53-1003301-07 |
® |
8 August 2014 |
|
Brocade MLX Series and
NetIron Family
Documentation Updates
Supporting Multi-Service IronWare R05.6.xx
Copyright © 2014 Brocade Communications Systems, Inc. All Rights Reserved.
Brocade, Brocade Assurance, the B-wing symbol, BigIron, DCX, Fabric OS, FastIron, MLX, NetIron, SAN Health, ServerIron, TurboIron, VCS, and VDX are registered trademarks, and AnyIO, Brocade One, CloudPlex, Effortless Networking, ICX, NET Health, OpenScript, and The Effortless Network are trademarks of Brocade Communications Systems, Inc., in the United States and/or in other countries. Other brands, products, or service names mentioned may be trademarks of their respective owners.
Notice: This document is for informational purposes only and does not set forth any warranty, expressed or implied, concerning any equipment, equipment feature, or service offered or to be offered by Brocade. Brocade reserves the right to make changes to this document at any time, without notice, and assumes no responsibility for its use. This informational document describes features that may not be currently available. Contact a Brocade sales office for information on feature and product availability. Export of technical data contained in this document may require an export license from the United States government.
The authors and Brocade Communications Systems, Inc. shall have no liability or responsibility to any person or entity with respect to any loss, cost, liability, or damages arising from the information contained in this book or the computer programs that accompany it.
The product described by this document may contain “open source” software covered by the GNU General Public License or other open source license agreements. To find out which open source software is included in Brocade products, view the licensing terms applicable to the open source software, and obtain a copy of the programming source code, please visit http://www.brocade.com/support/oscd.
Brocade Communications Systems, Incorporated
Corporate and Latin American Headquarters |
Asia-Pacific Headquarters |
Brocade Communications Systems, Inc. |
Brocade Communications Systems China HK, Ltd. |
130 Holger Way |
No. 1 Guanghua Road |
San Jose, CA 95134 |
Chao Yang District |
Tel: 1-408-333-8000 |
Units 2718 and 2818 |
Fax: 1-408-333-8101 |
Beijing 100020, China |
E-mail: info@brocade.com |
Tel: +8610 6588 8888 |
|
Fax: +8610 6588 9999 |
|
E-mail: china-info@brocade.com |
European Headquarters |
Asia-Pacific Headquarters |
Brocade Communications Switzerland Sàrl |
Brocade Communications Systems Co., Ltd. (Shenzhen WFOE) |
Centre Swissair |
Citic Plaza |
Tour B - 4ème étage |
No. 233 Tian He Road North |
29, Route de l'Aéroport |
Unit 1308 – 13th Floor |
Case Postale 105 |
Guangzhou, China |
CH-1215 Genève 15 |
Tel: +8620 3891 2000 |
Switzerland |
Fax: +8620 3891 2111 |
Tel: +41 22 799 5640 |
E-mail: china-info@brocade.com |
Fax: +41 22 799 5641 |
|
E-mail: emea-info@brocade.com |
|
Document History
Title |
Publication number |
Summary of changes |
Date |
|
|
|
|
Brocade MLX Series and NetIron Family |
53-1003301-03 |
NetIron 05.6.00b Release updates. |
24 January, 2014 |
Documentation Updates |
|
|
|
|
|
|
|
Brocade MLX Series and NetIron Family |
53-1003301-04 |
NetIron 05.6.00c Release updates. |
22 April, 2014 |
Documentation Updates |
|
|
|
|
|
|
|
Brocade MLX Series and NetIron Family |
53-1003301-05 |
Updated Openflow configuration |
25 April, 2014 |
Documentation Updates |
|
considerations. |
|
|
|
|
|
Brocade MLX Series and NetIron Family |
53-1003301-06 |
NetIron 05.6.00d Release updates. |
31 July, 2014 |
Documentation Updates |
|
|
|
|
|
|
|
Brocade MLX Series and NetIron Family |
53-1003301-07 |
NetIron 05.6.00d Release updates |
8 August, 2014 |
Documentation Updates |
|
version 2. |
|
|
|
|
|
About This Document
In this chapter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . vii How this document is organized . . . . . . . . . . . . . . . . . . . . . . . . . . . . vii Brocade resources . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . viii Getting technical help. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . viii Document feedback . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . viii
Chapter 1 |
Documentation Updates for the Multi-Service IronWare |
|
|
Configuration Guides |
|
|
In this chapter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . |
1 |
|
Configuring a “null” route . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . |
