How it Works
Brocade
Loading...
MLX and NetIron Family
User Manual
62 pgs642.6 Kb1
Table of contents
Loading...

Brocade MLX and NetIron Family User Manual

53-1003301-07
®
8 August 2014
Brocade MLX Series and NetIron Family
Documentation Updates
Supporting Multi-Service IronWare R05.6.xx
Brocade, Brocade Assurance, the B-wing symbol, BigIron, DCX, Fabric OS, FastIron, MLX, NetIron, SAN Health, ServerIron, TurboIron, VCS, and VDX are registered trademarks, and AnyIO, Brocade One, CloudPlex, Effortless Networking, ICX, NET Health, OpenScript, and The Effortless Network are trademarks of Brocade Communications Systems, Inc., in the United States and/or in other countries. Other brands, products, or service names mentioned may be trademarks of their respective owners.
Notice: This document is for informational purposes only and does not set forth any warranty, expressed or implied, concerning any equipment, equipment feature, or service offered or to be offered by Brocade. Brocade reserves the right to make changes to this document at any time, without notice, and assumes no responsibility for its use. This informational document describes features that may not be currently available. Contact a Brocade sales office for information on feature and product availability. Export of technical data contained in this document may require an export license from the United States government.
The authors and Brocade Communications Systems, Inc. shall have no liability or responsibility to any person or entity with respect to any loss, cost, liability, or damages arising from the information contained in this book or the computer programs that accompany it.
The product described by this document may contain “open source” software covered by the GNU General Public License or other open source license agreements. To find out which open source software is included in Brocade products, view the licensing terms applicable to the open source software, and obtain a copy of the programming source code, please visit http://www.brocade.com/support/oscd.
Brocade Communications Systems, Incorporated
Corporate and Latin American Headquarters Brocade Communications Systems, Inc. 130 Holger Way San Jose, CA 95134 Tel: 1-408-333-8000 Fax: 1-408-333-8101 E-mail: info@brocade.com
European Headquarters Brocade Communications Switzerland Sàrl Centre Swissair Tour B - 4ème étage 29, Route de l'Aéroport Case Postale 105 CH-1215 Genève 15 Switzerland Tel: +41 22 799 5640 Fax: +41 22 799 5641 E-mail: emea-info@brocade.com
Asia-Pacific Headquarters Brocade Communications Systems China HK, Ltd. No. 1 Guanghua Road Chao Yang District Units 2718 and 2818 Beijing 100020, China Tel: +8610 6588 8888 Fax: +8610 6588 9999 E-mail: china-info@brocade.com
Asia-Pacific Headquarters Brocade Communications Systems Co., Ltd. (Shenzhen WFOE) Citic Plaza No. 233 Tian He Road North Unit 1308 – 13th Floor Guangzhou, China Tel: +8620 3891 2000 Fax: +8620 3891 2111 E-mail: china-info@brocade.com
Document History
Title Publication number Summary of changes Date
Brocade MLX Series and NetIron Family Documentation Updates
Brocade MLX Series and NetIron Family Documentation Updates
53-1003301-03 NetIron 05.6.00b Release updates. 24 January, 2014
53-1003301-04 NetIron 05.6.00c Release updates. 22 April, 2014
Brocade MLX Series and NetIron Family Documentation Updates
Brocade MLX Series and NetIron Family Documentation Updates
Brocade MLX Series and NetIron Family Documentation Updates
53-1003301-05 Updated Openflow configuration
25 April, 2014
considerations.
53-1003301-06 NetIron 05.6.00d Release updates. 31 July, 2014
53-1003301-07 NetIron 05.6.00d Release updates
8 August, 2014
version 2.

