Configuration Guide User guide

ManualsBrandsBrocade ManualsComputer AccessoriesFastIron

151

152

153

154

155

156

157

158

159

160

100 FastIron Configuration Guide

53-1002494-02

Hitless management on the FSX 800 and FSX 1600

Hitless management configuration notes and

feature limitations

The following limitations apply to hitless management support.

• All traffic going through Ethernet interfaces (if present) on the management modules will be

interrupted during a hitless OS upgrade. This is because both management modules must be

reloaded with the new image. This applies to hitless OS upgrade only. It does not apply to

hitless switchover or failover, which does not interrupt traffic going through Ethernet interfaces

on the standby management module (the module that takes over the active role).

• Static and dynamic multi-slot trunks will flap during a hitless switchover if any of the trunk port

members reside on the management module.

• Layer 3 multicast traffic is not supported by Hitless management.

Hitless reload or switchover requirements and limitations

The section describes the design limitation on devices with the following configuration:

• 0-port management modules

• One or more first or second generation line cards

• One or more third generation line cards

For hitless reload or switch-over-active-role to succeed, the following requirements and limitations

must be met:

• The standby management module must be up and in an "OK {Enabled}" state.

• A configuration requiring a reload must not be pending.

Security • 802.1X, including use with dynamic ACLs

and VLANs

• IPv4 ACLs

• IPv6 ACLs

• DHCP snooping

• Dynamic ARP inspection

• EAP with RADIUS

• IP source guard

• Multi-device port authentication, including

use with dynamic ACLs and VLANs

Supported security protocols and services are not

impacted during a switchover or failover.

NOTE: If 802.1X and multi-device port authentication

are enabled together on the same port, both

will be impacted during a switchover or failover.

Hitless support for these features applies to

ports with 802.1X only or multi-device port

authentication only.

Configured ACLs will operate in a hitless manner,

meaning the system will continue to permit and deny

traffic during the switchover or failover process.

Other services to

Management

• AAA

• DHCP

• sFlow

• SNMP v1, v2, and v3

• SNMP traps

• SNTP

• Traceroute

Supported protocols and services are not impacted

during a switchover or failover.

DNS lookups will continue after a switchover or failover.

This information is not synchronized.

Ping traffic will be minimally impacted.

TABLE 18 Hitless-supported services and protocols – FSX 800 and FSX 1600

Traffic type Supported protocols and services Impact