3 |
ACL deny logging . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 Unsupported features for Brocade NetIron CES and Brocade NetIron CER devices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
Deployment Scenarios and CLI Configuration . . . . . . . . . . . . . . . . . . 4
Telemetry Solutions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 Scaling limitations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 Base-line configuration of telemetry solutions . . . . . . . . . . . . . . 6 Global level configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
PIM over MCT. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9 MCT feature interaction. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
Multicast snooping over MCT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
Running configuration sequence number display . . . . . . . . . . . . . . 10 Example of show run . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10 Example of show access-list l2 command . . . . . . . . . . . . . . . . . 10
DVMRP legacy protocol support. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10 LAG formation rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10 IPTV support on Brocade NetIron CES and Brocade CER devices. .12 Configuring a PBR policy. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .12 HQoS Feature support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .13
HQoS for VPLS traffic overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13 Feature highlights . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .13 Configuring HQoS for VPLS traffic. . . . . . . . . . . . . . . . . . . . . . . . 13 Limitations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14 Checking for HQoS for VPLS configurations on ports . . . . . . . . 15
Brocade MLX Series and NetIron Family Documentation Updates |
iii |
53-1003301-07 |
|
HQoS for LAG traffic overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15 Feature highlights . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15 Configuring steps . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16 Limitations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16
WRED support for HQoS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16 Feature highlights . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16 Configuring steps . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16 Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17
Configuring VPLS endpoint over FDP/CDP interface . . . . . . . . . . . . 18 Configuring VLL endpoint over FDP/CDP enabled interface . . . . . . 19
Transparent forwarding of L2 and L3 protocols on a VLL for CES and CER 20
Modify OSPF standard compliance setting . . . . . . . . . . . . . . . . . . . . 21 VRRP and VRRP-E . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21 Configuring an IPv6 Access Control List . . . . . . . . . . . . . . . . . . . . . .22 Start a log file before an upgrade . . . . . . . . . . . . . . . . . . . . . . . . . . .23
IPv6 packets on Openflow L23 port. . . . . . . . . . . . . . . . . . . . . . . . . . 24 Before 5.6.00c . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24 From 5.6.00c . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24
TM RAS Enhancements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .25 TM DRAM CRC error interrupt . . . . . . . . . . . . . . . . . . . . . . . . . . .25 Descriptive TM error interrupt logging . . . . . . . . . . . . . . . . . . . .26 Separate Threshold for CRC logging. . . . . . . . . . . . . . . . . . . . . .28
Simplified Package Upgrade . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .29 Brocade NetIron XMR and Brocade MLX Series single-command (fullsystem) upgrade . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .29 Brocade NetIron CER and Brocade NetIron CES single-command (full-system) upgrade . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .30
LP auto-upgrade . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .30 SCP “success message”. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .30 L2 protocol packet handling. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31 OpenFlow configuration considerations . . . . . . . . . . . . . . . . . . . . . . 31 Configuring egress buffer threshold . . . . . . . . . . . . . . . . . . . . . . . . .32 TM XPP link status check . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .33
