53-1003301-07 8 August 2014 Brocade MLX Series and NetIron Family Documentation Updates Supporting Multi-Service IronWare R05.6.
Copyright © 2014 Brocade Communications Systems, Inc. All Rights Reserved. Brocade, Brocade Assurance, the B-wing symbol, BigIron, DCX, Fabric OS, FastIron, MLX, NetIron, SAN Health, ServerIron, TurboIron, VCS, and VDX are registered trademarks, and AnyIO, Brocade One, CloudPlex, Effortless Networking, ICX, NET Health, OpenScript, and The Effortless Network are trademarks of Brocade Communications Systems, Inc., in the United States and/or in other countries.
Contents About This Document In this chapter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . vii How this document is organized . . . . . . . . . . . . . . . . . . . . . . . . . . . . vii Brocade resources . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . viii Getting technical help . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . viii Document feedback . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
HQoS for LAG traffic overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15 Feature highlights . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15 Configuring steps . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16 Limitations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16 WRED support for HQoS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16 Feature highlights . . . . . . . . .
PBIFS extended counters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 38 Limiting log generation for MEP and Remote MEP . . . . . . . . . . . . . . 39 IPv4 ACL-based rate limiting updates . . . . . . . . . . . . . . . . . . . . . . . . 40 Configuration considerations . . . . . . . . . . . . . . . . . . . . . . . . . . . 40 Configuring a port-and-ACL-based traffic policing policy. . . . . . 40 How the Brocade device processes ACLs. . . . . . . . . . . . . . . . . .
PBIF Recovery . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 53 Syntax . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 53 Command Default . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 53 Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 53 Router modules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
About This Document In this chapter • “How this document is organized” on page vii • “Brocade resources” on page viii • “Getting technical help” on page viii • “Document feedback” on page viii How this document is organized This document contains updates to the Multi-Service IronWare R05.6.00a product manuals. These updates include document fixes and changes covering new features. Table 1 below list the most recently released Multi-Service IronWare R05.6.00a product manuals.
Brocade resources For the latest documentation, go to http://www.brocade.com/ethernetproducts Getting technical help For the latest Technical Support contact information including e-mail and telephone contact information, go to http://www.brocade.com/services-support/index.page. Document feedback Quality is our first concern at Brocade and we have made every effort to ensure the accuracy and completeness of this document.
Chapter Documentation Updates for the Multi-Service IronWare Configuration Guides 1 In this chapter The updates in this chapter are for the following Multi-Service IronWare R05.6.00 Configuration Guides. • Multi-Service Ironware Switching Configuration Guide - publication number 53-1003036-03 • Multi-Service Ironware Security Configuration Guide - publication number 53-1003035-03 The following features were added or modified as part of the 5.6.00a release.
1 In this chapter The following features were added or modified as part of the 5.6.00d release.
1 Configuring a “null” route Configuring a “null” route The following section is an update to the Configuring IP Chapter in the Multi-Service Ironware Switching Configuration Guide. The feature support table is updated for the “Dropping Traffic Sent to the Null0 Interface in Hardware” feature.
1 Deployment Scenarios and CLI Configuration Deployment Scenarios and CLI Configuration The following section is an update to the Provider Backbone Bridging (PBB) Networks for the Brocade NetIron XMR and the Brocade MLX series Chapter in the Multi-Service Ironware Switching Configuration Guide. In the Configuration for CE Devices section, under Configuration for PE Devices, the S-VLAN tag-type is 0x9100 and not 0x900.
Telemetry Solutions 1 Telemetry Solutions The following section is an update to the Telemetry Solutions Chapter in the Multi-Service Ironware Administration Guide. The update provides information about recommended baseline configuration and scaling limitations for telemetry solutions. Scaling limitations • 400 (IPv4 and IPv6 combined) route-map instances per interface. - Valid instance is a route-map instance with the permit option and with a valid ACL (ACL is present in configuration).
