I opened a ticket at Dell Support They understood the problem and they rose it to 2nd level (I don't know if it's the exact expression in english)
To sum up : - socket in general mode : - set --> "switchport general pvid /number/" - get --> number of vlan in "switchport general pvid /number/" - socket in access mode : - set --> "switchport general pvid /number2/" --> added to existing "switchport access vlan /number1/" - get --> number of vlan in "switchport access vlan /number/1"
special case : conf with existing "switchport general pvid /number2/" and "switchport access vlan /number1/" - socket in access mode : - set --> number1 is used --> nothing appens, both commands stay
I hope having an answer soon. The technician told me they can't test every MIB so they put the switch for sale and are waiting for informations from customers. After that, new firmware versions are available.
I don't know if Dell want to force customers using general mode instead of access/trunk mode, but it seems usefull when using 802.1X
Cordialement, IOGS Logo https://www.institutoptique.fr *Ludovic Vinsonnaud * - Ingénieur Réseau basé à Bordeaux, bureau F108 (IOA, Rue François Mitterrand, 33400 Talence)
*Institut Optique Graduate School* 2 Avenue Augustin Fresnel - 91127 PALAISEAU Cedex Tel. +33 5 57 01 71 52 - Mob. +33 6 08 08 41 05
Le 15/06/2017 à 09:11, John Magne Bredal a écrit :
Marcus Westin kindly offered to set up a test environment. I think we will accept that and try to find a solution for Dell devices.
The main theory is that setting the Pvid may trigger general mode - if we don't do that but set egress and untagged ports for the vlan, then we may have the desired result.
On 09. juni 2017 15:08, Vinsonnaud Ludovic wrote:
Hi,
I've got answers from the Dell networking sales engineer
Here's the translation : I did some tests. the SET and GET actions from this OID only take effect when the port is in General mode (switchport mode general). Once this is done, a SET action results with adding the command "switchport general pvid" followed by the value in the "show run", while a new GET action after that give the good value for that line.
I invite you to open a ticket by calling the technical support, using the service tag of your switch, to check with them if this MIB is supported on ports in access mode or not. In access mode, a SET action creates the command line "switchport general pvid" while a GET action returns the value corresponding to the "switchport access vlan" line. So there is a dysfunction at that level.
Do not hesitate to inform me of the follow-up that will be given.
Bonjour M. Vinsonnaud, J’ai procédé à quelques tests de mon côté. Il s’avère que les actions SET et GET sur cet OID ne prennent effet qu’à partir du moment où le port est en mode General (switchport mode general). Une fois ceci fait, une action SET se traduit, comme vous l’avez remarqué, par l’apparition de la commande « switchport general pvid » suivi de la valeur dans le show run, tandis qu’une nouvelle action GET derrière renvoie bien la bonne valeur correspondant à cette ligne. Je vous invite à ouvrir un ticket au support technique, à l’aide du service tag de votre switch, afin de vérifier avec eux si cette MIB est supporté sur les ports en mode access ou pas. En effet, en mode access, une action SET créé la ligne de commande « switchport general pvid » tandis qu’une action GET renvoie la valeur correspondant à la ligne « switchport access vlan ». Il y a donc un dysfonctionnement à ce niveau-là. N’hésitez pas à m’informer des suites qui y seront données. Pour contacter le support : 0825 004 686
and then after some questions : My suggestion to contact technical support is precisely related to the fact that the behavior does not seem normal to me. This is not related to your switch or your firmware version, I tested on a N3000, with two versions of different firmware including the latest. Since the firmware has the same base for the N-Series, the behavior is the same on all N models (N2000, N3000, N4000).
However, in General mode, the correct operation is observed, and therefore you can use the switches in this mode. General mode is required for some deployment contexts (especially for MAC address authentication). I add that the General mode allows you to more precisely control the VLANs assigned to a port, since in trunk mode, a port is automatically assigned to all existing VLANs on the switch as soon as you put it into this mode and is also automatically associated with any newly created VLANs. You can remove them later, but in General mode, you control explicitly the port / VLAN association.