Flow control handling modification . . . . . . . . . . . . . . . . . . . . . . . . . .34 CLI commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .34
Policy-based routing support for preserve VLAN. . . . . . . . . . . . . . . .34 Deletion of ACLs bound to an interface. . . . . . . . . . . . . . . . . . . . . . .35 Optional cluster operation features . . . . . . . . . . . . . . . . . . . . . . . . . .36 Enabling a transparent firewall . . . . . . . . . . . . . . . . . . . . . . . . . . . . .36 Default VRRP/VRRP-E dead interval calculation . . . . . . . . . . . . . . . 37 IPv6 anycast filtering. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .38
iv |
Brocade MLX Series and NetIron Family Documentation Updates |
|
53-1003301-07 |
PBIFS extended counters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .38 Limiting log generation for MEP and Remote MEP. . . . . . . . . . . . . .39
IPv4 ACL-based rate limiting updates . . . . . . . . . . . . . . . . . . . . . . . .40 Configuration considerations . . . . . . . . . . . . . . . . . . . . . . . . . . .40 Configuring a port-and-ACL-based traffic policing policy. . . . . .40 How the Brocade device processes ACLs. . . . . . . . . . . . . . . . . .40
FE access recovery disable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41 Usage Guidelines . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41 Output . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41
Setting the delay before bringing up the CCEP port . . . . . . . . . . . . .42 Setting the OpenFlow system maximum . . . . . . . . . . . . . . . . . . . . . .42
IPv6 Multicast Listener Discovery snooping . . . . . . . . . . . . . . . . . . .43 Configuring IPv6 multicast routing or snooping. . . . . . . . . . . . .43 Enabling IPv6 multicast traffic reduction. . . . . . . . . . . . . . . . . .43
Configuring and enabling sFlow . . . . . . . . . . . . . . . . . . . . . . . . . . . . .44
Multicast queue size, flow control, rate shaping and egress buffer threshold . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .44
Enabling PVST+ support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .44
Chapter 2 |
Documentation updates for Multi-Service IronWare Diagnostic Guide |
|
Chapter 3 |
Documentation updates for Unified IP MIB Reference |
|
|
In this chapter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . |
47 |
|
Route map configuration table. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . |
47 |
MAC filters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 47
RFC 4444: Management Information Base for
Intermediate System to Intermediate System (IS-IS) . . . . . . . . . . . . 47 Scalar isisSys objects . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 47
Rate limit counter index table . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .48
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .48 Upgrade MIB Objects . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .49
Chapter 4 |
Documentation Updates for the MLXe / MLX Series and NetIron XMR |
|
|
Series Hardware Installation Guide |
|
|
In this chapter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . |
51 |
|
Switch fabric modules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . |
51 |
|
Brocade MLXe Series. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . |
51 |
|
Brocade MLX Series and Brocade NetIron XMR . . . . . . . . . . . . |
52 |
10Gx24-port interface module. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .52 MLX 48x1G-T interface module . . . . . . . . . . . . . . . . . . . . . . . . . . . . .52
Brocade MLX Series and NetIron Family Documentation Updates |
v |
53-1003301-07 |
|
PBIF Recovery . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .53 Syntax . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .53 Command Default . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .53 Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .53
Router modules. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .53
vi |
Brocade MLX Series and NetIron Family Documentation Updates |
|
53-1003301-07 |
•“How this document is organized” on page vii
•“Brocade resources” on page viii
•“Getting technical help” on page viii
•“Document feedback” on page viii
This document contains updates to the Multi-Service IronWare R05.6.00a product manuals. These updates include document fixes and changes covering new features. Table 1 below list the most recently released Multi-Service IronWare R05.6.00a product manuals.