1 Telemetry Solutions TABLE 2 Configured System Max Values Table 0.1: tvf-lag-lb-fid-group tvf-lag-lb-fid-pool Do not exceed value 2 512 170 2 1024 341 2 2048 682 4 512 102 4 1024 204 4 2048 409 8 512 56 8 1024 113 8 2048 227 16 512 30 16 1024 60 16 2048 120 Configuration examples Base-line configuration of telemetry solutions no spanning-tree no dual-mode-default-vlan NOTES: Default VLAN must have TVF enabled as shown.
Telemetry Solutions 1 Global level configuration Configuring System max and cam-partition system-max vlan 4095 system-max virtual-interface 4095 system-max ip-filter-sys 40960 system-max receive-cam 512 system-max ipv4-mcast-cam 512 system-max ipv6-mcast-cam 512 cam-partition profile ipv4-ipv6 Disabling LFS at global level no link-fault-signaling link-fault-signaling ignore-rx link-fault-signaling ignore-rx device-1 NOTE These commands prevent link-fault-signaling (LFS) from taking the tap ports offlin
1 Telemetry Solutions Configuring ACL ipv6 access-list v6_Mall_Outer_1001 permit ipv6 host 667:a6db:39c5:f217:4374:435e:ba5e:d402 any ipv6 access-list v6_Mall_Outer_1002 permit ipv6 host 849e:958:ed:bcd8:577d:5468:edef:8dfc any ipv6 access-list v6_Mall_Outer_1000 permit ipv6 host 2f12:4a71:704c:8a1a:7de3:7ef9:43a9:550a any ipv6 access-list v6_Permit_Any permit ipv6 any any ip access-list extended v4_Mall_Outer_1001 permit ip host 95.64.50.
PIM over MCT 1 route-map Outer_Mall permit 10000 rule-name Catch_All match ip address v4_Permit_Any match ipv6 address v6_Permit_Any set interface null0 end Configuration consideration for Route-map Route-map instances (The complete route-map blah permit|deny xxxx configuration section) and route-map configuration must meet the following conditions: 1. The last set of commands must be interface null0, this can be preceded by multiple set of other commands.
1 Running configuration sequence number display Running configuration sequence number display The sequence number display on running configuration has been updated to display as the following example. Example of show run stub-cat-201(config-mac-acl-in-sample)#show run sequence sequence ACL rule sequence 10 permit 0000.0291.1502 ffff.ffff.ffff any 545 etype any 20 permit 0000.2222.2222 ffff.ffff.ffff any 1201 etype any <-Newly added with sequence number 30 permit 0000.0201.1502 ffff.ffff.
LAG formation rules 1 • All ports must have the same PBR configuration before deployment. During deployment, the configuration on the primary port is replicated to all ports. On undeployment, each port inherits the same PBR configuration. • All static LAG ports must have the same LACP BPDU forwarding configuration. • A LAG member and an individual port cannot use the same name.
1 IPTV support on Brocade NetIron CES and Brocade CER devices • Port tag type (untagged or tagged port) • Port speed and duplex • TOS-based Configuration – All ports in the LAG must have the same TOS-based QoS configuration before LAG deployment, During deployment the configuration on the primary port is replicated to all ports and on undeployment, each port inherits the same TOS-based QoS configuration. To change port parameters, you must change them on the primary port.
1 HQoS Feature support HQoS Feature support The following features are supported in NetIron 5.5.00. The following documentation supplements the Multi-Service IronWare QoS and Traffic Management Configuration Guide.
