Multi-Service IronWare Software Release 02.8.00a for Brocade BigIron RX Series Switches Release Notes v1.0 August 12, 2011 Document History Document Title Multi-Service IronWare Software Release 02.8.00a for Brocade BigIron RX Series Switches Release Notes v1.0 Summary of Changes Publication Date Release 02.8.
Copyright © 2011 Brocade Communications Systems, Inc. All Rights Reserved. Brocade, the B-wing symbol, BigIron, DCFM, DCX, Fabric OS, FastIron, IronView, NetIron, SAN Health, ServerIron, TurboIron, and Wingspan are registered trademarks, and Brocade Assurance, Brocade NET Health, Brocade One, Extraordinary Networks, MyBrocade, VCS, and VDX are trademarks of Brocade Communications Systems, Inc., in the United States and/or in other countries.
Contents Supported devices for Multi-Service IronWare Release 02.8.00a.......................5 Enhancements...........................................................................................................5 Release 02.8.00a ..................................................................................................................... 5 Release 02.8.00 ....................................................................................................................... 5 Feature support ....
General Information .............................................................................................................. 29 Getting Help or Reporting Errors ........................................................................29 Additional resources ..............................................................................................30 Defects .....................................................................................................................
Supported devices for Multi-Service IronWare Release 02.8.00a This software release applies to the following Brocade products: • BigIron RX-4 Switch • BigIron RX-8 Switch • BigIron RX-16 Switch • BigIron RX-32 Switch Note: The software release described in this release notes can only be used on the devices specified above. All information required to operate the BigIron RX Series switch is described in the BigIron RX Series Configuration Guide or the Brocade BigIron RX Series Installation Guide.
Table 1: Enhancements for Release 02.8.00 Enhancement Description Described in Multi-device Port Authentication Multi-device port authentication is now supported on the BigIron RX tagged and untagged ports.
Enhancement Enhancement in ACL Support Description Described in Brocade RX devices now support IPv4 and IPv6 ACLs on the same interface Book: BigIron RX Series Configuration Guide Feature support The following is a list of all the features supported on the BigIron RX switches. See Unsupported features, for features not supported. Supported features The following table lists the features supported on the BigIron RX switches. Table 2: Supported features for Release 02.8.
Category • Security Feature description AAA Authentication Local passwords RADIUS SSHv2 Secure Copy (SCP) TACACS/TACACS+ User accounts 802.1x: All EAP types, including MD5, TLS, TTLS, and PEAP Multi-device port authentication Note: Telnet, SSH, Web and SNMP servers are disabled by default, and can be enabled selectively. • CPU protection There are no CLI commands for CPU protection.
Category Feature description • 802.1x Port Security • 802.3ad Dynamic Link Aggregation on tagged and untagged trunks • Jumbo packets Layer 2 jumbo packet support • Layer 2 Hitless failover Provides automatic failover from the active management module to the standby management module without interrupting operation of any interface modules in the chassis. • Layer 2 IGMP Snooping The BigIron RX supports IGMP snooping.
Category Feature description • VLANs • VSRP • Layer 2 Virtual Switch Redundancy Protocol (VSRP) Layer 3 Virtual Switch Redundancy Protocol (VSRP) VSRP and MRP Signaling • Layer 2 ACLs • Replaces MAC filters • Layer 2 PIM Snooping • The BigIron RX supports PIM Snooping. 802.
Category Feature description • IP Static entries Routes ARPs Virtual interfaces Secondary addresses • IS-IS Routes BGP peers BGP dampening • Multicast Routing Multicast cache L2 IGMP table DVMRP routes PIM-DM PIM-SM PIM-SSM IGMP v1, v2, v3 snooping PIM-SM snooping (IPv4 only) • OSPF OSPF routes OSPF adjacencies – Dynamic OFPF LSAs OSPF filtering of advertised routes • PBR Policy Based Routing (Release 02.2.
Category • Feature description PIM-SM IPv6 Multicast MLD Unsupported features The following features are not supported in software release 02.8.00 on BigIron RX: • AppleTalk • IPX • Mirroring across VLANs • MPLS • NAT • RARP • VLAN translation • Subnet VLANs • Source IP Port Security Software image files for Multi-Service IronWare Release 02.8.00a The following software image files are available for Multi-Service IronWare Release 02.8.00a for the BigIron RX Series switches.
Module Image type BigIron RX-32 Interface Module Image name mbridge32.xsvf Boot and Monitor rlb02800a.bin IronWare rlp02800a.bin Images and procedures required The software images required and the procedures for upgrading have been changed as described in the following sections: • Upgrading software images based on version upgrade – This sub-section describes the procedures required for your software upgrade depending upon the version you are upgrading from or to.
4. In most cases, this is all that will be required. If you are directed by the release notes to upgrade the boot image, use the upgrade procedure for upgrading the BigIron RX Series switches boot image, presented later in this document. 5. Reboot the BigIron RX Series switch. Displaying version information Prior to upgrading the images on a BigIron RX Series switch, it is advisable to check the versions already installed.