TABLE 1 |
Documentation supporting Multi-Service IronWare R05.6.00a |
|
|
|
|
|
|
Publication Title |
Fabric OS Release |
Publication Date |
|
|
|
|
|
Multi-Service IronWare Administration Configuration Guide |
R05.6.00a and later |
December 2013 |
|
|
|
|
|
Multi-Service IronWare Multiprotocol Label Switch (MPLS) Configuration Guide |
R05.6.00a and later |
December 2013 |
|
|
|
|
|
Multi-Service IronWare IP Multicast Configuration Guide |
R05.6.00a and later |
December 2013 |
|
|
|
|
|
Multi-Service IronWare Routing Configuration Guide |
R05.6.00a and later |
December 2013 |
|
|
|
|
|
Multi-Service IronWare Software Defined Networking (SDN) Configuration Guide |
R05.6.00a and later |
December 2013 |
|
|
|
|
|
Multi-Service IronWare Security Configuration Guide |
R05.6.00a and later |
December 2013 |
|
|
|
|
|
Multi-Service IronWare Switching Configuration Guide |
R05.6.00a and later |
December 2013 |
|
|
|
|
|
Multi-Service IronWare QoS and Traffic Management Configuration Guide |
R05.6.00a and later |
December 2013 |
|
|
|
|
|
Brocade MLXe Series Hardware Installation Guide |
R05.6.00a and later |
December 2013 |
|
|
|
|
|
Brocade MLX Series and NetIron XMR Hardware Installation Guide |
R05.6.00a and later |
December 2013 |
|
|
|
|
|
Brocade NetIron CES Series and NetIron CER Series Hardware Installation Guide |
R05.6.00a and later |
December 2013 |
|
|
|
|
|
Multi-Service IronWare Software Upgrade Guide |
R05.6.00a and later |
December 2013 |
|
|
|
|
|
Brocade MLX Series and NetIron XMR DIagnostics Guide |
R05.6.00a and later |
December 2013 |
|
|
|
|
|
Unified IP MIB Reference |
R05.6.00a and later |
December 2013 |
|
|
|
|
|
Brocade MLX Series and NetIron XMR YANG Guide |
R05.6.00a and later |
December 2013 |
|
|
|
|
|
Brocade MLX Series and NetIron Family Documentation Updates |
vii |
53-1003301-07 |
|
For the latest documentation, go to http://www.brocade.com/ethernetproducts
For the latest Technical Support contact information including e-mail and telephone contact information, go to http://www.brocade.com/services-support/index.page.
Quality is our first concern at Brocade and we have made every effort to ensure the accuracy and completeness of this document. However, if you find an error or an omission, or you think that a topic needs further development, we want to hear from you. Forward your feedback by email to:
documentation@brocade.com
Provide the title and version number of the document and as much detail as possible about your comment, including the topic heading and page number and your suggestions for improvement.
viii |
Brocade MLX Series and NetIron Family Documentation Updates |
|
53-1003301-07 |
|
Chapter |
|
Documentation Updates for the Multi-Service IronWare |
1 |
|
Configuration Guides |
|
|
|
|
|
The updates in this chapter are for the following Multi-Service IronWare R05.6.00 Configuration Guides.
•Multi-Service Ironware Switching Configuration Guide - publication number 53-1003036-03
•Multi-Service Ironware Security Configuration Guide - publication number 53-1003035-03
The following features were added or modified as part of the 5.6.00a release.
•“Configuring a “null” route” on page 3
•“ACL deny logging” on page 3
•“Deployment Scenarios and CLI Configuration” on page 4
•“Telemetry Solutions” on page 5
•“PIM over MCT” on page 9
•“Multicast snooping over MCT” on page 9
The following features were added or modified as part of the 5.6.00b release.
•“HQoS Feature support” on page 13
•“HQoS for VPLS traffic overview” on page 13
•“HQoS for LAG traffic overview” on page 15
•“WRED support for HQoS” on page 16
•“Configuring VPLS endpoint over FDP/CDP interface” on page 18
•“Configuring VLL endpoint over FDP/CDP enabled interface” on page 19
•“Transparent forwarding of L2 and L3 protocols on a VLL for CES and CER” on page 20
The following features were added or modified as part of the 5.6.00c release.
•“Modify OSPF standard compliance setting” on page 21
•“VRRP and VRRP-E” on page 21
•“Configuring an IPv6 Access Control List” on page 22
•“Start a log file before an upgrade” on page 23
•“IPv6 packets on Openflow L23 port” on page 24
•“TM RAS Enhancements” on page 25
•“Simplified Package Upgrade” on page 29
•“LP auto-upgrade” on page 30
•“SCP “success message”” on page 30
•“L2 protocol packet handling” on page 31
Brocade MLX Series and NetIron Family Documentation Updates |
1 |
53-1003301-07 |
|
1 |
In this chapter |
The following features were added or modified as part of the 5.6.00d release.