1 HQoS for VPLS traffic overview Brocade (config-hqos-scheduler-policy policy-2)# shaper-rate 1000000 Brocade (config-hqos-scheduler-policy policy-2)# shaper-burst-size 64 Brocade (config-hqos-scheduler-policy policy-2)# scheduler-type strict Brocade (config-hqos-scheduler-policy policy-2)# scheduler-flow flow-2-0 scheduler- input 0 scheduler-policy policy-3 Brocade (config-hqos-scheduler-policy policy-2)# scheduler-flow flow-2-1 scheduler- input 1 scheduler-policy policy-3 Brocade (config-hqos-scheduler-p
HQoS for LAG traffic overview 1 Checking for HQoS for VPLS configurations on ports Example 1: Brocade #show run int e 3/3 interface ethernet 3/3 hqos service-policy output policy-1 hqos-map flow-1-1.flow-2-1.flow-3-1 match vpls 5000 peer 1.1.1.2 enable After a successful configuration on PE11, the show command output indicates that HQoS will be applied to traffic coming from VPLS 5000 endpoint and going to VPLS peer 1.1.1.2 on the MPLS interface eth 3/3.
1 WRED support for HQoS Configuring steps HQoS over LAG is configured under the primary port of the LAG. 1. Use this command to set up a LAG and Primary port Brocade # lag “testLag” dynamic id 1 ports ethernet 4/3 to 4/5 primary-port 4/3 deploy 2. Use the following commands to configure HQoS on the primary port of the LAG Brocade (config)# interface ethernet 4/3 Brocade (config-if-eth-4/3) # hqos service-policy output policy-1 Brocade (config-if-eth-4/3) # hqos-map flow-1-1.flow-2-1.
WRED support for HQoS 1 2. Use the following commands to set up WRED on a 10G module and an other-queue type. Brocade # hqos other-queue-type 7 wred enable module-type 8x10g Brocade # hqos other-queue-type 7 wred drop-precedence 3 max-avg-queue-size 512 module-type 8x10g Use the show command to check your configuration. After a successful configuration, the show command output will be similar to what is shown in the example below.
1 Configuring VPLS endpoint over FDP/CDP interface Configuring VPLS endpoint over FDP/CDP interface Configuring VPLS endpoint over a FDP/CDP enabled interface will implicitly disable the FDP/CDP configuration on that specific interface for that instance, considering FDP/CDP is enabled globally. In this case, the shop run command will display the running configuration information as shown below.
Configuring VLL endpoint over FDP/CDP enabled interface 1 Configuring VLL endpoint over FDP/CDP enabled interface Configuring VLL endpoint over an FDP/CDP enabled interface will implicitly disable the FDP/CDP configuration and also will be enable back implicitly when the VLL endpoint is deleted on that specific interface, considering the FDP/CDP is enabled globally.
1 Transparent forwarding of L2 and L3 protocols on a VLL for CES and CER Transparent forwarding of L2 and L3 protocols on a VLL for CES and CER Use the forward-all-protocol command to add per port Layer 2 and Layer 3 (L2/L3) protocols ACL filters for the VLL end-point port. The command no forward-all-protocol removes the L2/L3 protocols ACL filters for the VLL end point port. NOTE The forward-all-protocol command is only applicable to the Brocade NetIron CER and Brocade NetIron CES.
Modify OSPF standard compliance setting 1 Hardware is GigabitEthernet, address is 001b.eda3.f841 (bia 001b.eda3.
1 Configuring an IPv6 Access Control List TABLE 4 Table 0.
1 Start a log file before an upgrade TABLE 5 IPv6 Access Control List feature support table Table 0.
1 IPv6 packets on Openflow L23 port IPv6 packets on Openflow L23 port Before 5.6.00c When a port is configured in Openflow L23 mode (or L23 hybrid mode), IPv6 traffic coming in to that port was processed for traditional IPv6 forwarding (or dropped if the IPv6 routing table does not contain a matching entry). This behavior was the same for IPv6 traffic even if Openflow flow existed with matching L2 fields. Non-IPv6 traffic was forwarding as per Openflow flow based on L2 match. From 5.6.
1 TM RAS Enhancements TM RAS Enhancements TM DRAM CRC error interrupt The TM ingress DRAM CRC needs to be monitored for all line cards and action may need to be taken based on the configuration. The default action is to disable all ports of that TM and this can be overridden by line card reset action through configuration.
