB Information
Layer 2 Tunneling and Filtering
- Layer 2 Protocol Tunneling
- Protocol Tunneling
  - Implementing L2PT in EXOS
- Protocol Filtering
  - Implementing Protocol Filtering in EXOS
  - Protocol Filters
- L2PT Limitations
Virtual Routers
- Overview of Virtual Routers
  - Types of Virtual Routers
  - VR Configuration Context
- Managing Virtual Routers
- Virtual Router Configuration Example
Policy Manager
- Policy Manager and Policies Overview
- Creating and Editing Policies
- Applying Policies
  - Applying ACL Policies
  - Applying Routing Policies
ACLs
- ACLs Overview
- ACL Two-Stage Policy
  - Feature Description
  - Two-Stage Policy Example
- ACL Rule Syntax
- Layer-2 Protocol Tunneling ACLs
- ACL Byte Counters
- Dynamic ACLs
- CVID ACL Match Criteria
- CCOS ACL Match Criteria
- ACL Evaluation Precedence
  - Precedence
- Applying ACL Policy Files
  - Displaying and Clearing ACL Counters
  - Example ACL Rule Entries
- ACL Mechanisms
  - ACL Slices and Rules
  - ACL Counters-Shared and Dedicated
- Policy-Based Routing
- ACL Troubleshooting
Routing Policies
- Routing Policies Overview
- Routing Policy File Syntax
- Applying Routing Policies
- Policy Examples
  - Translating an Access Profile to a Policy
  - Translating a Route Map to a Policy
Quality of Service
- Applications and Types of QoS
- Traffic Groups
- Introduction to Rate Limiting, Rate Shaping, and Scheduling
- Introduction to WRED
- Meters
- QoS Profiles
- Class of Service (CoS)
- Configuring QoS
- Displaying QoS Configuration and Performance
  - Displaying Traffic Group Configuration Data
  - Displaying Performance Statistics
    - Displaying QoS Profile Traffic Statistics
    - Displaying Congestion Statistics
Network Login
- Network Login Overview
- Configuring Network Login
- Authenticating Users
- Local Database Authentication
- 802.1X Authentication
- Web-Based Authentication
- MAC-Based Authentication
- Additional Network Login Configuration Details
ONEPolicy
- ONEPolicy Overview
  - Policy and Lowest Common Denominator Stacking
- Implementing Policy
- NetSight Policy Manager
- Roles in a Secure Network
- The Policy Role
- Policy Roles
- VLAN to Policy Mapping
- Applying Policy Using the RADIUS Response Attributes
- Classification Rules
- Standard and Enhanced Policy Considerations
- Configuring Policy
- Policy Configuration Example
- Terms and Definitions
VXLAN
- VXLAN Overview
- Unicast and Multicast VXLAN
- Virtual Network Flood Modes
  - Flood Mode Standard
  - Flood Mode Explicit
- OSPFv2 VXLAN Extensions
- VXLAN Learning
  - Dynamic Learning
- Load Balancing
- Quality of Service
- Redundant Access
  - MLAG
- Statistics
- Configuring Local Endpoints
- Configuration Samples
Identity Management
- Identity Management Overview
- Identity Management Feature Limitations
- Configuring Identity Management
- Managing the Identity Management Feature
- Displaying Identity Management Information
Security
- Security Features Overview
- Safe Defaults Mode
- MAC Security
  - MAC Locking
  - Limiting Dynamic MAC Addresses
  - MAC Address Lockdown
  - MAC Address Lockdown with Timeout
- DHCP Server
  - Enabling and Disabling DHCP
  - Configuring the DHCP Server
  - Displaying DHCP Information
- IP Security
  - DHCP Snooping and Trusted DHCP Server
  - Source IP Lockdown
  - ARP Learning
  - Gratuitous ARP Protection
    - Configuring Gratuitous ARP