•“OpenFlow configuration considerations” on page 31
•“Configuring egress buffer threshold” on page 32
•“TM XPP link status check” on page 33
•“Flow control handling modification” on page 34
•“Policy-based routing support for preserve VLAN” on page 34
•“Deletion of ACLs bound to an interface” on page 35
•“Optional cluster operation features” on page 36
•“Enabling a transparent firewall” on page 36
•“Default VRRP/VRRP-E dead interval calculation” on page 37
•“IPv6 anycast filtering” on page 38
•“PBIFS extended counters” on page 38
•“Limiting log generation for MEP and Remote MEP” on page 39
•“IPv4 ACL-based rate limiting updates” on page 40
•“FE access recovery disable” on page 41
•“Setting the delay before bringing up the CCEP port” on page 42
•“Setting the OpenFlow system maximum” on page 42
•“IPv6 Multicast Listener Discovery snooping” on page 43
2 |
Brocade MLX Series and NetIron Family Documentation Updates |
|
53-1003301-07 |
Configuring a “null” route |
1 |
Configuring a “null” route
The following section is an update to the Configuring IP Chapter in the Multi-Service Ironware Switching Configuration Guide.
The feature support table is updated for the “Dropping Traffic Sent to the Null0 Interface in Hardware” feature.
TABLE 1 |
Feature support table |
|
|
|
|
||
|
|
|
|
|
|
|
|
Features |
Brocade |
Brocade |
Brocade |
Brocade |
Brocade |
Brocade |
Brocade |
supported |
NetIron XMR |
MLX series |
NetIron CES |
NetIron CES |
NetIron CES |
NetIron CER |
NetIron CER |
|
|
|
2000Series |
2000 Series |
2000 Series |
2000 Series |
2000 Series |
|
|
|
BASE |
ME_PREM |
L3_PREM |
Base |
Advanced |
|
|
|
package |
package |
package |
package |
Services |
|
|
|
|
|
|
|
package |
|
|
|
|
|
|
|
|
Dropping Traffic |
Yes |
Yes |
Yes |
Yes |
Yes |
Yes |
Yes |
Sent to the |
|
|
|
|
|
|
|
Null0 Interface |
|
|
|
|
|
|
|
in Hardware |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
The following note is added in the “Dropping traffic sent to the null0 interface In hardware” section.
NOTE
The ip hw-drop-on-def-route command is not supported on the Brocade NetIron CES and Brocade NetIron CER devices. You can drop traffic sent to the default IP route address in hardware without the ip hw-drop-on-def-route command.
The following section is an update to the Configuring an IPv6 Access Control List Chapter in the
Multi-Service Ironware Security Configuration Guide.
ACL deny logging is supported on the Brocade NetIron CES and Brocade NetIron CER devices but not in conjunction with acl accounting, hence updating this section by removing the bullet point “ACL deny logging is not supported”.
The following features are not supported on the Brocade NetIron CES and Brocade NetIron CER devices:
•The acl-outbound exclude-switched-traffic command to exclude switched traffic from outbound ACL filtering is not supported.
•The acl-frag-conservative command to change the operation of ACLs on fragmented packets is not supported.
•The suppress-rpf-drop command to suppress RPF packet drops for a specific set of packets using inbound ACLs is not supported.
•For all NetIron devices, if a port has an IPv4 or IPv6 ACL applied, you must remove the ACL bindings before adding that port to a VLAN that has a VE interface.
Brocade MLX Series and NetIron Family Documentation Updates |
3 |
53-1003301-07 |
|
1 |
Deployment Scenarios and CLI Configuration |
Deployment Scenarios and CLI Configuration
The following section is an update to the Provider Backbone Bridging (PBB) Networks for the Brocade NetIron XMR and the Brocade MLX series Chapter in the Multi-Service Ironware Switching Configuration Guide.
In the Configuration for CE Devices section, under Configuration for PE Devices, the S-VLAN tag-type is 0x9100 and not 0x900.
4 |
Brocade MLX Series and NetIron Family Documentation Updates |
|
53-1003301-07 |
Telemetry Solutions |
1 |
Telemetry Solutions
The following section is an update to the Telemetry Solutions Chapter in the Multi-Service Ironware Administration Guide.
The update provides information about recommended baseline configuration and scaling limitations for telemetry solutions.
•400 (IPv4 and IPv6 combined) route-map instances per interface.
-Valid instance is a route-map instance with the permit option and with a valid ACL (ACL is present in configuration).
-Exceeding this limit results in first come first applied behavior on the port.
-User should redesign their route-map if this limit is exceeded for proper functioning.