Contents

About This Document
In this chapter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . vii
How this document is organized . . . . . . . . . . . . . . . . . . . . . . . . . . . . vii
Brocade resources . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . viii
Getting technical help. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . viii
Document feedback . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . viii
Chapter 1 Documentation Updates for the Multi-Service IronWare
Configuration Guides
In this chapter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1
Configuring a “null” route . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
ACL deny logging . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
Unsupported features for Brocade NetIron CES and Brocade NetIron
CER devices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
Deployment Scenarios and CLI Configuration . . . . . . . . . . . . . . . . . . 4
Telemetry Solutions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
Scaling limitations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
Base-line configuration of telemetry solutions . . . . . . . . . . . . . . 6
Global level configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
PIM over MCT. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
MCT feature interaction. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
Multicast snooping over MCT. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
Running configuration sequence number display . . . . . . . . . . . . . . 10
Example of show run . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
Example of show access-list l2 command . . . . . . . . . . . . . . . . . 10
DVMRP legacy protocol support . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10
LAG formation rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10
IPTV support on Brocade NetIron CES and Brocade CER devices. .12
Configuring a PBR policy. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .12
HQoS Feature support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .13
HQoS for VPLS traffic overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . .13
Feature highlights . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .13
Configuring HQoS for VPLS traffic. . . . . . . . . . . . . . . . . . . . . . . .13
Limitations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .14
Checking for HQoS for VPLS configurations on ports . . . . . . . .15
Brocade MLX Series and NetIron Family Documentation Updates iii 53-1003301-07
HQoS for LAG traffic overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
Feature highlights . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .15
Configuring steps . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16
Limitations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .16
WRED support for HQoS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .16
Feature highlights . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .16
Configuring steps . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16
Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17
Configuring VPLS endpoint over FDP/CDP interface . . . . . . . . . . . .18
Configuring VLL endpoint over FDP/CDP enabled interface . . . . . . 19
Transparent forwarding of L2 and L3 protocols on a VLL for CES and CER 20
Modify OSPF standard compliance setting . . . . . . . . . . . . . . . . . . . .21
VRRP and VRRP-E . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21
Configuring an IPv6 Access Control List . . . . . . . . . . . . . . . . . . . . . .22
Start a log file before an upgrade . . . . . . . . . . . . . . . . . . . . . . . . . . .23
IPv6 packets on Openflow L23 port. . . . . . . . . . . . . . . . . . . . . . . . . . 24
Before 5.6.00c. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24
From 5.6.00c . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .24
TM RAS Enhancements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .25
TM DRAM CRC error interrupt . . . . . . . . . . . . . . . . . . . . . . . . . . .25
Descriptive TM error interrupt logging . . . . . . . . . . . . . . . . . . . .26
Separate Threshold for CRC logging . . . . . . . . . . . . . . . . . . . . . .28
Simplified Package Upgrade . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .29
Brocade NetIron XMR and Brocade MLX Series single-command (full-
system) upgrade . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29
Brocade NetIron CER and Brocade NetIron CES single-command
(full-system) upgrade. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .30
LP auto-upgrade . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .30
SCP “success message”. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .30
L2 protocol packet handling . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31
OpenFlow configuration considerations . . . . . . . . . . . . . . . . . . . . . .31
Configuring egress buffer threshold . . . . . . . . . . . . . . . . . . . . . . . . .32
TM XPP link status check . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .33
Flow control handling modification . . . . . . . . . . . . . . . . . . . . . . . . . .34
CLI commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34
Policy-based routing support for preserve VLAN. . . . . . . . . . . . . . . .34
Deletion of ACLs bound to an interface . . . . . . . . . . . . . . . . . . . . . . .35
Optional cluster operation features. . . . . . . . . . . . . . . . . . . . . . . . . .36
Enabling a transparent firewall . . . . . . . . . . . . . . . . . . . . . . . . . . . . .36
Default VRRP/VRRP-E dead interval calculation . . . . . . . . . . . . . . . 37
IPv6 anycast filtering. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .38
iv Brocade MLX Series and NetIron Family Documentation Updates
53-1003301-07
PBIFS extended counters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .38
Limiting log generation for MEP and Remote MEP . . . . . . . . . . . . . .39
IPv4 ACL-based rate limiting updates . . . . . . . . . . . . . . . . . . . . . . . .40
Configuration considerations . . . . . . . . . . . . . . . . . . . . . . . . . . . 40
Configuring a port-and-ACL-based traffic policing policy. . . . . . 40
How the Brocade device processes ACLs. . . . . . . . . . . . . . . . . .40
FE access recovery disable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .41
Usage Guidelines . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41
Output . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41
Setting the delay before bringing up the CCEP port . . . . . . . . . . . . .42
Setting the OpenFlow system maximum . . . . . . . . . . . . . . . . . . . . . .42
IPv6 Multicast Listener Discovery snooping . . . . . . . . . . . . . . . . . . . 43
Configuring IPv6 multicast routing or snooping. . . . . . . . . . . . .43
Enabling IPv6 multicast traffic reduction. . . . . . . . . . . . . . . . . .43
Configuring and enabling sFlow. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 44
Multicast queue size, flow control, rate shaping and egress buffer
threshold . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .44
Enabling PVST+ support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .44
Chapter 2 Documentation updates for Multi-Service IronWare Diagnostic Guide
Chapter 3 Documentation updates for Unified IP MIB Reference
In this chapter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 47
Route map configuration table. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 47
MAC filters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 47
RFC 4444: Management Information Base for
Intermediate System to Intermediate System (IS-IS) . . . . . . . . . . . . 47
Scalar isisSys objects . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 47
Rate limit counter index table . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .48
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .48
Upgrade MIB Objects . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49
Chapter 4 Documentation Updates for the MLXe / MLX Series and NetIron XMR
Series Hardware Installation Guide
In this chapter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51
Switch fabric modules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .51
Brocade MLXe Series. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51
Brocade MLX Series and Brocade NetIron XMR . . . . . . . . . . . . 52
10Gx24-port interface module. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 52
MLX 48x1G-T interface module . . . . . . . . . . . . . . . . . . . . . . . . . . . . .52
Brocade MLX Series and NetIron Family Documentation Updates v 53-1003301-07
PBIF Recovery . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .53
Syntax . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .53
Command Default . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 53
Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 53
Router modules. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .53
vi Brocade MLX Series and NetIron Family Documentation Updates
53-1003301-07