1 TM RAS Enhancements Descriptive TM error interrupt logging TM Log Messages Gen1 line cards: Mar 4 20:33:57: Slot 17 PPCR 2 TM Reg offset 0x00002980 Value 0x00000600 Ingress (MMU) Interrupt Mar 4 20:33:57: Slot 17 PPCR 2 TM Reg offset 0x00002981 Value 0x00000600 Ingress (MMU) CRC Mar 4 20:33:57: Slot 17 PPCR 2 TM Reg offset 0x00002080 Value 0x00000600 Ingress (QDP) Interrupt Mar 4 20:33:57: Slot 17 PPCR 2 TM Reg offset 0x00001f80 Value 0x00000600 Ingress (LBP) Interrupt Mar 4 20:33:57: Slot 17 PPCR 2 TM
TM RAS Enhancements Mar 4 20:33:57: Slot (DRC) BIST Mar 4 20:33:57: Slot (DRC) BIST Mar 4 20:33:57: Slot Interrupt Mar 4 20:33:57: Slot (EGQ) Interrupt Mar 4 20:33:57: Slot (EGQ) Reassembly Mar 4 20:33:57: Slot (FDT) Interrupt Mar 4 20:33:57: Slot (EGQ) ECC Mar 4 20:33:57: Slot (IDR) Interrupt Mar 4 20:33:57: Slot (IDR) ECC 1 17 PPCR 2 TM Reg offset 0x00002040 Value 0x00000600 Ingress 17 PPCR 2 TM Reg offset 0x00002240 Value 0x00000600 Ingress 17 PPCR 2 TM Reg offset 0x00004a00 Value 0x00000600 NIF (NBI)
1 TM RAS Enhancements Separate Threshold for CRC logging Brocade(config)#sysmon tm link crc-logging threshold Syntax: sysmon tm link crc-logging threshold count For action: syntax - sysmon tm link crc-logging action none - No action tmlog - tm logging syslog - Generate a syslog Examples Syslog Mar 4 20:33:57: I:System: Health Monitoring: TM Link CRC errors: SFM5/FE 1/ Link16 -> LP 15/TM 1/link4 TM log Mar 4 20:33:57: TM Link CRC errors: SNM5/FE1/Link16 -> LP15/TM1/Link4 CLI for SFM and Internal FE Bro
Simplified Package Upgrade 1 Simplified Package Upgrade Simplified Upgrade is a single operation that performs a full system upgrade of all the images. It can be as simple as one command from the CLI or one set-request operation from the SNMP. LP Auto-upgrade allows the system to automatically upgrade the Boot and FPGA images of an inserted interface module. NOTE This is not applicable to Brocade NetIron CES and Brocade NetIron CER devices.
1 LP auto-upgrade Brocade NetIron CER and Brocade NetIron CES single-command (full-system) upgrade NOTE BOOT images are not included in the upgrade process. The optional keyword “all-images” specifies to include only the MP FPGA images (MBRIDGE/MBRIDGE32 and SBRIDGE/HSBRIDGE). Syntax: copy tftp system [all-images] manifest [secondary] LP auto-upgrade LP Auto-upgrade does a manifest file integrity check with signatures. NOTE LP auto-upgrade is not supported in FIPS mode.
L2 protocol packet handling 1 L2 protocol packet handling The following content has been modified in the Multi-Chassis Trunking (MCT) chapter in the “L2 protocol packet handling” section. If the no cluster-l2protocol-forward command is configured on global basis or cluster-l2protocol-forward disable is configured on a port, the STP protocol packets coming on the ICL ports of MCT VLANs are dropped. All other L2 protocol packets will be flooded on the MCT VLANs or dropped.