•200 IPv6 ACLs
-20480 IPv6 clauses that can be present in the configuration.
•IPv4 ACL limitations have not changed.
•At maximum scale, this configuration may take up to 30 to 45 minutes to bind ACLs used in the route-maps to the ingress interfaces. Traffic is flooded to all VLAN 1 ports during that time.
•User should execute the show cam-partition usage command under the Rule item, to check if it will accommodate the application of the route-map on the desired number of ports on each tower.
•Usage of transparent-hw-flooding (TVF) and transparent-hw-flooding lag-load-balancing (TVF LAG LDB) is best effort, and may result in data loss for bursty streams.
•Usage of per-packet load balancing on LAGs used for TVF LAG LDB is not supported.
•Dynamic and keep-alive LAGs are not supported with TVF LAG LDB.
•If the SFMs are operating in “normal mode”, the number of TVF LAG LDB instances must not exceed the following values. Run the show vlan tvf-lag-lb command:
Brocade MLX Series and NetIron Family Documentation Updates |
5 |
53-1003301-07 |
|
1 |
|
Telemetry Solutions |
|
|
|
TABLE 2 |
Configured System Max Values |
|
|
|
|
|
Table 0.1: |
|
|
|
|
|
|
|
tvf-lag-lb-fid-group |
|
tvf-lag-lb-fid-pool |
Do not exceed value |
|
|
|
|
|
2 |
|
512 |
170 |
|
|
|
|
|
|
2 |
|
1024 |
341 |
|
|
|
|
|
|
2 |
|
2048 |
682 |
|
|
|
|
|
|
4 |
|
512 |
102 |
|
|
|
|
|
|
4 |
|
1024 |
204 |
|
|
|
|
|
|
4 |
|
2048 |
409 |
|
|
|
|
|
|
8 |
|
512 |
56 |
|
|
|
|
|
|
8 |
|
1024 |
113 |
|
|
|
|
|
|
8 |
|
2048 |
227 |
|
|
|
|
|
|
16 |
|
512 |
30 |
|
|
|
|
|
|
16 |
|
1024 |
60 |
|
|
|
|
|
|
16 |
|
2048 |
120 |
|
|
|
|
|
|
Configuration examples
no spanning-tree
no dual-mode-default-vlan
NOTES: Default VLAN must have TVF enabled as shown.
vlan 1 name DEFAULT-VLAN
no untagged ethe 13/1 to 13/3 transparent-hw-flooding
NOTES: Egress VLANs must have the following as shown.
1A port present
2TVF or TVF LAG LDB enabled
3Port must be enabled
4Port must be in the up state
vlan 1000 name Outer_1000 tagged ethe 13/1 transparent-hw-flooding
vlan 1001 name Outer_1001 tagged ethe 13/2 transparent-hw-flooding
vlan 1002 name Outer_1002 tagged ethe 13/3 transparent-hw-flooding
6 |
Brocade MLX Series and NetIron Family Documentation Updates |
|
53-1003301-07 |
Telemetry Solutions |
1 |
system-max vlan 4095
system-max virtual-interface 4095 system-max ip-filter-sys 40960 system-max receive-cam 512 system-max ipv4-mcast-cam 512 system-max ipv6-mcast-cam 512 cam-partition profile ipv4-ipv6
no link-fault-signaling link-fault-signaling ignore-rx link-fault-signaling ignore-rx device-1
NOTE
These commands prevent link-fault-signaling (LFS) from taking the tap ports offline due to LFS on the monitored links
interface ethernet 1/1 enable
ip policy route-map Outer_Mall ipv6 policy route-map Outer_Mall allow-all-vlan pbr
gig-default neg-off
mac access-group Deny_Any out
NOTE
gig-default neg-off is required to be configured only for 1G fiber ports.
interface ethernet 13/1 enable link-fault-signaling
link-fault-signaling ignore-rx
interface ethernet 13/2 enable link-fault-signaling
link-fault-signaling ignore-rx
interface ethernet 13/3 enable link-fault-signaling
link-fault-signaling ignore-rx
NOTE
LFS must be enabled on Egress 10G ports.