About This Document

In this chapter

“How this document is organized” on page vii
“Brocade resources” on page viii
“Getting technical help” on page viii
“Document feedback” on page viii

How this document is organized

This document contains updates to the Multi-Service IronWare R05.6.00a product manuals. These updates include document fixes and changes covering new features. Table 1 below list the most recently released Multi-Service IronWare R05.6.00a product manuals.
TABLE 1 Documentation supporting Multi-Service IronWare R05.6.00a
Publication Title Fabric OS Release Publication Date
Multi-Service IronWare Administration Configuration Guide R05.6.00a and later December 2013
Multi-Service IronWare Multiprotocol Label Switch (MPLS) Configuration Guide R05.6.00a and later December 2013
Multi-Service IronWare IP Multicast Configuration Guide R05.6.00a and later December 2013
Multi-Service IronWare Routing Configuration Guide R05.6.00a and later December 2013
Multi-Service IronWare Software Defined Networking (SDN) Configuration Guide R05.6.00a and later December 2013
Multi-Service IronWare Security Configuration Guide R05.6.00a and later December 2013
Multi-Service IronWare Switching Configuration Guide R05.6.00a and later December 2013
Multi-Service IronWare QoS and Traffic Management Configuration Guide R05.6.00a and later December 2013
Brocade MLXe Series Hardware Installation Guide R05.6.00a and later December 2013
Brocade MLX Series and NetIron XMR Hardware Installation Guide R05.6.00a and later December 2013
Brocade NetIron CES Series and NetIron CER Series Hardware Installation Guide R05.6.00a and later December 2013
Multi-Service IronWare Software Upgrade Guide R05.6.00a and later December 2013
Brocade MLX Series and NetIron XMR DIagnostics Guide R05.6.00a and later December 2013
Unified IP MIB Reference R05.6.00a and later December 2013
Brocade MLX Series and NetIron XMR YANG Guide R05.6.00a and later December 2013
Brocade MLX Series and NetIron Family Documentation Updates vii 53-1003301-07

Brocade resources

For the latest documentation, go to http://www.brocade.com/ethernetproducts

Getting technical help

For the latest Technical Support contact information including e-mail and telephone contact information, go to http://www.brocade.com/services-support/index.page.

Document feedback

Quality is our first concern at Brocade and we have made every effort to ensure the accuracy and completeness of this document. However, if you find an error or an omission, or you think that a topic needs further development, we want to hear from you. Forward your feedback by email to:
documentation@brocade.com
Provide the title and version number of the document and as much detail as possible about your comment, including the topic heading and page number and your suggestions for improvement.
viii Brocade MLX Series and NetIron Family Documentation Updates
53-1003301-07
Chapter

