Creating and Managing Port Profiles
Port profiles provide a way to provision multiple switch interfaces, including Ethernet interfaces on EX Series switches, Campus Switching ELS, Data Center Switching devices, and Fibre Channel (FC) interfaces on Data Center Switching devices. In a Port profile, you can define a set of attributes to be shared by multiple interfaces. For example, you can create a Port profile for all access interfaces that connect to VoIP desk phones, configuring the appropriate class-of-service (CoS), authentication, and port security settings for these interfaces in the Port profile. You then assign the Port profile to those interfaces and deploy the resulting configuration on the interfaces.
Port profiles define only shared attributes. To enable you to configure specific attributes for an interface or a switch during the process of assigning a Port profile to an interface, the Create Port profile wizard provides two setup options: Quick Setup and Custom Setup. The Quick Setup option enables you to create initial configuration settings for a Port profile including selecting or create inline VLAN profile. The Custom Setup option enables you to configure all the advanced settings and create any inline sub-profiles. In Custom Setup option, apart from selecting the existing VLAN, CoS, and authentication sub-profiles, you can also create these sub-profiles.
If you switch from Quick Setup to Custom Setup, all the configuration settings are saved. However, if you switch from Custom Setup to Quick Setup, all the advanced settings done in the Custom Setup are lost.
To manage or create Port profiles: In Build mode, select Port from Profiles in the Tasks pane. The Manage Port Profile page appears.
This topic describes:
Managing Port Profiles
Use the Manage Port Profiles page to manage existing Port profiles and to create new ones. Port profiles enable the definition and application of a common set of attributes to interfaces.
From the Manage Port Profiles page, you can:
Create a new profile by clicking Add. For details, see Creating Port Profiles.
Modify an existing profile by selecting it and clicking Edit.
Associate a Port profile to specific interfaces by selecting it and clicking Assign.
During the assignment process, you can choose to configure interface-specific settings, such as IP address.
Change a Port profile’s current interface assignments by selecting it and clicking Edit Assignments. This opens the Edit assignments for profile-name page, which displays the assignment state and other details of the interfaces in a grid layout. After editing an assignment, and click Apply. The Edit Profile Assignment Job Details window opens, which reports the status of the interface assignment that you edited.
View information about a profile, including the interfaces it is associated with, by selecting the profile and clicking Details or by clicking the profile name, which opens the Profiles Details page. This page displays the profile details and the interface associations in a grid layout. It also has an option using which you can search profiles associated with a device and filter devices. Click Show Filters to filter an interface based on its IP address, serial number, type, or location or custom group.
Perform the search for the following:
A Port profile for a specific device by specifying the device details in the search field.
A port profile that is assigned to a specific port on a device. In this case, you must first enter the device details and then specify the port details in the search field to view the port profile.
Port profiles that are assigned to interfaces that are part of the same VLAN. When you specify the VLAN name in the search field, all the Port profiles that are part of the same VLAN are listed in the table.
Delete profiles by selecting the profiles and clicking Delete.
Tip You cannot delete profiles that are in use—that is, assigned to objects or used by other profiles. To see the current assignments for a profile, click the profile name.
Clone a profile by selecting a profile and clicking Clone.
Network Director provides a set of default Port profiles: Desktop Port, Desktop and Phone Port, Server Port, Switched Downlink, Switched Uplink, Wireless Access Port, and Custom Port. These profiles contain configuration appropriate for the named port role. You can manage these profiles the same way that you manage a user-created profile. For more information about these profiles, see Understanding Port Profiles.
Table 1 describes the information provided about Port profiles on the Manage Port Profiles page. This page lists all Port profiles defined for your network, regardless of your current selected scope in the network view.
Table 1: Manage Port Profiles Table
Column | Description |
|---|---|
Profile Name | Name given to the profile when the profile was created. Click the profile name to view profile details. A |
Family Type | One of the following:
|
Description | Description of the Port profile that was entered when the profile was created. |
Port Family | One of the following:
|
VLANs | Name of the member VLANs configured or referenced for that Port profile. |
Assignment State | One of the following states:
|
Creation Time | Date and time when the profile was created. |
Last Updated Time | Date and time when the profile was last modified. |
Assigned to Devices | Number of devices to which the Port profile is assigned. Click on the link to view the profile details. |
Assigned to Port | Number of ports to which the Port profile is assigned. Click on the link to view the profile details. |
Assigned to | Number of port assignments and device associations for a profile. |
User Name | The username of the user who created or modified the profile. |
All columns might not be currently displayed. To show or hide fields in the table, click the down arrow on the field header, select Columns, and select or clear the check box adjacent to the field that you want to show or hide.
Creating Port Profiles
To create a Port profile for EX Series switches, Campus Switching ELS, Data Center Switching, or Data Center Switching ELS:
- Click
in the
Network Director banner. - Under Views, select one of the following views: Logical
View, Location View, Device View or Custom Group.
Tip Do not select Datacenter View or Topology View.
- Click Port under Wired > Profiles in the Tasks
pane.
The Manage Port Profile page appears.
- Click Add.
The Select a Device Family page opens.
- Select Switching (EX), Campus Switching
ELS, Data Center Switching ELS, or Data Center
Switching Non-ELS.
The Create Port Profile page appears showing the Quick Setup and Custom Setup tabs for the selected family with the appropriate fields for configuring that family.
- Select initial settings in the Quick Setup option and advanced settings in the Custom Setup option for the Port profile. For information about the Port profile settings, select the section for the type of port you are configuring:
Specifying Settings for an EX Switching Port Profile
Use the Create Port Profile page to define a common set of port attributes, which you can then apply to a group of interfaces. These directions address creating a Port profile for EX Series switches.
You can reference a VLAN profile, CoS profile, Ingress Filter profile, Egress Filter profile, and an Authentication profile in a Port profile. You can either create these profiles in their respective profile pages before you create Port profiles or you can create these profiles as in-line sub-profiles while configuring Port profiles. You can also enable power over Ethernet (PoE).
After you create a Port profile, you assign it to individual interfaces or to members of a port group. During this process, you can also configure interface-specific attributes, such as IP address, and certain device-specific attributes, such as the Access profile to use for all ports on the device. You can assign only one Port profile to an interface.
Table 2 describes the Quick Setup settings available in a Port profile. Table 3 describes the Custom Setup settings. The defaults for these options depend on the Service Type you select.
Table 2: Port Profile Quick Setup Settings for an EX Switching Port Profile
Field | Action |
|---|---|
Profile Name | A default name that corresponds to the Service Type is displayed—when you change the Service Type, this default profile name changes. You can also change the name of profile, using up to 64 alphanumeric characters and no special characters other than the underscore. The name must be unique among Port profiles. |
Description | A default description of the preconfigured service types appears by default. You can change the description of the Port profile, which appears on the Manage Port Profiles page. You can use up to 256 characters. |
Service Type | Select one the preconfigured switching options, Desktop Port, Desktop Phone Port, Printer Port, Switched Uplink, Switched Downlink, Server Port, or Wireless Access Port. To create your own switching or routing service type, select Custom. Tip: No preconfigured routing Service Types are provided. You must create them using the Custom option. |
Desktop Port default service type has the following default settings:
| |
Desktop Phone Port preconfigured service type has the following default settings:
| |
Printer Port preconfigured service type has the following default settings:
| |
Switched Uplink preconfigured service type has the following default settings:
| |
Switched Downlink preconfigured service type has the following default settings:
| |
Server Port preconfigured service type has the following default settings:
| |
Wireless Access Port preconfigured service type has the following default settings:
| |
Family Type | This setting cannot be changed if any preconfigured Service Type was selected. If you selected the Custom Service Type, indicate whether the interface operates as a Layer 2 (Switching) or a Layer 3 (Routing) interface. Tip: All preconfigured Service Types are for switching. If you select Routing, you configure an IP address on a per-interface basis when you assign the profile to individual interfaces. Tip: Service Type must be set to Custom to configure a routing interface. |
Port Mode | This setting cannot be changed if any preconfigured Service Type was selected. If you selected the Custom Service Type, select the port mode for the EX Series switching interface, either Access, Trunk, or Tagged Access.
