InterWeb.org.uk

Interweb Blog Hyper-V, App-V, Dell Equallogic, Forefront TMG Security, DPM 2010, SCVMM

20Dec/110

Dell PowerConnect 5500 Series EqualLogic config

After the purchase of another EqualLogic PS6000 Series Array and 4 Dell PowerConnect 5524 switches to facilite onsite replicaiton, we decided we needed to look at the iSCSI backend network and how we where going to transport the replication data across site.

The PowerConnect 5000 switch's come with some new features, such as stacking with the use of HDMI ports located on the front of the switch, and Auto detection of EqualLogic Arrays with automatic configuration of ports attached to the Array. Enabling iSCSI mode will switch on jumbo frames, flow control, spanning-tree port fast, unicast storm control and enable the switch to automatically detect an Equallogic Array connected to any of its switch ports. - NOTE there is an issue with the implementation of flow-control prior to Firmware version 4.0.1.11 A02, Released on 10/25/2011 the issue as per the Firmware release notes are;

'The following flow control behavior change is made in this maintenance release of the PowerConnect 5500 Series: Receive-only Flow Control - The 802.3X Flow control is working only in receive side (and not in both transmit and receive as in releases prior to 4.0.1.11). The switch will respond to pause frames it receives from a link partner, and will pause the traffic to this link partner, but in case of congestion in the switch, no pause frames will be generated to the sender.

The recommendation from Dell prior to the release of Firmware 4.0.1.11 was to disable iSCSI mode and not to enable flow-control on any switch ports connected to an EqualLogic Array.

With this in mind we purchased 4 PowerConnect 5424 switches, didn't enable flow-Control, untill the release of FW 4.0.1.11 and planned our depoyment.

just for info some specs;

Performance.
switch Fabric Capacity 128.0 Gbps
Forwarding Rate 65.47 Mbps

Hardware.
1GB CPU SDRAM
16MB Flash Memory
12Mb Packet Buffer Memory

Features.
24 10/100/1000BASE-T auto-sensing Gigabit Ethernet switching ports
2 SFP+ (10Gb/1Gb) ports
2 Stacking Ports (HDMI) – 10Gb per port, full duplex, 40Gb total per switch
USB Port – Allows for file import/export locally
Auto-negotiation for speed, duplex mode and flow control
Auto MDI/MDIX
Port mirroring
Broadcast storm control
Port Profile support

Availability.
Spanning Tree (IEEE 802.1D) Multiple Spanning Tree (MSTP) and Rapid Spanning Tree (IEEE 802.1w) with Fast Link Support
Dual Image Support
External redundant power support with PowerConnect RPS-720
Cable diagnostics via Virtual Cable Tester

Security.
Up to 3,000 ACLs and up to 3,000 ACEs
Time Controlled ACLs
Switch access password protection
Optional strong password enforcement
User-definable settings for enabling or disabling Web, SSH, Telnet, SSL management access
Port-based MAC Address alert and lock-down
IP Address filtering for management access via Telnet, HTTP, HTTPS/SSL, SSH and SNMP
RADIUS and TACACS+ remote authentication for switch management access
SSLv3 and SSHv2 encryption for switch management traffic
DHCP Snooping

Management.
CLI
SSH
Console
HTTP GUI
SNMP V1, V2c
RMON
TFTP
SNTP
Telnet Client

Configuration.

Below is a diagram of what I was wanting to achieve;

SAN Network

SAN Network

 

This setup gives us High Availability at both ends and between both sets of switches with the use of 4 fibre ports in a LAG on each switch utilising 2 seperate fibre runs around the site, connecting both buildings. I also created a 6 port ISL or Inter Switch Link using LAG between the sets of switches at either building. The Fibre ports and the HDMI ports are Dual Personality so its one or the other scenario, I needed to use the fibre ports for distance so could not stack the switches and therefore stuck with an ISL.  In my initial testing of the HDMI stacking, I simulated the failure of a stack member and the remaining switches in the stack restarted and re-negotiated the base switch in the stack, not very good for a Hyper-V HA environment, so I stuck with an ISL, I didn't persue this as I wasn't going to stack the switches anyway so if someone has any info on this that would be great.

With your switch running on Firmware 4.0.1.11  you can now use the iSCSI enable feature.  The switch will automatically detect a directly connected EqualLogic array to any connected switch port and then configure the switch for use in an iSCSI environment both at port level and global.

The iSCSI auto-detect feature can be enabled with the command 'iscsi enable'

en

config

iscsi enable

exit

copy running-config startup-config

exit

LLDP or Link Layer Discovery Protocol is enabled globally by default on the switch, when an EqualLogic Array is connected to the switch LLDP notifications are recieved and the chasis ID attribute is compared with the EqualLogic OUI of (00:09:8a) if the LLDP packet matches this then the presence of an EqualLogic Array on the port is confimed and the port configured appropriately.  VLAN's are not configured by this command and need to be done seperately.  Best practice is not to use the defualt VLAN so configure another VLAN for iSCSI traffic.

en

config

vlan database

vlan 2

exit

int vlan 2

ip address 192.168.x.x 255.255.255.0

name iSCSI

exit

interface range gigabitethernet 1/0/1-24

switchport access vlan 2

exit

interface range tengigabitethernet 1/0/1-2

switchport access vlan 2

exit

so now we have configured the PowerConnect to automatically detect a EqualLogic Array and we have created a VLAN for iSCSI Traffic, lets take a look at what iSCSI enable actually does.

Jumbo Frames - Jumbo Frames enabled on all switch ports by default this is disabled.

Spanning-Tree Port Fast - STPF is enabled automatically on all ports only when connected to an EqualLogic Array.  This only happens when the LLDP recieves an valid and active EQL LLDP packet.  one ting to remember is that once enabled on the port spanning-Tree Port Fast remains enabled and needs to be disabled manually.

Unicast Storm Control - USC is automatically disbaled on all ports connected to an EqualLogic Array, this is because iSCSI traffic is Unicast.  Once an an EqualLogic Array is removed from the port then USC remains disabled and needs to be enabled manually if you require it on a non EqualLogic attached port.

Flow-Control - Flow Control is enabled to allow switch speed interoperability preventing buffer overflows from switches with higher speeds.

some other commands you may want to run to further configure your switch;

Set switch hostname -

hostname EQLSWITCH

Remove VOIP specific info -

voice vlan oui-table remove 000181

voice vlan oui-table remove 0001e3

voice vlan oui-table remove 00036b

voice vlan oui-table remove 00096e

voice vlan oui-table remove 000fe2

voice vlan oui-table remove 001049

voice vlan oui-table remove 0060b9

voice vlan oui-table remove 00907a

voice vlan oui-table remove 00e0bb

Setup Passwords -

username admin password xxxxxxxx level 15

enable password xxxxxxx

This is a good starting point for configuring a PowerConnect 5500 Series switch and explains the feature of iSCSI auto-configuration, in a multiple switch setup I would recommend creating a LAG (Link Aggregation Group) between the switches using at least 6 ports (The More The Merrier), this is quite easy using the Dell OpenManage Switch Administrator on the http/s interface.  There are also some good Management views in the 'System-iSCSI' menu, here you can see active iSCSI sessions in a table and also these session details, handy for troubleshooting any EqualLogic iSCSI related issues.

    Comments (0) Trackbacks (0)

    No comments yet.


    Leave a comment

    No trackbacks yet.

    Get Adobe Flash player