1 Configuring egress buffer threshold Configuring egress buffer threshold NOTE The following command is available in all versions of NetIron 5.6.00. The current configuration egress buffer threshold per port is set to 50% of total egress buffer size. Using the followi3ng command you can set the egress buffer threshold up to 95% of total egress buffer size which helps reduce egress packet drops when there is a high amount of traffic.
1 TM XPP link status check TM XPP link status check The link between TM and XPP is periodically monitored to determine link issues at run time and perform appropriate recovery.
1 Flow control handling modification Flow control handling modification A CLI command has been added to configure the flow control to default settings. CRC errors were seen on ports connected to 8x10G modules, due modifications to the flow control settings. To avoid these errors, it is recommended to configure the flow control to default settings. CLI commands The tx-drain-disable command disables the Tx drain on MAC. The no tx-drain-disable command enables the Tx drain on MAC.
Deletion of ACLs bound to an interface 1 Deletion of ACLs bound to an interface The following note has been added to the ACL chapter in the above section of the Multi-Service Ironware Security Configuration Guide. To delete an ACL bound to an interface, use the force-delete-bound-acl command. NOTE This command is also supported on Brocade NetIron CES Series and Brocade NetIron CER Series devices. To delete an ACL bound to an interface, use the force-delete-bound-acl command.
1 Optional cluster operation features Brocade(config)# sh cam l2acl 2/1 LP Index VLAN Src MAC Dest MAC Port Action (Hex) 2 0a3800 10 0000.0000.0000 0000.0000.0000 0 Pass 2 0a3802 0 0000.0000.0000 0000.0000.
Default VRRP/VRRP-E dead interval calculation 1 Default VRRP/VRRP-E dead interval calculation Dead Interval is the number of seconds a Backup waits for a Hello message from the Master before determining that the Master is dead. When Backups determine that the Master is dead, the Backup with the highest priority becomes the new Master. The Dead interval can be set from 1 - 84 seconds. The default is internally derived by software.
1 IPv6 anycast filtering IPv6 anycast filtering By default all IPv6 packets with anycast address as destination will be processed. The following command provides options to selectively enable protocols or disable all protocols. Brocade(config)# ipv6 anycast-no-response allow tcp Syntax: [no] ipv6 anycast-no-response [allow ] The allow tcp | udp | icmp specifies the protocol to allow for processing. Note: 1. The allow options can also be used as standalone commands.
Limiting log generation for MEP and Remote MEP 1 Limiting log generation for MEP and Remote MEP Use the logs-per-interval-per-mep-rmep value command to limit the number of logs generated for each MEP or RMEP in a 15 minute time window. The following example limits the log generation to 20 logs per MEP or RMEP in a 15 minute time window. The command is enabled under the CFM Protocol Configuration mode.
1 IPv4 ACL-based rate limiting updates IPv4 ACL-based rate limiting updates The following updates are made in Traffic Management Guide under Configuration considerations and Configuring a port-and-ACL-based traffic policing policy sections of the “Configuring Traffic Policing for the Brocade NetIron CES and Brocade NetIron CER” chapter. Configuration considerations • IPv4 ACL-based rate limiting is not supported on VPLS and VLL endpoints.
FE access recovery disable 1 FE access recovery disable To disable a RAS feature that will power-cycle a switch fabric module if SW cannot access fabric element. Syntax: system-init fe-access-recovery-disable Usage Guidelines The system does the periodic monitoring of FE access and keeps a log for this by code monitoring fabric links and kicks off when number of links down exceeds defined threshold for traffic.
1 Setting the delay before bringing up the CCEP port Setting the delay before bringing up the CCEP port Use the client-interfaces delay command to set the delay before bringing up the CCEP port. This command is used to set the delay, so that after a node is reloaded, with just L2vpn peer alone, the delay to bring up the CCEP port will be the designated value. Brocade(config-cluster-TOR)#client-interfaces delay 60 Syntax: no] client-interfaces delay time in sec The default value for delay is 90 seconds.
