Difference between revisions of "Force10 S50"

From FnordWiki
Jump to navigation Jump to search
 
(15 intermediate revisions by the same user not shown)
Line 1: Line 1:
 
FnordNet has a pair of Force10 S50 48 port Gbit Ethernet switches. Thanks, Bryan!
  
FnordNet has a pair of Force10 S50 48 port Gbit Ethernet switches. Thanks, Bryan!
   
= console cable =
 +
== console cable ==
 
While there are a bunch of Cisco console cables on hand, Force10 uses a different connector pinout. The console port on the S50 is a female 8P8C modular connector (a normal twisted pair Ethernet connector, often called an RJ45).
  
While there are a bunch of Cisco console cables on hand, Force10 uses a different connector pinout. The console port on the S50 is a female 8P8C modular connector (a normal twisted pair Ethernet connector, often called an RJ45).
   
Line 43: Line 43:
 
|}
  
|}
   
The other end of the console cable is a DB-9 (or more correctly DE-9) female connector as commonly found on PC serial ports. There are two rows of pins on this connector, the "top" row having 5 connections, the "bottom" row having 4. Facing the connector pins are numbered 5 through 1, left to right, on the top row. Pins 9 through 6 are on the bottom row, from left to right. Here's the connection from the other end of the cable:
 +
The other end of the console cable is a DB-9 (or, more correctly, a DE-9 <ref name="Wikipedia page on D-subminitature connectors">[http://en.wikipedia.org/wiki/D-subminiature Wikipedia page on D-subminitature connectors]</ref>) female connector as commonly found on PC serial ports. There are two rows of pins on this connector, the "top" row having 5 connections, the "bottom" row having 4. Facing the connector pins are numbered 5 through 1, left to right, on the top row. Pins 9 through 6 are on the bottom row, from left to right. Here's the connection from the other end of the cable:
 
{|
  
{|
 
!pin
  
!pin
Line 96: Line 96:
 
|}
  
|}
   
= Clearing configuration =
 +
== Clearing configuration ==
 
These switches arrived used, with unknown configuration applied and with unknown usernames and passwords required to manage them. [SFTOS] is the operating system these switches run, and clearing the switch configuration is accomplished fairly easily:
  
These switches arrived used, with unknown configuration applied and with unknown usernames and passwords required to manage them. [SFTOS] is the operating system these switches run, and clearing the switch configuration is accomplished fairly easily:
 
* Attach the console cable
  
* Attach the console cable
Line 116: Line 116:
 
* Select the '''<code>Reset the system</code>''' option from the menu.
  
* Select the '''<code>Reset the system</code>''' option from the menu.
   
= Give the switch an IP address =
 +
== Give the switch an IP address ==
 
Log in to the switch. Elevate privileges using the '''<code>enable</code>''' command. Run the following to tell the switch use DHCP to get an IP address for management:
  
Log in to the switch. Elevate privileges using the '''<code>enable</code>''' command. Run the following to tell the switch use DHCP to get an IP address for management:
 
configure
  
configure
Line 123: Line 123:
 
^Z
  
^Z
   
= Enable SSH logins =
 +
== Enable SSH logins ==
 
ip ssh server enable
  
ip ssh server enable
 
ip ssh protocol 2
 
ip ssh protocol 2
Line 129: Line 129:
 
