Difference between revisions of "Dell Powerconnect 5324"

From Hack Sphere Labs Wiki
Jump to: navigation, search
(Upgrading Switch Software)
(minicom - Archlinux Install and minicom general use - Serialing in AKA Console Into Switch)
 
(42 intermediate revisions by the same user not shown)
Line 1: Line 1:
To work with this switch you are going to need a NULL modem serial adapter or NULL modem cable. Once you have that The terminal settings are 9600 8N1 with no flow controlSo 9600 baud, 8 data bits, 1 stop bit, and no parity. Flow Control NONEVT100 Emulation.
+
[[http://files.hackspherelabs.com/?download=5324UG.zip Dell Powerconnect 5324 Userguide]]
 +
[[http://files.hackspherelabs.com/?download=5324CLI1.zip Dell Powerconnect 5324 Command Line Interface Guide]]
 +
 
 +
This guy has a decent setup guide: http://stevejenkins.com/blog/2011/05/dell-powerconnect-5324-setup-tasks/
 +
 
 +
As far as passwords go it looks like the username/password thing by default is only for the web interfaceWhen I set a line password for ssh I could use any username to login and it just asks for password.
  
 
=Notes From Reading User Guide of Switch=
 
=Notes From Reading User Guide of Switch=
  
*RS-232 Console Port
+
*Page numbers and reference
One DB-9 connector for a serial terminal connection which is used for debugging, software download, etc. The default baud rate is 9600 bps. The baud rate can be configured from 2400 bps up to 38400 bps.
+
*Passwords:  56
 +
 
  
 
The SFP ports and ethernet ports 21-24 can not be used at the same time.
 
The SFP ports and ethernet ports 21-24 can not be used at the same time.
Line 18: Line 24:
  
 
The reset button, located on the front panel, manually resets the device.
 
The reset button, located on the front panel, manually resets the device.
 +
 +
=minicom - Archlinux Install and minicom general use - Serialing in AKA Console Into Switch=
 +
To work with this switch you are going to need a NULL modem serial adapter or NULL modem cable to connect to the RS-232 Console Port.  Once you have that The terminal settings are 9600 8N1 with no flow control.  So 9600 baud, 8 data bits, 1 stop bit, and no parity.  Flow Control NONE.  VT100 Emulation.
 +
pacman -Sv minicom lrzsz
 +
General Use:  [[minicom]]
 +
Settings for Dell 5324 Switch:
 +
9600, 8, N, 1, Hardware flow control OFF
 +
I had to set hardware flow control off to get the unit to accept input <ref>https://stackoverflow.com/questions/3913246/cannot-send-character-with-minicom</ref>.  Software flow control worked.  I also had to start with 9600, I think you can change the setting later.
 +
 +
One DB-9 connector for a serial terminal connection which is used for debugging, software download, etc. The default baud rate is 9600 bps. The baud rate can be configured from 2400 bps up to 38400 bps.
 +
 +
=Reset Switch to Default Settings=
 +
enable
 +
delete startup-config
 +
reload
 +
*https://www.dell.com/community/Networking/Dell-PowerConnect-5324-How-do-you-reset-to-factory-defaults/m-p/2069264
  
 
=CLI=
 
=CLI=
Line 27: Line 49:
 
*http://www.dell.com/support/troubleshooting/us/en/555/Index
 
*http://www.dell.com/support/troubleshooting/us/en/555/Index
 
*http://en.community.dell.com/support-forums/network-switches/f/866/t/17879897.aspx
 
*http://en.community.dell.com/support-forums/network-switches/f/866/t/17879897.aspx
 +
 +
==Set Console Password==
 +
enable
 +
config
 +
aaa authentication login default line
 +
aaa authentication enable default line
 +
line console
 +
login authentication default                             
 +
enable authentication default 
 +
password yOurElitePassw0rd
 +
end
 +
 +
20 chars long seems to work and save your config:
 +
 +
copy running-config startup-config
 +
 +
==Set Other Passwords==
 +
 +
You can set other passwords for other lines (ways to connect)  I think they are just enable passwords and such.  You would still need users and passwords (prolly @ level 15) to use these services.  The services are not automatically enabled.  (I think except http)
 +
 +
Look at the user guide starting on page 56
 +
 +
[http://files.hackspherelabs.com/?download=5324UG.zip 5324 Userguide]
  
 
==Set Device IP Address==
 
==Set Device IP Address==
Line 42: Line 87:
 
Test then save your config.  You should be able to login (http,telnet) to the device.
 
Test then save your config.  You should be able to login (http,telnet) to the device.
  