Documentation Updates for the Multi-Service IronWare Configuration Guides

In this chapter

The updates in this chapter are for the following Multi-Service IronWare R05.6.00 Configuration Guides.
Multi-Service Ironware Switching Configuration Guide - publication number 53-1003036-03
Multi-Service Ironware Security Configuration Guide - publication number 53-1003035-03
The following features were added or modified as part of the 5.6.00a release.
“Configuring a “null” route” on page 3
“ACL deny logging” on page 3
“Deployment Scenarios and CLI Configuration” on page 4
“Telemetry Solutions” on page 5
“PIM over MCT” on page 9
“Multicast snooping over MCT” on page 9
1
The following features were added or modified as part of the 5.6.00b release.
“HQoS Feature support” on page 13
“HQoS for VPLS traffic overview” on page 13
“HQoS for LAG traffic overview” on page 15
“WRED support for HQoS” on page 16
“Configuring VPLS endpoint over FDP/CDP interface” on page 18
“Configuring VLL endpoint over FDP/CDP enabled interface” on page 19
“Transparent forwarding of L2 and L3 protocols on a VLL for CES and CER” on page 20
The following features were added or modified as part of the 5.6.00c release.
“Modify OSPF standard compliance setting” on page 21
“VRRP and VRRP-E” on page 21
“Configuring an IPv6 Access Control List” on page 22
“Start a log file before an upgrade” on page 23
“IPv6 packets on Openflow L23 port” on page 24
“TM RAS Enhancements” on page 25
“Simplified Package Upgrade” on page 29
“LP auto-upgrade” on page 30
“SCP “success message”” on page 30
“L2 protocol packet handling” on page 31
Brocade MLX Series and NetIron Family Documentation Updates 1 53-1003301-07
1
In this chapter
The following features were added or modified as part of the 5.6.00d release.
“OpenFlow configuration considerations” on page 31
“Configuring egress buffer threshold” on page 32
“TM XPP link status check” on page 33
“Flow control handling modification” on page 34
“Policy-based routing support for preserve VLAN” on page 34
“Deletion of ACLs bound to an interface” on page 35
“Optional cluster operation features” on page 36
“Enabling a transparent firewall” on page 36
“Default VRRP/VRRP-E dead interval calculation” on page 37
“IPv6 anycast filtering” on page 38
“PBIFS extended counters” on page 38
“Limiting log generation for MEP and Remote MEP” on page 39
“IPv4 ACL-based rate limiting updates” on page 40
“FE access recovery disable” on page 41
“Setting the delay before bringing up the CCEP port” on page 42
“Setting the OpenFlow system maximum” on page 42
“IPv6 Multicast Listener Discovery snooping” on page 43
2 Brocade MLX Series and NetIron Family Documentation Updates
53-1003301-07

Configuring a “null” route

NOTE
The following section is an update to the Configuring IP Chapter in the Multi-Service Ironware Switching Configuration Guide.
The feature support table is updated for the “Dropping Traffic Sent to the Null0 Interface in Hardware” feature.
TABLE 1 Feature support table
Features supported
Brocade NetIron XMR
Configuring a “null” route
Brocade MLX series
Brocade NetIron CES 2000 Series BASE package
Brocade NetIron CES 2000 Series ME_PREM package
Brocade NetIron CES 2000 Series L3_PREM package
Brocade NetIron CER 2000 Series Base package
1
Brocade NetIron CER 2000 Series Advanced Services package
Dropping Traffic Sent to the Null0 Interface in Hardware
The following note is added in the “Dropping traffic sent to the null0 interface In hardware” section.
The ip hw-drop-on-def-route command is not supported on the Brocade NetIron CES and Brocade NetIron CER devices. You can drop traffic sent to the default IP route address in hardware without the ip hw-drop-on-def-route command.

ACL deny logging

The following section is an update to the Configuring an IPv6 Access Control List Chapter in the Multi-Service Ironware Security Configuration Guide.
ACL deny logging is supported on the Brocade NetIron CES and Brocade NetIron CER devices but not in conjunction with acl accounting, hence updating this section by removing the bullet point “ACL deny logging is not supported”.
Unsupported features for Brocade NetIron CES and Brocade NetIron
Yes Yes Yes Yes Yes Yes Yes
CER devices
The following features are not supported on the Brocade NetIron CES and Brocade NetIron CER devices:
The acl-outbound exclude-switched-traffic command to exclude switched traffic from outbound
ACL filtering is not supported.
The acl-frag-conservative command to change the operation of ACLs on fragmented packets is
not supported.
The suppress-rpf-drop command to suppress RPF packet drops for a specific set of packets
using inbound ACLs is not supported.
For all NetIron devices, if a port has an IPv4 or IPv6 ACL applied, you must remove the ACL
bindings before adding that port to a VLAN that has a VE interface.
Brocade MLX Series and NetIron Family Documentation Updates 3 53-1003301-07
1

