After the purchase of another EqualLogic PS6000 Series Array and 4 Dell PowerConnect 5524 switches to facilite onsite replicaiton, we decided we needed to look at the iSCSI backend network and how we where going to transport the replication data across site.
The PowerConnect 5000 switch's come with some new features, such as stacking with the use of HDMI ports located on the front of the switch, and Auto detection of EqualLogic Arrays with automatic configuration of ports attached to the Array. Enabling iSCSI mode will switch on jumbo frames, flow control, spanning-tree port fast, unicast storm control and enable the switch to automatically detect an Equallogic Array connected to any of its switch ports. - NOTE there is an issue with the implementation of flow-control prior to Firmware version 4.0.1.11 A02, Released on 10/25/2011 the issue as per the Firmware release notes are;
'The following flow control behavior change is made in this maintenance release of the PowerConnect 5500 Series: Receive-only Flow Control - The 802.3X Flow control is working only in receive side (and not in both transmit and receive as in releases prior to 4.0.1.11). The switch will respond to pause frames it receives from a link partner, and will pause the traffic to this link partner, but in case of congestion in the switch, no pause frames will be generated to the sender.
The recommendation from Dell prior to the release of Firmware 4.0.1.11 was to disable iSCSI mode and not to enable flow-control on any switch ports connected to an EqualLogic Array.
With this in mind we purchased 4 PowerConnect 5424 switches, didn't enable flow-Control, untill the release of FW 4.0.1.11 and planned our depoyment.
just for info some specs;
Performance.
switch Fabric Capacity 128.0 Gbps
Forwarding Rate 65.47 Mbps
Hardware.
1GB CPU SDRAM
16MB Flash Memory
12Mb Packet Buffer Memory
Features.
24 10/100/1000BASE-T auto-sensing Gigabit Ethernet switching ports
2 SFP+ (10Gb/1Gb) ports
2 Stacking Ports (HDMI) – 10Gb per port, full duplex, 40Gb total per switch
USB Port – Allows for file import/export locally
Auto-negotiation for speed, duplex mode and flow control
Auto MDI/MDIX
Port mirroring
Broadcast storm control
Port Profile support
Availability.
Spanning Tree (IEEE 802.1D) Multiple Spanning Tree (MSTP) and Rapid Spanning Tree (IEEE 802.1w) with Fast Link Support
Dual Image Support
External redundant power support with PowerConnect RPS-720
Cable diagnostics via Virtual Cable Tester
Security.
Up to 3,000 ACLs and up to 3,000 ACEs
Time Controlled ACLs
Switch access password protection
Optional strong password enforcement
User-definable settings for enabling or disabling Web, SSH, Telnet, SSL management access
Port-based MAC Address alert and lock-down
IP Address filtering for management access via Telnet, HTTP, HTTPS/SSL, SSH and SNMP
RADIUS and TACACS+ remote authentication for switch management access
SSLv3 and SSHv2 encryption for switch management traffic
DHCP Snooping
Management.
CLI
SSH
Console
HTTP GUI
SNMP V1, V2c
RMON
TFTP
SNTP
Telnet Client
Configuration.
Below is a diagram of what I was wanting to achieve;
SAN Network
This setup gives us High Availability at both ends and between both sets of switches with the use of 4 fibre ports in a LAG on each switch utilising 2 seperate fibre runs around the site, connecting both buildings. I also created a 6 port ISL or Inter Switch Link using LAG between the sets of switches at either building. The Fibre ports and the HDMI ports are Dual Personality so its one or the other scenario, I needed to use the fibre ports for distance so could not stack the switches and therefore stuck with an ISL. In my initial testing of the HDMI stacking, I simulated the failure of a stack member and the remaining switches in the stack restarted and re-negotiated the base switch in the stack, not very good for a Hyper-V HA environment, so I stuck with an ISL, I didn't persue this as I wasn't going to stack the switches anyway so if someone has any info on this that would be great.
With your switch running on Firmware 4.0.1.11 you can now use the iSCSI enable feature. The switch will automatically detect a directly connected EqualLogic array to any connected switch port and then configure the switch for use in an iSCSI environment both at port level and global.
The iSCSI auto-detect feature can be enabled with the command 'iscsi enable'
en
config
iscsi enable
exit
copy running-config startup-config
exit
LLDP or Link Layer Discovery Protocol is enabled globally by default on the switch, when an EqualLogic Array is connected to the switch LLDP notifications are recieved and the chasis ID attribute is compared with the EqualLogic OUI of (00:09:8a) if the LLDP packet matches this then the presence of an EqualLogic Array on the port is confimed and the port configured appropriately. VLAN's are not configured by this command and need to be done seperately. Best practice is not to use the defualt VLAN so configure another VLAN for iSCSI traffic.
en
config
vlan database
vlan 2
exit
int vlan 2
ip address 192.168.x.x 255.255.255.0
name iSCSI
exit
interface range gigabitethernet 1/0/1-24
switchport access vlan 2
exit
interface range tengigabitethernet 1/0/1-2
switchport access vlan 2
exit
so now we have configured the PowerConnect to automatically detect a EqualLogic Array and we have created a VLAN for iSCSI Traffic, lets take a look at what iSCSI enable actually does.
Jumbo Frames - Jumbo Frames enabled on all switch ports by default this is disabled.
Spanning-Tree Port Fast - STPF is enabled automatically on all ports only when connected to an EqualLogic Array. This only happens when the LLDP recieves an valid and active EQL LLDP packet. one ting to remember is that once enabled on the port spanning-Tree Port Fast remains enabled and needs to be disabled manually.
Unicast Storm Control - USC is automatically disbaled on all ports connected to an EqualLogic Array, this is because iSCSI traffic is Unicast. Once an an EqualLogic Array is removed from the port then USC remains disabled and needs to be enabled manually if you require it on a non EqualLogic attached port.
Flow-Control - Flow Control is enabled to allow switch speed interoperability preventing buffer overflows from switches with higher speeds.
some other commands you may want to run to further configure your switch;
Set switch hostname -
hostname EQLSWITCH
Remove VOIP specific info -
voice vlan oui-table remove 000181
voice vlan oui-table remove 0001e3
voice vlan oui-table remove 00036b
voice vlan oui-table remove 00096e
voice vlan oui-table remove 000fe2
voice vlan oui-table remove 001049
voice vlan oui-table remove 0060b9
voice vlan oui-table remove 00907a
voice vlan oui-table remove 00e0bb
Setup Passwords -
username admin password xxxxxxxx level 15
enable password xxxxxxx
This is a good starting point for configuring a PowerConnect 5500 Series switch and explains the feature of iSCSI auto-configuration, in a multiple switch setup I would recommend creating a LAG (Link Aggregation Group) between the switches using at least 6 ports (The More The Merrier), this is quite easy using the Dell OpenManage Switch Administrator on the http/s interface. There are also some good Management views in the 'System-iSCSI' menu, here you can see active iSCSI sessions in a table and also these session details, handy for troubleshooting any EqualLogic iSCSI related issues.