|
| VLAN Options Available VLAN options depend on the Service Type selected. | |
Member VLAN (available for Switched Uplink, Switched Downlink, Server Port) | Click All if you want to assign an interface to all the VLANs. This option is enabled when Port Mode is Trunk or TaggedAccess. |
Member VLANs | Select a VLAN for the interface by clicking Select, selecting one of the listed filters, and then clicking OK. The VLAN is added to the Member VLANS list. Or Configure a VLAN by clicking Configure VLAN Settings and clicking Create. Enter the VLAN name and ID and click OK. |
Voice VLAN | Select a voice VLAN for the interface by clicking Select, selecting one of the listed filters, and then clicking OK. The VLAN is added to the Member VLANS list. Or Configure a VLAN by clicking Configure VLAN Settings and clicking Create. Enter the VLAN Name and ID and click OK. |
Native VLAN (available for Switched Uplink, Switched Downlink) | Select a native VLAN for the interface by clicking Select, selecting one of the listed VLANs, and then clicking OK. The VLAN is added to the Member VLANs list. Or Configure a VLAN by clicking Configure VLAN Settings and clicking Create. Enter the VLAN name and ID and click OK. |
After providing the information in the fields listed in the preceding, click Done.
To use default Port Profile Custom Setup settings, click Done. To configure Custom Setup settings, click Custom Setup and then provide the information in Table 3 and then click Done.
Clicking Done in either case displays the dialog Do you want to assign Port Profile to Ports. Click Yes to create a profile assignment; else click No to navigate to the Manage Port Profile page and to create the Port assignment later on.
Table 3: Port Profile Custom Setup Settings
Field | Action |
|---|---|
| Advanced Settings Expand Advanced Settings to configure link settings and port security. The Link Setting in Port profile is disabled by default. On enabling Link Settings, autonegotiation and flow control are enabled by default. | |
Enable Auto Negotiation | Autonegotiation of link speed and duplex mode is enabled by default; clear to disable autonegotiation. If you disable autonegotiation, you must set link speed and link mode. You cannot disable autonegotiation if a link speed of 1 Gbps is configured. This configuration might be accepted, but autonegotiation is not disabled. Note: This setting is ignored when you assign a Port profile to an Aggregated Ethernet interface. |
Enable Flow Control | Select to enable flow control on the interface, which permits the switch suspend packet transmission for a set period of time in response to a PAUSE frame sent by a congested switch. Flow control applies only to links operating at 1 Gbps, full-duplex mode. |
MTU | Using the arrows, indicate the maximum transmission unit (MTU), which is the maximum size of Ethernet frames sent by the interface. To calculate the MTU, add 14 bytes overhead to the maximum payload you want sent. Range: 256 through 9216 bytes |
Speed | Select the link speed. If you select a link speed when autonegotiation is enabled, autonegotiation remains enabled and the interface advertises the link speed that you specify as its maximum link speed. Note: This setting is ignored when you assign a Port profile to an Aggregated Ethernet interface. |
Link Mode | Select the duplex mode, either Automatic, Full Duplex, or Half Duplex. Select Automatic to enable autonegotiation when autonegotiation is disabled. Note: This setting is ignored when you assign a Port profile to an Aggregated Ethernet interface. You cannot select Half Duplex with link speed set to Autonegotiation or 1 Gbps. |
Storm Control Settings Enabling storm control on a switching device monitors traffic levels and drops broadcast, multicast, and unknown unicast packets when a specified traffic level—called the storm control level or storm control bandwidth—is exceeded, thus preventing packets from proliferating and degrading the LAN. You can customize the storm control level for a specific interface by explicitly configuring either bandwidth or level. Note: You cannot configure both bandwidth and level for the same interface. | Unit
Value Configures the traffic storm control threshold level value as a percentage of bandwidth or bandwidth in kilobits per second depending upon the specified unit. |
| Power over Ethernet
(PoE) You can enable PoE and display the configuration options by enabling Configure Power over Ethernet. | |
Configure Power over Ethernet | Enable to configure PoE settings. If you do not enable this option, Network Director does not send any PoE configuration commands to the device when the profile is deployed on the device. For example, if PoE is enabled on an interface, it remains enabled. On EX Series switches, the factory-default configuration enables PoE on all interfaces that support PoE. If you enable this option, the PoE settings in this profile is deployed on the interfaces that support PoE. If you assign this Port profile to interfaces that do not support PoE, the profile is deployed successfully on those interfaces, but the PoE settings do not take effect. |
Maximum Power (W) | Use the arrows to adjust the maximum PoE power in watts allocated to a PoE port. The powered device cannot draw more power than the wattage specified. If it does so, PoE power to the port is shut down. Maximum power for PoE is 15.4W, Extended PoE is 18.6W and PoE+ is 30W. The Maximum Power setting has no effect when the PoE management mode for a switch or line card is class mode, which is the default mode. In class mode, the power allocated to a PoE port is determined either by LLDP negotiation with the powered device or by the PoE class of the powered device if LLDP is not supported. You must set the PoE power management mode for the switch or line card to static mode for the Maximum Power setting to take effect. Do this in the Device Common Settings profile. If you specify a maximum wattage that is greater than the maximum wattage that can be supplied by the port, your configuration is accepted when the Port profile is deployed on the port. However, the maximum wattage is set to the port’s maximum supported wattage. The maximum supported wattages for PoE ports are:
Default: 15.4W |
Priority | Select a power priority for the PoE port—either Low or High. If there is a shortage of PoE power on the switch, power to low priority ports is shut down before power to high priority ports. Within ports with the same assigned priority, power priority is determined by the port number—ports with a lower port number have a higher power priority. Default: low priority |
Disable PoE | Select to disable PoE on the interfaces using this Port profile. |
| Port Security
(Switching Interfaces Only) Select to enable port security (default); clear to disable port security. When port security is enabled, you can configure port security options such as learned MAC address limits on an interface. When port security is disabled, no port security is applied to the interface, including the default port security options. | |
Trust DHCP | Select to permit messages from a DHCP server to be received on the interface—this is the default. Clear to block all messages from a DHCP server from being received on the interface. Tip: For this port security feature to work, DHCP snooping must be enabled on the VLAN the interface belongs to. You can enable DHCP snooping on the VLAN in the VLAN profile. For directions, see Creating and Managing VLAN Profiles. |
MAC Limit | Type the number of MAC address that can be dynamically learned on the interface. Range: 1 through 163,839 Default: For Desktop Ports, 1. For Desktop Phone Ports, 2. For all others, none. |
MAC Limit Action | Select the action to be taken if the MAC address limit is exceeded:
|
Allowed MAC List | Indicate the MAC addresses of devices that are allowed access to the interface in the Allowed MAC List. Any device whose MAC address does not match an address in the list is not allowed access to the interface. A list with no entries means that a client with any MAC address is permitted to access the interface. To enter a MAC address, click Add and then type the MAC addresses in the field provided. Enter MAC addresses as two-character hexadecimal numbers separated by colons. Click Save to save the entry. Note: Configuring an allowed MAC address list does not block the switch from receiving Layer 2 control packets—such as Link Layer Discovery Protocol (LLDP) packets—transmitted from MAC addresses that are not specified in the address list. Control packets do not undergo the MAC address check. However, the switch does not forward them to another destination. Default: No entries |