Active Management uptime is 2 minutes 2 seconds ========================================================================== SL 1: RX-BI-24C 24-port 1 GbE Copper Module (Serial #: SA51050944, Part #: 31521001D) Boot : Version 2.7.3T155 Copyright (c) 1996-2010 Brocade Communications Systems, Inc. Compiled on Apr 20 2011 at 15:09:22 labeled as rlb02800 (307473 bytes) from boot flash Monitor: Version 2.8.0T155 Copyright (c) 1996-2010 Brocade Communications Systems, Inc.
Field Description Monitor Image Indicates the monitor image running in the management module. The output displays the following information about the image: IronWare Image • Version – “2.2.1Txxy” indicates the image version number. The “Txxy” is used by Brocade for record keeping. The “xx” indicates the hardware type, while the “y” indicates the image type. • Size – The size, in bytes, of the image. • Compilation date and time – The date and time that Brocade compiled the image.
Field Description Monitor Image Indicates the monitor image running in the interface module. The output displays the following information about the image: IronWare Image FPGA Version Information • Version – “2.2.1Txxy” indicates the image version number. The “Txxy” is used by Brocade for record keeping. The “xx” indicates the hardware type, while the “y” indicates the image type. • Size – The size, in bytes, of the image.
1. Copy the unified software image (rx02800a.bin) from a TFTP server to the switch. For example, to copy the entire unified software image from a TFTP server at IP address 10.10.12.12, use the following command. BigIron RX# copy tftp image 10.10.12.12 rx02800a.bin 2. Reboot the management module using the reload command. 3. If you are using SSH v2, you must clear the crypto key using the crypto key zeroize command after you upgrade. Then, regenerate a new crypto key using the crypto key generate command.
Table 6: Command syntax for upgrading monitor and boot images on the management module Command syntax Description copy tftp flash mon Copies the latest monitor image from the TFTP server to flash. copy tftp flash boot Copies the latest boot images from the TFTP server to flash. copy tftp flash mon copy-boot Copies the latest monitor and boot images from the TFTP server to flash.
Table 7: Command syntax for upgrading IronWare image on the management module Command syntax Description copy tftp flash primary | secondary Copies the images from the TFTP server to the primary or secondary locations in flash memory. copy tftp slot1 | slot2 primary | secondary Copies the images from the TFTP server to a flash card.
Table 8: Command syntax for upgrading the monitor and boot images on the interface module Command syntax Description copy tftp lp mon all | Copies the latest monitor image from the TFTP server to all interface modules or to the specified interface module (slot-number).
Table 9: Command syntax for upgrading IronWare image on the interface module Command syntax Description copy tftp lp primary | secondary all Copies the images from the TFTP server to the interface module. copy tftp lp primary | secondary Copies the images from the TFTP server to the interface module in the specified chassis slot.
Upgrading MBRIDGE FPGA on the management module BigIron RX management modules contain an upgradable FPGA images called MBRIDGE and SBRIDGE. The MBRIDGE and SBRIDGE image installed must be compatible with the software version you are running on the BigIron RX. The following table describes the MBRIDGE FPGA versions required for the 02.8.00a version. Table 10: MBRIDGE versions required per software version Software image installed on BigIron RX Current MBRIDGE image Version Interface module 02.4.
Software image installed on BigIron RX 02.7.00 02.7.01 02.7.01a through 02.7.01b 02.7.02 02.7.02a through 02.7.02h 02.7.03 through 02.7.03a 02.8.00 through 02.8.00a FPGA image Compatible FPGA version SBRIDGE SBRIDGE SBRIDGE SBRIDGE SBRIDGE SBRIDGE SBRIDGE 6 6 6 6 6 6 6 To upgrade the MBRIDGE FPGA image on the BigIron RX management module, perform the following general steps: 1. Determine the versions of the images currently installed on the BigIron RX management module using the show version command.
• If you copied the primary and/or secondary IronWare image to all interface modules using the copy command with the all keyword, the management module made a copy of the image and stored it in its code flash under the names lp-primary-0 or lp-secondary-0. By default, the BigIron RX system checks the interface modules’ IronWare images, which reside in the code flash of the interface modules and the management module to make sure they are the same in both locations.
When performing a hitless O/S Layer 2 upgrade or downgrade, use the following guidance: • Hitless O/S Layer 2 upgrade or downgrade is not supported in 2.3.00 or earlier. • Hitless O/S Layer 2 upgrade support is in 2.3.00a and higher patch releases (unless indicated otherwise in the target software’s release notes). • Hitless upgrade maintains forwarding states and control plane functionality of the active software from which you are upgrading (i.e. 2.3.00a to 2.3.
The message "---SW Upgrade In Progress - Please Wait---" is printed at the console when configuration is attempted. Operational command of the switch is allowed during the upgrade process. • The active management module changes from the initial active management module to the standby management module during the hitless upgrade process. This makes it necessary to have a connection to the console interface on both management modules.