IPv6 Multicast Listener Discovery snooping 1 IPv6 Multicast Listener Discovery snooping IPv6 Multicast Listener Discovery (MLD) snooping controls the amount of multicast traffic in a switched network. By default, a LAN switch floods the broadcast domain with multicast IPv6 packets. If many multicast servers are sending streams to the segment, this will consume a lot of bandwidth.
1 Configuring and enabling sFlow Configuring and enabling sFlow The following note is removed from the Configuring and enabling sFlow section in the sFlow chapter of the Brocade MultiService IronWare Switching Configuration Guide. NOTE If you change the router ID or other IP address value that sFlow uses for its agent_address, you must disable and then re-enable sFlow to use the new source address.
Chapter Documentation updates for Multi-Service IronWare Diagnostic Guide 2 NOTE There are no updates for NetIron 5.6.00b. NOTE There are no updates for NetIron 5.6.00c. NOTE There are no updates for NetIron 5.6.00d.
Documentation updates for Multi-Service IronWare Diagnostic Guide 46 Unified IP MIB Reference 53-1003301-07
Chapter Documentation updates for Unified IP MIB Reference 3 In this chapter The updates in this chapter are for the Unified IP MIB Reference, published December 2013. Route map configuration table Name, OID, and syntax Access Description brcdRouteMapRuleName brcdIp.1.1.3.39.1.1.1.1.4 Syntax: DisplayString Read-create Identifies the path name for the route map. A maximum of 127 characters is allowed.
Rate limit counter index table Rate limit counter index table The following table objects map each row indexes of rate limit counter table entries to their corresponding ACL or VLAN or VLAN Group ID. 48 Name, OID, and syntax Access Description agRateLimitCounterIndexTable brcdIp.1.1.3.16.1.3 None The rate limit counter index table. agRateLimitCounterIndexRowIndex brcdIp.1.1.3.16.1.3.1.1 Syntax: Integer Read-only The table index for rate limit objects.
Upgrade MIB Objects Upgrade MIB Objects The description of the following two MIB objects has been updated for the Multi-Service IronWare Release 05.6.00c. Name, OID, and syntax Access Description brcdSwPackageUpgradeAllI mages brcdIp.1.1.2.16.1.1.4 Syntax: TruthVal Read-write Specifies all images upgrade. true(1) - The upgrade sequence includes MP FPGA images (MBRIDGE/MBRIDGE32 and SBRIDGE/HSBRIDGE).
Upgrade MIB Objects 50 Unified IP MIB Reference 53-1003301-07
Chapter Documentation Updates for the MLXe / MLX Series and NetIron XMR Series Hardware Installation Guide 4 In this chapter The updates in this chapter are for the following publications: • Brocade MLXe Series Hardware installation Guide - publication number 53-1003030-02 • Brocade MLX Series and Brocade NetIron XMR Hardware Installation Guide - publication number 53-1003040-02 Switch fabric modules Brocade MLXe Series The following table note is added to the “blinking” state of the switch fabric modu
4 10Gx24-port interface module Brocade MLX Series and Brocade NetIron XMR The following table note is added to the “blinking” state of the switch fabric module LED in the Product Overview chapter of the Brocade MLX Series and Brocade NetIron XMR Series Hardware Installation Guide. TABLE 2 Switch fabric module LEDs LED Position State Meaning Pwr Above Active LED On The module is receiving power. Off The module is not receiving power.
PBIF Recovery 4 PBIF Recovery In the event PBIF gets locked up, PBIF recovery is activated by default with the option to activate PBIF recovery through the command [no] system-monitoring pbif lp-reset-recovery. Syntax system-monitoring pbif lp-reset-recovery [no] system-monitoring pbif lp-reset-recovery Command Default PBIF is locked up. Examples In the event PBIF is locked up, PBIF recovery is activated by default.
4 54 Router modules Brocade MLX Series and NetIron Family Documentation Updates 53-1003301-07