Deployment Scenarios and CLI Configuration

Deployment Scenarios and CLI Configuration
The following section is an update to the Provider Backbone Bridging (PBB) Networks for the Brocade NetIron XMR and the Brocade MLX series Chapter in the Multi-Service Ironware Switching Configuration Guide.
In the Configuration for CE Devices section, under Configuration for PE Devices, the S-VLAN tag-type is 0x9100 and not 0x900.
4 Brocade MLX Series and NetIron Family Documentation Updates
53-1003301-07

Telemetry Solutions

The following section is an update to the Telemetry Solutions Chapter in the Multi-Service Ironware Administration Guide.
The update provides information about recommended baseline configuration and scaling limitations for telemetry solutions.

Scaling limitations

400 (IPv4 and IPv6 combined) route-map instances per interface.
- Valid instance is a route-map instance with the permit option and with a valid ACL (ACL is
present in configuration).
- Exceeding this limit results in first come first applied behavior on the port.
- User should redesign their route-map if this limit is exceeded for proper functioning.
200 IPv6 ACLs
- 20480 IPv6 clauses that can be present in the configuration.
IPv4 ACL limitations have not changed.
At maximum scale, this configuration may take up to 30 to 45 minutes to bind ACLs used in the
route-maps to the ingress interfaces. Traffic is flooded to all VLAN 1 ports during that time.
User should execute the show cam-partition usage command under the Rule item, to check if it
will accommodate the application of the route-map on the desired number of ports on each tower.
Usage of transparent-hw-flooding (TVF) and transparent-hw-flooding lag-load-balancing (TVF
LAG LDB) is best effort, and may result in data loss for bursty streams.
Usage of per-packet load balancing on LAGs used for TVF LAG LDB is not supported.
Dynamic and keep-alive LAGs are not supported with TVF LAG LDB.
If the SFMs are operating in “normal mode”, the number of TVF LAG LDB instances must not
exceed the following values. Run the show vlan tvf-lag-lb command:
Telemetry Solutions
1
Brocade MLX Series and NetIron Family Documentation Updates 5 53-1003301-07
1
Telemetry Solutions
TABLE 2 Configured System Max Values
Table 0.1:
tvf-lag-lb-fid-group tvf-lag-lb-fid-pool Do not exceed value
2512170
21024341
2 2048 682
4512102
4 1024 204
4 2048 409
8 512 56
81024113
8 2048 227
16 512 30
16 1024 60
16 2048 120
Configuration examples

Base-line configuration of telemetry solutions

no spanning-tree no dual-mode-default-vlan
NOTES: Default VLAN must have TVF enabled as shown.
vlan 1 name DEFAULT-VLAN no untagged ethe 13/1 to 13/3 transparent-hw-flooding
NOTES: Egress VLANs must have the following as shown.
1 A port present 2TVF or TVF LAG LDB enabled 3Port must be enabled 4 Port must be in the up state
vlan 1000 name Outer_1000 tagged ethe 13/1 transparent-hw-flooding
vlan 1001 name Outer_1001 tagged ethe 13/2 transparent-hw-flooding
vlan 1002 name Outer_1002 tagged ethe 13/3 transparent-hw-flooding
6 Brocade MLX Series and NetIron Family Documentation Updates
53-1003301-07
Telemetry Solutions
NOTE
NOTE
NOTE
1

