Dell FCX624-S Laptop User Manual


  Open as PDF
of 1494
 
PowerConnect B-Series FCX Configuration Guide 165
53-1002266-01
PowerConnect B-Series FCX hitless stacking
5
Configuration notes and feature limitations
For hitless stacking on the PowerConnect B-Series FCX, Dell recommends that you configure
the IronStack MAC address using the stack mac command. Without this configuration, the
MAC address of the stack will change to the new base MAC address of the Active Controller.
This could cause a spanning tree root change. Even without a spanning tree change, a client
Security 802.1X, including use with dynamic ACLs
and VLANs
EAP with RADIUS
IPv4 ACLs
DHCP snooping
Dynamic ARP inspection
IP source guard
Multi-device port authentication (MDPA),
including use with dynamic ACLs and
VLANs
MAC port security
Supported security protocols and services are not
impacted during a switchover or failover, with the
following exceptions:
802.1X is impacted if re-authentication does not
occur in a specific time window.
MDPA is impacted if re-authentication does not
occur in a variable-length time window.
In some cases, a few IP source guard packets may
be permitted or dropped.
If 802.1X and MDPA are enabled together on the
same port, both will be impacted during a
switchover or failover. Hitless support for these
features applies to ports with 802.1X only or
multi-device port authentication only.
For MAC port security, secure MACs are
synchronized between the Active and Standby
Controllers, so they are hitless. However, denied
MACs are lost during a switchover or failover but
may be relearned if traffic is present.
Configured ACLs will operate in a hitless manner,
meaning the system will continue to permit and deny
traffic during the switchover or failover process.
After a switchover or failover, the new Active Controller
will re-authenticate 802.1X or MDPA sessions that
were being forwarded in hardware. The hardware
continues to forward them (even with dynamic ACL,
dynamic VLAN, or both) while re-authentication occurs.
After trying to re-authenticate for a certain amount of
time (depending on the number of sessions to
re-authorize), sessions that did not re-authenticate are
removed.
Other services to
Management
AAA
DHCP
sFlow
SNMP v1, v2, and v3
SNMP traps
SNTP
Traceroute
Supported protocols and services are not impacted
during a switchover or failover.
DNS lookups will continue after a switchover or failover.
This information is not synchronized.
Ping traffic will be minimally impacted.
NOTE: If the FCX stack is rebooted, sFlow is disabled
on standby and member units until the
configuration is synchronized between the
Active and Standby Controllers.
TABLE 37 Hitless-supported services and protocols – PowerConnect B-Series FCX
Traffic type Supported protocols and services Impact