Brocade MLX Series and NetIron Family Documentation Updates |
7 |
53-1003301-07 |
|
1 |
Telemetry Solutions |
|
Configuring ACL |
|
ipv6 access-list v6_Mall_Outer_1001 |
|
permit ipv6 host 667:a6db:39c5:f217:4374:435e:ba5e:d402 any |
|
ipv6 access-list v6_Mall_Outer_1002 |
|
permit ipv6 host 849e:958:ed:bcd8:577d:5468:edef:8dfc any |
|
ipv6 access-list v6_Mall_Outer_1000 |
|
permit ipv6 host 2f12:4a71:704c:8a1a:7de3:7ef9:43a9:550a any |
|
ipv6 access-list v6_Permit_Any |
permit ipv6 any any
ip access-list extended v4_Mall_Outer_1001 permit ip host 95.64.50.180 any
ip access-list extended v4_Mall_Outer_1002 permit ip host 126.126.14.76 any
ip access-list extended v4_Mall_Outer_1000 permit ip host 117.218.157.45 any
ip access-list extended v4_Permit_Any permit ip any any
mac access-list Deny_Any deny any any any
NOTE
For this application always set the ACL rule as “permit”.
NOTE
The only exception to this rule is, the last route-map instance must be set as CATCH-ALL, to avoid all unmatched traffic going to the CPU for forwarding. The only exception is if you have another routing protocol which picks up the unmatched traffic, and allows the usage of deny statement in the ACLs and no need to set CATCH-ALL. All “denied” and unmatched packets will be passed to the routing protocol for forwarding. Traffic to be dropped is handled at the end of the route-map.
route-map Outer_Mall permit 1000 rule-name 1000
match ip address v4_Mall_Outer_1000 match ipv6 address v6_Mall_Outer_1000 set next-hop-flood-vlan 1000
set interface null0
route-map Outer_Mall permit 1001 rule-name 1001
match ip address v4_Mall_Outer_1001 match ipv6 address v6_Mall_Outer_1001 set next-hop-flood-vlan 1001
set interface null0
route-map Outer_Mall permit 1002 rule-name 1002
match ip address v4_Mall_Outer_1002 match ipv6 address v6_Mall_Outer_1002 set next-hop-flood-vlan 1002
set interface null0
8 |
Brocade MLX Series and NetIron Family Documentation Updates |
|
53-1003301-07 |
PIM over MCT |
1 |
route-map Outer_Mall permit 10000 rule-name Catch_All
match ip address v4_Permit_Any match ipv6 address v6_Permit_Any set interface null0
end
Configuration consideration for Route-map
Route-map instances (The complete route-map blah permit|deny xxxx configuration section) and route-map configuration must meet the following conditions:
1.The last set of commands must be interface null0, this can be preceded by multiple set of other commands. This prevents the matched traffic from going to the CPU for forwarding, when the egress VLAN is not a valid next hop.
2.Rule names can only be used once per route-map.
3.The last route-map instance must be set as CATCH-ALL, to avoid all unmatched traffic going to the CPU for forwarding. The only exception is if you have another routing protocol which picks up the unmatched traffic, and allows the usage of deny statement in the ACLs and no need to set CATCH-ALL. All denied and unmatched packets will be passed to the routing protocol for forwarding.
PIM over MCT
The MCT feature interaction matrix has been updated to indicate that BFD is not supported in NetIron 5.4.00 and later releases.
Use the following feature matrix when configuring MCT:
MCT feature interaction matrix
Supported |
Not Supported |
|
|
BGP, IS-IS, and OSPF on CCEP. |
BFD on CCEP. |
|
|
The following configuration consideration is modified in the Configuration considerations list under the Multicast snooping over MCT section of the Multi-Chassis Trunking (MCT) chapter.
•On Customer Client Edge Ports (CCEP), MCT does not support 802.1ah.