=Reset/Blank Password=
+
==Reset/Blank Password==
 
It looks like a temp operation unless you save the settings.  You have to console into the switch.  Reset it.  On startup of the switch you will be prompted to hit esc or enter:
 
It looks like a temp operation unless you save the settings.  You have to console into the switch.  Reset it.  On startup of the switch you will be prompted to hit esc or enter:
  
Line 48: Line 93:
  
 
Afer you hit enter or esc you get 6 options.  3 clears the password.  I bet you the password comes back on reset.
 
Afer you hit enter or esc you get 6 options.  3 clears the password.  I bet you the password comes back on reset.
 +
 +
==Enable SSH Server Management! Plus HTTPS?==
 +
I think you should still need to set a ssh line password.  Though you may not have to.  It looks like you do.
 +
 +
enable
 +
config
 +
crypto certificate 1 generate key-generate
 +
crypto key generate dsa
 +
crypto key generate rsa
 +
ip ssh server
 +
If you want to change ssh port:
 +
ip ssh port [port #]
 +
If you want http server:
 +
ip https server
 +
If you want public key authentication for ssh:
 +
ip ssh pubkey-auth
 +
If you want to turn public key off after enableing?
 +
no op ssh pubkey-auth
 +
exit
 +
 +
==VLANS==
 +
Connect two trunk ports up that have the same vlans and the switches will pass data inbetween vlans.  You can do the same with a LAG or what not too.
 +
 +
* http://en.community.dell.com/support-forums/network-switches/f/866/t/19335968.aspx
 +
*Use web interface
 +
*Page 254 of the UG though
 +
*Page 40 and more in the CLI Guide
 +
 +
Table 7-65.
 +
VLAN Port Membership Table
 +
Port Control Definition
 +
 +
T The interface is a member of a VLAN. All
 +
packets forwarded by the interface are tagged.
 +
The packets contain VLAN information.
 +
 +
U The interface is a VLAN member. Packets
 +
forwarded by the interface are untagged.
 +
 +
F The interface is denied membership to a VLAN.
 +
Blank The interface is not a VLAN member. Packets
 +
associated with the interface are not forwarded.
 +
 +
===Trunk VS General===
 +
*http://en.community.dell.com/support-forums/network-switches/f/866/t/19335968.aspx
 +
 +
===Notes===
 +
*http://en.community.dell.com/support-forums/network-switches/f/866/p/17774016/17897002.aspx#17897002
 +
*http://stevejenkins.com/blog/2011/05/dell-powerconnect-5324-setup-tasks/
  
 
=Reset Configuration=
 
=Reset Configuration=
Line 62: Line 156:
  
 
=Upgrading Switch Software=
 
=Upgrading Switch Software=
 +
 +
show version
  
 
*Software has a .ros extension
 
*Software has a .ros extension
Line 101: Line 197:
 
  show bootvar
 
  show bootvar
 
  boot system image-2
 
  boot system image-2
 +
 +
Save the config:
 +
copy running-config startup-config
 +
  
 
Reboot the switch:
 
Reboot the switch:
Line 107: Line 207:
 
===Notes===
 
===Notes===
 
*http://www.latefortea.com/2009/09/minicom-cisco-and-xmodem/
 
*http://www.latefortea.com/2009/09/minicom-cisco-and-xmodem/
 +
*http://stevejenkins.com/blog/2011/05/dell-powerconnect-5324-setup-tasks/
 +
*http://en.community.dell.com/support-forums/network-switches/f/866/t/19443085.aspx
 +
 +
 +
=SNTP and Clock=
 +
show clock detail
 +
enable
 +
clock source sntp
 +
clock timezone -10
 +
 +
enable
 +
show sntp configuration
 +
configure
 +
sntp unicast client enable
 +
interface vlan ##
 +
sntp server 10.0.0.1 poll
 +
sntp client poll timer 60
 +
sntp client enable
 +
end
 +
show sntp status
 +
 +
http://en.community.dell.com/support-forums/network-switches/f/866/p/18440016/18563647.aspx
 +
 +
=SNMP=
 +
*http://en.community.dell.com/support-forums/network-switches/f/866/t/19513886.aspx
 +
 +
=LAG=
 +
 +
So when you put a port in lag, it ignores all other vlan settings.
 +
 +
VLANS AND LINK AGGREGATION GROUPS
 +
 +
On the PowerConnect M6220, when members are added to a link aggregation group (LAG), they are removed from all existing VLAN memberships. When members are removed from a LAG, they are added back to the VLANs that they were previously members of as per the  configuration file. 
 +
NOTE: A port’s VLAN membership can still be configured when it is a member of a LAG;  however, this configuration is only actually applied when the port leaves the LAG. Additionally, the port’s GVRP configuration is overridden by the LAG’s GVRP configuration. Upon leaving the LAG, the port will restore its GVRP configuration. The LAG interface can be a member of a VLAN complying with IEEE 802.1Q. The following discussion assumes an understanding of LAGs Please see the white paper “Link Aggregation Interoperability of the Dell PowerConnect™ M6220 with Cisco IOS or Cisco CatOS based Switches” for a in-depth discussion of M6220 LAG interoperability with Cisco switches. <ref>http://www.dell.com/downloads/global/products/pwcnt/en/pwcnt_VLAN_interoperability.pdf</ref>
 +
 +
show interfaces port-channel 1
 +
show interfaces status
 +
*http://www.dell.com/support/article/us/en/19/HOW10364/EN
 +
 +
And one thing to remember about LAG groups, they don't really increase your bandwidth (4 - 1Gb links in a LAG group != a 4Gb link). "Any conversation between two actors over a LAG group will only achieve speeds of the fastest link in the LAG group." A LAG group does not multiplex the conversation over all members in the LAG to achieve a higher throughput. During a conversations between two actors only a single link is used. Where this is a benefit is when you have many actors in the conversation, there are more lines to communicate with.
 +
 +
=ToDo=
 +
*Timeserver