RSTP Settings In addition to enabling or disabling the Spanning Tree Protocol (STP) as part of device profiles, this feature enables you to fine-tune STP by setting interfaces into edge, disable, or no-root-port states. | Edge RSTP defines the concept of an edge port, which is a designated port that connects to non-STP-capable devices, such as PCs, servers, routers, or hubs that are not connected to other switches. Because edge ports connect directly to end stations, they cannot create network loops and can transition to the forwarding state immediately. You can manually configure edge ports, and a switch can also detect edge ports by noting the absence of communication from the end stations. Disable Disables the RSTP on interface. Note: Configuring interfaces to one of these states is not mandatory for ELS switches. Hence, the option Disable is not applicable for ELS switches and therefore not supported. No Root Port Configures an interface to be a spanning-tree designated port. If the bridge receives superior STP bridge protocol data units (BPDUs) on a root-protected interface, that interface transitions to a root-prevented STP state (inconsistency state) and the interface is blocked. This blocking prevents a bridge from being elected the root bridge. When the bridge stops receiving superior STP BPDUs on the root-protected interface, interface traffic is no longer blocked. |
CoS Settings | Click Select Cos Profile to choose from existing CoS profiles. The CoS configuration contained in the CoS profile is applied to the interfaces that the Port profile is assigned to when you deploy the configuration. Click OK. Some preconfigured Service Types have a default CoS profile—see the description for Service Types field for details. Or Click Configure CoS settings to configure CoS profile. See Creating and Managing Wired CoS Profiles for steps to configure a CoS profile. |
Authentication Settings (Desktop Port, Desktop Phone Port, Wireless Access Port, Custom Port) | Select the Authentication profile for the interface from a list of existing profiles by clicking Select, selecting one of the listed profiles, and then clicking OK. By assigning an Authentication profile to the Port profile, you can enable 802.1x and captive portal authentication on interfaces. If you do not specify an Authentication profile, the interface is an open port and no authentication is required to connect. Note: You cannot configure 802.1x authentication on aggregated Ethernet interfaces. If you attempt to deploy a Port profile that contains an Authentication profile on an aggregated Ethernet interface, the deployment fails. Or Click Configure Authentication Settings to configure 802.1x and captive portal authentications. See Creating and Managing Authentication Profiles for steps to configure the authentication profile. |
Filter Settings (available for all Service Types, including Custom for routing) |
|
VRRP Settings (available when Service Type is Custom and Family Type is Routing) | Select the VRRP profile for the interface from a list of existing profiles by clicking Select. Select one of the listed profiles, and then click OK. |
If you configured Custom Setup settings, click Done. Upon clicking Done displays the dialog Do you want to assign Port Profile to Ports?. Click Yes to create a profile assignment else click No to create the profile and navigate to the Manage Port Profile page to create the Port assignment later.
Specifying Settings for a Campus Switching ELS Port Profile
Use the Create Port Profile page to define a common set of port attributes in a Port profile. You can then apply the Port profile to interfaces on a group of Campus Switching ELS devices.
You can reference a VLAN profile, CoS profile, Ingress Filter profile, Egress Filter profile, and an Authentication profile in a Port profile. You can either create these profiles in their respective profile pages before you create Port profiles or you can create these profiles as in-line sub-profiles while configuring Port profiles. You can also enable power over Ethernet (PoE).
After you create a Port profile, you can assign it to individual interfaces or to members of a Port group. During this assignment process, you can also configure interface-specific attributes, such as IP address, and certain device-specific attributes, such as the Access profile to use for all ports on the device. You can assign only one Port profile to an interface.
Table 4 describes the Quick Setup settings available in a Port profile. Table 5 describes the Custom Setup settings. The defaults for these options depend on the Service Type you select.
Table 4: Port Profile Quick Setup Settings for Campus Switching ELS
Field | Action |
|---|---|
Profile Name | Type the name of profile by using up to 64 alphanumeric characters and no special characters other than the underscore. The name must be unique among Port profiles. |
Description | Type a description of the Port profile, which appears on the Manage Port Profiles page. You can use up to 256 characters. |
Service Type | Select one the preconfigured options Desktop Port, Desktop Phone Port, Printer Port, Switched Uplink, Switched Downlink, Server Port, or Wireless Access Port. To create your own service type, select Custom. |
Desktop Port service type has the following default settings:
| |
Desktop Phone Port service type has the following default settings:
| |
Printer Port preconfigured service type has the following default settings:
| |
Switched Uplink service type has the following default settings:
| |
Switched Downlink service type has the following default settings:
| |
Server Port service type has the following default settings:
| |
Wireless Access Port service type has the following default settings:
| |
| Port Family Options The available settings and defaults for these options depend on the Service Type you selected. | |
Family Type: Switching or | This setting cannot be changed if any preconfigured Service Type was selected. If you selected the Custom Service Type, indicate whether the interface operates as a Layer 2 (Switching) or a Layer 3 (Routing) interface. Tip: Service Type must be set to Custom to configure a routing interface. If you select routing, you configure an IP address on a per-interface basis when you assign the profile to individual interfaces. |
Port Mode for switching interfaces only | This setting cannot be changed if any preconfigured Service Type was selected. If you selected the Custom Service Type, select the port mode for the interface, either Access, Trunk, or Tagged Access.
|
| VLAN Options Available VLAN options depend on the Service Type selected. VLAN association is required for Campus Switching ELS. | |
Member VLAN | Click All if you want to assign an interface to all the VLANs. This option is enabled when Port Mode is Trunk or TaggedAccess. |
Member VLAN | This configuration is for one VLAN. Select a VLAN for the interface by clicking Select, selecting one of the listed filters, and then clicking OK. Or Configure a VLAN by clicking Configure VLAN Settings and clicking Create. Enter the VLAN name and ID and click OK. |
Voice VLAN | This configuration is for one VLAN. Select a voice VLAN for the interface by clicking Select, selecting one of the listed filters, and then clicking OK. Or Configure a VLAN by clicking Configure VLAN Settings and clicking Create. Enter the VLAN name and ID and click OK. |
Native VLAN | Select a native VLAN for the interface by clicking Select, selecting one of the listed VLANs, and then clicking OK. The VLAN is added to the Member VLANs list. Or Configure a VLAN by clicking Configure VLAN Settings and clicking Create. Enter the VLAN name and ID and click OK. |
| Power over Ethernet (PoE) | |
Configure Power over Ethernet | Enable to configure PoE settings. If you do not enable this option, Network Director does not send any PoE configuration commands to the device when the profile is deployed on the device. For example, if PoE is enabled on an interface, it remains enabled. If you enable this option, the PoE settings in this profile is deployed on the interfaces that support PoE. If you assign this Port profile to interfaces that do not support PoE, the profile can be deployed successfully on those interfaces, but the PoE settings do not take effect. Tip: EX9200 switches do not support PoE. |
Maximum Power (W) | Use the arrows to adjust the maximum PoE power allocated to a PoE port in watts. The powered device cannot draw more power than the wattage specified. If it does so, PoE power to the port is shut down. The Maximum Power setting has no effect when the PoE management mode for the switch or line card is class mode, which is the default mode. In class mode, the power allocated to a PoE port is determined either by LLDP negotiation with the powered device or by the PoE class of the powered device if LLDP is not supported. You must set the PoE power management mode for the switch or line card to static mode for the Maximum Power setting to take effect. You can do this in the Device Common Settings profile. If you specify a maximum wattage that is greater than the maximum wattage that can be supplied by the port, your configuration is accepted when the Port profile is deployed on the port. However, the maximum wattage is set to the port’s maximum supported wattage. The maximum supported wattages for PoE ports are:
Default: 15.4W |
Priority | Select a power priority for the PoE port—either Low or High. If there is a shortage of PoE power on the switch, power to low priority ports is shut down before power to high priority ports. Within ports with the same assigned priority, power priority is determined by port number—ports with a lower port number have a higher power priority. Default: low priority |
Disable PoE | Select to disable PoE on the interface. |
After providing the information in the fields listed in Table 4, click Done.
