Which optional feature of an ethernet switch

This applies to VMware administrators, system administrators, and network administrators. This capability delivers automated log management that helps to provide operational efficiency in dynamic, hybrid cloud environments. When used with Log Insight, the Lenovo Networking Content Pack provides monitoring and analyses of syslogs that are issued by Lenovo Networking switches and switch configurations. Figure 2. More ports can be enabled with Upgrade 1 and Upgrade 2 license options.

Upgrade 1 must be applied before Upgrade 2 can be applied. The part numbers and feature codes for ordering the switch and the upgrades are listed in the following table. These cables can be used to connect to the switch locally for configuration tasks and firmware updates. The part numbers for the upgrades part numbers 49Y and 88Y include the following items:.

With flexible port mapping, customers have more flexibility in assigning ports that they licensed on the ENR, which can help eliminate or postpone the need to purchase upgrades. Although the base model and upgrades still activate specific ports, flexible port mapping provides clients with the capability of reassigning ports as needed by moving internal and external 10 GbE ports, or trading off four 10 GbE ports for the use of an external 40 GbE port.

This feature is valuable when you consider the flexibility with the base license and with Upgrade 1. Note: When Upgrade 1 and Upgrade 2 are activated, flexible port mapping is no longer used because all the ports on the ENR are enabled. The supported port combinations on the switch and required upgrades are listed in the following tables. With the flexibility of the ENR switch, customers can use the following connectivity technologies:.

The network cables that can be used with the switch are listed in the following table. Note: The features that are listed in this section are based on Networking OS version 8. The following features are not supported with Stacking for more information about limitations, see the Networking OS Application Guide :.

Figure 3. The ENR switches can be installed in bays 1, 2, 3, and 4 of the Enterprise chassis. A supported adapter must be installed in the corresponding slot of the compute node. The ENR can use up to three of the four lanes. In compute nodes that have an integrated dual-port 10 GbE network interface controller NIC , NIC ports are routed to bays 1 and 2 with a specialized periscope connector, and the adapter is not required.

However, the periscope connector can be replaced with the adapter when needed. In such a case, integrated NIC is disabled. With flexible port mapping, there is no need to buy switch upgrades for 4-port and 8-port adapters if the total number of port licenses on the switch does not exceed the number of external upstream network ports and internal compute node network ports connections that are used.

Half-wide compute nodes support up to two adapters, and full-wide compute nodes support up to four adapters. The following table lists the 10 Gb, 25 Gb, and 40 Gb Ethernet network switches that are offered by Lenovo that can be used with the ENR switch in Flex System network connectivity solutions. Lenovo and the Lenovo logo are trademarks or registered trademarks of Lenovo in the United States, other countries, or both. Lenovo Lenovo Press.

Subscribe to Updates. Subscribed to TIPS Rating No Rating. Your Name optional. Your Email Address optional. Comment optional. Thank you for your feedback. Download PDF. Display withdrawn products shown with a light-pink background. Table of Contents. Introduction Did you know?

Key features Components and connectors System specifications Models Transceivers and cables Software features. Ethernet standards Warranty Physical specifications Agency approvals Chassis and adapters Network connectivity Storage connectivity Related publications and links Related product families Trademarks. Did you know? Key features The Flex System Fabric ENR 10Gb Scalable Switch is considered particularly suited for the following customers: Customers who want to use 10 GbE communications between compute nodes in the chassis but still require upstream 1 GbE connections to their infrastructure.

Customers who are implementing a virtualized environment. Customers who require investment protection for 40 GbE external ports. Customers who want to reduce total cost of ownership TCO and improve performance while maintaining high levels of availability and security. Customers who want to avoid or minimize oversubscription, which can result in congestion and loss of performance. Cloud ready, optimized network virtualization with virtual NICs With the majority of IT organizations implementing virtualization, there is an increased need to reduce the cost and complexity of their environments.

Cloud ready, VM-aware networking VMready software on the module simplifies configuration and improves security in virtualized environments. System specifications The following table lists the ENR system specifications.

Table 1. Data traffic types Unicast, multicast, broadcast. Performance Non-blocking architecture with wire-speed forwarding of traffic: Up to 1. Optional Lenovo Switch Center. Optional Lenovo XClarity.

So you won't see dynamic entries if you have not set up port switching. Also you can add static entries that take over dynamic if dynamic entry with same mac-address already exists.

Also by adding a static entry you get access to some more functionality that is controlled via following params:. Another possibility for static entries is that mac address can be mapped to more that one port, including 'cpu' port.

VLAN table specifies certain forwarding rules for packets that have specific Those rules are of higher priority than switch groups configured using the Bridge Hardware Offloading feature.