Management module (MP) and Interface Module (LP) Hitless Upgrade Process provides a detailed diagram of the Hitless reload process. Figure 1 Management module (MP) and Interface Module (LP) Hitless Upgrade Process Performing a Hitless Layer 2 OS software upgrade To perform a hitless Layer 2 OS software upgrade, you must perform the following tasks: • Copy version 02.3.
you need to have management sessions enabled on both the active and the standby management modules. When the reload is complete, the management module that was in the standby condition at the beginning will be in the active state. If you want the original management module to be active, you must manually fail-over control to it.
Additional resources The following are some additional publications you can reference to find more information on the products supported in this software release.
Closed defects with code change in Multi-Service IronWare Release 02.8.00a Defect ID: DEFECT000350761 Technical Severity: Critical Summary: Under certain VRRP configurations Application Buffers may become depleted. Symptom: Under certain VRRP configurations Application Buffers may become depleted causing unexpected reset of the LP. Feature: VRRP Function: VRRPE Probability: Medium Found in Release: RX 02.7.
Defect ID: DEFECT000352293 Technical Severity: Medium Summary: Burst of jumbo frames may cause forwarding to cease on some ports of the 16x10 modules. Symptom: With 8Gb/s of ISCI traffic at layer-2 sent through the RX, the traffic was balanced across 2 10G ports on ingress and 2 on egress. These 10G ports were on 16x10 modules. For example, ingress ports could be 3/5, 4/5 and egress 3/1 4/1.
Defect ID: DEFECT000355173 Technical Severity: Low Summary: Adding hidden command to disable internal ACLs for BGP and BFD Symptom: Adding hidden command to disable internal ACLs for BGP and BFD. This has been reported by US-CERT http://www.kb.cert.org/vuls/id/853246. Feature: ACL Function: IPv4 Probability: Low Found in Release: RX 02.8.00 Service Request ID: Closed defects with code change in Multi-Service IronWare Release 02.8.
Defect ID: DEFECT000271931 Technical Severity: High Summary: VRRP/STP flap when BGP session is reset (full Internet route table is withdrawn and updated) Symptom: VRRP flap is seen. Feature: L2 Protocol Function: VSRP1 Probability: Medium Found in Release: RX 02.4.
Defect ID: DEFECT000340501 Technical Severity: High Summary: Issuing the OSPF command 'no ip ospf network point-to-point’ on VE interface may cause an unexpected reset. Symptom: After changing the OSPF parameter ‘no ip ospf network point-to-point’ on a VE (VE71).the router reset immediately. Feature: OSPF Function: CONFIGURATION Probability: Medium Found in Release: RX 02.7.
Defect ID: DEFECT000340184 Technical Severity: Medium Summary: SNMP unable to get area ID from ospfAreaId table when backbone area 0 or 0.0.0.0 is not configured Symptom: Unable to get the OSPF area ID from MIB. This works correctly when area 0 is present. Feature: SNMP Management Function: Routing Mib Probability: High Found in Release: RX 02.5.
Defect ID: DEFECT000323367 Technical Severity: Medium Summary: IP Cache-entry is not removed until either ARP entry is removed or IP Cache entry is cleared. Symptom: IP next-hop table may become full on the router. Feature: IPv4 Forwarding Function: Next Hop Table Probability: High Found in Release: RX 02.7.02 Service Request ID: 265521 Defect ID: DEFECT000325133 Technical Severity: Medium Summary: Simultaneous use of IPv6 and IPv4 ACLs is not possible.
Defect ID: DEFECT000287890 Technical Severity: Medium Summary: BGP "allowas-in" does not work correctly with confederation configuration. Symptom: BGP Routes received from peer with local AS (in as-path) are dropped even though "allowas-in" is used for that particular peer. This issue observed only when confederation is configured, wIthout confederation it works as expected. Feature: BGP Function: BGPv4 Probability: High Found in Release: RX 02.7.
Defect ID: DEFECT000274156 Technical Severity: Medium Summary: Executing command "show interface slot 0" may cause a system reset. Symptom: System may reload. Feature: CLI Infrastructure Function: Parser Engine Probability: Medium Found in Release: RX 02.7.02 Service Request ID: 238294 Where Else Fixed: PATCH: RX 02.7.02 e Defect ID: DEFECT000271667 Technical Severity: Medium Summary: Line Modules may reload during multicast memory request because of memory corruption. Cannot reproduce.
Defect ID: DEFECT000350901 Technical Severity: Medium Summary: IPv6 SNMP-client not displayed in running configuration. Symptom: Unable to add “snmp-client ipv6 2606:8200::ffff” to the configuration. When configuring the clause, the system seemed to take the command without any warning, but running configuration did not appear to save it. Feature: SNMP Management Function: CLI Probability: High Found in Release: RX 02.7.