To use default Port Profile Custom Setup settings, click Done. To configure Custom Setup settings, click Custom Setup and then provide the information in Table 5 and then click Done.
Clicking Done in either case displays the dialog Do you want to assign Port Profile to Ports. Click Yes to create a profile assignment; else click No to navigate to the Manage Port Profile page and to create the Port assignment later on.
Table 5: Port Profile Custom Setup Settings for Campus Switching ELS
Field | Action |
|---|---|
| Advanced Settings Expand Advanced Settings to configure link settings and port security. The Link Setting in Port profile is disabled by default. On enabling Link Settings, autonegotiation and flow control are enabled by default. | |
Enable Auto Negotiation | Autonegotiation of link speed and duplex mode is enabled by default; clear to disable autonegotiation. If you disable autonegotiation, you must set link speed and link mode. You cannot disable autonegotiation if a link speed of 1 Gbps is configured. This configuration might be accepted, but autonegotiation will not be disabled. Note: This setting is ignored when you assign a Port profile to an Aggregated Ethernet interface. |
Enable Flow Control | Select to enable flow control on the interface, which permits the switch suspend packet transmission for a set period of time in response to a PAUSE frame sent by a congested switch. Flow control applies only to links operating at 1 Gbps, full-duplex mode. |
MTU | Using the arrows, indicate the maximum transmission unit (MTU), which is the maximum size of Ethernet frames sent by the interface. To calculate the MTU, add 14 bytes overhead to the maximum payload you want sent. Range: 256 through 9216 bytes |
Speed | Select the link speed. If you select a link speed when autonegotiation is enabled, autonegotiation remains enabled and the interface will advertise the link speed that you specify as its maximum link speed. Note: This setting is ignored when you assign a Port profile to an Aggregated Ethernet interface. |
Link Mode | Select the duplex mode, either Automatic, Full Duplex, or Half Duplex. Select Automatic to enable autonegotiation when autonegotiation is disabled. Note: This setting is ignored when you assign a Port profile to an Aggregated Ethernet interface. You cannot select Half Duplex with link speed set to Autonegotiation or 1 Gbps. |
Storm Control Settings Enabling storm control on a switching device monitors traffic levels and drops broadcast, multicast, and unknown unicast packets when a specified traffic level—called the storm control level or storm control bandwidth—is exceeded, thus preventing packets from proliferating and degrading the LAN. You can customize the storm control level for a specific interface by explicitly configuring either bandwidth or level. Note: You cannot configure both bandwidth and level for the same interface. | Unit
Value Configures the traffic storm control threshold level value as a percentage of bandwidth or bandwidth in kilobits per second depending upon the specified unit. |
| Power over Ethernet
(PoE) You can enable PoE and display the configuration options by enabling Configure Power over Ethernet. | |
Configure Power over Ethernet | Enable to configure PoE settings. If you do not enable this option, Network Director does not send any PoE configuration commands to the device when the profile is deployed on the device. For example, if PoE is enabled on an interface, it remains enabled. On EX Series switches, the factory-default configuration enables PoE on all interfaces that support PoE. If you enable this option, the PoE settings in this profile is deployed on the interfaces that support PoE. If you assign this Port profile to interfaces that do not support PoE, the profile is deployed successfully on those interfaces, but the PoE settings will not take effect. |
Maximum Power (W) | Use the arrows to adjust the maximum PoE power in watts allocated to a PoE port. The powered device cannot draw more power than the wattage specified. If it does so, PoE power to the port is shut down. Maximum power for PoE is 15.4W, Extended PoE is 18.6W and PoE+ is 30W. The Maximum Power setting has no effect when the PoE management mode for a switch or line card is class mode, which is the default mode. In class mode, the power allocated to a PoE port is determined either by LLDP negotiation with the powered device or by the PoE class of the powered device if LLDP is not supported. You must set the PoE power management mode for the switch or line card to static mode for the Maximum Power setting to take effect. Do this in the Device Common Settings profile. If you specify a maximum wattage that is greater than the maximum wattage that can be supplied by the port, your configuration is accepted when the Port profile is deployed on the port. However, the maximum wattage is set to the port’s maximum supported wattage. The maximum supported wattages for PoE ports are:
Default: 15.4W |
Priority | Select a power priority for the PoE port—either Low or High. If there is a shortage of PoE power on the switch, power to low priority ports is shut down before power to high priority ports. Within ports with the same assigned priority, power priority is determined by the port number—ports with a lower port number have a higher power priority. Default: low priority |
Disable PoE | Select to disable PoE on the interfaces using this Port profile. |
| Port Security
(Switching Interfaces Only) Select to enable port security (default); clear to disable port security. When port security is enabled, you can configure port security options such as learned MAC address limits on an interface. When port security is disabled, no port security is applied to the interface, including the default port security options. | |
Trust DHCP | Select to permit messages from a DHCP server to be received on the interface—this is the default. Clear to block all messages from a DHCP server from being received on the interface. Tip: For this port security feature to work, DHCP snooping must be enabled on the VLAN the interface belongs to. You can enable DHCP snooping on the VLAN in the VLAN profile. For directions, see Creating and Managing VLAN Profiles. |
MAC Limit | Type the number of MAC address that can be dynamically learned on the interface. Range: 1 through 163839 Default: For Desktop Ports, 1. For Desktop Phone Ports, 2. For all others, none. |
MAC Limit Action | Select the action to be taken if the MAC address limit is exceeded:
|
Allowed MAC List | Indicate the MAC addresses of devices that are allowed access to the interface in the Allowed MAC List. Any device whose MAC address does not match an address in the list will not be allowed access to the interface. A list with no entries means that a client with any MAC address is permitted to access the interface. To enter a MAC address, click Add and then type the MAC addresses in the field provided. Enter MAC addresses as two-character hexadecimal numbers separated by colons. Click Save to save the entry. Note: Configuring an allowed MAC address list does not block the switch from receiving Layer 2 control packets—such as Link Layer Discovery Protocol (LLDP) packets—transmitted from MAC addresses that are not specified in the address list. Control packets do not undergo the MAC address check. However, the switch does not forward them to another destination. Default: No entries |
RSTP Settings In addition to enabling or disabling the Spanning Tree Protocol (STP) as part of device profiles, this feature enables you to fine-tune STP by setting interfaces into edge, disable, or no-root-port states. | Edge RSTP defines the concept of an edge port, which is a designated port that connects to non-STP-capable devices, such as PCs, servers, routers, or hubs that are not connected to other switches. Because edge ports connect directly to end stations, they cannot create network loops and can transition to the forwarding state immediately. You can manually configure edge ports, and a switch can also detect edge ports by noting the absence of communication from the end stations. Disable Disables the RSTP on interface. Note: Configuring interfaces to one of these states is not mandatory for ELS switches. Hence, the option Disable is not applicable for ELS switches and therefore not supported. No Root Port Configures an interface to be a spanning-tree designated port. If the bridge receives superior STP bridge protocol data units (BPDUs) on a root-protected interface, that interface transitions to a root-prevented STP state (inconsistency state) and the interface is blocked. This blocking prevents a bridge from being elected the root bridge. When the bridge stops receiving superior STP BPDUs on the root-protected interface, interface traffic is no longer blocked. |
CoS Settings | Click Select Cos Profile to choose from existing CoS profiles. The CoS configuration contained in the CoS profile is applied to the interfaces that the Port profile is assigned to when you deploy the configuration. Click OK. Some preconfigured Service Types have a default CoS profile—see Service Types for details. Or Click Configure CoS settings to configure CoS profile. See Creating and Managing Wired CoS Profiles for steps to configure a CoS profile. |
Authentication Settings (Desktop Port, Desktop Phone Port, Wireless Access Port, Custom Port) | Select the Authentication profile for the interface from a list of existing profiles by clicking Select, selecting one of the listed profiles, and then clicking OK. By assigning an Authentication profile to the Port profile, you can enable 802.1x and captive portal authentication on interfaces. If you do not specify an Authentication profile, the interface is an open port and no authentication is required to connect. Note: You cannot configure 802.1x authentication on aggregated Ethernet interfaces. If you attempt to deploy a Port profile that contains an Authentication profile on an aggregated Ethernet interface, the deployment fails. Or Click Configure Authentication Settings to configure 802.1x and captive portal authentications. See Creating and Managing Authentication Profiles for steps to configure the Authentication profile. |
Filter Settings (available for all Service Types, including Custom for routing) |
|
VRRP Settings (available when Service Type is Custom and Family Type is Routing) | Select the VRRP profile for the interface from a list of existing profiles by clicking Select. Select one of the listed profiles, and then click OK. |
Clicking Done displays the dialog Do you want to assign Port Profile to Ports. Click Yes to create a profile assignment else click No to navigate to the Manage Port Profile page and to create the Port assignment later.