Basically the table contains entries that map specific VLAN tag ids to a group of one or more ports. Packets with VLAN tags leave switch chip through one or more ports that are set in corresponding table entry. Vlan-mode can take following values:. VLAN tag id based forwarding takes into account the MAC addresses dynamically learned or manually added in the host table. The option "independent-learning" in VLAN table entries enables this feature. Rule table is very powerful tool allowing wire speed packet filtering, forwarding and vlan tagging based on L2,L3,L4 protocol header field condition.

Each rule contains a conditions part and an action part. Action part is controlled by following parameters:. IPv4 and IPv6 specific conditions cannot be present in same rule.

Due to the fact that the rule table is processed entirely in switch chips hardware there is limitation to how many rules you may have. Port isolation provides the possibility to divide isolate certain parts of your network, this might be useful when need to make sure that certain devices cannot access other devices, this can be done by isolating switch ports.

Switch port isolation is available on all switch chips since RouterOS v6. Warning: The forwarding-override property that has an effect on ingress traffic only. Switch ports that do not have the forwarding-override specified are able to send packets through all switch ports. If additional port isolation is needed between ports on the same VLAN, a switch rule with a new-dst-ports property can be implemented. Other devices without switch rule support cannot overcome this limitation.

In some scenarios you might need to forward all traffic to a uplink port while all other ports are isolated from each other. This kind of setup is called Private VLAN configuration, the Switch will forward all Ethernet frames directly to the uplink port allowing the Router to filter unwanted packets and limit access between devices that are behind switch ports.

Note: By default, the bridge interface is configured with protocol-mode set to rstp. For some devices, this can disable hardware offloading because specific switch chips do not support this feature. See the Bridge Hardware Offloading section with supported features. Override the egress port for each switch port that needs to be isolated excluding the uplink port :. Note: It is possible to set multiple uplink ports for a single switch chip, this can be done by specifying multiple interfaces and separating them with a comma.

In some scenarios you might need to isolate a group of devices from other groups, this can be done using the switch port isolation feature. This is useful when you have multiple networks but you want to use a single switch, with port isolation you can allow certain switch ports to be able to communicate through only a set of switch ports. In this example devices on ether will only be able to communicate with devices that are on ether , while devices on ether will only be able to communicate with devices on ether ether is not able to communicate with ether Then specify in the forwarding-override property all ports that you want to be in the same isolated switch group except the port on which you are applying the property , for example, to create an isolated switch group for A devices:.

All switch chips have a special port that is called switchX-cpu , this is the CPU port for a switch chip, it is meant to forward traffic from a switch chip to the CPU, such a port is required for management traffic and for routing features.

By default the switch chip ensures that this special CPU port is not congested and sends out Pause Frames when link capacity is exceeded to make sure the port is not oversaturated, this feature is called CPU Flow Control. Without this feature packets that might be crucial for routing or management purposes might get dropped.

Since RouterOS v6. Other switch chips have this feature enabled by default and cannot be changed. Some switch chips are capable of reporting statistics, this can be useful to monitor how many packets are sent to the CPU from the built-in switch chip. You can find an example of switch chip's statistics below:.

Some devices have multiple CPU cores that are directly connected to a built-in switch chip using separate data lanes. These devices can report which data lane was used to forward the packet from or to the CPU port from the switch chip. For such devices an extra line is added for each row, the first line represents data that was sent using the first data lane, the second line represent data that was sent using the second data line and so on.

You can find an example of switch chip's statistics for a device with multiple data lanes connecting the CPU and the built-in switch chip:. For routing functions to work properly on the same device through ports that use secure vlan-mode, you will need to allow access to the CPU from those ports, this can be done by adding the switchX-cpu interface itself to the VLAN table. Examples can be found at the Management port section. Make sure you implement proper firewall filter rules to secure your device when access to the CPU is allowed from a certain VLAN ID and port, use firewall filter rules to allow access to only certain services.

Note: It is possible to use the built-in switch chip and the CPU at the same time to create a Switch-Router setup, where a device acts as a switch and as a router at the same time. You can find a configuration example in the Switch-Router guide.

In this example ether3 , ' ether4 and ether5 interfaces are access ports, while ether2 is a trunk port. Assign vlan-mode and vlan-header mode for each port and also default-vlan-id on ingress for each access port:.

It means what comes in tagged, goes out tagged as well, only default-vlan-id frames are untagged at the egress of port. In switch port menu set vlan-mode on all ports and also default-vlan-id on planned hybrid ports:. In these examples there will be shown examples for multiple scenarios, but each of these scenarios require you to have switched ports. Below you can find how to switch multiple ports:. In these examples it will be assumed that ether1 is the trunk port and ether2 is the access port, for configuration as the following:.