    - Displaying Gratuitous ARP Information
  - ARP Validation
    - Configuring ARP Validation
    - Displaying ARP Validation Information
- Denial of Service Protection
  - Configuring Simulated Denial of Service Protection
  - Configuring Denial of Service Protection
    - Configuring Trusted Ports
    - Displaying DoS Protection Settings
  - Protocol Anomaly Protection
  - Flood Rate Limitation
- Authenticating Management Sessions Through a TACACS+ Server
  - Configuring the TACACS+ Client for Authentication and Authorization
  - Configuring the TACACS+ Client for Accounting
- Authenticating Management Sessions Through a RADIUS Server
  - How Extreme Switches Work with RADIUS Servers
  - Configuration Overview for Authenticating Management Sessions
- Authenticating Network Login Users Through a RADIUS Server
  - Differences Between Network Login Authentication and Management Session Authentication
  - Configuration Overview for Authenticating Network Login Users
- Authentication
  - Authentication Retransmission Algorithm
- Accounting
  - Accounting Retransmission Algorithm
- Authentication NMS Realm
- Per Realm Authentication Enable/Disable
- Supported RADIUS Attributes
- Configuring the RADIUS Client
  - Configuring the RADIUS Client for Authentication and Authorization
  - Configuring the RADIUS Client for Accounting
- RADIUS Server Configuration Guidelines
  - Configuring User Authentication (Users File)
  - Configuring the Dictionary File
  - Additional RADIUS Configuration Examples
  - Implementation Notes for Specific RADIUS Servers
  - Setting Up Open LDAP
- Configuring a Windows 7/Windows 8 Supplicant for 802.1X Authentication
- Hypertext Transfer Protocol
- Secure Shell 2
  - Enabling SSH2 for Inbound Switch Access
  - Viewing SSH2 Information
  - Using ACLs to Control SSH2 Access
    - Sample SSH2 Policies
    - Configuring SSH2 to Use ACL Policies
  - Using SCP2 from an External SSH2 Client
  - Understanding the SSH2 Client Functions on the Switch
    - SSH/SCP Client Upgrade Limitations
  - Using SFTP from an External SSH2 Client
  - SSH Server Overview
    - Understanding SSH Server
- Secure Socket Layer
  - Enabling and Disabling SSL
  - Creating Certificates and Private Keys
  - Displaying SSL Information
CLEAR-Flow
- CLEAR-Flow Overview
- Configuring CLEAR-Flow
- Displaying CLEAR-Flow Configuration and Activity
- Adding CLEAR-Flow Rules to ACLs
- CLEAR-Flow Rule Examples
EAPS
- EAPS Protocol Overview
- Configuring EAPS
- Displaying EAPS Information
- Configuration Examples
ERPS
- ERPS Overview
- Supported ERPS Features
- G.8032 Version 2
- Configuring ERPS
  - ERPS Version 1 Commands
  - ERPS Version 2 Commands
- Sample Configuration
- Debugging ERPS
- ERPS Feature Limitations
STP
- Spanning Tree Protocol Overview
- Span Tree Domains
- STP Configurations
- Per VLAN Spanning Tree
  - STPD VLAN Mapping
  - Native VLAN
- Rapid Spanning Tree Protocol
  - RSTP Concepts
  - RSTP Operation
- Multiple Spanning Tree Protocol
  - MSTP Concepts
  - MSTP Operation
- STP and Network Login
- STP Rules and Restrictions
- Configure STP on the Switch
  - STP FDB Flush Criteria
- Display STP Settings
- STP Configuration Examples
ESRP
- ESRP Overview
- Configuring ESRP
- Operation with Other ExtremeXOS Features
- Advanced ESRP Features
- Display ESRP Information
- ESRP Configuration Examples