Click Done to save the Port profile for Campus Switching ELS.
Specifying Settings for the Data Center Switching Non-ELS Port Profile
Use the Create Port Profile page to define a common set of attributes in a Port profile, which you can then apply to a group of interfaces on Data Center Switching non-ELS devices. Data Center Switching Non-ELS Port profiles can apply to Ethernet or Fibre Channel (FC) ports. You can create a new Port profile from scratch, or select an appropriate Service Type and use the default settings that Network Director has defined for that service type to create a Port profile.
You can reference a VLAN profile, CoS profile, Ingress Filter profile, Egress Filter profile, and an Authentication profile in a Port profile. You can either create these profiles in their respective profile pages before you create Port profiles or you can create these profiles as in-line sub-profiles while configuring Port profiles. You can also enable power over Ethernet (PoE).
After you create a Port profile, you can assign it to either individual interfaces or to members of port groups. During this process, you can also configure interface-specific attributes, such as IP address, and certain device-specific attributes, such as the Access profile to use for all ports on the device. You can assign only one Port profile to either an interface or port group.
Table 6 describes the Quick Setup settings available in the data center Port profile.
Table 7 describes the Custom Setup settings available for an Non-ELS Ethernet ports.
Table 6: Port Profile Quick Setup Settings for Data Center Non-ELS Ports
Field | Action |
|---|---|
Profile Name | Type the name of profile by using up to 64 alphanumeric characters and no special characters other than the underscore. The name must be unique among Port profiles. |
Description | Type a description of the Port profile, which will appear on Manage Port Profiles page. You can use up to 256 characters. |
Service Type | Select a service type for the profile. The service type describes the function that the port will serve. Selecting a service type automatically configures some of the other page fields to support that service type. Some of the automatic settings are mandatory for the service type, so you cannot edit those fields. Select one the preconfigured switching options, Desktop Port, Desktop Phone Port, Switched Uplink, Switched Downlink, Server Port, FCoE Gateway, Fibre Channel Port, or FCoE Transit Port. To create your own switching or routing service type, select Custom. Tip: No preconfigured routing Service Types are provided. You must create them by using the Custom option. |
Desktop Port service type has the following default settings:
| |
Desktop Phone Port service type has the following default settings:
| |
Switched Uplink service type has the following default settings:
| |
Switched Downlink service type has the following default settings:
| |
Server Port service type has the following default settings:
| |
FCoE Gateway service type has the following default settings:
| |
Fibre Channel Port service type has the following default settings:
| |
FCoE Transit Port service type has the following default settings:
| |
Family Type | Switching—Select whether the interface operates as a Layer 2 (switching) or a Layer 3 (routing) interface. Tip: Routing—If you select routing, you configure an IP address on a per-interface basis when you assign the profile to individual interfaces. |
Port Mode | (Switching interfaces only) Select the port mode for the interface:
|
Port Type | If you selected the service type Custom, select the port type. If you selected a service type other than Custom, you cannot edit this field. Each port type has a different set of fields to configure. The options are Ethernet Port or Fibre Channel Port. |
| VLAN Options Available VLAN options depend on the Service Type selected. | |
Member VLAN (available for Switched Uplink, Switched Downlink, Server Port, FCoE Gateway, FCoE Transit port) | Click All if you want to assign an interface to all the VLANs. This option is enabled when Port Mode is Trunk or TaggedAccess. |
Member VLANs | Select a VLAN for the interface by clicking Select, selecting one of the listed filters, and then clicking OK. The VLAN is added to the Member VLANS list. Or Configure a VLAN by clicking Configure VLAN Settings and clicking Create. Enter the VLAN name and ID and click OK. |
Voice VLAN | Select a voice VLAN for the interface by clicking Select, selecting one of the listed filters, and then clicking OK. The VLAN is added to the Member VLANS list. Or Configure a VLAN by clicking Configure VLAN Settings and clicking Create. Enter the VLAN name and ID and click OK. |
Native VLAN (available for Switched Uplink, Switched Downlink) | Select a native VLAN for the interface by clicking Select, selecting one of the listed VLANs, and then clicking OK. The VLAN is added to the Member VLANs list. Or Configure a VLAN by clicking Configure VLAN Settings and clicking Create. Enter the VLAN name and ID and click OK. |
Fibre Channel Settings (Fibre Channel Port) | Speed—Select the FC speed: Auto (default), 2Gbps, 4Gbps, or 8Gbps. Buffer to Buffer State Change Number—Configure the buffer-to-buffer credit state change number to prevent the permanent loss of Fibre Channel credits over time (buffer-to-buffer credit recovery). Select a number from 0 through 15. Loopback Setting—Select Loopback to configure an FC loopback interface. |
| DCBX Settings Data Center Bridging Capability Exchange protocol is a discovery and exchange protocol for conveying configuration and capabilities among network neighbors to ensure consistent configuration across the network. It is an extension of the Link Layer Data Protocol (LLDP, described in IEEE 802.1AB). The defaults for these settings depend on the Service Type you selected. | |
DCBX Version | Select one of the following versions of the Data Center Bridging Capability Exchange protocol:
|
Disable DCBX | Select this option to turn off Data Center Bridging Capability Exchange protocol. |
Disable Priority Flow Control | Select this option to turn off priority flow control. Priority-based flow control (PFC) is a link-level flow control mechanism defined by IEEE 802.1Qbb that enables independent flow control for each class of service (as defined in the 3-bit CoS field of the Ethernet header by IEEE 802.1Q tags) to ensure that no frame loss from congestion occurs in DCB networks. |
ETS No Auto Negotiation | Select this option to turn off ETS autonegotiation. Enhanced transmission selection (ETS) is a mechanism that provides finer granularity of bandwidth management within a link. |
Recommendation TLV | Select either Enable TLV or Disable TLV. The enhanced transmission selection (ETS) Recommendation TLV communicates the ETS settings that the switch wants the connected peer interface to use. If the peer interface is willing, the peer interface changes its configuration to match the configuration in the ETS Recommendation TLV. By default, the switch interfaces send the ETS Recommendation TLV to the peer. The settings communicated are the egress ETS settings defined by configuring hierarchical scheduling on the interface. |
Table 7: Port Profile Custom Setup Settings for Data Center Non-ELS Ethernet Ports
Field | Action |
|---|---|
| Advanced Settings Expand Advanced Settings to configure link settings and port security. The Link Setting in Port profile is disabled by default. On enabling Link Settings, autonegotiation and flow control are enabled by default. | |
Enable Auto Negotiation | Autonegotiation of link speed and duplex mode is enabled by default; clear to disable autonegotiation. If you disable autonegotiation, you must set link speed and link mode. You cannot disable autonegotiation if a link speed of 1 Gbps is configured. This configuration might be accepted, but autonegotiation is not disabled. Note: This setting is ignored when you assign a Port profile to an Aggregated Ethernet interface. |
Enable Flow Control | Select to enable flow control on the interface, which permits the switch suspend packet transmission for a set period of time in response to a PAUSE frame sent by a congested switch. Flow control applies only to links operating at 1 Gbps, full-duplex mode. |
MTU | Using the arrows, indicate the maximum transmission unit (MTU), which is the maximum size of Ethernet frames sent by the interface. To calculate the MTU, add 14 bytes overhead to the maximum payload you want sent. Range: 256 through 9216 bytes |
Speed | Select the link speed. If you select a link speed when autonegotiation is enabled, autonegotiation remains enabled and the interface will advertise the link speed that you specify as its maximum link speed. Note: This setting is ignored when you assign a Port profile to an Aggregated Ethernet interface. |
Link Mode | Select the duplex mode, either Automatic, Full Duplex, or Half Duplex. Select Automatic to enable autonegotiation when autonegotiation is disabled. Note: This setting is ignored when you assign a Port profile to an Aggregated Ethernet interface. You cannot select Half Duplex with link speed set to Autonegotiation or 1 Gbps. |