Global level configuration

Configuring System max and cam-partition
system-max vlan 4095 system-max virtual-interface 4095 system-max ip-filter-sys 40960 system-max receive-cam 512 system-max ipv4-mcast-cam 512 system-max ipv6-mcast-cam 512 cam-partition profile ipv4-ipv6
Disabling LFS at global level
no link-fault-signaling link-fault-signaling ignore-rx link-fault-signaling ignore-rx device-1
These commands prevent link-fault-signaling (LFS) from taking the tap ports offline due to LFS on the monitored links
Configuring Ingress tap port
interface ethernet 1/1 enable ip policy route-map Outer_Mall ipv6 policy route-map Outer_Mall allow-all-vlan pbr gig-default neg-off mac access-group Deny_Any out
gig-default neg-off is required to be configured only for 1G fiber ports.
Configuring Egress port
interface ethernet 13/1 enable link-fault-signaling link-fault-signaling ignore-rx
interface ethernet 13/2 enable link-fault-signaling link-fault-signaling ignore-rx
interface ethernet 13/3 enable link-fault-signaling link-fault-signaling ignore-rx
LFS must be enabled on Egress 10G ports.
Brocade MLX Series and NetIron Family Documentation Updates 7 53-1003301-07
1
NOTE
NOTE
Telemetry Solutions
Configuring ACL
ipv6 access-list v6_Mall_Outer_1001 permit ipv6 host 667:a6db:39c5:f217:4374:435e:ba5e:d402 any
ipv6 access-list v6_Mall_Outer_1002 permit ipv6 host 849e:958:ed:bcd8:577d:5468:edef:8dfc any
ipv6 access-list v6_Mall_Outer_1000 permit ipv6 host 2f12:4a71:704c:8a1a:7de3:7ef9:43a9:550a any
ipv6 access-list v6_Permit_Any permit ipv6 any any
ip access-list extended v4_Mall_Outer_1001 permit ip host 95.64.50.180 any
ip access-list extended v4_Mall_Outer_1002 permit ip host 126.126.14.76 any
ip access-list extended v4_Mall_Outer_1000 permit ip host 117.218.157.45 any
ip access-list extended v4_Permit_Any permit ip any any
mac access-list Deny_Any deny any any any
For this application always set the ACL rule as “permit”.
The only exception to this rule is, the last route-map instance must be set as CATCH-ALL, to avoid all unmatched traffic going to the CPU for forwarding. The only exception is if you have another routing protocol which picks up the unmatched traffic, and allows the usage of deny statement in the ACLs and no need to set CATCH-ALL. All “denied” and unmatched packets will be passed to the routing protocol for forwarding. Traffic to be dropped is handled at the end of the route-map.
Configuring Route-map
route-map Outer_Mall permit 1000 rule-name 1000 match ip address v4_Mall_Outer_1000 match ipv6 address v6_Mall_Outer_1000 set next-hop-flood-vlan 1000 set interface null0 route-map Outer_Mall permit 1001 rule-name 1001 match ip address v4_Mall_Outer_1001 match ipv6 address v6_Mall_Outer_1001 set next-hop-flood-vlan 1001 set interface null0 route-map Outer_Mall permit 1002 rule-name 1002 match ip address v4_Mall_Outer_1002 match ipv6 address v6_Mall_Outer_1002 set next-hop-flood-vlan 1002 set interface null0
8 Brocade MLX Series and NetIron Family Documentation Updates
53-1003301-07

PIM over MCT

route-map Outer_Mall permit 10000 rule-name Catch_All match ip address v4_Permit_Any match ipv6 address v6_Permit_Any set interface null0
end
Configuration consideration for Route-map Route-map instances (The complete route-map blah permit|deny xxxx configuration section) and
route-map configuration must meet the following conditions:
1. The last set of commands must be interface null0, this can be preceded by multiple set of other commands. This prevents the matched traffic from going to the CPU for forwarding, when the egress VLAN is not a valid next hop.
2. Rule names can only be used once per route-map.
3. The last route-map instance must be set as CATCH-ALL, to avoid all unmatched traffic going to the CPU for forwarding. The only exception is if you have another routing protocol which picks up the unmatched traffic, and allows the usage of deny statement in the ACLs and no need to set CATCH-ALL. All denied and unmatched packets will be passed to the routing protocol for forwarding.
1
PIM over MCT
The MCT feature interaction matrix has been updated to indicate that BFD is not supported in NetIron 5.4.00 and later releases.

MCT feature interaction

Use the following feature matrix when configuring MCT:
MCT feature interaction matrix
Supported Not Supported
BGP, IS-IS, and OSPF on CCEP. BFD on CCEP.

Multicast snooping over MCT

The following configuration consideration is modified in the Configuration considerations list under the Multicast snooping over MCT section of the Multi-Chassis Trunking (MCT) chapter.
On Customer Client Edge Ports (CCEP), MCT does not support 802.1ah.
Brocade MLX Series and NetIron Family Documentation Updates 9 53-1003301-07
1

Running configuration sequence number display

Running configuration sequence number display
The sequence number display on running configuration has been updated to display as the following example.