VRRP
- VRRP Overview
- Configuring VRRP
- Managing VRRP
  - Enabling and Disabling VRRP and VRRP Router Instances
  - Clearing VRRP Counters
- Displaying VRRP Information
- VRRP Configuration Examples
MPLS
- MPLS Overview
- Configuring MPLS
- Displaying MPLS Configuration Information
- MPLS Configuration Example
- Configuring MPLS Layer-2 VPNs (VPLS and VPWS)
- VPLS VPN Configuration Examples
- Configuring H-VPLS
- Configuring Protected VPLS
- Configuring RSVP-TE
- RSVP-TE Configuration Example
- Troubleshooting MPLS
IPv4 Unicast Routing
- IPv4 Unicast Overview
- Configuring Unicast Routing
- Displaying the Routing Configuration and Statistics
- Routing Configuration Example
- Duplicate Address Detection
- Proxy ARP
  - ARP-Incapable Devices
  - Proxy ARP Between Subnets
- IPv4 Multinetting
- DHCP/BOOTP Relay
- DHCP Smart Relay
- Broadcast UDP Packet Forwarding
  - Configuring UDP Forwarding
  - Configuring UDP Echo Server Support
- IP Broadcast Handling
  - IP Broadcast Handling Overview
- VLAN Aggregation
IPv6 Unicast Routing
- IPv6 Unicast Overview
- Neighbor Discovery Protocol
- Managing Duplicate Address Detection
- Managing IPv6 Unicast Routing
- IPv6 ECMP and 32-Way ECMP
- DHCPv6 Relay Remote-ID Option
- DHCPv6 Relay Agent Prefix Delegation
  - Relay Agent Behavior in Prefix Delegation
- DHCPv6 Client
- Configuring DHCPv6 BOOTP Relay
- Configure Route Compression
- Hardware Forwarding Behavior
  - Hardware Forwarding Limitations
  - Hardware Tunnel Support
- Routing Configuration Example
- Tunnel Configuration Examples
RIP
- IGPs Overview
  - RIP Versus OSPF and IS-IS
  - Advantages of RIP, OSPF, and IS-IS
- Overview of RIP
- Route Redistribution
  - Configuring Route Redistribution
    - Redistribute Routes into RIP
- RIP Configuration Example
RIPng
- RIPng Overview
  - RIPng versus OSPFv3 and IS-IS
  - Advantages of RIPng, OSPFv3, and IS-IS
- RIPng Routing
- Route Redistribution
  - Configuring Route Redistribution
    - Redistributing Routes into RIPng
- RIPng Configuration Example
OSPF
- OSPF Overview
- Route Redistribution
- Configuring OSPF
  - Configuring OSPF Wait Interval
  - OSPF Wait Interval Parameters
- OSPF Configuration Example
  - Configuration for ABR 1
  - Configuration for IR 1
- Displaying OSPF Settings
OSPFv3
- OSPFv3 Overview
IS-IS
- IS-IS Overview
- Route Redistribution
  - Configuring Route Redistribution
- Configuring IS-IS
- Displaying IS-IS Information
- Managing IS-IS
- Configuration Example
BGP
- BGP Overview
- Configuring BGP
- Managing BGP
- Displaying BGP Information
- Configuration Examples
Layer 3 Virtual Private Network
- Overview of Layer 3 VPN
- Overview of BGP/MPLS Network
- Overlapping Customer Address Spaces
- Multi-protocol BGP Extension
- Multiple Forwarding Tables
- Quality of Service in BGP/MPLS VPN
- Virtual Routing and Forwarding Instances
- L3VPN Configuration Example
Multicast Routing and Switching
- Multicast Routing Overview
- Multicast Table Management
- PIM Overview
- IGMP Overview
- Configuring EAPS Support for Multicast Traffic
- Configuring IP Multicast Routing
- Multicast VLAN Registration
- Displaying Multicast Information
- Troubleshooting PIM
  - Multicast Trace Tool
  - Multicast Router Information Tool
IPv6 Multicast
- Multicast Listener Discovery (MLD) Overview
- Managing MLD
MSDP
- MSDP Overview
  - Supported Platforms