Storm Control Settings Enabling storm control on a switching device monitors traffic levels and drops broadcast, multicast, and unknown unicast packets when a specified traffic level—called the storm control level or storm control bandwidth—is exceeded, thus preventing packets from proliferating and degrading the LAN. You can customize the storm control level for a specific interface by explicitly configuring either bandwidth or level. Note: You cannot configure both bandwidth and level for the same interface. | Unit
Value Configures the traffic storm control threshold level value as a percentage of bandwidth or bandwidth in kilobits per second depending upon the specified unit. |
| Power over Ethernet
(PoE) You can enable PoE and display the configuration options by enabling Configure Power over Ethernet. | |
Configure Power over Ethernet | Enable to configure PoE settings. If you do not enable this option, Network Director does not send any PoE configuration commands to the device when the profile is deployed on the device. For example, if PoE is enabled on an interface, it remains enabled. On EX Series switches, the factory-default configuration enables PoE on all interfaces that support PoE. If you enable this option, the PoE settings in this profile is deployed on the interfaces that support PoE. If you assign this Port profile to interfaces that do not support PoE, the profile is deployed successfully on those interfaces, but the PoE settings will not take effect. |
Maximum Power (W) | Use the arrows to adjust the maximum PoE power in watts allocated to a PoE port. The powered device cannot draw more power than the wattage specified. If it does so, PoE power to the port is shut down. Maximum power for PoE is 15.4W, Extended PoE is 18.6W and PoE+ is 30W. The Maximum Power setting has no effect when the PoE management mode for a switch or line card is class mode, which is the default mode. In class mode, the power allocated to a PoE port is determined either by LLDP negotiation with the powered device or by the PoE class of the powered device if LLDP is not supported. You must set the PoE power management mode for the switch or line card to static mode for the Maximum Power setting to take effect. Do this in the Device Common Settings profile. If you specify a maximum wattage that is greater than the maximum wattage that can be supplied by the port, your configuration is accepted when the Port profile is deployed on the port. However, the maximum wattage is set to the port’s maximum supported wattage. The maximum supported wattages for PoE ports are:
Default: 15.4W |
Priority | Select a power priority for the PoE port—either Low or High. If there is a shortage of PoE power on the switch, power to low priority ports is shut down before power to high priority ports. Within ports with the same assigned priority, power priority is determined by the port number—ports with a lower port number have a higher power priority. Default: low priority |
Disable PoE | Select to disable PoE on the interfaces using this Port profile. |
| Port Security
(Switching Interfaces Only) Select to enable port security (default); clear to disable port security. When port security is enabled, you can configure port security options such as learned MAC address limits on an interface. When port security is disabled, no port security is applied to the interface, including the default port security options. | |
Trust DHCP | Select to permit messages from a DHCP server to be received on the interface—this is the default. Clear to block all messages from a DHCP server from being received on the interface. Tip: For this port security feature to work, DHCP snooping must be enabled on the VLAN the interface belongs to. You can enable DHCP snooping on the VLAN in the VLAN profile. For directions, see Creating and Managing VLAN Profiles. |
FCoE Trusted | Select to configure the interface to trust Fibre Channel over Ethernet (FCoE) traffic. If an interface is connected to another switch such as an FCoE forwarder (FCF) or a transit switch, you can configure the interface as trusted so that the interface forwards FCoE traffic from the switch to the FCoE devices without installing FIP snooping filters. |
MAC Limit | Type the number of MAC address that can be dynamically learned on the interface. Range: 1 through 163839 Default: For Desktop Ports, 1. For Desktop Phone Ports, 2. For all others, none. |
MAC Limit Action | Select the action to be taken if the MAC address limit is exceeded:
|
Allowed MAC List | Indicate the MAC addresses of devices that are allowed access to the interface in the Allowed MAC List. Any device whose MAC address does not match an address in the list will not be allowed access to the interface. A list with no entries means that a client with any MAC address is permitted to access the interface. To enter a MAC address, click Add and then type the MAC addresses in the field provided. Enter MAC addresses as two-character hexadecimal numbers separated by colons. Click Save to save the entry. Note: Configuring an allowed MAC address list does not block the switch from receiving Layer 2 control packets—such as Link Layer Discovery Protocol (LLDP) packets—transmitted from MAC addresses that are not specified in the address list. Control packets do not undergo the MAC address check. However, the switch does not forward them to another destination. Default: No entries |
RSTP Settings In addition to enabling or disabling the Spanning Tree Protocol (STP) as part of device profiles, this feature enables you to fine-tune STP by setting interfaces into edge, disable, or no-root-port states. | Edge RSTP defines the concept of an edge port, which is a designated port that connects to non-STP-capable devices, such as PCs, servers, routers, or hubs that are not connected to other switches. Because edge ports connect directly to end stations, they cannot create network loops and can transition to the forwarding state immediately. You can manually configure edge ports, and a switch can also detect edge ports by noting the absence of communication from the end stations. Disable Disables the RSTP on interface. Note: Configuring interfaces to one of these states is not mandatory for ELS switches. Hence, the option Disable is not applicable for ELS switches and therefore not supported. No Root Port Configures an interface to be a spanning-tree designated port. If the bridge receives superior STP bridge protocol data units (BPDUs) on a root-protected interface, that interface transitions to a root-prevented STP state (inconsistency state) and the interface is blocked. This blocking prevents a bridge from being elected the root bridge. When the bridge stops receiving superior STP BPDUs on the root-protected interface, interface traffic is no longer blocked. |
CoS Settings (All except Fibre Channel Type) | Click Select Cos Profile to choose from existing CoS profiles. The CoS configuration contained in the CoS profile is applied to the interfaces that the Port profile is assigned to when you deploy the configuration. Click OK. Some preconfigured Service Types have a default CoS profile—see Service Types for details. Or Click Configure CoS settings to configure CoS profile. See Creating and Managing Wired CoS Profiles for steps to configure a CoS profile. |
Authentication Settings (Desktop Port, Desktop Phone Port, Custom Port) | Select the Authentication profile for the interface from a list of existing profiles by clicking Select, selecting one of the listed profiles, and then clicking OK. By assigning an Authentication profile to the Port profile, you can enable 802.1x and captive portal authentication on interfaces. If you do not specify an Authentication profile, the interface is an open port and no authentication is required to connect. Note: You cannot configure 802.1x authentication on aggregated Ethernet interfaces. If you attempt to deploy a Port profile that contains an Authentication profile on an aggregated Ethernet interface, the deployment fails. Or Click Configure Authentication Settings to configure 802.1x and captive portal authentications. See Creating and Managing Authentication Profiles for steps to configure the authentication profile. |
Filter Settings (available for all Service Types, including Custom for routing) |
|
VRRP Settings (available when Service Type is Custom and Family Type is Routing) | Select the VRRP profile for the interface from a list of existing profiles by clicking Select. Select one of the listed profiles, and then click OK. |
Specifying Settings for a Data Center Switching ELS Port Profile
Use the Create Port Profile page to define a common set of port attributes in a Port profile. You can create a new Port profile from scratch, or select an appropriate Service Type and use the default settings that Network Director has defined for that service type to create a Port profile. You can then apply the Port profile to interfaces on a group of Data Center Switching ELS devices.