Brocade MLX Series and NetIron Family Documentation Updates |
9 |
53-1003301-07 |
|
1 |
Running configuration sequence number display |
Running configuration sequence number display
The sequence number display on running configuration has been updated to display as the following example.
stub-cat-201(config-mac-acl-in-sample)#show run
sequence 10 permit 0000.0291.1502 ffff.ffff.ffff any 545 etype any
sequence 20 permit 0000.2222.2222 ffff.ffff.ffff any 1201 etype any <-Newly added
ACL rule with sequence number
sequence 30 permit 0000.0201.1502 ffff.ffff.ffff any 401 etype any
stub-cat-201(config-mac-acl-in-sample)#show access-list l2 in-sample
L2 MAC Access List in-sample : 3 entries
sequence 10 permit 0000.0291.1502 ffff.ffff.ffff any 545 etype any
sequence 20 permit 0000.2222.2222 ffff.ffff.ffff any 1201 etype any <-Newly added
ACL rule with sequence number
sequence 30 permit 0000.0201.1502 ffff.ffff.ffff any 401 etype any
Multi-Service IronWare does not support DVMRP. Use PIM as an alternative protocol for multicast.
The LAG formation rules listed below must be followed.
•You cannot configure a port concurrently as a member of a static, dynamic, or keep-alive LAG.
•Any number or combination of ports between 1 and 32 within the same chassis can be used to configure a LAG. The maximum number of LAG ports is checked when adding ports to a LAG.
•All ports configured in a LAG must be of equal bandwidth. For example all 10 G ports.
•All ports configured in a LAG must be configured with the same port attributes.
•LAG formation rules are checked when a static or dynamic LAG is deployed.
•A LAG must have its primary port selected before it can be deployed.
•All ports configured in a LAG must be configured in the same VLAN.
10 |
Brocade MLX Series and NetIron Family Documentation Updates |
|
53-1003301-07 |
LAG formation rules |
1 |
•All ports must have the same PBR configuration before deployment. During deployment, the configuration on the primary port is replicated to all ports. On undeployment, each port inherits the same PBR configuration.
•All static LAG ports must have the same LACP BPDU forwarding configuration.
•A LAG member and an individual port cannot use the same name.
•VLAN and inner-VLAN translation
The LAG is rejected if any LAG port has VLAN or inner-VLAN translation configured
•Layer 2 requirements:
The LAG is rejected if the LAG ports:
•Do not have the same untagged VLAN component.
•Do not share the same SuperSpan customer ID (CID).
•Do not share the same VLAN membership or do not share the same uplink VLAN membership
•Do not share the same protocol-VLAN configuration
•Are configured as mainly primary and secondary interfaces
•Static LAG deployment will fail if the if LACP BPDU forwarding is disabled on the primary port and enabled on one or more of the secondary ports.
•Layer 3 requirements:
The LAG is rejected if any of the secondary LAG port has any Layer 3 configurations, such as IPv4 or IPv6 address, OSPF, RIP, RIPNG, IS-IS, and so on.
•Layer 4 (ACL) requirements:
•All LAG ports must have the same ACL configurations; otherwise, the LAG is rejected.
•A LAG cannot be deployed if any of the member ports has ACL-based mirroring configured on it.
•A port with ACL-based mirroring configured on it cannot be added to a LAG.
•The router can support up to 256 LAGs, and each LAG can contain up to 64 member ports.
•If the router is configured to support 32 LAGs by using the system-max trunk-num command, the maximum number of LAG ports is 64.
•If the router is configured to support 64 LAGs by using the system-max trunk-num command, the maximum number of LAG ports is 32.
•If the system-max trunk-num is set to 256, the maximum number of LAG ports supported is 8.
•The default system-max trunk-num is set to 128, and each LAG can have up to 16 member ports
•For 100G ports, the configurable ranges are from 2 to 16 100G LAGs.
•When configuring a static or dynamic LAG, if trunk load sharing type is set to “per-packet” the maximum number of “per-packet” trunks is set to 4.
•Ports can be in only one LAG group. All the ports in a LAG group must be connected to the same device at the other end. For example, if port 1/4 and 1/5 in Device 1 are in the same LAG group, both ports must be connected to ports in Device 2 or in Device 3. You cannot have one port connected to Device 2 and another port connected to Device 3.
•All LAG member properties must match the primary port of the LAG with respect to the following parameters:
Brocade MLX Series and NetIron Family Documentation Updates |
11 |
53-1003301-07 |
|