Latest revision as of 18:06, 18 January 2018

[Dell Powerconnect 5324 Userguide] [Dell Powerconnect 5324 Command Line Interface Guide]

This guy has a decent setup guide: http://stevejenkins.com/blog/2011/05/dell-powerconnect-5324-setup-tasks/

As far as passwords go it looks like the username/password thing by default is only for the web interface. When I set a line password for ssh I could use any username to login and it just asks for password.

Notes From Reading User Guide of Switch

  • Page numbers and reference
  • Passwords: 56


The SFP ports and ethernet ports 21-24 can not be used at the same time.

  • The device has the following physical dimensions:
    • Height — 44 mm (1.73 inch)
    • Width — 440 mm (17.32 inch)
    • Depth — 255 mm (10.03 inch)

Speed/link/activity is indicated on the left LED and the duplex mode is indicated on the right LED.

Diag lights 4 in a row.

The reset button, located on the front panel, manually resets the device.

minicom - Archlinux Install and minicom general use - Serialing in AKA Console Into Switch

To work with this switch you are going to need a NULL modem serial adapter or NULL modem cable to connect to the RS-232 Console Port. Once you have that The terminal settings are 9600 8N1 with no flow control. So 9600 baud, 8 data bits, 1 stop bit, and no parity. Flow Control NONE. VT100 Emulation.

pacman -Sv minicom lrzsz

General Use: minicom Settings for Dell 5324 Switch:

9600, 8, N, 1, Hardware flow control OFF

I had to set hardware flow control off to get the unit to accept input [1]. Software flow control worked. I also had to start with 9600, I think you can change the setting later.

One DB-9 connector for a serial terminal connection which is used for debugging, software download, etc. The default baud rate is 9600 bps. The baud rate can be configured from 2400 bps up to 38400 bps.

Reset Switch to Default Settings

enable
delete startup-config
reload

CLI

When using cli to save settings:

console# copy running-config startup-config

Set Console Password

enable
config
aaa authentication login default line
aaa authentication enable default line
line console
login authentication default                              
enable authentication default  
password yOurElitePassw0rd
end

20 chars long seems to work and save your config:

copy running-config startup-config

Set Other Passwords

You can set other passwords for other lines (ways to connect) I think they are just enable passwords and such. You would still need users and passwords (prolly @ level 15) to use these services. The services are not automatically enabled. (I think except http)

Look at the user guide starting on page 56

5324 Userguide

Set Device IP Address

enable
configure
username admin password dell level 15
interface VLAN 1
ip address 192.168.1.123  /24
exit
ip default-gateway 192.168.1.1
snmp-server community private rw
exit

Test then save your config. You should be able to login (http,telnet) to the device.

Reset/Blank Password

It looks like a temp operation unless you save the settings. You have to console into the switch. Reset it. On startup of the switch you will be prompted to hit esc or enter:

Autoboot in 2 seconds - press RETURN or Esc. to abort and enter prom.

Afer you hit enter or esc you get 6 options. 3 clears the password. I bet you the password comes back on reset.

Enable SSH Server Management! Plus HTTPS?