You can reference a VLAN profile, CoS profile, Ingress Filter profile, Egress Filter profile, and an Authentication profile in a Port profile. You can either create these profiles in their respective profile pages before you create Port profiles or you can create these profiles as in-line sub-profiles while configuring Port profiles.
After you create a Port profile, you can assign it to individual interfaces or to members of a Port group. During this assignment process, you can also configure interface-specific attributes, such as IP address, and certain device-specific attributes, such as the Access profile to use for all ports on the device. You can assign only one Port profile to an interface.
Table 8 describes the Quick Setup settings available in a Port profile. Table 9 describes the Custom Setup settings. The defaults for these options depend on the Service Type you select.
Table 8: Port Profile Quick Setup Settings for Data Center Switching ELS
Field | Action |
|---|---|
Profile Name | Type the name of profile by using up to 64 alphanumeric characters and no special characters other than the underscore. The name must be unique among Port profiles. |
Description | Type a description of the Port profile, which will appear on Manage Port Profiles page. You can use up to 256 characters. |
Service Type | Select one the preconfigured options Desktop Port, Switched Uplink, Switched Downlink, Server Port, or FCoE Transit Port. To create your own service type, select Custom. |
Desktop Port service type has the following default settings:
| |
Switched Uplink service type has the following default settings:
| |
Switched Downlink service type has the following default settings:
| |
Server Port service type has the following default settings:
| |
FCoE Transit Port service type has the following default settings:
| |
Family Type: Switching or The available settings and defaults for these options depend on the Service Type you selected. | This setting cannot be changed if any preconfigured Service Type was selected. If you selected the Custom Service Type, indicate whether the interface operates as a Layer 2 (Switching) or a Layer 3 (Routing) interface. Tip: Service Type must be set to Custom to configure a routing interface. If you select routing, you configure an IP address on a per-interface basis when you assign the profile to individual interfaces. |
Port Mode for switching interfaces only | This setting cannot be changed if any preconfigured Service Type was selected. If you selected the Custom Service Type, select the port mode for the interface, either Access or Trunk.
|
Port Type | For Data Center ELS profiles, the port type is always Ethernet Port. |
| VLAN Options Available VLAN options depend on the Service Type selected. | |
Member VAN (available for Switched Uplink, Switched Downlink,Server Port,FCoE Transit Port, Custom) | Click All if you want to assign an interface to all the VLANs. This option is enabled when Port Mode is Trunk. |
Member VLANs | Select a VLAN for the interface by clicking Select, selecting one of the listed filters, and then clicking OK. The VLAN is added to the Member VLANS list. Or Configure a VLAN by clicking Configure VLAN Settings and clicking Create. Enter the VLAN name and ID and click OK. |
Voice VLAN | Select a voice VLAN for the interface by clicking Select, selecting one of the listed filters, and then clicking OK. The VLAN is added to the Member VLANS list. Or Configure a VLAN by clicking Configure VLAN Settings and clicking Create. Enter the VLAN name and ID and click OK. |
Native VLAN (available for Switched Uplink, Switched Downlink) | Select a native VLAN for the interface by clicking Select, selecting one of the listed VLANs, and then clicking OK. The VLAN is added to the Member VLANs list. Or Configure a VLAN by clicking Configure VLAN Settings and clicking Create. Enter the VLAN name and ID and click OK. |
Member VLAN | (Access ports only) Select a VLAN profile for the interface from a list of existing profiles by clicking Select. |
Member VLANs | (Trunk ports only) Select a set of VLAN profiles for the interface from a list of existing profiles by using the Add and Remove functions. |
Native VLAN | (Trunk ports only) Select a native VLAN profile for the interface from a list of existing profiles by clicking Select. |
| DCBX Settings Data Center Bridging Capability Exchange protocol is a discovery and exchange protocol for conveying configuration and capabilities among network neighbors to ensure consistent configuration across the network. It is an extension of the Link Layer Data Protocol (LLDP, described in IEEE 802.1AB). The defaults for these settings depend on the Service Type you selected. | |
DCBX Version | Select one of the following versions of the Data Center Bridging Capability Exchange protocol:
|
Disable DCBX | Select this option to turn off Data Center Bridging Capability Exchange protocol. |
Disable Priority Flow Control | Select this option to turn off priority flow control. Priority-based flow control (PFC) is a link-level flow control mechanism defined by IEEE 802.1Qbb that enables independent flow control for each class of service (as defined in the 3-bit CoS field of the Ethernet header by IEEE 802.1Q tags) to ensure that no frame loss from congestion occurs in DCB networks. |
ETS No Auto Negotiation | Select this option to turn off ETS autonegotiation. Enhanced transmission selection (ETS) is a mechanism that provides finer granularity of bandwidth management within a link. |
Recommendation TLV | Select either Enable TLV or Disable TLV. The enhanced transmission selection (ETS) Recommendation TLV communicates the ETS settings that the switch wants the connected peer interface to use. If the peer interface is willing, the peer interface changes its configuration to match the configuration in the ETS Recommendation TLV. By default, the switch interfaces send the ETS Recommendation TLV to the peer. The settings communicated are the egress ETS settings defined by configuring hierarchical scheduling on the interface. |
After providing the information in the fields listed in Table 5, click Done.
To use default Port profile Custom Setup settings, click Done. To configure Custom Setup settings, click Custom Setup and then provide the information in Table 9 and then click Done.
Clicking Done in either case displays the dialog Do you want to assign Port Profile to Ports. Click Yes to create a profile assignment; else click No to navigate to the Manage Port Profile page and to create the Port assignment later on.