Example of show run

stub-cat-201(config-mac-acl-in-sample)#show run
sequence 10 permit 0000.0291.1502 ffff.ffff.ffff any 545 etype any sequence 20 permit 0000.2222.2222 ffff.ffff.ffff any 1201 etype any <-Newly added
ACL rule with sequence number
sequence 30 permit 0000.0201.1502 ffff.ffff.ffff any 401 etype any

Example of show access-list l2 command

stub-cat-201(config-mac-acl-in-sample)#show access-list l2 in-sample
L2 MAC Access List in-sample : 3 entries sequence 10 permit 0000.0291.1502 ffff.ffff.ffff any 545 etype any sequence 20 permit 0000.2222.2222 ffff.ffff.ffff any 1201 etype any <-Newly added
ACL rule with sequence number
sequence 30 permit 0000.0201.1502 ffff.ffff.ffff any 401 etype any

DVMRP legacy protocol support

Multi-Service IronWare does not support DVMRP. Use PIM as an alternative protocol for multicast.

LAG formation rules

The LAG formation rules listed below must be followed.
You cannot configure a port concurrently as a member of a static, dynamic, or keep-alive LAG.
Any number or combination of ports between 1 and 32 within the same chassis can be used to
configure a LAG. The maximum number of LAG ports is checked when adding ports to a LAG.
All ports configured in a LAG must be of equal bandwidth. For example all 10 G ports.
All ports configured in a LAG must be configured with the same port attributes.
LAG formation rules are checked when a static or dynamic LAG is deployed.
A LAG must have its primary port selected before it can be deployed.
All ports configured in a LAG must be configured in the same VLAN.
10 Brocade MLX Series and NetIron Family Documentation Updates
53-1003301-07
LAG formation rules
1
All ports must have the same PBR configuration before deployment. During deployment, the
configuration on the primary port is replicated to all ports. On undeployment, each port inherits the same PBR configuration.
All static LAG ports must have the same LACP BPDU forwarding configuration.
A LAG member and an individual port cannot use the same name.
VLAN and inner-VLAN translation
The LAG is rejected if any LAG port has VLAN or inner-VLAN translation configured
Layer 2 requirements:
The LAG is rejected if the LAG ports:
Do not have the same untagged VLAN component.
Do not share the same SuperSpan customer ID (CID).
Do not share the same VLAN membership or do not share the same uplink VLAN
membership
Do not share the same protocol-VLAN configuration
Are configured as mainly primary and secondary interfaces
Static LAG deployment will fail if the if LACP BPDU forwarding is disabled on the primary
port and enabled on one or more of the secondary ports.
Layer 3 requirements:
The LAG is rejected if any of the secondary LAG port has any Layer 3 configurations, such as IPv4 or IPv6 address, OSPF, RIP, RIPNG, IS-IS, and so on.
Layer 4 (ACL) requirements:
All LAG ports must have the same ACL configurations; otherwise, the LAG is rejected.
A LAG cannot be deployed if any of the member ports has ACL-based mirroring configured
on it.
A port with ACL-based mirroring configured on it cannot be added to a LAG.
The router can support up to 256 LAGs, and each LAG can contain up to 64 member ports.
If the router is configured to support 32 LAGs by using the system-max trunk-num
command, the maximum number of LAG ports is 64.
If the router is configured to support 64 LAGs by using the system-max trunk-num
command, the maximum number of LAG ports is 32.
If the system-max trunk-num is set to 256, the maximum number of LAG ports supported
is 8.
The default system-max trunk-num is set to 128, and each LAG can have up to 16 member
ports
For 100G ports, the configurable ranges are from 2 to 16 100G LAGs.
When configuring a static or dynamic LAG, if trunk load sharing type is set to “per-packet” the
maximum number of “per-packet” trunks is set to 4.
Ports can be in only one LAG group. All the ports in a LAG group must be connected to the
same device at the other end. For example, if port 1/4 and 1/5 in Device 1 are in the same LAG group, both ports must be connected to ports in Device 2 or in Device 3. You cannot have one port connected to Device 2 and another port connected to Device 3.
All LAG member properties must match the primary port of the LAG with respect to the
following parameters:
Brocade MLX Series and NetIron Family Documentation Updates 11 53-1003301-07
Loading...
+ 43 hidden pages
Buy Points How it Works FAQ Contact Us Questions and Suggestions Privacy Policy Cookie Policy Terms of Use