ip ssh timeout 30
  
ip ssh timeout 30
   
= Enable web based configuration =
 +
== Enable web based configuration ==
 
ip http secure-server enable
  
ip http secure-server enable
 
ip http secure-protocol TLS1
 
ip http secure-protocol TLS1
 
ip http server enable
  
ip http server enable
  +
  +
== Showing MACs attached to the switch ==
  +
Force10-S50#show mac-addr-table
  +
  +
Mac Address Interface IfIndex Status
  +
----------------------- --------- ------- ------------
  +
00:01:00:01:E8:D5:C1:AE 0/3/1 401 Management
  +
00:01:00:06:25:FE:9F:1F 1/0/2 2 Learned
  +
00:01:00:0C:CE:91:C7:97 1/0/25 25 Learned
  +
00:01:00:10:75:1A:0E:A6 1/0/14 14 Learned
  +
00:01:00:10:75:1A:0E:A9 1/0/27 27 Learned
  +
00:01:00:10:75:1A:1B:80 1/0/39 39 Learned
  +
00:01:00:1A:A0:25:FC:F3 1/0/3 3 Learned
  +
00:01:00:1D:09:69:88:20 1/0/28 28 Learned
  +
00:01:00:1D:09:69:88:53 1/0/1 1 Learned
  +
00:01:00:25:84:6E:2B:02 1/0/16 16 Learned
  +
00:01:00:30:6E:39:5E:5D 1/0/13 13 Learned
  +
00:01:78:E7:D1:ED:CD:64 1/0/37 37 Learned
  +
  +
Force10-S50#
  +
  +
== NTP client setup ==
  +
It might be nice for the switch to know what time it is.
  +
Force10-S50#configure
  +
Force10-S50(Config)#sntp client mode unicast
  +
Force10-S50(Config)#sntp unicast client poll-timeout 8
  +
Force10-S50(Config)#sntp server 172.16.0.1
  +
Force10-S50(Config)#^Z
  +
  +
== Enable aggregated links ==
  +
Because 1Gbit/second just isn't enough!
  +
  +
Pretty simple, really:
  +
interface port-channel 1
  +
no shutdown
  +
channel-member 1/0/45
  +
channel-member 1/0/46
  +
channel-member 1/0/47
  +
channel-member 1/0/48
  +
description "Aggregated connection to other switch"
  +
mtu 9216
  +
exit
  +
  +
LACP is enabled by default on port channels on SFTOS switches. (At least with the version I'm running.)
  +
  +
== create some VLANs ==
  +
Force10-S50#configure
  +
Force10-S50(Config)#interface vlan 200
  +
Force10-S50(Conf-if-vl-200)#description "VLAN 200 -- just playing around here, tagged VLAN interface on a couple of the Dockstars. Tagged on all interfaces."
  +
Force10-S50(Conf-if-vl-200)#ip address 172.31.255.193 255.255.255.192
  +
Force10-S50(Conf-if-vl-200)#tagged 1/0/1-1/0/48
  +
Force10-S50(Conf-if-vl-200)#name "FnordVLAN200"
  +
Force10-S50(Conf-if-vl-200)#exit
  +
Force10-S50(Config)#
  +
Force10-S50(Config)#interface vlan 300
  +
Force10-S50(Conf-if-vl-300)#ip address 172.31.254.193 255.255.255.192
  +
Force10-S50(Conf-if-vl-300)#description "VLAN 300 -- just playing around here. Tagged VLAN interface on the Dockstars. Tagged output on all interfaces. Tagged input only. No interfaces with this as a native VLAN."
  +
Force10-S50(Conf-if-vl-300)#tagged 1/0/1-1/0/48
  +
Force10-S50(Conf-if-vl-300)#name "FnordVLAN300"
  +
Force10-S50(Conf-if-vl-300)#exit
  +
Force10-S50(Config)#exit
  +
Force10-S50#
  +
  +
It's aggravating that the VLAN interfaces seem to require IP addresses. Presumably the switch is willing to route IP across them as if it were an IPv4 router. But I don't really need that. It turns out that, after creating the VLAN interfaces, the IP addresses can be removed with '''<code>no ip address ...</code>'''.
  +
  +
== Getting new firmware ==
  +
Good luck with that. Sign up for a support contract. Force10 doesn't distribute firmware unless you pay them money. (Go Procurve!)
  +
  +
Maybe Dell will decide that Force10 firmware should be free (as in beer) in the future. I'm not counting on it.
  +
  +
FWIW, after finding the name of the firmware image files for these switches, a google search for "SFTOS-SA-2.5.3.7.bin" (or something similar) did turn up someone's archive of firmware images. Which have turned out to work pretty well. AFAICT, 2.5.3.7 is the last version of SFTOS released.
  +
  +
== References ==
  +
{{reflist}}
  +
<references/>

Latest revision as of 23:38, 12 June 2015

FnordNet has a pair of Force10 S50 48 port Gbit Ethernet switches. Thanks, Bryan!

console cable

While there are a bunch of Cisco console cables on hand, Force10 uses a different connector pinout. The console port on the S50 is a female 8P8C modular connector (a normal twisted pair Ethernet connector, often called an RJ45).

The connections on the the console port are as follows. Numbering goes from left to right, looking into the console port connector.

Pin number connection Wire color
1 no connection white/orange
2 no connection orange
3 RXD - received data white/green
4 no connection blue
5 no connection white/blue
6 TXD - transmitted data green
7 no connection white/brown
8 no connection brown

The other end of the console cable is a DB-9 (or, more correctly, a DE-9 <ref name="Wikipedia page on D-subminitature connectors">Wikipedia page on D-subminitature connectors</ref>) female connector as commonly found on PC serial ports. There are two rows of pins on this connector, the "top" row having 5 connections, the "bottom" row having 4. Facing the connector pins are numbered 5 through 1, left to right, on the top row. Pins 9 through 6 are on the bottom row, from left to right. Here's the connection from the other end of the cable:

pin signal wire color connected to
1 DCD - data carrier detect any color jumper pins 6 and 4 on the same connector
2 RXD - received data green pin 6 of opposite end of cable
3 TXD - transmitted data white green pin 3 of opposite end of cable
4 DTR - data terminal ready any color jumper pins 1 and 6 on the same connector
5 SGD - signal ground no connect no connect
6 DSR - data set ready any color jumper pins 1 and 4 on the same connector
7 RTS - ready to send any color jumper pins 8 on the same connector
8 CTS - clear to send any color jumper pin 7 on the same connector
9 RI - ring indicator no connect no connect

Clearing configuration

These switches arrived used, with unknown configuration applied and with unknown usernames and passwords required to manage them. [SFTOS] is the operating system these switches run, and clearing the switch configuration is accomplished fairly easily:

  • Attach the console cable
  • Configure terminal program to communicate at 9600bps, 8 data bits, no parity bits, and 1 stop bit.
  • Power on switch
  • At the prompt
CPU Card ID:   0x508245
Boot Menu Version: 01 Jan 2007
Version 02.01.45 02/07/2007

Select an option. If no selection in 2 seconds then
operational code will start.