Ma suggestion de contacter le support technique est justement liée au fait que le comportement ne me parait pas normal. Ce n’est pas lié à votre switch ni à votre version de firmware, j’ai testé sur un N3000 de mon côté, avec deux versions de firmware différente dont la dernière. Le firmware ayant la même base sur l’ensemble de la gamme N, le comportement est donc le même sur tous les modèles N (N2000, N3000, N4000). Pour autant, en mode General, le fonctionnement correct est observé, et donc vous pouvez utiliser les switchs dans ce mode-là. Le mode General est obligatoire pour un certain nombre de contextes de déploiement (en particulier pour l’authentification par adresse MAC). J’ajoute que le mode General vous permet de contrôler plus finement les VLAN affectés à un port, puisqu’en mode trunk, un port est automatiquement affecté à l’ensemble des VLAN existants sur le switch dès que vous le basculez dans ce mode, et est également automatiquement associé à tout nouveau VLAN créé par la suite. On peut certes les en retirer par la suite, mais en mode General, c’est vous qui contrôlez explicitement l’association port/VLAN.
So I will try calling the support to have more answers but the best solution seems to switch to general mode
Cordialement, IOGS Logo https://www.institutoptique.fr *Ludovic Vinsonnaud * - Ingénieur Réseau basé à Bordeaux, bureau F108 (IOA, Rue François Mitterrand, 33400 Talence)
*Institut Optique Graduate School* 2 Avenue Augustin Fresnel - 91127 PALAISEAU Cedex Tel. +33 5 57 01 71 52 - Mob. +33 6 08 08 41 05
Le 09/06/2017 à 12:43, John Magne Bredal a écrit :
Thank you all for the information.
I found an interesting post regarding Dell and setting vlan, and there is a solution in there. However it is not clear enough that I can write code without something to test on. The problem is the "general" mode that seem to exist on Dell and how to avoid using that.
http://en.community.dell.com/support-forums/network-switches/f/866/t/1925701...
Also the linked manual below has detailed instructions for setting vlan. Those instructions does not work however on HP which is the equipment we have available at the moment. More technically it also tells us that there are quite some differences in the MIBs based on which series the switch is - I quote:
"On the E-Series and C-Series each position in the 8-character string is for one port, starting with Port 0at the left end of the string, and ending with Port 7 at the right end. A 0 indicates that the port is not amember of the VLAN; a 1 indicates VLAN membership.•On the S-Series, each position in the 8-character string is for one port, starting with Port 1 at the leftend of the string, and ending with Port 8 at the right end. A 0 indicates that the port is not a member ofthe VLAN; a 1 indicates VLAN membership."
https://www.manualslib.com/manual/546511/Dell-Force10-S4810p.html?page=964#m...
What is boils down to is equipment to test implementations on. I will make a separate post about this.
On 08. juni 2017 10:28, Vinsonnaud Ludovic wrote:
Hi,
Here's the answer from Dell about N2000 Series (mail below and here's the translation)
"I confirm that our switches are compatible with this MIB. It is part of the available MIBs within the switch firmware (http://www.dell.com/support/home/us/en/19/product-support/product/networking...)
This MIB is contained in the vlan.my file
I ask in internal to try to get details about its implementation."
-------- Message transféré -------- Sujet : RE: MIB N2048 Date : Thu, 8 Jun 2017 07:44:30 +0000 De : Nicolas.Roughol@dell.com Pour : Thierry.Favereaux@dell.com, ludovic.vinsonnaud@institutoptique.fr Copie à : gilbert.lucas@institutoptique.fr, Franck.Dufas@dell.com *Dell - Internal Use - Confidential * ** Bonjour M. Vinsonnaud, Je vous confirme que nos switches sont bien compatibles avec la MIB en question. Elle fait partie des MIBs disponibles au téléchargement avec le firmware des switchs (http://www.dell.com/support/home/us/en/19/product-support/product/networking-n2000-series/drivers) La MIB en question étant contenu dans le fichier vlan.my Je me renseigne en interne pour tenter d’obtenir des détails d’implémentation de celle-ci. Cordialement, *Nicolas ROUGHOL*** Networking Sales Engineer *Dell **EMC* | Enterprise Solutions, Networking *mobile:* +33 6 79 34 90 28 <tel:+33679349028> email: nicolas.roughol@dell.com <mailto:nicolas.roughol@dell.com> Learn about Dell Networking at: www.dell.com/networking <http://www.dell.com/networking> /Etes vous satisfait de notre collaboration?/ Pour tout commentaire n'hésitez pas à contacter mon manager, Gilles_Petit@DELL.com <mailto:Gilles_Petit@DELL.com> cid:image001.jpg@01D214EB.EA5CB520
Cordialement, IOGS Logo https://www.institutoptique.fr *Ludovic Vinsonnaud * - Ingénieur Réseau basé à Bordeaux, bureau F108 (IOA, Rue François Mitterrand, 33400 Talence)
*Institut Optique Graduate School* 2 Avenue Augustin Fresnel - 91127 PALAISEAU Cedex Tel. +33 5 57 01 71 52 - Mob. +33 6 08 08 41 05
Le 07/06/2017 à 15:48, Vinsonnaud Ludovic a écrit :
Hi,
I've sent an email to my Dell Networking Sales Specialist and he transferred my questions to his Networking Sales Engineer I think I will have an answer today or tomorrow.