I think you should still need to set a ssh line password. Though you may not have to. It looks like you do.

enable
config
crypto certificate 1 generate key-generate
crypto key generate dsa
crypto key generate rsa
ip ssh server

If you want to change ssh port:

ip ssh port [port #]

If you want http server:

ip https server

If you want public key authentication for ssh:

ip ssh pubkey-auth

If you want to turn public key off after enableing?

no op ssh pubkey-auth
exit

VLANS

Connect two trunk ports up that have the same vlans and the switches will pass data inbetween vlans. You can do the same with a LAG or what not too.

Table 7-65.
VLAN Port Membership Table
Port Control Definition
T The interface is a member of a VLAN. All
packets forwarded by the interface are tagged.
The packets contain VLAN information.
U The interface is a VLAN member. Packets
forwarded by the interface are untagged.
F The interface is denied membership to a VLAN.
Blank The interface is not a VLAN member. Packets
associated with the interface are not forwarded.

Trunk VS General

Notes

Reset Configuration

Console into the switch. Reset it. On startup of the switch you will be prompted to hit esc or enter:

Autoboot in 2 seconds - press RETURN or Esc. to abort and enter prom.

press [2] within two seconds to erase flash file. Do Yes. The filename you want is:

config

Enter to continue and boot the device. Make sure to have the firmware file downloaded before you reset the switch that has your working internet connection on it.

Upgrading Switch Software

show version
  • Software has a .ros extension
  • Boot code has a .rfb extension

It looks like you do the software first and then the boot code. But you must do them both or your device will reboot over and over!

Note: New firmware and new boot code must upgraded at the same time.

via console xmodem in linux

Note: Instructions say that this could take an hour or longer. I may just setup a TFTP server. You should review the image guide and user manual for the product.

How:

  • Console In
enable
reload
  • Y to reboot the swtich
  • Return or Esc within two seconds
  • 1 to download software

Send file via xmodem. I use minicom. Along with minicom you need to have lrzsz installed. Some say to use screen with minicom because the transfer will take a while over serial. If you use screen and minicom you will need to change the escape key of one of them. Usually minicom under screen and keyboard (minicom -o)

Via TFTP

Do it this way.

enable
copy tftp://tftp.server.addy/PowerConnect_5324-2014.ros image

Wait

copy tftp://tftp.server.addy/PowerConnect_5324_boot-10202.rfb boot

Wait

  • It looks like when you upload a boot image it replaces the old one. On reboot the new boot image is loaded. You HAVE to select the new software before you reboot the switch or the switch may just keep looping.
  • Quote from manual: Loading a new boot image from the TFTP server and programming it into the flash updates the boot image. The boot image is loaded when the device is powered on. A user has no control over the boot image copies.

So select the new system image before reboot:

show bootvar
boot system image-2

Save the config:

copy running-config startup-config


Reboot the switch:

reload

Notes


SNTP and Clock

show clock detail
enable
clock source sntp
clock timezone -10
enable
show sntp configuration
configure
sntp unicast client enable
interface vlan ##
sntp server 10.0.0.1 poll
sntp client poll timer 60
sntp client enable
end
show sntp status

http://en.community.dell.com/support-forums/network-switches/f/866/p/18440016/18563647.aspx

SNMP

LAG

So when you put a port in lag, it ignores all other vlan settings.

VLANS AND LINK AGGREGATION GROUPS

On the PowerConnect M6220, when members are added to a link aggregation group (LAG), they are removed from all existing VLAN memberships. When members are removed from a LAG, they are added back to the VLANs that they were previously members of as per the configuration file. NOTE: A port’s VLAN membership can still be configured when it is a member of a LAG; however, this configuration is only actually applied when the port leaves the LAG. Additionally, the port’s GVRP configuration is overridden by the LAG’s GVRP configuration. Upon leaving the LAG, the port will restore its GVRP configuration. The LAG interface can be a member of a VLAN complying with IEEE 802.1Q. The following discussion assumes an understanding of LAGs Please see the white paper “Link Aggregation Interoperability of the Dell PowerConnect™ M6220 with Cisco IOS or Cisco CatOS based Switches” for a in-depth discussion of M6220 LAG interoperability with Cisco switches. [2]

show interfaces port-channel 1
show interfaces status

And one thing to remember about LAG groups, they don't really increase your bandwidth (4 - 1Gb links in a LAG group != a 4Gb link). "Any conversation between two actors over a LAG group will only achieve speeds of the fastest link in the LAG group." A LAG group does not multiplex the conversation over all members in the LAG to achieve a higher throughput. During a conversations between two actors only a single link is used. Where this is a benefit is when you have many actors in the conversation, there are more lines to communicate with.

ToDo

  • Timeserver
  • https://stackoverflow.com/questions/3913246/cannot-send-character-with-minicom
  • http://www.dell.com/downloads/global/products/pwcnt/en/pwcnt_VLAN_interoperability.pdf