====== Extreme Networks ======
{{:extreme.png|}}
===== Hardware =====
* BlackDiamond: Chassis-based high-port density switches for Carrier-Ethernet service providers and enterprise core
* Summit: Standalone switches from L2 100Mbps to L3 10Gig top-of-rack datacenter switches.
* ReachNXT: Port Extender - Manageable by an access switch via XOS
* SummitWM: Wireless controllers
* Altitude: Wireless Access Points
* Sentriant NG: Intrusion Protection System (IPS)
* Sentriant AG: Network Access Controller (NAC)
===== Software =====
* ExtremeWare is VxWorks based = first generation of Extreme networks operating system
* ExtremeXOS = 2nd Generation OS based on Linux kernel and BusyBox
* EPICenter = Network Management Tool
===== Configuration =====
Switch CLI prompt is driven from SNMP host name value \\
Space bar to go to BootROM: for return to factory default configuration: ''config none'' \\
**Extreme FDB** = Forwarding Database for MAC addresses - 300 Sec Aging timer per MAC \\
==== IP FDB (L3) for IP forwarding ====
show iparp
show fdb
create fdbentry
delete fdbentry
disable learning
enable learning
# configure ports 1 vlan accounting unlimited-learnings
# configure ports 1 vlan accounting learning-limit 3 (use aging timer also) (only for dynamic entries)
**Lock-learning (sticky mac)**
# configure ports 1 vlan VLAN1 lock-learning
# configure ports 1 vlan VLAN1 unlock-learning
show vlan default security
==== ELSM (Extreme Link Status monitoring) ====
gets link status from other-end
enable elsm ports
disable elsm ports
configure elsm ports
clear elsm ports
==== VLANs ====
1. Port-based
2. 802.1Q Tagged VLAN
3. Protocol-based VLAN
create vlan vlan_name
delete vlan vlan_name
configure vlan vlan_name add ports
configure vlan vlan_name delete ports
disable vlan vlan_name
enable vlan vlan_name
configure vlan vlan_name tag
configure vlan default delete port 7
configure vlan ENGINEERING add port 7 untagged
configure vlan ENGINEERING add ports 2,3 tagged
show vlan ENGINEERING
BPDU –> vlan0
==== Port Sharing (Aggregation) LAG ====
enable sharing 1 grouping 1-4 algorithm address-based lacp
show port sharing
==== Port Settings ====
enable lldp port all
show ports configuration no-refresh
enable jumbo-frame ports all
show vlan VLAN1 security
* spanning-tree is disabled by default
* EMI-STP Encapsulation - Extreme Multi Instance Spanning Tree - VST+ additional header
==== EAPS - Ethernet Automatic Protection Switching (Ring) ====
* Ring Topology
* L2 Protocol - Multicast MAC
* EAPS version 2 (advanced feature - EAPS shared port for preventing superloop)
* 50 ms failover
* Device Roles: Master node, Transit nodes
* Primary/secondary port on each switch
* Master blocks its secondary port
* Control VLAN and Protected VLAN (one Control VLAN per EAPS domain)
* EAPS flush FDB when there's a topology change
create vlan control_vlan_name
configure vlan control_vlan_name tag vlan_tag
configure vlan control_vlan_name add port tagged
create eaps
configure eaps mode master|transit
configure eaps primary port
configure eaps secondary port
configure eaps add control vlan control_vlan_name
configure eaps add protect vlan
enable eaps
enable eaps
configure eaps fast-convergence [off|on] -> additional 250ms
configure eaps name failtime expiry-action open secondary-port > by default sends alert!
==== EAPS with a Shared Port ====
* Configure partner
* Configure controller port
* link-id must be same on both switches
==== SummitStack ====
* Should have same image:
''download image slot ''
* 40Gbps full duplex capacity per switch
* MAX: 8 devices
enable stacking
show stacking
show stacking configuration
configure stacking easy-setup
==== IP Routing ====
* By default is disabled
enable ipforwarding
configure iproute add x.x.x.x/x y.y.y.y
show ipconfig
* In new vlan ip forwarding might be disabled make sure to check.
show iproute
show ipstats
* icmp is enabled by default
==== OSPF ====
enable ipforwarding
configure ospf routerid 1.1.1.1
enable loopback vlanname (if you want to have loopback)
configure ospf address VLAN1 area 0.0.0.0
configure ospf address VLAN2 area 0.0.0.0
enable ospf
show ospf
show ospf area 0.0.0.0
show ospf neighbors
show ospf lsdb
* Redistribution is disabled and is configurable by policy files.
* Core license required for OSPF DR/BDR function.
* on edge / advanced edge license: we can not have DRs so priority:0
==== ESRP ====
Extreme Standby Routing Protocol - ESRP is extreme protocol for redundancy something like VRRP
==== QOS ====
* No much QOS support
* Traffic shaping is called metering
* 8 queue per interface
* Queue 1 and 8 are used by default (2q)
==== Useful hints ====
=== Password Recovery procedure ===
{{extrememenu.gif|}}
- reboot & press spacebar
- The option you want to choose is to select the primary code image by hitting **1**
- After the primary image is selected select **k** to erase selected configuration
- Choose **d** to force default configuration and then **f** to boot on board flash.
- After your Extreme switch resets and you are prompted with a login enter in **''admin''**, hit enter twice entering a blank password at the password prompt.
=== Synchronizing (images, configurations) between MSM slots ===
BD6808:2 # synchronize
Synchronization will reset slave MSM.
Are you sure you want to synchronize MSM code images,
configurations, and bootrom [y/n]?y
Copying primary code image....................................................................
..............................
===== TODO=====
fixme
configure sys-health-check alarm-level Log
configure fdb-scan period 60
configure fdb-scan failure-action sys-health-check
enable fdb-scan slot 1
enable fdb-scan slot 2
enable fdb-scan slot 3
enable fdb-scan slot 4
enable fdb-scan slot 5
enable fdb-scan slot 6
enable fdb-scan slot 7
enable fdb-scan slot 8
enable fdb-scan slot MSM-A
enable fdb-scan slot MSM-B