1 - Start operational code.
2 - Start Boot Menu.
Select (1, 2):
quickly press 2 then Enter.
  • At the next menu, select the Restore configuration to factory defaults (delete config files) option.
  • Select the Reset the system option from the menu.

Give the switch an IP address

Log in to the switch. Elevate privileges using the enable command. Run the following to tell the switch use DHCP to get an IP address for management: 

configure
interface managementethernet 
protocol dhcp 
^Z

Enable SSH logins

ip ssh server enable
ip ssh protocol 2  
ip ssh maxsessions 2
ip ssh timeout 30

Enable web based configuration

ip http secure-server enable
ip http secure-protocol TLS1 
ip http server enable

Showing MACs attached to the switch

Force10-S50#show mac-addr-table

      Mac Address        Interface  IfIndex     Status   
-----------------------  ---------  -------  ------------
00:01:00:01:E8:D5:C1:AE   0/3/1     401      Management   
00:01:00:06:25:FE:9F:1F   1/0/2     2        Learned      
00:01:00:0C:CE:91:C7:97   1/0/25    25       Learned      
00:01:00:10:75:1A:0E:A6   1/0/14    14       Learned      
00:01:00:10:75:1A:0E:A9   1/0/27    27       Learned      
00:01:00:10:75:1A:1B:80   1/0/39    39       Learned      
00:01:00:1A:A0:25:FC:F3   1/0/3     3        Learned      
00:01:00:1D:09:69:88:20   1/0/28    28       Learned      
00:01:00:1D:09:69:88:53   1/0/1     1        Learned      
00:01:00:25:84:6E:2B:02   1/0/16    16       Learned      
00:01:00:30:6E:39:5E:5D   1/0/13    13       Learned      
00:01:78:E7:D1:ED:CD:64   1/0/37    37       Learned      

Force10-S50#

NTP client setup

It might be nice for the switch to know what time it is. 

Force10-S50#configure 
Force10-S50(Config)#sntp client mode unicast
Force10-S50(Config)#sntp unicast client poll-timeout 8
Force10-S50(Config)#sntp server 172.16.0.1 
Force10-S50(Config)#^Z

Enable aggregated links

Because 1Gbit/second just isn't enough!

Pretty simple, really: 

interface port-channel 1
 no shutdown
 channel-member  1/0/45
 channel-member  1/0/46
 channel-member  1/0/47
 channel-member  1/0/48
 description "Aggregated connection to other switch"
 mtu 9216
exit

LACP is enabled by default on port channels on SFTOS switches. (At least with the version I'm running.)

create some VLANs

Force10-S50#configure 
Force10-S50(Config)#interface vlan 200
Force10-S50(Conf-if-vl-200)#description "VLAN 200 -- just playing around here, tagged VLAN interface on a couple of the Dockstars.  Tagged on all interfaces."
Force10-S50(Conf-if-vl-200)#ip address 172.31.255.193 255.255.255.192                                                             
Force10-S50(Conf-if-vl-200)#tagged 1/0/1-1/0/48     
Force10-S50(Conf-if-vl-200)#name "FnordVLAN200"                          
Force10-S50(Conf-if-vl-200)#exit
Force10-S50(Config)#
Force10-S50(Config)#interface vlan 300
Force10-S50(Conf-if-vl-300)#ip address 172.31.254.193 255.255.255.192           
Force10-S50(Conf-if-vl-300)#description "VLAN 300 -- just playing around here.  Tagged VLAN interface on the Dockstars.  Tagged output on all interfaces.  Tagged input only.  No interfaces with this as a native VLAN."
Force10-S50(Conf-if-vl-300)#tagged 1/0/1-1/0/48
Force10-S50(Conf-if-vl-300)#name "FnordVLAN300"
Force10-S50(Conf-if-vl-300)#exit
Force10-S50(Config)#exit
Force10-S50#

It's aggravating that the VLAN interfaces seem to require IP addresses. Presumably the switch is willing to route IP across them as if it were an IPv4 router. But I don't really need that. It turns out that, after creating the VLAN interfaces, the IP addresses can be removed with no ip address ....

Getting new firmware

Good luck with that. Sign up for a support contract. Force10 doesn't distribute firmware unless you pay them money. (Go Procurve!)

Maybe Dell will decide that Force10 firmware should be free (as in beer) in the future. I'm not counting on it.

FWIW, after finding the name of the firmware image files for these switches, a google search for "SFTOS-SA-2.5.3.7.bin" (or something similar) did turn up someone's archive of firmware images. Which have turned out to work pretty well. AFAICT, 2.5.3.7 is the last version of SFTOS released.

References

Template:Reflist <references/>

Retrieved from "https://wiki.fnord.greeley.co.us/mediawiki/index.php?title=Force10_S50&oldid=763"