  - Limitations
- PIM Border Configuration
- MSDP Peers
- MSDP Mesh-Groups
- Anycast RP
- SA Cache
  - Maximum SA Cache Entry Limit
- SNMP MIBs
Software Upgrade and Boot Options
- ExtremeXOS Upgrade Process
- Installing a Modular Software Package
  - Upgrading a Modular Software Package
- Configuration Changes
- Using TFTP to Upload the Configuration
- Using TFTP to Download the Configuration
- Synchronizing Nodes
  - Automatic Synchronization of Configuration Files
- Accessing the Bootloader
- Upgrading the BootROM
  - Summit Family Switches and SummitStack Only
    - Accessing the Bootstrap CLI on the Summit Family Switches
- Upgrading the Firmware (ExtremeSwitching X440-G2 and X620 Series Switches Only)
- Displaying the BootROM and Firmware Versions
Troubleshooting
- Troubleshooting Checklists
  - Layer 1
  - Layer 2
  - Layer 3
- LEDs
- Using the Command Line Interface
- Using ELRP to Perform Loop Tests
- Debug Mode
- Saving Debug Information
- Evaluation Precedence for ACLs
- TOP Command
- TFTP Server Requirements
- System Odometer
  - Monitored Components
  - Recorded Statistics
- Temperature Operating Range
- Understanding the Error Reading Diagnostics Message
- Proactive Tech Support
- Service Verification Test Tool
  - Configuring the Service Verification Test Tool
Supported Standards, Protocols, and MIBs
Extreme Networks Proprietary MIBs
- EXTREME ACL MIB
- ExtremeXOS Configuration Management Enhancements
- ENTERASYS-VLAN-AUTHORIZATION-MIB
- EXTREME-MAC-AUTH-MIB
- EXTREME-AUTOPROVISION-MIB
- EXTREME-CFM-MIB
- EXTREME-CLEARFLOW-MIB
- EXTREME-EAPS-MIB
- EXTREME-EDP-MIB
- EXTREME-ENTITY-MIB
- EXTREME-ERPS-MIB
- EXTREME-ESRP-MIB
- EXTREME-FDB-MIB
- EXTREME-MPLS-MIB
- EXTREME-MPLS-TE-MIB
- EXTREME-OSPF-MIB
- EXTREME-PoE-MIB
- EXTREME-PORT-MIB
- Pseudowire LSP Sharing MIB
- EXTREME-QOS-MIB
- EXTREME-RMON-MIB
- EXTREME-PVLAN-MIB
- EXTREME-SNMPv3-MIB
- EXTREME-STP-EXTENSIONS-MIB
- EXTREME-STPNOTIFICATIONS-MIB
- EXTREME-SYSTEM-MIB
- EXTREME-TRAP-MIB
- EXTREME-TRAPPOLL-MIB
- EXTREME-V2TRAP-MIB
- EXTREME-VLAN-MIB
- EXTREME-VM-MIB
MIB Support Details
- IEEE 802.1AB (LLDP-MIB)
- IEEE 802.1AB (LLDP-EXT-DOT1-MIB)
- IEEE 802.1AB (LLDP-EXT-DOT3-MIB)
- IEEE 802.1AG (CFM MIB)
- IEEE8021-PAE-MIB
- IEEE8021X-EXTENSIONS-MIB
- ISIS-MIB (draft-ietf-isis-wg-mib-10.txt)
- PIM-MIB (draft-ietf-pim-mib-v2-01.txt)
- SNMPv3 MIBs
- RFC 1213 (MIB-II)
- RFC 1215
- RFC 1493 (BRIDGE-MIB) and draft-ietf-bridge-rstpmib-03.txt
- RFC 4363 (Q-BRIDGE-MIB)
- RFC 1724 (RIPv2-MIB)
- RFC 1757 (RMON-MIB)
- RFC 1850 (OSPF-MIB)
- RFC 2021 (RMON2-MIB)
- RFC 2233 (IF-MIB)
- RFC 2465 (IPV6 MIB)
- RFC 2466 (IPV6 ICMP MIB)
- RFC 2613 (SMON)
- RFC 2665 (EtherLike-MIB)
- R_RFC 2668 (MAU-MIB)
- RFC 6933 (ENTITY-MIB)
- RFC 2787 (VRRP-MIB)
- RFC 3621 (PoE-MIB)
- RFC 5601 (PW-STD-MIB)
- RFC 5602 (PW-MPLS-STD-MIB)
- RFC 5603 (PW-ENET-STD-MIB)
- VPLS-MIB (draft-ietf-l2vpn-vpls-mib-02.txt)

Limitations

Access profile logging for HTTP/HTTPS has the following limitations:

Policy file support is not available for HTTP and HTTPS.
Only source-address match is supported.
Access-lists that are associated with one or more applications cannot be directly deleted. They must be unconfigured from the application first and then deleted from the CLI.

Published March 1, 2020prev | next

Email this topic

Print this page Print this page

Leave feedback Feedback