Cordialement, IOGS Logo https://www.institutoptique.fr *Ludovic Vinsonnaud * - Ingénieur Réseau basé à Bordeaux, bureau F108 (IOA, Rue François Mitterrand, 33400 Talence)
*Institut Optique Graduate School* 2 Avenue Augustin Fresnel - 91127 PALAISEAU Cedex Tel. +33 5 57 01 71 52 - Mob. +33 6 08 08 41 05
Le 07/06/2017 à 10:19, Marcus Westin a écrit :
We also use Dell N2000-series switches to some extent, and cannot configure them through NAV at the time either (we’re primarily using Cisco, so it’s not been a huge issue so far). A configuration done manually (pretty much identical to Cisco):
description "M-CB0271A12" spanning-tree portfast switchport access vlan 30 green-mode energy-detect green-mode eee
and after changing the vlan from 30 to 206 through NAV:
description "M-CB0271A12" spanning-tree portfast switchport general pvid 206 switchport access vlan 30 green-mode energy-detect green-mode eee
Reverting to vlan 30 again does not remove the added configuration for 206.
I’ve included mibs for the latest release for the N2000-series. Hope that there’s an easy solution (
Regards, Marcus W. Linnaeus University
On 06/06/17 11:03, "John Magne Bredal" <nav-users-request@uninett.no on behalf of john.m.bredal@uninett.no> wrote:
On 02. juni 2017 17:58, Vinsonnaud Ludovic wrote: > Hello, Hi! > > Sorry about my english, I'm french so everything may not be understood :-) > > I'm new to NAV and this software seems very interesting for my needs. Thats good to hear =) > > For Dell N2048, I'm a bit confused because if I have this command > "switchport access vlan 524" already set in the switch and I ask to > change the vlan from 524 to 525 with NAV, it adds this command > "switchport general pvid 525" but doesn't delete the old one. > So why change a "switchport access" by a "switchport general" ? Is it > better to have a "switchport mode general" in default config ? > Switchport mode access is the default mode, the 2 combined commands will > not work as intended I think ? We are unfamiliar with Dell switches - PortAdmin has been used extensively with Cisco and HP but I don't know about Dell. However, we use standard MIBs for all equipment except Cisco. So, what PortAdmin does when changing vlan is to alter the dot1qPvid-value which is located in the Q-BRIDGE-MIB. http://www.mibdepot.com/cgi-bin/getmib3.cgi?win=mib_a&r=alcatel&f=IETF_Q_BRIDGE.mib&v=v2&t=tree It seems Dell has another way of doing it that does not conform exactly to the Q-BRIDGE-MIB. If you have the MIB for the switch, then we could take a look at it and see if there is anything we can do. > I've not yet tested S4048 and N4064. > > -- > > Regards, > IOGS Logo <https://www.institutoptique.fr> > *Ludovic Vinsonnaud * - Ingénieur Réseau > basé à Bordeaux, bureau F108 (IOA, Rue François Mitterrand, 33400 Talence) > > *Institut Optique Graduate School* > 2 Avenue Augustin Fresnel - 91127 PALAISEAU Cedex > Tel. +33 5 57 01 71 52 - Mob. +33 6 08 08 41 05 > -- John Magne Bredal john.m.bredal@uninett.no +4791897366 Abels gt. 5- Teknobyen NO-7465 Trondheim