Table 9: Port Profile Custom Setup Settings for Data Center Switching ELS
Field | Action |
|---|---|
| Advanced Settings Expand Advanced Settings to configure link settings and port security. The Link Setting in Port profile is disabled by default. On enabling Link Settings, autonegotiation and flow control are enabled by default. | |
Enable Auto Negotiation | Autonegotiation of link speed and duplex mode is enabled by default; clear to disable autonegotiation. If you disable autonegotiation, you must set link speed and link mode. You cannot disable autonegotiation if a link speed of 1 Gbps is configured. This configuration might be accepted, but autonegotiation will not be disabled. Note: This setting is ignored when you assign a Port profile to an Aggregated Ethernet interface. |
Enable Flow Control | Select to enable flow control on the interface, which permits the switch suspend packet transmission for a set period of time in response to a PAUSE frame sent by a congested switch. Flow control applies only to links operating at 1 Gbps, full-duplex mode. |
MTU | Using the arrows, indicate the maximum transmission unit (MTU), which is the maximum size of Ethernet frames sent by the interface. To calculate the MTU, add 14 bytes overhead to the maximum payload you want sent. Range: 256 through 9216 bytes |
Speed | Select the link speed. If you select a link speed when autonegotiation is enabled, autonegotiation remains enabled and the interface will advertise the link speed that you specify as its maximum link speed. Note: This setting is ignored when you assign a Port profile to an Aggregated Ethernet interface. |
Link Mode | Select the duplex mode, either Automatic, Full Duplex, or Half Duplex. Select Automatic to enable autonegotiation when autonegotiation is disabled. Note: This setting is ignored when you assign a Port profile to an Aggregated Ethernet interface. You cannot select Half Duplex with link speed set to Autonegotiation or 1 Gbps. |
Storm Control Settings Enabling storm control on a switching device monitors traffic levels and drops broadcast, multicast, and unknown unicast packets when a specified traffic level—called the storm control level or storm control bandwidth—is exceeded, thus preventing packets from proliferating and degrading the LAN. You can customize the storm control level for a specific interface by explicitly configuring either bandwidth or level. Note: You cannot configure both bandwidth and level for the same interface. | Unit
Value Configures the traffic storm control threshold level value as a percentage of bandwidth or bandwidth in kilobits per second depending upon the specified unit. |
| Power over Ethernet
(PoE) You can enable PoE and display the configuration options by enabling Configure Power over Ethernet. | |
Configure Power over Ethernet | Enable to configure PoE settings. If you do not enable this option, Network Director does not send any PoE configuration commands to the device when the profile is deployed on the device. For example, if PoE is enabled on an interface, it remains enabled. On EX Series switches, the factory-default configuration enables PoE on all interfaces that support PoE. If you enable this option, the PoE settings in this profile is deployed on the interfaces that support PoE. If you assign this Port profile to interfaces that do not support PoE, the profile is deployed successfully on those interfaces, but the PoE settings will not take effect. |
Maximum Power (W) | Use the arrows to adjust the maximum PoE power in watts allocated to a PoE port. The powered device cannot draw more power than the wattage specified. If it does so, PoE power to the port is shut down. Maximum power for PoE is 15.4W, Extended PoE is 18.6W and PoE+ is 30W. The Maximum Power setting has no effect when the PoE management mode for a switch or line card is class mode, which is the default mode. In class mode, the power allocated to a PoE port is determined either by LLDP negotiation with the powered device or by the PoE class of the powered device if LLDP is not supported. You must set the PoE power management mode for the switch or line card to static mode for the Maximum Power setting to take effect. Do this in the Device Common Settings profile. If you specify a maximum wattage that is greater than the maximum wattage that can be supplied by the port, your configuration is accepted when the Port profile is deployed on the port. However, the maximum wattage is set to the port’s maximum supported wattage. The maximum supported wattages for PoE ports are:
Default: 15.4W |
Priority | Select a power priority for the PoE port—either Low or High. If there is a shortage of PoE power on the switch, power to low priority ports is shut down before power to high priority ports. Within ports with the same assigned priority, power priority is determined by port number—ports with a lower port number have a higher power priority. Default: low priority |
Disable PoE | Select to disable PoE on the interfaces using this Port profile. |
| Port Security
(Switching Interfaces Only) Select to enable port security (default); clear to disable port security. When port security is enabled, you can configure port security options such as learned MAC address limits on an interface. When port security is disabled, no port security is applied to the interface, including the default port security options. | |
Trust DHCP | Select to permit messages from a DHCP server to be received on the interface—this is the default. Clear to block all messages from a DHCP server from being received on the interface. Tip: For this port security feature to work, DHCP snooping must be enabled on the VLAN the interface belongs to. You can enable DHCP snooping on the VLAN in the VLAN profile. For directions, see Creating and Managing VLAN Profiles. |
FCoE Trusted | Select to configure the interface to trust Fibre Channel over Ethernet (FCoE) traffic. If an interface is connected to another switch such as an FCoE forwarder (FCF) or a transit switch, you can configure the interface as trusted so that the interface forwards FCoE traffic from the switch to the FCoE devices without installing FIP snooping filters. |
MAC Limit | Type the number of MAC address that can be dynamically learned on the interface. Range: 1 through 163839 Default: For Desktop Ports, 1. For Desktop Phone Ports, 2. For all others, none. |
MAC Limit Action | Select the action to be taken if the MAC address limit is exceeded:
|
Allowed MAC List | Indicate the MAC addresses of devices that are allowed access to the interface in the Allowed MAC List. Any device whose MAC address does not match an address in the list will not be allowed access to the interface. A list with no entries means that a client with any MAC address is permitted to access the interface. To enter a MAC address, click Add and then type the MAC addresses in the field provided. Enter MAC addresses as two-character hexadecimal numbers separated by colons. Click Save to save the entry. Note: Configuring an allowed MAC address list does not block the switch from receiving Layer 2 control packets—such as Link Layer Discovery Protocol (LLDP) packets—transmitted from MAC addresses that are not specified in the address list. Control packets do not undergo the MAC address check. However, the switch does not forward them to another destination. Default: No entries |
RSTP Settings In addition to enabling or disabling the Spanning Tree Protocol (STP) as part of device profiles, this feature enables you to fine-tune STP by setting interfaces into edge, disable, or no-root-port states. | Edge RSTP defines the concept of an edge port, which is a designated port that connects to non-STP-capable devices, such as PCs, servers, routers, or hubs that are not connected to other switches. Because edge ports connect directly to end stations, they cannot create network loops and can transition to the forwarding state immediately. You can manually configure edge ports, and a switch can also detect edge ports by noting the absence of communication from the end stations. Disable Disables the RSTP on interface. Note: Configuring interfaces to one of these states is not mandatory for ELS switches. Hence, the option Disable is not applicable for ELS switches and therefore not supported. No Root Port Configures an interface to be a spanning-tree designated port. If the bridge receives superior STP bridge protocol data units (BPDUs) on a root-protected interface, that interface transitions to a root-prevented STP state (inconsistency state) and the interface is blocked. This blocking prevents a bridge from being elected the root bridge. When the bridge stops receiving superior STP BPDUs on the root-protected interface, interface traffic is no longer blocked. |
CoS Settings (All except Fibre Channel Type) | Click Select Cos Profile to choose from existing CoS profiles. The CoS configuration contained in the CoS profile is applied to the interfaces that the Port profile is assigned to when you deploy the configuration. Select the type of port scheduling for the CoS profile. Port scheduling depends on the device model. When you select a port scheduling type, Network Director displays the devices that support the selected port scheduling type. Click OK. Some preconfigured Service Types have a default CoS profile—see Service Types for details. Or Click Configure CoS settings to configure CoS profile. Select the type of port scheduling for the CoS profile. Port scheduling depends on the device model. When you select a port scheduling type, Network Director displays the devices that support the selected port scheduling type. See Creating and Managing Wired CoS Profiles for steps to configure a CoS profile. |
Authentication Settings (Desktop Port, Desktop Phone Port, Custom Port) | Select the Authentication profile for the interface from a list of existing profiles by clicking Select, selecting one of the listed profiles, and then clicking OK. By assigning an Authentication profile to the Port profile, you can enable 802.1x and captive portal authentication on interfaces. If you do not specify an Authentication profile, the interface is an open port and no authentication is required to connect. Note: You cannot configure 802.1x authentication on aggregated Ethernet interfaces. If you attempt to deploy a Port profile that contains an Authentication profile on an aggregated Ethernet interface, the deployment fails. Or Click Configure Authentication Settings to configure 802.1x and captive portal authentications. See Creating and Managing Authentication Profiles for steps to configure the authentication profile. |
Filter Settings (available for all Service Types, including Custom for routing) |
|
VRRP Settings (available when Service Type is Custom and Family Type is Routing) | Select the VRRP profile for the interface from a list of existing profiles by clicking Select. Select one of the listed profiles, and then click OK. |
Clicking Done displays the dialog Do you want to assign Port Profile to Ports. click Yes to create a profile assignment else click No to navigate to the Manage Port Profile page and to create the Port assignment later.
What to Do Next
After you create a Port profile, you can assign it to interfaces or members of port groups. During this process, you can also configure interface-specific attributes, such as IP address, and certain device-specific attributes, such as which Access profile to use for all ports on the device. For more information, see Assigning and Unassigning Port Profiles from Interfaces.