Sep 082011

The bane of every Unix admin’s life is the network department, because almost every connectivity problem is their fault – which we’ve already verified with a quick snoop, tcpdump or netcat – but they claim it isn’t, and then stop answering the phone. Once in a while, you end up with a couple of switches of your very own, and wonder where to start. How hard could it be? None hard, that’s how.

Here’s the rudiments of using my Dell PowerConnect 5324: the commands I use most frequently. This will get you started, and remember to just press “?” after commands to find out what the available options are.

Login and get privilege on the Dell Switch

SSH or telnet (if you’re primitive and insecure) on, getting a prompt. It’s probably “admin”:

   User Name:  admin
   Password:  *******

This mode gives only limited functionality, like viewing configs. You can’t change anything. To make edits:

   dev-switch#  conf

Prompt changes:


Display Interfaces

First awesome thing about network gear that Unix command line doesn’t have: you can be lazy and just type enough of commands and switches to be unambigious. Thus the command “show interface status” can be rendered as “sh int stat”. Display interface information:

  dev-switch#  show int status
  dev-switch#  show int desc

Display information about specific switchport (g3):

  dev-switch# show int switchport eth g3

Create a VLAN

Get your head around VLANs quick, and why you trunk them. You’ve got a VMWare server and you want a management network to the server, but different networks to the virtual machines, then you trunk your VLANs on the switch, and send them all down the same NIC.

  dev-switch# show vlan
  dev-switch(config)# vlan database
  dev-switch(config)# vlan 173
  dev-switch(config)# int vlan 173
  dev-switch(config)# name DEV-TEST
  dev-switch(config)# exit
  dev-switch# show vlan

Vlan       Name                   Ports                Type     Authorization
---- ----------------- --------------------------- ------------ -------------
 1           1                     g(1,24)             other     Required 
173      DEV-TEST                                   permanent     Required 

Add Interfaces to VLAN

The way to aggregate interfaces is to give them permission to use a VLAN. Also, there are several different modes of aggregation that can be used. As far as I can work out, if the switchport is taking a connection from a router or firewall (that is, upstream), then use “trunk” mode. If it’s connecting to a server, then use “general” mode. “access” mode is just a plain old vanilla single-VLAN interface. I can’t tell you how long it took to work this out.

Set switchport mode:

  dev-switch(config)# int eth g16
  dev-switch(config-if)# swi mode general

Add VLAN to switchport, after first setting the “native” (non-trunk VLAN) to VLAN 3 (for example):

  dev-switch(config-if)# swi general pvid 3
  dev-switch(config-if)# swi general allow vlan add 173
  dev-switch(config-if)# end
  dev-switch# show vlan

Vlan       Name                   Ports                Type     Authorization
---- ----------------- --------------------------- ------------ -------------
 1           1           g(1-24)      other       Required 
173      DEV-TEST                  g16              permanent     Required 

Save Running Config

Switches have two configurations – one saved in a file “startup-config” which gets loaded on startup, and one running in memory “running-config”. If you don’t periodically copy the running config to disk, then a sudden reboot will result in a reversion to the filesystem config. So do this:

   dev-switch# copy running-config startup-config

Ideally, also save this file to a backup server, but that will be a subject for another post. Or Google it. Probably Google it. It involves setting up a TFTP server and typing “write net”.

Matt Parsons is a freelance Linux specialist who has designed, built and supported Unix and Linux systems in the finance, telecommunications and media industries.

He lives and works in London.